US 12,008,550 B2
Post-provisioning authentication protocols
Erin Stacy Smith, Richmond, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Apr. 15, 2020, as Appl. No. 16/849,623.
Prior Publication US 2021/0326858 A1, Oct. 21, 2021
Int. Cl. G06Q 20/36 (2012.01); G06F 21/35 (2013.01); G06F 21/44 (2013.01); G06Q 20/32 (2012.01)
CPC G06Q 20/3674 (2013.01) [G06F 21/35 (2013.01); G06F 21/44 (2013.01); G06Q 20/3227 (2013.01); G06Q 20/3672 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computerized method for authorizing an electronic device to conduct tokenized transactions, comprising:
receiving, by a provisioning server, an electronic provisioning request requesting authorization to provision a first user device associated with a user and a first user;
transmitting, based on receiving the electronic provisioning request, an electronic signal providing an approval signal of the electronic provisioning request within a threshold time, the approval signal configured to authorize a third party to issue a digital token to the first user device authorizing the first user device to digitally utilize the first user account for tokenized transactions, wherein the threshold time is less than five seconds;
initiating, in substantially real-time and by a computer processor, a determination of an authentication score for the provisioning of the first user device, the determination comprising:
calculating, in substantially real-time and by comparing a location associated with the user of the first user device against an origin identifier of the first user device, a first sub score;
calculating, in substantially real-time and by electronically comparing transactions conducted on the first user device after transmitting the approval signal of the electronic provisioning request with transactions conducted prior to the electronic provisioning request, a second sub score;
calculating, in substantially real-time and by determining whether the user has accessed an umbrella user account prior to receiving the electronic provisioning request, wherein the umbrella user account is an account that, once credentials are provided, allows authorized access to one or more accounts, comprising the first user account, a third sub score; and
calculating, using a formula based on the first sub score, the second sub score, and the third sub score, the authentication score;
determining, whether the authentication score fails to meet a predetermined threshold; and
transmitting, based on determining that the authentication score fails to meet the predetermined threshold, an electronic suspend message to suspend the digital token authorizing the first user device to digitally utilize the first user account for tokenized transactions.