Multi-Factor Authorization System and Method
First Claim
1. A method for authenticating the identity of a party to a transaction being executed over wired or wireless networks, using a personal device, comprising the steps ofreceiving, over a network, a message to initiate one of a plurality of transactions,identifying at least one indicia of the device transmitting the message,identifying the type of transaction, where at least one of the plurality of transactions requires further authentication and at least another one of the plurality of transactions does not,applying a set of rules appropriate to the transaction,for transactions requiring further authentication, comparing the party'"'"'s response to predetermined acceptable responses, andaccepting or rejecting the transaction request depending upon the outcome of the comparison.
2 Assignments
0 Petitions
Accused Products
Abstract
Method and system for authenticating the identity of a party to a transaction being executing over wired or wireless networks, using a personal device. A transaction system is adapted to receive messages over a network from a connected device, where the messages are intended to initiate a transaction. The system comprises authentication rules and an associated engine for identifying the type of transaction and, for each type of transaction, whether MFA is required. If so, the necessary MFA attributes are requested, thus permitting completion of the transaction in a comparatively secure manner and also permitting management of the accounts associated with the party.
-
Citations
2 Claims
-
1. A method for authenticating the identity of a party to a transaction being executed over wired or wireless networks, using a personal device, comprising the steps of
receiving, over a network, a message to initiate one of a plurality of transactions, identifying at least one indicia of the device transmitting the message, identifying the type of transaction, where at least one of the plurality of transactions requires further authentication and at least another one of the plurality of transactions does not, applying a set of rules appropriate to the transaction, for transactions requiring further authentication, comparing the party'"'"'s response to predetermined acceptable responses, and accepting or rejecting the transaction request depending upon the outcome of the comparison.
-
2. A system for authenticating the identity of a party to a transaction comprising
a transaction engine for receiving messages requesting that a transaction be initiated, and identifying the type of transaction being requested, at least one repository for storing sets of rules for authenticating a party depending upon the type of transaction requested, and a rules engine for identifying a set of rules applicable to the requested transaction and applying the applicable rules.
Specification