User authentication

US 9,639,689 B1
Filed: 12/23/2013
Issued: 05/02/2017
Est. Priority Date: 12/23/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, by processing circuitry, a request to authenticate an electronic transaction involving a specific user seeking access to a computerized resource;

in response to receiving the request, analysing, by processing circuitry, at least one attribute associated with the electronic transaction, wherein the at least one attribute describes the electronic transaction involving the specific user;

based on the analysis, determining, by processing circuitry, an attack threat in connection with the electronic transaction, wherein the attack threat describes one of a stolen device and a stolen identification credential obtained by a fraudster;

based on the attack threat, selecting, by processing circuitry, an authentication challenge that challenges the specific user, wherein the attack threat acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential;

providing, by processing circuitry, the authentication challenge in a manner that requires the specific user to respond;

receiving, by processing circuitry, a user response to the authentication challenge;

generating, by processing circuitry, an authentication result based on the user response, the authentication result indicating whether the electronic transaction is authentic; and

utilizing, by processing circuitry, the authentication result to control access by the specific user to the computerized resource.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is disclosed a technique for use in authentication. The technique comprises selecting an authentication challenge when an authentication request is deemed risky. An attack threat determined to be associated with the authentication request acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential.

19 Citations

View as Search Results

12 Claims

1. A computer-implemented method, comprising:
- receiving, by processing circuitry, a request to authenticate an electronic transaction involving a specific user seeking access to a computerized resource;
  
  in response to receiving the request, analysing, by processing circuitry, at least one attribute associated with the electronic transaction, wherein the at least one attribute describes the electronic transaction involving the specific user;
  
  based on the analysis, determining, by processing circuitry, an attack threat in connection with the electronic transaction, wherein the attack threat describes one of a stolen device and a stolen identification credential obtained by a fraudster;
  
  based on the attack threat, selecting, by processing circuitry, an authentication challenge that challenges the specific user, wherein the attack threat acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential;
  
  providing, by processing circuitry, the authentication challenge in a manner that requires the specific user to respond;
  
  receiving, by processing circuitry, a user response to the authentication challenge;
  
  generating, by processing circuitry, an authentication result based on the user response, the authentication result indicating whether the electronic transaction is authentic; and
  
  utilizing, by processing circuitry, the authentication result to control access by the specific user to the computerized resource.
- View Dependent Claims (2, 3, 4)
- - 2. The method as claimed in claim 1, further comprising:
    - determining a riskiness in connection with the electronic transaction.
  - 3. The method as claimed in claim 2, wherein determining the riskiness comprises determining a risk score in connection with the electronic transaction.
  - 4. The method as claimed in claim 2, wherein determining the attack threat comprises determining the attack threat in connection with the electronic transaction in response to determining that the riskiness exceeds an unacceptable level of riskiness.

5. An apparatus, comprising:
- processing circuitry; and
  
  memory storing instructions for execution by the processing circuitry, the instructions comprising instructions to;
  
  receive a request to authenticate an electronic transaction involving a specific user seeking access to a computerized resource;
  
  in response to receiving the request, analyse at least one attribute associated with the electronic transaction, wherein the at least one attribute describes the electronic transaction involving the specific user;
  
  based on the analysis, determine an attack threat in connection with the electronic transaction, wherein the attack threat describes one of a stolen device and a stolen identification credential obtained by a fraudster;
  
  based on the attack threat, select an authentication challenge that challenges the specific user, wherein the attack threat acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential;
  
  provide the authentication challenge in a manner that requires the specific user to respond;
  
  receive a user response to the authentication challenge;
  
  generate an authentication result based on the user response, the authentication result indicating whether the electronic transaction is authentic; and
  
  utilize the authentication result to control access by the specific user to the computerized resource.
- View Dependent Claims (6, 7, 8)
- - 6. The apparatus as claimed in claim 5, further comprising instructions to:
    - determine a riskiness in connection with the electronic transaction.
  - 7. The apparatus as claimed in claim 6, wherein determining the riskiness comprises determining a risk score in connection with the electronic transaction.
  - 8. The apparatus as claimed in claim 6, wherein determining the attack threat comprises determining the attack threat in connection with the electronic transaction in response to determining that the riskiness exceeds an unacceptable level of riskiness.

9. A computer program product having a non-transitory computer readable medium storing instructions, the instructions, when carried out by one or more processors, causing the one or more processors to perform a method of:
- receiving a request to authenticate an electronic transaction involving a specific user seeking access to a computerized resource;
  
  in response to receiving the request, analysing at least one attribute associated with the electronic transaction, wherein the at least one attribute describes the electronic transaction involving the specific user;
  
  based on the analysis, determining an attack threat in connection with the electronic transaction, wherein the attack threat describes one of a stolen device and a stolen identification credential obtained by a fraudster;
  
  based on the attack threat, selecting an authentication challenge that challenges the specific user, wherein the attack threat acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential;
  
  providing the authentication challenge in a manner that requires the specific user to respond;
  
  receiving a user response to the authentication challenge;
  
  generating an authentication result based on the user response, the authentication result indicating whether the electronic transaction is authentic; and
  
  utilizing the authentication result to control access by the specific user to the computerized resource.
- View Dependent Claims (10, 11, 12)
- - 10. The computer program product as claimed in claim 9, further causing the one or more processors to perform a method of:
    - determining a riskiness in connection with the electronic transaction.
  - 11. The computer program product as claimed in claim 10, wherein determining the riskiness comprises determining a risk score in connection with the electronic transaction.
  - 12. The computer program product as claimed in claim 10, whereindetermining the attack threat comprises determining the attack threat in connection with the electronic transaction in response to determining that the riskiness exceeds an unacceptable level of riskiness.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Inventors
Herskovic, Maya, Bar-Menachem, Ika, Mihalache, Theodor
Primary Examiner(s)
Mehrmanesh, Amir
Assistant Examiner(s)
TAYLOR, SAKINAH W

Application Number

US14/138,451
Time in Patent Office

1,226 Days
Field of Search

726 4
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/44   Program or device authentic...

G06F 2221/2113   Multi-level security, e.g. ...

H04L 63/0861   using biometrical features,...

H04W 12/06   Authentication

H04W 12/126   Anti-theft arrangements, e....

User authentication

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

19 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links