System and method for authentication of network users
DCFirst Claim
1. A method of granting or denying an authentication mechanism online and in real time by a host system, comprising:
- (a) first querying a user, who is operating a user system, about a first type of information;
(b) determining the extent to which the user correctly answers the first query;
(c) if the user sufficiently correctly answers the first query, second querying the user utilizing credit related information about the user wherein credit related information;
(i) is stored on a credit reporting system other than the user system or the host system; and
(ii) originates from a plurality of the user'"'"'s creditors who report to the credit reporting system credit related information about the user;
(d) in real time, determining the extent to which the user correctly answers the second query; and
(e) in real time and on-line, determining whether to grant or deny the user an authentication mechanism based at least part on the extent to which the user correctly answers the second query.
0 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A network authentication system provides verification of the identity or other attributes of a network user to conduct a transaction, access data or avail themselves of other resources. The user is presented with a hierarchy of queries based on wallet-type (basic identification) and non-wallet type (more private) information designed to ensure the identity of the user and prevent fraud, false negatives and other undesirable results. A preprocessing stage may be employed to ensure correct formatting of the input information and clean up routine mistakes (such as missing digits, typos, etc.) that might otherwise halt the transaction. Queries can be presented in interactive, batch processed or other format. The authenticator can be configured to require differing levels of input or award differing levels of authentication according to security criteria.
445 Citations
24 Claims
-
1. A method of granting or denying an authentication mechanism online and in real time by a host system, comprising:
-
(a) first querying a user, who is operating a user system, about a first type of information;
(b) determining the extent to which the user correctly answers the first query;
(c) if the user sufficiently correctly answers the first query, second querying the user utilizing credit related information about the user wherein credit related information;
(i) is stored on a credit reporting system other than the user system or the host system; and
(ii) originates from a plurality of the user'"'"'s creditors who report to the credit reporting system credit related information about the user;
(d) in real time, determining the extent to which the user correctly answers the second query; and
(e) in real time and on-line, determining whether to grant or deny the user an authentication mechanism based at least part on the extent to which the user correctly answers the second query. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for generating an authentication mechanism by a host system for a user operating a user system in real time, comprising:
-
(a) querying the user about a first type of information;
(b) determining a correspondence between the user'"'"'s response and the query about the first type of information;
(c) if a sufficient correspondence exists between the user'"'"'s response and the query about the first type of information, querying the user about credit related information, wherein the credit related information;
(i) is accessed by a credit reporting system separate from the user system and the host system; and
(ii) originates from a plurality of user'"'"'s creditors reporting credit related information about the user to the credit reporting system;
(d) determining a correspondence between the user'"'"'s response and the query for credit related information; and
(e) if a sufficient correspondence exists between the user'"'"'s response and the query about the credit-related information, generating an authentication mechanism for the user. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of issuing an authentication mechanism from a host system by granting or denying the authentication mechanism to the user operating a user system in real time, wherein the host system communicates with a credit reporting system maintaining credit related information from a plurality of the user'"'"'s creditors, the method comprising:
-
(a) querying the user about a first type of information;
(b) determining a correspondence between the user'"'"'s response and the query about the first type of information;
(c) if the user sufficiently responds to the first query about the first type of information, second querying the user about the user'"'"'s credit related information from the credit reporting system;
(d) determining if the user sufficiently responds to the query for credit related information; and
(e) determining whether to grant or deny the user an authentication mechanism based at least in part on the sufficiency of the user'"'"'s response to the second query. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. An authentication system for generating an authentication mechanism for a user in real-time, wherein the user communicates via a remote user system, the authentication system comprising:
-
a host system for communicating with the user system, the host system adapted to;
query the user about a first type of information;
determine a correspondence between the user'"'"'s response and the query about the first type of information;
if the user sufficiently responds to the first query about the first type of information, second query the user about credit related information; and
access credit related information in a credit reporting system;
the credit reporting system adapted to; communicate credit related information from a plurality of a user'"'"'s creditors to the host system; and
the host system further adapted to; determine if the user sufficiently responds to the second query based upon a comparison of a user'"'"'s response to the second query to the credit related information of the user; and
determine whether to grant or deny the user an authentication mechanism based at least in part on the sufficiency of the user'"'"'s response to the second query. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification