User-browser interaction analysis authentication system
Abstract
Systems, methods and media for authenticating a user based on user-browser interaction are disclosed. Embodiments of a method may include, during an e-commerce session with a user, receiving a request for an action from the user and determining whether the requested action requires additional authentication. Embodiments may also include requesting analysis of user-browser interaction for the session, receiving a pattern matching score for the session, and performing an action based on the pattern matching score and the requested action. The pattern matching score may provide an indication of a comparison between the user's interaction with a browser during the session and a user-browser interaction profile for the user. The performed action may include completing an e-commerce transaction, accessing or modifying information, changing a password, requesting additional information, denying the requested action, or other action. Further embodiments may provide for authenticating the user with a first-level authentication.
Claims
exact text as granted — not AI-modified1 . A method for authenticating a user during an Internet commerce session, the method comprising:
during an e-commerce session with a user, receiving a request for an action from the user; determining whether the requested action requires additional authentication; in response to determining that the requested action requires additional authentication, requesting analysis of user-browser interaction for the session; receiving a pattern matching score for the session, the pattern matching score providing an indication of a comparison between the user's interaction with a browser during the session and a user-browser interaction profile for the user; and performing an action based on the pattern matching score and the requested action.
2 . The method of claim 1 , further comprising establishing the e-commerce session with the user.
3 . The method of claim 1 , further comprising authenticating the user with a first-level authentication.
4 . The method of claim 1 , further comprising before performing the action based on the pattern matching score and the requested action, analyzing the pattern matching score.
5 . The method of claim 1 , wherein receiving the pattern matching score for the session comprises determining the pattern matching score for the session.
6 . The method of claim 5 , wherein determining the pattern matching score for the session comprises determining user-browser interaction data associated with the session and comparing the user-browser interaction data to determined patterns in previous interaction data.
7 . The method of claim 1 , wherein the requested action comprises one or more of completion of an e-commerce transaction, access to restricted information, modification of user information, or change to a password.
8 . The method of claim 1 , wherein performing the action based on the pattern matching score and the requested action comprises one or more of completing an e-commerce transaction, accessing restricted information, modifying user information, changing a password for the user, requesting additional information, or denying the requested action.
9 . A machine-accessible medium containing instructions effective, when executing in a data processing system, to cause said data processing system to perform operations comprising:
during an e-commerce session with a user, receiving a request for an action from the user; determining whether the requested action requires additional authentication; in response to determining that the requested action requires additional authentication, requesting analysis of user-browser interaction for the session; receiving a pattern matching score for the session, the pattern matching score providing an indication of a comparison between the user's interaction with a browser during the session and a user-browser interaction profile for the user; and performing an action based on the pattern matching score and the requested action.
10 . The machine-accessible medium of claim 9 , further comprising establishing the e-commerce session with the user.
11 . The machine-accessible medium of claim 9 , further comprising authenticating the user with a first-level authentication.
12 . The machine-accessible medium of claim 9 , further comprising before performing the action based on the pattern matching score and the requested action, analyzing the pattern matching score.
13 . The machine-accessible medium of claim 9 , wherein the requested action comprises one or more of completion of an e-commerce transaction, access to restricted information, modification of user information, or change to a password.
14 . The machine-accessible medium of claim 9 , wherein performing the action based on the pattern matching score and the requested action comprises one or more of completing an e-commerce transaction, accessing restricted information, modifying user information, changing a password for the user, requesting additional information, or denying the requested action.
15 . An e-commerce authentication system, the system comprising:
an application server in communication with an incoming interaction server and a pattern matching server, the application server comprising:
an e-commerce application to establish a session with a user of a client computer system to determine that additional authentication is required in response to a request by the user for an action;
a pattern matching requester in communication with the e-commerce application to request analysis of user-browser interaction for the established session and to receive a pattern matching score for the established session; and
wherein the e-commerce application is adapted to perform an action based on the pattern matching score for the established session and the requested action.
16 . The system of claim 15 , further comprising:
an incoming interaction server in communication with the application server, the incoming interaction server comprising:
a session data listener to receive user-browser interaction data from one or more client computer systems;
an interaction data manager to associate received user-browser interaction data with a user login; and
an interaction database interface to store the user-browser interaction and associated information in a user-browser interaction database.
17 . The system of claim 15 , wherein the interaction data manager further comprises a profile matcher to match the received user-browser interaction data and user login with a user-browser interaction profile associated with the user.
18 . The system of claim 15 , further comprising:
a pattern matching server in communication with the application server, the pattern matching server comprising:
an application server interface to receive a request for a pattern matching score for a session from the application server and to transmit a determined pattern matching score to the application server;
an interaction database interface to access stored user-browser interaction data; and
an interaction data analyzer to analyze the stored user-browser interaction data associated with the session for patterns and to compare the determined patterns to user-browser interaction data associated with the session to determine a pattern matching score for the session.
19 . The system of claim 15 , further comprising a user-browser interaction database to store user-browser interaction data and associated information.
20 . The system of claim 15 , further comprising a client computer system having a browser to receive input from a user.
21 . A method for processing user-browser interaction data for an e-commerce session, the method comprising:
during an e-commerce session with a user, receiving user-browser interaction data from a client computer system; associating the received user-browser interaction data with a user login for the session; and storing the user-browser interaction data and associated information in a user-browser interaction database, the associated information comprising an indication of the user login for the session.
22 . The method of claim 21 , wherein associating the received user-browser interaction data with the user login for the session comprises matching the received user-browser interaction data with a user-browser interaction profile associated with the user.
23 . A method for determining a pattern matching score for an e-commerce session, the method comprising:
determining user-browser interaction data associated with a current session; accessing user-browser interaction data associated with previous sessions for a user associated with the current session; analyzing the previous session user-browser interaction data to determine patterns in the user-browser interaction data; and determining a pattern matching score for the current session.
24 . The method of claim 23 , further comprising before determining the user-browser interaction data associated with a current session, receiving a request to analyze user-browser interaction data for a session.
25 . The method of claim 23 , further comprising transmitting the determined pattern matching score.
26 . The method of claim 23 , wherein determining user-browser interaction data associated with the current session comprises determining user-browser interaction data associated with a user-browser interaction profile associated with the current session.
27 . The method of claim 23 , wherein determining a pattern matching score for the session comprises comparing user-browser interaction data for the current session with the determined patterns.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.