Method and apparatus of providing enhanced authentication and security for financial institution transactions
First Claim
1. A method of authenticating a user transaction, the method comprising:
- receiving, via an authenticating computing device, first user authentication information of a first type from a user during the user transaction;
receiving, via a receiver of an authenticating computing device, and from a mobile device of the user, second user authentication information, of a second type different than the first type, during the user transaction;
confirming, via a processor, the second user authentication information is correct;
performing at least one of triangulation and global positioning via communication with a base station communicating with the mobile device to determine a current location of the mobile device;
comparing the location of the mobile device to a known location of an entity associated with the user transaction;
identifying a plurality of location positions of the mobile device prior to the user transaction;
logging the plurality of location positions of the mobile device by periodically updating location information of the mobile device in a location database over a predetermined amount of time prior to the user transaction;
comparing the plurality of location positions of the mobile device to the known location of the entity associated with the user transaction;
performing, via the authenticating computing device, a first authentication of the user transaction based on the first user authentication information; and
performing, via the authenticating computing device, a second authentication of the user transaction based on the second user authentication information, wherein the second user authentication information includes information identifying a current location of the mobile device with respect to at least one of the plurality of location positions, wherein,in response to the first authentication being successful and the second authentication indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a first level of access granted to the user for the user transaction, andin response to the first authentication being successful and the second authentication not indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a second level of access, less than the first level of access, is granted to the user for the user transaction.
6 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments of the present invention may include a method and apparatus configured to authenticate a user transaction (e.g., point-of-sale, ATM transactions, etc.). One example method may include receiving user authentication information during the user transaction and confirming the user authentication information is correct. The method may also include determining a current user location by a location associated with the user'"'"'s mobile device, and comparing the current user location to a known location of an entity associated with the user transaction. The method may also include authenticating the transaction if the current user location is within a predetermined distance of the known location of the entity associated with the user transaction.
-
Citations
20 Claims
-
1. A method of authenticating a user transaction, the method comprising:
-
receiving, via an authenticating computing device, first user authentication information of a first type from a user during the user transaction; receiving, via a receiver of an authenticating computing device, and from a mobile device of the user, second user authentication information, of a second type different than the first type, during the user transaction; confirming, via a processor, the second user authentication information is correct; performing at least one of triangulation and global positioning via communication with a base station communicating with the mobile device to determine a current location of the mobile device; comparing the location of the mobile device to a known location of an entity associated with the user transaction; identifying a plurality of location positions of the mobile device prior to the user transaction; logging the plurality of location positions of the mobile device by periodically updating location information of the mobile device in a location database over a predetermined amount of time prior to the user transaction; comparing the plurality of location positions of the mobile device to the known location of the entity associated with the user transaction; performing, via the authenticating computing device, a first authentication of the user transaction based on the first user authentication information; and performing, via the authenticating computing device, a second authentication of the user transaction based on the second user authentication information, wherein the second user authentication information includes information identifying a current location of the mobile device with respect to at least one of the plurality of location positions, wherein, in response to the first authentication being successful and the second authentication indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a first level of access granted to the user for the user transaction, and in response to the first authentication being successful and the second authentication not indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a second level of access, less than the first level of access, is granted to the user for the user transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus configured to authenticate a user transaction, the apparatus comprising:
-
a receiver configured to receive, during a user transaction, both first user authentication information of a first type from a user, and second user authentication information, of a second type different than the first type, from a mobile device associated with the user; and a processor configured to; confirm the second user authentication information is correct, perform at least one of triangulation and global positioning via communication with a base station communicating with the mobile device to determine a current location of the mobile device, compare the location of the mobile device to a known location of an entity associated with the user transaction, identify a plurality of location positions of the mobile device prior to the user transaction, log the plurality of location positions of the mobile device by periodically updating location information of the mobile device in a location database over a predetermined amount of time prior to the user transaction, compare the plurality of location positions of the mobile device to the known location of the entity associated with the user transaction, perform a first authentication of the user transaction based on the first user authentication information; and perform a second authentication of the user transaction based on the second user authentication information, wherein the second user authentication information includes information identifying a current location of the mobile device with respect to at least one of the plurality of location positions, wherein, in response to the first authentication being successful and the second authentication indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely control a first level of access granted to the user for the user transaction, and in response to the first authentication being successful and the second authentication not indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely control a second level of access, less than the first level of access, is granted to the user for the user transaction. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium configured to store instructions that when executed by a processor cause the processor to perform authenticating a user transaction, the processor being further configured to perform:
-
receiving first user authentication information of a first type from a user during the user transaction; receiving second user authentication, of a second type different than the first type, during the user transaction; confirming the second user authentication information is correct; performing at least one of triangulation and global positioning via communication with a base station communicating with the mobile device to determine a current location of the mobile device; comparing the location of the mobile device to a known location of an entity associated with the user transaction; identifying a plurality of location positions of the mobile device prior to the user transaction; logging the plurality of location positions of the mobile device by periodically updating location information of the mobile device in a location database over a predetermined amount of time prior to the user transaction; comparing the plurality of location positions of the mobile device to the known location of the entity associated with the user transaction; performing, via the authenticating computing device, a first authentication of the user transaction based on the first user authentication information; and performing, via the authenticating computing device, a second authentication of the user transaction based on the second user authentication information, wherein the second user authentication information includes information identifying a current location of the mobile device with respect to at least one of the plurality of location positions, wherein, in response to the first authentication being successful and the second authentication indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a first level of access granted to the user for the user transaction, and in response to the first authentication being successful and the second authentication not indicating that the at least one of the plurality of location positions of mobile device are within a predetermined distance of the known location of the entity associated with the user transaction, then remotely controlling a second level of access, less than the first level of access, is granted to the user for the user transaction. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification