Dynamic user authentication
First Claim
1. A method of authenticating a users ability to carry out a transaction, the method including the steps of:
- a user initiating an authentication request in order to carry out a secure transaction;
dynamically collecting and assessing a plurality of confidence parameters, said confidence parameters reflecting factors related to the security of the Transaction context; and
dynamically maintaining a confidence level based on the plurality of confidence parameters whereby if the confidence level drops below a predetermined confidence threshold, the transaction is not authenticated and if the confidence level exceeds a predetermined confidence threshold, the transaction is authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a method of authenticating a users ability to carry out a transaction. The method includes the steps of:
a user initiating an authentication request in order to carry out a secure transaction;
dynamically collecting and assessing a plurality of confidence parameters, said confidence parameters reflecting factors related to the security of the transaction context; and
dynamically maintaining a confidence level based on the plurality of confidence parameters whereby if the confidence level drops below a predetermined confidence threshold, the transaction is not authenticated and if the confidence level exceeds a predetermined confidence threshold, the transaction is authenticated.
Confidence parameters may include factors such as binary login processes, the location of the user, collocation of multiple users and other factors of the transaction context which might affect the security of the transaction. The invention may be applied to the authentication of financial transactions and verifying the identity of a user in other security sensitive contexts. The invention also provides for a system for carrying out the invention.
215 Citations
15 Claims
-
1. A method of authenticating a users ability to carry out a transaction, the method including the steps of:
-
a user initiating an authentication request in order to carry out a secure transaction;
dynamically collecting and assessing a plurality of confidence parameters, said confidence parameters reflecting factors related to the security of the Transaction context; and
dynamically maintaining a confidence level based on the plurality of confidence parameters whereby if the confidence level drops below a predetermined confidence threshold, the transaction is not authenticated and if the confidence level exceeds a predetermined confidence threshold, the transaction is authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for dynamically authenticating a transaction including:
a confidence engine adapted to;
dynamically maintain at least one confidence level by monitoring a plurality of confidence parameters, the confidence level reflecting the security of the Transaction context;
ii. compare the derived confidence level with a predetermined confidence threshold, the confidence threshold reflecting the security required to perform the transaction;
iii. when the confidence level is below the confidence threshold, requesting new confidence parameters or varying existing confidence parameters; and
iv when the confidence level is above the confidence threshold, authenticating the transaction; and
v. a plurality of authentication means adapted to dynamically provide, to the confidence engine, confidence parameters relating to the security of the transaction context. - View Dependent Claims (13, 14, 15)
Specification