Familiar dynamic human challenge response test content
First Claim
1. A method comprising:
- receiving transaction data associated with a plurality of transactions at a server computer;
scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data;
extracting, by the server computer, a plurality of challenge items from the scrubbed transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data;
storing, by the server computer, the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages;
electronically providing, by the server computer to a user device over a communications network, a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository along with other distorted challenge items not derived from the received transaction data; and
receiving, by the server computer from the user device over the communications network, a selection of the one or more of the plurality of challenge items from the challenge repository from among the one or more challenge items and the other distorted challenge items.
0 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention are directed to human challenge response test delivery systems and methods. Specifically, embodiments of the present invention are directed to secure human challenge response test delivery services of configurable difficulty for user devices. One embodiment of the present invention is directed to methods and systems for implementing a familiar and dynamic human challenge response test challenge repository created from transaction data. The dynamic human challenge response test challenge repository may be created by a server computer receiving a plurality of transaction data. Challenge items may be extracted from the transaction data using an extraction algorithm. Furthermore, in some embodiments a challenge message may be sent to a requestor, a verification request may be received, and the verification request may be compared to the challenge message. Another embodiment may be directed at using user information in a human challenge response test to mutually authenticate a user and a service provider.
13 Citations
20 Claims
-
1. A method comprising:
-
receiving transaction data associated with a plurality of transactions at a server computer; scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data; extracting, by the server computer, a plurality of challenge items from the scrubbed transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data; storing, by the server computer, the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages; electronically providing, by the server computer to a user device over a communications network, a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository along with other distorted challenge items not derived from the received transaction data; and receiving, by the server computer from the user device over the communications network, a selection of the one or more of the plurality of challenge items from the challenge repository from among the one or more challenge items and the other distorted challenge items. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A server computer comprising:
-
a processor; and a non-transitory computer readable medium coupled to the processor and comprising code executable by the processor to implement a method, the method comprising; receiving transaction data associated with a plurality of transactions; scrubbing the transaction data of personally identifiable information that can be used to identify a person or an account associated with the transaction data; extracting a plurality of challenge items from the scrubbed transaction data using an extraction algorithm, the extraction algorithm selecting the plurality of challenge items from data strings in the transaction data; storing the plurality of challenge items in a challenge repository, wherein the plurality of challenge items may be used to generate distorted challenge messages; electronically providing, to a user device over a communications network, a distorted challenge message comprising one or more of the plurality of challenge items from the challenge repository; and receiving, from the user device over the communications network, a selection of the one or more of the plurality of challenge items from the challenge repository from among the one or more challenge items and the other distorted challenge items. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
providing, by a user device operated by a user, a user identifier to a server computer via a communications network; receiving, by the user device and from the server computer over the communications network, a plurality of distorted challenge items, wherein one or more of the distorted challenge items in the plurality of distorted challenge items is derived from transaction data relating to a transaction conducted by the user; selecting, by the user device in response to input by the user, the one or more distorted challenge items derived from the transaction data from the plurality of distorted challenge items; and providing, by the user device to the server computer over the communications network, the selection of the one or more distorted challenge items, wherein the server computer thereafter verifies that the user is authentic and that the input was from a human and not a computer program after receiving the selection of the one or more distorted challenge items. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification