Methods and systems for leveraging transaction data to dynamically authenticate a user

US 10,373,164 B2
Filed: 08/14/2017
Issued: 08/06/2019
Est. Priority Date: 12/09/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for authenticating a candidate user for facilitating accessing a host computing device as an authentic user, the host computing device in communication with an authenticating computing device, said method comprising:

receiving, by the authenticating computing device, an authentication request for accessing secure data stored on the host computing device, the secure data not including transaction data;

retrieving, by the authenticating computing device from a database, the transaction data associated with the authentic user based on a user identifier;

generating, by the authenticating computing device, a challenge question and a correct answer to the challenge question based on the transaction data associated with the authentic user;

generating, by the authenticating computing device, a plurality of incorrect answers to the challenge question by comparison to the transaction data; and

transmitting, by the authenticating computing device, the challenge question, the correct answer, and the plurality of incorrect answers to the host computing device without exposing the transaction data to the host computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for authenticating a candidate user accessing a host computing device as an authentic user is provided. The host computing device is in communication with an authenticating computing device. The method includes receiving, by the authenticating computing device, a request to authenticate the candidate user as an authentic user. The authentication request includes a user identifier. The method also includes retrieving, by the authenticating computing device, transaction data including payment transactions performed by the authentic user based on the user identifier. The method also includes generating, by the authenticating computing device, a challenge question and a correct answer based on the transaction data associated with the authentic user, and transmitting the challenge question for display on a candidate user computing device used by the candidate user.

63 Citations

View as Search Results

21 Claims

1. A computer-implemented method for authenticating a candidate user for facilitating accessing a host computing device as an authentic user, the host computing device in communication with an authenticating computing device, said method comprising:
- receiving, by the authenticating computing device, an authentication request for accessing secure data stored on the host computing device, the secure data not including transaction data;
  
  retrieving, by the authenticating computing device from a database, the transaction data associated with the authentic user based on a user identifier;
  
  generating, by the authenticating computing device, a challenge question and a correct answer to the challenge question based on the transaction data associated with the authentic user;
  
  generating, by the authenticating computing device, a plurality of incorrect answers to the challenge question by comparison to the transaction data; and
  
  transmitting, by the authenticating computing device, the challenge question, the correct answer, and the plurality of incorrect answers to the host computing device without exposing the transaction data to the host computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - generating, by the authenticating computing device, the challenge question before receiving the authentication request; and
      
      storing, by the authenticating computing device, the challenge question within the database.
  - 3. The method of claim 1 further comprising:
    - generating, by the authenticating computing device, an answer to the challenge question before receiving the authentication request; and
      
      storing, by the authenticating computing device, the answer within the database.
  - 4. The method of claim 1 further comprising generating, by the authenticating computing device, the challenge question in response to the authentication request.
  - 5. The method of claim 1 further comprising generating, by the authenticating computing device, an answer to the challenge question in response to the authentication request.
  - 6. The method of claim 1 further comprising generating, by the authenticating computing device, the challenge question based on the transaction data from a predefined period of time, wherein the predefined period of time is defined by at least one of a level of security and ease of use for the candidate user.
  - 7. The method of claim 1 further comprising:
    - transmitting, by the authenticating computing device, the challenge question along with a correct answer to the host computing device, wherein the host computing device is configured to;
      
      display the challenge question to the candidate user,receive a candidate answer from the candidate user to the challenge question,compare the candidate answer to the correct answer, andauthenticate the candidate user as the authentic user by matching the candidate answer to the correct answer.

8. An authenticating computing device for use in authenticating a candidate user accessing a host computing device as an authentic user, the host computing device in communication with the authenticating computing device, the authenticating computing device comprising a memory and a processor coupled to the memory, the processor configured to:
- receive an authentication request for accessing secure data stored on the host computing device, the secure data not including transaction data;
  
  retrieve, from a database, the transaction data associated with the authentic user based on a user identifier;
  
  generate a challenge question and a correct answer to the challenge question based on the transaction data associated with the authentic user;
  
  generate a plurality of incorrect answers to the challenge question by comparison to the transaction data; and
  
  transmit the challenge question, the correct answer, and the plurality of incorrect answers to the host computing device without exposing the transaction data to the host computing device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The authenticating computing device of claim 8 further configured to:
    - generate the challenge question before receiving the authentication request; and
      
      store the challenge question within the database.
  - 10. The authenticating computing device of claim 8 further configured to:
    - generate an answer to the challenge question before receiving the authentication request; and
      
      store the answer within the database.
  - 11. The authenticating computing device of claim 8 further configured to generate the challenge question in response to the authentication request.
  - 12. The authenticating computing device of claim 8 further configured to generate an answer to the challenge question in response to the authentication request.
  - 13. The authenticating computing device of claim 8 further configured to generate the challenge question based on the transaction data from a predefined period of time, wherein the predefined period of time is defined by at least one of a level of security and ease of use for the candidate user.
  - 14. The authenticating computing device of claim 8 further configured to:
    - transmit the challenge question along with a correct answer to the host computing device, wherein the host computing device is configured to;
      
      display the challenge question to the candidate user,receive a candidate answer from the candidate user to the challenge question,compare the candidate answer to the correct answer, andauthenticate the candidate user as the authentic user by matching the candidate answer to the correct answer.

15. A non-transitory computer readable storage medium having computer-executable instructions for authenticating a candidate user accessing a host computing device as an authentic user embodied thereon, wherein, when executed by at least one processor, the computer-executable instructions cause the at least one processor to:
- receive an authentication request for accessing secure data stored on the host computing device, the secure data not including transaction data;
  
  retrieve, from a database, the transaction data associated with the authentic user based on a user identifier;
  
  generate a challenge question and a correct answer to the challenge question based on the transaction data associated with the authentic user;
  
  generate a plurality of incorrect answers to the challenge question by comparison to the transaction data; and
  
  transmit the challenge question, the correct answer, and the plurality of incorrect answers to the host computing device without exposing the transaction data to the host computing device.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-executable instructions of claim 15 further cause the processor to:
    - generate the challenge question before receiving the authentication request; and
      
      store the challenge question within the database.
  - 17. The computer-executable instructions of claim 15 further cause the processor to:
    - generate an answer to the challenge question before receiving the authentication request; and
      
      store the answer within the database.
  - 18. The computer-executable instructions of claim 15 further cause the processor to generate the challenge question in response to the authentication request.
  - 19. The computer-executable instructions of claim 15 further cause the processor to generate an answer to the challenge question in response to the authentication request.
  - 20. The computer-executable instructions of claim 15 further cause the processor to generate the challenge question based on the transaction data from a predefined period of time, wherein the predefined period of time is defined by at least one of a level of security and ease of use for the candidate user.
  - 21. The computer-executable instructions of claim 15 further cause the processor to:
    - transmit the challenge question along with a correct answer to the host computing device, wherein the host computing device is configured to;
      
      display the challenge question to the candidate user,receive a candidate answer from the candidate user to the challenge question,compare the candidate answer to the correct answer, andauthenticate the candidate user as the authentic user by matching the candidate answer to the correct answer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Ghosh, Debashis, Shuken, Randy
Primary Examiner(s)
Zhao, Don G

Application Number

US15/676,739
Publication Number

US 20170372316A1
Time in Patent Office

722 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 2221/2149   Restricted operating enviro...

G06Q 20/4014   Identity check for transact...

H04L 63/0876   based on the identity of th...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3226   using a predetermined code,...

H04L 9/3271   using challenge-response

H04L 9/3273   for mutual authentication n...

Methods and systems for leveraging transaction data to dynamically authenticate a user

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

63 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Methods and systems for leveraging transaction data to dynamically authenticate a user

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others