USER AUTHENTICATION BASED ON HISTORICAL USER BEHAVIOR

US 20150229624A1
Filed: 02/07/2014
Published: 08/13/2015
Est. Priority Date: 02/07/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus for user authentication to perform at least one user action of a plurality of first user actions associated with an application running on the apparatus and based on historical user patterns, the apparatus comprising:

a memory;

a processor; and

computer-executable instructions stored in the memory, executable by the processor, and configured to cause the processor to;

receive from a user, a request to execute at least one first user action of a plurality of first user actions associated with an application running on the apparatus, wherein execution of the at least one first user action requires validation of one or more authentication credentials, wherein the plurality of first user actions are different than a plurality of second user actions not associated with the application;

collect a set of data comprising information related to one or more usage patterns associated with the apparatus of the user, associated with at least one second user actions, and not associated with any first user actions;

determine a normal pattern of usage associated with each of the at least one second user actions;

determine a present pattern of usage associated with each of the at least one second user actions;

determine a user pattern score associated with the user and the at least one second user actions, comprising;

comparing the present pattern of usage to the normal pattern of usage;

determining that the present pattern of usage is outside the normal pattern of usage;

setting the user pattern score by determining an extent to which the present pattern of usage is outside the normal pattern of usage;

determine a level of authentication associated with the determined user pattern score;

determine which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the user pattern score;

request one or more authentication credentials corresponding to the determined one or more authentication types;

receive one or more authentication credentials from the user;

validate the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and

in response to the successful validation of the one or more authentication credentials, execute the user action.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a set of data comprising information related to usage patterns associated with the apparatus of the user; determine a user pattern score associated with the user; determine a level of authentication; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation, execute the user action.

30 Citations

View as Search Results

20 Claims

1. An apparatus for user authentication to perform at least one user action of a plurality of first user actions associated with an application running on the apparatus and based on historical user patterns, the apparatus comprising:
- a memory;
  
  a processor; and
  
  computer-executable instructions stored in the memory, executable by the processor, and configured to cause the processor to;
  
  receive from a user, a request to execute at least one first user action of a plurality of first user actions associated with an application running on the apparatus, wherein execution of the at least one first user action requires validation of one or more authentication credentials, wherein the plurality of first user actions are different than a plurality of second user actions not associated with the application;
  
  collect a set of data comprising information related to one or more usage patterns associated with the apparatus of the user, associated with at least one second user actions, and not associated with any first user actions;
  
  determine a normal pattern of usage associated with each of the at least one second user actions;
  
  determine a present pattern of usage associated with each of the at least one second user actions;
  
  determine a user pattern score associated with the user and the at least one second user actions, comprising;
  
  comparing the present pattern of usage to the normal pattern of usage;
  
  determining that the present pattern of usage is outside the normal pattern of usage;
  
  setting the user pattern score by determining an extent to which the present pattern of usage is outside the normal pattern of usage;
  
  determine a level of authentication associated with the determined user pattern score;
  
  determine which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the user pattern score;
  
  request one or more authentication credentials corresponding to the determined one or more authentication types;
  
  receive one or more authentication credentials from the user;
  
  validate the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and
  
  in response to the successful validation of the one or more authentication credentials, execute the user action.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1, wherein determining the user pattern score associated with the user comprises:
    - determining a threshold associated with one or more apparatus activities;
      
      determining whether a current pattern of the user is within the threshold; and
      
      based at least in part on the determination, assigning the user pattern score.
  - 3. The apparatus of claim 2, wherein determining the user pattern score further comprises:
    - selecting one or more second apparatus activities;
      
      determining a second threshold associated with the one or more second user patterns;
      
      determining whether the user is within the second threshold; and
      
      wherein determining the user pattern score is further based at least in part on the determination of whether the user is within the second threshold.
  - 4. The apparatus of claim 3, wherein determining the user pattern score comprises:
    - determining a first partial score based at least in part on the determination of whether the user is within the threshold, wherein the first partial score is weighted by a first weighting factor;
      
      determining a second partial score based at least in part on the determination of whether the user is within the second threshold, wherein the second partial score is weighted by a second weighting factor; and
      
      combining the first partial score and the second partial score, thereby determining the user pattern score.
  - 5. The apparatus of claim 4, wherein at least one of the first weighting factor and the second weighting factor are based on a user-defined preference regarding their respective apparatus activities.
  - 6. The apparatus of claim 1, wherein determining the user pattern score comprises:
    - determining a historical user pattern associated with the user;
      
      determining whether the set of data indicates a current pattern that falls within a predetermined acceptable variance of the historical pattern; and
      
      if not, determining the user pattern score based at least in part on a variance of the current pattern from the historical pattern.
  - 7. The apparatus of claim 1, wherein determining the user pattern score comprises:
    - determining a historical pattern associated with the user;
      
      determining the user pattern score based at least in part on a variance of the current pattern from the historical pattern.

8. A computer-implemented method for user authentication to perform at least one user action of a plurality of first user actions associated with an application running on the apparatus and based on historical user patterns, the method comprising:
- receiving, by a processor of a mobile device and from a user, a request to execute at least one first user action of a plurality of first user actions associated with an application running on the apparatus, wherein execution of the at least one first user action requires validation of one or more authentication credentials, wherein the plurality of first user actions are different than a plurality of second user actions not associated with the application;
  
  collecting, by the processor of the mobile device, a set of data comprising information related to one or more usage patterns associated with the apparatus of the user, associated with at least one second user actions, and not associated with any first user actions;
  
  determining a normal pattern of usage associated with each of the at least one second user actions;
  
  determining a present pattern of usage associated with each of the at least one second user actions;
  
  determining, at the processor of the mobile device, a user pattern score associated with the user and the at least one second user actions, comprising;
  
  comparing the present pattern of usage to the normal pattern of usage;
  
  determining that the present pattern of usage is outside the normal pattern of usage;
  
  setting the user pattern score by determining an extent to which the present pattern of usage is outside the normal pattern of usage;
  
  determining, by the processor of the mobile device, a level of authentication associated with the determined user pattern score;
  
  determining, by the processor of the mobile device, which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the user pattern score;
  
  requesting, by the processor of the mobile device, one or more authentication credentials corresponding to the determined one or more authentication types;
  
  receiving, by the processor of the mobile device, one or more authentication credentials from the user;
  
  validating, by the processor of the mobile device, the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and
  
  in response to the successful validation of the one or more authentication credentials, executing, by the processor of the mobile device, the user action.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein determining the user pattern score associated with the user comprises:
    - determining a threshold associated with one or more apparatus activities;
      
      determining whether a current pattern of the user is within the threshold; and
      
      based at least in part on the determination, assigning the user pattern score.
  - 10. The method of claim 9, wherein determining the user pattern score further comprises:
    - selecting one or more second apparatus activities;
      
      determining a second threshold associated with the one or more second user patterns;
      
      determining whether the user is within the second threshold; and
      
      wherein determining the user pattern score is further based at least in part on the determination of whether the user is within the second threshold.
  - 11. The method of claim 10, wherein determining the user pattern score comprises:
    - determining a first partial score based at least in part on the determination of whether the user is within the threshold, wherein the first partial score is weighted by a first weighting factor;
      
      determining a second partial score based at least in part on the determination of whether the user is within the second threshold, wherein the second partial score is weighted by a second weighting factor; and
      
      combining the first partial score and the second partial score, thereby determining the user pattern score.
  - 12. The method of claim 11, wherein at least one of the first weighting factor and the second weighting factor are based on a user-defined preference regarding their respective apparatus activities.
  - 13. The method of claim 8, wherein determining the user pattern score comprises:
    - determining a historical user pattern associated with the user;
      
      determining whether the set of data indicates a current pattern that falls within a predetermined acceptable variance of the historical pattern; and
      
      if not, determining the user pattern score based at least in part on a variance of the current pattern from the historical pattern.
  - 14. The method of claim 8, wherein determining the user pattern score comprises:
    - determining a historical pattern associated with the user;
      
      determining the user pattern score based at least in part on a variance of the current pattern from the historical pattern.

15. A computer program product for user authentication to perform at least one user action of a plurality of first user actions associated with an application running on the apparatus and based on historical user patterns, the computer program product comprising a non-transitory computer-readable medium comprising code causing a first apparatus to:
- receive from a user, a request to execute at least one first user action of a plurality of first user actions associated with an application running on the apparatus, wherein execution of the at least one first user action requires validation of one or more authentication credentials, wherein the plurality of first user actions are different than a plurality of second user actions not associated with the application;
  
  collect a set of data comprising information related to one or more usage patterns associated with the apparatus of the user, associated with at least one second user actions, and not associated with any first user actions;
  
  determine a normal pattern of usage associated with each of the at least one second user actions;
  
  determine a present pattern of usage associated with each of the at least one second user actions;
  
  determine a user pattern score associated with the user and the at least one second user actions, comprising;
  
  comparing the present pattern of usage to the normal pattern of usage;
  
  determining that the present pattern of usage is outside the normal pattern of usage;
  
  setting the user pattern score by determining an extent to which the present pattern of usage is outside the normal pattern of usage;
  
  determine a level of authentication associated with the determined user pattern score;
  
  determine which one or more authentication types from a plurality of authentication types are associated with the level of authentication associated with the user pattern score;
  
  request one or more authentication credentials corresponding to the determined one or more authentication types;
  
  receive one or more authentication credentials from the user;
  
  validate the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials; and
  
  in response to the successful validation of the one or more authentication credentials, execute the user action.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15, wherein determining the user pattern score associated with the user comprises:
    - determining a threshold associated with one or more apparatus activities;
      
      determining whether a current pattern of the user is within the threshold; and
      
      based at least in part on the determination, assigning the user pattern score.
  - 17. The computer program product of claim 16, wherein determining the user pattern score further comprises:
    - selecting one or more second apparatus activities;
      
      determining a second threshold associated with the one or more second user patterns;
      
      determining whether the user is within the second threshold; and
      
      wherein determining the user pattern score is further based at least in part on the determination of whether the user is within the second threshold.
  - 18. The computer program product of claim 17, wherein determining the user pattern score comprises:
    - determining a first partial score based at least in part on the determination of whether the user is within the threshold, wherein the first partial score is weighted by a first weighting factor;
      
      determining a second partial score based at least in part on the determination of whether the user is within the second threshold, wherein the second partial score is weighted by a second weighting factor; and
      
      combining the first partial score and the second partial score, thereby determining the user pattern score.
  - 19. The computer program product of claim 18, wherein at least one of the first weighting factor and the second weighting factor are based on a user-defined preference regarding their respective apparatus activities.
  - 20. The computer program product of claim 15, wherein determining the user pattern score comprises:
    - determining a historical user pattern associated with the user;
      
      determining whether the set of data indicates a current pattern that falls within a predetermined acceptable variance of the historical pattern; and
      
      if not, determining the user pattern score based at least in part on a variance of the current pattern from the historical pattern.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Grigg, David M., Bertanzetti, Peter John, Toth, Michael E., Hanson, Carrie Anne

Granted Patent

US 9,185,101 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/316   by observing the pattern of...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

USER AUTHENTICATION BASED ON HISTORICAL USER BEHAVIOR

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

USER AUTHENTICATION BASED ON HISTORICAL USER BEHAVIOR

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links