Nodal random authentication
First Claim
Patent Images
1. A method of selectively enabling access to functions of a transaction application requested by a user of a client electronic device, the transaction applications respectively corresponding to application nodes, the method comprising:
- authenticating, using one or more server computers, the user for access to an entry point of the transaction application;
making a determination, using one or more server computers, whether to require re-authentication of the user for access to an application node other than the entry point, wherein;
(1) making the determination comprises executing a random weight determination module to assign a randomly generated respective weight value to each of a plurality of application nodes that would not otherwise require authentication; and
(2) as the user traverses one or more of the plurality of application nodes, comparing a sum of at least one respective weight value of the traversed application nodes, wherein the traversed application nodes include the application node currently being traversed, to a threshold value to determine whether re-authentication of the user is required prior to granting access to the function of the transaction application corresponding to the currently traversed application node; and
if the determination indicates that re-authentication of the user is required prior to granting access to a function of the transaction application corresponding to the application node, requiring re-authentication of the user if the user attempts to traverse the application node.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and computer program products related to transaction application security are disclosed. In a particular embodiment, application nodes are randomly selected for requiring re-authentication of a user traversing nodes of the application. These and other embodiments are more fully disclosed herein.
-
Citations
16 Claims
-
1. A method of selectively enabling access to functions of a transaction application requested by a user of a client electronic device, the transaction applications respectively corresponding to application nodes, the method comprising:
-
authenticating, using one or more server computers, the user for access to an entry point of the transaction application; making a determination, using one or more server computers, whether to require re-authentication of the user for access to an application node other than the entry point, wherein; (1) making the determination comprises executing a random weight determination module to assign a randomly generated respective weight value to each of a plurality of application nodes that would not otherwise require authentication; and (2) as the user traverses one or more of the plurality of application nodes, comparing a sum of at least one respective weight value of the traversed application nodes, wherein the traversed application nodes include the application node currently being traversed, to a threshold value to determine whether re-authentication of the user is required prior to granting access to the function of the transaction application corresponding to the currently traversed application node; and if the determination indicates that re-authentication of the user is required prior to granting access to a function of the transaction application corresponding to the application node, requiring re-authentication of the user if the user attempts to traverse the application node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product embedded in a non-transitory computer readable medium including instructions executable by a computer processor to selectively require authentication of a user of a client electronic device for access to functions corresponding to application nodes of a transaction application by:
-
authenticating the user for access to an entry point of the transaction application; making a determination whether to require re-authentication of the user for access to an application node other than the entry point wherein making the determination comprises; (1) executing a random weight determination module to assign a randomly generated respective weight value to each of a plurality of application nodes that would not otherwise require authentication; and (2) as the user traverses one or more of the plurality of application nodes, comparing a sum of at least one respective weight value of the traversed application nodes, wherein the traversed application nodes include the application node currently being traversed, to a threshold value to determine whether re-authentication of the user is required prior to granting access to the function of the transaction application corresponding to the currently traversed application node; and if the determination indicates that re-authentication of the user is required prior to granting access to the function of the transaction application corresponding to the application node, requiring re-authentication of the user if the user attempts to traverse the application node. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification