Adjustment of knowledge-based authentication
First Claim
Patent Images
1. A system comprising:
- a non-transitory computer-readable storage medium for a financial services server comprising computer-executable instructions that direct the financial services server to;
receive, from a consumer computing device via the Internet, a request to open a new financial account with a financial service provider;
receive, from a consumer computing device via the Internet, device identification information associated with the consumer computing device gathered through device identification information gathering code, wherein the device identification information includes one or more of;
device ID,device location,browser type,browser time zone,browser language settings,proxy settings,stated IP address,real IP address,current GPS location data;
orhistorical GPS location data; and
transmit, to an authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device;
receive, from the authentication server, a determination of whether the consumer is authenticated; and
in response to the determination, transmit, to the financial service server, an indication of whether the consumer is authenticated, wherein the financial service server determines whether to open the new financial account for the consumer based on the transmitted indication; and
a non-transitory computer-readable storage medium for the authentication server comprises computer-executable instructions that direct the authentication server to;
receive, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein the identity of the consumer is unknown to the financial service provider;
derive one or more behaviors of the consumer based on at least the device identification information;
calculate a fraud risk of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk to decrease;
generate one or more first user interfaces for the consumer, wherein the one or more first user interfaces includes an authentication question set having one or more authentication question, the authentication question set based on the calculated fraud risk;
receive a first response from the one or more first user interfaces indicative of a consumer'"'"'s response to at least a first authentication question of the authentication question set;
based at least on the consumer'"'"'s response to at least a first authentication question and the associated device identification information, automatically and dynamically adjust the authentication question set by changing one or more of the authentication questions, removing one or more of the authentication questions, and/or adding an additional authentication question;
generate one or more second user interfaces for the consumer, wherein the one or more second user interfaces includes the adjusted authentication question set having at least a second authentication question;
receive a second response indicative of the consumer'"'"'s response to at least the second authentication question of the adjusted authentication question set;
based at least on the first response, the second response, and the associated device identification information, determine whether the consumer is authenticated; and
transmit an indication of consumer authentication to the financial services server.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for adjustment of difficulty level, quantity, and/or other parameters of knowledge-based authentication. The questions may be asked of a consumer based on one or more generated risk scores associated with the consumer'"'"'s behavior, which may be derived from information received from the consumer, a representative responsible for entering information regarding the consumer, and/or from the consumer'"'"'s computing device.
1063 Citations
21 Claims
-
1. A system comprising:
-
a non-transitory computer-readable storage medium for a financial services server comprising computer-executable instructions that direct the financial services server to; receive, from a consumer computing device via the Internet, a request to open a new financial account with a financial service provider; receive, from a consumer computing device via the Internet, device identification information associated with the consumer computing device gathered through device identification information gathering code, wherein the device identification information includes one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, real IP address, current GPS location data;
orhistorical GPS location data; and transmit, to an authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device; receive, from the authentication server, a determination of whether the consumer is authenticated; and in response to the determination, transmit, to the financial service server, an indication of whether the consumer is authenticated, wherein the financial service server determines whether to open the new financial account for the consumer based on the transmitted indication; and a non-transitory computer-readable storage medium for the authentication server comprises computer-executable instructions that direct the authentication server to; receive, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein the identity of the consumer is unknown to the financial service provider; derive one or more behaviors of the consumer based on at least the device identification information; calculate a fraud risk of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk to decrease; generate one or more first user interfaces for the consumer, wherein the one or more first user interfaces includes an authentication question set having one or more authentication question, the authentication question set based on the calculated fraud risk; receive a first response from the one or more first user interfaces indicative of a consumer'"'"'s response to at least a first authentication question of the authentication question set; based at least on the consumer'"'"'s response to at least a first authentication question and the associated device identification information, automatically and dynamically adjust the authentication question set by changing one or more of the authentication questions, removing one or more of the authentication questions, and/or adding an additional authentication question; generate one or more second user interfaces for the consumer, wherein the one or more second user interfaces includes the adjusted authentication question set having at least a second authentication question; receive a second response indicative of the consumer'"'"'s response to at least the second authentication question of the adjusted authentication question set; based at least on the first response, the second response, and the associated device identification information, determine whether the consumer is authenticated; and transmit an indication of consumer authentication to the financial services server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
-
-
8. A computer-implemented authentication method comprising:
-
receiving a request to open a new financial account with a financial service provider; receiving device identification information associated with a consumer computing device gathered through device identification information gathering code, wherein the device identification information includes one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, real IP address, current GPS location data;
orhistorical GPS location data; transmitting a request to set authentication requirements for a consumer and information allowing an authentication server to communicate with the consumer computing device; receiving a determination of whether the consumer is authenticated; and in response to the determination, transmitting an indication of whether the consumer is authenticated, wherein a financial service server determines whether to open the new financial account for the consumer based on the transmitted indication; and for a first authentication session; receiving the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein an identity of the consumer is unknown to the financial service provider; deriving one or more behaviors of the consumer based on at least the device identification information; calculating a fraud risk of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk to decrease; generating one or more first user interfaces for the consumer, wherein the one or more user first interfaces includes an authentication question set, the authentication question set based on the calculated fraud risk; receiving a first response from the one or more first user interfaces indicative of a consumer'"'"'s response to the authentication question set; based at least on the consumer'"'"'s response to at least a first authentication question and the associated device identification information, automatically and dynamically adjusting the authentication question set by changing one or more of the authentication questions, removing one or more of the authentication questions, and/or adding an additional authentication question; and transmitting an indication of consumer authentication to the financial services server; for a second authentication session; receiving, from the financial services server or another computing system, a second request to set authentication requirements for the consumer; based on at least the indication of consumer authentication, generating one or more second user interfaces for the consumer, wherein the one or more second user interfaces includes the adjusted authentication question set; receiving a second response to the adjusted authentication question set; based at least on the first response to the authentication question set, the second response, and the device identification information, determining whether the consumer is authenticated; and transmitting a second indication of consumer authentication to the financial services server. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented authentication method comprising:
-
receiving, from a financial services server via the Internet, a request to set authentication requirements for a consumer in response to a request transmitted from a consumer computing device to open a new financial account and device identification information associated with the consumer computing device, wherein the the identity of the consumer is unknown to the financial services server, wherein the device identification information includes one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, real IP address, current GPS location data;
orhistorical GPS location data; deriving one or more behaviors of the consumer based on at least the device identification information; calculating a fraud risk of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk to decrease; generating one or more first user interfaces for the consumer, wherein the one or more first user interfaces includes an authentication question set having one or more authentication questions, the authentication question set based on the calculated fraud risk; receiving a first response from the one or more first user interfaces indicative of a consumer'"'"'s response to at least a first authentication question of the authentication question set; based at least on the consumer'"'"'s response to at least a first authentication question and the associated device identification information, automatically and dynamically adjusting the authentication question set by changing one or more of the authentication questions, removing one or more of the authentication questions, and/or adding an additional authentication question; generate one or more second user interfaces for the consumer, wherein the one or more second user interfaces includes the adjusted authentication question set having at least a second authentication question; receive a second response indicative of the consumer'"'"'s response to at least the second authentication question of the adjusted authentication question set; based at least on the first response, the second response, and the device identification, determine whether the consumer is authenticated; and transmitting an indication of the consumer authentication to the financial services server. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification