US2010174660A1PendingUtilityA1

Methods and computer-readable media for facilitating forensic investigations of online transactions

61
Assignee: BCE INCPriority: Dec 5, 2007Filed: Dec 5, 2007Published: Jul 8, 2010
Est. expiryDec 5, 2027(~1.4 yrs left)· nominal 20-yr term from priority
G06Q 30/00G06Q 20/403G06Q 30/0185
61
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method, comprising: receiving a first identifier associated with an online transaction and a second identifier used by end user equipment involved in the online transaction; obtaining evidentiary information pertaining to the end user equipment based on the second identifier; storing in a database a record that associates the first identifier with the evidentiary information; and retrieving one of (i) the evidentiary information in said record and (ii) the first identifier in response to a request identifying the other of (i) the evidentiary information in said record and (ii) the first identifier. Where the online transaction is effected over a network after the end user equipment has gained access thereto, the evidentiary information may include information pertaining to a subscriber whose credentials were used by the end user equipment to gain access to the network. The information pertaining to the subscriber may include personal information about the subscriber. Alternatively, the evidentiary information may include location information.

Claims

exact text as granted — not AI-modified
1 . A method, comprising:
 receiving a first identifier associated with an online transaction and a second identifier used by end user equipment involved in the online transaction;   obtaining evidentiary information pertaining to the end user equipment based on the second identifier;   storing in a database a record that associates the first identifier with the evidentiary information; and   retrieving one of (i) the evidentiary information in said record and (ii) the first identifier in response to a request identifying the other of (i) the evidentiary information in said record and (ii) the first identifier.   
     
     
         2 . The method defined in  claim 1 , wherein the request identifies the first identifier. 
     
     
         3 . The method defined in  claim 2 , wherein the request is received after said receiving the first identifier. 
     
     
         4 . The method defined in  claim 3 , wherein the request is issued by a party conducting a forensic investigation of the online transaction. 
     
     
         5 . The method defined in  claim 1 , wherein the request identifies the evidentiary information. 
     
     
         6 . The method defined in  claim 5 , wherein the request is received after said receiving the first identifier. 
     
     
         7 . The method defined in  claim 5 , wherein the request is received prior to said receiving the first identifier. 
     
     
         8 . The method defined in  claim 7 , wherein the request is issued by a party monitoring online transactions effected by a user associated with the first identifier. 
     
     
         9 . The method defined in  claim 1 , wherein the second identifier is a logical identifier assigned to the end user equipment. 
     
     
         10 . The method defined in  claim 9 , wherein the second identifier is an Internet Protocol address. 
     
     
         11 . The method defined in  claim 9 , wherein the online transaction is effected over a network, the method further comprising assigning the logical identifier to the end user equipment in response to the end user equipment requesting access to the network. 
     
     
         12 . The method defined in  claim 9 , wherein obtaining the evidentiary information comprises consulting a second database comprising a plurality of records each relating a respective logical identifier to one or more of a respective service point location and personal information about a respective subscriber. 
     
     
         13 . The method defined in  claim 12 , wherein the online transaction is effected over a network, the method further comprising assigning new logical identifiers to various new end user equipment requesting access to the network and updating the second database with (i) the new logical identifiers so assigned and (ii) for each of the new logical identifiers, one or more of a respective location of the corresponding new end user equipment and personal information about a respective subscriber whose credentials were used by the corresponding new end user equipment to gain access to the network. 
     
     
         14 . The method defined in  claim 1 , wherein the online transaction is effected over a network after the end user equipment has gained access thereto and wherein the evidentiary information includes information pertaining to a subscriber whose credentials were used by the end user equipment to gain access to the network. 
     
     
         15 . The method defined in  claim 14 , wherein the information pertaining to the subscriber includes personal information about the subscriber. 
     
     
         16 . The method defined in  claim 1 , wherein the online transaction is effected over a network after the end user equipment has gained access thereto and wherein the evidentiary information includes location information. 
     
     
         17 . The method defined in  claim 16 , wherein the location information comprises a location of the end user equipment when access to the network was gained. 
     
     
         18 . The method defined in  claim 1 , wherein the first identifier is a unique transaction identifier generated by an entity that is a member of a financial network. 
     
     
         19 . The method defined in  claim 1 , wherein said first identifier and said second identifier are received from an entity that is a member of a financial network. 
     
     
         20 . The method defined in  claim 1 , wherein said first identifier and said second identifier are received from a merchant site with which the end user equipment interacts to effect the online transaction. 
     
     
         21 . The method defined in  claim 1 , wherein the online transaction involves at least one of an attempt to make a payment and an attempt to effect a fund transfer. 
     
     
         22 . The method defined in  claim 1 , wherein the online transaction involves at least one of an attempt to access secure online content and an attempt to access a virtual private network. 
     
     
         23 . A computer-readable medium comprising computer-readable program code which, when interpreted by a transaction management entity, causes the transaction management entity to execute a method, the computer-readable program code comprising:
 first computer-readable program code for causing the transaction management entity to be attentive to receipt of a first identifier associated with an online transaction and a second identifier used by end user equipment involved in the online transaction;   second computer-readable program code for causing the transaction management entity to obtain evidentiary information pertaining to the end user equipment based on the second identifier;   third computer-readable program code for causing the transaction management entity to store in a database a record that associates the first identifier with the evidentiary information; and   fourth computer-readable program code for causing the transaction management entity to retrieve one of (i) the evidentiary information in said record and (ii) the first identifier in response to a request identifying the other of (i) the evidentiary information in said record and (ii) the first identifier.   
     
     
         24 . A system comprising:
 a transaction record database comprising a plurality of records, each of said records relating a respective first identifier associated with an online transaction to respective evidentiary information pertaining to end user equipment involved in the online transaction; and   a transaction management entity configured to respond to a request identifying one of (i) a given first identifier associated with a given online transaction and (ii) evidentiary information related by one of said records to a given first identifier by retrieving the other of (i) the given first identifier and (ii) the evidentiary information related thereto.   
     
     
         25 . The system defined in  claim 24 , the transaction management entity being further configured to populate the transaction record database with a record for the given first identifier further to receipt of the given first identifier and a respective second identifier used by end user equipment involved in the given online transaction. 
     
     
         26 . The system defined in  claim 25 , wherein to populate the transaction record database with the record for the given first identifier, the transaction management entity is configured to obtain said evidentiary information by consulting a second database on a basis of the second identifier, the second database comprising a plurality of records each relating a respective identifier to respective evidentiary information. 
     
     
         27 . The system defined in  claim 26 , wherein the given online transaction is effected over a network after the end user equipment has gained access thereto and wherein the evidentiary information includes information pertaining to a subscriber whose credentials were used by the end user equipment involved in the given online transaction to gain access to the network. 
     
     
         28 . The method defined in  claim 26 , wherein the given online transaction is effected over a network after the end user equipment has gained access thereto and wherein the evidentiary information includes location information indicative of a location of the end user equipment involved in the given online transaction when access to the network was gained. 
     
     
         29 . A method of investigating an online transaction associated with a transaction identifier, comprising:
 providing the transaction identifier to a transaction management entity;   obtaining from the transaction management entity evidentiary information pertaining to the end user equipment involved in the online transaction associated with the transaction identifier; and   comparing the evidentiary information to information associated with a transaction object used to effect the online transaction.   
     
     
         30 . The method defined in  claim 29 , further comprising:
 concluding that the online transaction was fraudulent or illegal when the comparing yields that the evidentiary information does not match the information associated with the transaction object used to effect the online transaction.   
     
     
         31 . The method defined in  claim 30 , wherein the online transaction is effected over a network after the end user equipment involved in the online transaction has gained access thereto and wherein the evidentiary information includes information pertaining to a subscriber whose credentials were used by the end user equipment involved in the online transaction to gain access to the network. 
     
     
         32 . The method defined in  claim 30 , wherein the online transaction is effected over a network after the end user equipment involved in the online transaction has gained access thereto and wherein the evidentiary information includes location information indicative of a location of the end user equipment involved in the online transaction when access to the network was gained. 
     
     
         33 . A method of identifying a suspect potentially responsible for effecting an online transaction associated with a transaction identifier, comprising:
 providing the transaction identifier to a transaction management entity;   obtaining from the transaction management entity evidentiary information pertaining to the end user equipment involved in the online transaction associated with the transaction identifier; and   identifying as a suspect a party associated with the evidentiary information.   
     
     
         34 . A network entity for participating in an online transaction taking place over a network, comprising:
 a memory; and   a processing unit configured to:
 obtain a transaction identifier associated with an online transaction and a logical identifier associated with end user equipment involved in the online transaction; 
 store in said memory a record that relates said transaction identifier to said logical identifier; and 
 transmit said transaction identifier and said logical identifier over the network to an entity responsible for storing a relationship between the transaction identifier and evidentiary information pertaining to end user equipment involved in said online transaction. 
   
     
     
         35 . The network entity defined in  claim 34 , wherein the evidentiary information includes information pertaining to a subscriber whose credentials were used by the end user equipment involved in the online transaction to gain access to the network. 
     
     
         36 . The method defined in  claim 34 , wherein the evidentiary information includes location information indicative of a location of the end user equipment involved in the online transaction when access to the network was gained.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.