CN106575401B - 用于使用数据分析执行验证的系统和方法 - Google Patents
用于使用数据分析执行验证的系统和方法 Download PDFInfo
- Publication number
- CN106575401B CN106575401B CN201580040836.7A CN201580040836A CN106575401B CN 106575401 B CN106575401 B CN 106575401B CN 201580040836 A CN201580040836 A CN 201580040836A CN 106575401 B CN106575401 B CN 106575401B
- Authority
- CN
- China
- Prior art keywords
- parameters
- authentication
- verification
- user
- current transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4016—Transaction verification involving fraud or risk level assessment in transaction processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Health & Medical Sciences (AREA)
- Social Psychology (AREA)
- Collating Specific Patterns (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本发明描述了一种使用诸如机器学习等数据分析来执行身份验证的系统、设备、方法和机器可读介质。例如,方法的一个实施例包括:选择与客户端装置上的用户活动相关的一组参数;接收验证所述用户用于当前交易的请求;响应性地计算与所述当前交易相关联的参数和来自现有数据集的历史参数之间的距离;基于与所述当前交易相关联的所述参数和所述历史参数之间的所计算出的距离来确定与所述当前交易相关联的风险等级;基于所述风险等级来选择验证所述用户所需要的一种或多种验证技术;执行所述一种或多种验证技术以尝试验证所述用户并且生成验证结果;以及使用与所述当前交易相关联的所述参数和所述验证结果更新所述历史参数。
Description
背景技术
技术领域
本发明整体涉及数据处理系统的领域。更具体地讲,本发明涉及用于使用诸如机器学习等数据分析执行验证的系统和方法。
相关领域说明
还已经设计了使用生物计量传感器经由网络提供安全用户验证的系统。在此类系统中,可经由网络发送由验证器生成的得分和/或其他验证数据,以向远程服务器验证用户。例如,专利申请No.2011/0082801(“‘801申请”)描述了一种在网络上进行用户注册和验证的框架,这种框架提供强验证(例如,防御身份窃取和网络钓鱼)、安全交易(例如,防御交易中的“浏览器中的恶意软件”和“中间人”攻击)和客户端验证令牌的登记/管理(例如,指纹读取器、面部识别装置、智能卡、可信平台模块等等)。
本申请的受让人已经开发出对‘801申请中所描述的验证框架的多种改进。这些改进中的一些在以下一组美国专利申请中描述,这些美国专利申请都被转让给本受让人:序列号13/730,761,名称为“Query System and Method to Determine AuthenticationCapabilities”(用于确定验证能力的查询系统和方法);序列号13/730,776,名称为“System and Method for Efficiently Enrolling,Registering,and AuthenticatingWith Multiple Authentication Devices”(使用多个验证装置有效地进行登记、注册和验证的系统和方法);序列号13/730,780,名称为“System and Method for ProcessingRandom Challenges Within an Authentication Framework”(用于在验证框架内处理随机质询的系统和方法);序列号13/730,791,名称为“System and Method forImplementing Privacy Classes Within an Authentication Framework”(用于在验证框架内实施隐私类别的系统和方法);序列号13/730,795,名称为“System and Method forImplementing Transaction Signaling Within an Authentication Framework”(用于在验证框架内实施交易信令的系统和方法);以及序列号14/218,504,名称为“AdvancedAuthentication Techniques and Applications”(高级验证技术和应用)(下文中称为“‘504申请”)。这些申请在本文中有时称为(“共同未决的申请”)。
简而言之,在这些共同未决的申请描述的验证技术中,用户向客户端装置上的验证装置(或验证器)诸如生物计量装置(例如,指纹传感器)登记。当用户向生物计量装置登记时,(例如,通过轻扫手指、拍摄照片、记录语音等)捕捉生物计量参考数据。用户可随后经由网络向一个或多个服务器(例如,配备有安全交易服务的网站或其他依赖方,如共同未决的申请中所述)注册/预置验证装置;并且随后使用在注册过程中交换的数据(例如,预置到验证装置中的密钥)向那些服务器验证。一旦通过验证,用户便获许与网站或其他依赖方执行一个或多个在线交易。在共同未决的申请所描述的框架中,敏感信息(诸如指纹数据和能够用于唯一地标识用户的其他数据)可本地保持在用户的验证装置上,以保护用户的隐私。
‘504申请描述了多种额外的技术,包括以下技术:设计复合验证器、智能地生成验证保证等级、使用非侵入式用户核验、将验证数据传送到新的验证装置、用客户端风险数据扩充验证数据、自适应地应用验证策略、以及创建信任圈、等等。
附图说明
能够结合下列附图从以下具体实施方式更好地理解本发明,其中:
图1A至图1B示出了安全验证系统架构的两个不同实施例;
图2是示出可如何将密钥注册到验证装置中的事务图;
图3示出了显示远程验证的事务图;
图4A至图4B示出了用于使用机器学习技术执行验证的系统的不同实施例;
图5示出了用于使用机器学习技术执行验证的方法的一个实施例;
图6示出了用于使用机器学习技术执行验证的方法的另一个实施例;
图7示出了用于服务器和/或客户端的计算机架构的一个实施例;以及
图8示出了用于服务器和/或客户端的计算机架构的一个实施例。
具体实施方式
下文描述用于实施高级验证技术及相关联应用的设备、方法和机器可读介质的实施例。在整个描述中,出于解释的目的,本文陈述了许多特定细节以便透彻理解本发明。然而,本领域的技术人员将容易明白,可在没有这些特定细节中的一些的情况下实践本发明。在其他情况下,为免模糊本发明的基本原理,已熟知的结构和装置未示出或以框图形式示出。
下文论述的本发明的实施例涉及具有用户核实功能(诸如生物计量形式或PIN输入)的验证装置。这些装置在本文中有时称为“令牌”、“验证装置”或“验证器”。尽管某些实施例注重于面部识别硬件/软件(例如,用于识别用户面部并且跟踪用户的眼球运动的相机和相关联软件),但有些实施例可利用额外的生物计量装置,包括(例如)指纹传感器、声音识别硬件/软件(例如,用于识别用户声音的麦克风和相关联软件)以及光学识别能力(例如,用于扫描用户视网膜的光学扫描器和相关联软件)。用户验证功能还可包括非生物计量形式,如PIN输入。验证器可使用装置,如可信平台模块(TPM)、智能卡和安全元件,来进行密码操作与密钥存储。
在移动式生物计量的具体实施中,生物计量装置可远程于依赖方。如本文所用,术语“远程”意味着生物计量传感器不是其以通信方式耦接到的计算机的安全边界的一部分(例如,生物计量传感器未嵌入到与依赖方计算机相同的物理外壳中)。举例来说,生物计量装置可经由网络(例如,因特网、无线网络链路等)或经由外围输入(诸如USB端口)耦接到依赖方。在这些条件下,依赖方可能无法知道装置是否为得到依赖方授权的装置(例如,提供可接受等级的验证强度和完整性保护的装置)以及/或者黑客是否已经危及或甚至已经替换了生物计量装置。生物计量装置的置信度取决于装置的特定实施。
本文中使用的术语“本地”指的是用户正亲自在特定位置处(诸如在自动取款机(ATM)或销售点(POS)零售结账处)进行交易的事实。然而,如下文所论述,用于验证用户的验证技术可能涉及非位置组件,诸如经由网络与远程服务器和/或其他数据处理装置的通信。此外,尽管本文中描述了特定实施例(诸如ATM和零售点),但应该指出的是,可在由最终用户在其内本地发起交易的任何系统的环境中实施本发明的基本原理。
本文中有时使用术语“依赖方”来不仅指尝试与之进行用户交易的实体(例如,执行用户交易的网站或在线服务),还指代表那个实体实施的安全交易服务器(有时称为“验证器”),其可执行本文所述的基础验证技术。安全交易服务器可由依赖方拥有并且/或者在依赖方的控制下,或者可在作为商业安排的一部分向依赖方提供安全交易服务的第三方的控制下。
本文中使用的术语“服务器”指的是在一个硬件平台上(或跨多个硬件平台)执行的软件,其经由网络从客户端接收请求,然后作为响应来执行一个或多个操作,并且将响应传输到客户端,该响应通常包括操作的结果。服务器对客户端请求做出响应,从而向客户端提供或帮助向客户端提供网络“服务”。值得注意的是,服务器不限于单个计算机(例如,用于执行服务器软件的单个硬件装置),而是实际上可散布在多个硬件平台上,有可能位于多个地理位置处。
示例性系统架构和交易
图1A至图1B示出了包括用于注册验证装置(有时还称为“预置”)并且验证用户的客户端侧组件和服务器侧组件的系统架构的两个实施例。图1A所示的实施例使用基于web浏览器插件的架构来与网站通信,而图1B所示的实施例不需要web浏览器。本文所述的各种技术诸如向验证装置登记用户、向安全服务器注册验证装置和核验用户可在这些系统构架中的任一者上实施。因此,虽然图1A所示的架构用于展示下述若干实施例的操作,但相同的基本原理可在图1B所示的系统上容易地实施(例如,通过删除安全交易插件105,该安全交易插件充当用于在安全企业或Web目的地130与客户端上的安全交易服务101之间通信的中介)。
首先转到图1A,图示实施例包括配备有一个或多个用于登记和核验最终用户的验证装置110至112(这些验证装置在本领域中有时称为验证“令牌”或“验证器”)的客户端100。如上所述,验证装置110至112可包括生物计量装置,诸如指纹传感器、声音识别硬件/软件(例如,用于识别用户声音的麦克风和相关联软件)、面部识别硬件/软件(例如,用于识别用户面部的相机和相关联软件)、和光学识别功能(例如,用于扫描用户视网膜的光学扫描器和相关联软件),并且支持非生物计量形式(诸如PIN核验)。验证装置可使用可信平台模块(TPM)、智能卡或安全元件用于加密操作以及密钥存储。
验证装置110至112通过由安全交易服务101暴露的接口102(例如,应用程序编程接口或API)以通信方式耦接到客户端。安全交易服务101是用于经由网络与一个或多个安全交易服务器132至133通信以及用于与在web浏览器104的环境内执行的安全交易插件105介接的安全应用程序。如图所示,接口102还可提供对客户端100上的安全存储装置120的安全访问,该安全存储装置存储与每个验证装置110至112相关的信息,诸如装置识别代码、用户识别代码、受验证装置保护的用户登记数据(例如,所扫描的指纹或其他生物计量数据),以及用于执行本文所述安全验证技术的由验证装置包封的密钥。例如,如下文详细论述,唯一密钥可被存储到每个验证装置中并且在经由网络(诸如因特网)与安全企业或Web目的地130通信时使用。
如下文论述,安全交易插件105支持某些类型的网络交易,诸如与网站131或其他服务器的HTTP或HTTPS交易。在一个实施例中,响应于插入到由安全企业或Web目的地130内的网站131的网页的HTML代码中的特定HTML标签来启动安全交易插件。响应于检测到此类标签,安全交易插件105可将交易转发到安全交易服务101以进行处理。另外,对于某些类型的交易(例如,诸如安全密钥交换),安全交易服务101可开启与当地交易服务器132(即,与网站位于同一地点)或异地交易服务器133的直接通信信道。
安全交易服务器132至133耦接到安全交易数据库121,安全交易数据库121用于存储用户数据、验证装置数据、密钥以及支持下文所述的安全验证交易所需要的其他安全信息。然而,应该指出的是,本发明的基本原理不需要分离图1A所示的安全企业或web目的地130内的逻辑组件。例如,网站131和安全交易服务器132至133可在单个物理服务器或分开的多个物理服务器内实施。此外,网站131和交易服务器132至133可在用于执行下文所述的功能的一个或多个服务器上所执行的集成软件模块内实施。
如上所述,本发明的基本原理不限于图1A所示的基于浏览器的架构。图1B示出替代性具体实施,其中独立应用程序154利用由安全交易服务101提供的功能来经由网络验证用户。在一个实施例中,应用程序154被设计为建立与一个或多个网络服务151的通信会话,这些网络服务依赖于安全交易服务器132至133来执行下文详细描述的用户/客户端验证技术。
在图1A和图1B所示的任一个实施例中,安全交易服务器132至133可生成密钥,这些密钥接着被安全地传输到安全交易服务101并存储到安全存储装置120内的验证装置中。另外,安全交易服务器132至133管理服务器端上的安全交易数据库121。
将结合图2至图3描述与向依赖方远程注册验证装置和验证相关联的某些基本原理,随后是对用于使用机器学习技术执行验证的本发明的实施例的详细描述。
图2示出了用于注册客户端上的验证装置(诸如图1A至图1B中的客户端100上的装置110至112)(有时称为“预置”验证装置)的一系列交易。简单来讲,安全交易服务101和接口102被总和在一起作为验证客户端201,并且包括安全交易服务器132至133的安全企业或web目的地130被表示为依赖方202。
在注册验证器(例如,指纹验证器、语音验证器等)期间,在验证客户端201与依赖方202之间共享与验证器相关联的密钥。再参见图1A至图1B,密钥可存储在客户端100的安全存储装置120和由安全交易服务器132至133使用的安全交易数据库121内。在一个实施例中,密钥是由安全交易服务器132至133中的一个生成的对称密钥。然而,在下文论述的另一个实施例中,使用不对称密钥。在这个实施例中,可由安全交易服务器132至133生成公共/私有密钥对。公共密钥可接着由安全交易服务器132至133存储,并且相关的私有密钥可存储在客户端上的安全存储装置120中。在替代实施例中,密钥可在客户端100上生成(例如,由验证装置或验证装置接口而不是安全交易服务器132至133生成)。本发明的基本原理不限于任何特定类型的密钥或生成密钥的方式。
在一个实施例中,采用安全密钥预置协议经由安全通信信道与客户端共享密钥。密钥预置协议的一个例子是动态对称密钥预置协议(DSKPP)(例如,见请求注解(RFC)6063)。然而,本发明的基本原理不限于任何特定密钥预置协议。在一个特定实施例中,客户端生成公共/私有密钥对并且将公共密钥发送到服务器,该服务器可用证实密钥来证实。
转到图2所示的具体细节,为了发起注册过程,依赖方202便生成随机生成的质询(例如,密码随机数),验证客户端201必须在装置注册期间呈现此质询。该随机质询可在有限时间段内有效。作为响应,验证客户端201发起与依赖方202的带外安全连接(例如,带外交易)并且使用密钥预置协议(例如,上文提及的DSKPP协议)与依赖方202通信。为了发起安全连接,验证客户端201可将随机质询提供回到依赖方202(可能与在随机质询上生成的签名一起)。另外,验证客户端201可传输用户的身份(例如,用户ID或其他代码)和待预置注册的验证装置的身份(例如,使用唯一地识别正被预置的验证装置的类型的验证证实ID(AAID))。
依赖方使用用户名称或ID代码定位用户(例如,在用户帐户数据库中),查验该随机质询(例如,使用签名或简单地将该随机质询与所发送的随机质询进行比较),在已经发送验证装置的验证代码的情况下查验该验证代码(例如,AAID),并且在安全交易数据库(例如,图1A至图1B中的数据库121)中为用户和验证装置创建新条目。在一个实施例中,依赖方维护其接受用于验证的验证装置的数据库。其可使用AAID(或其他验证装置代码)查询这个数据库以确定正被预置的验证装置是否能够被接受用于验证。如果是,则其将继续进行注册过程。
在一个实施例中,依赖方202为正被预置的每个验证装置生成验证密钥。其将密钥写入安全数据库并且使用密钥预置协议将密钥发送回到验证客户端201。一旦完成,验证装置和依赖方202便在使用对称密钥的情况下共享相同密钥,或者在使用不对称密钥的情况下共享不同密钥。例如,如果使用不对称密钥,则依赖方202可存储公共密钥并且向验证客户端201提供私有密钥。在从依赖方202接收到私有密钥后,验证客户端201将该密钥预置到验证装置中(将其存储在与验证装置相关联的安全存储装置内)。其可接着在用户的验证(如下所述)期间使用该密钥。在替代实施例中,由验证客户端201生成密钥,并且使用密钥预置协议来向依赖方202提供密钥。在任一种情况下,一旦预置完成,验证客户端201和依赖方202便各自具有密钥,并且验证客户端201向依赖方通知该完成。
图3示出了用于向预置的验证装置验证用户的一系列交易。一旦装置注册完成(如图2所述),依赖方202便将接受客户端上的本地验证装置所生成的验证响应(有时称为“令牌”)作为有效验证响应。
转到图3所示的具体细节,响应于用户发起需要验证的与依赖方202的交易(例如,发起来自依赖方的网站的支付、访问私有用户帐户数据等),依赖方202生成包括随机质询(例如,密码随机数)的验证请求。在一个实施例中,随机质询具有与其相关联的时间限制(例如,其在指定时间段内有效)。依赖方还可识别待由验证客户端201用于验证的验证器。如上所述,依赖方可预置客户端上可用的每个验证装置并且存储用于每个所预置的验证器的公共密钥。因此,其可使用验证器的公共密钥或可使用验证器ID(例如,AAID)来识别待使用的验证器。或者,其可向客户端提供用户可从中进行选择的验证选项列表。
响应于接收到验证请求,可向用户呈现请求验证的图形用户界面(GUI)(例如,呈网页或验证应用程序/应用程序的GUI的形式)。用户接着执行验证(例如,在指纹读取器上轻扫手指等)。作为响应,验证客户端201生成验证响应,其含有在随机质询上方的签名以及与验证器相关联的私有密钥。其还可在验证响应中包括其他相关数据,诸如用户ID代码。
在接收到验证响应后,依赖方便可查验随机质询上方的签名(例如,使用与验证器相关联的公共密钥)并且确认用户的身份。一旦验证完成,便准许用户进入与依赖方的安全交易,如图所示。
诸如传输层安全性(TLS)或安全套接字层(SSL)等安全通信协议可用于针对图2至图3所示的任何或所有交易在依赖方202与验证客户端201之间建立安全连接。
用于使用数据分析执行验证的系统和方法
本发明的实施例包括用于通过以较大规模查看验证相关数据来检测用户和装置的不同行为模式并且使用这些模式来调整交易的验证风险的技术。传统验证系统分析来自用户或装置的单个数据信号,诸如口令或加密响应,并且基于这个信号做出最终验证决策。相反,下文所述的本发明的实施例基于与用户验证相关联的各种不同信号和数据来执行较大规模的分析,从而识别无法用传统系统检测的与当前交易相关的关注模式。
如所提及,传统验证系统是基于验证数据的单个源,诸如用户口令和验证密钥。服务器通常将用户验证数据存储在用户记录中并且期望在每个验证事件期间接收恰当的验证数据。服务器执行二元检查–即,如果验证数据的核验成功,则用户被验证,如果核验失败,则用户未被验证。现今成千上万的网站采用此方案。
甚至在允许用户使用客户端装置的生物计量验证器向服务器验证的下一代验证协议中,基本的验证方法也是基于二元核验–即,对验证器所提供的加密签名的核验。虽然客户端装置可提供多个加密签名,但服务器简单地核验这些加密签名并且做出成功或失败的二元决策。
此类系统的缺点是其容易受到高级攻击。只要所提供的验证数据通过服务器侧核验,验证就将被认为是成功的。然而,如果客户端侧验证器受到危及并且攻击者能够生成有效验证数据,则这些系统可受到危及。在没有通过以较大规模查看数据来执行更高级分析的情况下,很难检测到此类攻击并恰当地做出反应。
客户端侧验证器用于向验证服务器验证用户的系统(诸如上文结合图1A至图1B、图2和图3所述)能够访问能够被进一步分析以确定关注模式的关注数据点。此类系统收集的数据越多,分析就将越丰富。可在验证之前、在验证期间和/或在验证之后执行分析。例如,在一个实施例中,验证服务器可查看特定用户的所有先前验证尝试并且判断当前验证操作是否适合于对于该用户而言典型的较大模式。如果其背离该典型模式,则当前操作是较不典型的并且因此较不被信任/较具风险。相反,如果当前验证操作适合于先前模式,则系统可决定不覆盖该用户并且不需要额外验证或者利用侵入性较小的验证技术。
图4A示出了本发明的一个实施例,其中在验证服务器450上执行用于基于当前参数执行数据分析以确定风险等级并且选择验证技术的逻辑。图4B示出了另一个实施例,其中在客户端装置400上实施该逻辑。不管在服务器侧还是客户端侧上执行该分析,本发明的基本原理均保持相同。
首先转到图4A的实施例,示例性客户端装置400包括验证客户端410,其用于使用一个或多个显式用户验证装置420至421和/或非侵入式验证技术405验证用户。显式用户验证装置420至421表示需要显式用户输入的任何形式的验证,诸如指纹验证器、语音或面部识别、视网膜扫描或用户可在上面输入诸如PIN等加密口令的键盘(虚拟或物理)。
非侵入式验证技术405可用于收集用于确定合法用户持有客户端装置400的可能性的相关数据。以举例而非限制的方式,非侵入式验证技术405可包括确定用户的当前位置(例如,经由GPS或其他定位机制)并且将当前位置与已知由最终用户访问的位置(例如,用户的“家”和“工作地”位置)进行比较。例如,如果客户端装置400的当前位置是用户的工作地,则这可由验证客户端410在确定是否需要显式用户验证(例如,经由这些验证装置420至421中的一者)和/或显式用户验证水平时使用。
在一个特定实施例中,“位置”的定义可不关联到一组物理坐标(如使用GPS时),而是由一组对等装置或其他类型的网络装置的存在来规定。例如,在工作时,客户端的无线网络适配器(例如,Wifi适配器、蓝牙适配器、LTE适配器等)可始终“看到”一组对等网络装置(例如,其他计算机、移动电话、平板计算机等)和网络基础设施装置(例如,Wifi接入点、手机发射塔等)。因此,在用户工作时可利用这些装置的存在来验证。可以类似方式由装置的存在来定义其他位置,诸如当用户在家时。
其他非侵入式验证技术405可包括从客户端装置400上的传感器(诸如加速度计)收集数据。例如,可使用加速度计或其他类型的传感器以及被设计为生成用户的正常步行模式的步态“指纹”的软件和/或硬件,来测量用户的生物计量步态。此外,可收集当前温度、湿度、压力和其他环境数据并且将其与用于所宣称的客户端装置400的当前位置的已知环境数据进行比较(例如,以确定当前环境读数与当前声称位置匹配)。另外,非侵入式验证技术可包括测量自从使用装置420至421的上一次成功显式验证以来的时间。时间越短,当前用户就越有可能是客户端装置的合法用户。可收集并分析这些和其他类型的数据,以确定当前用户是客户端装置400的合法用户的可能性(进而确定需要显式用户验证的程度)。
如上所述,安全存储装置425可用于存储与验证装置420至421中的每一者相关联的验证密钥。验证密钥可用于签名并加密经由安全通信信道与依赖方450的通信。
在一个实施例中,通过在依赖方验证服务器450上执行的风险分析模块411从客户端装置400收集当前参数406。下文示出了许多示例性参数。风险分析模块411可接着将当前参数406与验证服务器450上的存储装置中所维护的历史参数和阈值430进行比较以确定当前交易的风险等级407。在一个实施例中,风险等级407表示当前参数406偏离在先前成功验证期间收集的历史参数430的程度(例如,当前参数与历史参数之间的“距离”)和/或当前参数406与在先前不成功验证尝试或欺诈性验证尝试期间收集的历史参数430相关的程度(其将往往指示较大风险)。如下文详细论述,在一个实施例中,使用异常检测算法确定风险等级407,该异常检测算法使用距离函数来指定当前参数406与历史参数430之间的距离(如下文详细论述)。
在一个实施例中,基于所检测到的风险等级407,验证服务器450选择验证该用户所需要的验证技术408。一般来讲,风险等级407越大(例如,与指示“正常”行为的参数的距离越大),验证就越严格。例如,在一个实施例中,如果风险等级高于指定阈值,则验证服务器450可需要使用一个或多个显式用户验证装置420至421的验证。相反,对于低于指定阈值的风险等级,则非侵入式验证技术405可为足够的。如上所述,从依赖方发送的验证请求可包括其他形式的安全性相关数据,诸如密码随机数。
响应于从依赖方发送的验证请求,验证客户端410提示用户使用一个或多个指定验证装置420至421执行验证(如果需要显式验证的话)。如果用户成功地验证(例如,在指纹验证器上轻扫注册的手指),则验证客户端410发送回指示成功验证的验证响应。验证客户端410可与验证响应一起发送其他安全性相关数据,诸如密码随机数和/或使用验证器的加密密钥生成的签名。验证服务器450可接着核验验证响应(例如,核验密码随机数并且使用对应验证器密钥来核验签名)。如果核验成功,则将允许用户执行所需的交易。例如,在一个实施例中,验证服务器450可向依赖方Web服务器发送对成功验证的指示以准许用户完成交易。
在一个实施例中,结果分析和更新模块412分析与成功验证或不成功验证尝试相关联的参数,以生成对历史参数和阈值的更新409。例如,如果验证成功,则当前参数406可被添加为与成功验证相关联的历史参数430(从而减小与这些参数相关联的“风险性”)。相反,如果验证不成功并且/或者如果检测到欺诈,则结果分析和更新模块412所生成的更新可使当前参数406中的一者或多者与不成功验证尝试相关联(例如,使得在将来验证尝试中那些参数的存在指示较高风险)。例如,如果当前参数406指示用户位于先前未观测到的位置中并且验证不成功,则结果分析和更新模块412可更新与这个位置相关联的阈值和/或权重以增大与这个位置相关联的风险。接着将所得数据与历史验证参数和阈值数据库430整合。结果分析和更新模块412可使用包括机器学习算法(如下文所述)在内的各种不同类型的算法来提供对历史数据的更新。
这样,结果分析和更新模块412持续分析并生成新验证事件(成功和不成功)的相关性并且响应性地更新现有历史数据430。风险分析模块411可接着将经过更新的历史数据430用于后续验证尝试。虽然在图4A至图4B中被示出为单独模块,但风险分析模块411和结果分析和更新模块412可被实施为单个集成机器学习模块以持续评估与用户活动相关的参数并且更新历史数据库430。
在一个实施例中,单独地基于用户的“正常”模式来设置历史参数和阈值430。也就是说,不是并入与不成功验证事件或欺诈性活动相关的数据,而是可更新历史参数430以包括仅与成功验证事件相关的数据。因此,在这个实施例中,风险分析模块411将尝试测量与这个正常用户配置文件的偏离并且基于与正常用户行为的偏离量(例如,基于是否已经越过一个或多个阈值,如下文论述)来生成风险等级407。
图4B示出了一个实施例,其中风险分析模块411和结果分析和更新模块412在验证客户端410内实施而非在验证服务器450上实施(或除了在验证服务器上实施之外)。如在图4A所示的服务器侧实施例中,在这个实施例中,风险分析模块411评估当前参数406与历史参数430之间的相关性以确定与当前交易相关联的风险等级407。基于风险等级407,验证客户端选择一种或多种验证技术408并且将验证结果提供到结果分析和更新模块412,该结果分析和更新模块接着基于当前参数406和验证结果来更新历史参数和阈值。下文提供可被评估的各种具体参数和验证结果。
在一个实施例中,被收集并评估以确定风险等级407的参数可包括:每个用户的身份和与在验证服务器处注册的验证器420至421相关的多种数据,包括例如验证证实ID(AAID),其唯一地识别所注册的验证装置的类型;与在验证器注册期间交换的密钥相关联(并且存储在客户端和验证服务器上的安全存储装置425中)的密钥ID;用于查验用密钥生成的加密签名的加密密钥数据;指示已经用密钥生成签名的次数的签名计数器;以及指示每个验证器的版本的验证器版本。另外,用于确定风险等级的参数可包括与每个验证器相关联的元数据,诸如AAID(上文提及)、验证器供应商、验证器类型(例如,指示验证器是在客户端内部还是外部)、验证因素(例如,指纹、声纹、存在等)以及密钥保护方法(例如,可信执行环境、安全元件等)。
为了执行较详细分析,本发明的一个实施例收集并分析以下不同参数中的一者或多者:
1.与加密密钥使用数据相关的参数
○操作的时戳
○所使用的密钥的密钥ID
○所执行的验证操作
○签名核验的成功或失败的指示
○与操作相关联的交易ID
○与这个操作相关联的交易风险得分
○最终交易验证状态(成功或失败)
2.与密钥的状态过渡相关的参数
○过渡的时戳
○转变密钥的密钥ID
○过渡验证器的验证器版本
○过渡状态(例如,良好、遭受攻击、撤销注册、复制、受到危及)
3.与验证后欺诈报告相关的参数
○欺诈的时戳
○已经被报告为欺诈性的交易的交易ID
4.与密钥的历史安全性强度相关的参数
○采样的时戳
○加密密钥的密钥ID
○到采样时的安全性强度
5.与验证器的历史安全性强度相关的参数
○采样的时戳
○验证器的AAID
○到采样时的安全性强度
6.从另选数据源收集的额外参数
○用户装置GPS位置
○用户装置周围WiFi信息
○用户装置的数字指纹
○从用户的生物计量装置收集的生物计量得分
7.用户活动参数
○用户注册的时戳
○上一次成功登录的时戳
○上一次本地验证方法及其时戳
在一个实施例中,风险分析模块411通过以下文指定的方式评估这些参数来确定当前风险等级407。这些评估可基于(1)与客户端装置上的AAID和密钥相关的参数;(2)与用户验证的时间相关的参数;(3)与客户端装置的位置相关的参数;(4)与客户端装置的网络连接性相关的参数;以及(5)与验证客户端(例如,响应于用户验证尝试)所生成的生物计量得分相关的参数。
1.AAID和密钥
在一个实施例中,过去已经成功使用加密密钥或AAID的次数将减小与该加密密钥或AAID的使用相关联的风险。相反,加密密钥或AAID已经与不成功验证尝试或欺诈未遂相关联的次数将增大与该加密密钥或AAID相关联的风险。在一个实施例中,可将成功验证尝试的数目与使用其他加密密钥或AAID的验证尝试进行比较。如果比其他密钥/AAID明显不频繁地使用这个密钥/AAID,则这可增大与其使用相关联的风险等级。
可被评估的其他变量包括已经使用加密密钥的上一次时间和这个用户已经使用任何验证器的上一次时间。例如,如果用户尚未使用该验证器(或任何验证器)达延长的时间段(例如,超过阈值),则这可增大与该验证器相关联的风险。另外,可考虑加密密钥是否曾经被复制和/或这个AAID的密钥正被复制的频率以确定风险(例如,较多复制指示较多风险)。
可被评估的额外变量包括该加密密钥的状态被改变为“受到攻击”(从而指示较大风险)的频率、该用户从其帐户删除验证器的次数、用户注册/撤销注册特定AAID的次数、用户撤销注册该AAID的频率、用户在其选择撤销注册之前使用该AAID的时间长度;来自这个供应商的任何验证器已经受到危及的次数;这个验证器版本已经受到危及的次数;该用户已经在不同指定时间段(例如,上20秒、5分钟、60分钟、1天、7天)内尝试注册验证器的次数;以及该用户在上一个指定时间段(例如,20秒、5分钟、60分钟、1天、7天)内尝试使用验证器进行验证的次数。
2.验证的时间
在一个实施例中,可评估一天期间用户通常请求验证的时间段、每天/每周/每月用户通常请求验证的次数以确定风险。例如,如果当前验证请求不处于典型时间和/或天,并且/或者如果每天/每周/每月已经请求验证的次数超出范围,则这可指示欺诈性活动。可被评估的另一个变量是关于这是否为使用这个特定验证器进行验证的恰当时间的指示。
3.位置
在一个实施例中,被评估以确定风险的位置变量包括已经在当前位置附近看见这个验证器的次数、已经在给定位置附近看见这个验证器的上一次时间、过去在这个位置附近看见的欺诈量、使用这个AAID在这个位置中看见的欺诈量、这个位置与这个用户的通常位置的距离、这个位置与用户上一次进行验证所在的位置的距离,以及与这个位置/国家相关联的总体风险。
4.网络连接性
在一个实施例中,被评估以确定风险的网络变量包括在给定WiFi(或其他网络)范围附近看见这个用户/密钥的次数;在给定WiFi(或其他网络)范围内装置涉及欺诈性活动的次数;以及在当前宣称位置中容易得到给定WiFi的可能性。
5.生物计量得分
在一个实施例中,由客户端的验证器420至421生成的生物计量得分可用于确定风险。例如,可针对这个AAID确定生物计量得分的统计平均值。如果当前得分与平均值具有指定距离,则这可指示较大风险。另外,可将这个特定用户的平均生物计量得分与当前得分进行比较。再次,如果当前得分与平均值具有指定距离,则这可指示较大风险。
在本发明的一个实施例中,采用机器学习技术来识别指示欺诈性活动和/或合法活动的特定参数(诸如上文所述的参数)。图5示出了用于确定并评估参数以评估风险的方法的一个实施例。该方法可在图4A至图4B所示的系统架构的环境内实施,但不限于任何特定系统架构。
在501处,选择可与欺诈性活动相关的许多参数。在一个实施例中,使用训练过程选择一组初始参数,在该训练过程中这些参数和验证结果被提供作为识别这些参数与欺诈性和/或合法活动之间的相关性的机器学习算法的输入。最终结果是识别与合法和/或欺诈性活动高度相关的某些参数。
在502处,基于对这些参数的评估来选择一个或多个阈值(T)。在一个实施例中,所选择的阈值界定“欺诈性”、“可疑”和/或“正常”活动之间的边界。例如,可针对验证尝试被视为“正常”的时间范围设置阈值。在这些范围之外的时间可被视为可疑或欺诈性的,并且可相应地增大风险等级。可使用上文论述的任何或所有参数确定各种其他阈值。在一个实施例中,可通过机器学习算法自动地设置阈值,如所提及,该机器学习算法识别欺诈性/合法活动与各种参数之间的相关性。
一旦确定初始参数和阈值,便在503处将用于当前交易的参数的距离与现有历史参数进行比较。这在一个实施例中借助使用能够确定数据集之间的相关性的机器学习或其他算法的数学方法来完成。一般来讲,与“正常”参数的距离越大,与当前交易相关联的风险就越高。
在评估之后,在504处,确定在与历史数据集相比时这些参数的最终值是否在所选择的阈值内。如果不是,则在505处这被确定为不寻常活动(例如,可疑或欺诈性的),并且可要求用户使用更严格的验证技术(例如,显式生物计量验证)来验证。在图4所示的实施例中,可提高风险等级407,从而需要更严密的验证。如果这些参数在所选择的阈值内,则在506处该交互被视为正常活动并且可使用较不严格的(或不使用)验证(例如,诸如上文所述的非侵入式验证)。
在任一种情况下,在506处,更新历史数据以反映最近验证结果。这样,可持续更新用于检测可疑或欺诈性活动的历史数据以反映新数据点和阈值。例如,如果用户从不典型位置或在不寻常时间进入交易,则这可在505处被识别为不寻常活动。然而,如果用户成功验证,则在506处可更新历史数据以反映合法用户已在这个特定位置和时间验证的事实。因而,这个特定位置和/或时间可不再被视为“不寻常”,或更准确地讲,可减小与这个位置和/或时间相关联的“风险性”。
不同数学方法可用于确定当前交易的参数与历史参数之间的“距离”(例如,图5中的操作503)。一种特定方法已知为可基于高斯分布的异常检测。尽管以下论述将集中于异常检测,但还能够应用各种其他机器学习算法。
图6中示出本发明的一个实施例中所采用的异常检测算法。在601处,选择可用于指示欺诈性活动的一组初始参数(P1…Pm)。理想的是,这些参数被选择为与欺诈性和/或合法活动具有最强相关性。如上文提及,可使用利用在一段时间内收集的现有验证数据的训练过程选择这些初始参数。
在602处,对于每个参数(Pi),使用现有数据集历史(h1…hm),该数据集如果高斯性不足的话,则被标准化。一旦被标准化,便基于数据集历史(h1…hm)来确定高斯分布的均值(μ)和方差(σ)参数。在一个实施例中,这使用以下等式来完成:
在603处,对于具有参数(x1…xm)的每个新交易,基于历史来计算用于每个新参数的高斯分布。在一个实施例中,这使用以下等式来完成:
在604处,针对所有参数的总和计算p(x)。在一个实施例中,这根据以下等式来完成:
如果在605处确定p(x)<T(所选择的阈值),则在606处这被确定为不寻常行为。因而,可请求一种或多种严格验证技术(例如,显式生物计量验证)。然而,如果p(x)≥T,则在607处,该交互被识别为正常活动并且可需要较不严密的验证(例如,如上所述的非侵入式验证)或可不需要验证。
在任一种情况下,在608处,用新参数(P1…Pm)和相关联验证结果更新数据集历史。例如,如果在606处验证成功,则可更新数据集历史以反映与这些参数相关联的成功验证。
示例性数据处理装置
图7是示出可在本发明的一些实施例中使用的示例性客户端和服务器的框图。应当理解,尽管图7示出计算机系统的各种组件,但其并非意图表示互连组件的任何特定架构或方式,因为此类细节与本发明并不密切相关。应当理解,具有更少组件或更多组件的其他计算机系统也可与本发明一起使用。
如图7所示,计算机系统700,其为一种形式的数据处理系统,包括总线750,该总线与处理系统720、电源725、存储器730和非易失性存储器740(例如,硬盘驱动器、快闪存储器、相变存储器(PCM)等)耦接。总线750可通过如本领域中熟知的各种桥接器、控制器和/或适配器来彼此连接。处理系统720可从存储器730和/或非易失性存储器740检索指令,并执行这些指令以执行如上所述的操作。总线750将以上组件互连在一起,并且还将那些组件互连到可选底座760、显示控制器与显示装置770、输入/输出装置780(例如,NIC(网络接口卡)、光标控件(例如,鼠标、触摸屏、触摸板等)、键盘等)和可选无线接口790(例如,蓝牙、WiFi、红外等)。
图8是示出可在本发明的一些实施例中使用的示例性数据处理系统的框图。例如,数据处理系统800可为手持式计算机、个人数字助理(PDA)、移动电话、便携式游戏系统、便携式媒体播放器、平板计算机或手持式计算装置(其可包括移动电话、媒体播放器和/或游戏系统)。又如,数据处理系统800可为网络计算机或在另一个装置内的嵌入式处理装置。
根据本发明的一个实施例,数据处理系统800的示例性架构可用于上文所述的移动装置。数据处理系统800包括处理系统820,其可包括一个或多个微处理器和/或集成电路上的系统。处理系统820与存储器810、电源825(其包括一个或多个电池)、音频输入/输出840、显示控制器与显示装置860、可选输入/输出850、输入装置870和无线收发器830耦接。应当理解,在本发明的某些实施例中,图8中未示出的其他组件也可为数据处理系统800的一部分,并且在本发明的某些实施例中,可使用比图8所示更少的组件。另外,应当理解,图8中未示出的一个或多个总线可用于使如本领域中熟知的各种组件互连。
存储器810可存储数据和/或程序以供数据处理系统800执行。音频输入/输出840可包括麦克风和/或扬声器以(例如)播放音乐,以及/或者通过扬声器和麦克风提供电话功能。显示控制器与显示装置860可包括图形用户界面(GUI)。无线(例如,RF)收发器830(例如,WiFi收发器、红外收发器、蓝牙收发器、无线蜂窝电话收发器等)可用于与其他数据处理系统通信。所述一个或多个输入装置870允许用户向系统提供输入。这些输入装置可为小键盘、键盘、触控面板、多点触控面板等。可选的其他输入/输出850可为底座的连接器。
本发明的实施例可包括如上文陈述的各种步骤。这些步骤可体现为致使通用处理器或专用处理器执行某些步骤的机器可执行指令。或者,这些步骤可由包含用于执行这些步骤的硬连线逻辑的特定硬件组件执行,或由编程的计算机组件和定制硬件组件的任何组合执行。
本发明的元件还可被提供为用于存储机器可执行程序代码的机器可读介质。机器可读介质可包括但不限于软盘、光盘、CD-ROM和磁光盘、ROM、RAM、EPROM、EEPROM、磁卡或光卡、或者适合于存储电子程序代码的其他类型的介质/机器可读介质。
在整个前述描述中,出于解释的目的,陈述了许多特定细节以便透彻理解本发明。然而,本领域的技术人员将容易明白,可在没有这些特定细节中的一些的情况下实践本发明。例如,本领域的技术人员将容易明白,本文所述的功能模块和方法可被实施为软件、硬件或其任何组合。此外,虽然本文在移动计算环境的情形内描述本发明的一些实施例,但本发明的基本原理不限于移动计算具体实施。在一些实施例中,可使用几乎任何类型的客户端或对等数据处理装置,包括(例如)台式计算机或工作站计算机。因此,应依据所附权利要求书确定本发明的范围和精神。
本发明的实施例可包括如上文陈述的各种步骤。这些步骤可体现为致使通用处理器或专用处理器执行某些步骤的机器可执行指令。或者,这些步骤可由包含用于执行这些步骤的硬连线逻辑的特定硬件组件执行,或由编程的计算机组件和定制硬件组件的任何组合执行。
Claims (22)
1.一种在验证系统内实施的方法,包括:
选择与客户端装置上的用户活动相关的一组参数;
接收验证所述用户用于当前交易的请求;
响应性地计算与所述当前交易相关联的参数和来自现有数据集的历史参数之间的距离;
基于与所述当前交易相关联的所述参数和所述历史参数之间的所计算出的距离来确定与所述当前交易相关联的风险等级;
基于所述风险等级来选择验证所述用户所需要的一种或多种验证技术;
执行所述一种或多种验证技术以尝试验证所述用户并且生成验证结果;
使用与所述当前交易相关联的所述参数和所述验证结果更新所述历史参数;以及
采用机器学习以通过执行每个参数与先前验证事件的结果之间的相关性来选择所述一组参数。
2.根据权利要求1所述的方法,其中所述参数包括与用于执行验证的验证器标识符或密钥相关联的参数、与验证时间相关联的参数、与验证位置相关联的参数、与网络连接性相关联的参数和/或与由客户端装置验证器生成的生物计量得分相关联的参数。
3.根据权利要求1所述的方法,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离低于指定阈值,则将所述风险等级设置为表示正常用户行为的第一等级。
4.根据权利要求3所述的方法,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离高于指定阈值,则将所述风险等级设置为表示可疑用户行为的第二等级。
5.根据权利要求1所述的方法,其中选择包括:
针对高于第一阈值的风险等级选择验证技术的第一子集并且针对低于所述第一阈值的风险等级选择验证技术的第二子集或不选择验证技术。
6.根据权利要求5所述的方法,其中验证技术的所述第一子集包括显式生物计量用户验证。
7.根据权利要求6所述的方法,其中验证技术的所述第二子集包括非侵入式验证技术。
8.根据权利要求1所述的方法,其中将与成功验证事件和/或不成功验证事件具有高相关性的参数选择为包括在所述一组参数中。
9.根据权利要求1所述的方法,其中计算与所述当前交易相关联的参数和历史参数之间的距离包括使用所述参数的高斯分布执行异常检测。
10.一种存储有程序代码的非暂时性机器可读介质,所述程序代码,当被机器执行时,使得所述机器执行以下操作:
选择与客户端装置上的用户活动相关的一组参数;
接收验证所述用户用于当前交易的请求;
响应性地计算与所述当前交易相关联的参数和来自现有数据集的历史参数之间的距离;
基于与所述当前交易相关联的所述参数和所述历史参数之间的所计算出的距离来确定与所述当前交易相关联的风险等级;
基于所述风险等级来选择验证所述用户所需要的一种或多种验证技术;
执行所述一种或多种验证技术以尝试验证所述用户并且生成验证结果;
使用与所述当前交易相关联的所述参数和所述验证结果更新所述历史参数;以及
采用机器学习以通过执行每个参数与先前验证事件的结果之间的相关性来选择所述一组参数。
11.根据权利要求10所述的机器可读介质,其中所述参数包括与用于执行验证的验证器标识符或密钥相关联的参数、与验证时间相关联的参数、与验证位置相关联的参数、与网络连接性相关联的参数和/或与由客户端装置验证器生成的生物计量得分相关联的参数。
12.根据权利要求10所述的机器可读介质,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离低于指定阈值,则将所述风险等级设置为表示正常用户行为的第一等级。
13.根据权利要求12所述的机器可读介质,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离高于指定阈值,则将所述风险等级设置为表示可疑用户行为的第二等级。
14.根据权利要求10所述的机器可读介质,其中选择包括:
针对高于第一阈值的风险等级选择验证技术的第一子集并且针对低于所述第一阈值的风险等级选择验证技术的第二子集或不选择验证技术。
15.根据权利要求14所述的机器可读介质,其中验证技术的所述第一子集包括显式生物计量用户验证。
16.根据权利要求15所述的机器可读介质,其中验证技术的所述第二子集包括非侵入式验证技术。
17.根据权利要求10所述的机器可读介质,其中将与成功验证事件和/或不成功验证事件具有高相关性的参数选择为包括在所述一组参数中。
18.根据权利要求10所述的机器可读介质,其中计算与所述当前交易相关联的参数和历史参数之间的距离包括使用所述参数的高斯分布执行异常检测。
19.一种验证系统,包括:
客户端装置,所述客户端装置用于提供与当前用户的活动相关的一组参数;
验证服务器,所述验证服务器用于:
接收验证所述用户用于当前交易的请求;
计算与所述当前交易相关联的参数和来自现有数据集的历史参数之间的距离;
基于所述当前交易相关联的所述参数和所述历史参数之间的所述所计算出的距离来确定与所述当前交易相关联的风险等级;并且
基于所述风险等级来选择验证所述用户所需要的一种或多种验证技术;
验证引擎,所述验证引擎用于执行所述一种或多种验证技术以尝试验证所述用户并且生成验证结果;
其中所述验证服务器进一步用于使用与所述当前交易相关联的所述参数和所述验证结果更新所述历史参数并且用于采用机器学习以通过执行每个参数与先前验证事件的结果之间的相关性来选择所述一组参数。
20.根据权利要求19所述的系统,其中所述参数包括与用于执行验证的验证器标识符或密钥相关联的参数、与验证时间相关联的参数、与验证位置相关联的参数、与网络连接性相关联的参数和/或与由客户端装置验证器生成的生物计量得分相关联的参数。
21.根据权利要求19所述的系统,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离低于指定阈值,则将所述风险等级设置为表示正常用户行为的第一等级。
22.根据权利要求21所述的系统,其中如果与所述当前交易相关联的所述参数中的一者或多者和对应的所述历史参数之间的所述距离高于指定阈值,则将所述风险等级设置为表示可疑用户行为的第二等级。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/448,868 | 2014-07-31 | ||
US14/448,868 US9875347B2 (en) | 2014-07-31 | 2014-07-31 | System and method for performing authentication using data analytics |
PCT/US2015/042799 WO2016019093A1 (en) | 2014-07-31 | 2015-07-30 | System and method for performing authentication using data analytics |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106575401A CN106575401A (zh) | 2017-04-19 |
CN106575401B true CN106575401B (zh) | 2021-01-12 |
Family
ID=55218301
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201580040836.7A Active CN106575401B (zh) | 2014-07-31 | 2015-07-30 | 用于使用数据分析执行验证的系统和方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US9875347B2 (zh) |
EP (1) | EP3175410A4 (zh) |
JP (1) | JP6538821B2 (zh) |
KR (1) | KR102457683B1 (zh) |
CN (1) | CN106575401B (zh) |
WO (1) | WO2016019093A1 (zh) |
Families Citing this family (181)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10270748B2 (en) | 2013-03-22 | 2019-04-23 | Nok Nok Labs, Inc. | Advanced authentication techniques and applications |
FR3030817B1 (fr) * | 2014-12-22 | 2017-01-13 | Oberthur Technologies | Procede d'authentification d'un utilisateur, module securise, appareil electronique et systeme associes |
US9954870B2 (en) * | 2015-04-29 | 2018-04-24 | International Business Machines Corporation | System conversion in a networked computing environment |
US9923908B2 (en) | 2015-04-29 | 2018-03-20 | International Business Machines Corporation | Data protection in a networked computing environment |
US9462013B1 (en) | 2015-04-29 | 2016-10-04 | International Business Machines Corporation | Managing security breaches in a networked computing environment |
KR102133534B1 (ko) * | 2015-07-01 | 2020-07-13 | 삼성전자주식회사 | 사용자 인증 방법 및 장치 |
US20170032374A1 (en) * | 2015-07-28 | 2017-02-02 | Ca, Inc. | Determining risk of transactions based on patterns of wireless devices observed by a user terminal |
US20170230184A1 (en) * | 2016-02-08 | 2017-08-10 | Ebay Inc. | Granting access through app instance-specific cryptography |
JP6789660B2 (ja) * | 2016-04-08 | 2020-11-25 | キヤノン株式会社 | 検証装置及び検証システム |
US10291636B2 (en) * | 2016-05-23 | 2019-05-14 | International Business Machines Corporation | Modifying a user session lifecycle in a cloud broker environment |
US10924479B2 (en) * | 2016-07-20 | 2021-02-16 | Aetna Inc. | System and methods to establish user profile using multiple channels |
US10846389B2 (en) | 2016-07-22 | 2020-11-24 | Aetna Inc. | Incorporating risk-based decision in standard authentication and authorization systems |
US10637853B2 (en) * | 2016-08-05 | 2020-04-28 | Nok Nok Labs, Inc. | Authentication techniques including speech and/or lip movement analysis |
US11301550B2 (en) * | 2016-09-07 | 2022-04-12 | Cylance Inc. | Computer user authentication using machine learning |
US10679201B2 (en) | 2016-11-04 | 2020-06-09 | Nxp B.V. | Personal point of sale (pPOS) device that provides for card present E-commerce transaction |
CN108346048B (zh) | 2017-01-23 | 2020-07-28 | 阿里巴巴集团控股有限公司 | 一种调整风险参数的方法、风险识别方法及装置 |
US10685131B1 (en) * | 2017-02-03 | 2020-06-16 | Rockloans Marketplace Llc | User authentication |
US20180232508A1 (en) * | 2017-02-10 | 2018-08-16 | The Trustees Of Columbia University In The City Of New York | Learning engines for authentication and autonomous applications |
US10601800B2 (en) * | 2017-02-24 | 2020-03-24 | Fmr Llc | Systems and methods for user authentication using pattern-based risk assessment and adjustment |
US11514418B2 (en) | 2017-03-19 | 2022-11-29 | Nxp B.V. | Personal point of sale (pPOS) device with a local and/or remote payment kernel that provides for card present e-commerce transaction |
SG10201702968TA (en) * | 2017-04-11 | 2018-11-29 | Mastercard Asia Pacific Pte Ltd | A fraud monitoring apparatus |
US11308187B2 (en) * | 2017-04-11 | 2022-04-19 | Hewlett-Packard Development Company, L.P. | User authentication |
WO2018198110A1 (en) * | 2017-04-25 | 2018-11-01 | Ix-Den Ltd. | System and method for iot device authentication and secure transaction authorization |
CN107094146A (zh) * | 2017-05-05 | 2017-08-25 | 北京图凌科技有限公司 | 一种操作数据的处理方法、终端及服务端 |
CN107172049A (zh) * | 2017-05-19 | 2017-09-15 | 北京信安世纪科技有限公司 | 一种智能身份认证系统 |
KR102413638B1 (ko) * | 2017-05-30 | 2022-06-27 | 삼성에스디에스 주식회사 | 인증 서비스 시스템 및 방법 |
JP6792517B2 (ja) * | 2017-06-05 | 2020-11-25 | 日本電信電話株式会社 | 認証装置および認証方法 |
CN107423883B (zh) * | 2017-06-15 | 2020-04-07 | 创新先进技术有限公司 | 待处理业务的风险识别方法及装置、电子设备 |
US10606990B2 (en) * | 2017-07-06 | 2020-03-31 | Ebay Inc. | Machine learning system for computing asset access |
CN109714301B (zh) * | 2017-10-25 | 2021-11-30 | 北京京东尚科信息技术有限公司 | 注册风险识别方法、装置、电子设备及存储介质 |
US11349822B2 (en) * | 2017-11-20 | 2022-05-31 | Fortanix, Inc. | Runtime encryption plugin for a key management system |
US11868995B2 (en) | 2017-11-27 | 2024-01-09 | Nok Nok Labs, Inc. | Extending a secure key storage for transaction confirmation and cryptocurrency |
US10972471B2 (en) | 2017-12-15 | 2021-04-06 | International Business Machines Corporation | Device authentication using synchronized activity signature comparison |
US11831409B2 (en) | 2018-01-12 | 2023-11-28 | Nok Nok Labs, Inc. | System and method for binding verifiable claims |
US11258798B2 (en) * | 2018-02-27 | 2022-02-22 | Thales Dis France Sas | Method, entity and system for managing access to data through a late dynamic binding of its associated metadata |
US11429725B1 (en) * | 2018-04-26 | 2022-08-30 | Citicorp Credit Services, Inc. (Usa) | Automated security risk assessment systems and methods |
US20190334759A1 (en) * | 2018-04-26 | 2019-10-31 | Microsoft Technology Licensing, Llc | Unsupervised anomaly detection for identifying anomalies in data |
CN108711085A (zh) * | 2018-05-09 | 2018-10-26 | 平安普惠企业管理有限公司 | 一种交易请求的响应方法及其设备 |
US11151568B2 (en) * | 2018-05-09 | 2021-10-19 | Capital One Services, Llc | Real-time selection of authentication procedures based on risk assessment |
CN108647972A (zh) * | 2018-05-10 | 2018-10-12 | 中国工商银行股份有限公司 | 交易认证方式确定方法、推送服务器及系统 |
US11620623B2 (en) * | 2018-05-31 | 2023-04-04 | Nxp B.V. | Merchant transaction mirroring for personal point of sale (pPOS) for card present e-commerce and in vehicle transaction |
US10546444B2 (en) | 2018-06-21 | 2020-01-28 | Capital One Services, Llc | Systems and methods for secure read-only authentication |
CN108875688B (zh) * | 2018-06-28 | 2022-06-10 | 北京旷视科技有限公司 | 一种活体检测方法、装置、系统及存储介质 |
US11032705B2 (en) | 2018-07-24 | 2021-06-08 | Carrier Corporation | System and method for authenticating user based on path location |
US11080375B2 (en) * | 2018-08-01 | 2021-08-03 | Intuit Inc. | Policy based adaptive identity proofing |
US20200058025A1 (en) * | 2018-08-15 | 2020-02-20 | Royal Bank Of Canada | System, methods, and devices for payment recovery platform |
CN109146670A (zh) * | 2018-08-27 | 2019-01-04 | 深圳前海微众银行股份有限公司 | 贷款反欺诈处理方法、装置及可读存储介质 |
WO2020053994A1 (ja) * | 2018-09-12 | 2020-03-19 | 日本電気株式会社 | 情報処理装置、情報処理システム、メンバ特定方法、及びプログラムが格納された非一時的なコンピュータ可読媒体 |
US10511443B1 (en) | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10949520B2 (en) | 2018-10-02 | 2021-03-16 | Capital One Services, Llc | Systems and methods for cross coupling risk analytics and one-time-passcodes |
AU2019355436A1 (en) | 2018-10-02 | 2021-04-15 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11210664B2 (en) | 2018-10-02 | 2021-12-28 | Capital One Services, Llc | Systems and methods for amplifying the strength of cryptographic algorithms |
CA3115142A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
BR112021004710A2 (pt) | 2018-10-02 | 2021-06-08 | Capital One Services, Llc | sistema e método para transmitir dados |
US10542036B1 (en) | 2018-10-02 | 2020-01-21 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
US10685350B2 (en) | 2018-10-02 | 2020-06-16 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10565587B1 (en) | 2018-10-02 | 2020-02-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10505738B1 (en) | 2018-10-02 | 2019-12-10 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10489781B1 (en) | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
WO2020072694A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
WO2020072440A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10771253B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10581611B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10607214B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10909527B2 (en) | 2018-10-02 | 2021-02-02 | Capital One Services, Llc | Systems and methods for performing a reissue of a contactless card |
KR20210066798A (ko) | 2018-10-02 | 2021-06-07 | 캐피탈 원 서비시즈, 엘엘씨 | 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법 |
WO2020072670A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10582386B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
CA3113101A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
KR20210068391A (ko) | 2018-10-02 | 2021-06-09 | 캐피탈 원 서비시즈, 엘엘씨 | 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법 |
US10841091B2 (en) | 2018-10-02 | 2020-11-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10554411B1 (en) | 2018-10-02 | 2020-02-04 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
JP2022508026A (ja) | 2018-10-02 | 2022-01-19 | キャピタル・ワン・サービシーズ・リミテッド・ライアビリティ・カンパニー | 非接触カードの暗号化認証のためのシステムおよび方法 |
US10771254B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for email-based card activation |
CA3115252A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10592710B1 (en) | 2018-10-02 | 2020-03-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10579998B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10733645B2 (en) | 2018-10-02 | 2020-08-04 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
US10810300B2 (en) * | 2018-10-03 | 2020-10-20 | International Business Machines Corporation | User authentication employing user activity based inquiries |
CN109544324B (zh) * | 2018-11-27 | 2022-03-22 | 深圳前海微众银行股份有限公司 | 信贷反欺诈方法、系统、设备及计算机可读存储介质 |
US11361302B2 (en) | 2019-01-11 | 2022-06-14 | Capital One Services, Llc | Systems and methods for touch screen interface interaction using a card overlay |
US11037136B2 (en) | 2019-01-24 | 2021-06-15 | Capital One Services, Llc | Tap to autofill card data |
US10467622B1 (en) | 2019-02-01 | 2019-11-05 | Capital One Services, Llc | Using on-demand applications to generate virtual numbers for a contactless card to securely autofill forms |
US11120453B2 (en) | 2019-02-01 | 2021-09-14 | Capital One Services, Llc | Tap card to securely generate card data to copy to clipboard |
US10510074B1 (en) | 2019-02-01 | 2019-12-17 | Capital One Services, Llc | One-tap payment using a contactless card |
US11823198B1 (en) * | 2019-02-18 | 2023-11-21 | Wells Fargo Bank, N.A. | Contextually escalated authentication by system directed customization of user supplied image |
US10425129B1 (en) | 2019-02-27 | 2019-09-24 | Capital One Services, Llc | Techniques to reduce power consumption in near field communication systems |
US12041039B2 (en) | 2019-02-28 | 2024-07-16 | Nok Nok Labs, Inc. | System and method for endorsing a new authenticator |
US10523708B1 (en) | 2019-03-18 | 2019-12-31 | Capital One Services, Llc | System and method for second factor authentication of customer support calls |
US10984416B2 (en) | 2019-03-20 | 2021-04-20 | Capital One Services, Llc | NFC mobile currency transfer |
CN110084606B (zh) * | 2019-03-20 | 2023-10-10 | 平安直通咨询有限公司上海分公司 | 风险控制方法、装置、计算机设备和存储介质 |
US10438437B1 (en) | 2019-03-20 | 2019-10-08 | Capital One Services, Llc | Tap to copy data to clipboard via NFC |
US10643420B1 (en) | 2019-03-20 | 2020-05-05 | Capital One Services, Llc | Contextual tapping engine |
US10535062B1 (en) | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
US10970712B2 (en) | 2019-03-21 | 2021-04-06 | Capital One Services, Llc | Delegated administration of permissions using a contactless card |
US10467445B1 (en) | 2019-03-28 | 2019-11-05 | Capital One Services, Llc | Devices and methods for contactless card alignment with a foldable mobile device |
US11604867B2 (en) * | 2019-04-01 | 2023-03-14 | Throughputer, Inc. | Graphic pattern-based authentication with adjustable challenge level |
US11860985B2 (en) * | 2019-04-08 | 2024-01-02 | BehavioSec Inc | Adjusting biometric detection thresholds based on recorded behavior |
US12095927B2 (en) * | 2019-05-21 | 2024-09-17 | Nippon Telegraph And Telephone Corporation | Signature verification system, verification key management apparatus, verification key management method and program |
US11521262B2 (en) | 2019-05-28 | 2022-12-06 | Capital One Services, Llc | NFC enhanced augmented reality information overlays |
US11354679B1 (en) * | 2019-05-31 | 2022-06-07 | Inmar Clearing, Inc. | Account validation system and related methods |
US11321449B2 (en) * | 2019-06-03 | 2022-05-03 | Bank Of America Corporation | System for security analysis and authentication across downstream applications |
US11115406B2 (en) * | 2019-06-03 | 2021-09-07 | Bank Of America Corporation | System for security analysis and authentication |
US10516447B1 (en) | 2019-06-17 | 2019-12-24 | Capital One Services, Llc | Dynamic power levels in NFC card communications |
US11392933B2 (en) | 2019-07-03 | 2022-07-19 | Capital One Services, Llc | Systems and methods for providing online and hybridcard interactions |
US10871958B1 (en) | 2019-07-03 | 2020-12-22 | Capital One Services, Llc | Techniques to perform applet programming |
US11694187B2 (en) | 2019-07-03 | 2023-07-04 | Capital One Services, Llc | Constraining transactional capabilities for contactless cards |
US12086852B2 (en) | 2019-07-08 | 2024-09-10 | Capital One Services, Llc | Authenticating voice transactions with payment card |
US10713649B1 (en) | 2019-07-09 | 2020-07-14 | Capital One Services, Llc | System and method enabling mobile near-field communication to update display on a payment card |
US10498401B1 (en) | 2019-07-15 | 2019-12-03 | Capital One Services, Llc | System and method for guiding card positioning using phone sensors |
US10885514B1 (en) | 2019-07-15 | 2021-01-05 | Capital One Services, Llc | System and method for using image data to trigger contactless card transactions |
US10832271B1 (en) | 2019-07-17 | 2020-11-10 | Capital One Services, Llc | Verified reviews using a contactless card |
US11182771B2 (en) | 2019-07-17 | 2021-11-23 | Capital One Services, Llc | System for value loading onto in-vehicle device |
US10733601B1 (en) | 2019-07-17 | 2020-08-04 | Capital One Services, Llc | Body area network facilitated authentication or payment authorization |
US11521213B2 (en) | 2019-07-18 | 2022-12-06 | Capital One Services, Llc | Continuous authentication for digital services based on contactless card positioning |
US10506426B1 (en) | 2019-07-19 | 2019-12-10 | Capital One Services, Llc | Techniques for call authentication |
US10541995B1 (en) | 2019-07-23 | 2020-01-21 | Capital One Services, Llc | First factor contactless card authentication system and method |
EP4038587A4 (en) | 2019-10-02 | 2023-06-07 | Capital One Services, LLC | CUSTOMER DEVICE AUTHENTICATION USING EXISTING CONTACTLESS MAGNETIC STRIP DATA |
CN110826036A (zh) * | 2019-11-06 | 2020-02-21 | 支付宝(杭州)信息技术有限公司 | 用户操作行为安全性的识别方法、装置和电子设备 |
US10748155B1 (en) | 2019-11-26 | 2020-08-18 | Capital One Services, Llc | Computer-based systems having computing devices programmed to execute fraud detection routines based on feature sets associated with input from physical cards and methods of use thereof |
US20210194919A1 (en) * | 2019-12-18 | 2021-06-24 | Nok Nok Labs, Inc. | System and method for protection against malicious program code injection |
US10885410B1 (en) | 2019-12-23 | 2021-01-05 | Capital One Services, Llc | Generating barcodes utilizing cryptographic techniques |
US10733283B1 (en) | 2019-12-23 | 2020-08-04 | Capital One Services, Llc | Secure password generation and management using NFC and contactless smart cards |
US11615395B2 (en) | 2019-12-23 | 2023-03-28 | Capital One Services, Llc | Authentication for third party digital wallet provisioning |
US10862540B1 (en) | 2019-12-23 | 2020-12-08 | Capital One Services, Llc | Method for mapping NFC field strength and location on mobile devices |
US10657754B1 (en) | 2019-12-23 | 2020-05-19 | Capital One Services, Llc | Contactless card and personal identification system |
US11651361B2 (en) | 2019-12-23 | 2023-05-16 | Capital One Services, Llc | Secure authentication based on passport data stored in a contactless card |
US11113685B2 (en) | 2019-12-23 | 2021-09-07 | Capital One Services, Llc | Card issuing with restricted virtual numbers |
US10664941B1 (en) | 2019-12-24 | 2020-05-26 | Capital One Services, Llc | Steganographic image encoding of biometric template information on a card |
US10853795B1 (en) | 2019-12-24 | 2020-12-01 | Capital One Services, Llc | Secure authentication based on identity data stored in a contactless card |
US11200563B2 (en) | 2019-12-24 | 2021-12-14 | Capital One Services, Llc | Account registration using a contactless card |
US10909544B1 (en) | 2019-12-26 | 2021-02-02 | Capital One Services, Llc | Accessing and utilizing multiple loyalty point accounts |
US10757574B1 (en) | 2019-12-26 | 2020-08-25 | Capital One Services, Llc | Multi-factor authentication providing a credential via a contactless card for secure messaging |
US11038688B1 (en) | 2019-12-30 | 2021-06-15 | Capital One Services, Llc | Techniques to control applets for contactless cards |
US11455620B2 (en) | 2019-12-31 | 2022-09-27 | Capital One Services, Llc | Tapping a contactless card to a computing device to provision a virtual number |
US10860914B1 (en) | 2019-12-31 | 2020-12-08 | Capital One Services, Llc | Contactless card and method of assembly |
CN111291668A (zh) * | 2020-01-22 | 2020-06-16 | 北京三快在线科技有限公司 | 活体检测方法、装置、电子设备及可读存储介质 |
US11210656B2 (en) | 2020-04-13 | 2021-12-28 | Capital One Services, Llc | Determining specific terms for contactless card activation |
US11030339B1 (en) | 2020-04-30 | 2021-06-08 | Capital One Services, Llc | Systems and methods for data access control of personal user data using a short-range transceiver |
US10915888B1 (en) | 2020-04-30 | 2021-02-09 | Capital One Services, Llc | Contactless card with multiple rotating security keys |
US11729177B2 (en) * | 2020-04-30 | 2023-08-15 | Capital One Services, Llc | System and method for authentication |
US10861006B1 (en) | 2020-04-30 | 2020-12-08 | Capital One Services, Llc | Systems and methods for data access control using a short-range transceiver |
US11823175B2 (en) | 2020-04-30 | 2023-11-21 | Capital One Services, Llc | Intelligent card unlock |
US11222342B2 (en) | 2020-04-30 | 2022-01-11 | Capital One Services, Llc | Accurate images in graphical user interfaces to enable data transfer |
US10963865B1 (en) | 2020-05-12 | 2021-03-30 | Capital One Services, Llc | Augmented reality card activation experience |
US11100511B1 (en) | 2020-05-18 | 2021-08-24 | Capital One Services, Llc | Application-based point of sale system in mobile operating systems |
US11063979B1 (en) | 2020-05-18 | 2021-07-13 | Capital One Services, Llc | Enabling communications between applications in a mobile operating system |
US11225259B1 (en) * | 2020-07-28 | 2022-01-18 | International Business Machines Corporation | Fair anomaly detection and localization |
US11768933B2 (en) * | 2020-08-11 | 2023-09-26 | Saudi Arabian Oil Company | System and method for protecting against ransomware without the use of signatures or updates |
US11062098B1 (en) | 2020-08-11 | 2021-07-13 | Capital One Services, Llc | Augmented reality information display and interaction via NFC based authentication |
KR102408826B1 (ko) * | 2020-09-25 | 2022-06-16 | 주식회사그린존시큐리티 | IoT 디바이스들의 데이터 전송 시간을 기초로 접근을 제어하기 위한 장치 및 이를 위한 방법 |
US11482312B2 (en) | 2020-10-30 | 2022-10-25 | Capital One Services, Llc | Secure verification of medical status using a contactless card |
US11165586B1 (en) | 2020-10-30 | 2021-11-02 | Capital One Services, Llc | Call center web-based authentication using a contactless card |
US11373169B2 (en) | 2020-11-03 | 2022-06-28 | Capital One Services, Llc | Web-based activation of contactless cards |
US11216799B1 (en) | 2021-01-04 | 2022-01-04 | Capital One Services, Llc | Secure generation of one-time passcodes using a contactless card |
US11682012B2 (en) | 2021-01-27 | 2023-06-20 | Capital One Services, Llc | Contactless delivery systems and methods |
US11687930B2 (en) | 2021-01-28 | 2023-06-27 | Capital One Services, Llc | Systems and methods for authentication of access tokens |
US11792001B2 (en) | 2021-01-28 | 2023-10-17 | Capital One Services, Llc | Systems and methods for secure reprovisioning |
US11562358B2 (en) | 2021-01-28 | 2023-01-24 | Capital One Services, Llc | Systems and methods for near field contactless card communication and cryptographic authentication |
US11438329B2 (en) | 2021-01-29 | 2022-09-06 | Capital One Services, Llc | Systems and methods for authenticated peer-to-peer data transfer using resource locators |
US11777933B2 (en) | 2021-02-03 | 2023-10-03 | Capital One Services, Llc | URL-based authentication for payment cards |
US11637826B2 (en) | 2021-02-24 | 2023-04-25 | Capital One Services, Llc | Establishing authentication persistence |
US11245438B1 (en) | 2021-03-26 | 2022-02-08 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
US11750639B2 (en) | 2021-04-05 | 2023-09-05 | Bank Of America Corporation | ATM-based anomaly and security threat detection |
US11714893B2 (en) * | 2021-04-06 | 2023-08-01 | EMC IP Holding Company LLC | Escalated authentication system to perform an integrity-check based on behavior patterns |
US11935035B2 (en) | 2021-04-20 | 2024-03-19 | Capital One Services, Llc | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
US11961089B2 (en) | 2021-04-20 | 2024-04-16 | Capital One Services, Llc | On-demand applications to extend web services |
US11902442B2 (en) | 2021-04-22 | 2024-02-13 | Capital One Services, Llc | Secure management of accounts on display devices using a contactless card |
US11354555B1 (en) | 2021-05-04 | 2022-06-07 | Capital One Services, Llc | Methods, mediums, and systems for applying a display to a transaction card |
US11979396B2 (en) | 2021-05-19 | 2024-05-07 | Bank Of America Corporation | Information security system and method for machine-to-machine (M2M) security and validation |
