| CPC H04L 9/3271 (2013.01) [G06Q 20/02 (2013.01); G06Q 20/3226 (2013.01); G06Q 20/341 (2013.01); G06Q 20/4014 (2013.01); G06Q 20/4097 (2013.01)] | 20 Claims |
|
1. A method, comprising:
receiving, by at least one processor of an authentication system, an authentication request from a computer, wherein the authentication request includes user data associated with a user;
verifying, by the at least one processor of the authentication system, based on the user data, user enrollment for dynamic authentication using one or more third-party account service providers;
sending, by the at least one processor of the authentication system, to the one or more third-party account service providers, a request to extract user-related data based on a set of primitive information associated with the user;
receiving, by the at least one processor of the authentication system, from the one or more third-party account service providers, user-related data, wherein the user-related data is extracted from the one or more third-party account service providers based on the set of primitive information, and wherein the user-related data is associated with user engagement and interaction of the user with one or more third-party connected accounts of the user provided by the one or more third-party account service providers via one or more client facing applications;
generating, by the at least one processor of the authentication system, a plurality of authentication challenges based on the extracted user-related data associated with the user engagement and interaction of the user with the one or more third-party connected accounts of the user provided by the one or more third-party account service providers via the one or more client facing applications;
selecting, by the at least one processor of the authentication system, based on at least one of a device configuration of the user and a location of the user, an authentication challenge out of the plurality of authentication challenges generated by the at least one processor of the authentication system;
predicting, by the at least one processor of the authentication system, using one or more probabilistic models, based on the authentication challenge, a predicted timeframe including an amount of time for the user to provide a response to the authentication challenge;
sending, by the at least one processor of the authentication system, the authentication challenge to a portable consumer device of the user, wherein the authentication challenge is generated based on the extracted user-related data;
waiting, by the at least one processor of the authentication system, the predicted timeframe for the amount of time for the user to provide a response for the authentication challenge;
in response to not receiving, by the at least one processor of the authentication system, a user authentication response in the predicted timeframe, causing, by the at least one processor of the authentication system, the authentication challenge to expire and determining, by the at least one processor of the authentication system, an authentication status as an authentication failure;
in response to receiving, by the at least one processor of the authentication system, a user authentication response to the authentication challenge from the portable consumer device of the user in the predicted timeframe, validating, by the least one processor of the authentication system, the user authentication response, wherein validating the user authentication response comprises comparing the user authentication response with an expected authentication response to determine the authentication status; and
returning, by the at least one processor of the authentication system, the authentication status to the computer.
|