US 12,242,576 B2
Detecting separate login during action based knowledge-based authentication and disqualifying validity
Joshua Edwards, Philadelphia, PA (US); Samuel Rapowitz, Roswell, GA (US); Jenny Melendez, Falls Church, VA (US); David Septimus, New York, NY (US); Daniel Miller, Brooklyn, NY (US); Viraj Chaudhary, Katy, TX (US); Tyler Maiman, Melville, NY (US); and Vyjayanthi Vadrevu, Pflugerville, TX (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Mar. 8, 2024, as Appl. No. 18/599,969.
Application 18/599,969 is a continuation of application No. 17/355,371, filed on Jun. 23, 2021, granted, now 12,072,959.
Prior Publication US 2024/0211558 A1, Jun. 27, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); G06F 21/31 (2013.01); G06Q 40/02 (2023.01)
CPC G06F 21/31 (2013.01) [G06Q 40/02 (2013.01); G06F 2221/2133 (2013.01); G06F 2221/2135 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for detecting separate login activity during an authentication process comprising:
receiving a request for authorization to perform an action relating to a financial account of a user;
providing an authorization question to the user, wherein the authorization question was generated based on transaction data relating to the financial account of the user;
receiving a response from the user to the authorization question;
determining, based on comparing a first timestamp associated with the providing the authorization question and a second timestamp associated with a login access to the financial account, whether the login access to the financial account is detected after the providing the authorization question to the user; and
denying, based on the determining the login access to the financial account is detected after the providing the authorization question to the user and prior to the receiving the response to the authorization question, the request for authorization to perform the action relating to the financial account.