Multi-Factor User Authentication
US-2024394695-A1 · Nov 28, 2024 · US
Systems, Methods, and Computer Program Products for Authorizing a Transaction
US2021065194A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2021065194-A1 |
| Application number | US-201916554919-A |
| Country | US |
| Kind code | A1 |
| Filing date | Aug 29, 2019 |
| Priority date | Aug 29, 2019 |
| Publication date | Mar 4, 2021 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed are methods for authorizing a transaction, including receiving a policy message, the policy message including a policy ruleset for determining whether a transaction is authorized and biometric parameters for a machine learning algorithm for authenticating an identity of a user involved in a transaction, receiving biometric measurement data associated with a biometric measurement of a user involved in the transaction, calculating an authentication score based on the biometric measurement data using the machine learning algorithm, wherein the authentication score includes an indication of whether an identity of the user is authenticated based on the biometric measurement data, determining whether the transaction satisfies the policy ruleset for determining authorization of the transaction, and transmitting a decision message, wherein the decision message includes an indication of whether the transaction satisfies the policy ruleset. Systems and computer program products are also disclosed.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer-implemented method for authorizing a transaction, comprising: receiving, with at least one processor, a policy message, the policy message comprising a policy ruleset for determining whether a transaction is authorized and biometric parameters for a machine learning algorithm for authenticating an identity of a user involved in a transaction; receiving, with at least one processor, biometric measurement data associated with a biometric measurement of a user involved in the transaction; calculate, with at least one processor, an authentication score based on the biometric measurement data using the machine learning algorithm, wherein the authentication score comprises an indication of whether an identity of the user is authenticated based on the biometric measurement data; determining, with at least one processor, whether the transaction satisfies the policy ruleset for determining authorization of the transaction; and transmitting, with at least one processor, a decision message, wherein the decision message comprises an indication of whether the transaction satisfies the policy ruleset. 2 . The computer-implemented method of claim 1 , further comprising: receiving, with at least one processor, an attestation request message associated with the transaction, wherein the attestation request message comprises a request for determining whether a trusted execution environment that is used for determining whether the transaction satisfies the policy ruleset is secure; and transmitting, with at least one processor, an attestation response message based on receiving the attestation request message, wherein the attestation response message comprises an indication of whether the trusted execution environment that is used for determining whether the transaction satisfies the policy ruleset is secure. 3 . The computer-implemented method of claim 2 , further comprising: transmitting, with at least one processor, the attestation request message associated with the transaction to a user device associated with the user involved in the transaction; and receiving, with at least one processor, the attestation response message based from the user device associated with the user based on transmitting the attestation request message associated with the transaction to the user device associated with the user. 4 . The computer-implemented method of claim 1 , further comprising: receiving, with at least one processor, a trusted execution environment certificate from a user device associated with the user involved in the transaction; generating, with at least one processor, a transaction authorization message based on receiving the trusted execution environment certificate from the user device associated with the user, the transaction authorization message comprising data associated with the trusted execution environment certificate and a plurality of transaction parameters associated with the transaction; and receiving, with at least one processor, an attestation request message associated with the transaction, the attestation request message comprising a request for determining whether a trusted execution environment that is used for determining whether the transaction satisfies the policy ruleset is secure, and wherein the attestation request message comprises the plurality of transaction parameters associated with the transaction. 5 . The computer-implemented method of claim 1 , wherein receiving, with at least one processor, the policy message comprises: receiving, with at least one processor, the policy message from a smartcard associated with the user involved in the transaction; and wherein receiving, with at least one processor, the biometric measurement data associated with the biometric measurement of the user involved in the transaction comprises: receiving, with at least one processor, the biometric measurement data associated with the biometric measurement of the user involved in the transaction from a user device associated with the user. 6 . The computer-implemented method of claim 1 , further comprising: receiving, with at least one processor, a transaction authorization status message; and transmitting, with at least one processor, the transaction authorization status message to a smartcard associated with the user involved in the transaction. 7 . The computer-implemented method of claim 6 , further comprising: receiving, with at least one processor, a transaction authorization decision message from the smartcard associated with the user based on transmitting the transaction authorization status message to the smartcard. 8 . The computer-implemented method of claim 1 , further comprising: determining, with at least one processor, whether the user is authenticated based on the authentication score. 9 . A system for authorizing a transaction, comprising: at least one processor programmed or configured to: receive a policy message, the policy message comprising a policy ruleset for determining whether a transaction is authorized and biometric parameters for a machine learning algorithm for authenticating an identity of a user involved in a transaction; receive biometric measurement data associated with a biometric measurement of a user involved in the transaction; calculate an authentication score based on the biometric measurement data using the machine learning algorithm, wherein the authentication score comprises an indication of whether an identity of the user is authenticated based on the biometric measurement data; determine whether the transaction satisfies the policy ruleset for determining authorization of the transaction; and transmit a decision message, wherein the decision message comprises an indication of whether the transaction satisfies the policy ruleset. 10 . The system of claim 9 , wherein the at least one processor is further programmed or configured to: receive an attestation request message associated with the transaction, wherein the attestation request message comprises a request for determining whether a trusted execution environment that is used for determining whether the transaction satisfies the policy ruleset is secure; and transmit an attestation response message based on receiving the attestation request message, wherein the attestation response message comprises an indication of whether the trusted execution environment that is used for determining whether the transaction satisfies the policy ruleset is secure. 11 . The system of claim 10 , wherein the at least one processor is programmed or configured to: transmit the attestation request message associated with the transaction to a user device associated with the user involved in the transaction; and receive the attestation response message from the user device associated with the user based on transmitting the attestation request message associated with the transaction to the user device associated with the user. 12 . The system of claim 9 , wherein the at least one processor is programmed or configured to: receive a trusted execution environment certificate from a user device associated with the user involved in the transaction; generate a transaction authorization message based on receiving the trusted execution environment certificate from the user device associated with the user, the transaction authorization message comprising data associated with the trusted execution environment certificate and a plurality of transaction parameters associated with the transaction; and receive an attestation request message associated with the transaction, the attestation request message comprising a request for d
Assignees
Inventors
Classifications
Machine learning · CPC title
Use of secure elements separate from M-devices · CPC title
involving fraud or risk level assessment in transaction processing · CPC title
comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit · CPC title
- G06Q20/40145Primary
Biometric identity checks · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2021065194A1 cover?
- Disclosed are methods for authorizing a transaction, including receiving a policy message, the policy message including a policy ruleset for determining whether a transaction is authorized and biometric parameters for a machine learning algorithm for authenticating an identity of a user involved in a transaction, receiving biometric measurement data associated with a biometric measurement of a …
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/40145. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Mar 04 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).