Triggering a request for an authentication
First Claim
Patent Images
1. A method of determining when to request multifactor authentication, the method comprising:
- generating one or more session profiles using communication session metrics for previous communication sessions between a user, a client device or both, and a service provider;
setting one or more thresholds representing an acceptable deviation from the one or more session profiles;
receiving a request from the client device to perform an action within the service provider;
determining whether a session metric for an active communication session exceeds the one or more thresholds;
requesting a multifactor authentication for the user prior to responding to the request to perform the action if the session metric exceeds the one or more thresholds; and
wherein the communication session metrics for the previous communication sessions include session performance characteristics that include rendering speeds for the client device.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure relates to multifactor-based authentication systems. Multifactor authentication occurs during a communication session in response to detecting a trigger event, such as an anomalous condition. Historical metrics, such as performance metrics (e.g., rendering speeds), behavioral metrics (e.g., click-stream behavior), environmental metrics (e.g., noise), etc., can be used as a baseline to compare against metrics for a current communication session. An anomalous condition, such as a current session metric exceeding a threshold, can result in an authentication service transmitting a multifactor authentication request.
72 Citations
19 Claims
-
1. A method of determining when to request multifactor authentication, the method comprising:
-
generating one or more session profiles using communication session metrics for previous communication sessions between a user, a client device or both, and a service provider; setting one or more thresholds representing an acceptable deviation from the one or more session profiles; receiving a request from the client device to perform an action within the service provider; determining whether a session metric for an active communication session exceeds the one or more thresholds; requesting a multifactor authentication for the user prior to responding to the request to perform the action if the session metric exceeds the one or more thresholds; and wherein the communication session metrics for the previous communication sessions include session performance characteristics that include rendering speeds for the client device. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-readable storage medium including instructions that upon execution cause a computer system to:
-
generate one or more thresholds for a client communication session with a service provider, the one or more thresholds being based on historical communication session metrics; receive a request for a client action in a current authenticated communication session with the service provider; receive a metric associated with the current authenticated communication session, wherein the metric is associated with rendering speeds for previous client communication sessions; and determine if the metric exceeds the one or more thresholds, and, if so, request an authentication prior to responding to the request. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for requesting authentication, comprising:
-
a monitoring service for capturing metrics between a client device and a service provider, wherein the captured metrics include session performance characteristics associated with rendering speeds for the client device; a profiling service coupled to the monitoring service for generating a user profile based on the captured metrics, the profiling service setting one or more thresholds of an acceptable deviation from the captured metrics; and an authentication service coupled to the profiling service, the authentication service for requesting additional authentication in response to the profiling service detecting a deviation in the captured metrics from typical metrics. - View Dependent Claims (19)
-
Specification