1. Field of the Invention
The present invention relates to authenticating users to access and/or receive information, goods, services, and/or credit from a vendor. More particularly, the present invention relates to a fraud detection and identity verification system dynamically customizable by the vendor and/or a system/solution provider to support the vendor in providing products and/or services to users.
2. Description of the Related Art
Typically a vendor uses various methods and systems within a business process/transaction to authorize users when the users desire to access/receive services from the vendor. In particular, a typical business process incorporates fraud detection and identity verification processes (collectively implemented in a user authentication system) to authenticate users prior to authorizing users to access a service or a business transaction provided by the vendor. For example, a retail vendor selling products via the Internet can use a user authentication system to support the vendor's business process to authorize users purchasing the products. The retail vendor can use a user authentication system to interactively query from the user predetermined information as required by the vendor and to receive information input in response to the queries. Using the input information, the user authentication system authenticates the user and returns a response to the vendor. Based on the authentication system response, the vendor can decide whether to authorize or disallow the user according to the vendor's authorization process to proceed with purchasing the product. When the user is authorized according to the vendor's authorization process, which includes the user authentication system, the vendor may proceed to conclude and confirm the product purchase with the user.
However, the typical user authentication systems have fixed configurations based upon the vendor's authorization and/or business process requirements. The fixed configurations are authentication rules hard coded in software by system/solution providers that implement user authentication systems. The fixed authentication configuration model can disadvantageously limit the vendor, for example, reducing user authentication strength by frustrating the vendor's ability to maintain pace with fraud trends quickly and efficiently. In the typical user authentication system, the vendor would be required to engage a system/solution provider to modify the user authentication system software and/or develop new software to accommodate real-time changing fraud trends as well as vendor authorization and/or business process requirements. Further, typical authentication systems are tied to predetermined or a fixed type/number of data sources, again reducing user authentication strength. Further, typical authentication systems do not support dynamic multi-factor authentication. Further, typical authentication systems do not support advanced decision management and strategy evolution.