Method, system and program product for authenticating a user seeking to perform an electronic service request
First Claim
1. A method for authenticating a user seeking to perform at least one electronic service request, said method comprising the steps of:
- verifying user identity data received from a user requesting at least one electronic service;
identifying a risk level for said at least one electronic service requested by said user, said risk level identified being based on a set of user profile data associated with said user;
issuing to said user, using a customer relationship management system, at least one challenge corresponding to said risk level identified for said at least one electronic service requested; and
authorizing said at least one electronic service requested only if a correct response is received to said at least one challenge issued.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system and program product for authenticating a user seeking to perform an electronic service request is provided. The method includes verifying user identity data received from a user requesting an electronic service, detecting whether or not any variances are found based on the set of user profile data associated with the user seeking to perform the electronic service requested, identifying the risk level for the electronic service based on whether or not any variances are found and any characteristics thereof, if any variances are found, applying one or more business policies or rules for handling any variances that are found. The method further includes issuing to the user, using a customer relationship management system, a challenge corresponding to the risk level identified for the electronic service requested, and authorizing the user to perform the electronic service requested only if a correct response is received to the challenge issued.
-
Citations
26 Claims
-
1. A method for authenticating a user seeking to perform at least one electronic service request, said method comprising the steps of:
-
verifying user identity data received from a user requesting at least one electronic service; identifying a risk level for said at least one electronic service requested by said user, said risk level identified being based on a set of user profile data associated with said user; issuing to said user, using a customer relationship management system, at least one challenge corresponding to said risk level identified for said at least one electronic service requested; and authorizing said at least one electronic service requested only if a correct response is received to said at least one challenge issued. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for authorizing a user to execute one or more electronic service requests, comprising:
-
an authentication module configured to authenticate user identity data received from a user seeking access to a host for executing one or more electronic service requests, said authentication module being configured to grant access to said host upon authentication of said user identity data; and a fraud detection module configured to monitor each electronic service request of said one or more electronic service requests received from said user having access granted to said host, said fraud detection module being configured to identify a risk level for said each electronic service request received from said user and to generate a challenge for said each electronic service request received from said user, said challenge corresponding to said risk level identified and corresponding to any associated business policies that may apply, such that said challenge generated is issued to said user by said authentication module, which authorizes said user to perform said each electronic service request if a correct response is received to said challenge issued. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer program product for authenticating a user, said computer program product comprising:
-
a computer readable medium; first program instructions to authenticate user identity data received from a user requesting an electronic service, said first program instructions including instructions to authorize said user upon authentication of said user identity data; second program instructions to track a set of user data profile associated with said user and to identify a risk level for said electronic service requested, said risk level being based on said set of user profile data associated with said user; third program instructions to issue a challenge to said user, said challenge corresponding to said risk level identified for said electronic service requested, said challenge being selected from either a static challenge group or a dynamic challenge group according to a business policy associated with said risk level identified, such that said user is authorized to conduct said electronic service if a correct response is received to said challenge issued for said electronic service; and
wherein said first, second and third program instructions are stored on said computer readable medium. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A process for deploying computing infrastructure comprising integrating computer-readable code into a computing system, wherein said code in combination with said computing system is capable of performing a process for authenticating a user seeking access to a server for executing at least one electronic service, said process comprising:
-
authenticating user identity data received from a user seeking access to a host server to execute at least one electronic service; receiving a request from said user for said at least one electronic service; issuing to said user at least a first challenge corresponding to said at least one electronic service request received, said at least first challenge being selected from either a user-preset challenge group or a customer relationship management challenge group; and authorizing said at least one electronic service request if a correct response is received to said at least first challenge issued. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification