US2017140386A1PendingUtilityA1
Transaction assessment and/or authentication
Est. expiryMay 15, 2029(~2.8 yrs left)· nominal 20-yr term from priority
G06Q 10/40G06Q 20/4014G06Q 20/40G06Q 20/405G06Q 20/3825G06Q 20/3821G06Q 20/4016G06Q 50/01G06Q 20/401
64
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Systems and methods for assessing and authenticating transactions. Some exemplary embodiments may authenticate transactions based at least in part on a comparison of a newly obtained electronic signature associated with a user with a previously obtained electronic signature associated with the user, where a payment instrument presented for use in the transaction is also associated with the user. Exemplary electronic signatures may comprise any information which may identify the user, such as browser fingerprints, computer fingerprints, IP addresses, geographic IP location information, information associated with a payment, and/or a typing pattern.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . An authentication system for electronic transactions occurring over a computerized network, the system comprising:
a transaction authentication system interface operatively coupled to the computerized network for receiving proposed transaction information over the computerized network; a user information database; and a transaction authentication tool, operatively coupled to the transaction authentication system interface and to the user information database and configured to:
receive, from the transaction authentication system interface, a request to utilize a payment instrument in a transaction;
receive, from the transaction authentication system interface,
information pertaining to the payment instrument,
information pertaining to a user computer system used to initiate the transaction, and
a collected electronic signature representation of a user including attributes associated with the user computer system, wherein the collected electronic signature representation includes browser fingerprint attributes associated with a browser, the browser fingerprint attributes including two or more attributes taken from the group consisting of:
operating system identity;
screen resolution;
time zone;
system language;
software plug-ins of the browser;
indication of whether Java is enabled in the browser;
indication of whether cookies are enabled in the browser; and
information pertaining to sites visited by the browser; and
determine, by the transaction authentication tool,
a match score between the collected electronic signature representation of the user associated with the user computer system and an electronic signature stored in the user information database to establish a user identity,
an indication of whether the payment instrument matches a payment instrument stored in the user information database,
an indication of whether the user computer system matches a computer identification stored in the user information database,
an indication of whether the user identity, the user computer system and the payment instrument have been previously used together, and
an indication of whether the user identity, the user computer system and the payment instrument have transaction reputations of a predetermined category; and
transmit, by the transaction authentication tool, one of:
an indication that the transaction be rejected, in response to the transaction authentication tool determining that the at least one of:
the user identity, the user computer system, and the payment instrument does not have transaction reputations of the predetermined category;
an indication that the transaction be subject to scrutiny of a first predetermined level, in response to the authentication transaction tool determining that:
the match score is above a threshold,
the payment instrument matches a payment instrument stored in the user information database,
the user computer system matches a computer identification stored in the user information database,
the user identity, the user computer system and the payment instrument have been previously used together, and
the user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category; and
an indication that the transaction be subject to scrutiny of the first predetermined level, in response to the authentication transaction tool determining that:
the match score is below the threshold,
the payment instrument matches a payment instrument stored in the user information database,
the user computer system matches a computer identification stored in the user information database,
the user identity, the user computer system and the payment instrument have been previously used together, and
the user identity, the user computer system and the payment instrument all have transaction reputations of the predetermined category.
2 . The authentication system of claim 1 , wherein the collected electronic signature representation stored in the user information database includes computer fingerprint attributes of the user computer system, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of:
processor characteristics of the user computer system; machine memory size of the user computer system; a value loaded at a predetermined location in the user computer system; a value loaded into a registry in an operating system of the user computer system; an Ethernet MAC address of the user computer system; network information of the user computer system; identification of a program loaded onto the user computer system; and a log file in the user computer system.
3 . The authentication system of claim 1 , wherein the browser fingerprint attributes further include information pertaining to social network friends of a user; and
4 . The authentication system of claim 1 , wherein the transaction authentication tool transmits an indication that the transaction be subject to scrutiny of a second predetermined level in response to the transaction authentication tool determining not to transmit the indication that the transaction be rejected and the indication that the transaction be subject to scrutiny of the first predetermined level.
5 . An authentication system over a computerized network, the system comprising:
an authentication system interface operatively coupled to the computerized network to receive:
proposed transaction information, and
identification information of a computer initiating the proposed transaction information;
at least one electronic storage device containing a user information database; and an authentication tool, operatively coupled to the authentication system interface and to the user information database and configured to:
store, in the user information database, electronic signature representations of users of accounts, wherein each respective electronic signature representation includes:
device information of a computing device used in the past to access an account among the accounts; and
user information of a user of the computing device;
wherein the device information includes:
browser fingerprint attributes of a browser running on the computing device, the browser fingerprint attributes including two or more attributes taken from the group consisting of:
operating system identity;
screen resolution;
time zone;
system language;
software plug-ins of the browser;
indication of whether Java is enabled in the browser;
indication of whether cookies are enabled in the browser; and
information pertaining to sites visited by the browser;
computer fingerprint attributes of the computing device, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of:
processor characteristics of the computing device;
machine memory size of the computing device;
a value loaded at a predetermined location in the computing device;
a value loaded into a registry in an operating system of the computing device;
an Ethernet MAC address of the computing device;
network information of the computing device;
identification of a program loaded onto the computing device; and
a log file in the computing device; and
wherein the user information includes user attributes of the user selected from the group consisting of:
user name;
address;
phone number;
typing rhythm;
email address; and
user identifier;
store, in the user information database, reputation data, including:
a reputation indicator of the computing device;
a reputation indicator of the user; and
a reputation indicator of the account;
receive, in the computing apparatus, contextual information of a request to access a first account, the contextual information including data collected from a first computing device in connection with the request to access the first account;
determine a match score between the contextual information of the request and a first electronic signature representation of a first user stored in the computing apparatus;
retrieve from the reputation data reputation indicators of the first computing device, the first account, and the first user;
calculate a trust score based on the match score, the reputation indicators of the first computing device, the first account, and the first user, and a strength indicator of a relation between the first account and the first computing device; and
authenticate the first user for the request to access the first account based at least in part on the trust score.
6 . The authentication system of claim 5 , wherein the identification information of the computer initiating the proposed transaction information includes at least one of:
a computer cookie, and an application programming interface. The authentication system of claim 5 , wherein the contextual information of the request includes: information pertaining to social network friends of the first user.
8 . The authentication system of claim 5 , wherein the computer fingerprint attributes of the computing device in which the browser is running further includes at least one attribute taken from the group consisting of:
operating system identity of the computing device; screen resolution of the computing device; time zone of the computing device; and system language of the computing device.
9 . The authentication system of claim 8 , wherein the browser fingerprint attributes of the browser running on the computing device includes at least one attribute taken from the group consisting of:
software plug-ins of the browser; indication of whether Java is enabled in the browser; indication of whether cookies are enabled in the browser; and information pertaining to sites visited by the browser.
10 . The authentication system of claim 9 , wherein the contextual information of the request includes:
information pertaining to social network friends of the first user.
11 . The authentication system of claim 9 , wherein the authentication tool determines, from the contextual information of the request, a second electronic signature representation, and determines the match score between the first electronic signature representation and the second electronic signature representation using a weighted consideration of at least some of attributes in the first electronic signature representation.
12 . The authentication system of claim 11 , wherein the weighted consideration is based at least in part upon matching attributes, non-matching attributes, and attributes not compared.
13 . The authentication system of claim 12 , wherein the weighted consideration is calculated using:
(match Weight 2 −(miss Weight×2)−notInRequest)×1000/maxPossible 2
wherein:
match Weight corresponds to a sum of weights of the matching attributes;
miss Weight corresponds to a sum of weights of the non-matching attributes;
notInRequest corresponds to a sum of weights of the attributes not compared; and
maxPossible corresponds to a sum of the weights of the matching attributes, non-matching attributes and attributes not compared.
14 . An authentication system over a computerized network, the system comprising:
an authentication system interface operatively coupled to the computerized network and receiving proposed transaction information over the computerized network; a user information database storing:
electronic signature representations of users of services provided by the computing apparatus, wherein each respective electronic signature representation includes:
device information of a computing device used in the past to access the services; and
user information of a user of the computing device;
wherein the device information includes:
browser fingerprint attributes of a browser running on the computing device, the browser fingerprint attributes including two or more attributes taken from the group consisting of:
operating system identity;
screen resolution;
time zone;
system language;
software plug-ins of the browser;
indication of whether Java is enabled in the browser;
indication of whether cookies are enabled in the browser; and
information pertaining to sites visited by the browser;
computer fingerprint attributes of the computing device, the computer fingerprint attributes including a plurality of attributes taken from the group consisting of:
processor characteristics of the computing device;
machine memory size of the computing device;
a value loaded at a predetermined location in the computing device;
a value loaded into a registry in an operating system of the computing device;
an Ethernet MAC address of the computing device;
network information of the computing device;
identification of a program loaded onto the computing device; and
a log file in the computing device; and
wherein the user information includes user attributes of the user selected from the group consisting of:
user name;
address;
phone number;
typing rhythm;
email address; and
user identifier; and
reputation data, including:
a reputation indicator of the computing device; and
a reputation indicator of the user;
an authentication tool, operatively coupled to the authentication system interface and to the user information database, the authentication tool:
receiving contextual information of a request to access a first service, the contextual information including data collected from a first computing device in connection with the request to access the first service;
determining a match score between the contextual information of the request and a first electronic signature representation of a first user stored in the computing apparatus;
retrieving, from the reputation data, reputation indicators of the first computing device, and the first user;
calculating a trust score based on the match score, the reputation indicators of the first computing device and the first user; and
authenticating the first user for the request to access the first service based at least in part on the trust score.
15 . The authentication system of claim 14 , wherein the match score is based on a sum of weights assigned to matched attributes between the contextual information and the first electronic signature representation, a sum of weights assigned to mismatched attributes between the contextual information and the first electronic signature representation, and a sum of weights assigned to missed attributes of the first electronic signature representation that are not in the contextual information.
16 . The authentication system of claim 15 , wherein the match score is calculated according to:
(match Weight 2 −(missWeight×2)−notInRequest)×1000/maxPossible 2
wherein:
match Weight is the sum of weights of the matched attributes;
miss Weight is the sum of weights of the mismatched attributes;
notInRequest is the sum of weights of the missed attributes; and
maxPossible is the sum of weights assigned to the matched attributes, the mismatched attributes, and the missed attributes.
17 . The authentication system of claim 16 , wherein the computer fingerprint attributes of the computing device in which the browser is running further includes at least one attribute taken from the group consisting of:
operating system identity of the computer of the individual; screen resolution of the computer of the individual; time zone of the computer of the individual; and system language of the computer of the individual.
18 . The authentication system of claim 16 , wherein the browser fingerprint attributes of the browser running in the computing device includes at least one attribute taken from the group consisting of:
software plug-ins of the browser; indication of whether Java is enabled in the browser; indication of whether cookies are enabled in the browser; and information pertaining to sites visited by the browser.
19 . The authentication system of claim 16 , wherein the respective electronic signature representation further includes information pertaining to social network friends of the user of the computing device in which the browser is running.
20 . The authentication system of claim 14 , wherein the trust score is computed based on applying a set of rules to the match score, and the reputation indicators of the first computing device and the first user.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.