CN113535653A (zh) * | 2021-06-04 | 2021-10-22 | 宁波奥克斯电气股份有限公司 | 智能设备风险识别方法、装置及基于iot的风控系统 |
US11558370B2 (en) | 2021-06-14 | 2023-01-17 | Bank Of America Corporation | Electronic system for generation of authentication tokens using digital footprint |
US12041172B2 (en) | 2021-06-25 | 2024-07-16 | Capital One Services, Llc | Cryptographic authentication to control access to storage devices |
US12061682B2 (en) | 2021-07-19 | 2024-08-13 | Capital One Services, Llc | System and method to perform digital authentication using multiple channels of communication |
CN113626782A (zh) * | 2021-07-22 | 2021-11-09 | 深圳竹云科技有限公司 | 基于用户偏好的认证方法、装置及计算设备 |
WO2023033722A2 (en) * | 2021-08-31 | 2023-03-09 | Gp Network Asia Pte. Ltd. | System and method for adaptively tracking a pattern of a transaction |
US12062258B2 (en) | 2021-09-16 | 2024-08-13 | Capital One Services, Llc | Use of a payment card to unlock a lock |
CN114022154A (zh) * | 2021-11-26 | 2022-02-08 | 中国银行股份有限公司 | 银行智能柜台交易风险控制方法及装置 |
US12069173B2 (en) | 2021-12-15 | 2024-08-20 | Capital One Services, Llc | Key recovery based on contactless card authentication |
US20230214822A1 (en) * | 2022-01-05 | 2023-07-06 | Mastercard International Incorporated | Computer-implemented methods and systems for authentic user-merchant association and services |
US11922424B2 (en) | 2022-03-15 | 2024-03-05 | Visa International Service Association | System, method, and computer program product for interpreting black box models by perturbing transaction parameters |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1705923A (zh) * | 2002-08-08 | 2005-12-07 | 新加坡南洋理工大学 | 在验证中的分布式处理 |
JP2007514333A (ja) * | 2003-09-12 | 2007-05-31 | アールエスエイ セキュリティー インコーポレーテッド | リスクベース認証のためのシステムおよび方法 |
CN101751629A (zh) * | 2008-12-16 | 2010-06-23 | 国际商业机器公司 | 使用变化唯一值的多因素认证的方法和系统 |
CN101803272A (zh) * | 2007-06-26 | 2010-08-11 | G3视觉有限公司 | 认证系统和方法 |
CN102696212A (zh) * | 2009-10-23 | 2012-09-26 | 威斯科数据安全国际有限公司 | 具有交易风险等级批准能力的紧凑型安全装置 |
Family Cites Families (292)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5280527A (en) | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5764789A (en) | 1994-11-28 | 1998-06-09 | Smarttouch, Llc | Tokenless biometric ATM access system |
US6088450A (en) | 1996-04-17 | 2000-07-11 | Intel Corporation | Authentication system based on periodic challenge/response protocol |
US6377691B1 (en) | 1996-12-09 | 2002-04-23 | Microsoft Corporation | Challenge-response authentication and key exchange for a connectionless security protocol |
US6378072B1 (en) | 1998-02-03 | 2002-04-23 | Compaq Computer Corporation | Cryptographic system |
US6618806B1 (en) | 1998-04-01 | 2003-09-09 | Saflink Corporation | System and method for authenticating users in a computer network |
US6178511B1 (en) | 1998-04-30 | 2001-01-23 | International Business Machines Corporation | Coordinating user target logons in a single sign-on (SSO) environment |
JP2000092046A (ja) | 1998-09-11 | 2000-03-31 | Mitsubishi Electric Corp | 遠隔認証システム |
US7047416B2 (en) | 1998-11-09 | 2006-05-16 | First Data Corporation | Account-based digital signature (ABDS) system |
US7505941B2 (en) | 1999-08-31 | 2009-03-17 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions using biometrics |
US7085931B1 (en) | 1999-09-03 | 2006-08-01 | Secure Computing Corporation | Virtual smart card system and method |
US6842896B1 (en) | 1999-09-03 | 2005-01-11 | Rainbow Technologies, Inc. | System and method for selecting a server in a multiple server license management system |
US7260724B1 (en) | 1999-09-20 | 2007-08-21 | Security First Corporation | Context sensitive dynamic authentication in a cryptographic system |
US7444368B1 (en) | 2000-02-29 | 2008-10-28 | Microsoft Corporation | Methods and systems for selecting methodology for authenticating computer systems on a per computer system or per user basis |
US7140036B2 (en) | 2000-03-06 | 2006-11-21 | Cardinalcommerce Corporation | Centralized identity authentication for electronic communication networks |
US7698565B1 (en) | 2000-03-30 | 2010-04-13 | Digitalpersona, Inc. | Crypto-proxy server and method of using the same |
US7263506B2 (en) | 2000-04-06 | 2007-08-28 | Fair Isaac Corporation | Identification and management of fraudulent credit/debit card purchases at merchant ecommerce sites |
MY134895A (en) | 2000-06-29 | 2007-12-31 | Multimedia Glory Sdn Bhd | Biometric verification for electronic transactions over the web |
US7487112B2 (en) | 2000-06-29 | 2009-02-03 | Barnes Jr Melvin L | System, method, and computer program product for providing location based services and mobile e-commerce |
AU2001284721A1 (en) | 2000-08-04 | 2002-02-18 | First Data Corporation | Method and apparatus for access authentication entity |
AU2001288679A1 (en) | 2000-09-11 | 2002-03-26 | Sentrycom Ltd. | A biometric-based system and method for enabling authentication of electronic messages sent over a network |
US20020040344A1 (en) | 2000-10-04 | 2002-04-04 | Preiser Randall F. | Check guarantee, verification, processing, credit reports and collection system and method awarding purchase points for usage of checks |
US7356704B2 (en) | 2000-12-07 | 2008-04-08 | International Business Machines Corporation | Aggregated authenticated identity apparatus for and method therefor |
FI115098B (fi) | 2000-12-27 | 2005-02-28 | Nokia Corp | Todentaminen dataviestinnässä |
US7941669B2 (en) | 2001-01-03 | 2011-05-10 | American Express Travel Related Services Company, Inc. | Method and apparatus for enabling a user to select an authentication method |
US20020112170A1 (en) | 2001-01-03 | 2002-08-15 | Foley James M. | Method and apparatus for using one financial instrument to authenticate a user for accessing a second financial instrument |
AU2002259229A1 (en) | 2001-05-18 | 2002-12-03 | Imprivata, Inc. | Authentication with variable biometric templates |
SG124290A1 (en) | 2001-07-23 | 2006-08-30 | Ntt Docomo Inc | Electronic payment method, system, and devices |
WO2003029916A2 (en) | 2001-09-28 | 2003-04-10 | Bluesocket, Inc. | Method and system for managing data traffic in wireless networks |
JP2003132160A (ja) | 2001-10-23 | 2003-05-09 | Nec Corp | 個人情報管理システムと個人情報管理装置、及び個人情報管理プログラム |
US20030115142A1 (en) | 2001-12-12 | 2003-06-19 | Intel Corporation | Identity authentication portfolio system |
US7155035B2 (en) | 2002-02-05 | 2006-12-26 | Matsushita Electric Industrial Co., Ltd. | Personal authentication method, personal authentication apparatus and image capturing device |
GB0210692D0 (en) | 2002-05-10 | 2002-06-19 | Assendon Ltd | Smart card token for remote authentication |
US20030226036A1 (en) | 2002-05-30 | 2003-12-04 | International Business Machines Corporation | Method and apparatus for single sign-on authentication |
US7322043B2 (en) | 2002-06-20 | 2008-01-22 | Hewlett-Packard Development Company, L.P. | Allowing an electronic device accessing a service to be authenticated |
KR20050083594A (ko) | 2002-07-03 | 2005-08-26 | 오로라 와이어리스 테크놀로지즈 리미티드 | 바이오메트릭 개인키 인프라스트럭처 |
US20160072787A1 (en) | 2002-08-19 | 2016-03-10 | Igor V. Balabine | Method for creating secure subnetworks on a general purpose network |
DE60307583T2 (de) | 2002-11-20 | 2007-10-04 | Stmicroelectronics S.A. | Auswertung der Schärfe eines Bildes der Iris eines Auges |
US7353533B2 (en) | 2002-12-18 | 2008-04-01 | Novell, Inc. | Administration of protection of data accessible by a mobile device |
JP4374904B2 (ja) | 2003-05-21 | 2009-12-02 | 株式会社日立製作所 | 本人認証システム |
JP2005025337A (ja) | 2003-06-30 | 2005-01-27 | Sony Corp | 機器登録システム、機器登録サーバ、機器登録方法、機器登録プログラム、記憶媒体、及び端末機器 |
US7716469B2 (en) | 2003-07-25 | 2010-05-11 | Oracle America, Inc. | Method and system for providing a circle of trust on a network |
US20050080716A1 (en) | 2003-09-25 | 2005-04-14 | Boris Belyi | Data validation systems and methods for use in financial transactions |
US9130921B2 (en) | 2003-09-30 | 2015-09-08 | Ca, Inc. | System and method for bridging identities in a service oriented architectureprofiling |
US7415138B2 (en) | 2003-11-25 | 2008-08-19 | Ultra-Scan Corporation | Biometric authorization method and system |
US20050125295A1 (en) | 2003-12-09 | 2005-06-09 | Tidwell Lisa C. | Systems and methods for obtaining payor information at a point of sale |
US7263717B1 (en) | 2003-12-17 | 2007-08-28 | Sprint Communications Company L.P. | Integrated security framework and privacy database scheme |
US9191215B2 (en) | 2003-12-30 | 2015-11-17 | Entrust, Inc. | Method and apparatus for providing authentication using policy-controlled authentication articles and techniques |
JP4257250B2 (ja) | 2004-03-30 | 2009-04-22 | 富士通株式会社 | 生体情報照合装置並びに生体特徴情報絞込み装置,生体特徴情報絞込みプログラムおよび同プログラムを記録したコンピュータ読取可能な記録媒体 |
US8762283B2 (en) | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
US20050278253A1 (en) | 2004-06-15 | 2005-12-15 | Microsoft Corporation | Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like |
ATE535078T1 (de) | 2004-07-23 | 2011-12-15 | Citrix Systems Inc | Verfahren und system zur sicherung von zugriff aus der ferne auf private netze |
US7194763B2 (en) | 2004-08-02 | 2007-03-20 | Cisco Technology, Inc. | Method and apparatus for determining authentication capabilities |
US7925729B2 (en) | 2004-12-07 | 2011-04-12 | Cisco Technology, Inc. | Network management |
US7298873B2 (en) | 2004-11-16 | 2007-11-20 | Imageware Systems, Inc. | Multimodal biometric platform |
US20060161672A1 (en) | 2004-11-22 | 2006-07-20 | Bea Systems, Inc. | System and method for improved interportlet communications |
WO2006062998A2 (en) | 2004-12-07 | 2006-06-15 | Farsheed Atef | System and method for identity verification and management |
EP1825413A2 (en) | 2004-12-16 | 2007-08-29 | Mark Dwight Bedworth | User validation using images |
EP1828920B1 (en) | 2004-12-20 | 2012-06-13 | EMC Corporation | Consumer internet authentication service |
US9525666B2 (en) | 2005-01-31 | 2016-12-20 | Unisys Corporation | Methods and systems for managing concurrent unsecured and cryptographically secure communications across unsecured networks |
US7844816B2 (en) | 2005-06-08 | 2010-11-30 | International Business Machines Corporation | Relying party trust anchor based public key technology framework |
US20060294390A1 (en) * | 2005-06-23 | 2006-12-28 | International Business Machines Corporation | Method and apparatus for sequential authentication using one or more error rates characterizing each security challenge |
US8079079B2 (en) | 2005-06-29 | 2011-12-13 | Microsoft Corporation | Multimodal authentication |
US20070077915A1 (en) | 2005-09-30 | 2007-04-05 | Black Greg R | Method and apparatus for module authentication |
EP1955251A2 (en) | 2005-10-11 | 2008-08-13 | Citrix Systems, Inc. | Systems and methods for facilitating distributed authentication |
US8407146B2 (en) | 2005-10-28 | 2013-03-26 | Microsoft Corporation | Secure storage |
US7623659B2 (en) | 2005-11-04 | 2009-11-24 | Cisco Technology, Inc. | Biometric non-repudiation network security systems and methods |
US8458465B1 (en) | 2005-11-16 | 2013-06-04 | AT&T Intellectual Property II, L. P. | Biometric authentication |
US8838668B2 (en) | 2005-12-01 | 2014-09-16 | Firestar Software, Inc. | System and method for exchanging information among exchange applications |
US20080005562A1 (en) | 2005-12-13 | 2008-01-03 | Microsoft Corporation | Public key infrastructure certificate entrustment |
WO2007076476A2 (en) | 2005-12-22 | 2007-07-05 | Mastercard International Incorporated | Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers |
CN1992596A (zh) | 2005-12-27 | 2007-07-04 | 国际商业机器公司 | 用户验证设备和用户验证方法 |
US7941835B2 (en) | 2006-01-13 | 2011-05-10 | Authenticor Identity Protection Services, Inc. | Multi-mode credential authorization |
WO2007092715A2 (en) | 2006-02-06 | 2007-08-16 | Solidus Networks, Inc. | Method and system for providing online authentication utilizing biometric data |
WO2007094165A1 (ja) | 2006-02-15 | 2007-08-23 | Nec Corporation | 本人確認システムおよびプログラム、並びに、本人確認方法 |
US20100107222A1 (en) | 2006-03-02 | 2010-04-29 | Avery Glasser | Method and apparatus for implementing secure and adaptive proxies |
US20080028453A1 (en) | 2006-03-30 | 2008-01-31 | Thinh Nguyen | Identity and access management framework |
US7818264B2 (en) | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
JP4929803B2 (ja) | 2006-04-10 | 2012-05-09 | 富士通株式会社 | 認証方法、認証装置、および、認証プログラム |
JP4616335B2 (ja) | 2006-04-21 | 2011-01-19 | 三菱電機株式会社 | 認証サーバ装置及び端末装置及び認証システム及び認証方法 |
US9002018B2 (en) | 2006-05-09 | 2015-04-07 | Sync Up Technologies Corporation | Encryption key exchange system and method |
US8259647B2 (en) | 2006-06-12 | 2012-09-04 | Samsung Electronics Co., Ltd. | System and method for wireless communication of uncompressed video having a link control and bandwidth reservation scheme for control/management message exchanges and asynchronous traffic |
US7512567B2 (en) | 2006-06-29 | 2009-03-31 | Yt Acquisition Corporation | Method and system for providing biometric authentication at a point-of-sale via a mobile device |
CN101106452B (zh) | 2006-07-12 | 2010-12-08 | 华为技术有限公司 | 移动ip密钥的产生及分发方法和系统 |
US20080025234A1 (en) | 2006-07-26 | 2008-01-31 | Qi Zhu | System and method of managing a computer network using hierarchical layer information |
US7966489B2 (en) | 2006-08-01 | 2011-06-21 | Cisco Technology, Inc. | Method and apparatus for selecting an appropriate authentication method on a client |
US8689287B2 (en) | 2006-08-17 | 2014-04-01 | Northrop Grumman Systems Corporation | Federated credentialing system and method |
JP2010501103A (ja) | 2006-08-18 | 2010-01-14 | ホアウェイ・テクノロジーズ・カンパニー・リミテッド | 認証のための方法およびシステム |
US8555072B2 (en) | 2006-08-31 | 2013-10-08 | International Business Machines Corporation | Attestation of computing platforms |
US8239677B2 (en) | 2006-10-10 | 2012-08-07 | Equifax Inc. | Verification and authentication systems and methods |
US9135444B2 (en) | 2006-10-19 | 2015-09-15 | Novell, Inc. | Trusted platform module (TPM) assisted data center management |
US7986786B2 (en) | 2006-11-30 | 2011-07-26 | Hewlett-Packard Development Company, L.P. | Methods and systems for utilizing cryptographic functions of a cryptographic co-processor |
US9055107B2 (en) | 2006-12-01 | 2015-06-09 | Microsoft Technology Licensing, Llc | Authentication delegation based on re-verification of cryptographic evidence |
EP1933522B1 (en) | 2006-12-11 | 2013-10-23 | Sap Ag | Method and system for authentication |
JP2008176407A (ja) | 2007-01-16 | 2008-07-31 | Toshiba Corp | 生体認証システム、装置及びプログラム |
JP2008181295A (ja) | 2007-01-24 | 2008-08-07 | Sony Corp | 認証システム、情報処理装置および方法、プログラム、並びに記録媒体 |
GB0703759D0 (en) | 2007-02-27 | 2007-04-04 | Skype Ltd | A Communication system |
US8302196B2 (en) | 2007-03-20 | 2012-10-30 | Microsoft Corporation | Combining assessment models and client targeting to identify network security vulnerabilities |
US8413221B2 (en) | 2007-03-23 | 2013-04-02 | Emc Corporation | Methods and apparatus for delegated authentication |
US20080271150A1 (en) | 2007-04-30 | 2008-10-30 | Paul Boerger | Security based on network environment |
US8627409B2 (en) | 2007-05-15 | 2014-01-07 | Oracle International Corporation | Framework for automated dissemination of security metadata for distributed trust establishment |
US20080289020A1 (en) | 2007-05-15 | 2008-11-20 | Microsoft Corporation | Identity Tokens Using Biometric Representations |
US8359045B1 (en) | 2007-05-31 | 2013-01-22 | United Services Automobile Association (Usaa) | Method and system for wireless device communication |
US7627522B2 (en) | 2007-06-04 | 2009-12-01 | Visa U.S.A. Inc. | System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions |
US9003488B2 (en) | 2007-06-06 | 2015-04-07 | Datavalet Technologies | System and method for remote device recognition at public hotspots |
US7913086B2 (en) | 2007-06-20 | 2011-03-22 | Nokia Corporation | Method for remote message attestation in a communication system |
US8782801B2 (en) | 2007-08-15 | 2014-07-15 | Samsung Electronics Co., Ltd. | Securing stored content for trusted hosts and safe computing environments |
US20090089870A1 (en) | 2007-09-28 | 2009-04-02 | Mark Frederick Wahl | System and method for validating interactions in an identity metasystem |
US20090204964A1 (en) | 2007-10-12 | 2009-08-13 | Foley Peter F | Distributed trusted virtualization platform |
FR2922396B1 (fr) | 2007-10-12 | 2009-12-25 | Compagnie Ind Et Financiere Dingenierie Ingenico | Procede d'authentification biometrique, programme d'ordinateur, serveur d'authentification, terminal et objet portatif correspondants |
US20090132813A1 (en) | 2007-11-08 | 2009-05-21 | Suridx, Inc. | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones |
US8347374B2 (en) | 2007-11-15 | 2013-01-01 | Red Hat, Inc. | Adding client authentication to networked communications |
US8978117B2 (en) | 2007-11-19 | 2015-03-10 | Avaya Inc. | Authentication frequency and challenge type based on environmental and physiological properties |
TWI350486B (en) | 2007-11-26 | 2011-10-11 | Ind Tech Res Inst | Biometrics method and apparatus and biometric data encryption method thereof |
US8312269B2 (en) | 2007-11-28 | 2012-11-13 | Hitachi Global Storage Technologies Netherlands, B.V. | Challenge and response access control providing data security in data storage devices |
US9575558B2 (en) | 2007-12-05 | 2017-02-21 | Hewlett-Packard Development Company, L.P. | System and method for electronically assisting a customer at a product retail location |
US8650616B2 (en) | 2007-12-18 | 2014-02-11 | Oracle International Corporation | User definable policy for graduated authentication based on the partial orderings of principals |
US8001582B2 (en) | 2008-01-18 | 2011-08-16 | Microsoft Corporation | Cross-network reputation for online services |
US8220032B2 (en) | 2008-01-29 | 2012-07-10 | International Business Machines Corporation | Methods, devices, and computer program products for discovering authentication servers and establishing trust relationships therewith |
US8635662B2 (en) | 2008-01-31 | 2014-01-21 | Intuit Inc. | Dynamic trust model for authenticating a user |
US8175276B2 (en) | 2008-02-04 | 2012-05-08 | Freescale Semiconductor, Inc. | Encryption apparatus with diverse key retention schemes |
US8639630B2 (en) | 2008-02-15 | 2014-01-28 | Ddn Ip Holdings Limited | Distribution of digital content |
US8555078B2 (en) | 2008-02-29 | 2013-10-08 | Adobe Systems Incorporated | Relying party specifiable format for assertion provider token |
US8353016B1 (en) | 2008-02-29 | 2013-01-08 | Adobe Systems Incorporated | Secure portable store for security skins and authentication information |
US8255971B1 (en) * | 2008-03-03 | 2012-08-28 | Jpmorgan Chase Bank, N.A. | Authentication system and method |
US8302167B2 (en) | 2008-03-11 | 2012-10-30 | Vasco Data Security, Inc. | Strong authentication token generating one-time passwords and signatures upon server credential verification |
US20090327131A1 (en) | 2008-04-29 | 2009-12-31 | American Express Travel Related Services Company, Inc. | Dynamic account authentication using a mobile device |
US20090300714A1 (en) | 2008-05-27 | 2009-12-03 | Open Invention Network Llc | Privacy engine and method of use in a user-centric identity management system |
US8359632B2 (en) | 2008-05-30 | 2013-01-22 | Microsoft Corporation | Centralized account reputation |
US8023425B2 (en) | 2009-01-28 | 2011-09-20 | Headwater Partners I | Verifiable service billing for intermediate networking devices |
US20090307140A1 (en) | 2008-06-06 | 2009-12-10 | Upendra Mardikar | Mobile device over-the-air (ota) registration and point-of-sale (pos) payment |
US8572397B2 (en) | 2008-06-20 | 2013-10-29 | Koninklijke Philips N.V. | Biometric authentication and identification |
CA2730175A1 (en) | 2008-07-09 | 2010-01-14 | Xtreme Mobility Inc. | Secure wireless deposit system and method |
US8250627B2 (en) | 2008-07-28 | 2012-08-21 | International Business Machines Corporation | Transaction authorization |
US20100029300A1 (en) | 2008-07-30 | 2010-02-04 | Arima Communications Corp. | Method for inquiring real-time travel-related information using a mobile communication device |
US20100042848A1 (en) | 2008-08-13 | 2010-02-18 | Plantronics, Inc. | Personalized I/O Device as Trusted Data Source |
US20130125222A1 (en) | 2008-08-19 | 2013-05-16 | James D. Pravetz | System and Method for Vetting Service Providers Within a Secure User Interface |
US8666904B2 (en) | 2008-08-20 | 2014-03-04 | Adobe Systems Incorporated | System and method for trusted embedded user interface for secure payments |
US8880036B2 (en) | 2008-09-08 | 2014-11-04 | Qualcomm Incorporated | Retrieving data wirelessly from a mobile device |
US20100083000A1 (en) | 2008-09-16 | 2010-04-01 | Validity Sensors, Inc. | Fingerprint Sensor Device and System with Verification Token and Methods of Using |
US7933836B2 (en) | 2008-09-30 | 2011-04-26 | Avaya Inc. | Proxy-based, transaction authorization system |
JP2010097467A (ja) * | 2008-10-17 | 2010-04-30 | Nomura Research Institute Ltd | リスクベース認証システムおよびリスクベース認証方法 |
US8494482B2 (en) | 2008-10-24 | 2013-07-23 | Centurylink Intellectual Property Llc | Telecommunications system and method for monitoring the body temperature of a user |
AU2009322102B2 (en) | 2008-11-04 | 2015-02-19 | Securekey Technologies Inc. | System and methods for online authentication |
BRPI0921124A2 (pt) | 2008-11-06 | 2016-09-13 | Visa Int Service Ass | sistema para autenticar um consumidor, método implementado por computador, meio legível por computador, e, computador servidor. |
US8245030B2 (en) | 2008-12-19 | 2012-08-14 | Nai-Yu Pai | Method for authenticating online transactions using a browser |
US20100169650A1 (en) | 2008-12-31 | 2010-07-01 | Brickell Ernest F | Storage minimization technique for direct anonymous attestation keys |
US8961619B2 (en) | 2009-01-06 | 2015-02-24 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US20100186072A1 (en) | 2009-01-21 | 2010-07-22 | Akshay Kumar | Distributed secure telework |
US8590021B2 (en) | 2009-01-23 | 2013-11-19 | Microsoft Corporation | Passive security enforcement |
US8284043B2 (en) | 2009-01-23 | 2012-10-09 | Honeywell International Inc. | Method of formulating response to expired timer for data link message |
JP5301310B2 (ja) * | 2009-02-17 | 2013-09-25 | 株式会社日立製作所 | 異常検知方法及び異常検知システム |
WO2010094125A1 (en) | 2009-02-19 | 2010-08-26 | Securekey Technologies Inc. | System and methods for online authentication |
US9015789B2 (en) | 2009-03-17 | 2015-04-21 | Sophos Limited | Computer security lock down methods |
US20110307707A1 (en) | 2009-03-25 | 2011-12-15 | Pacid Technologies, Llc | Method and system for securing a file |
US8291468B1 (en) | 2009-03-30 | 2012-10-16 | Juniper Networks, Inc. | Translating authorization information within computer networks |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US20100325684A1 (en) | 2009-06-17 | 2010-12-23 | Microsoft Corporation | Role-based security for messaging administration and management |
US8621203B2 (en) | 2009-06-22 | 2013-12-31 | Nokia Corporation | Method and apparatus for authenticating a mobile device |
KR20100137655A (ko) | 2009-06-23 | 2010-12-31 | 삼성전자주식회사 | 전자 프로그램 가이드를 표시하는 방법 및 이를 위한 장치 |
US8452960B2 (en) | 2009-06-23 | 2013-05-28 | Netauthority, Inc. | System and method for content delivery |
WO2011017099A2 (en) | 2009-07-27 | 2011-02-10 | Suridx, Inc. | Secure communication using asymmetric cryptography and light-weight certificates |
US7865937B1 (en) | 2009-08-05 | 2011-01-04 | Daon Holdings Limited | Methods and systems for authenticating users |
US8756661B2 (en) | 2009-08-24 | 2014-06-17 | Ufp Identity, Inc. | Dynamic user authentication for access to online services |
US8429404B2 (en) | 2009-09-30 | 2013-04-23 | Intel Corporation | Method and system for secure communications on a managed network |
IL201351A0 (en) | 2009-10-01 | 2010-05-31 | Michael Feldbau | Device and method for electronic signature via proxy |
US20110083170A1 (en) | 2009-10-06 | 2011-04-07 | Validity Sensors, Inc. | User Enrollment via Biometric Device |
US8719905B2 (en) | 2010-04-26 | 2014-05-06 | Authentify Inc. | Secure and efficient login and transaction authentication using IPhones™ and other smart mobile communication devices |
US8769784B2 (en) | 2009-11-02 | 2014-07-08 | Authentify, Inc. | Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones |
US8621460B2 (en) | 2009-11-02 | 2013-12-31 | International Business Machines Corporation | Endpoint-hosted hypervisor management |
US8713325B2 (en) | 2011-04-19 | 2014-04-29 | Authentify Inc. | Key management using quasi out of band authentication architecture |
KR20110048974A (ko) | 2009-11-04 | 2011-05-12 | 삼성전자주식회사 | 무선통신 시스템에서 마스터 세션 키를 갱신하기 위한 장치 및 방법 |
WO2011059496A1 (en) | 2009-11-11 | 2011-05-19 | Cross Match Technologies, Inc. | Apparatus and method for determining sequencing of fingers in images to a two-finger scanner of fingerprint images |
US8949978B1 (en) | 2010-01-06 | 2015-02-03 | Trend Micro Inc. | Efficient web threat protection |
KR101434769B1 (ko) | 2010-01-22 | 2014-08-27 | 인터디지탈 패튼 홀딩스, 인크 | 신뢰적인 연합 아이덴티티 관리 및 데이터 액세스 인가를 위한 방법 및 장치 |
US9070146B2 (en) | 2010-02-04 | 2015-06-30 | Playspan Inc. | Method and system for authenticating online transactions |
WO2011094869A1 (en) | 2010-02-05 | 2011-08-11 | Lipso Systèmes Inc. | Secure authentication system and method |
US20110219427A1 (en) | 2010-03-04 | 2011-09-08 | RSSBus, Inc. | Smart Device User Authentication |
US9065823B2 (en) | 2010-03-08 | 2015-06-23 | Gemalto Sa | System and method for using a portable security device to cryptograhically sign a document in response to signature requests from a relying party to a digital signature service |
US8930713B2 (en) | 2010-03-10 | 2015-01-06 | Dell Products L.P. | System and method for general purpose encryption of data |
CN102196407B (zh) | 2010-03-18 | 2015-09-16 | 中兴通讯股份有限公司 | 锚定鉴权器重定位方法及系统 |
JP2011199458A (ja) | 2010-03-18 | 2011-10-06 | Brother Industries Ltd | 無線通信システム |
US8826030B2 (en) | 2010-03-22 | 2014-09-02 | Daon Holdings Limited | Methods and systems for authenticating users |
US9171306B1 (en) | 2010-03-29 | 2015-10-27 | Bank Of America Corporation | Risk-based transaction authentication |
JP2013524352A (ja) | 2010-03-31 | 2013-06-17 | セキュリティー ファースト コーポレイション | 移動中のデータをセキュア化するためのシステムおよび方法 |
US9356916B2 (en) | 2010-04-30 | 2016-05-31 | T-Central, Inc. | System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI-based distributed locking of content and distributed unlocking of protected content |
US8926335B2 (en) | 2010-05-12 | 2015-01-06 | Verificient Technologies, Inc. | System and method for remote test administration and monitoring |
US8973125B2 (en) | 2010-05-28 | 2015-03-03 | Alcatel Lucent | Application layer authentication in packet networks |
US20110314549A1 (en) | 2010-06-16 | 2011-12-22 | Fujitsu Limited | Method and apparatus for periodic context-aware authentication |
US8832461B2 (en) | 2010-06-25 | 2014-09-09 | Microsoft Corporation | Trusted sensors |
US8943603B2 (en) | 2010-07-08 | 2015-01-27 | Hewlett-Packard Development Company, L.P. | System and method for document policy enforcement |
US8412158B2 (en) | 2010-08-17 | 2013-04-02 | Qualcomm Incorporated | Mobile device having increased security that is less obtrusive |
EP2424185B1 (en) | 2010-08-23 | 2014-10-22 | 3M Innovative Properties Co. | Method and device for challenge-response authentication |
US8590014B1 (en) | 2010-09-13 | 2013-11-19 | Zynga Inc. | Network application security utilizing network-provided identities |
US9183683B2 (en) | 2010-09-28 | 2015-11-10 | Sony Computer Entertainment Inc. | Method and system for access to secure resources |
US8566915B2 (en) | 2010-10-22 | 2013-10-22 | Microsoft Corporation | Mixed-mode authentication |
US8904472B2 (en) | 2010-11-12 | 2014-12-02 | Riaz Ahmed SHAIKH | Validation of consistency and completeness of access control policy sets |
US10153901B2 (en) | 2010-11-23 | 2018-12-11 | Concierge Holdings, Inc. | System and method for verifying user identity in a virtual environment |
BR112013012964A2 (pt) | 2010-11-24 | 2016-08-23 | Telefonica Sa | método para autorizar o acesso a conteúdo protegido |
US8555355B2 (en) | 2010-12-07 | 2013-10-08 | Verizon Patent And Licensing Inc. | Mobile pin pad |
US8955035B2 (en) | 2010-12-16 | 2015-02-10 | Microsoft Corporation | Anonymous principals for policy languages |
US8380637B2 (en) * | 2011-01-16 | 2013-02-19 | Yerucham Levovitz | Variable fractions of multiple biometrics with multi-layer authentication of mobile transactions |
US8549145B2 (en) | 2011-02-08 | 2013-10-01 | Aventura Hq, Inc. | Pre-access location-based rule initiation in a virtual computing environment |
US8595507B2 (en) | 2011-02-16 | 2013-11-26 | Novell, Inc. | Client-based authentication |
US20130144785A1 (en) * | 2011-03-29 | 2013-06-06 | Igor Karpenko | Social network payment authentication apparatuses, methods and systems |
US8810368B2 (en) | 2011-03-29 | 2014-08-19 | Nokia Corporation | Method and apparatus for providing biometric authentication using distributed computations |
US9092605B2 (en) | 2011-04-11 | 2015-07-28 | NSS Lab Works LLC | Ongoing authentication and access control with network access device |
US8584224B1 (en) | 2011-04-13 | 2013-11-12 | Symantec Corporation | Ticket based strong authentication with web service |
US9600679B2 (en) | 2011-04-29 | 2017-03-21 | Micro Focus Software Inc. | Techniques for resource operation based on usage, sharing, and recommendations with modular authentication |
US9646261B2 (en) | 2011-05-10 | 2017-05-09 | Nymi Inc. | Enabling continuous or instantaneous identity recognition of a large group of people based on physiological biometric signals obtained from members of a small group of people |
US8839395B2 (en) | 2011-05-13 | 2014-09-16 | Cch Incorporated | Single sign-on between applications |
US8561152B2 (en) | 2011-05-17 | 2013-10-15 | Microsoft Corporation | Target-based access check independent of access request |
US9118667B2 (en) | 2011-06-03 | 2015-08-25 | Blackberry Limited | System and method for accessing private networks |
US8843649B2 (en) | 2011-06-07 | 2014-09-23 | Microsoft Corporation | Establishment of a pairing relationship between two or more communication devices |
US20120313746A1 (en) | 2011-06-10 | 2012-12-13 | Aliphcom | Device control using sensory input |
JP2013020304A (ja) * | 2011-07-07 | 2013-01-31 | Ntt Docomo Inc | 移動情報端末、行動特徴学習方法、行動特徴認証方法、プログラム |
US8800056B2 (en) | 2011-08-12 | 2014-08-05 | Palo Alto Research Center Incorporated | Guided implicit authentication |
US8713314B2 (en) | 2011-08-30 | 2014-04-29 | Comcast Cable Communications, Llc | Reoccuring keying system |
US8590018B2 (en) | 2011-09-08 | 2013-11-19 | International Business Machines Corporation | Transaction authentication management system with multiple authentication levels |
US8838982B2 (en) | 2011-09-21 | 2014-09-16 | Visa International Service Association | Systems and methods to secure user identification |
US9621404B2 (en) | 2011-09-24 | 2017-04-11 | Elwha Llc | Behavioral fingerprinting with social networking |
US20130133054A1 (en) | 2011-09-24 | 2013-05-23 | Marc E. Davis | Relationship Based Trust Verification Schema |
US9081951B2 (en) | 2011-09-29 | 2015-07-14 | Oracle International Corporation | Mobile application, identity interface |
US20140053234A1 (en) | 2011-10-11 | 2014-02-20 | Citrix Systems, Inc. | Policy-Based Application Management |
US20130090939A1 (en) | 2011-10-11 | 2013-04-11 | Robert N. Robinson | Sytem and method for preventing healthcare fraud |
US9021565B2 (en) | 2011-10-13 | 2015-04-28 | At&T Intellectual Property I, L.P. | Authentication techniques utilizing a computing device |
EP2769502A4 (en) | 2011-10-18 | 2015-07-08 | Intel Corp | METHOD, SYSTEMS AND DEVICES FOR FACILITATING A CLIENT-BASED AUTHENTICATION |
US20130104187A1 (en) | 2011-10-18 | 2013-04-25 | Klaus Helmut Weidner | Context-dependent authentication |
CN103988218B (zh) | 2011-10-31 | 2018-10-26 | 金钱及数字保护许可两合有限公司 | 认证方法 |
US10013692B2 (en) | 2011-11-10 | 2018-07-03 | Cryptocode, Inc. | Systems and methods for authorizing transactions via a digital device |
EP2780854B1 (en) | 2011-11-14 | 2017-04-12 | Vasco Data Security International GmbH | A smart card reader with a secure logging feature |
US8607319B2 (en) | 2011-11-22 | 2013-12-10 | Daon Holdings Limited | Methods and systems for determining biometric data for use in authentication transactions |
WO2013082190A1 (en) | 2011-11-28 | 2013-06-06 | Visa International Service Association | Transaction security graduated seasoning and risk shifting apparatuses, methods and systems |
US8863297B2 (en) | 2012-01-06 | 2014-10-14 | Mobile Iron, Inc. | Secure virtual file management system |
US8958599B1 (en) | 2012-01-06 | 2015-02-17 | Google Inc. | Input method and system based on ambient glints |
EP3457723B1 (en) | 2012-01-08 | 2020-04-15 | ImagiStar LLC | System and method for item self-assessment as being extant or displaced |
US9247424B2 (en) | 2012-02-14 | 2016-01-26 | Apple Inc. | Methods and apparatus for large scale distribution of electronic access clients |
EP2817917B1 (en) | 2012-02-20 | 2018-04-11 | KL Data Security Pty Ltd | Cryptographic method and system |
US20130239173A1 (en) | 2012-03-12 | 2013-09-12 | Stephen T. Dispensa | Computer program and method for administering secure transactions using secondary authentication |
EP2847926B1 (en) | 2012-03-28 | 2019-08-21 | Intel Corporation | Conditional limited service grant based on device verification |
US8850588B2 (en) | 2012-05-01 | 2014-09-30 | Taasera, Inc. | Systems and methods for providing mobile security based on dynamic attestation |
US9521548B2 (en) | 2012-05-21 | 2016-12-13 | Nexiden, Inc. | Secure registration of a mobile device for use with a session |
US9130837B2 (en) | 2012-05-22 | 2015-09-08 | Cisco Technology, Inc. | System and method for enabling unconfigured devices to join an autonomic network in a secure manner |
US20140007215A1 (en) | 2012-06-15 | 2014-01-02 | Lockheed Martin Corporation | Mobile applications platform |
US20130346176A1 (en) | 2012-06-20 | 2013-12-26 | Zachery Alolabi | System and method for payment incentivizing |
US9589399B2 (en) | 2012-07-02 | 2017-03-07 | Synaptics Incorporated | Credential quality assessment engine systems and methods |
US20140013422A1 (en) | 2012-07-03 | 2014-01-09 | Scott Janus | Continuous Multi-factor Authentication |
TW201417598A (zh) | 2012-07-13 | 2014-05-01 | Interdigital Patent Holdings | 安全性關聯特性 |
US10771448B2 (en) | 2012-08-10 | 2020-09-08 | Cryptography Research, Inc. | Secure feature and key management in integrated circuits |
US9088891B2 (en) | 2012-08-13 | 2015-07-21 | Wells Fargo Bank, N.A. | Wireless multi-factor authentication with captive portals |
WO2014036021A1 (en) | 2012-08-28 | 2014-03-06 | Visa International Service Association | Secure device service enrollment |
US8955067B2 (en) | 2012-09-12 | 2015-02-10 | Capital One, Na | System and method for providing controlled application programming interface security |
US9215249B2 (en) | 2012-09-29 | 2015-12-15 | Intel Corporation | Systems and methods for distributed trust computing and key management |
US9172544B2 (en) | 2012-10-05 | 2015-10-27 | General Electric Company | Systems and methods for authentication between networked devices |
US20140250523A1 (en) | 2012-10-11 | 2014-09-04 | Carnegie Mellon University | Continuous Authentication, and Methods, Systems, and Software Therefor |
US8910239B2 (en) | 2012-10-15 | 2014-12-09 | Citrix Systems, Inc. | Providing virtualized private network tunnels |
US9176838B2 (en) | 2012-10-19 | 2015-11-03 | Intel Corporation | Encrypted data inspection in a network environment |
US8584219B1 (en) | 2012-11-07 | 2013-11-12 | Fmr Llc | Risk adjusted, multifactor authentication |
US9166962B2 (en) | 2012-11-14 | 2015-10-20 | Blackberry Limited | Mobile communications device providing heuristic security authentication features and related methods |
US8935808B2 (en) | 2012-12-18 | 2015-01-13 | Bank Of America Corporation | Identity attribute exchange and validation broker |
US20140189835A1 (en) | 2012-12-28 | 2014-07-03 | Pitney Bowes Inc. | Systems and methods for efficient authentication of users |
US9219732B2 (en) | 2012-12-28 | 2015-12-22 | Nok Nok Labs, Inc. | System and method for processing random challenges within an authentication framework |
US9172687B2 (en) | 2012-12-28 | 2015-10-27 | Nok Nok Labs, Inc. | Query system and method to determine authentication capabilities |
US9015482B2 (en) | 2012-12-28 | 2015-04-21 | Nok Nok Labs, Inc. | System and method for efficiently enrolling, registering, and authenticating with multiple authentication devices |
US9083689B2 (en) | 2012-12-28 | 2015-07-14 | Nok Nok Labs, Inc. | System and method for implementing privacy classes within an authentication framework |
US9306754B2 (en) | 2012-12-28 | 2016-04-05 | Nok Nok Labs, Inc. | System and method for implementing transaction signing within an authentication framework |
WO2014105994A2 (en) | 2012-12-28 | 2014-07-03 | Nok Nok Labs, Inc. | Query system and method to determine authentication capabilities |
US9374369B2 (en) | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US8856541B1 (en) | 2013-01-10 | 2014-10-07 | Google Inc. | Liveness detection |
US9143506B2 (en) | 2013-02-13 | 2015-09-22 | Daniel Duncan | Systems and methods for identifying biometric information as trusted and authenticating persons using trusted biometric information |
JP6069039B2 (ja) | 2013-03-11 | 2017-01-25 | 日立オートモティブシステムズ株式会社 | ゲートウェイ装置及びサービス提供システム |
US20140282868A1 (en) | 2013-03-15 | 2014-09-18 | Micah Sheller | Method And Apparatus To Effect Re-Authentication |
US9141823B2 (en) | 2013-03-15 | 2015-09-22 | Veridicom, Sa De Cv | Abstraction layer for default encryption with orthogonal encryption logic session object; and automated authentication, with a method for online litigation |
WO2014142941A1 (en) | 2013-03-15 | 2014-09-18 | Intel Corporation | Technologies for secure storage and use of biometric authentication information |
US10270748B2 (en) | 2013-03-22 | 2019-04-23 | Nok Nok Labs, Inc. | Advanced authentication techniques and applications |
US9305298B2 (en) | 2013-03-22 | 2016-04-05 | Nok Nok Labs, Inc. | System and method for location-based authentication |
EP2989770A1 (en) | 2013-04-26 | 2016-03-02 | Interdigital Patent Holdings, Inc. | Multi-factor authentication to achieve required authentication assurance level |
US8646060B1 (en) | 2013-07-30 | 2014-02-04 | Mourad Ben Ayed | Method for adaptive authentication using a mobile device |
US10366391B2 (en) | 2013-08-06 | 2019-07-30 | Visa International Services Association | Variable authentication process and system |
US9161209B1 (en) | 2013-08-21 | 2015-10-13 | Sprint Communications Company L.P. | Multi-step mobile device initiation with intermediate partial reset |
CA2922181A1 (en) | 2013-08-23 | 2015-02-26 | Margaret BOUSE | System and method for identity management |
US9646150B2 (en) | 2013-10-01 | 2017-05-09 | Kalman Csaba Toth | Electronic identity and credentialing system |
US20150142628A1 (en) | 2013-11-20 | 2015-05-21 | Bank Of America Corporation | Detecting structured transactions |
US20150180869A1 (en) | 2013-12-23 | 2015-06-25 | Samsung Electronics Company, Ltd. | Cloud-based scalable authentication for electronic devices |
WO2015130734A1 (en) | 2014-02-25 | 2015-09-03 | Uab Research Foundation | Two-factor authentication systems and methods |
US9344419B2 (en) | 2014-02-27 | 2016-05-17 | K.Y. Trix Ltd. | Methods of authenticating users to a site |
US9652354B2 (en) * | 2014-03-18 | 2017-05-16 | Microsoft Technology Licensing, Llc. | Unsupervised anomaly detection for arbitrary time series |
US20170109751A1 (en) | 2014-05-02 | 2017-04-20 | Nok Nok Labs, Inc. | System and method for carrying strong authentication events over different channels |
US9654463B2 (en) | 2014-05-20 | 2017-05-16 | Airwatch Llc | Application specific certificate management |
US9992207B2 (en) | 2014-09-23 | 2018-06-05 | Qualcomm Incorporated | Scalable authentication process selection based upon sensor inputs |
US9928603B2 (en) | 2014-12-31 | 2018-03-27 | Morphotrust Usa, Llc | Detecting facial liveliness |
US10387882B2 (en) | 2015-07-01 | 2019-08-20 | Klarna Ab | Method for using supervised model with physical store |
-
2014
- 2014-07-31 US US14/448,868 patent/US9875347B2/en active Active
-
2015
- 2015-07-30 KR KR1020177003450A patent/KR102457683B1/ko active IP Right Grant
- 2015-07-30 CN CN201580040836.7A patent/CN106575401B/zh active Active
- 2015-07-30 EP EP15827334.2A patent/EP3175410A4/en not_active Ceased
- 2015-07-30 JP JP2017504719A patent/JP6538821B2/ja active Active
- 2015-07-30 WO PCT/US2015/042799 patent/WO2016019093A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1705923A (zh) * | 2002-08-08 | 2005-12-07 | 新加坡南洋理工大学 | 在验证中的分布式处理 |
JP2007514333A (ja) * | 2003-09-12 | 2007-05-31 | アールエスエイ セキュリティー インコーポレーテッド | リスクベース認証のためのシステムおよび方法 |
CN101803272A (zh) * | 2007-06-26 | 2010-08-11 | G3视觉有限公司 | 认证系统和方法 |
CN101751629A (zh) * | 2008-12-16 | 2010-06-23 | 国际商业机器公司 | 使用变化唯一值的多因素认证的方法和系统 |
CN102696212A (zh) * | 2009-10-23 | 2012-09-26 | 威斯科数据安全国际有限公司 | 具有交易风险等级批准能力的紧凑型安全装置 |
Also Published As
Publication number | Publication date |
---|---|
KR102457683B1 (ko) | 2022-10-20 |
KR20170041731A (ko) | 2017-04-17 |
EP3175410A4 (en) | 2017-12-20 |
US9875347B2 (en) | 2018-01-23 |
CN106575401A (zh) | 2017-04-19 |
JP2017528055A (ja) | 2017-09-21 |
US20170109509A1 (en) | 2017-04-20 |
EP3175410A1 (en) | 2017-06-07 |
WO2016019093A1 (en) | 2016-02-04 |
JP6538821B2 (ja) | 2019-07-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106575401B (zh) | 用于使用数据分析执行验证的系统和方法 | |
CN106464673B (zh) | 用于验证装置注册的增强的安全性 | |
US10326761B2 (en) | Web-based user authentication techniques and applications | |
CN106664208B (zh) | 使用安全传输协议建立信任的系统和方法 | |
KR102358546B1 (ko) | 장치에 대해 클라이언트를 인증하기 위한 시스템 및 방법 | |
US8990572B2 (en) | Methods and systems for conducting smart card transactions | |
CN106575281B (zh) | 用于实施托管的验证服务的系统和方法 | |
US11140155B2 (en) | Methods, computer readable media, and systems for authentication using a text file and a one-time password | |
US20170109751A1 (en) | System and method for carrying strong authentication events over different channels | |
US10848309B2 (en) | Fido authentication with behavior report to maintain secure data connection | |
US11936649B2 (en) | Multi-factor authentication | |
US20230006844A1 (en) | Dynamic value appended to cookie data for fraud detection and step-up authentication | |
KR101986244B1 (ko) | 모바일 기기 기반의 생체인식 정보 검증 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1236663 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |