IDENTITY VERIFICATION CREDENTIAL WITH CONTINUOUS VERIFICATION AND INTENTION-BASED AUTHENTICATION SYSTEMS AND METHODS

US 20130191898A1
Filed: 01/04/2013
Published: 07/25/2013
Est. Priority Date: 01/04/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for facilitating the authentication and verification of a user by creating and maintaining a true online credential (TOC), the method comprising:

receiving, at one of a plurality of network servers, a request from a client terminal to create a true online credential (TOC) for a user, said request containing a plurality of personally identifiable information of said user;

constructing, at one of said plurality of network servers, at least one knowledge-based-authentication (KBA) question based on said plurality of personally identifiable information and a plurality of third-party data sources;

transmitting, at one of said plurality of network servers, at least one Knowledge-based-authentication (KBA) question to said client terminal to be answered by said user;

receiving, at one of said plurality of network servers, a response from said client terminal to said at least one Knowledge-based-authentication (KBA) question;

computing, at one of said plurality of network servers, an identity verification score for said user;

transmitting, at one of said plurality of network servers, a request to said client terminal requesting permission from said user to access a plurality of second-party user data contained within a plurality of second-party data sources if said identity verification score exceeds a minimum identity verification score threshold.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system providing features for facilitating the authentication and verification of a consumer, facilitating and sharing trust between the consumer and third parties, and for continuously updating such information. The system can create an online identity credential based on verifying the identity of an individual subject. The system can include adding first, second, and third party information to the credential, analyzing the data in the credential to create metadata stored within the credential, continuously and periodically updating the elements and metadata of the identity credential, and for sharing selected data and metadata elements of the credential with second and third parties. The system can be used as a standalone identity credential or in support of biometric identity applications. The system can include rewards to encourage subjects to continuously verify their identity. The system can include a Knowledge-Based-Authentication based on intention analysis derived from second-party data, rather than factual third-party data.

Citations

19 Claims

1. A method for facilitating the authentication and verification of a user by creating and maintaining a true online credential (TOC), the method comprising:
- receiving, at one of a plurality of network servers, a request from a client terminal to create a true online credential (TOC) for a user, said request containing a plurality of personally identifiable information of said user;
  
  constructing, at one of said plurality of network servers, at least one knowledge-based-authentication (KBA) question based on said plurality of personally identifiable information and a plurality of third-party data sources;
  
  transmitting, at one of said plurality of network servers, at least one Knowledge-based-authentication (KBA) question to said client terminal to be answered by said user;
  
  receiving, at one of said plurality of network servers, a response from said client terminal to said at least one Knowledge-based-authentication (KBA) question;
  
  computing, at one of said plurality of network servers, an identity verification score for said user;
  
  transmitting, at one of said plurality of network servers, a request to said client terminal requesting permission from said user to access a plurality of second-party user data contained within a plurality of second-party data sources if said identity verification score exceeds a minimum identity verification score threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprisingperforming continuous identity verification at periodic intervals including:
    - constructing a plurality of new knowledge-based-authentication (KBA) questions based on said plurality of third-party data sources and said plurality of second-party data sources;
      
      transmitting said plurality of new knowledge-based-authentication (KBA) questions to said userreceiving a plurality of new responses from said user;
      
      recalculating said identity verification score, said recalculating based on in part said plurality of new responses received from said user.
  - 3. The method of claim 1, wherein said plurality of personally identifiable information includes:
    - a full name;
      
      a Social Security Number;
      
      a Date of Birth;
      
      an address;
      
      and a phone number.
  - 4. The method of claim 1, wherein said client terminal is a mobile phone.
  - 5. The method of claim 1, wherein said client terminal is a computer.
  - 6. The method of claim 1, wherein said client terminal is a mobile computer.
  - 7. The method of claim 1, wherein said plurality of third-party data is maintained by a party not involved in a transaction between said user and a second party.
  - 8. The method of claim 1, wherein said computing, at one of said plurality of network servers, an identity verification score for said user includes utilizing metadata or aggregated data from said second-party or third party in addition to said primary data.
  - 9. The method of claim 2, wherein said performing continuous identity verification at periodic intervals further includes:
    - providing a reward to said user for continuously verifying their identity by providing said plurality of new responses.
  - 10. The method of claim 2, wherein said plurality of second-party data is maintained at a second-party site, said second-party site being external to said plurality of network servers, and wherein constructing a plurality of new knowledge-based-authentication (KBA) questions based on said plurality of third-party data sources and said plurality of second-party data sources is partially carried out at said second-party site.
  - 11. The method of claim 2, wherein recalculating said identity verification score includes degrading said identity verification score over time if said user fails to provide said plurality of new responses.
  - 12. The method of claim 1, wherein said second-party data sources includes social networking data sources.
  - 13. The method of claim 1, wherein said constructing, at one of said plurality of network servers, at least one knowledge-based-authentication (KBA) question based on said plurality of personally identifiable information and a plurality of third-party data sources includes heuristic decision making to select an appropriate third-party data source based on said plurality of personally identifiable information.
  - 14. The method of claim 2, wherein said constructing a plurality of new knowledge-based-authentication (KBA) questions based on said plurality of third-party data sources and said plurality of second-party data sources includes Knowledge-Based-Authentication based on intention analysis derived from said second-party data sources.

15. A method of facilitating and sharing trust between a user and a third party, the method comprising:
- creating a true online credential (TOC) for a user;
  
  adding first, second, and third party data to said TOC;
  
  analyzing said first, second, and third party data in said TOC to create a plurality of metadata stored within said TOC;
  
  updating said metadata of the identity credential periodically; and
  
  sharing selected first, second, and third party data and selected metadata in said TOC with a third party,wherein said sharing of sharing selected first, second, and third party data and selected metadata in said TOC with a third party facilitates trust between said user and said third party.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, wherein said creating a true online credential (TOC) for a user includes coupling said TOC with a biometric identity applications.
  - 17. The method of claim 15, wherein said updating said metadata of the identity credential periodically includes providing rewards to encourage said user to continuously verify their identity.
  - 18. The method of claim 15, wherein said creating a true online credential (TOC) for a user includes Knowledge-Based-Authentication based on intention analysis derived from second-party data.
  - 19. The method of claim 15, wherein said creating a true online credential (TOC) for a user includes Knowledge-Based-Authentication based on heuristic decision making analysis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harold H. Kraft
Original Assignee
Harold H. Kraft
Inventors
Kraft, Harold H.

Application Number

US13/734,578
Publication Number

US 20130191898A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/31 User authentication

G06F 2221/2115 Third party

IDENTITY VERIFICATION CREDENTIAL WITH CONTINUOUS VERIFICATION AND INTENTION-BASED AUTHENTICATION SYSTEMS AND METHODS

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

IDENTITY VERIFICATION CREDENTIAL WITH CONTINUOUS VERIFICATION AND INTENTION-BASED AUTHENTICATION SYSTEMS AND METHODS

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links