DETERMINING AUTHENTICATION REQUIREMENTS ALONG A CONTINUUM BASED ON A CURRENT STATE OF THE USER AND/OR THE SERVICE REQUIRING AUTHENTICATION

US 20150227924A1
Filed: 02/07/2014
Published: 08/13/2015
Est. Priority Date: 02/07/2014
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for determining user authentication requirements for accessing a service, the apparatus comprising:

a mobile communication device including a computing platform including a memory, a processor in communication with the memory and a Global Positioning System (GPS) device in communication with the processor;

an authentication requirements module stored in the memory, executable by the processor and configured to,receive a request for a user to perform a function requiring user authentication,in response to receiving the request, determine at least one of (1) a current physical state of the user, or (2) attributes related to the function, wherein determining the physical state of the user includes implementing the GPS device to determine a geographic location of the user, anddetermine a location along an authentication continuum based at least in part on at least one of (1) the geographic location of the user, (2) a network on which the request was at least in part communicated, or (3) one or more attributes related to the function, wherein the location along the authentication continuum defines authentication requirements, wherein the location defines the predetermined level of authentication and level of authentication is one of (1) a no-authentication-required level, (2) a partial authentication level, and (3) full authentication level, wherein the full authentication level requires standard authentication credentials and the partial authentication level requires less than the standard authentication credentials; and

a function level module stored in the memory, executable by the processor and configured to determine a level of the function to which the user is authorized to perform in response to the user meeting the authentication requirements, wherein the level of function provides for a financial transaction amount limit,wherein the user is provided an ability to perform the function in response to the user meeting the authentication requirements.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, apparatus, methods, and computer program products are provided for determining a user'"'"'s authentication requirements/credentials for a specific service access request based on determining a location along a an authentication continuum. The location along the authentication continuum defines the degree of authentication/credentials required to access the service and is determined based on a current state of the user and/or service attributes. The more or less that is known about the current state of the user, in comparison to historical data about the user, the more or less likely the user is, in fact, the user that is attempting to access the service and, thus, the authentication requirements required to access the service can be adjusted according (increased or decreased).

Citations

24 Claims

1. An apparatus for determining user authentication requirements for accessing a service, the apparatus comprising:
- a mobile communication device including a computing platform including a memory, a processor in communication with the memory and a Global Positioning System (GPS) device in communication with the processor;
  
  an authentication requirements module stored in the memory, executable by the processor and configured to,receive a request for a user to perform a function requiring user authentication,in response to receiving the request, determine at least one of (1) a current physical state of the user, or (2) attributes related to the function, wherein determining the physical state of the user includes implementing the GPS device to determine a geographic location of the user, anddetermine a location along an authentication continuum based at least in part on at least one of (1) the geographic location of the user, (2) a network on which the request was at least in part communicated, or (3) one or more attributes related to the function, wherein the location along the authentication continuum defines authentication requirements, wherein the location defines the predetermined level of authentication and level of authentication is one of (1) a no-authentication-required level, (2) a partial authentication level, and (3) full authentication level, wherein the full authentication level requires standard authentication credentials and the partial authentication level requires less than the standard authentication credentials; and
  
  a function level module stored in the memory, executable by the processor and configured to determine a level of the function to which the user is authorized to perform in response to the user meeting the authentication requirements, wherein the level of function provides for a financial transaction amount limit,wherein the user is provided an ability to perform the function in response to the user meeting the authentication requirements.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the authentication requirements module is further configured to receive a request for a user to perform a function requiring user authentication, wherein the function is one of (1) accessing a network-based service, or (2) conducting a financial transaction.
  - 3. The apparatus of claim 1, wherein the authentication requirements module is further configured to determine the one or more attributes related to the function, the attributes related to the function include at least one of (1) a type of financial transaction or network-based service, (2) a time of conducting the financial transaction or accessing the network-based service, or (3) an amount associated with the financial transaction.
  - 4. The apparatus of claim 1, wherein the authentication requirements module is further configured to determine the current physical state of the user, wherein the current physical state of the user is one or more of (1) a geographic location of the user, (2) movement of the user in a specified direction, (3) movement of a user across a specified boundary of geographic location, or (4) change in geographic location by a specified distance.
  - 5. The apparatus of claim 1, wherein the authentication requirements module is further configured to determine the location along the authentication continuum subjectively based additionally on historical financial transaction patterns.
  - 6. The apparatus of claim 1, wherein the authentication requirements module is further configured to determine the location along the authentication continuum, wherein the location defines a predetermined level of authentication and the predetermined level of authentication defines the authentication requirements required for the user to perform the function.

7. (canceled)

8. (canceled)

9. A method for determining user authentication requirements for accessing a service, the method comprising:
- receiving, by a computing device processor included in a mobile communication device, a request for a user to perform a function requiring user authentication;
  
  in response to receiving the request, determining, by the computing device processor, at least one of (1) a current physical state of the user, (2) a network on which the request was at least in part communicated, or (3) attributes related to the function, wherein determining the physical state of the user comprises implementing a Global Positioning System (GPS) device included in the mobile communication device to determine a geographic location of the user;
  
  determining, by a computing device, a location along an authentication continuum based at least in part on at least one of (1) the geographic location of the user, (2) a network on which the request was at least in part communicated, or (3) one or more attributes related to the function, wherein the location along the authentication continuum defines authentication requirements, wherein the location defines the predetermined level of authentication and level of authentication is one of (1) a no-authentication-required level, (2) a partial authentication level, and (3) full authentication level, wherein the full authentication level requires standard authentication credentials and the partial authentication level requires less than the standard authentication credentials; and
  
  determining, by a computing device processor, a level of the function to which the user is authorized to perform in response to the user meeting the authentication requirements, wherein the level of function provides for a financial transaction amount limit,wherein the user is provided an ability to perform the function in response to the user meeting the authentication requirements.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, wherein receiving the request further comprises receiving, by the computing device processor, a request for a user to perform a function requiring user authentication, wherein the function is one of (1) accessing a network-based service, or (2) conducting a financial transaction.
  - 11. The method of claim 9, wherein determining attributes related to the function further comprises determining, by the computing device processor, the one or more attributes related to the function, the attributes related to the function include at least one of (1) a type of financial transaction or network-based service, (2) a time of conducting the financial transaction or accessing the network-based service, or (3) an amount associated with the financial transaction.
  - 12. The method of claim 9, wherein determining the current physical state of the user further comprises determining, by the computing device processor, the current physical state of the user, wherein the current physical state of the user is one or more of (1) a geographic location of the user, (2) movement of the user in a specified direction, (3) movement of a user across a specified boundary of geographic location, or (4) change in geographic location by a specified distance.
  - 13. The method of claim 9, wherein determining the location along the authentication continuum further comprises determining, by the computing device processor, the location along the authentication continuum subjectively based additionally on user attributes.
  - 14. The method of claim 9, wherein determining the location along the authentication continuum further comprises determining, by the computing device processor, the location along the authentication continuum, wherein the location defines a predetermined level of authentication and the predetermined level of authentication defines the authentication requirements required for the user to perform the function.

15. (canceled)

16. (canceled)

17. A computer program product comprising:
- a non-transitory computer-readable medium comprising;
  
  a first set of codes for causing a mobile communication device to receive a request for a user to perform a function requiring user authentication;
  
  a second set of codes for causing the mobile communication device to, in response to receiving the request, determine at least one of (1) a current physical state of the user, (2) a network on which the request was at least in part communicated, or (3) attributes related to the function, wherein determining the physical state of the user comprises implementing a Global Positioning System (GPS) device included in the mobile communication device to determine a geographic location of the user;
  
  a third set of codes for causing a computer to determine a location along an authentication continuum based at least in part on at least one of (1) the geographic location of the user, (2) a network on which the request was at least in part communicated, or (3) one or more attributes related to the function, wherein the location along the authentication continuum defines authentication requirements, wherein the location defines the predetermined level of authentication and level of authentication is one of (1) a no-authentication-required level, (2) a partial authentication level, and (3) full authentication level, wherein the full authentication level requires standard authentication credentials and the partial authentication level requires less than the standard authentication credentials; and
  
  a fourth set of codes for causing a computer to determine a level of the function to which the user is authorized to perform in response to the user meeting the authentication requirements, wherein the level of function provides for a financial transaction amount limit,wherein the user is provided an ability to perform the function in response to the user meeting the authentication requirements.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The computer program product of claim 17, wherein the first set of codes is further configured to cause the computer to receive a request for a user to perform a function requiring user authentication, wherein the function is one of (1) accessing a network-based service, or (2) conducting a financial transaction.
  - 19. The computer program product of claim 17, wherein the second set of codes is further configured to cause the computer to determine the one or more attributes related to the function, the attributes related to the function include at least one of (1) a type of financial transaction or network-based service, (2) a time of conducting the financial transaction or accessing the network-based service, or (3) an amount associated with the financial transaction.
  - 20. The computer program product of claim 17, wherein the second set of codes is further configured to cause the computer to determine the current physical state of the user, wherein the current physical state of the user is one or more of (1) a geographic location of the user, (2) movement of the user in a specified direction, (3) movement of a user across a specified boundary of geographic location, or (4) change in geographic location by a specified distance.
  - 21. The computer program product of claim 17, wherein the third set of codes is further configured to cause the computer to determine the location along the authentication continuum subjectively based additionally on user attributes.
  - 22. The computer program product of claim 17, wherein the third set of codes is further configured to cause the computer to determine the location along the authentication continuum, wherein the location defines a predetermined level of authentication and the predetermined level of authentication defines the authentication requirements required for the user to perform the function.

23. (canceled)

24. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Grigg, David M., Qaim-Maqami, Hood, Johansen, Joseph Neil

Application Number

US14/175,652
Publication Number

US 20150227924A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/3224   Transactions dependent on l...

G06Q 20/382   insuring higher security of...

G06Q 20/405   Establishing or using trans...

DETERMINING AUTHENTICATION REQUIREMENTS ALONG A CONTINUUM BASED ON A CURRENT STATE OF THE USER AND/OR THE SERVICE REQUIRING AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

DETERMINING AUTHENTICATION REQUIREMENTS ALONG A CONTINUUM BASED ON A CURRENT STATE OF THE USER AND/OR THE SERVICE REQUIRING AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links