Generating authentication challenges based on social network activity information
First Claim
1. A computer-implemented method for generating user authentication challenges, the method comprising:
- receiving a login request from a user wherein the login request includes an account owner'"'"'s correct username and password and additional login information from the user;
in response to receiving the login request, detecting a potential fraudulent login attempt based on the additional login information from the user;
analyzing social network activity information of the account owner using aggregate statistical data of a plurality of users to determine a plurality of social network activity patterns or social network activity information of the account owner to serve as a basis for an authentication challenge;
performing analysis to determine which social network activity pattern or social network activity information of the account owner from the plurality of social network activity patterns or social network activity information serve as a secure basis for generating the authentication challenge;
generating the authentication challenge based at least in part on one or more of the determined social network activity information and the determined social network activity pattern of the account owner that are determined as the secure basis for the authentication challenge; and
sending the authentication challenge for display, wherein the authentication challenge includes an inquiry regarding the social network activity information of the account owner.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for generating user authentication challenges based at least in part on an account owner'"'"'s social network activity information. A login request including an account owner'"'"'s correct username and password as well as additional login information is received from a user. The login attempt is detected as a potentially fraudulent based on the additional login information from the user. The account owner'"'"'s social network activity information is analyzed. An authentication challenge based at least in part on the account owner'"'"'s social network activity information is generated and sent for display. The login request is allowed or denied based on the completion on the authentication challenge.
45 Citations
18 Claims
-
1. A computer-implemented method for generating user authentication challenges, the method comprising:
-
receiving a login request from a user wherein the login request includes an account owner'"'"'s correct username and password and additional login information from the user; in response to receiving the login request, detecting a potential fraudulent login attempt based on the additional login information from the user; analyzing social network activity information of the account owner using aggregate statistical data of a plurality of users to determine a plurality of social network activity patterns or social network activity information of the account owner to serve as a basis for an authentication challenge; performing analysis to determine which social network activity pattern or social network activity information of the account owner from the plurality of social network activity patterns or social network activity information serve as a secure basis for generating the authentication challenge; generating the authentication challenge based at least in part on one or more of the determined social network activity information and the determined social network activity pattern of the account owner that are determined as the secure basis for the authentication challenge; and sending the authentication challenge for display, wherein the authentication challenge includes an inquiry regarding the social network activity information of the account owner. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for generating user authentication challenges, the system comprising:
-
one or more processors; a login receiver engine stored on a memory and executable by the one or more processors for receiving a login request, wherein the login request includes an account owner'"'"'s correct username and password and additional login information from a user; a fraudulent login detection engine stored on a memory and executable by the one or more processors for detecting a potentially fraudulent login based on the additional login information from the user; a social network activity information analysis engine stored on a memory and executable by the one or more processors for analyzing the social network activity information of the account owner using aggregate statistical data of a plurality of users to determine a plurality of social network activity patterns or social network activity information of the account owner to serve as a basis for an authentication challenge, and performing analysis to determine which social network activity pattern or social network activity information of the account owner from the plurality of social network activity patterns or social network activity information serve as a secure basis for generating the authentication challenge; a challenge generation engine stored on a memory and executable by the one or more processors for generating the authentication challenge based at least in part on one or more of the determined social network activity information and the determined social network activity pattern that are determined as the secure basis for the authentication challenge, and for sending the authentication challenge for display. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product comprising a non-transitory computer usable storage medium including a computer readable program, the computer readable program when executed by a processor causes the processor to:
-
receive a login request from a user wherein the login request includes an account owner'"'"'s correct username and password and additional login information from the user; in response to receiving the login request, detect a potential fraudulent login attempt based on the additional login information from the user; analyze social network activity information of the account owner using aggregate statistical data of a plurality of users to determine a plurality of social network activity patterns or social network activity information of the account owner to serve as a basis for an authentication challenge; perform analysis to determine which social network activity pattern or social network activity information of the account owner from the plurality of social network activity patterns or social network activity information serve as a secure basis for generating the authentication challenge; generate the authentication challenge based at least in part on one or more of the determined social network activity information and the determined social network activity pattern of the account owner that are determined as the secure basis for the authentication challenge; and send the authentication challenge for display, wherein the authentication challenge includes an inquiry regarding the social network activity information of the account owner. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification