Social Authentication for Account Recovery
First Claim
1. A method, comprising:
- receiving a request from a trustee for an account recovery code, wherein the account recovery code is used by an account holder to obtain access to an account;
transmitting a verification form to the trustee for authentication;
receiving the verification form from the trustee after the verification form is completed by the trustee;
transmitting a code to authenticate the trustee to a pre-identified contact destination;
receiving the code from the trustee to authenticate the trustee;
transmitting a query to the trustee;
receiving a response to the query from the trustee;
determining a probability that the trustee is operating on behalf of the account holder; and
determining whether to send the account recovery code to the trustee based at least in part on the determining of the probability.
2 Assignments
0 Petitions
Accused Products
Abstract
A backup account recovery authentication of last resort using social authentication is described. The account holder requests trustees who have been previously identified to obtain an account recovery code. The account recovery system sends a communication to the trustee for information to verify the trustee as one of the previously identified trustees. The account recovery system then may transmit a link and code with instructions for the trustee to return the link. The account recovery system then transmits a situational query to the trustee to provide additional security. Finally, if all the communications have been completed for the required level of security, the account recovery code is transmitted to the trustee. The trustee sends the account recovery code to the account holder for access to an account.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving a request from a trustee for an account recovery code, wherein the account recovery code is used by an account holder to obtain access to an account; transmitting a verification form to the trustee for authentication; receiving the verification form from the trustee after the verification form is completed by the trustee; transmitting a code to authenticate the trustee to a pre-identified contact destination; receiving the code from the trustee to authenticate the trustee; transmitting a query to the trustee; receiving a response to the query from the trustee; determining a probability that the trustee is operating on behalf of the account holder; and determining whether to send the account recovery code to the trustee based at least in part on the determining of the probability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 13)
-
-
9. A method, comprising:
-
receiving a request from a trustee for an account recovery code; transmitting a verification form to the trustee for authentication; receiving the verification form from the trustee after the verification form is completed by the trustee; identifying the trustee by comparing the verification form as completed by the trustee with information stored in a database; transmitting a code to authenticate the trustee to a pre-identified contact destination; receiving the code from the trustee to authenticate the trustee; transmitting a query to the trustee; receiving a response to the query from the trustee; and transmitting the account recovery code to the trustee for delivery to the account holder. - View Dependent Claims (10, 11, 12)
-
-
14. One or more computer-readable media comprising computer-executable instructions that, when executed, perform the method, comprising:
-
receiving a request from a trustee for an account recovery code, wherein the account recovery code is used by an account holder to obtain access to an account; transmitting a verification form to the trustee for authentication; receiving the verification form from the trustee after the verification form is completed by the trustee; transmitting a code to authenticate the trustee to a pre-identified contact destination; receiving the code from the trustee to authenticate the trustee; transmitting a query to the trustee; receiving a response to the query from the trustee; sending a warning message to the trustee to enhance security based at least in part on responses provided on the verification form, wherein the warning message is dynamically updated to respond to ongoing security threats;
wherein the warning message is configured to provide the trustee with information to assist at least in part in determining whether or not to proceed with the acquisition of the account recovery code, and further wherein the trustee contacts the account holder to confirm the request with the account holder to further assist in determining whether or not to proceed with the acquisition of the account recovery code. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification