Apparatus, method, and computer program product for transit pooling using payment card data
US-2015213474-A1 · Jul 30, 2015 · US
User authentication based on historical transaction data
US9331994B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9331994-B2 |
| Application number | US-201414175701-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 7, 2014 |
| Priority date | Feb 7, 2014 |
| Publication date | May 3, 2016 |
| Grant date | May 3, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments are directed to systems, methods and computer program products for providing user authentication based on transaction data. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a transaction set of data comprising information related to transactions conducted by the user; collect a location set of data comprising information related to a physical location of the user; determine a transaction proximity score associated with the user and the transactions; determine a level of authentication associated with the determined transaction proximity score; determine which authentication types are associated with the level of authentication; request authentication credentials; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, execute the user action.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus for increasing confidence in user authentication based on transaction data indicating that one or more geographically proximate, card-present transactions were recently approved, the apparatus comprising: a memory; a processor; and computer-executable instructions stored in the memory, executable by the processor, and configured to cause the processor to: receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of one or more authentication credentials; collect a transaction set of data comprising information related to one or more card-present transactions conducted by the user, the information indicating that the one or more card-present transactions were approved and indicating one or more transaction locations at which the one or more card-present transactions were approved; collect a location set of data comprising information related to a physical location of the user; determine a current time of day; determine a transaction proximity score associated with the user and the one or more card-present transactions, comprising: determining a geographic distance between one or more of the card-present transactions represented in the transaction set of data and the location of the user; determining an amount of time expired between approval of the one or more card-present transactions and the current time of day; determining a proximity threshold associated with the one or more card-present transactions and the amount of time expired; determining whether the user is within the proximity threshold based at least in part on the geographic distance; and determining the transaction proximity score based at least in part on the determination whether the user is within the proximity threshold; determine a level of authentication associated with the determined transaction proximity score, wherein the determined level of authentication increases as the geographic distance increases and decreases as the geographic distance decreases; determine which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the transaction proximity score; request one or more authentication credentials corresponding to the determined one or more authentication types; receive one or more authentication credentials from the user; validate the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and in response to the successful validation of the one or more authentication credentials, execute the user action. 2. The apparatus of claim 1 , wherein determining the transaction proximity score further comprises: selecting one or more second transactions of the user; determining a second proximity threshold associated with the one or more second transactions of the user; determining whether the user is within the second proximity threshold; and wherein determining the transaction proximity score is further based at least in part on the determination of whether the user is within the second proximity threshold. 3. The apparatus of claim 2 , wherein determining the transaction proximity score comprises: determining a first partial score based at least in part on the determination of whether the user is within the proximity threshold, wherein the first partial score is weighted by a first weighting factor; determining a second partial score based at least in part on the determination of whether the user is within the second proximity threshold, wherein the second partial score is weighted by a second weighting factor; and combining the first partial score and the second partial score, thereby determining the transaction proximity score. 4. The apparatus of claim 3 , wherein at least one of the first weighting factor and the second weighting factor are based on the elapsed time since their respective transactions occurred. 5. The apparatus of claim 1 , wherein determining the transaction proximity score comprises: determining a historical transaction pattern associated with the user; determining whether the transaction set of data indicates a current transaction pattern that falls within a predetermined acceptable variance of the historical transaction pattern; and if not, determining the transaction proximity score based at least in part on a variance of the current transaction pattern from the historical transaction pattern. 6. The apparatus of claim 1 , wherein determining the transaction proximity score comprises: determining a historical transaction pattern associated with the user; determining the transaction proximity score based at least in part on a variance of the current transaction pattern from the historical transaction pattern. 7. A method for increasing confidence in user authentication based on transaction data indicating that one or more geographically proximate, card-present transactions were recently approved, the method comprising: receiving, by a mobile device of a user and from the user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of one or more authentication credentials; collecting a transaction set of data comprising information related to one or more card-present transactions conducted by the user, the information indicating that the one or more card-present transactions were approved and indicating one or more transaction locations at which the one or more card-present transactions were approved; collecting, by the mobile device, a location set of data comprising information related to a physical location of the user; determining a current time of day; determining, by the mobile device, a transaction proximity score associated with the user and the one or more card-present transactions, comprising: determining a geographic distance between one or more of the card-present transactions represented in the transaction set of data and the location of the user; determining an amount of time expired between approval of the one or more card-present transactions and the current time of day; determining a proximity threshold associated with the one or more card-present transactions and the amount of time expired; determining whether the user is within the proximity threshold based at least in part on the geographic distance; and determining the transaction proximity score based at least in part on the determination whether the user is within the proximity threshold; determining, by the mobile device, a level of authentication associated with the determined transaction proximity score, wherein the determined level of authentication increases as the geographic distance increases and decreases as the geographic distance decreases; determining, by the mobile device, which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the transaction proximity score; requesting, by the mobile device, from the user one or more authentication credentials corresponding to the determined one or more authentication types; receiving, by the mobile device and from the user, one or more authentication credentials from the user; validating, by the mobile device, the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and in response to the successful validation of the one or more authentication credentials, executing, by the mobile device, the user action. 8. The method of claim 7 , wherein determining the transaction
Assignees
Inventors
Classifications
Key management, e.g. using generic bootstrapping architecture [GBA] · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
applying multi-factor authentication · CPC title
using geofenced areas · CPC title
Time-dependent · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9331994B2 cover?
- Embodiments are directed to systems, methods and computer program products for providing user authentication based on transaction data. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a transaction set of data comprising information related to trans…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 03 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).