Risk-link authentication for optimizing decisions of multi-factor authentications

US 10,210,518 B2
Filed: 04/13/2016
Issued: 02/19/2019
Est. Priority Date: 04/13/2016
Status: Active Grant

First Claim

Patent Images

1. A method for evaluating risk in an electronic banking transaction by estimating an aggregated risk value from a set of risk factors, the method comprising, the steps of:

remotely performing an initial authentication of an end user;

performing an initial aggregated risk value analysis from a set of risk factors related to the user by imposing a parallel graphics processing unit architecture in response to authenticating that the end user is authorized to conduct a desired electronic transaction by deriving a first set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the first set of aggregated risk values, if authentication information is fraudulent information in order to terminate the desired electronic banking transaction, wherein an aggregated risk value of the first set of aggregated risk values is based in part on a location of the end user;

requesting, from the user, that the user enters a secondary authentication, wherein the secondary authentication is a multi-factor authentication such that the number of factors in the multi-factor authentication is based upon the user;

receiving, from the user, a query concerning said electronic banking transaction that the user desires to conduct;

performing a further aggregated risk value analysis from a set of risk factors related to the electronic banking transaction that the user desires to conduct by imposing a parallel graphics processing unit architecture in response to authenticating that the end user s authorized to conduct the desired electronic transaction by deriving a second set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the second set of aggregated risk values, if the authentication information is fraudulent information in order to terminate the desired electronic banking transaction;

requesting, from the user, that the user enters a tertiary authentication, wherein the tertiary authentication is another multi-factor authentication such that the number of factors in the another multi-factor authentication is based upon the electronic banking transaction that the user desires to conduct; and

completing the desired transaction, if the user enters an acceptable tertiary authentication.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for evaluating risk in an electronic banking transaction by estimating an aggregated risk value from a set of risk factors that are either dependent or independent of each other, comprising: user input means for enabling an end user to provide authentication information related to a desired electronic banking transaction; financial institution authentication means for authenticating that an end user is authorized to conduct the desired electronic transaction; risk computation means for imposing authentication requirements upon the end user in adaptation to a risk value of the desired banking electronic banking transaction; transaction session means for tracking an amount of time that the desired electronic banking transaction is taking; and financial institution transaction means for storing data related to the desired electronic banking transaction.

40 Citations

View as Search Results

9 Claims

1. A method for evaluating risk in an electronic banking transaction by estimating an aggregated risk value from a set of risk factors, the method comprising, the steps of:
- remotely performing an initial authentication of an end user;
  
  performing an initial aggregated risk value analysis from a set of risk factors related to the user by imposing a parallel graphics processing unit architecture in response to authenticating that the end user is authorized to conduct a desired electronic transaction by deriving a first set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the first set of aggregated risk values, if authentication information is fraudulent information in order to terminate the desired electronic banking transaction, wherein an aggregated risk value of the first set of aggregated risk values is based in part on a location of the end user;
  
  requesting, from the user, that the user enters a secondary authentication, wherein the secondary authentication is a multi-factor authentication such that the number of factors in the multi-factor authentication is based upon the user;
  
  receiving, from the user, a query concerning said electronic banking transaction that the user desires to conduct;
  
  performing a further aggregated risk value analysis from a set of risk factors related to the electronic banking transaction that the user desires to conduct by imposing a parallel graphics processing unit architecture in response to authenticating that the end user s authorized to conduct the desired electronic transaction by deriving a second set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the second set of aggregated risk values, if the authentication information is fraudulent information in order to terminate the desired electronic banking transaction;
  
  requesting, from the user, that the user enters a tertiary authentication, wherein the tertiary authentication is another multi-factor authentication such that the number of factors in the another multi-factor authentication is based upon the electronic banking transaction that the user desires to conduct; and
  
  completing the desired transaction, if the user enters an acceptable tertiary authentication.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method, as in claim 1, wherein the performing an initial authentication step further comprises the step of requesting an initial user identification from the user.
  - 3. The method, as in claim 1, wherein the performing an initial aggregated risk value analysis from a set of risk factors related to the user step further comprises:
    - identifying relevant risk factors from the set of risk factors related to the user;
      
      assigning a value to each relevant risk factor based upon the user;
      
      computing correlation matrices based upon a past transaction history of the user and based upon fraudulent transactions of all of users of a financial institution and fraudulent transactions of all of users of a banking sector, wherein the correlation matrices are computed in parallel using two separate graphical processing units to determine the first set of aggregated risk values; and
      
