Patent Issued for Dynamic risk assessment for security features (USPTO 11120450): United Services Automobile Association

2021 OCT 05 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- According to news reporting originating from Alexandria, Virginia, by NewsRx journalists, a patent by the inventors Adams, Lee (Shavano Park, TX, US), Buckingham, Thomas Bret (Fair Oaks Ranch, TX, US), Easley, Jeffrey Walton (San Antonio, TX, US), Walters, Jonathan G. (San Antonio, TX, US), filed on May 11, 2017, was published online on September 14, 2021.

The assignee for this patent, patent number 11120450, is United Services Automobile Association (San Antonio, Texas, United States).

Reporters obtained the following quote from the background information supplied by the inventors: “An organization may use any number of computing systems, communications networks, data storage devices, or other types of systems to provide services to users. Moreover, an organization may seek to prevent individuals, processes, or devices from gaining unauthorized access to systems, data, and/or communications to perform fraudulent and/or malicious actions. To reduce the risk of fraud, an organization may implement various security measures. However, greater security and a lower risk of fraud may negatively impact user experience, as users are required to perform a larger number of actions to comply with more rigorous security measures. Accordingly, an organization seeking to prevent fraud may generally attempt to balance security and user experience.”

In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Implementations of the present disclosure are generally directed to risk assessment for security features of account(s). More specifically, implementations are directed to determining one or more features to apply to an account, such as security features and/or convenience features, based at least partly on a risk metric that indicates a risk of fraud associated with the account.

“In general, innovative aspects of the subject matter described in this specification can be embodied in methods that include actions of: identifying a first set of features of at least one account, the first set of features including at least one security feature that is at least partly implemented on a portable computing device associated with a user of the at least one account, the at least one security feature including a biometric authentication feature; calculating a risk metric for the at least one account based at least partly on the first set of features, the risk metric indicating a risk of fraud associated with the at least one account operating with the first set of features; selecting a second set of features for the at least one account based at least partly on the risk metric; and applying the first set of features and the second set of features to the at least one account, including applying the biometric authentication feature to authenticate the user based on biometric data that describes at least one physiological characteristic of the user, the biometric data generated by at least one sensor included in the portable computing device.

“Implementations can optionally include one or more of the following features: identifying the first set of features includes receiving an indication of the first set of features selected by the user of the at least one account; the actions further include receiving an indication of at least one change made to the first set of features; the actions further include determining an updated risk metric for the at least one account based at least partly on the at least one change to the first set of features; the actions further include determining an updated second set of features for the at least one account based at least partly on the updated risk metric; the actions further include applying the updated second set of features to the at least one account; the actions further include sending a communication to notify a user of the at least one account that the updated second set of features has been applied to the at least one account; the at least one change to the first set of features is requested by the user; the actions further include sending a communication to notify a user of the at least one account that the updated second set of features relates to the at least one change made to the first set of features by the user; applying the updated second set of features to the at least one account is in response to receiving user confirmation of the updated second set of features that relate to the at least one change; the first set of features further includes one or more of a geolocation feature, a user device registration feature, an authentication token feature, a payment token feature, a direct deposit feature, a check-free account feature, a P2P transfer feature, a geographic account limitation feature, a single-use account number feature, a no-push transfers feature, and a federated identity management feature; the second set of features includes one or more of a no-hold deposit feature, a no-limit withdrawal feature, a password-free account feature, a PIN-free account feature, and a federated identity management feature.

“Other implementations of any of the above aspects include corresponding systems, apparatus, and computer programs that are configured to perform the actions of the methods, encoded on computer storage devices. The present disclosure also provides a computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein. The present disclosure further provides a system for implementing the methods provided herein. The system includes one or more processors, and a computer-readable storage medium coupled to the one or more processors having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations in accordance with implementations of the methods provided herein.

“Implementations of the present disclosure provide one or more of the following technical advantages and/or technical improvements over previously available solutions. By dynamically determining a risk profile (e.g., risk metric) for a user based at least partly on feature(s) applied to an account, and determining other feature(s) based on the risk profile, implementations provide for an automatic balancing of fraud risk relative to cost and user experience in service-providing computing systems. Thus, implementations provide an improvement over traditional computing systems in which costs may not be dynamically adjusted in response to changes in supported features, leading to an imbalance in cost versus risk in the provided service. Such an imbalance typically leads to an expenditure of computing resources as the system attempts to accommodate the increased risk by executing additional security software, thus consuming processing power, active memory, network bandwidth, and/or other computing resources. Through the dynamic feature adjustment as described herein, implementations avoid such use of computing resources and thus use available computing resources more efficiently than previously available systems. Moreover, by dynamically applying security feature(s) to reduce fraud, implementations mitigate the incidence of fraud committed against account(s) maintained by the computing system(s) in which implementations operate. Accordingly, such computing system(s) avoid the expenditure of processing capacity, memory, storage space, network bandwidth, and/or other computing resources that traditional systems would otherwise expend to back out fraudulent transactions, restore lost funds, address security breaches, and/or otherwise respond to incidences of fraud.”

The claims supplied by the inventors are:

“1. A computer-implemented method performed by at least one processor, the method comprising: transmitting, by the at least one processor, user interface data to a user device of a user that, when received by the user device, causes the user device to render a graphical user interface on a display of the user device, the graphical user interface comprising a plurality of user-selectable icons, each of the plurality of user-selectable icons indicating a security feature of a plurality of security features to apply to at least one account of the user, wherein the plurality of security features comprises at least one of: a first feature comprising activating one or more first components of the user device for determining a location of the user device and verifying that the location of the user device matches a purported location associated with a transaction, or a second feature comprising activating one or more second components of the user device for obtaining biometric data regarding the user and verifying that the biometric data of the user matches a previously obtained biometric data regarding the user; receiving, by the at least one processor and through the graphical user interface, selection data indicating that the user selected a set of user-selectable icons of the plurality of user-selectable icons, the set of user-selectable icons comprising at least one of: a first user-selectable icon corresponding to the first feature, and a second user-selectable icon corresponding to the second feature; calculating, by the at least one processor, a risk metric for the at least one account based at least partly on the received selection data, the risk metric indicating a risk of fraud associated with the at least one account operating with a set of security features corresponding to the selected set of user-selectable icons, wherein calculating the risk metric comprises: determining, for each security feature in the set of security features, a respective individual risk metric based on historical data indicating a frequency of instances of fraud that exploited the security feature, and summing the determined individual risk metrics to generate the risk metric for the at least one account; avoiding an expenditure of an amount of computing resources by the least one processor that would otherwise be expended by the at least one processor to mitigate a fraud risk of the at least one account of the user by: selecting, by the at least one processor, at least one convenience feature of a plurality of convenience features including a password-free account feature, a PIN-free account feature, and a federated identity management feature for the at least one account based at least partly on the risk metric that was determined based on the summing of the determined individual risk metrics; rendering, on the graphical user interface and in response to the selecting, at least one graphical representation indicating the selected at least one convenience feature and at least one second user-selectable icon prompting the user to confirm that the selected at least one convenience feature is to be applied to the at least one account; and applying, by the at least one processor, the at least one security feature corresponding to the selected at least one user-selectable icon and the selected at least one convenience feature, wherein applying the features comprises altering at least one setting of the at least one account such that the features are activated, and wherein applying the features comprises: receiving a request from the user device to perform the transaction using the at least one account of the user; in response to receiving the request from the user device to perform the transaction using the at least one account of the user: performing at least one of: causing the user device to activate the first feature, including activating the one or more first components of the user device to determine the location of the user device and to verify that the location of the user device matches the purported location associated with the transaction, or causing the user device to activate the second feature, including activating the one or more second components of the user device to obtain the biometric data regarding the user and to verify that the biometric data of the user matches the previously obtained biometric data regarding the user, activating at least one of the password-free account feature, the PIN-free account feature, or the federated identity management feature for the at least one account, and performing the transaction upon at least one of: verifying that the location of the user device matches the purported location associated with the transaction, or verifying that the biometric data of the user matches the previously obtained biometric data regarding the user.

“2. The method of claim 1, further comprising: receiving, by the at least one processor, an indication of at least one change made to the applied at least one security feature; determining, by the at least one processor, an updated risk metric for the at least one account based at least partly on the at least one change; determining, by the at least one processor, an updated at least one convenience feature for the at least one account based at least partly on the updated risk metric; and applying, by the at least one processor, the updated at least one convenience feature to the at least one account.

“3. The method of claim 2, further comprising: sending, by the at least one processor, a communication to the user device that notifies the user that the updated at least one convenience feature has been applied to the at least one account; wherein the at least one change is requested by the user.

“4. The method of claim 2, further comprising: sending, by the at least one processor, a communication to the user that notifies the user that the updated at least one convenience feature relates to the at least one change made to the applied at least one security feature by the user; wherein applying the updated at least one convenience feature to the at least one account is in response to receiving user confirmation of the updated at least one convenience feature that relates to the at least one change.

“5. The method of claim 1, wherein the plurality of security features further includes one or more of: a user device registration feature; an authentication token feature; a payment token feature; a direct deposit feature; a check-free account feature; a P2P transfer feature; a geographic account limitation feature; a single-use account number feature; a no-push transfers feature; and a federated identity management feature.”

There are additional claims. Please visit full patent to read further.

For more information, see this patent: Adams, Lee. Dynamic risk assessment for security features. U.S. Patent Number 11120450, filed May 11, 2017, and published online on September 14, 2021. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=11120450.PN.&OS=PN/11120450RS=PN/11120450

(Our reports deliver fact-based news of research and discoveries from around the world.)