摘要 |
Methods and systems for authenticating a user are provided. In an embodiment, an authentication service device receives a request to authenticate a user, and transmits a transaction history database query based on business rules concerning transactions conducted by the user. The response to the query includes a plurality of transactions, and the authentication service device generates a user authentication form that includes a set of transactions, and at least two of the transactions include a redacted transaction detail field. The user authentication form is transmitted to a user device, and user responses to the redacted transaction detail fields are received. The user is authenticated based on a monetary amount response that falls within a predetermined variance threshold, at least one positive information response, and on the user satisfying a permissible number of retry(s) requirement. |