Method and apparatus for token-based combining of risk ratings
First Claim
Patent Images
1. An apparatus comprising:
- a memory operable to store a plurality of tokens, wherein the plurality of tokens comprises a plurality of risk tokens, each risk token representing a risk rating, the risk rating being a numerical value indicating a risk associated with granting a particular user access to a particular resource;
a processor operable to;
monitor a user session to identify a plurality of transactions performed by the particular user;
store a token for each transaction of the plurality of transactions performed by the particular user during the user session;
apply a risk combination rule that specifies which risk tokens are related to one another to identify a set of related risk tokens comprising at least a first risk token associated with a first action and a second risk token associated with a second action, the first action comprising a previously performed withdrawal from a first account by the particular user, the second action comprising a previously performed withdrawal from a second account by the particular user, the set of related risk tokens comprising the set of risks associated with a set of transactions that are related to one another within the plurality of transactions performed by the particular user during the user session;
generate a composite risk token that represents an arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user; and
use the composite risk token that represents the arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user to facilitate the making of an access decision associated with a request for a withdrawal by the particular user from third account.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, an apparatus may store a plurality of tokens. The plurality of tokens may include a plurality of risk tokens. Each risk token may represent a risk rating. The risk rating may be a numerical value indicating a risk associated with granting a particular user access to a particular resource. The apparatus may identify a set of related risk tokens in the plurality of risk tokens, and generate a composite risk token that represents an arithmetic combination of the risk ratings represented by the set of related risk tokens. The apparatus may then use the composite risk token to facilitate the making of an access decision.
-
Citations
21 Claims
-
1. An apparatus comprising:
-
a memory operable to store a plurality of tokens, wherein the plurality of tokens comprises a plurality of risk tokens, each risk token representing a risk rating, the risk rating being a numerical value indicating a risk associated with granting a particular user access to a particular resource; a processor operable to; monitor a user session to identify a plurality of transactions performed by the particular user; store a token for each transaction of the plurality of transactions performed by the particular user during the user session; apply a risk combination rule that specifies which risk tokens are related to one another to identify a set of related risk tokens comprising at least a first risk token associated with a first action and a second risk token associated with a second action, the first action comprising a previously performed withdrawal from a first account by the particular user, the second action comprising a previously performed withdrawal from a second account by the particular user, the set of related risk tokens comprising the set of risks associated with a set of transactions that are related to one another within the plurality of transactions performed by the particular user during the user session; generate a composite risk token that represents an arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user; and use the composite risk token that represents the arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user to facilitate the making of an access decision associated with a request for a withdrawal by the particular user from third account. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for determining a composite risk token in a token-based environment, comprising:
-
monitoring a user session to identify a plurality of transactions performed by a particular user; storing a token for each transaction of the plurality of transactions performed during the user session, wherein the plurality of tokens comprises a plurality of risk tokens, each risk token representing a risk rating, the risk rating being a numerical value indicating a risk associated with granting the particular user access to a particular resource; applying a risk combination rule that specifies which risk tokens are related to one another to identify, by a processor, a set of related risk tokens comprising at least a first risk token associated with a first action and a second risk token associated with a second action, the first action comprising a previously performed withdrawal from a first account by the particular user, the second action comprising a previously performed withdrawal from a second account by the particular user, the set of related risk tokens comprising the set of risks associated with a set of transactions that are related to one another within the plurality of transactions performed by the particular user during the user session; generating, by the processor, a composite risk token that represents an arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user; and using the composite risk token that represents the arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user to facilitate the making of an access decision associated with a request for a withdrawal by the particular user from a third account. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
-
monitor a user session to identify a plurality of transactions performed by a particular user; store a token for each transaction of the plurality of transactions performed by the particular user during the user session, wherein the plurality of tokens comprises a plurality of risk tokens, each risk token representing a risk rating, the risk rating being a numerical value indicating a risk associated with granting the particular user access to a particular resource; apply a risk combination rule that specifies which risk tokens are related to one another to identify a set of related risk tokens comprising at least a first risk token associated with a first action and a second risk token associated with a second action, the first action comprising a previously performed withdrawal from a first account by the particular user, the second action comprising a previously performed withdrawal from a second account by the particular user, the set of related risk tokens comprising the set of risks associated with a set of transactions that are related to one another within the plurality of transactions performed by the particular user during the user session; generate a composite risk token that represents an arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user; and use the composite risk token that represents the arithmetic combination of at least the first risk token associated with the previously performed withdrawal from the first account by the particular user and the second risk token associated with the previously performed withdrawal from the second account by the particular user to facilitate the making of an access decision associated with a request for a withdrawal by the particular user from a third account. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification