Risk-based transaction authentication
First Claim
1. Apparatus for authenticating a customer in a banking transaction between the customer and a banking services provider, the apparatus comprising:
- an electronic processor module configured to;
calculate a plurality of channel-specific customer reference profile values for a customer, each channel-specific customer reference profile value being (1) associated with a different customer reference information channel and (2) based on one or more event variables from a plurality of banking transactions conducted via the customer reference information channel, wherein;
one of the customer reference information channels comprises an online banking services channel;
a channel-specific customer reference profile associated with the online banking services channel is based in part on;
a first event variable from a transaction conducted via the online banking services channel comprising an Internet Protocol address identifier, a device identifier or a cookie identifier; and
a second event variable from a transaction conducted via the online banking services channel comprising a dollar value of transaction, percentage of balance or transaction location;
determine a first prospective transaction profile value, wherein the first prospective transaction profile value is based on one or more event variables from a prospective banking transaction initiated in the name of the customer via one of the customer reference information channels,identify a first channel-specific customer reference profile value, the first channel-specific customer reference profile value corresponding to the customer reference information channel from the prospective banking transaction;
determine a difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and
generate a first risk score based on the difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and
an output device configured to output authentication test information, the authentication test information based on the first risk score and a threshold score, wherein the threshold score quantitatively corresponds to the likelihood of a fraudulent act;
wherein, when the first risk score exceeds the threshold score, the authentication test information is further configured to;
identify a second prospective transaction profile with a second risk score, the second risk score based on a difference between the second prospective transaction profile and a second channel-specific customer reference profile value, wherein the second risk score does not exceed the threshold score, wherein the customer reference information channel that corresponds to the second channel-specific customer reference profile value is not the same as the customer reference information channel that corresponds to the first channel-specific customer reference profile value; and
based on the second prospective transaction profile value, authenticate the transaction via the customer reference information channel that corresponds to the second channel-specific customer reference profile value.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods for authorizing an exchange between a customer and a services provider. The apparatus may include an electronic processor that is configured to: (1) calculate a reference event profile; and (2) determine a difference between a prospective transaction profile and the reference event profile. The prospective transaction profile may be based on the initiation of a prospective transaction by an individual whose identity has not been verified. The reference event profile may be based on a plurality of customer events that correspond to one or many different customers. The apparatus may include an output device that is configured to output authentication test information that corresponds to the difference. The authentication test information may support a revised prospective transaction profile that is more similar to the reference event profile than is the initial prospective event profile.
73 Citations
21 Claims
-
1. Apparatus for authenticating a customer in a banking transaction between the customer and a banking services provider, the apparatus comprising:
-
an electronic processor module configured to; calculate a plurality of channel-specific customer reference profile values for a customer, each channel-specific customer reference profile value being (1) associated with a different customer reference information channel and (2) based on one or more event variables from a plurality of banking transactions conducted via the customer reference information channel, wherein; one of the customer reference information channels comprises an online banking services channel; a channel-specific customer reference profile associated with the online banking services channel is based in part on; a first event variable from a transaction conducted via the online banking services channel comprising an Internet Protocol address identifier, a device identifier or a cookie identifier; and a second event variable from a transaction conducted via the online banking services channel comprising a dollar value of transaction, percentage of balance or transaction location; determine a first prospective transaction profile value, wherein the first prospective transaction profile value is based on one or more event variables from a prospective banking transaction initiated in the name of the customer via one of the customer reference information channels, identify a first channel-specific customer reference profile value, the first channel-specific customer reference profile value corresponding to the customer reference information channel from the prospective banking transaction; determine a difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and generate a first risk score based on the difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and an output device configured to output authentication test information, the authentication test information based on the first risk score and a threshold score, wherein the threshold score quantitatively corresponds to the likelihood of a fraudulent act; wherein, when the first risk score exceeds the threshold score, the authentication test information is further configured to; identify a second prospective transaction profile with a second risk score, the second risk score based on a difference between the second prospective transaction profile and a second channel-specific customer reference profile value, wherein the second risk score does not exceed the threshold score, wherein the customer reference information channel that corresponds to the second channel-specific customer reference profile value is not the same as the customer reference information channel that corresponds to the first channel-specific customer reference profile value; and based on the second prospective transaction profile value, authenticate the transaction via the customer reference information channel that corresponds to the second channel-specific customer reference profile value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory computer-readable storage media storing computer-executable instructions which, when executed by a processor on a computer system, perform a method for authenticating a customer in a transaction between the customer and a banking services provider, the instructions comprising:
-
a first set of instructions for using an electronic processor module to calculate a plurality of channel-specific customer reference profile values for a customer, each channel-specific customer reference profile value being (1) associated with a different customer reference information channel and (2) based on one or more event variables from a plurality of banking transactions conducted via the customer reference information channel, wherein; one of the customer reference information channels comprises an online banking services channel; a first event variable from a transaction conducted via the online banking services channel comprises an Internet Protocol address identifier, a device identifier or a cookie identifier; and a second event variable from a transaction conducted via the online banking services channel comprises a dollar value of transaction, percentage of balance or transaction location; a second set of instructions for using the electronic processor module to determine a first prospective transaction profile value, wherein the first prospective transaction profile value is based on one or more event variables from a prospective banking transaction initiated in the name of the customer via one of the customer reference information channels, wherein; a third set of instructions for using the electronic processor module to identify a first channel-specific customer reference profile value, the first channel-specific customer reference profile value corresponding to the customer reference information channel from the prospective banking transaction, and determine a difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; a fourth set of instructions for using the electronic processor module to generate a first risk score based on the difference between the first prospective transaction profile value and the first customer reference profile value; and a fifth set of instructions for using an output device to output authentication test information that is based on the first risk score and a threshold score, wherein the threshold score quantitatively corresponds to the likelihood of a fraudulent act; wherein, when the first risk score exceeds the threshold score, the authentication test information is further configured to; identify a second prospective transaction profile value with a second risk score, the second risk score based on a difference between the second prospective transaction profile value and a second channel-specific customer reference profile value, wherein the second risk score does not exceed the threshold score, wherein the customer reference information channel that corresponds to the second channel-specific customer reference profile value is not the same as the customer reference information channel that corresponds to the first channel-specific customer reference profile value; and based on the second prospective transaction profile value, authenticate the transaction via the customer reference information channel that corresponds to the second channel-specific customer reference profile value. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method for authenticating a customer in a transaction between the customer and a banking services provider, the method comprising:
-
using an electronic processor module; calculating a plurality of channel-specific customer reference profile values for a customer, each channel-specific customer reference profile value being (1) associated with a different customer reference information channel and (2) based on one or more event variables from a plurality of banking transactions conducted via the customer reference information channel, a customer reference profile based on an event variable from a banking transaction conducted via a customer reference information channel, wherein; one of the customer reference information channels comprises an online banking services channel; a first event variable from a transaction conducted via the online banking services channel comprises an Internet Protocol address identifier, a device identifier or a cookie identifier; and a second event variable from a transaction conducted via the online banking services channel comprises a dollar value of transaction, percentage of balance or transaction location; determining a first prospective transaction profile value, wherein the first prospective transaction profile value is based on an event variable from a prospective banking transaction initiated in the name of the customer via one of the customer reference information channels identifying a first channel-specific customer reference profile value, the first channel-specific customer reference profile value corresponding to the customer reference information channel from the prospective banking transaction; determining a difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and
,generating a first risk score based on the difference between the first prospective transaction profile value and the first channel-specific customer reference profile value; and using an output device, outputting authentication test information that is based on the first risk score and a threshold score, wherein the threshold score quantitatively corresponds to the likelihood of a fraudulent act; wherein, when the risk score exceeds the threshold score, the authentication test information is further configured to; identify a second prospective transaction profile value with a second risk score, the second risk score based on a difference between the second prospective transaction profile value and a second channel-specific customer reference profile value, wherein the second risk score does not exceed the threshold score; and based on the second prospective transaction profile value, authenticate the transaction via the customer reference information channel that corresponds to the second channel-specific customer reference profile value. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification