主权项 |
1. An apparatus comprising:
a memory operable to store a plurality of token-based rules, wherein a token-based rule facilitates the processing of transactions; and a processor communicatively coupled to the memory and operable to:
receive a transaction token indicating that a transaction associated with an entity has been requested;determine, in response to receiving the transaction token, a numeric assurance level based at least in part upon a form of authentication performed by a user associated with the transaction;determine, in response to receiving the transaction token, a numeric risk level based at least in part the numeric assurance level;determine at least one token-based rule based at least in part upon the transaction token, wherein the at least one token-based rule indicates a threshold risk level;compare the numeric risk level to the threshold risk level to determine that there is a risk that the transaction is fraudulent;determine that the transaction should be denied based at least in part upon the risk that the transaction is fraudulent;communicate a request that biometric authentication be performed, wherein the request is communicated in response to the determination that the transaction should be denied;receive at least one subject token indicating that the requested biometric authentication has been performed;in response to receiving the at least one subject token, re-determine the numeric assurance level based at least in part upon the at least one subject token;re-determine the numeric risk level based at least in part upon the re-determined numeric assurance level;compare the re-determined numeric risk level to the threshold risk level to determine that the risk that the transaction is fraudulent is reduced; anddetermine, in response to the determination that the risk that the transaction is fraudulent is reduced, that the transaction should be allowed. |