Authentication alerts

US 10,685,336 B1
Filed: 10/05/2018
Issued: 06/16/2020
Est. Priority Date: 06/16/2011
Status: Active Grant

First Claim

Patent Images

1. A computing system comprising:

a data store that stores information associated with individuals enrolled in a monitoring service; and

a computing device, comprising at least one physical processor, that is in communication with the data store and that is configured to perform operations comprising;

receiving information identifying an individual for whom an authentication request has been received in association with a request from a requesting entity that received the information in real time from a person alleging to be the individual, wherein the received information includes an identifier identifying the requesting entity;

retrieving a contact preference associated with the individual from the data store, wherein the contact preference indicates that alerts to the individual are to be delivered by at least one of a text message to a mobile device of the individual or a push alert delivered via an application executed on the mobile device of the individual, wherein the contact preference is retrieved based at least in part by matching information stored in the data store with the information identifying the individual received in association with the authentication request;

retrieving an entity name associated with the requesting entity based on the identifier;

sending an electronic notification to the mobile device of the individual as at least one of a text message or push alert according to the contact preference, wherein the electronic notification provides notification to the individual that an authentication request was received regarding the individual and includes at least the entity name, wherein the electronic notification requests confirmation that the person alleging to be the individual is actually the individual;

determining that the authentication request is not authorized based at least in part on one of;

(a) a response to the electronic notification from the mobile device of the individual, or (b) expiration of a response time limit; and

in response to determining that the authentication request is not authorized, providing a notification to the requesting entity indicating fraudulent use of identity information of the individual in association with the authentication request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are provided for generating alerts in association with a request to open an account for an individual. For example, information identifying an individual may be received from a financial entity in association with the financial entity receiving a request to open an account for the individual from a requesting entity. The requesting entity may be a vendor or service provider associated with the financial entity. An electronic notification may then be sent to the individual, which may include a selectable option to indicate that the individual does not authorize opening of the account. In response to receiving an indication that the individual does not authorize opening of the account, notifications may be sent to both the financial entity and the requesting entity indicating that the individual has not authorized opening of the account.

1657 Citations

20 Claims

1. A computing system comprising:
- a data store that stores information associated with individuals enrolled in a monitoring service; and
  
  a computing device, comprising at least one physical processor, that is in communication with the data store and that is configured to perform operations comprising;
  
  receiving information identifying an individual for whom an authentication request has been received in association with a request from a requesting entity that received the information in real time from a person alleging to be the individual, wherein the received information includes an identifier identifying the requesting entity;
  
  retrieving a contact preference associated with the individual from the data store, wherein the contact preference indicates that alerts to the individual are to be delivered by at least one of a text message to a mobile device of the individual or a push alert delivered via an application executed on the mobile device of the individual, wherein the contact preference is retrieved based at least in part by matching information stored in the data store with the information identifying the individual received in association with the authentication request;
  
  retrieving an entity name associated with the requesting entity based on the identifier;
  
  sending an electronic notification to the mobile device of the individual as at least one of a text message or push alert according to the contact preference, wherein the electronic notification provides notification to the individual that an authentication request was received regarding the individual and includes at least the entity name, wherein the electronic notification requests confirmation that the person alleging to be the individual is actually the individual;
  
  determining that the authentication request is not authorized based at least in part on one of;
  
  (a) a response to the electronic notification from the mobile device of the individual, or (b) expiration of a response time limit; and
  
  in response to determining that the authentication request is not authorized, providing a notification to the requesting entity indicating fraudulent use of identity information of the individual in association with the authentication request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computing system of claim 1, wherein the electronic notification to the individual further identifies a particular location from which the authentication request was received.
  - 3. The computing system of claim 2, wherein the particular location comprises at least one of a city, an address, or a geo-location.
  - 4. The computing system of claim 2, wherein the particular location comprises at least one of a web address or an IP address.
  - 5. The computing system of claim 1, wherein the authentication request is determined to not be authorized based on the expiration of the response time limit, wherein the response time limit comprises a predefined number of minutes or seconds having elapsed since sending the electronic notification to the mobile device of the individual.
  - 6. The computing system of claim 1, wherein the requesting entity is a service provider for which a financial entity maintains financial accounts, and wherein the operations further comprise:
    - determining the service provider based at least in part on the financial entity; and
      
      in response to determining that the authentication request is not authorized, providing a second notification to the financial entity indicating fraudulent use of identity information of the individual in association with the authentication request.
  - 7. The computing system of claim 6, wherein the service provider is determined based at least in part by retrieving data that associates the financial entity with one or more service providers associated with the financial entity.
  - 8. The computing system of claim 6, wherein the financial entity comprises a financial institution that maintains credit accounts for a plurality of individuals on behalf of two or more vendors or service providers.
  - 9. The computing system of claim 1, wherein the request is to open a financial account for the individual.
  - 10. The computing system of claim 9, wherein the financial account is a store credit card associated with a vendor.
  - 11. The computing system of claim 9, wherein the financial account for the individual comprises a credit account.
  - 12. The computing system of claim 1, wherein providing the notification to the requesting entity comprises transmitting the notification to a POS terminal within a retail store.

