CONSOLIDATED MULTI-FACTOR RISK ANALYSIS
First Claim
1. A method of authenticating a user, the method comprising:
- receiving, with one or more processors, via a network, an authentication request sent by a first computing device associated with a user to be authenticated;
determining, with one or more processors, a second computing device, different from the first computing device, associated with the user based on a record created before receiving the authentication request;
sending, with one or more processors, via a network, instructions to the second computing device that cause the second computing to effectuate operations comprising;
forming with the second computing device, or accessing in storage of the second computing device, an observed profile of the second computing device, wherein the observed profile is based on attributes of the second computing device, the attributes including;
attributes of physical hardware of the second computing device,attributes of software installed on the second computing device,attributes of firmware installed on the second computing device, orusage attributes of the second computing device, andsending, via a network, the observed profile in response to receiving the instructions;
receiving, with one or more processors, via a network, the observed profile;
accessing, with one or more processors, a known profile of the second computing device formed, at least in part, before receiving the authentication request, wherein the known profile is based on the attributes of the second computing device;
determining, with one or more processors, that the known profile corresponds to the observed profile based on correspondence between known and observed attributes of the second computing device;
sending, with one or more processors, an authentication credential to either the second computing device or the first computing device;
after sending the authentication credential, receiving, with one or more processors, the authentication credential from either the first computing device or the second computing device, wherein the authentication credential is received from a different computing device from the computing device to which the authentication credential was sent;
in response to receiving the authentication credential from the first computing device and the determination that the known profile corresponds to the observed profile, determining, with one or more processors, that the user is authenticated; and
sending, with one or more processors, via a network, a message indicating that the user is authenticated or granting access to resources in response to determining that the user is authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a process of authenticating a user, the process including: receiving an authentication request sent by a first computing device; receiving an observed profile of the second computing device; accessing a known profile of the second computing device; determining that the known profile corresponds to the observed profile; sending an authentication credential to either the second computing device or the first computing device; receiving the authentication credential from either the first computing device or the second computing device; and in response to receiving the authentication credential and the determination that the known profile corresponds to the observed profile, determining that the user is authenticated.
-
Citations
20 Claims
-
1. A method of authenticating a user, the method comprising:
-
receiving, with one or more processors, via a network, an authentication request sent by a first computing device associated with a user to be authenticated; determining, with one or more processors, a second computing device, different from the first computing device, associated with the user based on a record created before receiving the authentication request; sending, with one or more processors, via a network, instructions to the second computing device that cause the second computing to effectuate operations comprising; forming with the second computing device, or accessing in storage of the second computing device, an observed profile of the second computing device, wherein the observed profile is based on attributes of the second computing device, the attributes including; attributes of physical hardware of the second computing device, attributes of software installed on the second computing device, attributes of firmware installed on the second computing device, or usage attributes of the second computing device, and sending, via a network, the observed profile in response to receiving the instructions; receiving, with one or more processors, via a network, the observed profile; accessing, with one or more processors, a known profile of the second computing device formed, at least in part, before receiving the authentication request, wherein the known profile is based on the attributes of the second computing device; determining, with one or more processors, that the known profile corresponds to the observed profile based on correspondence between known and observed attributes of the second computing device; sending, with one or more processors, an authentication credential to either the second computing device or the first computing device; after sending the authentication credential, receiving, with one or more processors, the authentication credential from either the first computing device or the second computing device, wherein the authentication credential is received from a different computing device from the computing device to which the authentication credential was sent; in response to receiving the authentication credential from the first computing device and the determination that the known profile corresponds to the observed profile, determining, with one or more processors, that the user is authenticated; and sending, with one or more processors, via a network, a message indicating that the user is authenticated or granting access to resources in response to determining that the user is authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system, comprising:
-
one or more processors; and memory storing instructions that when executed by at least some of the processors effectuate operations comprising; receiving, via a network, an authentication request sent by a first computing device associated with a user to be authenticated; determining a second computing device, different from the first computing device, associated with the user based on a record created before receiving the authentication request; sending, via a network, instructions to the second computing device that cause the second computing to effectuate operations comprising; forming with the second computing device, or accessing in storage of the second computing device, an observed profile of the second computing device, wherein the observed profile is based on attributes of the second computing device, the attributes including; attributes of physical hardware of the second computing device, attributes of software installed on the second computing device, attributes of firmware installed on the second computing device, or usage attributes of the second computing device, and sending, via a network, the observed profile in response to receiving the instructions; receiving, via a network, the observed profile; accessing a known profile of the second computing device formed, at least in part, before receiving the authentication request, wherein the known profile is based on the attributes of the second computing device; determining that the known profile corresponds to the observed profile based on correspondence between known and observed attributes of the second computing device; sending an authentication credential to either the second computing device or the first computing device; after sending the authentication credential, receiving the authentication credential from either the first computing device or the second computing device, wherein the authentication credential is received from a different computing device from the computing device to which the authentication credential was sent; in response to receiving the authentication credential from the first computing device and the determination that the known profile corresponds to the observed profile, determining that the user is authenticated; and sending, via a network, a message indicating that the user is authenticated or granting access to resources in response to determining that the user is authenticated. - View Dependent Claims (18, 19, 20)
-
Specification