Triggering a request for an authentication
First Claim
Patent Images
1. A method, comprising:
- storing historic metric data for past communication sessions between a client device and one or more server computers associated with a service provider, the historic metric data comprising one or more of the following;
performance metric data, behavioral metric data, or environmental metric data;
for a current communication session between the client device and the service provider, receiving a first-level authentication, including a password, from the client device;
during the current communication session, receiving a request from the client device for an action to be performed by the service provider;
by the service provider, in response to the request, retrieving current metric data for the current communication session;
comparing the current metric data against the historic metric data;
if the current metric data deviates from the historic metric data by greater than a threshold amount, requesting a second-level authentication from the client device; and
responding to the request if the second-level authentication is passed.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure relates to multifactor-based authentication systems. Multifactor authentication occurs during a communication session in response to detecting a trigger event, such as an anomalous condition. Historical metrics, such as performance metrics (e.g., rendering speeds), behavioral metrics (e.g., click-stream behavior), environmental metrics (e.g., noise), etc., can be used as a baseline to compare against metrics for a current communication session. An anomalous condition, such as a current session metric exceeding a threshold, can result in an authentication service transmitting a multifactor authentication request.
39 Citations
16 Claims
-
1. A method, comprising:
-
storing historic metric data for past communication sessions between a client device and one or more server computers associated with a service provider, the historic metric data comprising one or more of the following;
performance metric data, behavioral metric data, or environmental metric data;for a current communication session between the client device and the service provider, receiving a first-level authentication, including a password, from the client device; during the current communication session, receiving a request from the client device for an action to be performed by the service provider; by the service provider, in response to the request, retrieving current metric data for the current communication session; comparing the current metric data against the historic metric data; if the current metric data deviates from the historic metric data by greater than a threshold amount, requesting a second-level authentication from the client device; and responding to the request if the second-level authentication is passed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable storage device, which is non-transitory, including instructions thereon that upon execution cause a computer system to:
-
receive first-level authentication information for a current communication session between a client device and a host server computer within a service provider; receive a request from the client device for an action to be performed by the service provider; in response to the request, track a metric associated with the current communication session and compare the tracked metric to a saved metric associated with the client device; and if the tracked metric deviates more than a threshold amount from the saved metric, request second-level authentication information for the current communication session to continue. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification