IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0140215
(2008-06-16)
|
등록번호 |
US-8380629
(2013-02-19)
|
발명자
/ 주소 |
- Carlson, Mark
- Faith, Patrick
|
출원인 / 주소 |
|
인용정보 |
피인용 횟수 :
1 인용 특허 :
67 |
초록
▼
Systems, methods, and apparatus are provided for authenticating a consumer using challenge questions. A response to a challenge question is verified via seeding the challenge question, receiving response, and deductively determining the answer. The verified response and challenge question may then b
Systems, methods, and apparatus are provided for authenticating a consumer using challenge questions. A response to a challenge question is verified via seeding the challenge question, receiving response, and deductively determining the answer. The verified response and challenge question may then be used to authenticate a consumer as part of an authorization process.
대표청구항
▼
1. A method comprising: during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message;receiving, from the consumer, a first challenge response that is responsive to the challenge me
1. A method comprising: during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message;receiving, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction;repeating the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions;one or more processors inferring a verified answer to the challenge message based at least on a similarity of the received challenge responses; andthe one or more processors using the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. 2. The method of claim 1 wherein using the challenge message, the verified answer, and another challenge response comprises: comparing the another challenge response to the verified answer; andcalculating a contribution to a risk score based on the comparison, wherein the risk score is used to determine whether or not to authorize the later transaction. 3. The method of claim 2 wherein calculating the contribution comprises using a confidence score associated with the verified answer as a factor in determining the contribution. 4. The method of claim 3 further comprising: increasing the confidence score of the verified answer when the another challenge response is similar to the verified answer. 5. The method of claim 1 wherein the first challenge response is received during a process of authorizing the first transaction requested by the consumer. 6. The method of claim 1, further comprising: inferring respective verified answers to one or more other challenge messages; andusing the other challenge messages, their respective verified answers, and respective challenge responses in the determination of the later transaction. 7. The method of claim 1 wherein inferring the verified answer comprises: determining a consistency value for the received challenge responses;comparing the consistency value to a threshold value; andverifying the answer when a threshold criteria has been achieved. 8. The method of claim 7 wherein the consistency value is a number of consecutive responses that have been similar, wherein the threshold value is an integer N, and wherein the threshold criteria is whether the consistency value is at least one of greater than N or greater than or equal to N. 9. The method of claim 1 wherein the verified answer is inferred based also on one or more other criteria. 10. The method of claim 9 wherein the other criteria includes a number of billing cycles that the consumer has had a portable consumer device without suspect activity. 11. The method of claim 10, wherein the other criteria further includes whether any of the respective other transactions have been reversed. 12. The method of claim 10, wherein the other criteria further includes a location of the consumer when the subsequent challenge responses were received. 13. The method of claim 1, further comprising: resetting a process of inferring the verified answer when the another challenge response is different than the verified answer. 14. A non-transitory computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform an operation for determining whether a consumer is authorized to make a transaction, the instructions comprising: during a first transaction, providing a challenge message to a consumer, wherein a correct response to the challenge message is not known by an entity issuing the challenge message;receiving, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction;repeating the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions;inferring a verified answer to the challenge message based at least on a similarity of the received challenge responses; andusing the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. 15. The computer program product of claim 14 wherein the computer program product includes a server computer. 16. The computer program product of claim 14 wherein using the challenge message, the verified answer, and another challenge response comprises: comparing the another challenge response to the verified answer; andcalculating a contribution to a risk score based on the comparison, wherein the risk score is used to determine whether or not to authorize the later transaction. 17. The computer program product of claim 16, wherein calculating the contribution comprises using a confidence score associated with the verified answer as a factor in determining the contribution. 18. The computer program product of claim 14, wherein inferring the verified answer comprises: determining a consistency value for the received challenge responses;comparing the consistency value to a threshold value; andverifying the answer when a threshold criteria has been achieved. 19. The computer program product of claim 18, wherein the consistency value is a number of consecutive responses that have been similar, wherein the threshold value is an integer N, and wherein the threshold criteria is whether the consistency value is at least one of greater than N or greater than or equal to N. 20. The computer program product of claim 14, wherein the verified answer is inferred based also on one or more other criteria, and wherein the other criteria includes a number of billing cycles that the consumer has had a portable consumer device without suspect activity. 21. A system comprising: an output configured to provide a challenge message to a consumer, wherein a correct response to the challenge message is not known by the system;an input configured to receive, from the consumer, a first challenge response that is responsive to the challenge message, wherein the first challenge response is not used to authorize the first transaction;one or more processors configured to: repeat the providing of the challenge message to the consumer and receiving a subsequent challenge response from the consumer during each of one or more processes for authorizing a respective other transaction requested by the consumer, wherein none of the subsequent challenge responses are used in a determination of whether the consumer is authorized to make any of the respective other transactions;infer a verified answer to the challenge message based at least on a similarity of the received challenge responses; anduse the challenge message, the verified answer, and another challenge response that is responsive to the challenge message in a process for determining whether the consumer is authorized to conduct a later transaction which takes place after the respective other transactions. 22. The system of claim 21, wherein using the challenge message, the verified answer, and another challenge response comprises: comparing the another challenge response to the verified answer; andcalculating a contribution to a risk score based on the comparison, wherein the risk score is used to determine whether or not to authorize the later transaction. 23. The system of claim 21, wherein inferring the verified answer comprises: determining a consistency value for the received challenge responses;comparing the consistency value to a threshold value; andverifying the answer when a threshold criteria has been achieved. 24. The system of claim 21, wherein the verified answer is inferred based also on one or more other criteria, and wherein the other criteria includes a number of billing cycles that the consumer has had a portable consumer device without suspect activity.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.