Abstract: A system includes an identity authentication system interface operatively coupled to a computerized network for receiving identity information over the computerized network. An identity authentication tool operatively coupled to the identity authentication system interface that receives, from the identity authentication system interface, a request to authenticate an identity; information pertaining to the user; information pertaining to the user; a collected electronic signature representation of a user; and a private information indicator from the user device. The identity authentication tool determines an indication of whether the user information matches user information stored by the identity authentication tool; and the private information indicator from the user device indicates that the user's private information was verified. An indication that the identity was verified or not verified is output by the identity authentication tool.

Abstract: Systems and methods for managing a reputation score of a user based on successful and failed logins, successful and failed multifactor authentications, and profile changes is described. The method includes receiving, by a server, status information of a user event from one or more computing devices. The status information includes one or more of an indicator of a successful login, an indicator of a failed login, an indicator of a successful multifactor authentication, an indicator of a failed multifactor authentication, an indicator of a profile update, and metadata associated with the user event from the one or more computing devices. The server updates events based on a type of the status information received and storing the events in a data store and determines whether a problematic situation has occurred. A reputation score of the user is updated when the problematic situation is determined.

Abstract: Systems and methods for managing a reputation score of a user based on successful and failed logins, successful and failed multifactor authentications, and profile changes is described. The method includes receiving, by a server, status information of a user event from one or more computing devices. The status information includes one or more of an indicator of a successful login, an indicator of a failed login, an indicator of a successful multifactor authentication, an indicator of a failed multifactor authentication, an indicator of a profile update, and metadata associated with the user event from the one or more computing devices. The server updates events based on a type of the status information received and storing the events in a data store and determines whether a problematic situation has occurred. A reputation score of the user is updated when the problematic situation is determined.

Abstract: A system for combining data from various data providers, certain portions of said data necessary to perform identity related services, said portions of said data combined into a central repository with a secure data structure, said data structure made available to outside parties participating in verification or validation services on at least a part of said portions of said data, storing the results of said services as separate entries in said data structure, resulting after a review in a total score, that can be used as a proofed portable identity verification.

Abstract: A system includes an identity authentication system interface operatively coupled to a computerized network for receiving identity information over the computerized network. An identity authentication tool operatively coupled to the identity authentication system interface that receives, from the identity authentication system interface, a request to authenticate an identity; information pertaining to the user; information pertaining to the user; a collected electronic signature representation of a user; and a private information indicator from the user device. The identity authentication tool determines an indication of whether the user information matches user information stored by the identity authentication tool; and the private information indicator from the user device indicates that the user's private information was verified. An indication that the identity was verified or not verified is output by the identity authentication tool.

Abstract: Systems and methods for managing a reputation score of a user based on successful and failed logins, successful and failed multifactor authentications, and profile changes is described. The method includes receiving, by a server, status information of a user event from one or more computing devices. The status information includes one or more of an indicator of a successful login, an indicator of a failed login, an indicator of a successful multifactor authentication, an indicator of a failed multifactor authentication, an indicator of a profile update, and metadata associated with the user event from the one or more computing devices. The server updates events based on a type of the status information received and storing the events in a data store and determines whether a problematic situation has occurred. A reputation score of the user is updated when the problematic situation is determined.

Abstract: The proposed system aims to perform regulatory identification in a given transaction context. Through this system, clients validate customers via multiple angles, specifically, risk-based authentication and identity risk analysis. Ultimately the output recommendation helps clients decide whether to proceed with the transaction. Clients use the system in a variety of contexts. In the KYC (Know Your Customer) context, clients often are legally required to vet prospective customers thoroughly. For instance, it might be illegal to do business with someone from a sanctioned country, or someone on a sanctioned list provided by OFAC. In the anti-fraud context, clients have a different set of concerns. They care more about the identity risk of the transaction. They might want to know if an identity they encountered is a synthetic identity, and stop the fraudulent transaction from going through. IDM can provide a recommendation on both of the contexts above, with a measure of estimated confidence.

Abstract: A system for combining data from various data providers, certain portions of said data necessary to perform identity related services, said portions of said data combined into a central repository with a secure data structure, said data structure made available to outside parties participating in verification or validation services on at least a part of said portions of said data, storing the results of said services as separate entries in said data structure, resulting after a review in a total score, that can be used as a proofed portable identity verification.

Abstract: A system for combining data from various data providers, certain portions of said data necessary to perform identity related services, said portions of said data combined into a central repository with a secure data structure, said data structure made available to outside parties participating in verification or validation services on at least a part of said portions of said data, storing the results of said services as separate entries in said data structure, resulting after a review in a total score, that can be used as a proofed portable identity verification.

Abstract: A graphlet is extracted from a relation graph for digital identity verification. The relation graph contains data element nodes collected about access activities, such as user access context, payment instrument, address, device information, etc. The graph can be examined to identify node groups in demarcation areas. Nodes outside of the demarcation areas represent data elements of a user; and the data elements in the demarcation areas may or may not be of the user in general. The system determines a matching score between the nodes outside of the demarcation areas and the nodes in a demarcation area. The nodes in the demarcation area are attributed to the user if the matching score is above a threshold. The nodes attributed to the user are combined as the graphlet showing the data elements of the user and used in user authentication and/or access control via electronic signature.

Abstract: In some examples, a computerized sanction screening system may include an automated system for collection of sanction information, and a routine for analyzing additional available data related to sanction information entities. The system may also include an automated analysis summary routine for creating condensed information subsets or graphlets containing relevant information about sanction entities, some of which can be entities themselves, organized in a data retrieval system, such that an automated transaction system can check data from transactions and automatically identify and flag potentially sanctioned transactions. Then upon exceeding a preset contextual limit, a potential blocking warning is issued.

Abstract: A system for combining data from various data providers, certain portions of said data necessary to perform identity related services, said portions of said data combined into a central repository with a secure data structure, said data structure made available to outside parties participating in verification or validation services on at least a part of said portions of said data, storing the results of said services as separate entries in said data structure, resulting after a review in a total score, that can be used as a proofed portable identity verification.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and identifies a new connection in the graph resulting from update. The controller communicates with an identity service to verify the association of data elements corresponding to the new connection in the graph. Based on a result of the verification, the controller authenticates the user of the access and/or controls the access.

Abstract: An authentication system for electronic transactions occurring over a computerized network is provided that includes: (a) a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transactions information over the computerized network; and (b) a transaction authentication tool, operatively coupled to the transaction authentication system interface, where the tool includes: an automated anti-fraud analysis component for analyzing transactions information from a plurality of proposed transactions and automatically rejecting a first subset of proposed transactions according to automatic rejection criteria and automatically assigning a second subset of transactions for additional review; and an automated acceptance component for analyzing the second subset of transactions and accepting a third subset of transactions from the second subset based upon automatic accepting criteria.

Abstract: The proposed system aims to perform regulatory identification in a given transaction context. Through this system, clients validate customers via multiple angles, specifically, risk-based authentication and identity risk analysis. Ultimately the output recommendation helps clients decide whether to proceed with the transaction. Clients use the system in a variety of contexts. In the KYC (Know Your Customer) context, clients often are legally required to vet prospective customers thoroughly. For instance, it might be illegal to do business with someone from a sanctioned country, or someone on a sanctioned list provided by OFAC. In the anti-fraud context, clients have a different set of concerns. They care more about the identity risk of the transaction. They might want to know if an identity they encountered is a synthetic identity, and stop the fraudulent transaction from going through. IDM can provide a recommendation on both of the contexts above, with a measure of estimated confidence.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and determines a plurality of measurements of the graph. After computing a score of the graph based on a weighted average of the measurements, the controller authenticates the user of the access and/or controls the access based on the score.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and identifies changes in the graph resulting from update. For each of the changes, the controller identifies a set of elements in the graph that are up to a predetermined number of degrees of separate from the change and evaluates the trustworthiness of user identities corresponding to the set of elements identified for the change. Based on the trustworthiness, the controller authenticates the user of the access and/or controls the access.

Abstract: A graphlet is extracted from a relation graph for digital identity verification. The relation graph contains data element nodes collected about access activities, such as user access context, payment instrument, address, device information, etc. The graph can be examined to identify node groups in demarcation areas. Nodes outside of the demarcation areas represent data elements of a user; and the data elements in the demarcation areas may or may not be of the user in general. The system determines a matching score between the nodes outside of the demarcation areas and the nodes in a demarcation area. The nodes in the demarcation area are attributed to the user if the matching score is above a threshold. The nodes attributed to the user are combined as the graphlet showing the data elements of the user and used in user authentication and/or access control via electronic signature.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and identifies a new connection in the graph resulting from update. The controller communicates with an identity service to verify the association of data elements corresponding to the new connection in the graph. Based on a result of the verification, the controller authenticates the user of the access and/or controls the access.

Abstract: An example merchant fraud system may include an automated system for collecting contextual relationship information, plus a routine for analyzing additional data related to sanctions. The system may also include an automated analysis summary routine for creating condensed information subsets or graphlets containing information about sanction entities, some of which can be entities themselves, organized in a data retrieval system, such that an automated relationship examination system can check data from transactions and automatically identify and flag potentially suspect relationship aspects. The system may issue a fraud warning and may review a flagged transaction cluster, accepting transactions when transaction cluster items do not contain links to a known bad entity. Based on a hit with a suspect entity, the breadth of the examined co-related items may be expanded, and if that expansion results in one or more suspect connections, a transaction is rejected and sent for further review.