User authentication by token and comparison to visitation pattern
First Claim
1. An apparatus disposed proximate a financial institution location, the apparatus for receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer, the apparatus comprising:
- a memory;
a processor; and
a module stored in the memory, executable by the processor, and configured to;
receive, from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location;
receive, from the wearable device carried by the customer, financial transaction limitation information indicating at least one limitation on transactions performed with the token;
access, based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer;
determine, based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern;
if so, determine that a required level of authentication for the current visit is a soft level of authentication, wherein the soft level of authentication is one of a plurality of levels of authentication comprising a continuum of authentication; and
if not, determine that the required level of authentication for the current visit is a hard level of authentication, wherein the hard level of authentication is one of the plurality of levels of authentication comprising the continuum of authentication and wherein the hard level of authentication requires full authentication credentials;
receive a request to perform a financial transaction from the customer;
determine that the requested financial transaction exceeds the at least one limitation indicated by the financial transaction limitation information;
in response to determining that the requested financial transaction exceeds the at least one limitation, identify that the requested financial transaction qualifies for an exception to the at least one limitation indicated by the financial transaction limitation information based on at least one of;
identifying that a number of days between a current real-time date and an expiration date of the token is less than a predetermined limit; and
identifying that a category of the requested financial transaction is within a predetermined list of categories; and
in response to determining that the requested financial transaction qualifies for the exception, authenticate, based on the required level of authentication, the customer to initiate the financial transaction at the financial institution location.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are directed to receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer. Embodiments include receive, from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location; access, based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer; determine, based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern; and authenticate, based at least in part on the determination, the customer for performing a transaction at the financial institution location.
-
Citations
15 Claims
-
1. An apparatus disposed proximate a financial institution location, the apparatus for receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer, the apparatus comprising:
-
a memory; a processor; and a module stored in the memory, executable by the processor, and configured to; receive, from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location; receive, from the wearable device carried by the customer, financial transaction limitation information indicating at least one limitation on transactions performed with the token; access, based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer; determine, based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern; if so, determine that a required level of authentication for the current visit is a soft level of authentication, wherein the soft level of authentication is one of a plurality of levels of authentication comprising a continuum of authentication; and if not, determine that the required level of authentication for the current visit is a hard level of authentication, wherein the hard level of authentication is one of the plurality of levels of authentication comprising the continuum of authentication and wherein the hard level of authentication requires full authentication credentials; receive a request to perform a financial transaction from the customer; determine that the requested financial transaction exceeds the at least one limitation indicated by the financial transaction limitation information; in response to determining that the requested financial transaction exceeds the at least one limitation, identify that the requested financial transaction qualifies for an exception to the at least one limitation indicated by the financial transaction limitation information based on at least one of; identifying that a number of days between a current real-time date and an expiration date of the token is less than a predetermined limit; and identifying that a category of the requested financial transaction is within a predetermined list of categories; and in response to determining that the requested financial transaction qualifies for the exception, authenticate, based on the required level of authentication, the customer to initiate the financial transaction at the financial institution location. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer, the method comprising:
-
receiving, at an apparatus proximate a financial institution location and from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location; receiving, by the apparatus, financial transaction limitation information indicating at least one limitation on transactions performed with the token from the wearable device carried by the customer; accessing, by the apparatus and based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer; determining, by the apparatus and based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern; if so, determining that a required level of authentication for the current visit is a soft level of authentication, wherein the soft level of authentication is one of a plurality of levels of authentication comprising a continuum of authentication; and if not, determining that the required level of authentication for the current visit is a hard level of authentication, wherein the hard level of authentication is one of the plurality of levels of authentication comprising the continuum of authentication and wherein the hard level of authentication requires full authentication credentials; receiving a request to perform a financial transaction from the customer; determining that the requested financial transaction exceeds the at least one limitation indicated by the financial transaction limitation information; in response to determining that the requested financial transaction exceeds the at least one limitation, identify that the requested financial transaction qualifies for an exception to the at least one limitation indicated by the financial transaction limitation information based on at least one of; identifying that a number of days between a current real-time date and an expiration date of the token is less than a predetermined limit; and identifying that a category of the requested financial transaction is within a predetermined list of categories; and in response to determining that the requested financial transaction qualifies for the exception, authenticating, by the apparatus and based at least in part on the determination, the customer to initiate the financial transaction at the financial institution location. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer program product for receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer, the computer program product comprising a non-transitory computer-readable medium comprising code causing a first apparatus to:
-
receive, from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location; receive, from the wearable device carried by the customer, financial transaction limitation information indicating at least one limitation on transactions performed with the token; access, based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer; determine, based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern; if so, determine that a required level of authentication for the current visit is a soft level of authentication, wherein the soft level of authentication is one of a plurality of levels of authentication comprising a continuum of authentication; and if not, determine that the required level of authentication for the current visit is a hard level of authentication, wherein the hard level of authentication is one of the plurality of levels of authentication comprising the continuum of authentication and wherein the hard level of authentication requires full authentication credentials; receive a request to perform a financial transaction from the customer; determine that the requested financial transaction exceeds the at least one limitation indicated by the financial transaction limitation information; in response to determining that the requested financial transaction exceeds the at least one limitation, identify that the requested financial transaction qualifies for an exception to the at least one limitation indicated by the financial transaction limitation information based on at least one of; identifying that a number of days between a current real-time date and an expiration date of the token is less than a predetermined limit; and identifying that a category of the requested financial transaction is within a predetermined list of categories; and in response to determining that the requested financial transaction qualifies for the exception, authenticate, based on the required level of authentication, the customer to initiate the financial transaction at the financial institution location. - View Dependent Claims (12, 13, 14, 15)
-
Specification