Method, system and program product for authenticating a user seeking to perform an electronic service request

US 20080066165A1
Filed: 09/12/2006
Published: 03/13/2008
Est. Priority Date: 09/12/2006
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user seeking to perform at least one electronic service request, said method comprising the steps of:

verifying user identity data received from a user requesting at least one electronic service;

identifying a risk level for said at least one electronic service requested by said user, said risk level identified being based on a set of user profile data associated with said user;

issuing to said user, using a customer relationship management system, at least one challenge corresponding to said risk level identified for said at least one electronic service requested; and

authorizing said at least one electronic service requested only if a correct response is received to said at least one challenge issued.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system and program product for authenticating a user seeking to perform an electronic service request is provided. The method includes verifying user identity data received from a user requesting an electronic service, detecting whether or not any variances are found based on the set of user profile data associated with the user seeking to perform the electronic service requested, identifying the risk level for the electronic service based on whether or not any variances are found and any characteristics thereof, if any variances are found, applying one or more business policies or rules for handling any variances that are found. The method further includes issuing to the user, using a customer relationship management system, a challenge corresponding to the risk level identified for the electronic service requested, and authorizing the user to perform the electronic service requested only if a correct response is received to the challenge issued.

Citations

26 Claims

1. A method for authenticating a user seeking to perform at least one electronic service request, said method comprising the steps of:
- verifying user identity data received from a user requesting at least one electronic service;
  
  identifying a risk level for said at least one electronic service requested by said user, said risk level identified being based on a set of user profile data associated with said user;
  
  issuing to said user, using a customer relationship management system, at least one challenge corresponding to said risk level identified for said at least one electronic service requested; and
  
  authorizing said at least one electronic service requested only if a correct response is received to said at least one challenge issued.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising the steps of:
    - monitoring any additional electronic service requested by said user;
      
      issuing to said user another challenge based on said any additional electronic service requested, said another challenge corresponding to a risk level identified for said any additional electronic service requested; and
      
      authorizing said user to conduct said any additional electronic service requested only if a correct response is received to said another challenge.
  - 3. The method according to claim 1, wherein said verifying step comprises the steps of:
    - receiving said user identity data comprising a username and a password; and
      
      authenticating said user identity data received using an authentication engine.
  - 4. The method according to claim 3, wherein said identifying step further comprises the steps of:
    - detecting whether or not any variances are found based on said set of user profile data associated with said user seeking to perform said at least one electronic service requested; and
      
      identifying said risk level for said at least one electronic service based on whether or not said any variances are found and any characteristics thereof.
  - 5. The method according to claim 4, wherein said detecting step further comprises the step of:
    - if said any variances are found, applying, using a business rules engine, one or more rules for handling said any variances that are found, such that said at least first challenge issued corresponds to said risk level identified for said at least one electronic service requested.
  - 6. The method according to claim 5, wherein each of said at least one challenge issued and said another challenge issued comprises at least one of:
    - a static challenge and a dynamic challenge.
  - 7. The method according to claim 6, wherein said static challenge is a challenge that is predetermined by said user;
    - and wherein said dynamic challenge is a challenge generated by said customer relationship management system.
  - 8. The method according to claim 7, wherein said static challenge corresponds to a relatively low risk level identified for said at least one electronic service requested;
    - and wherein said dynamic challenge corresponds to a relatively high risk level identified for said at least one electronic service requested.

9. A system for authorizing a user to execute one or more electronic service requests, comprising:
- an authentication module configured to authenticate user identity data received from a user seeking access to a host for executing one or more electronic service requests, said authentication module being configured to grant access to said host upon authentication of said user identity data; and
  
  a fraud detection module configured to monitor each electronic service request of said one or more electronic service requests received from said user having access granted to said host, said fraud detection module being configured to identify a risk level for said each electronic service request received from said user and to generate a challenge for said each electronic service request received from said user, said challenge corresponding to said risk level identified and corresponding to any associated business policies that may apply, such that said challenge generated is issued to said user by said authentication module, which authorizes said user to perform said each electronic service request if a correct response is received to said challenge issued.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The system according to claim 9, wherein said challenge issued is chosen from a challenge group comprising at least one of:
    - a user-preset challenge group and a customer relationship management challenge group;
      
      wherein said user-preset challenge group comprises of one or more challenges that are preset by said user; and
      
      wherein said customer relationship management challenge group comprises of one or more challenges that are generated using a customer relationship management system.
  - 11. The system according to claim 10, wherein as said risk level identified for said each electronic service requested increases, a level of strength of any resulting authorization associated with said challenge issued to said user for said each electronic service request received increases.
  - 12. The method according to claim 11, wherein said challenge chosen from said user-preset challenge group corresponds to a relatively low risk level identified for said each electronic service;
    - and wherein said challenge chosen from said customer relationship management challenge group corresponds to a relatively high risk level identified for said each electronic service.
  - 13. The system according to claim 12, wherein said fraud detection module is further configured to track a set of user data profile associated with said user and to generate said challenge for said each electronic service request received from said user based on said user data profile associated with said user;
    - and wherein said fraud detection module is further configured to detect whether or not any variances exist, using said set of user profile data associated with said user and to identify said risk level for said each electronic service request received from said user taking into account whether or not said any variances exist.
  - 14. The system according to claim 13, wherein said authentication module further comprises:
    - a policy module configured to apply one or more business policies for handling said risk level associated with said any variances detected.

