| 主权项 |
1. A computer-implemented method, comprising:
receiving, by processing circuitry, a request to authenticate an electronic transaction involving a specific user seeking access to a computerized resource; in response to receiving the request, analysing, by processing circuitry, at least one attribute associated with the electronic transaction, wherein the at least one attribute describes the electronic transaction involving the specific user; based on the analysis, determining, by processing circuitry, an attack threat in connection with the electronic transaction, wherein the attack threat describes one of a stolen device and a stolen identification credential obtained by a fraudster; based on the attack threat, selecting, by processing circuitry, an authentication challenge that challenges the specific user, wherein the attack threat acts as a decision factor in the selection of the authentication challenge such that a biometric challenge is selected in the event that the attack threat describes a stolen device and an out-of-band challenge is selected in the event that the attack threat describes a stolen identification credential; providing, by processing circuitry, the authentication challenge in a manner that requires the specific user to respond; receiving, by processing circuitry, a user response to the authentication challenge; generating, by processing circuitry, an authentication result based on the user response, the authentication result indicating whether the electronic transaction is authentic; and utilizing, by processing circuitry, the authentication result to control access by the specific user to the computerized resource. |
