METHODS AND SYSTEMS FOR LEVERAGING TRANSACTIONS TO DYNAMICALLY AUTHENTICATE A USER

Abstract

A system and method for authenticating a candidate user accessing a host computing device as an authentic user is provided. The host computing device is in communication with an authenticating computing device. The method includes receiving, by the authenticating computing device, a request to authenticate the candidate user as an authentic user. The authentication request includes a user identifier. The method also includes retrieving, by the authenticating computing device, transaction data including payment transactions performed by the authentic user based on the user identifier. The method also includes generating, by the authenticating computing device, a challenge question and a correct answer based on the transaction data associated with the authentic user, and transmitting the challenge question for display on a candidate user computing device used by the candidate user.

Description

Claims

1. A computing device comprising at least one processor coupled to a memory device and in communication with a first database and a second database, the at least one processor configured to: receive a request to authenticate a candidate user as an authentic user for accessing secure data stored in the second database;generate a challenge question based on user data stored in the first database, the user data including data known to the authentic user;transmit the challenge question to a user computing device associated with the candidate user;receive, from the user computing device, an answer to the challenge question;compare the received answer to the user data stored in the first database; andin response to the answer matching at least one portion of the user data stored in the first database, authenticate the candidate user as the authentic user to enable access to the data stored in the second database.

2. The computing device of claim 1, wherein the challenge question and the at least one portion of the user data are associated with the authentic user and are received during a predefined period of time.

3. The computing device of claim 1, wherein the challenge question includes a plurality of images, and wherein one of the plurality of images includes a correct answer to the challenge question.

4. The computing device of claim 1, wherein the at least one processor is further configured to cause to display on the user computing device the challenge question.

5. The computing device of claim 1, wherein the second database is associated with a host computing device, wherein the first database is associated with an authenticating computing device, and wherein the host computing device and the authenticating computing device are different and separate computing devices.

6. The computing device of claim 1, wherein the challenge question includes a plurality of answers, and wherein one of the plurality of answers is a correct answer that matches the at least one portion of the user data stored in the first database.

7. The computing device of claim 1, wherein the challenge question is generated before receiving the request to authenticate the candidate user, and a correct answer is generated after receiving the request to authenticate the candidate user.

8. A computer-implemented method using a computing device including at least one processor coupled to a memory device and in communication with a first database and a second database, the method comprising: receiving a request to authenticate a candidate user as an authentic user for accessing secure data stored in the second database;generating a challenge question based on user data stored in the first database, the user data including data known to the authentic user;transmitting the challenge question to a user computing device associated with the candidate user;receiving, from the user computing device, an answer to the challenge question;comparing the received answer to the user data stored in the first database; andin response to the answer matching at least one portion of the user data stored in the first database, authenticating the candidate user as the authentic user to enable access to the data stored in the second database.

9. The method of claim 8, wherein the challenge question and the at least one portion of the user data are associated with the authentic user and are received during a predefined period of time.

10. The method of claim 8, wherein the challenge question includes a plurality of images, and wherein one of the plurality of images includes a correct answer to the challenge question.

11. The method of claim 8 further comprising causing to display on the user computing device the challenge question.

12. The method of claim 8, wherein the second database is associated with a host computing device, wherein the first database is associated with an authenticating computing device, and wherein the host computing device and the authenticating computing device are different and separate computing devices.

13. The method of claim 8, wherein the challenge question includes a plurality of answers, and wherein one of the plurality of answers is a correct answer that matches the at least one portion of the user data stored in the first database.

14. The method of claim 8, wherein the challenge question is generated before receiving the request to authenticate the candidate user, and a correct answer is generated after receiving the request to authenticate the candidate user.

15. At least one non-transitory computer-readable medium having computer-executable instructions embodied thereon, wherein when executed by at least one processor of a computing device in communication with a first database and a second database, the computer-executable instructions cause the at least one processor to: receive a request to authenticate a candidate user as an authentic user for accessing secure data stored in the second database;generate a challenge question based on user data stored in the first database, the user data including data known to the authentic user;transmit the challenge question to a user computing device associated with the candidate user;receive, from the user computing device, an answer to the challenge question;compare the received answer to the user data stored in the first database; andin response to the answer matching at least one portion of the user data stored in the first database, authenticate the candidate user as the authentic user to enable access to the data stored in the second database.

16. The non-transitory computer-readable medium of claim 15, wherein the challenge question and the at least one portion of the user data are associated with the authentic user and are received during a predefined period of time.

17. The non-transitory computer-readable medium of claim 15, wherein the challenge question includes a plurality of images, and wherein one of the plurality of images includes a correct answer to the challenge question.

18. The non-transitory computer-readable medium of claim 15, wherein the computer-executable instructions further cause the at least one processor to cause to display on the user computing device the challenge question.

19. The non-transitory computer-readable medium of claim 15, wherein the second database is associated with a host computing device, wherein the first database is associated with an authenticating computing device, and wherein the host computing device and the authenticating computing device are different and separate computing devices.

20. The non-transitory computer-readable medium of claim 15, wherein the challenge question includes a plurality of answers, and wherein one of the plurality of answers is a correct answer that matches the at least one portion of the user data stored in the first database.