Credit card fraud prevention system and method
Abstract
A mobile computing device is adapted to transmit to a scoring server URLs of websites browsed using the device. The scoring server can compare these URLs against a merchant URL obtained within a preselected time period from transaction data resulting from a transaction involving a payment product of the device user. A score can be calculated based on the similarity between each URL obtained from the device and the URL from the transaction data. The score represents the likelihood that a website browsed using the device and, as a result, the transaction, is fraudulent. The browsed URLs can also be scored against a database of known fraudulent websites. A notification concerning the legitimacy of the transaction based on the score can be generated and sent to the mobile device in real-time. On receiving the notification, the device can be used to either accept or decline the transaction in real-time.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A payment product fraud prevention method, comprising:
automatically receiving by at least one computing device platform server first identifiers representing uniform resource locators associated with websites browsed using computing devices recognized by the at least one computing device platform server as being registered to a user, each of the first identifiers having been automatically obtained and transmitted from the registered computing devices during browsing; receiving by the at least one computing device platform server a second identifier from transaction authorization data resulting from a transaction involving a payment product associated with the user; using the at least one computing device platform server to:
compare the second identifier against ones of the first identifiers obtained within a preselected time period prior to the transaction, and
calculate at least one score based on a degree of similarity between the second identifier and one or more of the ones of the first identifiers obtained within the preselected time period prior to the transaction, the at least one score representing a likelihood that the transaction is fraudulent; and
causing a notification to be transmitted to the registered computing devices in substantially real time, the notification indicating the likelihood that the transaction is fraudulent.
2 . The method of claim 1 , further comprising causing the transaction to be one of blocked and accepted based at least in part on the at least one score.
3 . The method of claim 1 , further comprising storing the first identifiers and the at least one score such that the first identifiers and the at least one score are available for data mining.
4 . The method of claim 1 , wherein the notification includes a threat level indicating a severity of the transaction.
5 . The method of claim 4 , wherein the threat level is one of low, moderate and high.
6 . The method of claim 1 , further comprising prompting the user to one of confirm and deny the transaction.
7 . The method of claim 1 , wherein the notification includes at least one additional message.
8 . The method of claim 7 , wherein the at least one additional message includes a deposit account alert indicating that a check drawn on a financial account of the user has exceeded a preselected threshold amount.
9 . The method of claim 8 , further comprising prompting the user (i) to one of approve and decline the check, and (ii) when the check is declined, to submit a fraud claim.
10 . The method of claim 7 , wherein the at least one additional message includes at least one of an advertising, a marketing, and a promotional offer message.
11 . The method of claim 1 , wherein the first identifiers include a first merchant name, and wherein the second identifier is a second merchant name one of (i) from the transaction authorization data, and (ii) obtainable based on the transaction authorization data from a source other than the transaction authorization data.
12 . The method of claim 11 , wherein the source other than the transaction authorization data is at least one database of merchant names and their associated doing-business-as names.
13 . The method of claim 1 , wherein the second identifier is a merchant uniform resource locator one of (i) from the transaction authorization data, and (ii) obtainable based on the transaction authorization data from a source other than the transaction authorization data.
14 . The method of claim 13 , wherein the source other than the transaction authorization data is at least one database of merchant names and their associated doing-business-as names and their associated uniform resource locators.
15 . The method of claim 13 , wherein comparing the second identifier against the ones of the first identifiers obtained within a preselected time period prior to the transaction includes identifying a first, a second and a third uniform resource locator character substring in each of such first and second identifiers, and determining the number of characters that match by position between the (i) first substring of each of such first and second identifiers; (ii) second substring of each of such first and second identifiers, and (iii) third substring of each of such first and second identifiers.
16 . The method of claim 15 , wherein calculating the at least one score based on the degree of similarity between the second identifier and the one or more of the ones of the first identifiers obtained within a preselected time period prior to the transaction includes dividing the number of characters that match by position between the second substring of each of such first and second identifiers by the greater of the number of characters in (i) the second substring of such first identifiers or (ii) the second substring of the second identifier.
17 . The method of claim 15 , wherein calculating the at least one score based on the degree of similarity between the second identifier and the one or more of the ones of the first identifiers obtained within a preselected time period prior to the transaction includes adding together the number of characters that match by position between the first substring of each of such first and second identifiers and the third substring of each of such first and second identifiers to yield a sum, and dividing the sum by the greater of the number of characters in (i) both the first and second substrings combined of such first identifiers or (ii) both the first and second substrings combined of the second identifier.
18 . The method of claim 1 , further comprising comparing the ones of the first identifiers obtained within a preselected time period prior to the transaction against uniform resource locators of known fraudulent websites to determine whether such first identifiers correspond to any of the fraudulent websites.
19 . The method of claim 1 , wherein the payment product is one of a credit card, a charge card, and a debit card.
20 . The method of claim 1 , wherein the computing devices include at least one of a smartphone, a tablet computer, a laptop computer, a notebook computer, and a personal digital assistant.
21 . The method of claim 1 , further comprising receiving time stamp information indicating when each of the first identifiers were extracted and transmitted from the registered computing devices during browsing; and storing the time stamp information together with the first identifiers.
22 . The method of claim 1 , wherein receiving the first identifiers is effected only when a website checkout page is browsed using the registered computing devices.
23 . The method of claim 1 , further comprising updating a database identifying fraudulent websites based at least in part on the at least one score.
24 . A computer program product comprising a non-transitory medium storing computer executable program logic to:
cause a mobile computing device registered to a user to automatically transmit at least one first identifier to a scoring server, the at least one first identifier representative of at least one uniform resource locator associated with at least one website browsed using the mobile computing device; cause the mobile computing device to receive a notification concerning the legitimacy of a transaction involving a payment product associated with the user, the notification being based on a score calculated by at least one data processing device associated with the scoring server, the score being based on a degree of similarity between a second identifier obtained from data concerning the transaction and one or more of the at least one first identifier obtained within a preselected time period prior to the transaction; and enable the user to one of accept and decline the transaction in real-time using the mobile computing device.
25 . The computer program product of claim 24 , wherein causing the mobile computing device to automatically transmit the at least one first identifier to the scoring server is effected only when a checkout page of the at least one website is browsed using the mobile computing device.
26 . The computer program product of claim 24 , wherein the notification includes a threat level indicating a severity of the transaction.
27 . A payment product fraud prevention system, comprising:
a mobile computing device registered to a user and adapted to scrape at least one first identifier representative of a uniform resource locator associated with at least one website browsed using the mobile computing device; a scoring server, the scoring server being configured to receive (a) the at least one first identifier from the mobile computing device, and (b) a second identifier from transaction authorization data concerning a transaction involving a payment product associated with the user; and at least one data processing device associated with the scoring server, the at least one data processing device being adapted to (i) compare the second identifier against one or more of the at least one first identifier obtained within a preselected time period prior to the transaction, and (ii) calculate at least one score based on a degree of similarity between the second identifier and the one or more of the at least one first identifier, the at least one score representing a likelihood that the transaction is fraudulent; wherein the mobile computing device is further adapted to receive a notification sent one of directly and indirectly from the scoring server indicating the likelihood that the transaction is fraudulent.
28 . The system of claim 27 , further comprising at least one database storing uniform resource locators of fraudulent websites; and wherein the scoring server is configured to compare the at least one first identifier against the at least one database to determine whether the at least one first identifier corresponds to any of the fraudulent websites.
29 . The system of claim 27 , wherein the mobile computing device is adapted to enable the user to one of accept and decline the transaction in real-time.
30 . The system of claim 27 , wherein the mobile computing device is adapted to obtain the first identifier only when a checkout page of the website is browsed using the mobile computing device.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.