      selecting the aggregated risk value that is the largest of the first set of aggregated risk values.
  - 4. The method, as in claim 1, wherein the secondary authentication step is selected from a group of secondary authentication steps comprising:
    - using a hard token authentication means;
      
      using a face recognition authentication means;
      
      or using a biometric authentication means.
  - 5. The method, as in claim 1, wherein the performing a further aggregated risk value analysis step further comprises:
    - identifying relevant risk factors from the set of risk factors related to the desired banking transaction by the user;
      
      assigning a value to each relevant risk factor based upon the desired banking transaction by the user;
      
      computing correlation matrices based upon a past transaction history of the user and based upon fraudulent transactions of all of users of the financial institution and fraudulent transactions of all of users of a banking sector, wherein the correlation matrices are computed in parallel using the two separate graphical processing units to determine the second set of aggregated risk values; and
      
      selecting the aggregated risk value that the largest of the second set of aggregated risk values.
  - 6. The method, as in claim 1, wherein the requesting the tertiary authentication step further comprises the step of requesting a further user identification from the user.

7. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by a computing device, cause the computing device to:
- remotely perform an initial authentication of an end user;
  
  perform an initial aggregated risk value analysis from a set of risk factors based upon the user by imposing a parallel graphics processing unit architecture in response to authenticating that the end user is authorized to conduct a desired electronic transaction by deriving a first set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the first set of aggregated risk values, if authentication information is fraudulent information in order to terminate the desired electronic banking transaction, wherein the initial aggregated risk value analysis is based in part on a location of the end user;
  
  request, from the user, that the user enters a secondary authentication, wherein the secondary authentication is a multi-factor authentication such that the number of factors in the multi-factor authentication is based upon the user;
  
  receive, from the user, a query concerning an electronic banking transaction that the user desires to conduct;
  
  perform a further aggregated risk value analysis from a set of risk factors based upon the electronic banking transaction that, the user desires to conduct by imposing a parallel graphics processing unit architecture in response to authenticating that the end user is authorized to conduct the desired electronic transaction by deriving a second set of aggregated risk values in real time using a non-linear transformation and computation method for determining in real time evasive fraudulent financial transactions in on-line financial transactions to determine, based upon a greater one of the two aggregated risk values of the second set of aggregated risk values, if the authentication information is fraudulent information in order to terminate the desired electronic banking transaction;
  
  request, from the user, that the user enters a tertiary authentication, wherein the tertiary authentication is another multi-factor authentication such that the number of factors in the another multi-factor authentication is based upon a type of electronic banking transaction that the user desires to conduct; and
  
  complete the desired transaction, if the user enters an acceptable tertiary authentication.
- View Dependent Claims (8, 9)
- - 8. The at least one non-transitory computer-readable medium, as in claim 7, wherein the performing an initial aggregated risk value analysis step further comprises:
    - identify relevant risk factors from the set of risk factors related to the user;
      
      assign a value to each relevant risk factor based upon the user;
      
      compute correlation matrices based upon a past transaction history of the user and based upon fraudulent transactions of all of users of a financial institution and fraudulent transactions of all of users of a banking sector, wherein the correlation matrices are computed in parallel using two separate graphical processing units to determine the first set of aggregated risk values; and
      
      select the aggregated risk value that is the largest of the first set of aggregated risk values.
  - 9. The at least one non-transitory computer-readable medium, as in claim 7, wherein the performing a further aggregated risk value analysis step further comprises:
    - identify relevant risk factors from the set of risk factors related to the desired banking transaction by the user;
      
      assign a value to each relevant risk factor based upon the desired transaction by the user;
      
      compute correlation matrices based upon the past transaction history of the user and based upon the fraudulent transactions of all of users of the financial institution and fraudulent transactions of all of users of a banking sector, wherein the correlation matrices are computed in parallel using the two separate graphical processing units to determine the second set of aggregated risk values; and
      
      select the aggregated risk value that is the largest of the second set of aggregated risk values.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Abdullah Abdulaziz I. Alnajem
Original Assignee
Abdullah Abdulaziz I. Alnajem
Inventors
Alnajem, Abdullah Abdulaziz I.
Primary Examiner(s)
Poinvil, Frantzy

Application Number

US15/098,293
Publication Number

US 20170300911A1
Time in Patent Office

1,042 Days
Field of Search

705 3- 44
US Class Current
CPC Class Codes

G06Q 10/0635   Risk analysis of enterprise...

G06Q 20/4014   Identity check for transact...

G06Q 20/4015   using location information

G06Q 20/4016   involving fraud or risk lev...

Risk-link authentication for optimizing decisions of multi-factor authentications

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Risk-link authentication for optimizing decisions of multi-factor authentications

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links