Authentication of client devices using modified images
First Claim
1. A computer program for detection of phishing attacks to be stored by one or more non-transitory computer-readable media of a server system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the server system is to cause the server system to:
- obtain, from a user system, a first message comprising a request for a login page and first user information associated with the user system other than authentication credentials for accessing a platform provided by the server system;
modify, based on the first user information, a first image to obtain a second image;
provide, to the user system in response to the first message, a second message comprising the login page and the second image;
obtain, from the user system, a third message comprising the authentication credentials for accessing the platform, second user information other than the authentication credentials, and a third image, wherein the third image is a version of the second image as rendered by the user system; and
authenticate the user system using the authentication credentials and based on the second user information and third user information embedded in the third image, the third user information not including the authentication credentials.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for detecting phishing attacks and identifying attackers are described. In embodiments, a server system may modify a template image based on user information and provide the modified image to a user system with a login page. The server system may obtain authentication credentials with an image rendered by the user system. The server system may authenticate the user system based on the authentication credentials and information included in the rendered image. Other embodiments may be described and/or claimed.
-
Citations
19 Claims
-
1. A computer program for detection of phishing attacks to be stored by one or more non-transitory computer-readable media of a server system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the server system is to cause the server system to:
-
obtain, from a user system, a first message comprising a request for a login page and first user information associated with the user system other than authentication credentials for accessing a platform provided by the server system; modify, based on the first user information, a first image to obtain a second image; provide, to the user system in response to the first message, a second message comprising the login page and the second image; obtain, from the user system, a third message comprising the authentication credentials for accessing the platform, second user information other than the authentication credentials, and a third image, wherein the third image is a version of the second image as rendered by the user system; and authenticate the user system using the authentication credentials and based on the second user information and third user information embedded in the third image, the third user information not including the authentication credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program to authenticate a user system to be stored by one or more non-transitory computer-readable media of the user system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the user system is to cause the user system to:
-
provide, to a server system, a first message to request a login page, wherein the first message comprises user information associated with the user system; obtain, from the server system in response to the request message, a second message comprising the login page with a user-specific image, wherein the user-specific image is a version of a template image that is modified based on the user information, and wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image; render, in an application container implemented by the user system, the login page including the user-specific image; and provide, to the server system via an interface of the login page, a third message comprising authentication credentials and a rendered image, wherein; the rendered image is a version of the user-specific image as rendered in the application container, and the rendered image and the authentication credentials are to be used by the server system to authenticate the user system. - View Dependent Claims (12, 13, 14)
-
-
15. A server system comprising:
-
a communications system to; obtain, from a user system, a first message to request a login page with first user information, send, to the user system in response to the request, a second message including the login page and a user-specific image, wherein the user-specific image is a modified version of a template image based on the first user information, and obtain, from the user system, a third message including authentication credentials, a rendered image, and second user information, wherein the rendered image is a version of the user-specific image as rendered by the user system; and a hardware processor system including a memory device, the hardware processor system communicatively coupled with the communication system, and the hardware processor system is to; generate the user-specific image by modification of the template image to include the first user information, wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image, extract second user information from the third message, and extract third user information from the rendered image, and authenticate the user system based on the authentication credentials and the second and third user information. - View Dependent Claims (16, 17, 18, 19)
-
Specification