Generating authentication challenges based on preferences of a user's contacts
First Claim
Patent Images
1. A computer-implemented method for generating user authentication challenges, the method comprising:
- receiving an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information from the user;
in response to receiving the authentication request, detecting a potentially fraudulent authentication attempt based on the secondary authentication information from the user;
identifying one or more contacts of an account owner based at least in part on a frequency of interaction between the account owner and the one or more contacts;
determining one or more preferences of the one or more contacts based on an analysis of information about the one or more contacts;
generating one or more authentication challenges based at least in part on the determined one or more preferences of the one or more contacts, the one or more authentication challenges including one or more questions about the determined one or more preferences of the one or more contacts based on the analysis;
assessing a response to the one or more authentication challenges; and
determining access based on the assessment.
2 Assignments
0 Petitions
Accused Products
Abstract
Generating user authentication challenges based in part on preferences of one or more contacts of a user includes receiving an authentication request from a user. One or more contacts of the user associated with the authentication request are determined. One or more preferences of the close contact or contacts are determined. An authentication challenge based on the one or more preferences of one or more of the user'"'"'s contacts is generated. The authentication request is allowed or denied based on the completion on the authentication challenge.
49 Citations
25 Claims
-
1. A computer-implemented method for generating user authentication challenges, the method comprising:
-
receiving an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information from the user; in response to receiving the authentication request, detecting a potentially fraudulent authentication attempt based on the secondary authentication information from the user; identifying one or more contacts of an account owner based at least in part on a frequency of interaction between the account owner and the one or more contacts; determining one or more preferences of the one or more contacts based on an analysis of information about the one or more contacts; generating one or more authentication challenges based at least in part on the determined one or more preferences of the one or more contacts, the one or more authentication challenges including one or more questions about the determined one or more preferences of the one or more contacts based on the analysis; assessing a response to the one or more authentication challenges; and determining access based on the assessment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for generating user authentication challenges, the system comprising:
-
one or more processors; an authentication receiver stored on a memory and executable by the one or more processors, the authentication receiver for receiving an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information from the user; a fraudulent authentication detection engine stored on the memory and executable by the one or more processors, the fraudulent authentication detection engine for detecting a potentially fraudulent authentication attempt based on the secondary authentication information from the user; a close contact identifier engine stored on the memory and executable by the one or more processors, the close contact identifier engine for identifying one or more contacts of an account owner based at least in part on a frequency of interaction between the account owner and the one or more contacts; a contact preference engine stored on the memory and executable by the one or more processors, the contact preference engine for determining one or more preferences of the one or more contacts based on an analysis of information about the one or more contacts; a challenge generation engine stored on the memory and executable by the one or more processors, the challenge generation engine for generating an authentication challenge based on the determined one or more preferences of the one or more contacts, the authentication challenge including a question about the determined one or more preferences of the one or more contacts based on the analysis; assess a response to the one or more authentication challenges; and determine access based on the assessment. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer program product comprising a non-transitory computer usable storage medium including a computer readable program, the computer readable program when executed by a processor causes the processor to:
-
receive an authentication request from a user, wherein the authentication request includes primary authentication information and secondary authentication information from the user; in response to receiving the authentication request, detect a potentially fraudulent authentication attempt based on the secondary authentication information from the user; identify one or more contacts of an account owner based at least in part on a frequency of interaction between the account owner and the one or more contacts; determine one or more preferences of the one or more contacts based on an analysis of information about the one or more contacts; generate one or more authentication challenges based at least in part on the determined one or more preferences of the one or more contacts, the one or more authentication challenges including one or more questions about the determined one or more preferences of the one or more contacts based on the analysis; assess a response to the one or more authentication challenges; and determine access based on the assessment.
-
Specification