Behavior-based identity system
First Claim
1. A non-transitory computer-readable medium embodying a program that, when executed in at least one computing device, causes the at least one computing device to at least:
- generate a plurality of stored behavioral events associated with a user identity based at least in part on an action of a user at a client device, the action comprising a predefined sequence of behavioral events;
in response to receiving an assertion of the user identity, monitor a plurality of behavioral events expressed by the client device relative to a plurality of resources of a first network site;
perform a comparison between the plurality of behavioral events and the plurality of stored behavioral events;
determine an inverse identity confidence score as to whether the user identity does not belong to the user at the client device based at least in part on the comparison; and
authenticate the user at the client device to access a resource of a second network site based at least in part on determining that the inverse identity confidence score does not meet a threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for a behavior-based identity system that recognizes and/or authenticates users based at least in part on determining stored behavioral events. For example, stored behavioral events may have been observed previously at a client or have been predefined by an authenticated user. Multiple behavioral events expressed by the client relative to a network site are recorded. The behavioral events may correspond to data that a user has elected to share, and the user may opt-in or opt-out of the behavior-based identity system. A comparison is performed between the multiple observed behavioral events and the stored behavioral events associated with a user identity. An inverse identity confidence score as to whether the user identity does not belong to a user at the client is generated based at least in part on the comparison.
-
Citations
18 Claims
-
1. A non-transitory computer-readable medium embodying a program that, when executed in at least one computing device, causes the at least one computing device to at least:
-
generate a plurality of stored behavioral events associated with a user identity based at least in part on an action of a user at a client device, the action comprising a predefined sequence of behavioral events; in response to receiving an assertion of the user identity, monitor a plurality of behavioral events expressed by the client device relative to a plurality of resources of a first network site; perform a comparison between the plurality of behavioral events and the plurality of stored behavioral events; determine an inverse identity confidence score as to whether the user identity does not belong to the user at the client device based at least in part on the comparison; and authenticate the user at the client device to access a resource of a second network site based at least in part on determining that the inverse identity confidence score does not meet a threshold. - View Dependent Claims (2, 3, 4)
-
-
5. A system, comprising:
-
a data store; at least one computing device comprising a processor and a memory and being in communication with the data store; and an identity management system that, when executed by at the at least one computing device, causes the at least one computing device to at least; determine a plurality of stored behavioral events associated with a user identity based at least in part on a user specification of behavior events received and stored in the data store; record a plurality of behavioral events expressed to a client device relative to a plurality of resources of a network site; perform a comparison of the plurality of behavior events and the plurality of stored behavioral events to determine whether the plurality of behavioral events match a specific sequence of the plurality of stored behavioral events; and determine an inverse identity confidence score as to whether the user identity does not belong to a user associated with the client device based at least in part on the comparison. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method, comprising:
-
generating, via at least one of one or more computing devices comprising a processor and a memory, a plurality of stored behavioral events associated with a user identity based at least in part on an action of a user, the action comprising a predefined sequence of behavioral events; receiving, via at least one of the one or more computing devices, an assertion of the user identity from a client device; receiving, via at least one of the one or more computing devices, behavior verification data created by a server associated with a network site and stored in a data store as a user specification, the behavioral verification data comprising a plurality of behavioral events expressed by the client device relative to a resource of the network site; performing, via at least one of the one or more computing devices, a comparison of the plurality of behavioral events and the plurality of stored behavioral events; and generating, via at least one of the one or more computing devices, an inverse identity confidence score as to whether the user identity does not belong to the user at the client device based at least in part on the comparison. - View Dependent Claims (16, 17, 18)
-
Specification