Verification and authentication systems and methods
First Claim
1. A method of controlling access by a user to vendor information technology systems using a verification/authentication engine, comprising:
- (a) receiving an inquiry to the verification/authentication engine on an authentication server from a vendor system to verify a particular user for a particular transaction;
(b) based on an identification of a channel through which the user selects to access the vendor system and on vendor specified;
(i) assignment of a level of risk for the particular transaction;
(ii) a verification level to meet the assigned level of risk; and
(iii) a plurality of data sources which contain information about the user, querying the user, using questions generated based on the channel and data from at least two of the plurality of data sources;
(c) determining, by the verification/authentication engine on the authentication server, at least one of a confidence level or a score based on the extent to which the user correctly answers the questions; and
(d) sending the at least one of the confidence level or the score to the vendor system configured to determine whether to grant or deny access by the user to the vendor information technology systems based on the at least one of the confidence level or the score.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide verification and/or authentication service engines that provide a customizable solution that can be “dialed” based on the risk level assigned to individual or grouped applications. The systems can also incorporate internal and external sources of data used to verify information provided by the user. It is dynamic and can pull information from a myriad of sources during the verification process, enabling credit reporting agencies (e.g., Equifax and others), FSPs, and other service providers to facilitate real-time approval and access to products and services.
-
Citations
40 Claims
-
1. A method of controlling access by a user to vendor information technology systems using a verification/authentication engine, comprising:
-
(a) receiving an inquiry to the verification/authentication engine on an authentication server from a vendor system to verify a particular user for a particular transaction; (b) based on an identification of a channel through which the user selects to access the vendor system and on vendor specified; (i) assignment of a level of risk for the particular transaction; (ii) a verification level to meet the assigned level of risk; and (iii) a plurality of data sources which contain information about the user, querying the user, using questions generated based on the channel and data from at least two of the plurality of data sources; (c) determining, by the verification/authentication engine on the authentication server, at least one of a confidence level or a score based on the extent to which the user correctly answers the questions; and (d) sending the at least one of the confidence level or the score to the vendor system configured to determine whether to grant or deny access by the user to the vendor information technology systems based on the at least one of the confidence level or the score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A system comprising:
an authentication server capable of communicating with a vendor system, the authentication server comprising a verification/authentication engine configured to cause the authentication server to; receive an inquiry from the vendor system, the inquiry representing a request to verify a user for a transaction, the request comprising an identification of a channel adapted for selection through which the user accesses the vendor system and vendor specified; a level of risk for the transaction; a verification level for the level of risk; and a plurality of data sources which contain information about the user; formulate a plurality of questions based on the channel and data associated with the user from at least one of the plurality of data sources by selecting the data associated with the user based on the channel, the level of risk for the transaction, and the verification level for the level of risk; transmit the plurality of questions for presentation to the user; receive a plurality of answers for the plurality of questions from the user, each answer of the plurality of answers being for a question of the plurality of questions; determine a confidence level based on the plurality of answers; and transmit the confidence level to the vendor system that is configured to determine whether to grant or deny access by the user to information of the vendor system based on the confidence level. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
Specification