Confidence-based authentication
First Claim
1. A computer-implemented method, comprising:
- assigning, by a programmed computer, an authentication requirement rating to an activity;
assigning, by the programmed computer, an authentication capability rating to each of one or more authentication methods, wherein the authentication capability rating indicates an ability of the one or more authentication methods to authenticate a user;
receiving, at the programmed computer, over a network from a remote user access device, a request from a user to perform the activity;
receiving, at the programmed computer over the network from the remote user access device, a first authentication sample result based on a first authentication attempt performed by the user using a first authentication method;
determining, by the programmed computer, a current authentication rating for the user based on the authentication capability rating of the first authentication method and the first authentication sample result;
adjusting, by the programmed computer, the current authentication rating determined for the user based on a second authentication method, wherein the second authentication method is a silent authentication method utilizing one or more factors determined about the user without presenting an explicit authentication challenge to the user;
determining, by the programmed computer, whether to allow the user to perform the requested activity based on a comparison of the authentication requirement rating associated with the activity requested by the user and the adjusted current authentication rating determined for the user; and
providing, by the programmed computer over the network to the remote user access device, a final authentication result.
1 Assignment
0 Petitions
Accused Products
Abstract
A programmed computer assigns an authentication requirement rating to an activity and an authentication capability rating to each of one or more authentication methods. The programmed computer receives a request from a user to perform the activity and a first authentication sample result based on a first authentication attempt performed by the user using a first authentication method. The programmed computer determines a current authentication rating for the user based on the authentication capability rating of the first authentication method and the first authentication sample result. The programmed computer then determines whether to allow the user to perform the requested activity based on a comparison of the authentication requirement rating associated with the activity requested by the user and the current authentication rating determined for the user. The programmed computer provides a final authentication result.
-
Citations
6 Claims
-
1. A computer-implemented method, comprising:
-
assigning, by a programmed computer, an authentication requirement rating to an activity; assigning, by the programmed computer, an authentication capability rating to each of one or more authentication methods, wherein the authentication capability rating indicates an ability of the one or more authentication methods to authenticate a user; receiving, at the programmed computer, over a network from a remote user access device, a request from a user to perform the activity; receiving, at the programmed computer over the network from the remote user access device, a first authentication sample result based on a first authentication attempt performed by the user using a first authentication method; determining, by the programmed computer, a current authentication rating for the user based on the authentication capability rating of the first authentication method and the first authentication sample result; adjusting, by the programmed computer, the current authentication rating determined for the user based on a second authentication method, wherein the second authentication method is a silent authentication method utilizing one or more factors determined about the user without presenting an explicit authentication challenge to the user; determining, by the programmed computer, whether to allow the user to perform the requested activity based on a comparison of the authentication requirement rating associated with the activity requested by the user and the adjusted current authentication rating determined for the user; and providing, by the programmed computer over the network to the remote user access device, a final authentication result. - View Dependent Claims (2)
-
-
3. A computer system, comprising:
-
a memory; and a processing device communicatively coupled to the memory, the processing device configured to; assign an authentication requirement rating to an activity; assign an authentication capability rating to each of one or more authentication methods, wherein the authentication capability rating indicates an ability of the one or more authentication methods to authenticate a user; receive, over a network from a remote user access device, a request from a user to perform the activity; receive, over the network from the remote user access device, a first authentication sample result based on a first authentication attempt performed by the user using a first authentication method; determine a current authentication rating for the user based on the authentication capability rating of the first authentication method and the first authentication sample result; adjust the current authentication rating determined for the user based on a second authentication method, wherein the second authentication method is a silent authentication method utilizing one or more factors determined about the user without presenting an explicit authentication challenge to the user; determine whether to allow the user to perform the requested activity based on a comparison of the authentication requirement rating associated with the activity requested by the user and the adjusted current authentication rating determined for the user; and provide, over the network to the remote user access device, a final authentication result. - View Dependent Claims (4)
-
-
5. A non-transitory computer-readable storage medium programmed to include instructions that, when executed by a processing device, cause the processing device to perform a method, said method comprising:
-
assigning an authentication requirement rating to an activity; assigning an authentication capability rating to each of one or more authentication methods, wherein the authentication capability rating indicates an ability of the one or more authentication methods to authenticate a user; receiving, over a network from a remote user access device, a request from a user to perform the activity; receiving, over the network from the remote user access device, a first authentication sample result based on a first authentication attempt performed by the user using a first authentication method; determining a current authentication rating for the user based on the authentication capability rating of the first authentication method and the first authentication sample result; adjusting the current authentication rating determined for the user based on a second authentication method, wherein the second authentication method is a silent authentication method utilizing one or more factors determined about the user without presenting an explicit authentication challenge to the user; determining whether to allow the user to perform the requested activity based on a comparison of the authentication requirement rating associated with the activity requested by the user and the adjusted current authentication rating determined for the user; and providing, over the network to the remote user access device, a final authentication result. - View Dependent Claims (6)
-
Specification