Year after year, the number of electronic transactions performed via computing devices continues to increase. Additionally, the number of computing devices associated with a single user has also continued to increase over time. For example, it is not uncommon for a user to possess a personal computer and at least one of smartphone device or a tablet device. Further, many users utilize these multiple computing devices for performing electronic transactions with a same electronic entity or service. For example, many financial institutions and digital content providers offer access to their system via desktop or mobile devices to perform substantially the same types of electronic transactions. In another example, these devices may access a same storefront for downloading digital content to the various devices. Moreover, there are many instances in which the user may utilize someone else's computing device to perform such electronic transactions.
In general, such devices are allowed to complete transactions with an electronic entity based on verification of a username/password combination. That is, upon accessing a portal of the electronic entity, the user will typically be requested to supply a valid username/password combination to gain access or complete a transaction. Thereafter, the electronic entity's authentication systems can determine whether or not the combination is valid and allow access by the user if the combination is valid.
For some types of electronic entities, there can be additional safeguards implemented to protect the user from fraud or identity theft. In one example, an electronic entity can require the user to generate a user profile during a previous visit and the user can be required to answer additional questions associated with the user profile when performing certain tasks. Successfully answering such questions can result not only in providing user access, but can result in placement of a cookie or other piece of software on the device to “mark” the device as a known or trusted device during a future visit to avoid the need for such questions. Alternatively, the user can also adjust the user profile to specifically add the device to the account associated with the electronic entity to allow the electronic entity's authentication system to automatically recognize the device.
In general, when the above-mentioned authentication is successful, no further action is taken by the electronic entity's authentication systems. Some electronic entities do offer the option of providing an alert when a new device is added to the list of known or trusted devices in a user profile or when there are other changes in a user profile. This generally occurs via the directing of a pre-defined message via contact information retrieved from the user profile. However, this type of notification generally fails to consider how the user has been utilizing the authentication information. Accordingly, in many instances, authentication systems fail to detect fraudulent access by third parties in possession of the user's authentication information. Worst yet, the user may not be notified of such access by these third parties.