Multi-Factor Identity Fingerprinting with User Behavior

US 20130054433A1
Filed: 09/09/2011
Published: 02/28/2013
Est. Priority Date: 08/25/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method to generate an identity fingerprint, the method comprising:

maintaining a data store of records, the records relating to historical activities by a plurality of users and the records having been aggregated according to a behavioral correlation model;

receiving an identity fingerprint request to generate an identity fingerprint for a user, the request comprising indicia of the user'"'"'s activity;

retrieving at least one record from the data store corresponding to the indicia of the user'"'"'s activity in the identity fingerprint request;

generating an identity fingerprint from the at least one retrieved record; and

serving the generated identity fingerprint responsive to the received identity fingerprint request.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Multi-factor identity fingerprinting with user behavior is disclosed. A user'"'"'s interactions with one or more parties are tracked and stored in a data store. A party may be a company itself or a company'"'"'s information system. The user interactions are aggregated in a user profile bound to a particular user. All of the profile, or some subset of the profile may be used to generate an identity fingerprint. The identity fingerprint may be used as authentication credentials, where the similarity of user activity indicia is measured against all or part of the identity fingerprint. Alternatively, the aggregation systems may identify groups or categories of users by behavior by identifying similar identity fingerprints. Similarity may be measured via correlation models. Finally, the data store of profiles may be used for non-authentication systems such as business intelligence, advertising, identity management, and threat monitoring.

213 Citations

28 Claims

1. A method to generate an identity fingerprint, the method comprising:
- maintaining a data store of records, the records relating to historical activities by a plurality of users and the records having been aggregated according to a behavioral correlation model;
  
  receiving an identity fingerprint request to generate an identity fingerprint for a user, the request comprising indicia of the user'"'"'s activity;
  
  retrieving at least one record from the data store corresponding to the indicia of the user'"'"'s activity in the identity fingerprint request;
  
  generating an identity fingerprint from the at least one retrieved record; and
  
  serving the generated identity fingerprint responsive to the received identity fingerprint request.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the retrieved record from the data store is retrieved based on the record having been statically bound to a user profile corresponding to the user.
  - 3. The method of claim 1, wherein the retrieved record from the data store is retrieved dynamically via querying the data store for a record corresponding to the indicia of the user'"'"'s activity in the identity fingerprint request.
  - 4. The method of claim 1, wherein the generated identity fingerprint comprises a summary of historical activities of the user.
  - 5. The method of claim 1, wherein the generated identity fingerprint comprises a summary of content entered by the user during at least one historical activity.
  - 6. The method of claim 1, wherein the serving the generated identity fingerprint comprises:
    - caching the generated identity fingerprint in a cache storage; and
      
      serving the generated identity fingerprint from the cache storage responsive to the received identity fingerprint request.

7. A method to collect behavioral data for generating identity fingerprints, the method comprising:
- receiving a session initiation request, the session initiation request comprising a user identifier;
  
  activating a user profile corresponding to the user identifier, the user profile comprising a plurality of events of interest;
  
  transmitting the plurality of events of interest to the client device for registration;
  
  receiving a plurality of user historical activity indicia, each indicia corresponding to at least one event registered on the client device responsive to a user input triggering at least one registered event;
  
  converting the received plurality of user historical activity indicia into a format specified by a correlation model;
  
  storing the user historical activity indicia in a data store with other user historical activity indicia from other sessions; and
  
  aggregating the user historical activity indicia according to the correlation model.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the user historical activity indicia are aggregated with third party data according to the correlation model.
  - 9. The method of claim 7, the aggregating comprising:
    - validating the user historical activity indicia according to the correlation model;
      
      performing the aggregating responsive to the validating of the user historical activity indicia; and
      
      logging user historical activity indicia that have failed validation.
  - 10. The method of claim 7, wherein the other user historical activity indicia is from other client devices.
  - 11. The method of claim 7, wherein the other user historical activity indicia is from a plurality of applications on the same client device.
  - 12. The method of claim 7, wherein the user historical activity indicia includes any one of:
    - user location,user calling pattern,user near field communications activity,user internet activity,user short message service activity,user social network activity,user payment history,user client device history, oruser usage pattern.

13. A method to track user behavioral, the method comprising:
- receiving at a client device a plurality of events of interest;
  
  registering the plurality of events of interest with the client device, such that the client device is operative to track each of the plurality of events;
  
  collecting indicia corresponding to a registered event upon detecting a registered event;
  
  converting the indicia into a format specified by a correlation model; and
  
  transmitting the indicia.
- View Dependent Claims (14)
- - 14. The method of claim 13, wherein the detecting the registered event includes any one of:
    - inserting a callback function corresponding to an operating system notification;
      
      applying a journaling hook;
      
      applying a trampoline function;
      
      orenlisting in an operating system monitoring notification.

