×

Transaction authentication management including authentication confidence testing

  • US 8,832,798 B2
  • Filed: 09/08/2011
  • Issued: 09/09/2014
  • Est. Priority Date: 09/08/2011
  • Status: Expired due to Fees
First Claim
Patent Images

1. An authentication method, the method comprising:

  • receiving from an initiating user, by a security tool, a request for a transaction;

    accessing, by the security tool, a personal profile information store, an application profile information store, an authentication layer information store, a verification layer information store and an analysis layer information store to perform a first authentication and subsequent authentications;

    determining, by the security tool, if the user is in a public location by utilizing environmental factors as input information, wherein the environmental factors include a number of faces in a digital image and a number of voices;

    performing, by the security tool, the first authentication of the initiating user for the transaction, the first authentication employing a first authentication level, wherein the first authentication level corresponds to a passive mode user authentication test, and wherein the security tool switches from the passive mode user authentication test of the first authentication to an active mode user authentication test in a user authentication subsequent to the first authentication of the user in response to the determining that the user is in a public location;

    determining, by the security tool, an observed confidence level that indicates a degree of certainty with respect to accuracy of the first authentication;

    comparing, by the security tool, the observed confidence level of the first authentication with a predetermined confidence threshold to determine if the observed confidence level exceeds the predetermined confidence level, wherein the security tool performs a plurality of subsequent authentications of the initiating user after the first authentication of the initiating user, and wherein the security tool determines and stores a learned user attribute history from the plurality of subsequent authentications, the security tool accessing the learned user attribute history to ascertain the correctness of at least one of the plurality of subsequent authentications, wherein the plurality of subsequent authentications includes a second authentication of the initiating user for the transaction;

    performing, by the security tool, the second authentication of the initiating user for the transaction in response to the security tool determining that the observed confidence level fails to exceed the predetermined confidence threshold, wherein the second authentication of the user employs a second authentication level that is different from the first authentication level;

    authorizing the transaction to proceed, by the security tool, if the observed confidence level exceeds the predetermined confidence threshold;

    halting the transaction, by the security tool, if the observed confidence level fails to exceed the predetermined confidence threshold.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×