Contextual And Risk-Based Multi-Factor Authentication

Patent No. US12218934 (titled "Contextual And Risk-Based Multi-Factor Authentication") was filed by Qomplx Llc on Sep 13, 2024.

’934 is related to the field of network security, specifically multi-factor authentication (MFA). Traditional MFA methods often rely on single points of failure, such as email or SMS, making them vulnerable to compromise. The patent addresses the need for a more robust and dynamic authentication system that adapts to the context and risk associated with each access attempt.

The underlying idea behind ’934 is to dynamically adjust the stringency of MFA based on real-time risk assessment. Instead of a fixed set of authentication factors, the system analyzes network traffic patterns and user behavior to determine a required verification score . Users then accumulate points towards this score by completing various verification methods.

The claims of ’934 focus on a computer system and method that receives an authentication request, stores information about the request in a time-series database , determines if additional verification is needed based on historical access patterns, and prompts the client to complete an additional verification method if required. The system identifies anomalous access requests relative to a baseline profile.

In practice, the system monitors network traffic and user activity to establish a baseline of normal behavior. When a user attempts to access a resource, the system checks the request against this baseline. If the request is deemed risky (e.g., unusual location, time, or resource access pattern, or a potential brute force attack), the system increases the required verification score. The user is then prompted to complete additional verification steps, such as biometric scans, one-time codes, or confirmations from trusted parties, until the score is met.

This approach differs from static MFA systems by incorporating contextual risk assessment . By analyzing historical data and real-time network traffic, the system can dynamically adjust the level of security required for each access attempt. This reduces the reliance on single authentication factors and provides a more adaptive and secure authentication process, mitigating the vulnerabilities of traditional MFA methods.

How does this patent fit in bigger picture?

Technical landscape at the time

In the mid-2010s when ’934 was filed, multi-factor authentication was typically implemented using methods such as one-time codes sent via SMS or email. Systems commonly relied on username/password combinations as the primary authentication factor, with MFA as a secondary layer. Hardware or software constraints made dynamic risk assessment and adaptation of authentication factors non-trivial, often requiring significant server-side processing and data analysis.

Novelty and Inventive Step

The examiner approved the application because the prior art of record, while disclosing methods for detecting emerging cyber security attacks, did not teach receiving a client authentication request with an identifier and password, storing information about the request in a multidimensional time-series database, retrieving historical access request information associated with the user account from the database, determining whether the user account is associated with a previous anomalous access request based on the historical information, selecting an additional verification method from a plurality of verification methods, and prompting the client to complete the additional verification.

Claims

This patent contains 30 claims, with independent claims 1, 11, 18, and 26. The independent claims generally focus on authenticating a client by receiving a request, storing information in a time-series database, determining if additional verification is needed based on historical data and anomalous requests or brute force attacks, and then selecting and prompting for an additional verification method. The dependent claims generally elaborate on the specifics of the historical information, additional verification processes, alerts, and system configurations.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)	Support for Specification	Interpretation
Additional verification method (Claim 1, Claim 11, Claim 18, Claim 26)	“What is needed is a system that uses a combination of verification methods so that over-reliance on a single, and possibly compromised, method is eliminated. Such a system should be able to dynamically determine the varying amounts of verification needed, based on the context and risks associated with the connection. The user may then collect verification points via a plurality of verification methods to gain access.”	A method selected from a set of methods to verify a client's identity beyond the initial identifier and password, triggered when additional verification is deemed necessary.
Baseline profile of access requests (Claim 1, Claim 11)	“According to one aspect of the invention, a system for contextual and risk-based multi-factor authentication is provided, comprising a multi-dimensional time series data server comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to monitor and record a network's traffic data, and serve the traffic data to other modules; and a directed computation graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to receive traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the traffic data, and determine a required verification score needed before granting access by a user to a network resource based at least in part by the network traffic baseline; wherein the user uses the plurality of verification methods to build up the required verification score in order to gain access to the network resource.”	A standard or expected pattern of access requests associated with a user account, used to identify anomalous or unusual access attempts.
Brute force attack (Claim 18, Claim 26)	“However, the system is not without its faults. One such fault is over-reliance on a single method of delivery. For example, once a user's email is compromised, it may be trivial to gain access to that user's other accounts by simply requesting a password reset, which are usually conducted through the user's email. One-time use codes, such as those from banking websites, are also often sent to the user's email address.”	A series of multiple authentication requests attempting to guess a password.
Multidimensional time-series database (Claim 1, Claim 11, Claim 18, Claim 26)	“According to one aspect of the invention, a system for contextual and risk-based multi-factor authentication is provided, comprising a multi-dimensional time series data server comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to monitor and record a network's traffic data, and serve the traffic data to other modules; and a directed computation graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to receive traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the traffic data, and determine a required verification score needed before granting access by a user to a network resource based at least in part by the network traffic baseline; wherein the user uses the plurality of verification methods to build up the required verification score in order to gain access to the network resource.”	A database used to store information about access requests, including historical data, for the purpose of determining if additional verification is required.

