Seeding challenges for payment transactions
First Claim
Patent Images
1. A method comprising:
- during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message;
receiving, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction;
repeating the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions;
one or more processors inferring a verified answer to the challenge message based at least on a similarity of the received challenge responses; and
the one or more processors using the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and apparatus are provided for authenticating a consumer using challenge questions. A response to a challenge question is verified via seeding the challenge question, receiving response, and deductively determining the answer. The verified response and challenge question may then be used to authenticate a consumer as part of an authorization process.
131 Citations
24 Claims
-
1. A method comprising:
-
during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message; receiving, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction; repeating the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions; one or more processors inferring a verified answer to the challenge message based at least on a similarity of the received challenge responses; and the one or more processors using the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform an operation for determining whether a consumer is authorized to make a transaction, the instructions comprising:
-
during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message; receiving, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction; repeating the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions; inferring a verified answer to the challenge message based at least on a similarity of the received challenge responses; and using the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
an output configured to provide a challenge message to a consumer, wherein a correct response to the challenge message is not known by the system; an input configured to receive, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction; one or more processors configured to; repeat the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions; infer a verified answer to the challenge message based at least on a similarity of the received challenge responses; and use the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. - View Dependent Claims (22, 23, 24)
-
Specification