Contextual And Risk-Based Multi-Factor Authentication

Patent No. US12218934 (titled "Contextual And Risk-Based Multi-Factor Authentication") was filed by Qomplx Llc on Sep 13, 2024.

’934 is related to the field of network security, specifically multi-factor authentication (MFA). Traditional MFA methods often rely on single points of failure, such as email or SMS, making them vulnerable to compromise. The patent addresses the need for a more robust and dynamic authentication system that adapts to the context and risk associated with each access attempt.

The underlying idea behind ’934 is to dynamically adjust the stringency of MFA based on real-time risk assessment. Instead of a fixed set of authentication factors, the system analyzes network traffic patterns and user behavior to determine a required verification score . Users then accumulate points towards this score by completing various verification methods.

The claims of ’934 focus on a computer system and method that receives an authentication request, stores information about the request in a time-series database , determines if additional verification is needed based on historical access patterns, and prompts the client to complete an additional verification method if required. The system identifies anomalous access requests relative to a baseline profile.

In practice, the system monitors network traffic and user activity to establish a baseline of normal behavior. When a user attempts to access a resource, the system checks the request against this baseline. If the request is deemed risky (e.g., unusual location, time, or resource access pattern, or a potential brute force attack), the system increases the required verification score. The user is then prompted to complete additional verification steps, such as biometric scans, one-time codes, or confirmations from trusted parties, until the score is met.

This approach differs from static MFA systems by incorporating contextual risk assessment . By analyzing historical data and real-time network traffic, the system can dynamically adjust the level of security required for each access attempt. This reduces the reliance on single authentication factors and provides a more adaptive and secure authentication process, mitigating the vulnerabilities of traditional MFA methods.

How does this patent fit in bigger picture?

Technical landscape at the time

In the mid-2010s when ’934 was filed, multi-factor authentication was typically implemented using methods such as one-time codes sent via SMS or email. Systems commonly relied on username/password combinations as the primary authentication factor, with MFA as a secondary layer. Hardware or software constraints made dynamic risk assessment and adaptation of authentication factors non-trivial, often requiring significant server-side processing and data analysis.

Novelty and Inventive Step

The examiner approved the application because the prior art of record, while disclosing methods for detecting emerging cyber security attacks, did not teach receiving a client authentication request with an identifier and password, storing information about the request in a multidimensional time-series database, retrieving historical access request information associated with the user account from the database, determining whether the user account is associated with a previous anomalous access request based on the historical information, selecting an additional verification method from a plurality of verification methods, and prompting the client to complete the additional verification.

Claims

This patent contains 30 claims, with independent claims 1, 11, 18, and 26. The independent claims generally focus on authenticating a client by receiving a request, storing information in a time-series database, determining if additional verification is needed based on historical data and anomalous requests or brute force attacks, and then selecting and prompting for an additional verification method. The dependent claims generally elaborate on the specifics of the historical information, additional verification processes, alerts, and system configurations.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)	Support for Specification	Interpretation
Additional verification method (Claim 1, Claim 11, Claim 18, Claim 26)	“What is needed is a system that uses a combination of verification methods so that over-reliance on a single, and possibly compromised, method is eliminated. Such a system should be able to dynamically determine the varying amounts of verification needed, based on the context and risks associated with the connection. The user may then collect verification points via a plurality of verification methods to gain access.”	A method selected from a set of methods to verify a client's identity beyond the initial identifier and password, triggered when additional verification is deemed necessary.
Baseline profile of access requests (Claim 1, Claim 11)	“According to one aspect of the invention, a system for contextual and risk-based multi-factor authentication is provided, comprising a multi-dimensional time series data server comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to monitor and record a network's traffic data, and serve the traffic data to other modules; and a directed computation graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to receive traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the traffic data, and determine a required verification score needed before granting access by a user to a network resource based at least in part by the network traffic baseline; wherein the user uses the plurality of verification methods to build up the required verification score in order to gain access to the network resource.”	A standard or expected pattern of access requests associated with a user account, used to identify anomalous or unusual access attempts.
Brute force attack (Claim 18, Claim 26)	“However, the system is not without its faults. One such fault is over-reliance on a single method of delivery. For example, once a user's email is compromised, it may be trivial to gain access to that user's other accounts by simply requesting a password reset, which are usually conducted through the user's email. One-time use codes, such as those from banking websites, are also often sent to the user's email address.”	A series of multiple authentication requests attempting to guess a password.
Multidimensional time-series database (Claim 1, Claim 11, Claim 18, Claim 26)	“According to one aspect of the invention, a system for contextual and risk-based multi-factor authentication is provided, comprising a multi-dimensional time series data server comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to monitor and record a network's traffic data, and serve the traffic data to other modules; and a directed computation graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to receive traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the traffic data, and determine a required verification score needed before granting access by a user to a network resource based at least in part by the network traffic baseline; wherein the user uses the plurality of verification methods to build up the required verification score in order to gain access to the network resource.”	A database used to store information about access requests, including historical data, for the purpose of determining if additional verification is required.

Litigation Cases New

US Latest litigation cases involving this patent.

Case Number	Filing Date	Title
1:25-cv-01383	Nov 14, 2025	Astellas Pharma Inc. v. Renata Limited

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

Get instant alerts for new documents

US12218934

QOMPLX LLC

Application Number: US18885474
Filing Date: Sep 13, 2024
Status: Granted
Expiry Date: Oct 28, 2035
External Links: Slate, USPTO, Google Patents

IP Verse