Litigation Cases New

US Latest litigation cases involving this patent.

Case Number	Filing Date	Title
1:25-cv-01383	Nov 14, 2025	Astellas Pharma Inc. v. Renata Limited

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

Date
Description

Get instant alerts for new documents

Feb 19, 2026
Communication - Re: Power of Attorney (PTOL-308)
Feb 19, 2026
Communication - Re: Power of Attorney (PTOL-308)
Jan 30, 2026
Power of Attorney
Jan 30, 2026
Electronic Filing System Acknowledgment Receipt
Feb 4, 2025
Digitally signed official patent eGrant document
Feb 4, 2025
eGrant day-of Notification
Jan 15, 2025
Issue Notification
Jan 3, 2025
Notice of Publication
Dec 27, 2024
Electronic Fee Payment
Dec 27, 2024
Issue Fee Payment (PTO-85B)
Dec 27, 2024
Electronic Filing System Acknowledgment Receipt
Dec 27, 2024
Notice of Allowance and Fees Due (PTOL-85)
Dec 27, 2024
List of references cited by examiner
Dec 27, 2024
Search information including classification, databases and other search related notes
Dec 27, 2024
Index of Claims
Dec 27, 2024
Issue Information including classification, examiner, name, claim, renumbering, etc.
Dec 27, 2024
Examiner's search strategy and results
Dec 27, 2024
List of References cited by applicant and considered by examiner
Dec 27, 2024
Office Action Appendix
Nov 20, 2024
Electronic Filing System Acknowledgment Receipt
Nov 20, 2024
Amendment/Request for Reconsideration-After Non-Final Rejection
Nov 20, 2024
Claims
Nov 20, 2024
Applicant Arguments/Remarks Made in an Amendment
Nov 20, 2024
Electronic Fee Payment
Nov 20, 2024
Terminal Disclaimer-Electronic-Approved
Nov 20, 2024
Terminal Disclaimer-Filed (Electronic)
Nov 20, 2024
Electronic Filing System Acknowledgment Receipt
Nov 7, 2024
Non-Final Rejection
Nov 7, 2024
List of references cited by examiner
Nov 7, 2024
Search information including classification, databases and other search related notes
Nov 7, 2024
Index of Claims
Nov 7, 2024
Bibliographic Data Sheet
Nov 7, 2024
List of References cited by applicant and considered by examiner
Nov 7, 2024
Office Action Appendix
Nov 7, 2024
Examiner's search strategy and results
Nov 7, 2024
Assignment Record
Nov 6, 2024
Patent Assignment Verification
Oct 22, 2024
Track One request Granted
Sep 26, 2024
Filing Receipt
Sep 26, 2024
Fee Worksheet (SB06)
Sep 26, 2024
Welcome Letter from USPTO Director and Deputy Director
Sep 14, 2024
Application body structured text document
Sep 14, 2024
Track One Request
Sep 14, 2024
Electronic Fee Payment
Sep 14, 2024
Internet Communications Authorization
Sep 14, 2024
Specification
Sep 14, 2024
Claims
Sep 14, 2024
Abstract
Sep 14, 2024
Information Disclosure Statement (IDS) Form (SB08)
Sep 14, 2024
Electronic Filing System Acknowledgment Receipt
Sep 14, 2024
Drawings-only black and white line drawings
Sep 14, 2024
Oath or Declaration filed
Sep 14, 2024
Oath or Declaration filed
Sep 14, 2024
Power of Attorney
Sep 14, 2024
Application Data Sheet
Sep 14, 2024
Oath or Declaration filed
Sep 14, 2024
Drawings-black and white line and/or other drawings
Sep 13, 2024
Placeholder sheet indicating presence of supplemental content in Supplemental Complex Repository for Examiners(SCORE)

US12218934

QOMPLX LLC

Application Number: US18885474
Filing Date: Sep 13, 2024
Status: Granted
Expiry Date: Oct 28, 2035
External Links: Slate, USPTO, Google Patents

IP Verse