Risk analysis apparatus and method for risk based authentication
First Claim
1. A risk analysis apparatus comprising:
- at least one memory;
at least one processor configured to execute program codes stored in the at least one memory to perform;
collecting risk factors related to one or more authentication processes for authentication of a user of a client device in an authentication system;
calculating a current risk score for the user based on the collected risk factors based on the one or more authentication processes being successful;
calculating a total risk score based on a risk score history of the user and the current risk score;
determining whether additional authentication of the user is required based on the current risk score and the total risk score; and
requesting the client device for the additional authentication of the user based on the additional authentication being required,wherein the calculating of the total risk score comprises calculating the total risk score by comparing a change pattern of past risk scores included in the risk score history with the current risk score or calculating the total risk score based on a number of times a threshold has been exceeded within a predetermined period of the risk score history.
1 Assignment
0 Petitions
Accused Products
Abstract
A risk analysis apparatus and method are provided. According to one embodiment of the present disclosure, the risk analysis apparatus includes: at least one processor configured to: a risk factor collector configured to collect risk factors related to one or more authentication processes for authentication of a user of a client device in an authentication system; a risk analyzer configured to calculate a current risk score for the user based on the collected risk factors and calculate a total risk score based on a risk score history of the user and the current risk score based on the one or more authentication processes being successful; and an additional authentication requester configured to determine whether additional authentication of the user is required based on the current risk score and the total risk score and, request the client device for the additional authentication of the user based on the additional authentication being required.
0 Citations
14 Claims
-
1. A risk analysis apparatus comprising:
-
at least one memory; at least one processor configured to execute program codes stored in the at least one memory to perform; collecting risk factors related to one or more authentication processes for authentication of a user of a client device in an authentication system; calculating a current risk score for the user based on the collected risk factors based on the one or more authentication processes being successful; calculating a total risk score based on a risk score history of the user and the current risk score; determining whether additional authentication of the user is required based on the current risk score and the total risk score; and requesting the client device for the additional authentication of the user based on the additional authentication being required, wherein the calculating of the total risk score comprises calculating the total risk score by comparing a change pattern of past risk scores included in the risk score history with the current risk score or calculating the total risk score based on a number of times a threshold has been exceeded within a predetermined period of the risk score history. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A risk analysis method implemented by a risk analysis apparatus comprising:
-
collecting risk factors related to one or more authentication processes for authentication of a user of a client device in an authentication system; calculating a current risk score for the user based on the collected risk factors and the one or more authentication processes being successful; calculating a total risk score based on a risk score history of the user and the current risk score; and determining whether additional authentication of the user is required based on the current risk score and the total risk score; and requesting the client device for the additional authentication of the user based on the determining indicating the additional authentication is required, wherein the calculating of the total risk score comprises calculating the total risk score by comparing a change pattern of past risk scores included in the risk score history with the current risk score or calculating the total risk score based on a number of times a threshold has been exceeded within a predetermined period of the risk score history. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification