Authentication System and Method
0 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the invention relate to a customer authentication system for authenticating a customer making a request related to a customer account. The customer authentication system may include multiple application level data receiving and processing mechanisms for receiving customer requests and collecting customer data. The customer authentication system may additionally include a central authentication system for receiving the customer requests and customer data from the multiple application level data receiving and processing mechanisms, the central authentication system determining, based on authentication policy, whether the collected customer data is sufficient to authenticate each customer in order to fulfill the customer request. The central authentication system may return its conclusions and instructions to the multiple application level data receiving and processing mechanisms. The customer authentication system may additionally include a fraud policy system for centrally managing authentication policy implemented by the central authentication system.
230 Citations
47 Claims
-
1-10. -10. (canceled)
-
11. An authentication computing system for providing authentication of a customer of a financial institution making a request related to a customer account of the financial institution from a receiving application through any one of multiple channels, the authentication computing system comprising:
-
at least one computer processor executing multiple receiving applications for receiving customer requests and collecting customer data, the customer requests received through multiple channels coupled to the at least one computer processor; a central authentication computing system including computer processing components programmed for performing operations including; receiving the request and customer data from the receiving applications at an authentication engine; accessing an information source containing data pertaining to customer activity with respect to the account, determining a level of risk associated with the customer, and communicating the risk level from a risk assessment engine to the authentication engine; providing authentication criteria from a policy rule engine to the authentication engine for authentication of the customer; and determining, through the authentication engine, whether the customer is sufficiently authenticated based on the risk level provided by the risk assessment engine and the authentication criteria provided by the policy rule engine, the central authentication computing system determining partly based on the receiving applications. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 30, 31, 32, 33, 34, 35, 36, 37, 38, 40)
-
-
20-28. -28. (canceled)
-
29. A customer authentication computing system for authenticating a customer of a financial institution making a request related to a customer account with the financial institution, the customer authentication computing system comprising:
-
at least one computer processor executing multiple applications for receiving customer requests and collecting customer data, said multiple applications receiving data from customer requests over a multiple channels, thereby providing multiple inputs for requests to the financial institution; a central authentication computing system for receiving the customer requests and customer data, the central authentication computing system determining, based on authentication policy, whether the collected customer data is sufficient to authenticate each customer in order to fulfill the customer request, the central authentication computing system returning conclusions to the multiple applications, the central authentication computing system comprising computer processing components programmed to perform operations including; receiving the customer requests and customer data from the multiple applications at an authentication engine; accessing a customer profile containing data pertaining to customer activity with respect to the customer account; determining a level of risk associated with the customer based on at least the customer activity conducted over the multiple channels at the multiple applications; communicating the risk level from a risk assessment engine to the authentication engine; providing authentication criteria from a policy rule engine to the authentication engine for authentication of the customer; and determining, through the authentication engine, whether the customer is sufficiently authenticated based on the risk level provided by the risk assessment engine and the authentication criteria provided by the policy rule engine; and a fraud policy computing system, the fraud policy computing system using at least one processor to for centrally manage at least one authentication policy implemented by the central authentication computing system. - View Dependent Claims (39, 41, 42, 43, 44, 45, 46, 47)
-
Specification