SELECTIVELY AND INTELLIGENTLY DISPLAYING AUTHENTICATION NOTIFICATIONS TO PROTECT USERS

Organization Name

microsoft technology licensing, llc

Inventor(s)

Poulomi Bandyopadhyay of Sammamish WA (US)

Rajat Luthra of Redmond WA (US)

Lee Francis Walker of Blacksburg VA (US)

Zachary Michael Edwards of Monroe WA (US)

Colin Trent of Seattle WA (US)

SELECTIVELY AND INTELLIGENTLY DISPLAYING AUTHENTICATION NOTIFICATIONS TO PROTECT USERS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240129299 titled 'SELECTIVELY AND INTELLIGENTLY DISPLAYING AUTHENTICATION NOTIFICATIONS TO PROTECT USERS

Simplified Explanation

The abstract describes a method for selectively suppressing authentication request notifications to reduce notification fatigue and susceptibility to social engineering attacks. Notifications may be suppressed based on heuristics and machine learning models applied to the context of the login attempt.

• Notifications are selectively suppressed to reduce notification fatigue and susceptibility to social engineering attacks.
• Authentication request notifications may be suppressed by not presenting a push notification on the user's phone.
• The authentication request can still be accessed and approved by manually opening the authenticator app.
• Notifications may be suppressed based on heuristics and machine learning models applied to the context of the login attempt.
• One heuristic determines that the user has repeatedly ignored notifications caused by a particular IP address.
• Machine learning models generate a risk score from the login context, and notifications may be suppressed if the risk score exceeds a threshold.

Potential Applications

This technology could be applied in various industries where secure authentication is crucial, such as banking, healthcare, and e-commerce.

Problems Solved

This technology addresses the issues of notification fatigue and susceptibility to social engineering attacks by selectively suppressing authentication request notifications.

Benefits

The benefits of this technology include improved security, reduced user fatigue, and enhanced protection against unauthorized access.

Potential Commercial Applications

Potential commercial applications of this technology include integration into authentication systems for online banking, healthcare portals, and e-commerce platforms.

Possible Prior Art

One possible prior art could be the use of heuristics and machine learning models in authentication systems to enhance security measures.

Unanswered Questions

How does this technology impact user experience?

This article does not delve into the potential effects of suppressing authentication request notifications on the overall user experience.

What are the potential privacy implications of using machine learning models in authentication systems?

The article does not discuss the privacy implications of utilizing machine learning models in authentication systems and how user data is handled in this context.

Original Abstract Submitted

authentication request notifications are selectively suppressed, reducing notification fatigue and susceptibility to social engineering attacks. authentication request notifications may be suppressed by not presenting a push notification on the user's phone. the authentication request may still be accessed and approved by manually opening the authenticator app. notifications may be suppressed based on an estimation that the person attempting to login is not who they say they are. this estimation may be based on applying heuristics and/or machine learning models to the context of the login attempt, such as the ip address that originated the login request, time of day, recent user actions, patterns of previous logins, etc. one heuristic determines that the user has repeatedly ignored notifications caused by a particular ip address. machine learning models generate a risk score from the login context, and notifications may be suppressed if the risk score exceeds a threshold.