Selectively and intelligently displaying authentication notifications to protect users

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Poulomi Bandyopadhyay · Sammamish, US
• Rajat Luthra · Redmond, US
• Lee Walker · Christiansburg, US
• Zachary Michael Edwards · Monroe, US
• Colin Trent · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/02
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Authentication request notifications are selectively suppressed, reducing notification fatigue and susceptibility to social engineering attacks. Authentication request notifications may be suppressed by not presenting a push notification on the user's phone. The authentication request may still be accessed and approved by manually opening the authenticator app. Notifications may be suppressed based on an estimation that the person attempting to login is not who they say they are. This estimation may be based on applying heuristics and/or machine learning models to the context of the login attempt, such as the IP address that originated the login request, time of day, recent user actions, patterns of previous logins, etc. One heuristic determines that the user has repeatedly ignored notifications caused by a particular IP address. Machine learning models generate a risk score from the login context, and notifications may be suppressed if the risk score exceeds a threshold.