Device, system, and method of differentiating over multiple accounts between legitimate user and cyber-attacker
First Claim
1. A method comprising:
- (a) detecting that within a pre-defined period of time, a single user is attempting to access, via a single computing device,a first account that belongs to a first account-owner, and a second account that belongs to a second account-owner;
(b) querying a database that stores data about real-life relationship between people, and determining existence of a real-life family linkage or a real-life business linkage, between the first account owner and the second account-owner;
(c) based on said real-life linkage, determining that said single user is a legitimate human user that is genuinely associated with each one of said accounts, and is not a cyber-attacker that is illegitimately attempting to access multiple accounts.
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of user authentication, as well as automatic differentiation between a legitimate user and a cyber-attacker. A system detects that two different accounts of the same computerized service, were accessed by a single computing device over a short period of time. The system may employ various techniques in order to determine automatically whether a legitimate user accessed the two different account, such as, a husband accessing his own bank account and shortly after that accessing also his wife'"'"'s bank account, or a payroll company accessing bank accounts of two clients for payroll management purposes. Conversely, the system is able to detect that the same user exhibited the same pattern of interactions when operating the two accounts, a pattern of interactions that does not frequently appear in the general population of legitimate users, thereby indicating that the single user is a cyber-attacker.
-
Citations
33 Claims
-
1. A method comprising:
-
(a) detecting that within a pre-defined period of time, a single user is attempting to access, via a single computing device, a first account that belongs to a first account-owner, and a second account that belongs to a second account-owner; (b) querying a database that stores data about real-life relationship between people, and determining existence of a real-life family linkage or a real-life business linkage, between the first account owner and the second account-owner; (c) based on said real-life linkage, determining that said single user is a legitimate human user that is genuinely associated with each one of said accounts, and is not a cyber-attacker that is illegitimately attempting to access multiple accounts. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification