Abstract: The proposed system aims to perform regulatory identification in a given transaction context. Through this system, clients validate customers via multiple angles, specifically, risk-based authentication and identity risk analysis. Ultimately the output recommendation helps clients decide whether to proceed with the transaction. Clients use the system in a variety of contexts. In the KYC (Know Your Customer) context, clients often are legally required to vet prospective customers thoroughly. For instance, it might be illegal to do business with someone from a sanctioned country, or someone on a sanctioned list provided by OFAC. In the anti-fraud context, clients have a different set of concerns. They care more about the identity risk of the transaction. They might want to know if an identity they encountered is a synthetic identity, and stop the fraudulent transaction from going through. IDM can provide a recommendation on both of the contexts above, with a measure of estimated confidence.

Abstract: The proposed system aims to perform regulatory identification in a given transaction context. Through this system, clients validate customers via multiple angles, specifically, risk-based authentication and identity risk analysis. Ultimately the output recommendation helps clients decide whether to proceed with the transaction. Clients use the system in a variety of contexts. In the KYC (Know Your Customer) context, clients often are legally required to vet prospective customers thoroughly. For instance, it might be illegal to do business with someone from a sanctioned country, or someone on a sanctioned list provided by OFAC. In the anti-fraud context, clients have a different set of concerns. They care more about the identity risk of the transaction. They might want to know if an identity they encountered is a synthetic identity, and stop the fraudulent transaction from going through. IDM can provide a recommendation on both of the contexts above, with a measure of estimated confidence.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and determines a plurality of measurements of the graph. After computing a score of the graph based on a weighted average of the measurements, the controller authenticates the user of the access and/or controls the access based on the score.

Abstract: A controller for user authentication and access control, configured to: store data representing a graph having: nodes representing data elements associated with accesses made using an access token; and links among the nodes representing connections between the data elements identified in details of the accesses. In response to receiving details of an access made using the access token, the controller updates the graph according to the details and determines a plurality of measurements of the graph. After computing a score of the graph based on a weighted average of the measurements, the controller authenticates the user of the access and/or controls the access based on the score.