Risk mitigation for a cryptoasset custodial system using data points from multiple mobile devices
Abstract
Methods, systems, and apparatus for risk mitigation for a cryptoasset custodial system include transmitting an endorsement request for a cryptoasset transaction to a user device configured to cause the user device to prompt a user to endorse the cryptoasset transaction. Multiple data points are collected from mobile devices associated with the user. The data points indicate an identity of the user. A cryptographic endorsement of the cryptoasset transaction is received from the user device. A graphical visualization including a risk metric is generated based on the data points. The risk metric indicates a risk of accepting the cryptographic endorsement from the user device. Generating the graphical visualization includes determining whether the plurality of data points matches expected values
Claims
exact text as granted — not AI-modified1 .- 20 . (canceled)
21 . A cryptoasset custodial system comprising:
a first server computer configured to:
transmit an endorsement request for a cryptoasset transaction to be performed by the first server computer, the endorsement request transmitted to a user device associated with a user and configured to prompt the user device to sign a cryptographic endorsement of the cryptoasset transaction using a private key associated with the user device;
receive a plurality of data points collected from the user device, the plurality of data points being associated with different categories and including an amount of the cryptoasset transaction; and
receive the cryptographic endorsement of the cryptoasset transaction from the user device;
a third server computer comprising a risk analysis module, the third server computer in communication with the first server computer and configured to:
compare each of the plurality of data points to a corresponding historic trend of a plurality of historic trends generated by the third server computer, wherein the data point and the corresponding historic trend being compared to each other are associated with a same category;
generate a risk metric based at least on the comparison of each of the plurality of data points to the corresponding historic trend of the plurality of historic trends, the risk metric indicating a risk of accepting the cryptographic endorsement of the cryptoasset transaction from the user device in accordance with a policy retrieved from a vault associated with the cryptoasset transaction; and
a second server computer in communication with the first server computer and the third server computer, and configured to apply a cryptographic digital signature to the cryptoasset transaction based on the generated risk metric associated with the cryptographic endorsement.
22 . The cryptoasset custodial system of claim 21 , wherein the second server computer is in communication with the first server computer via a relay server and configured to:
receive the cryptographic endorsement of the cryptoasset transaction from the first server computer via the relay server, responsive to the risk metric being below a threshold risk metric; and generate a cryptographic key associated with the cryptoasset transaction and usable to control access to a blockchain.
23 . The cryptoasset custodial system of claim 21 , wherein the third server computer is further configured to: register one or more mobile devices on the cryptoasset custodial system prior to receiving the plurality of data points, the registering of the one or more mobile devices performed responsive to receiving, by the first server computer, a registration request from the user device, the registration request associating the user with the one or more mobile devices.
24 . The cryptoasset custodial system of claim 23 , wherein registering the one or more mobile devices comprises:
assigning, to each of the one or more mobile devices, a required status or a non-required status, such that a particular data point is collected from each of the one or more mobile devices, wherein at least one cf the one or more mobile devices is assigned the required status.
25 . The cryptoasset custodial system of claim 21 , wherein the third server computer is further configured to:
generate a graphical visualization comprising the plurality of historic trends; and determine expected values of the plurality of data points based on the plurality of historic trends.
26 . A method using a cryptoasset custodial system including a first server computer, a second server computer in communication with the first server computer, and a third server computer comprising a risk analysis module, the third server computer in communication with the first server computer and the second server computer, the method comprising:
transmitting, by the first server computer, to a user device associated with a user, an endorsement request for a cryptoasset transaction to be performed by the first server computer, the endorsement request configured to prompt the user device to sign a cryptographic endorsement of the cryptoasset transaction using a private key associated with the user device; receiving, by the first server computer, a plurality of data points collected from the user device, the plurality of data points being associated with different categories and including an amount of the cryptoasset transaction; receiving, by the first server computer, the cryptographic endorsement of the cryptoasset transaction from the user device; comparing, by the third server computer, each of the plurality of data points to a corresponding historic trend of a plurality of historic trends generated by the third server computer, wherein the data point and the corresponding historic trend being compared to each other are associated with a same category; generating, by the third server computer, a risk metric based at least on the comparison of each of the plurality of data points to the corresponding historic trend of the plurality of historic trends, the risk metric indicating a risk of accepting the cryptographic endorsement from the user device in accordance with a policy retrieved from a vault associated with the cryptoasset transaction; and applying, by the second server computer, a cryptographic digital signature to the cryptoasset transaction based on the generated risk metric associated with the cryptographic endorsement.
27 . The method of claim 26 , wherein the second server is in communication with the first server computer via a relay server, and wherein the method further comprises:
responsive to the risk metric being below a threshold risk metric, transmitting, from the first server computer, the cryptographic endorsement through a relay server to the second server computer; and generating, by the second server computer, a cryptographic key associated with the cryptoasset transaction and usable to control access to a blockchain.
28 . The method of claim 26 further comprising:
registering, by the third server computer, one or more mobile devices prior to receiving the plurality of data points, the regstering of each mobile device of the one or more mobile devices performed responsive to receiving, by the first server computer, a registration request from the user device, the registration request associating the user with the one or more mobile devices.
