Adjustment of knowledge-based authentication
First Claim
Patent Images
1. A computer system for setting authentication requirements for a consumer associated with a consumer computing device, the computing system comprising:
- a consumer computing device through which financial account information of a consumer is accessible;
an authentication server in communication with a plurality of electronic devices to provide authentication of users of respective electronic devices;
a financial services server in communication with the consumer computing device, the financial services server storing information regarding financial accounts issued to respective consumers by a financial service provider;
wherein the financial services server executes software instructions to;
receive, from the consumer computing device via the Internet, a request to open a new financial account with the financial service provider;
transmit device identification information gathering code to the consumer computing device, the device identification information gathering code comprising one or more of device-aware parameter-submitting code, browser information gathering code, or device information gathering code;
receive device identification information associated with the consumer computing device gathered through the device identification information gathering code, the device identification information comprising one or more of;
device ID,device location,browser type,browser time zone,browser language settings,proxy settings,stated IP address, orreal IP address; and
transmit, to the authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device;
wherein the authentication server;
receives, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein an identity of the consumer is unknown to the financial service provider;
determines a real geolocation of the consumer computing device based on one or more of current GPS data or historical GPS data from the consumer computing device;
derives one or more behaviors of the consumer based on at least the device identification information, the one or more behaviors comprising one or more of;
a comparison between a masked geolocation indicating a location of a proxy server through which the device identification information is received and the determined real geolocation of the consumer computing device, ora comparison between the determined real geolocation of the consumer computing device and a browser geolocation indicated by a browser executing on the consumer computing device;
calculates a fraud risk score of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk score to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk score to decrease;
determines authentication requirements for the consumer based on the calculated fraud risk score, wherein the authentication requirements indicate one or more of;
a number of authentication questions the consumer is required to correctly answer,types of authentication questions the consumer is required to answer, ora percentage of authentication questions that must be correctly answered;
transmits one or more authentication questions to the consumer computing device in accordance with the determined authentication requirements, and receives corresponding responses from the consumer computing device;
determines, based on the authentication requirements for the consumer and the responses from the consumer computing device, whether the consumer is authenticated; and
transmits, to the financial service server, an indication of whether the consumer is authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for adjustment of difficulty level, quantity, and/or other parameters of knowledge-based authentication. The questions may be asked of a consumer based on one or more generated risk scores associated with the consumer'"'"'s behavior, which may be derived from information received from the consumer, a representative responsible for entering information regarding the consumer, and/or from the consumer'"'"'s computing device.
-
Citations
16 Claims
-
1. A computer system for setting authentication requirements for a consumer associated with a consumer computing device, the computing system comprising:
-
a consumer computing device through which financial account information of a consumer is accessible; an authentication server in communication with a plurality of electronic devices to provide authentication of users of respective electronic devices; a financial services server in communication with the consumer computing device, the financial services server storing information regarding financial accounts issued to respective consumers by a financial service provider; wherein the financial services server executes software instructions to; receive, from the consumer computing device via the Internet, a request to open a new financial account with the financial service provider; transmit device identification information gathering code to the consumer computing device, the device identification information gathering code comprising one or more of device-aware parameter-submitting code, browser information gathering code, or device information gathering code; receive device identification information associated with the consumer computing device gathered through the device identification information gathering code, the device identification information comprising one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, or real IP address; and transmit, to the authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device; wherein the authentication server; receives, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein an identity of the consumer is unknown to the financial service provider; determines a real geolocation of the consumer computing device based on one or more of current GPS data or historical GPS data from the consumer computing device; derives one or more behaviors of the consumer based on at least the device identification information, the one or more behaviors comprising one or more of; a comparison between a masked geolocation indicating a location of a proxy server through which the device identification information is received and the determined real geolocation of the consumer computing device, or a comparison between the determined real geolocation of the consumer computing device and a browser geolocation indicated by a browser executing on the consumer computing device; calculates a fraud risk score of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk score to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk score to decrease; determines authentication requirements for the consumer based on the calculated fraud risk score, wherein the authentication requirements indicate one or more of; a number of authentication questions the consumer is required to correctly answer, types of authentication questions the consumer is required to answer, or a percentage of authentication questions that must be correctly answered; transmits one or more authentication questions to the consumer computing device in accordance with the determined authentication requirements, and receives corresponding responses from the consumer computing device; determines, based on the authentication requirements for the consumer and the responses from the consumer computing device, whether the consumer is authenticated; and transmits, to the financial service server, an indication of whether the consumer is authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
a computer-readable storage medium for the financial services server comprising computer-executable instructions that direct the financial services server to; store information regarding financial accounts issued to respective consumers by a financial service provider; receive, from a consumer computing device via the Internet, a request to open a new financial account with the financial service provider; transmit device identification information gathering code to the consumer computing device, the device identification information gathering code comprising one or more of device-aware parameter-submitting code, browser information gathering code, or device information gathering code; receive device identification information associated with the consumer computing device gathered through the device identification information gathering code, the device identification information comprising one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, or real IP address; and transmit, to the authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device; a computer-readable storage medium for the authentication server comprises computer-executable instructions that direct the authentication server to; receive, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein an identity of the consumer is unknown to the financial service provider; determine a real geolocation of the consumer computing device based on one or more of current GPS data or historical GPS data from the consumer computing device; derive one or more behaviors of the consumer based on at least the device identification information, the one or more behaviors comprising one or more of; a comparison between a masked geolocation indicating a location of a proxy server through which the device identification information is received and the determined real geolocation of the consumer computing device, or a comparison between the determined real geolocation of the consumer computing device and a browser geolocation indicated by a browser executing on the consumer computing device; calculate a fraud risk score of the consumer based at least on the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk score to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk score to decrease; determine authentication requirements for the consumer based on the calculated fraud risk score, wherein the authentication requirements indicate one or more of; a number of authentication questions the consumer is required to correctly answer, types of authentication questions the consumer is required to answer, or a percentage of authentication questions that must be correctly answered; transmit one or more authentication questions to the consumer computing device in accordance with the determined authentication requirements, and receives corresponding responses from the consumer computing device; determine, based on the authentication requirements for the consumer and the responses from the consumer computing device, whether the consumer is authenticated; and transmit, to the financial service server, an indication of whether the consumer is authenticated. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computer-implemented method of setting authentication requirements for a consumer associated with a consumer computing device, the method comprising:
-
at a financial services server in communication with a consumer computing device, the financial services server storing information regarding financial accounts issued to respective consumers by a financial service provider, wherein financial account information of a consumer is accessible through the consumer computing device; receiving, from the consumer computing device via the Internet, a request to open a new financial account with the financial service provider; transmitting device identification information gathering code to the consumer computing device, the device identification information gathering code comprising one or more of device-aware parameter-submitting code, browser information gathering code, or device information gathering code; receiving device identification information associated with the consumer computing device gathered through the device identification information gathering code, the device identification information comprising one or more of; device ID, device location, browser type, browser time zone, browser language settings, proxy settings, stated IP address, or real IP address; and transmitting, to an authentication server, a request to set authentication requirements for the consumer and information allowing the authentication server to communicate with the consumer computing device; at the authentication server, the authentication server in communication with a plurality of electronic devices to provide authentication of users of respective electronic devices; receiving, from the financial services server via the Internet, the request to set authentication requirements for the consumer in response to the request transmitted from the consumer computing device to open the new financial account and device identification information associated with the consumer computing device, wherein an identity of the consumer is unknown to the financial service provider; determining a real geolocation of the consumer computing device based on one or more of current GPS data or historical GPS data from the consumer computing device; deriving one or more behaviors of the consumer based on at least the device identification information, the one or more behaviors comprising one or more of; a comparison between a masked geolocation indicating a location of a proxy server through which the device identification information is received and the determined real geolocation of the consumer computing device, or a comparison between the determined real geolocation of the consumer computing device and a browser geolocation indicated by a browser executing on the consumer computing device; calculating a fraud risk score of the consumer based on at least the one or more derived behaviors of the consumer, wherein respective derived behaviors indicative of potential fraud cause the fraud risk score to increase and respective derived behaviors not indicative of potential fraud cause the fraud risk score to decrease; determining authentication requirements for the consumer based on the calculated fraud risk score, wherein the authentication requirements indicate one or more of; a number of authentication questions the consumer is required to correctly answer, types of authentication questions the consumer is required to answer, or a percentage of authentication questions that must be correctly answered; transmitting one or more authentication questions to the consumer computing device in accordance with the determined authentication requirements, and receiving corresponding responses from the consumer computing device; determining, based on the authentication requirements for the consumer and the responses from the consumer computing device, whether the consumer is authenticated; and transmitting, to the financial service server, an indication of whether the consumer is authenticated. - View Dependent Claims (16)
-
Specification