Using a change in information associated with a mobile device network ID as a risk indicator in mobile network-based authentication
First Claim
1. A computer-implemented method of authorizing a user activity based on a network identification (ID) of a mobile device, that has been activated, the method comprising:
- receiving a request from a computing device to initiate a transfer of funds from a restricted-access account on an application server, wherein the request references the network ID;
determining whether or not there is a change of information associated with the network ID during a predetermined time interval by querying a network ID server for the change of information associated with the network ID;
upon determining that the information associated with the network ID has not changed during the predetermined time interval, transmitting a one-time password to the mobile device; and
upon receipt of the one-time password from the mobile device, authorizing the transfer of funds,wherein the change of information associated with the network ID is a change in a name for a mobile account associated with the network ID.
1 Assignment
0 Petitions
Accused Products
Abstract
The network ID of a mobile device can be securely employed as a possession factor. When an access to a restricted access application server or a restricted access account on the application server is attempted via a computing device, and possession of a mobile device programmed with a network ID is employed as a verification factor, the application server or a network ID monitoring server can determine whether certain information associated with the network ID has been changed within a predetermined time interval, indicating potentially fraudulent activity. Based on the presence or absence of recent changes in the information associated with the network ID, the user activity is either authorized or denied.
17 Citations
8 Claims
-
1. A computer-implemented method of authorizing a user activity based on a network identification (ID) of a mobile device, that has been activated, the method comprising:
-
receiving a request from a computing device to initiate a transfer of funds from a restricted-access account on an application server, wherein the request references the network ID; determining whether or not there is a change of information associated with the network ID during a predetermined time interval by querying a network ID server for the change of information associated with the network ID; upon determining that the information associated with the network ID has not changed during the predetermined time interval, transmitting a one-time password to the mobile device; and upon receipt of the one-time password from the mobile device, authorizing the transfer of funds, wherein the change of information associated with the network ID is a change in a name for a mobile account associated with the network ID. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification