Engine for configuring authentication of access requests

Assignee

• Visa International Service Association · US

Inventors

• Cory H. Siddens · Mountain View, US
• Andrew John Bruno Naumann Zu Koenigsbrueck · Princeton, US
• Ali Chamseddine · London, GB

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0861
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

A method comprises a security evaluation computer receiving access data from a user device of a user during an access request. The security evaluation computer analyzes the access data using authentication rules that each specify one of a plurality of authentication protocols for authenticating the user or the user device. At least one of the authentication rules specifies a security level flag for when no authentication is to be performed. The security evaluation computer triggers a first authentication rule corresponding to a first authentication protocol of the plurality of authentication protocols and implements the first authentication protocol. The security evaluation computer sends an authorization request message to an authorization server in a manner consistent with the first authentication protocol and then receive an authorization response message. The security evaluation computer analyzes, using authorization rules, the access data and the authorization response message to determine whether to complete the access request.