Generating authentication challenges based on preferences of a user's contacts
First Claim
Patent Images
1. A computer-implemented method for generating user authentication challenges performed by one or more computing devices, the method comprising:
- receiving, at the one or more computing devices, an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information;
in response to receiving the authentication request, detecting, by the one or more computing devices, a potentially fraudulent authentication attempt based on one or more of the secondary authentication information and a failed authentication attempt, wherein the failed authentication attempt is detected based on analyzing the primary authentication information;
responsive to detecting the potentially fraudulent authentication attempt, identifying, by the one or more computing devices, one or more close contacts of an account owner using one or more factors;
determining, by the one or more computing devices, one or more preferences of the one or more close contacts;
generating, by the one or more computing devices, one or more authentication challenges based at least in part on at least one of the one or more preferences;
sending, by the one or more computing devices, the one or more authentication challenges to the user;
receiving, by the one or more computing devices, a response to the one or more authentication challenges from the user; and
assessing, by the one or more computing devices, completion of the one or more authentication challenges based on the response from the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Generating user authentication challenges based in part on preferences of one or more contacts of a user includes receiving an authentication request from a user. One or more contacts of the user associated with the authentication request are determined. One or more preferences of the close contact or contacts are determined. An authentication challenge based on the one or more preferences of one or more of the user'"'"'s contacts is generated. The authentication request is allowed or denied based on the completion on the authentication challenge.
78 Citations
30 Claims
-
1. A computer-implemented method for generating user authentication challenges performed by one or more computing devices, the method comprising:
-
receiving, at the one or more computing devices, an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information; in response to receiving the authentication request, detecting, by the one or more computing devices, a potentially fraudulent authentication attempt based on one or more of the secondary authentication information and a failed authentication attempt, wherein the failed authentication attempt is detected based on analyzing the primary authentication information; responsive to detecting the potentially fraudulent authentication attempt, identifying, by the one or more computing devices, one or more close contacts of an account owner using one or more factors; determining, by the one or more computing devices, one or more preferences of the one or more close contacts; generating, by the one or more computing devices, one or more authentication challenges based at least in part on at least one of the one or more preferences; sending, by the one or more computing devices, the one or more authentication challenges to the user; receiving, by the one or more computing devices, a response to the one or more authentication challenges from the user; and assessing, by the one or more computing devices, completion of the one or more authentication challenges based on the response from the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for generating user authentication challenges, the system comprising:
-
one or more processors and a memory, an authentication receiver, stored in the memory and executable by at least one of the one or more processors, that receives an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information, the authentication receiver communicatively coupled to the user; a fraudulent authentication detection engine, stored in the memory and executable by at least one of the one or more processors, that receives the authentication request from the authentication receiver and for detecting a potentially fraudulent authentication attempt based on one or more of the secondary authentication information and a failed authentication attempt, wherein the failed authentication attempt is detected based on analyzing the primary authentication information and wherein the fraudulent authentication detection engine is communicatively coupled to the authentication receiver; a close contact identifier engine, stored in the memory and executable by at least one of the one or more processors, that identifies one or more close contacts of an account owner using one or more factors responsive to the fraudulent authentication detection engine detecting the potentially fraudulent authentication attempt, the close contact identifier engine communicatively coupled to the fraudulent authentication detection engine; a contact preference engine, stored in the memory and executable by at least one of the one or more processors, that receives the one or more close contacts and for determining one or more preferences of the one or more close contacts, the contact preference engine communicatively coupled to the close contact identifier engine; a challenge generation engine, stored the memory and executable by at least one of the one or more computing processors, that generates one or more authentication challenges based on the one or more preferences and for sending the one or more authentication challenges to the user, the challenge generation engine communicatively coupled to the contact preference engine and the user; and a challenge assessment engine, stored the memory and executable by at least one of the one or more computing processors, that receives a response to the one or more authentication challenges from the user and for assessing completion of the one or more authentication challenges based on the response from the user, the challenge assessment engine communicatively coupled to the user. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product comprising a non-transitory computer usable storage medium including a computer readable program, the computer readable program when executed on a computer causes the computer to perform steps comprising:
-
receiving an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information; in response to receiving the authentication request, detecting a potentially fraudulent authentication attempt based on one or more of the secondary authentication information and a failed authentication attempt, wherein the failed authentication attempt is detected based on analyzing the primary authentication information; responsive to detecting the potentially fraudulent authentication attempt, identifying one or more close contacts of an account owner using one or more factors; determining one or more preferences of the one or more close contacts; generating one or more authentication challenges based at least in part on at least one of the one or more preferences; sending the one or more authentication challenges to the user; receiving a response to the one or more authentication challenges from the user; and assessing completion of the one or more authentication challenges based on the response from the user. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification