User-touchscreen interaction analysis authentication system
First Claim
1. A method for authenticating a user participating in an Internet commerce session through a client touchscreen device in communication with an e-commerce transaction system via an Internet Protocol (IP) network, the method comprising the steps of:
- a computer of the system receiving a request for an e-commerce session related action via the client touchscreen from the user,the computer of the system performing a primary authentication chosen from the group consisting of;
username-password authentication, security code authentication, PIN (Personal Identification Number) authentication, Credit card or Debit card authentication, call-back authentication and OTP (One Time Password) authentication;
the computer of the system receiving as part of the requested e-commerce session, user-touchscreen interaction data regarding at least one characteristic of how the user interacted with the touchscreen in the course of the e-commerce session;
the computer of the system determining, without making user aware of the additional authentication, whether the requested e-commerce session related action requires additional authentication of the user;
if the requested e-commerce session related action requires additional authentication from the user, the computer of the system analyzing the user touchscreen interaction data to detect behavioral biometrics of the user within the e-commerce session by the steps of;
locating a user profile associated with the authentication of the user within a database;
the user profile comprising interaction data derived from analysis of previous user-touchscreen interactions;
comparing the received user-touchscreen interactions within the requested e-commerce session to interaction data in the user profile to determine a score; and
if the score meets or exceeds a determined threshold, verifying authentication of the user and sending permission to the client touchscreen to allow the requested e-commerce session related action.
1 Assignment
0 Petitions
Accused Products
Abstract
A user participating in an e-commerce session can be authenticated based on user-touchscreen interaction analysis. That is, a user requested action can be determined that requires additional authentication. Such authentication can further include, requesting analysis of user-touchscreen interaction for the e-commerce session and receiving a pattern matching score for the session from a computer. The pattern matching score can provide an indication of a comparison between the user'"'"'s interaction with a touchscreen during the session and a pre-established user-touchscreen interaction profile for the user. A computer can perform a verification action to verify an identity of the user based on the received pattern matching score. Responsive to a successful verification of the identity, the computer can perform the requested action.
75 Citations
20 Claims
-
1. A method for authenticating a user participating in an Internet commerce session through a client touchscreen device in communication with an e-commerce transaction system via an Internet Protocol (IP) network, the method comprising the steps of:
-
a computer of the system receiving a request for an e-commerce session related action via the client touchscreen from the user, the computer of the system performing a primary authentication chosen from the group consisting of;
username-password authentication, security code authentication, PIN (Personal Identification Number) authentication, Credit card or Debit card authentication, call-back authentication and OTP (One Time Password) authentication;the computer of the system receiving as part of the requested e-commerce session, user-touchscreen interaction data regarding at least one characteristic of how the user interacted with the touchscreen in the course of the e-commerce session; the computer of the system determining, without making user aware of the additional authentication, whether the requested e-commerce session related action requires additional authentication of the user; if the requested e-commerce session related action requires additional authentication from the user, the computer of the system analyzing the user touchscreen interaction data to detect behavioral biometrics of the user within the e-commerce session by the steps of; locating a user profile associated with the authentication of the user within a database;
the user profile comprising interaction data derived from analysis of previous user-touchscreen interactions;comparing the received user-touchscreen interactions within the requested e-commerce session to interaction data in the user profile to determine a score; and if the score meets or exceeds a determined threshold, verifying authentication of the user and sending permission to the client touchscreen to allow the requested e-commerce session related action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus for authenticating a user participating in an Internet commerce session through a client touchscreen device in communication with an e-commerce transaction system via an Internet Protocol (IP) network, the apparatus comprising:
-
one or more computer-readable non-transitory storage devices; computer usable program code, stored on at least one of the one or more non-transitory storage devices, wherein execution of the stored computer usable program code by a process causes the processor or a device within which the processor is operational to receive a request for an e-commerce session related action via the client touchscreen; computer usable program code, stored on at least one of the one or more non-transitory storage devices, wherein execution of the stored computer usable program code by a process causes the processor or a device within which the processor is operational to perform a primary authentication chosen from the group consisting of;
username-password authentication, security code authentication, PIN (Personal Identification Number) authentication, Credit card or Debit card authentication, call-back authentication and OTP (One Time Password) authentication;computer usable program code, stored on at least one of the one or more non-transitory storage devices, wherein execution of the stored computer usable program code by a process causes the processor or a device within which the processor is operational to receive as part of the requested e-commerce session, user-touchscreen interaction data regarding at least one characteristic of how the user interacted with the touchscreen in the course of the e-commerce session; computer usable program code, stored on at least one of the one or more non-transitory storage devices, wherein execution of the stored computer usable program code by a process causes the processor or a device within which the processor is operational to determine without making user aware of the additional authentication whether the requested e-commerce session related action requires additional authentication of the user; computer usable program code, stored on at least one of the one or more non-transitory storage devices, wherein execution of the stored computer usable program code by a process causes the processor or a device within which the processor is operational to, if the requested e-commerce session related action requires additional authentication from the user, analyzing the user-touchscreen interaction data to detect behavioral biometrics of the user within the e-commerce session by; locating a user profile associated with the authentication of the user within a database;
the user profile comprising interaction data derived from analysis of previous user-touchscreen interactions;comparing the received user-touchscreen interactions within the requested e-commerce session to interaction data in the user profile to determine a score; and if the score meets or exceeds a determined threshold, verifying authentication of the user and sending permission to the client touchscreen to allow the requested e-commerce session related action. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer system for authenticating a user participating in an Internet commerce session through a client touchscreen device in communication with an e-commerce transaction system via an Internet Protocol (IP) network, the computer system comprising:
-
one or more processors, one or more computer-readable memories and one or more computer-readable tangible storage devices; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to receive a request for an e-commerce session related action via the client touchscreen from the user; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to perform a primary authentication chosen from the group consisting of;
username-password authentication, security code authentication, PIN (Personal Identification Number) authentication, Credit card or Debit card authentication, call-back authentication and OTP (One Time Password) authentication;program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to receive as part of the requested e-commerce session, user-touchscreen interaction data regarding at least one characteristic of how the user interacted with the touchscreen in the course of the e-commerce session; program instructions, stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, to determine, without making user aware of the additional authentication, whether the requested e-commerce session related action requires additional authentication of the user; if the requested e-commerce session related action requires additional authentication from the user, the computer of the system analyzing the user touchscreen interaction data to detect behavioral biometrics of the user within the e-commerce session by the program instructions of; locating a user profile associated with the authentication of the user within a database;
the user profile comprising interaction data derived from analysis of previous user-touchscreen interactions;comparing the received user-touchscreen interactions within the requested e-commerce session to interaction data in the user profile to determine a score; and if the score meets or exceeds a determined threshold, verifying authentication of the user and sending permission to the client touchscreen to allow the requested e-commerce session related action. - View Dependent Claims (19, 20)
-
Specification