Systems and methods for cross coupling risk analytics and one-time-passcodes
First Claim
1. A method comprising:
- receiving a request to confirm a transaction associated with a service;
receiving a cumulative value from a physical token associated with a user representing a number of read operations performed;
accessing a log, the log mapping users of the service to last-known values of respective physical tokens of the users;
retrieving, from the log, the last-known value of the physical token associated with the user;
identifying a window of acceptable values around the last-known value of the physical token, wherein the window is a dynamic range based on user profile information that indicates historical regular interactions for the user compared to other historical regular interactions for other users;
determining that the cumulative value received from the physical token is within the window of acceptable values; and
causing the transaction to be executed when the cumulative value is within the window.
1 Assignment
0 Petitions
Accused Products
Abstract
Example embodiments provide systems and methods for validating an action using a physical token, such as a near-field-communications (NFC)-capable chip. A server may receive a request to perform the action, and may require validation from the holder of the physical token. The holder of the physical token may log into an application using their login credentials, providing a first tier of authentication. The holder may then scan the physical token with a reader on their mobile device, which provides a second tier of authentication. The scan may reveal a value for a counter on the physical token, which may be compared to a counter at the server in order to validate that the physical token has been used as expected. If the server deems it appropriate, a third (or further) tier may be required, such as scanning a photographic identification of the holder.
574 Citations
20 Claims
-
1. A method comprising:
-
receiving a request to confirm a transaction associated with a service; receiving a cumulative value from a physical token associated with a user representing a number of read operations performed; accessing a log, the log mapping users of the service to last-known values of respective physical tokens of the users; retrieving, from the log, the last-known value of the physical token associated with the user; identifying a window of acceptable values around the last-known value of the physical token, wherein the window is a dynamic range based on user profile information that indicates historical regular interactions for the user compared to other historical regular interactions for other users; determining that the cumulative value received from the physical token is within the window of acceptable values; and causing the transaction to be executed when the cumulative value is within the window. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium storing instructions configured to cause a processor to:
-
receive a request to confirm a transaction associated with a service; receive a cumulative value from a physical token associated with a user representing a number of read operations performed; access a log, the log mapping users of the service to last-known values of respective physical tokens of the users; retrieve, from the log, the last-known value of the physical token associated with the user; identify a window of acceptable values around the last-known value of the physical token, wherein the window is a dynamic range based on user profile information that indicates historical regular interactions for the user compared to other historical regular interactions for other users; determine that the cumulative value received from the physical token is within the window of acceptable values; and cause the transaction to be executed when the cumulative value is within the window. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus comprising:
-
a hardware interface configured to receive a request to confirm a transaction associated with a service and receive a cumulative value from a physical token associated with a user representing a number of read operations performed; a non-transitory computer-readable medium storing a log mapping users of the service to last-known values of respective physical tokens of the users; and a hardware processor circuit configured to; retrieve, from the log, the last-known value of the physical token associated with the user, identify a window of acceptable values around the last-known value of the physical token, wherein the window is a dynamic range based on user profile information that indicates historical regular interactions for the user compared to other historical regular interactions for other users, determine that the cumulative value received from the physical token is within the window of acceptable values, and cause the transaction to be executed when the cumulative value is within the window. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification