Authentication and interaction tracking system and method
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/62
G06Q-020/40
H04L-029/06
출원번호
US-0967496
(2015-12-14)
등록번호
US-9734501
(2017-08-15)
발명자
/ 주소
Durney, Stephen
Pletz, Tracy M.
Webb, Timothy A.
출원인 / 주소
JPMorgan Chase Bank, N.A.
대리인 / 주소
Goodwin Procter LLP
인용정보
피인용 횟수 :
2인용 특허 :
48
초록▼
Aspects of the invention relate to a central authentication and interaction tracking system for authenticating an entity making a request related to a financial account. The system facilitates authentication of an entity engaging in an interaction with a financial institution, the authentication bas
Aspects of the invention relate to a central authentication and interaction tracking system for authenticating an entity making a request related to a financial account. The system facilitates authentication of an entity engaging in an interaction with a financial institution, the authentication based on a record of interactions initiated by the entity. The system includes an application interface receiving interaction requests over a network, the interaction requests originating from multiple entities and including a plurality of authentication factors. The system further includes a computer processor and computer memory capable of building, from each interaction request, an entity print record for each of the multiple entities, wherein each entity print record includes indicators of the authentication factors from each initiated transaction request. The system further facilitates deriving, from the entity print record, an entity print and storing the entity print in at least one computer memory, comparing received authentication factors for a requested interaction with the entity print, and making an authentication determination based on the comparison.
대표청구항▼
1. A method for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the method comprising: receiving interaction requests from a requesting entity over a network at a central authentication and interaction
1. A method for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the method comprising: receiving interaction requests from a requesting entity over a network at a central authentication and interaction tracking system including at least one computer memory and at least one computer processor, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;executing instructions stored in the computer memory using the computer processor to perform steps including: deriving, from each interaction request, an entity print for each requesting entity;building, from each interaction request, an interaction signature;classifying each interaction signature as at least one of a valid interaction signature or a fraudulent interaction signature;processing the interaction signature with previously classified interaction signatures;comparing the derived entity print with a pre-existing historical entity;generating, based at least on said steps of processing and comparing, a confidence level that a requesting entity is authentic and a risk level associated with authenticity of the interaction request;determining the risk level and confidence level meet requirements for authentication according to at least one policy;providing positive feedback to an authentication engine when the risk level and confidence level meet requirements for authentication and opening an authentication dialog with the authentication engine when the risk level and confidence level do not meet the requirements;executing policy rule sets at the authentication engine during the authentication dialogue to reach an authentication conclusion, the conclusion including one of a requirement for more information, a positive authentication decision, and a negative authentication decision. 2. The method of claim 1, wherein the multiple diverse applications include origination applications, transaction applications, and servicing applications. 3. The method of claim 1, further comprising modifying the historical entity print after each interaction for each of the multiple entities, such that the historical entity print is representative of all recorded interactions over time with each of the multiple entities. 4. The method of claim 1, further comprising building from each interaction request, an interaction signature for each interaction and classifying each interaction signature as a valid interaction signature or a fraudulent interaction signature. 5. The method of claim 1, wherein the device identifiers include an IP address. 6. The method of claim 1, wherein the personal identifier includes at least one of an RSID and a biometric indicator. 7. The method of claim 1, wherein the geographical transaction features are determined by geolocation. 8. The method of claim 1, wherein the authentication methods utilized include at least one of passwords, security questions, and biometric authentication factors. 9. The method of claim 1, wherein the authentication engine receives input from multiple interconnected systems including an entity print system, an interaction signature system, and a policy and risk assessment system in order to make an authentication determination. 10. A method for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the method comprising: receiving interaction requests from a requesting entity over a network at a central authentication and interaction tracking system including at least one computer memory and at least one computer processor, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;executing instructions stored in the computer memory using the computer processor to perform steps including: deriving, from each interaction request, an entity print for each requesting entity, wherein each entity print incorporates the authentication factors from each initiated interaction request, the authentication factors including multiple factors selected from the group including temporal transaction features, geographical transactions features, parties to transaction, identity of accounts, access method, device identifiers, personal identifiers, and authentication method utilized;comparing the derived entity print with a pre-existing historical entity print to produce an identity confidence level for the requesting entity and a risk level for the requesting entity;building from each interaction request, an interaction signature for each interaction and classifying each interaction signature as a valid interaction signature or a fraudulent interaction signature;comparing the received authentication factors for a requested interaction with the entity print and comparing the interaction signature for a received interaction request with the classified interaction signatures, wherein the comparisons yield a level of risk for each transaction;determining the risk level and confidence level meet requirements for authentication according to at least one policy;providing positive feedback to an authentication engine when the risk level and confidence level meet requirements for authentication and opening an authentication dialog with the authentication engine when the risk level and confidence level do not meet the requirements;executing policy rule sets at the authentication engine during the authentication dialogue to reach an authentication conclusion, the conclusion including one of a requirement for more information, a positive authentication decision, and a negative authentication decision;passing the conclusion from the authentication engine to an application utilized to initiate the interaction request, the application selected from the multiple diverse applications. 11. A central authentication and interaction tracking system for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the method comprising: an application interface receiving interaction requests from a requesting entity over a network, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;at least one computer memory storing information from the interaction requests and instructions for processing the information; andat least one computer processor accessing the computer memory and executing the stored instructions in the computer memory to perform steps including:deriving, from each interaction request, an entity print for each requesting entity;building, from each interaction request, an interaction signature;classifying each interaction signature as at least one of a valid interaction signature or a fraudulent interaction signature;processing the interaction signature with previously classified interaction signatures;comparing the derived entity print with a pre-existing historical entity print;generating, based at least on said steps of processing and comparing, a confidence level that a requesting entity is authentic and a risk level associated with authenticity of the interaction request;determining the risk level and confidence level meet requirements for authentication according to at least one policy;providing positive feedback to an authentication engine when the risk level and confidence level meet requirements for authentication and opening an authentication dialog with the authentication engine when the risk level and confidence level do not meet the requirements;executing policy rule sets at the authentication engine during the authentication dialogue to reach an authentication conclusion, the conclusion including one of a requirement for more information, a positive authentication decision, and a negative authentication decision. 12. The system of claim 11, wherein the multiple diverse applications include origination applications, transaction applications, and servicing applications. 13. The system of claim 11, wherein the computer processor further performs the step of modifying the historical entity print after each interaction for each of the multiple entities, such that the historical entity print is representative of all recorded interactions over time with each of the multiple entities. 14. The system of claim 11, wherein the computer processor further performs the step of building from each interaction request, an interaction signature for each interaction and classifying each interaction signature as a valid interaction signature or a fraudulent interaction signature. 15. The system of claim 11, wherein the device identifiers include an IP address. 16. The system of claim 11, wherein the personal identifier includes at least one of an RSID and a biometric indicator. 17. The system of claim 11, wherein the geographical transaction features are determined by geolocation. 18. The system of claim 11, wherein the authentication methods utilized include at least one of passwords, security questions, and biometric authentication factors. 19. The system of claim 11, wherein the authentication engine receives input from multiple interconnected systems including an entity print system, an interaction signature system, and a policy and risk assessment system in order to make an authentication determination. 20. A central authentication and interaction tracking system for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the method comprising: an application interface receiving interaction requests from a requesting entity over a network, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;at least one computer memory storing information from the interaction requests and instructions for processing the information; andat least one computer processor accessing the computer memory and executing the stored instructions in the computer memory to perform steps including:receiving interaction requests from a requesting entity over a network at a central authentication and interaction tracking system including at least one computer memory and at least one computer processor, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;executing instructions stored in the computer memory using the computer processor to perform steps including: deriving, from each interaction request, an entity print for each requesting entity, wherein each entity print incorporates the authentication factors from each initiated interaction request, the authentication factors including multiple factors selected from the group including temporal transaction features, geographical transactions features, parties to transaction, identity of accounts, access method, device identifiers, personal identifiers, and authentication method utilized;comparing the derived entity print with a pre-existing historical entity print to produce an identity confidence level for the requesting entity and a risk level for the requesting entity;building from each interaction request, an interaction signature for each interaction and classifying each interaction signature as a valid interaction signature or a fraudulent interaction signature;comparing the received authentication factors for a requested interaction with the entity print and comparing the interaction signature for a received interaction request with the classified interaction signatures, wherein the comparisons yield a level of risk for each transaction;determining the risk level and confidence level meet requirements for authentication according to at least one policy;providing positive feedback to an authentication engine when the risk level and confidence level meet requirements for authentication and opening an authentication dialog with the authentication engine when the risk level and confidence level do not meet the requirements;executing policy rule sets at the authentication engine during the authentication dialogue to reach an authentication conclusion, the conclusion including one of a requirement for more information, a positive authentication decision, and a negative authentication decision; andpassing the conclusion from the authentication engine to an application utilized to initiate the interaction request, the application selected from the multiple diverse applications. 21. A non-transitory computer readable storing instructions for facilitating authentication of entities engaging in transactions, the authentication based on a record of interactions initiated by the entities, the instructions executed by a computer processor to perform steps including: receiving interaction requests from a requesting entity over a network at a central authentication and interaction tracking system including at least one computer memory and at least one computer processor, the interaction requests originating from the entities using multiple diverse applications and including a plurality of authentication factors;deriving, from each interaction request, an entity print for each requesting entity;building, from each interaction request, an interaction signature;classifying each interaction signature as at least one of a valid interaction signature or a fraudulent interaction signature;processing the interaction signature with previously classified interaction signatures;comparing the derived entity print with a pre-existing historical entity print;generating, based at least on said steps of processing and comparing, a confidence level that a requesting entity is authentic and a risk level associated with authenticity of the interaction request;determining the risk level and confidence level meet requirements for authentication according to at least one policy;providing positive feedback to an authentication engine when the risk level and confidence level meet requirements for authentication and opening an authentication dialog with the authentication engine when the risk level and confidence level do not meet the requirements;executing policy rule sets at the authentication engine during the authentication dialogue to reach an authentication conclusion, the conclusion including one of a requirement for more information, a positive authentication decision, and a negative authentication decision; andpassing the conclusion from the authentication engine to an application utilized to initiate the interaction request, the application selected from the multiple diverse applications.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (48)
McAuliffe Jon D. ; Marsh Brian D. ; Moraes Mark A., Advertisement authentication system in which advertisements are downloaded for off-line display.
Barzilai Nizan ; Davidson Ron, Computer-based electronic bid, auction and sale system, and a system to teach new/non-registered customers how bidding, auction purchasing works.
Wadlow Thomas A. ; Kevin Joseph P., Dynamic policy-based apparatus for wide-range configurable network service authentication and access control using a fixed-path hardware configuration.
Matthews Gordon H. (Plano TX) Tansil Thomas B. (Dallas TX) Fannin Michael L. (Dallas TX), Electronic audio communications system with voice authentication features.
Gould, Christopher Britton; Locker, Howard Jeffery; Trotter, Andy Lloyd; Vanover, Michael T.; Ward, James Peter, Method and system for enabling free seating using biometrics through a centralized authentication.
Guo, Junyu; Kholmovski, Eugene G.; Zhang, Ling; Parker, Dennis L., Method and system for parallel reconstruction in the K-space domain for application in imaging systems.
Deininger, Andreas; Haas, Egon; Mueller, Klaus-Dieter, Method for verifying the authentication of a manager application in a telecommunications management network operating system by means of a network element and network element suitable therefor.
Schneier,Bruce; Walker,Jay S.; Jorasch,James A., Methods and apparatus for awarding prizes based on authentication of computer generated outcomes using coupons.
Bottner, Keith C.; Halpin, David D., Secure, anonymous authentication for electronic purchasing with dynamic determination of payment pricing and terms and cross vendor transaction resolution.
Hibino Toshiro (Kyoto-fu JPX) Yamato Satoshi (Kyoto-fu JPX), Security systems and methods for a videographics and authentication game/program fabricating device.
Guo, Wei-Quiang Michael; Dharmarajan, Baskaran; Battle, Ryan W., Service routing and web integration in a distributed multi-site user authentication system.
Akins ; III Glendon L. ; Banker Robert O. ; Palgon Michael S. ; Pinder Howard G. ; Wasilewski Anthony J., Source authentication of download information in a conditional access system.
Akins, III, Glendon L.; Banker, Robert O.; Palgon, Michael S.; Pinder, Howard G.; Wasilewski, Anthony J., Source authentication of download information in a conditional access system.
Nation, Ron L.; Meli, Rodney P.; Garner, William T., System and method for data source authentication and protection system using biometrics for openly exchanged computer files.
Bianco Peter Garrett ; Boon William Taylor ; Sterling Robert Brewster ; Ware Karl Roger, System, method and computer program product for allowing access to enterprise resources using biometric devices.
Wesley Joseph S. ; Chiu Dah Ming ; Kadansky Miriam C. ; Hurst Stephen A. ; Perlman Radia J. ; Provino Joseph E. ; Rosenzweig Philip M., Tree-based reliable multicast system where sessions are established by repair nodes that authenticate receiver nodes presenting participation certificates granted by a central authority.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.