System and method for authentication of network users
DC
First Claim
Patent Images
1. A method of controlling access to an online-provided service hosted on a host system, comprising:
- (a) first querying a user, who is operating a user system, about a first type of information;
(b) determining the extent to which the user correctly answers the first query;
(c) if the user sufficiently correctly answers the first query, second querying the user utilizing credit related information about the user wherein credit related information;
(i) is stored on a credit reporting system other than the user system or the host system; and
(ii) originates from a plurality of the user'"'"'s creditors who report to the credit reporting system credit related information about the user;
(d) in real time, determining the extent to which the user correctly answers the second query; and
(e) in real time and on-line, determining whether to grant or deny the user access to the on-line provided service based at least part on the extent to which the user correctly answers the second query.
0 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A network authentication system provides verification of the identity or other attributes of a network user to conduct a transaction, access data or avail themselves of other resources. The user is presented with a hierarchy of queries based on wallet-type (basic identification) and non-wallet type (more private) information designed to ensure the identity of the user and prevent fraud, false negatives and other undesirable results. A preprocessing stage may be employed to ensure correct formatting of the input information and clean up routine mistakes (such as missing digits, typos, etc.) that might otherwise halt the transaction. Queries can be presented in interactive, batch processed or other format. The authenticator can be configured to require differing levels of input or award differing levels of authentication according to security criteria.
-
Citations
42 Claims
-
1. A method of controlling access to an online-provided service hosted on a host system, comprising:
-
(a) first querying a user, who is operating a user system, about a first type of information;
(b) determining the extent to which the user correctly answers the first query;
(c) if the user sufficiently correctly answers the first query, second querying the user utilizing credit related information about the user wherein credit related information;
(i) is stored on a credit reporting system other than the user system or the host system; and
(ii) originates from a plurality of the user'"'"'s creditors who report to the credit reporting system credit related information about the user;
(d) in real time, determining the extent to which the user correctly answers the second query; and
(e) in real time and on-line, determining whether to grant or deny the user access to the on-line provided service based at least part on the extent to which the user correctly answers the second query. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
(i) retrieving user identification information from a data source;
(ii) comparing the first type of information supplied by the user with user identification information retrieved from the data source; and
(iii) determining a level of correspondence between the first type of information supplied by the user and the user identification information retrieved from the data source.
-
-
4. The method of claim 3, wherein the data source comprises credit-related information of the user.
-
5. The method of claim 3, wherein the data source comprises a non-credit-related information of the user.
-
6. The method of claim 3, wherein the data source comprises a plurality of data sources.
-
7. The method of claim 3, wherein element (b) further comprises:
-
(iv) comparing a response pattern of the user to a scoring matrix with at least one score corresponding to the relative degree of confidence in a predetermined user response pattern; and
(v) determining whether to deny or grant further access to the host system service based upon the response pattern of the user.
-
-
8. The method of claim 1, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon at least one value stored in a scoring matrix.
-
9. The method of claim 8, wherein the scoring matrix includes a set of point values according to the relative degree of significance of the credit related information.
-
10. The method of claim 8, wherein the scoring matrix includes a set of point values according to the relative degree of reliability of the credit related information.
-
11. The method of claim 1, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a user'"'"'s answer to the first query and for matching a user'"'"'s answer to the second query for credit related information about the user.
-
12. The method of claim 1, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a plurality of user'"'"'s answers to a second query for credit related information about the user.
-
13. The method of claim 1, wherein element (d) further comprises:
-
(i) comparing a response pattern of the user to a scoring matrix with at least one score corresponding to the relative degree of confidence in a predetermined user response pattern; and
(ii) generating an authenticity certainty score to determine whether to deny or grant further access to the host system service based upon the response pattern of the user.
-
-
14. The method of claim 1, wherein the credit reporting system comprises a plurality of credit reporting databases.
-
15. The method of claim 1, wherein the host system communicates with the user system and the credit-reporting system via the Internet.
-
16. A method of authenticating a user in real time operating a user system to access an on-line provided service hosted on a host system, comprising:
-
(a) querying the user about a first type of information;
(b) determining a correspondence between the user'"'"'s response and the query about the first type of information;
(c) if a sufficient correspondence exists between the user'"'"'s response and the query about the first type of information, querying the user about credit related information, wherein the credit related information;
(i) is accessed by a credit reporting system separate from the user system and the host system; and
(ii) originates from a plurality of user'"'"'s creditors reporting credit related information about the user to the credit reporting system;
(d) determining a correspondence between the user'"'"'s response and the query for credit related information; and
(e) if a sufficient correspondence exists between the user'"'"'s response and the query about the credit-related information, granting or denying the user access to the on-line provided service. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
(i) generating an authenticity certainty score based upon at least one value stored in a scoring matrix.
-
-
18. The method of claim 17, wherein the scoring matrix includes a set of point values according to the relative degree of significance of the credit related information.
-
19. The method of claim 17, wherein the scoring matrix includes a set of point values according to the relative degree of reliability of the credit related information.
-
20. The method of claim 16, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a user'"'"'s response to the first query and for matching a user'"'"'s response to the second query for credit related information about the user.
-
21. The method of claim 16, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a plurality of user'"'"'s responses to a second query for credit related information about the user.