29 . The method of claim 28 , wherein registering the one or more mobile devices comprises:
assigning, by the third server computer of the cryptoasset custodial system, a required status or a non-required status to each of the one or more mobile devices, such that a particular data point is collected from each of the one or more mobile devices, wherein at least one of the one or nore mobile devices is assigned the required status.
30 . The method of claim 28 , wherein a mobile device of the one or more mobile devices is a smartwatch or a fitness tracker associated with the user, and
wherein the plurality of data points further comprises a geographical location of the smartwatch or the fitness tracker measured by a global positioning system receiver of the smartwatch or the fitness tracker.
31 . The method of claim 30 , wherein the plurality of data points further comprises at least one of:
an identification number of a mobile device of the one or more mobile devices; an altitude of the mobile device relative to sea level measured by the mobile device; a service set identifier of a wireless network that the mobile device is connected to; or a Bluetooth device address of the mobile device.
32 . The method of claim 28 , further comprising:
detecting, by the third server computer, a mismatch between a first data point of the plurality of data points and a second data point of the plurality of data points, the first data point collected from a first mobile device of the one or more mobile devices and the second data point collected from a second mobile device of the one or more mobile devices; and updating, by the third server computer, the risk metric responsive to detecting the mismatch.
33 . The method of claim 26 , wherein generating the risk metric further comprises:
extracting, by the third server computer, a feature vector based on the plurality of data points; and generating, by the third server computer, the risk metric based at least on the feature vector, the third server computer trained, using machine learning, to indicate the risk of accepting the cryptographic endorsement based on whether the plurality of data points matches expected values of the plurality of data points.
34 . One or more non-transtory computer-readable storage media storing instructions executable by a cryptoasset custodial system including a first server computer, a second server computer, and a third server computer comprising a risk analysis module, the instructions when executed by the cryptoasset custodial system causing the cryptoasset custodial system to:
transmit, by the first server computer, to a user device associated with a user, an endorsement request for a cryptoasset transaction to be performed, the endorsement request configured to prompt the user device to sign a cryptographic endorsement of the cryptoasset transaction using a private key associated with the user device; receive, by the first server computer, a plurality of data points collected from the user device, the plurality of data points being associated with different categories and including an amount of the cryptoasset transaction; receive, by the first server computer, a cryptographic endorsement of the cryptoasset transaction from the user device; compare, by the third server computer, each of the plurality of data points to a corresponding historic trend of a plurality of historic trends generated by the third server computer, wherein the data point and the corresponding historic trend being compared to each other are associated with a same category; generate, by the third server computer, a risk metric based at least on the comparison of each of the plurality of data points to the corresponding historic trend of the plurality of historic trends, the risk metric indicating a risk of accepting the cryptographic endorsement from the user device in accordance with a policy retrieved from a vault associated v/ith the cryptoasset transaction; and apply, by the second server computer, a cryptographic digital signature to the cryptoasset transaction based on the generated risk metric associated with the cryptographic endorsement.
35 . The one or more non-transitory computer-readable storage media of claim 34 , wherein the instructions further cause the second server computer to:
responsive to the risk metric being below a threshold risk metric, generate the cryptographic key associated with the cryptoasset transaction using a key derivation function.
36 . The one or more non-transitory computer-readable storage media of claim 34 , wherein the instructions further cause the third server computer to:
register one or more mobile devices prior to receiving the plurality of data points, the registering of the one or more mobile devices performed responsive to receiving a registration request from the user device, the registration request associating the user with the one or more mobile devices.
37 . The one or more non-transitory computer-readable storage media of claim 36 , wherein registering the one or more mobile devices comprises:
assigning, by the third server computer of the cryptoasset custodial system, to each of the one or more mobile devices, a required status or a non-required status, such that a particular data point is collected from each of the one or more mobile devices, wherein at least one of the one or nore mobile devices is assigned the required status.
38 . The one or more non-transitory computer-readable storage media of claim 36 , wherein a mobile device of the one or more mobile devices is a smartwatch or a fitness tracker associated with the user, and
wherein the plurality of data points further comprises a geographical location of the smartwatch or the fitness tracker measured by a global positioning system receiver of the smartwatch or the fitness tracker.
39 . The one or more non-transitory computer-readable storage media of claim 36 , wherein the plurality of data points further comprises at least one of:
an identification number of a mobile device of the one or more mobile devices; an altitude of the mobile device relative to sea level measured by the mobile device; a service set identifier of a wireless network that the mobile device is connected to; or a Bluetooth device address of the mobile device.
40 . The one or more non-transitory computer-readable storage media of claim 36 , wherein the instructions further Muse the third server computer to:
detect a mismatch between a first data point of the plurality of data points and a second data point of the plurality of data points, the first data point collected from a first mobile device of the one or more mobile devices and the second data point collected from a second mobile device of the one or more mobile devices; and update the risk metric responsive to detecting the mismatch.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.