CPC G06Q 20/4014 (2013.01) [G06Q 20/4016 (2013.01); G06Q 20/4093 (2013.01)] | 23 Claims |
1. A communications server apparatus, comprising:
a memory storing processor-executable instructions;
an input/output communication module to communicate over a communications network; and
a processor to execute the processor-executable instructions in the memory, to manage authentications for a lifecycle of a login session based on one or more authentication events that occur during the login session, to cause the communications server apparatus to:
generate, by the processor for each authentication event during the login session, data for one or more event data fields in one or more data records including the one or more event data fields and one or more score data fields, the data generated for the one or more event data fields being indicative of a trust score corresponding to each of the authentication events during the login session, wherein each authentication event includes a combination of an authentication challenge and a response to the authentication challenge, a login session begins in response to a user log in to at least one service provided by a service provider and terminates in response to a user log out of the at least one service the service provider, and each trust score degrades over time;
generate, by the processor during the login session, data for each of the one or more event data fields indicative of a degraded trust score for each trust score;
generate, by the processor for the one or more score data fields, data indicative of a security score based on an accumulation of the degraded trust scores of the one or more event data fields corresponding to the one or more authentication events during the login session;
identify, by the processor in response to receiving, via the input/output communication module, request data indicative of an authentication request for a requested transaction during the login session from a client communications device, a value indicator associated with the requested transaction during the login session;
authenticate, by the processor, the login session in response to the authentication request from the client communications device whether the security score satisfies a threshold condition for the login session based on the value indicator associated with the requested transaction, wherein security scores for satisfying the threshold condition are variable according to value indicators of transactions; and
transmit, via the input/output communication module to at least the client communications device during the login session, data indicative of the authentication of the login session in response to the authentication request.
|