13. A computer-implemented method comprising:
- receiving, by one or more computing devices that are configured with specific executable instructions, information identifying an individual for whom an authentication request has been received in association with a request from a requesting entity that received the information in real time from a person alleging to be the individual, wherein the received information includes an identifier identifying the requesting entity;
  
  retrieving, by the one or more computing devices, a contact preference associated with the individual from a data store, wherein the contact preference indicates that alerts to the individual are to be delivered by at least one of a text message to a mobile device of the individual or a push alert delivered via an application executed on the mobile device of the individual, wherein the contact preference is retrieved based at least in part by matching information stored in the data store with the information identifying the individual received in association with the authentication request;
  
  retrieving, by the one or more computing devices, an entity name associated with the requesting entity based on the identifier;
  
  sending, by the one or more computing devices, an electronic notification to the mobile device of the individual as at least one of a text message or push alert according to the contact preference, wherein the electronic notification provides notification to the individual that an authentication request was received regarding the individual and includes at least the entity name, wherein the electronic notification requests confirmation that the person alleging to be the individual is actually the individual;
  
  determining, by the one or more computing devices, that the authentication request is not authorized based at least in part on one of;
  
  (a) a response to the electronic notification from the mobile device of the individual, or (b) expiration of a response time limit; and
  
  sending, from the one or more computing devices to the mobile device of the individual, contact information for contacting the requesting entity in order to resolve potential fraud in association with unauthorized use of identity information of the individual in association with the authentication request.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer-implemented method of claim 13, wherein a financial entity maintains accounts for the requesting entity, and further comprising determining the requesting entity based at least in part on the financial entity.
  - 15. The computer-implemented method of claim 13, wherein the electronic notification is provided as a push alert delivered via an application executed on the mobile device, wherein sending the electronic notification as the push alert causes the mobile device to launch the application executed on the mobile device, wherein the application causes display of the entity name and a selectable option to indicate whether the person alleging to be the individual is actually the individual.
  - 16. The computer-implemented method of claim 13, wherein the electronic notification to the individual further identifies a particular location of the authentication request.
  - 17. The computer-implemented method of claim 16, wherein the particular location comprises at least one of a city, an address, a geo-location, a web address or an IP address.

18. A non-transitory, computer-readable medium having stored thereon computer-executable instructions configured to cause a processor of a computing system to perform operations comprising:
- receiving information identifying an individual for whom an authentication request has been received in association with a request from a requesting entity that received the information in real time from a person alleging to be the individual, wherein the received information includes an identifier identifying the requesting entity;
  
  retrieving a contact preference associated with the individual from a data store, wherein the contact preference indicates that alerts to the individual are to be delivered by at least one of a text message to a mobile device of the individual or a push alert delivered via an application executed on the mobile device of the individual, wherein the contact preference is retrieved based at least in part by matching information stored in the data store with the information identifying the individual received in association with the authentication request;
  
  retrieving an entity name associated with the requesting entity based on the identifier;
  
  sending an electronic notification to the mobile device of the individual as at least one of a text message or push alert according to the contact preference, wherein the electronic notification provides notification to the individual that an authentication request was received regarding the individual and includes at least the entity name, wherein the electronic notification requests confirmation that the person alleging to be the individual is actually the individual;
  
  determining that the authentication request is not authorized based at least in part on one of;
  
  (a) a response to the electronic notification from the mobile device of the individual, or (b) expiration of a response time limit; and
  
  sending, to the mobile device of the individual, contact information for contacting the requesting entity in order to resolve potential fraud in association with unauthorized use of identity information of the individual in association with the authentication request.
- View Dependent Claims (19, 20)
- - 19. The non-transitory, computer-readable medium of claim 18, wherein the electronic notification is provided as a push alert delivered via an application executed on the mobile device, wherein sending the electronic notification as the push alert causes the mobile device to launch the application executed on the mobile device, wherein the application causes display of the entity name and a selectable option to indicate whether the person alleging to be the individual is actually the individual.
  - 20. The non-transitory, computer-readable medium of claim 18, wherein the electronic notification to the individual further identifies a particular device or location associated with the authentication request, wherein the particular device or location is based at least in part on geo-location data or an IP address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Consumerinfo.com Incorporated (Experian plc)
Original Assignee
Consumerinfo.com Incorporated (Experian plc)
Inventors
Burger, Michael, Dean, Michael John, Kapczynski, Mark Joseph, Yu, Nelson
Primary Examiner(s)
Ojiaku, Chikaodinaka

Application Number

US16/153,557
Time in Patent Office

620 Days
Field of Search

705 38
US Class Current
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/4037   Remote solvency checks

G06Q 20/425   using two different network...

G06Q 40/03   Credit; Loans; Processing t...

H04L 67/55   Push-based network services

H04M 1/72436   for text messaging, e.g. sh...

H04M 1/72448   with means for adapting the...

H04M 1/72484   wherein functions are trigg...

Authentication alerts

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

1657 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Authentication alerts

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1657 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others