Secure mobile device credential provisioning using risk decision non-overrides
First Claim
1. A method, comprising:
- receiving, at a server computer, a provisioning request to provision a credential to a user device, wherein the credential is associated with an account of a user, and wherein the provisioning request includes a first risk level indicating a first perceived risk of provisioning the credential to the user device, wherein the first risk level is determined based on a first set of information;
determining, by the server computer, that the provisioning request includes a non-override condition, wherein the non-override condition recommends setting the first risk level as a final risk decision value;
determining, by the server computer, additional information associated with the user device or the account of the user available to the server computer, wherein the additional information is different than the first set of information;
generating, by the server computer, a second risk level associated with the provisioning request based on the additional information, wherein the second risk level indicates a second perceived risk of provisioning the credential to the user device different than the first perceived risk;
comparing, at the server computer, the first risk level to the second risk level;
when the first risk level is lower than the second risk level;
setting, by the server computer, the second risk level as the final risk decision value even when the non-override condition exists; and
preventing, by the server computer, the credential from being provisioned onto the user device without further authentication, wherein the user device is not capable of initiating a transaction using the account when the credential is prevented from being provisioned onto the user device;
when the first risk level is higher than the second risk level;
setting, by the server computer, the first risk level as the final risk decision value;
causing, by the server computer, one or more scripts to be executed on the user device thereby provisioning the credential onto the user device; and
converting, by the server computer, the user device into a payment device capable of initiating the transaction using the account.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are directed to optimizing the secure provisioning of credentials to mobile devices through use of risk decision non-overrides. In some embodiments, a service provider receives a request from a wallet provider to provision a credential associated with an account to a mobile device. The request includes a first risk level associated with the provisioning. The service provider receives a second risk level associated with the provisioning request from an issuer of the account. Based upon determining that a non-override condition exists, the service provider uses the first risk level from the wallet provider and accordingly causes a user authentication to occur. A non-override condition may be determined based upon scenario indicators received within the provisioning request. In some embodiments, the non-override condition may be ignored when the first risk level indicates medium risk and the second risk level indicates high risk.
569 Citations
20 Claims
-
1. A method, comprising:
-
receiving, at a server computer, a provisioning request to provision a credential to a user device, wherein the credential is associated with an account of a user, and wherein the provisioning request includes a first risk level indicating a first perceived risk of provisioning the credential to the user device, wherein the first risk level is determined based on a first set of information; determining, by the server computer, that the provisioning request includes a non-override condition, wherein the non-override condition recommends setting the first risk level as a final risk decision value; determining, by the server computer, additional information associated with the user device or the account of the user available to the server computer, wherein the additional information is different than the first set of information; generating, by the server computer, a second risk level associated with the provisioning request based on the additional information, wherein the second risk level indicates a second perceived risk of provisioning the credential to the user device different than the first perceived risk; comparing, at the server computer, the first risk level to the second risk level; when the first risk level is lower than the second risk level; setting, by the server computer, the second risk level as the final risk decision value even when the non-override condition exists; and preventing, by the server computer, the credential from being provisioned onto the user device without further authentication, wherein the user device is not capable of initiating a transaction using the account when the credential is prevented from being provisioned onto the user device; when the first risk level is higher than the second risk level; setting, by the server computer, the first risk level as the final risk decision value; causing, by the server computer, one or more scripts to be executed on the user device thereby provisioning the credential onto the user device; and converting, by the server computer, the user device into a payment device capable of initiating the transaction using the account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A server computer, comprising:
-
one or more processors; and a non-transitory computer readable storage medium communicatively coupled with the one or more processors and storing instructions which, when executed by the one or more processors, cause the server computer to; receive a provisioning request to provision a credential to a user device, wherein the credential is associated with an account of a user, and wherein the provisioning request includes a first risk level indicating a first perceived risk of provisioning the credential to the user device, wherein the first risk level is determined based on a first set of information; determine that the provisioning request includes a non-override condition, wherein the non-override condition recommends setting the first risk level as a final risk decision value; determine additional information associated with the user device or the account of the user available to the server computer, wherein the additional information is different than the first set of information; generate a second risk level associated with the provisioning request based on the additional information, wherein the second risk level indicates a second perceived risk of provisioning the credential to the user device different than the first perceived risk; compare the first risk level to the second risk level; when the first risk level is lower than the second risk level; set the second risk level as the final risk decision value even when the non-override condition exists; and prevent the credential from being provisioned onto the user device without further authentication, wherein the user device is not capable of initiating a transaction using the account when the credential is prevented from being provisioned onto the user device; when the first risk level is higher than the second risk level; set the first risk level as the final risk decision value; cause one or more scripts to be executed on the user device thereby provisioning the credential onto the user device; and convert the user device into a payment device capable of initiating the transaction using the account. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification