Dynamic risk engine

US 10,164,999 B1
Filed: 04/25/2018
Issued: 12/25/2018
Est. Priority Date: 03/20/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory, computer-readable storage medium containing a set of instructions which, when executed by one or more processors, cause the one or more processors to:

interact, via a first medium for information exchange, with a device associated with a user;

receive or initiate a request to engage in an activity during the interaction;

determine a first activity trust threshold for the activity in connection with the first medium for information exchange;

determine an initial identity trust score for the user based at least in part on identifying information collected during the interaction, wherein the initial identity trust score is an identity trust score at a time the activity is requested;

in response to the initial identity trust score meeting or exceeding the first activity trust threshold, allow the user to engage in the activity during a session;

receive a request to continue the session via a second medium for information exchange;

update the identity trust score with information collected during the session; and

in response to the updated identity trust score meeting or exceeding a second activity trust threshold in connection with the second medium for information exchange, continue the session via the second medium for information exchange.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the present invention generally relate to identity authentication and/or recognition. Some embodiments provide a method for determining when a user may engage in a restricted activity, including engaging in an initial contact with a user via a medium for exchange, receiving a request to engage in an activity, determining an activity trust threshold required for the activity, determining an initial identity trust score for the user, and comparing the initial identity trust score with the activity trust threshold. Based on the comparison, the user is either allowed to engage in the activity, rejected from engaging in the activity, or additional identifying information is collected.

27 Citations

View as Search Results

20 Claims

1. A non-transitory, computer-readable storage medium containing a set of instructions which, when executed by one or more processors, cause the one or more processors to:
- interact, via a first medium for information exchange, with a device associated with a user;
  
  receive or initiate a request to engage in an activity during the interaction;
  
  determine a first activity trust threshold for the activity in connection with the first medium for information exchange;
  
  determine an initial identity trust score for the user based at least in part on identifying information collected during the interaction, wherein the initial identity trust score is an identity trust score at a time the activity is requested;
  
  in response to the initial identity trust score meeting or exceeding the first activity trust threshold, allow the user to engage in the activity during a session;
  
  receive a request to continue the session via a second medium for information exchange;
  
  update the identity trust score with information collected during the session; and
  
  in response to the updated identity trust score meeting or exceeding a second activity trust threshold in connection with the second medium for information exchange, continue the session via the second medium for information exchange.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The non-transitory, computer-readable storage medium of claim 1, wherein the initial identity trust score is based at least in part on the first medium for information exchange.
  - 3. The non-transitory, computer-readable storage medium of claim 1, wherein the first activity trust threshold is determined based on rules relating to a risk of the activity, wherein the risk of the activity is determined based at least in part on security preferences.
  - 4. The non-transitory, computer-readable storage medium of claim 3, wherein the security preferences are defined by an organization.
  - 5. The non-transitory, computer-readable storage medium of claim 1, wherein the first activity trust threshold is determined based on rules relating to a risk of the activity, and wherein the risk of the activity is determined by at least one of:
    - type of the activity, perceived threats, regulations, transaction amount, or destination of funds.
  - 6. The non-transitory, computer-readable storage medium of claim 1, wherein the identifying information is at least one of:
    - username, password, biometric data, device identification, automatic number identification, token, one time password, or grid card code.
  - 7. The non-transitory, computer-readable storage medium of claim 1, wherein the first medium for exchange is an internet portal, a mobile application, an instant messaging system, or voice communication, wherein the identifying information is acquired based at least in part on the first medium for information exchange.
  - 8. The non-transitory, computer-readable storage medium of claim 1, wherein the identifying information comprises historical user behavior, wherein historical user behavior comprises information related to logon attempts and information related to historical user activities.
  - 9. The non-transitory, computer-readable storage medium of claim 1, wherein the identifying information is information in connection with the first medium for information exchange, and wherein the information in connection with the first medium for exchange comprises at least one of:
    - location information, device identification, past channel usage, language, network, or internet service provider.
  - 10. The non-transitory, computer-readable storage medium of claim 1, wherein the identifying information is at least one of:
    - information known to the user, a physical attribute of the user, or information identifying the device.
  - 11. The non-transitory, computer-readable storage medium of claim 1, wherein the identifying information used to allow the user to engage in the activity via the first medium for information exchange is used to allow the user to engage in the activity via the second medium for information exchange.
  - 12. The non-transitory, computer-readable storage medium of claim 1, wherein the second medium for information exchange is a different type of medium for information exchange than the first medium for information exchange.

13. A method comprising:
- interacting, via a first medium for information exchange, with a device associated with a user;
  
  receiving or initiating a request to engage in an activity during the interaction;
  
  determining, by a processor, a first activity trust threshold for the activity in connection with the first medium for information exchange;
  
  determining, by the processor, an initial identity trust score for the user based at least in part on identifying information collected during the interaction, wherein the initial identity trust score is an identity trust score at a time the activity is requested;
  
  in response to the initial identity trust score meeting or exceeding the first activity trust threshold, allowing the user to engage in the activity during a session;
  
  receiving a request to continue the session via a second medium for information exchange;
  
  updating the identity trust score with information collected during the session; and
  
  in response to the updated identity trust score meeting or exceeding a second activity trust threshold in connection with the second medium for information exchange, continuing the session via the second medium for information exchange.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, wherein the initial identity trust score is based at least in part on the first medium for information exchange.
  - 15. The method of claim 13, wherein the first activity trust threshold is determined based on rules relating to a risk of the activity, wherein the risk of the activity is determined by at least one of:
    - security preferences, type of the activity, perceived threats, regulations, transaction amount, or destination of funds.
  - 16. The method of claim 13, wherein the identifying information is at least one of:
    - username, password, biometric data, device identification, automatic number identification, token, one time password, or grid card code, wherein the first medium for exchange is an internet portal, a mobile application, an instant messaging system, or voice communication, wherein the identifying information is acquired based at least in part on the first medium for information exchange.
  - 17. The method of claim 13, wherein the identifying information is information in connection with the first medium for information exchange, wherein the information in connection with the first medium for exchange comprises at least one of:
    - location information, device identification, past channel usage, language, network, or internet service provider.
  - 18. The method of claim 13, wherein the identifying information used to allow the user to engage in the activity via the first medium for information exchange is used to allow the user to engage in the activity via the second medium for information exchange, wherein the second medium for information exchange is a different type of medium for information exchange than the first medium for information exchange.
  - 19. The method of claim 13, wherein the identifying information comprises historical user behavior, wherein historical user behavior comprises information related to logon attempts and information related to historical user activities.

20. A system comprising:
- a memory; and
  
  a processor in communication with the memory, the processor operable to execute software modules, the software modules comprising;
  
  a channel information collection module operable to;
  
  interact, via a first medium for information exchange, with a device associated with a user;
  
  receive or initiate a request to engage in an activity during the interaction;
  
  an activity trust threshold module operable to;
  
  determine a first activity trust threshold for the activity in connection with the first medium for information exchange;
  
  determine an initial identity trust score for the user based at least in part on identifying information collected during the interaction, wherein the initial identity trust score is an identity trust score at a time the activity is requested;
  
  in response to the initial identity trust score meeting or exceeding the first activity trust threshold, allow the user to engage in the activity during a session;
  
  receive a request to continue the session via a second medium for information exchange;
  
  update the identity trust score with information collected during the session; and
  
  in response to the updated identity trust score meeting or exceeding a second activity trust threshold in connection with the second medium for information exchange, continue the session via the second medium for information exchange.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Services Automobile Association
Original Assignee
United Services Automobile Association
Inventors
Casillas, Debra, Davey, Richard Andrew, Morris, Michael Frank, Mortensen, Maland Keith, Row, John David, Buckingham, Thomas, Sanclemente, Tammy
Primary Examiner(s)
Abyaneh, Ali S

Application Number

US15/962,951
Time in Patent Office

244 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/46   by designing passwords or c...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/0869   for achieving mutual authen...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

Dynamic risk engine

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic risk engine

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links