Enhanced security authentication system
First Claim
1. A method, comprising:
- authenticating transactions of a user across multiple interaction channels using an authentication service executing on a computer system, the authentication service;
receiving a first transaction over a first interaction channel, wherein the first interaction channel is one of the multiple interaction channels;
determining a numeric risk score for the first transaction based on a number of contextual risk factors;
determining a first authentication scheme from a number of authentication schemes for authenticating an identity of the user within a first authentication context, wherein the first authentication scheme is determined based on the first interaction channel and the numeric risk score;
using the first authentication scheme to authenticate the identity of the user within the first authentication context;
in response to successfully authenticating the identity of the user within the first authentication context, determining whether the first transaction is a permitted transaction based on an assurance level associated with the first authentication context;
in response to determining that the first transaction is the permitted transaction, authenticating the first transaction;
receiving a second transaction over a second interaction channel, wherein;
the second interaction channel is one of the multiple interaction channels; and
the second interaction channel is different than the first interaction channels; and
using a second authentication scheme to authenticate the user within a second authentication context different than the first authentication context, wherein the second authentication scheme is a same authentication scheme as the first authentication scheme.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, a computer system, and a computer program product for authenticating a transaction are provided. An authentication system receives the transaction over a particular channel of a plurality of support channels. A risk score is determined for the transaction based on a number of contextual risk factors. An authentication scheme is determined from a number of authentication schemes for authenticating an identity of the user within an authentication context. The authentication scheme is determined based on the particular channel and the risk score. In response to successfully authenticating the identity of the user within the authentication context, the authentication system determines whether the transaction is a permitted transaction based on an assurance level associated with the authentication context. In response to determining that the transaction is the permitted transaction, the transaction is authenticated.
-
Citations
36 Claims
-
1. A method, comprising:
authenticating transactions of a user across multiple interaction channels using an authentication service executing on a computer system, the authentication service; receiving a first transaction over a first interaction channel, wherein the first interaction channel is one of the multiple interaction channels; determining a numeric risk score for the first transaction based on a number of contextual risk factors; determining a first authentication scheme from a number of authentication schemes for authenticating an identity of the user within a first authentication context, wherein the first authentication scheme is determined based on the first interaction channel and the numeric risk score; using the first authentication scheme to authenticate the identity of the user within the first authentication context; in response to successfully authenticating the identity of the user within the first authentication context, determining whether the first transaction is a permitted transaction based on an assurance level associated with the first authentication context; in response to determining that the first transaction is the permitted transaction, authenticating the first transaction; receiving a second transaction over a second interaction channel, wherein; the second interaction channel is one of the multiple interaction channels; and the second interaction channel is different than the first interaction channels; and using a second authentication scheme to authenticate the user within a second authentication context different than the first authentication context, wherein the second authentication scheme is a same authentication scheme as the first authentication scheme. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. A computer system comprising:
-
a hardware processor; and an authentication system in communication with the hardware processor, the authentication system consistently authenticating a user across multiple interaction channels by; a first authentication for a first interaction channel for the user performed by; receiving a first transaction over the first interaction channel, wherein the first interaction channel is one of the multiple interaction channels; determining a risk score for the first transaction based on a number of contextual risk factors; determining an authentication scheme from a number of authentication schemes for authenticating an identity of the user within a first authentication context, wherein the authentication scheme is determined based on the first interaction channel and the risk score; using the authentication scheme to authenticate the identity of the user within the first authentication context; in response to successfully authenticating the identity of the user within the first authentication context, determining whether the first transaction is a permitted transaction based on an assurance level associated with the first authentication context, wherein the assurance level is a classification of a certainty of identity that is selected based on the first authentication context; and in response to determining that the first transaction is the permitted transaction, authenticating the first transaction; and a second authentication for a second interaction channel for the user performed by; receiving a second transaction over the second interaction channel, wherein; the second interaction channel is one of the multiple interaction channels; and the second interaction channel is different than the first interaction channel; and using the authentication scheme to authenticate the identity of the user within a second authentication context different than the first authentication context. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer program product comprising:
-
a computer readable storage medium having instructions stored thereon for reliably authenticating a user across multiple interaction channels, the instructions comprising; first program code for receiving a first transaction over a first interaction channel, wherein the first interaction channel is one of the multiple interaction channels; second program code for determining a risk score for the first transaction based on a number of contextual risk factors, wherein the risk score is a numeric score within a predefined range; third program code for determining a first authentication scheme from a number of authentication schemes for authenticating an identity of the user within a first authentication context, wherein the first authentication scheme is determined based on the first interaction channel and the risk score; fourth program code for using the first authentication scheme to authenticate the identity of the user within the first authentication context; fifth program code for determining, in response to successfully authenticating the identity of the user within the first authentication context, whether the first transaction is a permitted transaction based on an assurance level associated with the first authentication context; sixth program code for authenticating the first transaction in response to determining that the first transaction is the permitted transaction; seventh program code for receiving a second transaction over a second interaction channel, wherein; the second interaction channel is one of the multiple interaction channels; and the second interaction channel is different than the first interaction channel; and eighth program code for using a second authentication scheme to authenticate the user within a second authentication context different than the first authentication context, wherein the second authentication scheme is a same authentication scheme as the first authentication scheme. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification