Field of the Disclosure
The present disclosure generally relates to online and/or mobile payments and more particularly to a focus-based challenge-response authentication system that may be used with an online and/or mobile payment system.
Related Art
More and more consumers are purchasing items and services over electronic networks such as, for example, the Internet. Consumers routinely purchase products and services from merchants and individuals alike. The transactions may take place directly between a conventional or online merchant or retailer and the consumer, and payment is typically made by entering credit card or other financial information. Transactions may also take place with the aid of an online or mobile payment service provider such as, for example, PayPal, Inc. of San Jose, Calif. Such payment service providers can make transactions easier and safer for the parties involved. Purchasing with the assistance of a payment service provider from the convenience of virtually anywhere using a mobile device is one main reason why online and/or mobile purchases are growing very quickly.
In many aspects of online and/or mobile payments, as well as in many situations where online and/or mobile payments are not involved, it may be desirable to authenticate a user attempting to access a website, application, and/or other network service. Authentication is performed to ensure that the entity interacting with the website, application, and/or other network service is not autonomous program running on a computer (e.g., a ‘bot’,) and may be desired by website, application, or other network operators to protect against such bots generating spam (e.g., by posting spam on a message board or other social communication application,) signing up as users (e.g., signing up as a user of a message board or other social communication application, signing up for an email address, etc.,) and/or performing a variety of other bot actions know in the art.
Conventional authentication methods provide word(s) and/or groups of characters to an entity attempting to access a website, application, or other network service, and require the entity to type in the word(s) or groups of characters in order to be authenticated and gain access to the website, application, and/or network service. The words and/or groups of characters may be distorted or warped, obscured (e.g., with an angled line drawn through them), crowded (positioned closer together than is customary for ordinary reading,) and/or subject to a variety of other attributes known in the art of word/character authentication methods. In some instances, words that have been scanned from books or other similar physical documents and that have previously presented problems to Optical Character Recognition (OCR) programs are used. While such conventional authentication methods have been somewhat successful at preventing bot access to websites, applications, and/or network systems, they have also proven to provide various difficulties to humans attempting to access the website, application, or network through a computer.
Thus, there is a need for an improved challenge-response authentication system.