Authentication risk-scoring in an authentication system based on user-specific and organization-specific risk models
US12028327B2 · kind B2 · utility
Inventor
Key dates
| Filing date | Jan 18, 2022 |
| Grant date | Jul 2, 2024 |
| Priority date | — |
| Expiry date | Nov 28, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/082
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An authentication system uses machine learning models to quantify a degree of risk that a given request to authenticate as a particular user of an organization is not in fact originating from that user, but rather from a malicious actor attempting to gain access to the user's account. More particularly, the authentication system employs both a user model that quantifies a degree of deviation from a user context in which a particular user typically requests authentication, and an organization model that quantifies a degree of deviation of a current context of the organization from a “normal” context for that organization. The user model and the organization can be employed individually, such as the organization model providing organization administrators with insights into the current security status of the organization, or together, such as using the risk scores of both models when assessing how to respond to a particular authentication request.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.