Personalized Inferred Authentication For Virtual Assistance
1 Assignment
0 Petitions
Accused Products
Abstract
Aspects of the technology described herein provide a mechanism for controlling access to secure computing resources based on inferred user authentication. A current user may be authenticated and access to secure computing resources permitted based on a determined probability that the current user is a legitimate user associated with the secure computing resource. Legitimacy of the current user may be inferred based on a comparison of user-related activity of the current user to a persona model, which ay comprise behavior patterns, rules, or other information for identifying a legitimate user. If it is determined that the current user is likely legitimate, then access to secure information may be permitted. However, if it is determined that the current user is likely illegitimate, than a verification procedure may be provided to the current user, such as a temporal, dynamic security challenge based on recent activity conducted by the legitimate user.
-
Citations
40 Claims
-
1-20. -20. (canceled)
-
21. A computing device comprising a computer memory and a computer processor that is configured to control access to user credentials based on a measure of legitimacy for a current user, the computing device comprising:
-
a computer program stored on the computer memory having computer instructions that when executed by the computer processor; monitor ongoing user-related activity for the current user associated with a current user session on the computing device; determine an authentication confidence score for the user associated with the current user session on the computing device, wherein the authentication confidence score is determined based on a comparison of information from the monitored ongoing user related activity and a persona model corresponding to a legitimate user associated with the computing device, the authentication confidence score to be used when the current user attempts to access a secure computing resource, and wherein the persona model is determined from user-related activity information of the legitimate user and comprises activity patterns of the legitimate user; receive an indication of a request to access a first secure computing resource; if the determined authentication confidence score indicates the current user is likely the legitimate user, then granting access to a user credential that is required to access the first secure computing resource; and if the determined authentication confidence score does not indicate that the current user is likely to be the legitimate user, then restricting access to the user credential. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A computerized method for controlling access to user credentials, comprising:
-
monitoring, during a current user session associated with a current user, ongoing user-related activity associated with at least one computing device; determining an initial authenticity score for the current user, the initial authenticity score determined based on a comparison of information from the monitored ongoing user-related activity and a persona model corresponding to a legitimate user associated with the at least one computing device, the initial authenticity score to be used when the current user attempts to access a user credential; receiving a first indication of a request to access a first user credential, the first user credential having a corresponding first authenticity score threshold; determining that the initial authenticity score does not satisfy the first authenticity score threshold; providing a security challenge to the current user, wherein the security challenge is derived from user-related activity information of the legitimate user for one or more previous user sessions during which an authenticity score for the one or more previous user sessions was above a given threshold; receiving a response to the security challenge; based on an evaluation of the received response, updating the initial authenticity score to an updated authenticity score to be used to authenticate the current user; and based on a comparison of the updated authenticity score and the first authenticity score threshold, if the updated authenticity score satisfies the first authenticity score threshold, then providing access to the first user credential; and if the updated authenticity score does not satisfy the first authenticity score threshold, then restricting access to the first user credential. - View Dependent Claims (35, 36, 37, 38)
-
-
39. A computerized system comprising:
-
one or more sensors configured to provide sensor data; one or more computing devices, at least one of the computing devices including a credentials manager configured to control access to one or more user credentials; one or more processors; and one or more computer storage media storing computer-useable instructions that, when used by the one or more processors, cause the one or more processors to perform operations comprising; monitoring ongoing user-related activity for a current user session on the one or more computing devices, the user-related activity for the current user session including sensor data from the one or more sensors; determining an authentication confidence score for a user associated with the current user session on the one or more computing devices, wherein the authentication confidence score is determined based on a comparison of information from the monitored ongoing user-related activity and a persona model corresponding to a legitimate user associated with the one or more computing devices, the authentication confidence score to be used when the current user attempts to access the one or more user credentials, and wherein the persona model is determined from user-related activity information of the legitimate user detected on the one or more computing devices; receiving an indication of a request to access a user credential; if the determined authentication confidence score indicates the current user is likely the legitimate user, then granting, by the credentials manager, access to the user credential; and if the determined authentication confidence score does not indicate that the current user is likely to be the legitimate user, then restricting, by the credentials manager, access to the user credential. - View Dependent Claims (40)
-
Specification