ADAPTIVE SECONDARY AUTHENTICATION CRITERIA BASED ON ACCOUNT DATA
First Claim
1. An authentication challenge system comprising:
- a question engine, to derive a series of questions based upon activity associated with an account of an online store;
a network interface, to transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store;
a confidence engine, to determine a required confidence level for a successful authentication, and to compute a confidence score of the user identity; and
a quality engine, to adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store, wherein the online store includes digital media including at least one of music, movies, books or apps.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.
178 Citations
23 Claims
-
1. An authentication challenge system comprising:
-
a question engine, to derive a series of questions based upon activity associated with an account of an online store; a network interface, to transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, to determine a required confidence level for a successful authentication, and to compute a confidence score of the user identity; and a quality engine, to adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store, wherein the online store includes digital media including at least one of music, movies, books or apps. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of generating secondary authentication questions, the method comprising:
-
accessing a purchase history associated with an account of an online store wherein the online store includes digital media including at least one of music, movies, books or apps; deriving a set of questions based on the purchase history of a unique identifier associated with the account; deriving a set of questions based on a presumed media genre preference associated with the unique identifier; and filtering questions from one or more sets of questions based on privacy settings. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable media storing instructions, which, when performed by a processor, cause the processor to perform operations to adaptively determine a confidence level, the operations comprising:
-
receiving a request to determine an authentication threshold required to perform an account activity, wherein the account activity is associated with a unique identifier of the account associated with an online store; authenticating a user at a device using a primary authentication method; calculating an activity risk factor based on the requested account activity; determining an identity confidence factor for the unique identifier of the account; and determining an authentication threshold for a secondary authentication method based on the requested account activity and the identity confidence factor; - View Dependent Claims (18, 19, 20)
-
-
21. A non-transitory computer-readable media storing instructions, which, when performed by a processor, cause the processor to perform operations, the operations comprising:
-
receiving a question list and answer scores from a secondary authentication of the unique identifier associated with an account on an online store; searching a question history associated with the identifier for questions which have been previously asked; and increasing a difficulty score associated with repeated questions which were answered incorrectly during a secondary authentication session in which the identifier was authenticated; - View Dependent Claims (22, 23)
-
Specification