15. A computer program product for authenticating a user, said computer program product comprising:
- a computer readable medium;
  
  first program instructions to authenticate user identity data received from a user requesting an electronic service, said first program instructions including instructions to authorize said user upon authentication of said user identity data;
  
  second program instructions to track a set of user data profile associated with said user and to identify a risk level for said electronic service requested, said risk level being based on said set of user profile data associated with said user;
  
  third program instructions to issue a challenge to said user, said challenge corresponding to said risk level identified for said electronic service requested, said challenge being selected from either a static challenge group or a dynamic challenge group according to a business policy associated with said risk level identified, such that said user is authorized to conduct said electronic service if a correct response is received to said challenge issued for said electronic service; and
  
  wherein said first, second and third program instructions are stored on said computer readable medium.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product according to claim 15, wherein said first program instructions include instructions to receive said user identity data comprising a username and a password and to authenticate said user identity data.
  - 17. The computer program product according to claim 16, wherein said second program instructions include instructions to detect, using said set of user profile data associated with said user, whether or not any variances exist and to identify said risk level for said electronic service requested by said user taking into account whether or not said any variances exist and any characteristics thereof.
  - 18. The computer program product according to claim 17, wherein if said any variances exist, said second program instructions include instructions to apply one or more business policies for handling said any variances that are found, such that said challenge issued to said user corresponds to said risk level identified for said electronic service requested.
  - 19. The computer program product according to claim 18, wherein said static challenge group comprises of one or more static challenges that are preset by said user;
    - and wherein said dynamic challenge group comprises of one or more dynamic challenges that are generated using a customer relationship management system.
  - 20. The computer program product according to claim 19, wherein each of said one or more static challenges corresponds to a relatively low risk level identified for said electronic service;
    - and wherein each of said one or more dynamic challenges corresponds to a relatively high risk level identified for said at least one electronic service.

21. A process for deploying computing infrastructure comprising integrating computer-readable code into a computing system, wherein said code in combination with said computing system is capable of performing a process for authenticating a user seeking access to a server for executing at least one electronic service, said process comprising:
- authenticating user identity data received from a user seeking access to a host server to execute at least one electronic service;
  
  receiving a request from said user for said at least one electronic service;
  
  issuing to said user at least a first challenge corresponding to said at least one electronic service request received, said at least first challenge being selected from either a user-preset challenge group or a customer relationship management challenge group; and
  
  authorizing said at least one electronic service request if a correct response is received to said at least first challenge issued.
- View Dependent Claims (22, 23, 24, 25, 26)
- - 22. The process according to claim 21, wherein said issuing step further comprises the steps of:
    - checking a set of user profile data associated with said user;
      
      detecting whether or not any variances are found based on said set of user profile data associated with said user; and
      
      identifying a risk level for said at least one electronic service request received based on whether or not said any variances are found.
  - 23. The process according to claim 22, wherein said detecting step further comprises the step of:
    - if said any variances are found, applying, using a business policies engine, one or more policies for handling said any variances that are found, such that said at least first challenge issued corresponds to said risk level identified for said at least one electronic service request received in light of said any variances found.
  - 24. The process according to claim 23, wherein said user-preset challenge group comprises of one or more static challenges that are preset by said user;
    - and wherein said customer relationship management challenge group comprises of one or more dynamic challenges that are generated using a customer relationship management system.
  - 25. The process according to claim 24, wherein as said risk level identified for said at least one electronic service request received increases, a level of complexity associated with said challenge issued to said user for said at least one electronic service request received increases.
  - 26. The process according to claim 25, wherein each of said static challenges corresponds to a relatively low risk level identified for said at least one electronic service request received;
    - and wherein each of said dynamic challenge corresponds to a relatively high risk level identified for said at least one electronic service request received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated (Kyndryl Holdings, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Rosenoer, Jonathan M. C.

Granted Patent

US 8,424,061 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 16/258   Data format conversion from...

G06F 21/40   by quorum, i.e. whereby two...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/205   involving negotiation or de...

H04L 9/3226   using a predetermined code,...

H04L 9/3271   using challenge-response

Method, system and program product for authenticating a user seeking to perform an electronic service request

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system and program product for authenticating a user seeking to perform an electronic service request

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links