Familiar dynamic human challenge response test content
First Claim
1. A method comprising:
- receiving transaction data associated with a plurality of transactions;
scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data;
extracting, by a server computer, a plurality of challenge items from the scrubbed transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data, wherein the plurality of challenge items include a plurality of different types of transaction data;
storing the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages; and
electronically providing a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention are directed to human challenge response test delivery systems and methods. Specifically, embodiments of the present invention are directed to secure human challenge response test delivery services of configurable difficulty for user devices. One embodiment of the present invention is directed to methods and systems for implementing a familiar and dynamic human challenge response test challenge repository created from transaction data. The dynamic human challenge response test challenge repository may be created by a server computer receiving a plurality of transaction data. Challenge items may be extracted from the transaction data using an extraction algorithm. Furthermore, in some embodiments a challenge message may be sent to a requestor, a verification request may be received, and the verification request may be compared to the challenge message. Another embodiment may be directed at using user information in a human challenge response test to mutually authenticate a user and a service provider.
-
Citations
22 Claims
-
1. A method comprising:
-
receiving transaction data associated with a plurality of transactions; scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data; extracting, by a server computer, a plurality of challenge items from the scrubbed transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data, wherein the plurality of challenge items include a plurality of different types of transaction data; storing the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages; and electronically providing a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A server computer comprising:
-
a processor; and a non-transitory computer readable medium coupled to the processor and comprising code executable by the processor to implement a method, the method comprising; receiving transaction data associated with a plurality of transactions; scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data; extracting a plurality of challenge items from the transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data, wherein the plurality of challenge items include a plurality of different types of transaction data; storing the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages; and providing a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository. - View Dependent Claims (11, 12, 13)
-
-
14. A method comprising:
-
receiving a user identifier; determining a challenge repository associated with the user identifier; generating, by a server computer, a challenge message including a personal challenge item from the challenge repository and one or more false challenges, wherein the personal challenge item is associated with a challenge question and wherein the false challenges are associated with the challenge question; distorting the challenge message to create a distorted challenge message; providing the distorted challenge message and the challenge question to a user, wherein the challenge question is associated with the personal challenge item; receiving a challenge response including a user input from the user; determining whether the user input included in the challenge response matches the personal challenge item in the distorted challenge message; and authenticating the user as being both a human and being associated with the user identifier where the user input included in the challenge response matches the personal challenge item, and wherein the user authenticates the server computer as being legitimate where the user recognizes the personal challenge item from the one or more false challenges. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A server computer comprising:
-
a processor; and a non-transitory computer readable medium coupled to the processor and comprising code, executable by the processor, the code being configured to perform the steps of; receiving a user identifier; determining challenge data associated with the user identifier; generating a challenge message including a personal challenge item from the challenge repository and one or more false challenges, wherein the personal challenge item is associated with a challenge question and wherein the false challenges are associated with the challenge question; distorting the challenge message to create a distorted challenge message; providing the distorted challenge message and the challenge question to a user; receiving a challenge response from the user; determining whether the challenge response matches the personal challenge item; and authenticating the user as being both a human and being associated with the user identifier where the user input included in the challenge response matches the personal challenge item, and wherein the user authenticates the server computer as being legitimate where the user recognizes the personal challenge item from the one or more false challenges. - View Dependent Claims (20, 21, 22)
-
Specification