User and entity authentication through an information storage and communication system

US 10,055,732 B1
Filed: 03/03/2014
Issued: 08/21/2018
Est. Priority Date: 03/29/2013
Status: Active Grant

First Claim

Patent Images

1. An authentication system for authenticating parties involved in a transaction, the authentication system comprising:

an authentication server having a memory and a processor, wherein the processor is configured to;

receive an authentication request from a first party device, wherein the first party device is associated with a first party, wherein the authentication request includes a request to authenticate an identity of a second party and a cost value associated with the transaction,determine an amount of information required to authenticate the second party as being involved in the transaction, wherein the authentication server is configured to determine the amount of information required by comparing the cost value associated with the transaction to a cost threshold, and wherein the cost threshold is determined based on a statistical analysis of cost values in a transaction history of the second party,transmit an information request to a second party device, wherein the second party device is associated with the second party,receive a second party information,compare the second party information with a verified second party information, wherein the verified second party information corresponds to the amount of information, andtransmit an authentication result to the first party device for use in determining whether the transaction will proceed;

wherein the authentication server determines that a lower level of authentication is required in response to determining that the cost value associated with the transaction is lower than the cost threshold, the lower level of authentication requiring that the second party information include at least one user input that is an alphanumeric entry or biometric; and

wherein the authentication server determines that a higher level of authentication is required in response to determining that the cost value associated with the transaction is at least as great as the cost threshold, the higher level of authentication requiring that the second party information include at least two user inputs selected from a group consisting of a biometric, a password, a secret code, a personal identification number (PIN), and personal information, wherein a greater number of user inputs is required for the higher level of authentication than for the lower level of authentication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for authenticating parties and transactions are described herein. The systems and methods may be part of an information wallet system. The information wallet system or a separate authentication system in communication with the information wallet system may facilitate verification and/or authentication of the parties. In one embodiment, the authentication system includes an authentication server configured to receive an authentication request from a first party to authenticate a second party. The authentication server is further configured to transmit an information request the second party. The authentication server is configured to receive second party information and to configured to compare the second party information with a verified second party information. The authentication server is configured to transmit an authentication result to the first party device.

63 Citations

View as Search Results

20 Claims

1. An authentication system for authenticating parties involved in a transaction, the authentication system comprising:
- an authentication server having a memory and a processor, wherein the processor is configured to;
  
  receive an authentication request from a first party device, wherein the first party device is associated with a first party, wherein the authentication request includes a request to authenticate an identity of a second party and a cost value associated with the transaction,determine an amount of information required to authenticate the second party as being involved in the transaction, wherein the authentication server is configured to determine the amount of information required by comparing the cost value associated with the transaction to a cost threshold, and wherein the cost threshold is determined based on a statistical analysis of cost values in a transaction history of the second party,transmit an information request to a second party device, wherein the second party device is associated with the second party,receive a second party information,compare the second party information with a verified second party information, wherein the verified second party information corresponds to the amount of information, andtransmit an authentication result to the first party device for use in determining whether the transaction will proceed;
  
  wherein the authentication server determines that a lower level of authentication is required in response to determining that the cost value associated with the transaction is lower than the cost threshold, the lower level of authentication requiring that the second party information include at least one user input that is an alphanumeric entry or biometric; and
  
  wherein the authentication server determines that a higher level of authentication is required in response to determining that the cost value associated with the transaction is at least as great as the cost threshold, the higher level of authentication requiring that the second party information include at least two user inputs selected from a group consisting of a biometric, a password, a secret code, a personal identification number (PIN), and personal information, wherein a greater number of user inputs is required for the higher level of authentication than for the lower level of authentication.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The authentication system of claim 1, wherein the processor is further configured to determine that the second party information matches the verified second party information.
  - 3. The authentication system of claim 2, wherein the authentication result indicates that the identity of the second party is authenticated.
  - 4. The authentication system of claim 1, wherein the processor is further configured to determine that the second party information does not match the verified second party information.
  - 5. The authentication system of claim 4, wherein the authentication result indicates that the identity of the second party is not authenticated.
  - 6. The authentication system of claim 1, wherein the processor is further configured to receive transaction information relating to a pending transaction between the first party and the second party.

7. A method of authenticating parties in an authentication system, the authentication system includes a server having a memory and a processor, the method comprising:
- receiving, at the server, an authentication request from a first party device associated with a first party, wherein the authentication request includes a request to authenticate an identity of a second party and a cost value associated with a transaction between the first party and the second party;
  
  determining, by the server, an amount of information required to authenticate the second party as being involved in the transaction, wherein determining the amount of information required comprises comparing the cost value associated with the transaction to a cost threshold, wherein the cost threshold is determined based on a statistical analysis of cost values in a transaction history of the second party;
  
  transmitting, by the server, an information request to a second party device associated with the second party;
  
  receiving, at the server, a second party information from the second party device;
  
  comparing, by the server, the second party information with a verified second party information stored in a database, wherein the verified second party information corresponds to the amount of information; and
  
  transmitting, by the server, an authentication result to the first party device for use in determining whether the transaction will proceed;
  
  wherein the authentication server determines that a lower level of authentication is required in response to determining that the cost value associated with the transaction is lower than the cost threshold, the lower level of authentication requiring that the second party information include at least one user input that is an alphanumeric entry or biometric; and
  
  wherein the authentication server determines that a higher level of authentication is required in response to determining that the cost value associated with the transaction is at least as great as the cost threshold, the higher level of authentication requiring that the second party information include at least two user inputs selected from a group consisting of a biometric, a password, a secret code, a personal identification number (PIN), and personal information, wherein a greater number of user inputs is required for the higher level of authentication than for the lower level of authentication.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising determining, by the server, that the second party information matches the verified second party information.
  - 9. The method of claim 8, wherein the authentication result indicates that the identity of the second party is authenticated.
  - 10. The method of claim 7, further comprising determining, by the server, that the second party information does not match the verified second party information.
  - 11. The method of claim 10, wherein the authentication result indicates that the identity of the second party is not authenticated.
  - 12. The method of claim 7, further comprising receiving, by the server transaction information relating to a pending transaction between the first party and the second party.

13. A method of verifying an intention of a first party to enter into a transaction with a second party in an authentication system, the authentication system including an authentication server and a party information database, the method comprising:
- receiving, at the authentication server, a transaction authentication request from a first party device associated with a first party, wherein the transaction authentication request includes information relating to a pending transaction between the first party and a second party, wherein the information relating to the pending transaction includes a cost value associated with the pending transaction;
  
  determining, by the authentication server, an amount of information required to authenticate the second party as being involved in the pending transaction, wherein the determining the amount of information required comprises comparing the cost value associated with the transaction to a cost threshold, wherein the cost threshold is determined based on a statistical analysis of cost values in a transaction history of the second party;
  
  transmitting, by the authentication server, a verification request to a second party device associated with the second party;
  
  receiving, at the server, a second party information from the second party device; and
  
  transmitting, by the server, a result to the first party device for use in determining whether the transaction will proceed;
  
  wherein the authentication server determines that a lower level of authentication is required in response to determining that the cost value associated with the transaction is lower than the cost threshold, the lower level of authentication requiring that the second party information include at least one user input that is an alphanumeric entry or biometric; and
  
  wherein the authentication server determines that a higher level of authentication is required in response to determining that the cost value associated with the transaction is at least as great as the cost threshold, the higher level of authentication requiring that the second party information include at least two user inputs selected from a group consisting of a biometric, a password, a secret code, a personal identification number (PIN), and personal information, wherein a greater number of user inputs is required for the higher level of authentication than for the lower level of authentication.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, further comprising comparing, by the server, the second party information with a verified second party information stored in a database, wherein the second party information includes personal information and/or biometric information relating to the second party.
  - 15. The method of claim 14, wherein the result includes an authentication of an identity of the second party.
  - 16. The method of claim 13, further comprising determining that the second party does intend to enter the transaction with the first party.
  - 17. The method of claim 13, further comprising determining that the second party does not intend to enter the transaction with the first party.
  - 18. The method of claim 17, wherein the result indicates that the pending transaction may be fraudulent.
  - 19. The method of claim 18, further comprising, transmitting, by the server, an alert to a third party indicating that the pending transaction may be fraudulent.
  - 20. The method of claim 13, further comprising determining, by the server, a level of authorization required by the second party based at least in part on the information relating to the pending transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Original Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Inventors
Hecht, Al
Primary Examiner(s)
Pyzocha, Michael
Assistant Examiner(s)
Lapian, Alexander R

Application Number

US14/195,297
Time in Patent Office

1,632 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4014   Identity check for transact...

G06Q 20/405   Establishing or using trans...

User and entity authentication through an information storage and communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

User and entity authentication through an information storage and communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others