Systems and methods for monitoring payment transactions for fraud using social media
US-2015161610-A1 · Jun 11, 2015 · US
Determining user authentication based on user/device interaction
US9965606B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9965606-B2 |
| Application number | US-201514928332-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 30, 2015 |
| Priority date | Feb 7, 2014 |
| Publication date | May 8, 2018 |
| Grant date | May 8, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments of the present invention may be configured to communicate code executable by a computing device that causes the computing device to monitor user patterns of a user based on the user interacting with the computing device; receive baseline user patterns to identify the user; identify, from the baseline user patterns, one or more routine actions performed by the user operating the computing device; receive a request to perform a transaction, wherein the transaction is associated with a level of security that must be authenticated; receive identification user patterns of the user based on the user interacting with the computing device; determine a threshold score based on comparing the identification user patterns with the baseline user patterns; and alter the level of security.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus for user authentication based on user/device interactions, the apparatus comprising: a memory; one or more processors; and a security module stored in the memory, executable by the one or more processors, and configured to cause the one or more processors to: communicate, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device; receive, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors; identify, from the baseline set of physical user patterns, one or more routine actions performed by the user while physically interacting with the computing device; receive, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction; receive, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device; determine a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns; based on the threshold score, alter the level of security that must be authenticated prior to completing the transaction; cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security; communicate a request for the user to submit a response to one or more credentials associated with the level of security; receive the response to the one or more credentials associated with the level of security; authenticate the user based on validating the response to the one or more credentials associated with the level of security; and perform the transaction based on authenticating the user. 2. The apparatus of claim 1 , wherein the level of security that must be authenticated prior to completing the transaction is one of a hard authentication and a soft authentication, wherein the hard authentication comprises two or more authentication credentials, and wherein the soft authentication comprises one authentication credential. 3. The apparatus of claim 2 , wherein altering the level of security that must be authenticated prior to completing the transaction comprises changing the level of security, if the level of security is the hard authentication, from the hard authentication to the soft authentication, or changing the level of security, if the level of security is the soft authentication to no authentication. 4. The apparatus of claim 1 , wherein the threshold score is associated with one of a fully authenticated tier, a partially authenticated tier, and no authenticated tier, wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring no authentication credentials prior to performing the transaction, wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring at least a partial number of the authentication credentials associated with the level of security prior to completing the transaction, and wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring all of the authentication credentials associated with the level of security and at least one other authentication credential not associated with the level of security. 5. The apparatus of claim 1 , wherein the physical user patterns of the user further comprise at least one of a time of day when the user physically interacts with the computing device or specific applications stored on the computing device that the user accesses, an order in which the user accesses the specific applications stored on the computing device, an angle at which the user holds the computing device captured by the computing device using an accelerometer, contacts stored on the computing device, and the like. 6. The apparatus of claim 1 , wherein the security module is further configured to cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on receiving validating one or more authentication credentials associated with the level of security. 7. A method for user authentication based on user/device interactions, the method comprising: communicating, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device; receiving, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors; identifying, from the baseline set of physical user patterns, one or more routine actions performed by the user while operating the computing device; receiving, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction; receiving, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device; determining a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns; based on the threshold score, altering the level of security that must be authenticated prior to completing the transaction; cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security; cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security; communicate a request for the user to submit a response to one or more credentials associated with the level of security; receive the response to the one or more credentials associated with the level of security; authenticate the user based on validating the response to the one or more credentials associated with the level of security; and perform the transaction based on authenticating the user. 8. The method of claim 7 , wherein the level of security that must be authenticated prior to completing the transaction is one of a hard authentication and a soft authentication, wherein the hard authentication comprises two or more authentication credentials, and wherein the soft authentication comprises one authentication credential. 9. The method of claim 8 , wherein altering the level of security that must be authenticated prior to completing the transaction comprises changing the level of security, if the level of security is the hard authentication, from the hard authentication to the soft authentication, or changing the level of security, if the level of security is the soft authentication to no authentication. 10. The meth
Assignees
Inventors
Classifications
Structures or tools for the administration of authentication · CPC title
applying multi-factor authentication · CPC title
- G06F21/316Primary
by observing the pattern of computer usage, e.g. typical user behaviour · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Multi-level security, e.g. mandatory access control · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9965606B2 cover?
- Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments of the present invention may be configured to communicate code executable by a computing device that causes the computing device to monitor user patterns of a user based on the user interacting with the computing device; receive baseline use…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification G06F21/316. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 08 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).