15. A method of aggregating users into categories, the method comprising:
- maintaining a data store of records, the records relating to historical activities by a plurality of users;
  
  generating an identity fingerprint for each of the plurality of users, each identity fingerprint having been generated according to an aggregate of records according to a behavioral correlation model; and
  
  aggregating the identity fingerprints into categories according to a similarity measure.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15, wherein the aggregating the identity fingerprints is on a computing device remote from the data store of records;
    - andthe identity fingerprints are accessed via an application programming interface.
  - 17. The method of claim 15, wherein the aggregate of records used to generate the identity fingerprints includes third party data.
  - 18. The method of claim 15, wherein the categories to aggregate the fingerprints includes any one of:
    - targeted customer categories for targeted advertising,targeted customer categories for identifying purchase patterns, orcategories of computer security attacks as part of a threat model.

19. A method to authenticate an identity of a user, the method comprising:
- receiving at least one indicia of a user'"'"'s activity;
  
  preparing an authentication request, the authentication request comprising the at least one indicia of the user'"'"'s activity;
  
  sending the prepared authentication request to a profiling service, the profiling service having access to a data store of records, the records relating to historical activities by a plurality of users; and
  
  receiving an authentication determination based on whether the indicia of the user'"'"'s activity in the authentication request correlates to at least one record in the data store, the correlating of the authentication request to the at least one record being based at least in part on a correlation model.
- View Dependent Claims (20)
- - 20. The method of claim 19, the method further comprising:
    - upon determining that an authentication request does not correlate to at least one record, performing any one of the following responses;
      
      sending an indicator to terminate the user session,logging a failed authentication,sending an email message of the failed authentication,sending a text message of the failed authentication, ortriggering a system administrator alert.

21. A system to generate identity fingerprints, the system comprising:
- a profile collection service hosted on a computing device;
  
  a profile based authentication service hosted on a computing device, operably connected to the profile collection service; and
  
  a data store hosted on a computing device and operably connected to the profile collection service, wherein;
  
  the profile collection service is operable to receive correlation model information from the profile based authentication service, to transmit event information according to the correlation model, to receive user historical indicia according to the correlation model, and to store the received user historical indicia in the data store,the profile collection service is operable to generate an identity fingerprint based on some of the stored user historical indicia, andthe profile collection service is operable to serve at least one generated identity fingerprint.
- View Dependent Claims (22, 23, 24)
- - 22. The system of claim 21, the system further comprising:
    - a cache memory operably connected to the profile collection service, the cache memory storing at least one generated identity fingerprint;
      
      wherein the profile collection service is operable to serve at least one generated identity fingerprint from the cache memory.
  - 23. The system of claim 22, the system further comprising any one of the following:
    - an application programming interface to the profile collection service exposed to third parties to access user profile information or generated identity fingerprints;
      
      an application programming interface to the profile based authentication service exposed to third parties to access correlation model information;
      
      ora data interface to the data store exposed to third parties to query user profile information.
  - 24. The system of claim 23, the system further comprising a maintenance module connected to either of the profile collection service or the profile based authentication service operable to perform any one of:
    - updating a correlation model;
      
      archiving records;
      
      backing up records;
      
      correcting errors;
      
      reviewing monitor logs;
      
      orupdating access privileges;

25. A system to generate identity fingerprints, the system comprising:
- a set of user information sources hosted on a computing device; and
  
  a set of data services hosted on a computing device, the data services comprising an extract-transform-load (“
  
  ETL”
  
  ) module, an ETL model, a data store, a profiling service, and a correlation model, wherein;
  
  the ETL module operably connected to the set of user information sources to receive user information;
  
  the ETL module operably connected to the ETL model and the data store, the ETL module to transform the received user information and store in the data store according to the ETL model; and
  
  the profiling service operably connected to the correlation model and the data store to generate an identity fingerprint from the transformed user information in the data store according to the correlation model.
- View Dependent Claims (26, 27)
- - 26. The system of claim 25, wherein the user information sources are any one of:
    - business intelligence user information,billing user information, orprepay user information.
  - 27. The system of claim 26, further comprising a privacy engine operably coupled to the ETL module, wherein ETL module receives user information from the user information sources filtered according to the privacy engine.

28. A system to authenticate user requests via an identity fingerprint, the system comprising:
- a billing gateway hosted on a computing device;
  
  a service delivery gateway hosted on a computing device operably connected to the billing gateway;
  
  a content provider application hosted on a computing device operably connected to the billing gateway and the service delivery gateway; and
  
  a profiling service hosted on a computing device operably connected to the service delivery gateway, wherein;
  
  the content provider application operable to send an authentication request to the service delivery upon receiving a content request;
  
  the service delivery gateway operable to send an authentication request to the profiling service;
  
  the service delivery gateway operable to notify the billing gateway to perform a billing operation based on a received authentication result from the profiling service, and to notify the content provider of the billing operation result;
  
  the service delivery gateway operable to notify the content provider of the received authentication result; and
  
  the content provider operable to serve content based on the received authentication result from the service delivery gateway and the billing operation result from the billing gateway.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Original Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Inventors
Giard, Jeffrey M., Goo, Michael J., Sandidge, Tony A., Schuler, Seth H., Subramanian, Bala

Application Number

US13/229,481
Publication Number

US 20130054433A1
Time in Patent Office

Days
Field of Search
US Class Current

705/34
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06Q 30/02   Marketing; Price estimation...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

H04L 9/3231   Biological data, e.g. finge...

Multi-Factor Identity Fingerprinting with User Behavior

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

213 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-Factor Identity Fingerprinting with User Behavior

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

213 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links