-
22. (New) The method of claim 16, wherein element (d) further comprises:
-
(i) comparing a response pattern of the user to a scoring matrix with at least one score corresponding to the relative degree of confidence in a predetermined user response pattern; and
(ii) generating an authenticity certainty score to determine whether to deny or grant further access to the host system service based upon the response pattern of the user.
-
-
23. The method of claim 16, wherein the credit reporting system comprises a plurality of credit reporting databases.
-
24. The method of claim 16, wherein the host system communicates with the user system and the credit-reporting system via the Internet.
-
25. A method of verifying an identity of a user in real-time by accessing an on-line service via a user system, wherein the on-line service is provided by a host system, and the host system communicates with a credit reporting system maintaining credit related information from a plurality of the user'"'"'s creditors, the method comprising:
-
(a) querying the user about a first type of information;
(b) determining a correspondence between the user'"'"'s response and the query about the first type of information;
(c) if the user sufficiently responds to the first query about the first type of information, second querying the user about the user'"'"'s credit related information from the credit reporting system;
(d) determining if the user sufficiently responds to the query for credit related information; and
(e) determining whether to grant or deny the user access to the on-line service based at least in part on the sufficiency of the user'"'"'s response to the second query. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33)
(i) generating an authenticity certainty score based upon at least one value stored in a scoring matrix.
-
-
27. The method of claim 26, wherein the scoring matrix includes a set of point values according to the relative degree of significance of the credit related information.
-
28. The method of claim 26, wherein the scoring matrix includes a set of point values according to the relative degree of reliability of the credit related information.
-
29. The method of claim 25, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a user'"'"'s response to the first query and for matching a user'"'"'s response to the second query for credit related information about the user.
-
30. The method of claim 25, wherein element (d) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a plurality of user'"'"'s responses to a second query for credit related information about the user.
-
31. The method of claim 25, wherein element (d) further comprises:
-
(i) comparing a response pattern of the user to a scoring matrix with at least one score corresponding to the relative degree of confidence in a predetermined user response pattern; and
(ii) generating an authenticity certainty score to determine whether to deny or grant further access to the host system service based upon the response pattern of the user.
-
-
32. The method of claim 25, wherein the credit reporting system comprises a plurality of credit reporting databases.
-
33. The method of claim 25, wherein the host system communicates with the user system and the credit-reporting system via the Internet.
-
34. An authentication system for authenticating a user in real-time, wherein the user attempts to access an on-line service via a remote user system, the authentication system comprising:
-
a host system for hosting the on-line service, the host system configured for;
(a) querying the user about a first type of information;
(b) determining a correspondence between the user'"'"'s response and the query about the first type of information;
(c) if the user sufficiently responds to the first query about the first type of information, second querying the user about credit related information; and
(d) accessing credit related information in a credit reporting system;
the credit reporting system configured for;
(e) communicating credit related information from a plurality of a user'"'"'s creditors to the host system; and
the host system further configured for;
(f) determining if the user sufficiently responds to the second query based upon a comparison of a user'"'"'s response to the second query to the credit related information of the user; and
(g) determining whether to grant or deny the user access to the on-line service based at least in part on the sufficiency of the user'"'"'s response to the second query. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
(i) generating an authenticity certainty score based upon at least one value stored in a scoring matrix.
-
-
36. The system of claim 35, wherein the scoring matrix includes a set of point values according to the relative degree of significance of the credit related information.
-
37. The system of claim 35, wherein the scoring matrix includes a set of point values according to the relative degree of reliability of the credit related information.
-
38. The system of claim 34, wherein element (f) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a user'"'"'s response to the first query and for matching a user'"'"'s response to the second query for credit related information about the user.
-
39. The system of claim 34, wherein element (f) further comprises:
(i) generating an authenticity certainty score based upon a collective set of values assigned for matching a plurality of user'"'"'s responses to a second query for credit related information about the user.
-
40. The system of claim 34, wherein element (f) further comprises:
-
(i) comparing a response pattern of the user to a scoring matrix with at least one score corresponding to the relative degree of confidence in a predetermined user response pattern; and
(ii) generating an authenticity certainty score to determine whether to deny or grant further access to the host system service based upon the response pattern of the user.
-
-
41. The system of claim 34, wherein the credit reporting system comprises a plurality of credit reporting databases.
-
42. The system of claim 34, wherein the host system communicates with the user system and the credit-reporting system via the Internet.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
Litigation Data
-
Current AssigneeEquifax, Inc.
-
Original AssigneeEquifax, Inc.
-
InventorsWilder, Jone, French, Jennifer
-
Primary Examiner(s)HUA, LY
-
Application NumberUS09/594,732Time in Patent Office914 DaysField of Search713/200, 713/201, 713/202, 235/379, 235/380, 235/382, 235/438, 340/5.41, 340/5.52, 902/3, 902/31, 902/5US Class Current726/7CPC Class CodesG06F 21/31 User authenticationG06F 21/33 using certificatesG06F 21/40 by quorum, i.e. whereby two...G06F 2221/2113 Multi-level security, e.g. ...G06Q 20/341 Active cards, i.e. cards in...G06Q 20/4014 Identity check for transact...G06Q 20/4097 using mutual authentication...G06Q 30/0609 Buyer or seller confidence ...G07F 7/1008 Active credit-cards provide...H04L 63/0823 using certificates cryptogr...H04L 63/105 Multiple levels of security
