DYNAMIC TRUST MODEL FOR AUTHENTICATING A USER

US 20090199264A1
Filed: 01/31/2008
Published: 08/06/2009
Est. Priority Date: 01/31/2008
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user, comprising:

determining a trust level for the user, wherein the trust level is a function of elapsed time since the user previously provided authentication information;

calculating a transaction risk level based on a type of user transaction performed by the user; and

requesting additional authentication information from the user based on the trust level and the transaction risk level.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system that that dynamically authenticates one or more users is described. During operation, the computer system determines a trust level for a user, where the trust level is a function of elapsed time since the user previously provided authentication information. Next, the computer system calculates a transaction risk level based on a type of user transaction performed by the user. Then, the computer system requests additional authentication information from the user based on the trust level and the transaction risk level.

Citations

20 Claims

1. A method for authenticating a user, comprising:
- determining a trust level for the user, wherein the trust level is a function of elapsed time since the user previously provided authentication information;
  
  calculating a transaction risk level based on a type of user transaction performed by the user; and
  
  requesting additional authentication information from the user based on the trust level and the transaction risk level.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the additional authentication information is requested when the transaction risk level exceeds the trust level.
  - 3. The method of claim 1, wherein the trust level decreases as a function of elapsed time.
  - 4. The method of claim 3, wherein a rate of decrease of the trust level is based on characteristics of the authentication information the user previously provided.
  - 5. The method of claim 4, wherein a magnitude of the rate of decrease is greater than a pre-determined value if the authentication information includes a user identifier.
  - 6. The method of claim 5, wherein the user identifier includes a password and/or a username.
  - 7. The method of claim 4, wherein a magnitude of the rate of decrease is smaller than a pre-determined value if the authentication information includes a physical token.
  - 8. The method of claim 3, wherein a rate of decrease of the trust level is based on a user location.
  - 9. The method of claim 8, wherein the user location is determined based on a network address.
  - 10. The method of claim 8, wherein a magnitude of the rate of decrease is increased if the user location is different than during a previous user transaction.
  - 11. The method of claim 3, wherein the rate of decrease of the trust level is based on a security threat that affects multiple users.
  - 12. The method of claim 11, wherein the security threat includes an attempted ‘
    - phishing’
      
      attack on account information associated with at least one of the multiple users.
  - 13. The method of claim 1, wherein the trust level is increased when the user provides the additional authentication information.
  - 14. The method of claim 13, wherein the increase in the trust level is less than a pre-determined value if the authentication information includes a user identifier.
  - 15. The method of claim 14, wherein the user identifier includes a password and/or a username.
  - 16. The method of claim 13, wherein the increase in the trust level is greater than a pre-determined value if the authentication information includes a physical token.
  - 17. The method of claim 1, further comprising terminating a user session if the trust level is less than a pre-determined threshold.
  - 18. The method of claim 1, wherein the transaction risk level is based on a user-account history.

19. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer-readable storage medium and a computer-program mechanism embedded therein for configuring the computer system, the computer-program mechanism including:
- instructions for determining a trust level for a user, wherein the trust level is a function of elapsed time since the user previously provided authentication information;
  
  instructions for calculating a transaction risk level based on a type of user transaction performed by the user; and
  
  instructions for requesting additional authentication information from the user based on the comparison of the trust level and the transaction risk level.

20. A computer system, comprising:
- a processor;
  
  memory;
  
  a program module, wherein the program module is stored in the memory and configured to be executed by the processor, the program module including;
  
  instructions for determining a trust level for a user, wherein the trust level is a function of elapsed time since the user previously provided authentication information;
  
  instructions for calculating a transaction risk level based on a type of user transaction performed by the user; and
  
  instructions for requesting additional authentication information from the user based on the comparison of the trust level and the transaction risk level.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Lang, David E.

Granted Patent

US 8,635,662 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/57   Certifying or maintaining t...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2151   Time stamp

DYNAMIC TRUST MODEL FOR AUTHENTICATING A USER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DYNAMIC TRUST MODEL FOR AUTHENTICATING A USER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links