Methods and systems for fraud containment
First Claim
Patent Images
1. A computer-implemented method for device identification in a fraudulent electronic transaction, the computer-implemented method comprising:
- by one or more processors;
accessing an electronic repository storing at least;
a plurality of data records corresponding to a plurality of device identifiers, a plurality of account identifiers, and a plurality of relationship indicators, each of the plurality of relationship indicators associated with one more relationships among one or more of the plurality of device identifiers and one or more of the plurality of account identifiers;
receiving an electronic information data packet associated with an electronic fraudulent transaction and including a fraud event indicator;
parsing the electronic information data packet to identify a first fraud device identifier used to carry out the electronic fraudulent transaction, the first fraud device identifier corresponding to one of the plurality of device identifiers stored in the electronic repository;
executing an automated search of the electronic repository using one or more of the plurality of relationship indicators to identify;
(a) a first set of device identifiers of the plurality of device identifiers, the first set of device identifiers potentially related to the electronic fraudulent transaction, and (b) a first set of account identifiers of the plurality of account identifiers, the first set of account identifiers potentially related to the electronic fraudulent transaction;
calculating a first plurality of proximity indicators each associated with each of the first set of device identifiers, each of the first plurality of proximity indicators indicating a number of device identifiers or account identifiers between a device and the first fraud device identifier, the device flagged as a master perpetrator device if the proximity indicator is zero such that the device is used to access an account for committing the electronic fraudulent transaction;
generating a first plurality of assessment indicators based on the first plurality of proximity indicators and involvement factor rules, each of the first plurality of assessment indicators representing a first confidence level that the device is involved with a perpetrator associated with the electronic fraudulent transaction;
identifying a subset of the first set of device identifiers based at least on the first plurality of assessment indicators;
generating one or more electronic flags indicating that the subset of the first set of device identifiers are likely involved with the perpetrator associated with the electronic fraudulent transaction; and
generating a risk score for a victim circle the risk score representing a second confidence level that one or more potential victim accounts are compromised.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for fraud containment are provided in accordance with an embodiment of the invention. A fraud event may be detected. One or more devices that may be used in perpetrating the fraud event may be detected. Additionally one or more potential fraud victims, who may be grouped into victim circles may be detected. The threat level to the victims and/or victim circles may be assessed. In some instances, behavioral profiles may be utilized to make fraud assessments. Based on the threat level, recommendations for fraud containment responses may be provided.
45 Citations
17 Claims
-
1. A computer-implemented method for device identification in a fraudulent electronic transaction, the computer-implemented method comprising:
by one or more processors; accessing an electronic repository storing at least;
a plurality of data records corresponding to a plurality of device identifiers, a plurality of account identifiers, and a plurality of relationship indicators, each of the plurality of relationship indicators associated with one more relationships among one or more of the plurality of device identifiers and one or more of the plurality of account identifiers;receiving an electronic information data packet associated with an electronic fraudulent transaction and including a fraud event indicator; parsing the electronic information data packet to identify a first fraud device identifier used to carry out the electronic fraudulent transaction, the first fraud device identifier corresponding to one of the plurality of device identifiers stored in the electronic repository; executing an automated search of the electronic repository using one or more of the plurality of relationship indicators to identify;
(a) a first set of device identifiers of the plurality of device identifiers, the first set of device identifiers potentially related to the electronic fraudulent transaction, and (b) a first set of account identifiers of the plurality of account identifiers, the first set of account identifiers potentially related to the electronic fraudulent transaction;calculating a first plurality of proximity indicators each associated with each of the first set of device identifiers, each of the first plurality of proximity indicators indicating a number of device identifiers or account identifiers between a device and the first fraud device identifier, the device flagged as a master perpetrator device if the proximity indicator is zero such that the device is used to access an account for committing the electronic fraudulent transaction; generating a first plurality of assessment indicators based on the first plurality of proximity indicators and involvement factor rules, each of the first plurality of assessment indicators representing a first confidence level that the device is involved with a perpetrator associated with the electronic fraudulent transaction; identifying a subset of the first set of device identifiers based at least on the first plurality of assessment indicators; generating one or more electronic flags indicating that the subset of the first set of device identifiers are likely involved with the perpetrator associated with the electronic fraudulent transaction; and generating a risk score for a victim circle the risk score representing a second confidence level that one or more potential victim accounts are compromised. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A system for device identification in a fraudulent electronic transaction, the system comprising:
-
a web server for comprising one or more processors configured to execute at least a portion of a fraud containment system; a memory for storing computer instructions of the fraud containment system, the computer instructions, when executed, causing the one or more processors of the web server to; access an electronic repository storing at least;
a plurality of data records corresponding to a plurality of device identifiers, a plurality of account identifiers, and a plurality of relationship indicators, each of the plurality of relationship indicators associated with one more relationships among one or more of the plurality of device identifiers and one or more of the plurality of account identifiers;receive an electronic information data packet associated with an electronic fraudulent transaction and including a fraud event indicator; parse the electronic information data packet to identify a first fraud device identifier used to carry out the electronic fraudulent transaction, the first fraud device identifier corresponding to one of the plurality of device identifiers stored in the electronic repository; execute an automated search of the electronic repository using one or more of the plurality of relationship indicators to identify;
(a) a first set of device identifiers of the plurality of device identifiers, the first set of device identifiers potentially related to the electronic fraudulent transaction, and (b) a first set of account identifiers of the plurality of account identifiers, the first set of account identifiers potentially related to the electronic fraudulent transaction;calculate a first plurality of proximity indicators each associated with each of the first set of device identifiers, each of the first plurality of proximity indicators indicating a number of device identifiers or account identifiers between a device and the first fraud device identifier, the device flagged as a master perpetrator device if the proximity indicator is zero such that the device is used to access an account for committing the electronic fraudulent transaction; generate a first plurality of assessment indicators based on the first plurality of proximity indicators and involvement factor rules, each of the first plurality of assessment indicators representing a first confidence level that the device is involved with a perpetrator associated with the electronic fraudulent transaction; identify a subset of the first set of device identifiers based at least on the first plurality of assessment indicators; generate one or more electronic flags indicating that the subset of the first set of device identifiers are likely involved with the perpetrator associated with the electronic fraudulent transaction; and generate a risk score for a victim circle the risk score representing a second confidence level that one or more potential victim accounts are compromised. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. Non-transitory computer readable medium having stored thereon a computer program for device identification in a fraudulent electronic transaction, the computer program including executable instructions that instruct a computer system to at least:
-
access an electronic repository storing at least;
a plurality of data records corresponding to a plurality of device identifiers, a plurality of account identifiers, and a plurality of relationship indicators, each relationship indicator associated with one more relationships among one or more of the plurality of device identifiers and one or more of the plurality of account identifiers;receive an electronic information data packet associated with an electronic fraudulent transaction and including a fraud event indicator; parse the electronic information data packet to identify a first fraud device identifier used to carry out the electronic fraudulent transaction, the first fraud device identifier corresponding to one of the plurality of device identifiers stored in the electronic repository; execute an automated search of the electronic repository using one or more of the plurality of relationship indicators to identify;
(a) a first set of device identifiers of the plurality of device identifiers, the first set of device identifiers potentially related to the electronic fraudulent transaction, and (b) a first set of account identifiers of the plurality of account identifiers, the first set of account identifiers potentially related to the electronic fraudulent transaction;calculate a first plurality of proximity indicators each associated with each of the first set of device identifiers, each of the first plurality of proximity indicators indicating a number of device identifiers or account identifiers between a device and the first fraud device identifier, the device flagged as a master perpetrator device if the proximity indicator is zero such that the device is used to access an account for committing the electronic fraudulent transaction; generate a first plurality of assessment indicators based on the first plurality of proximity indicators and involvement factor rules, each of the first plurality of assessment indicators representing a first confidence level that the device is involved with a perpetrator associated with the electronic fraudulent transaction; identify a subset of the first set of device identifiers based at least on the first plurality of assessment indicators; generate one or more electronic flags indicating that the subset of the first set of device identifiers are likely involved with the perpetrator associated with the electronic fraudulent transaction; and generate a risk score for a victim circle the risk score representing a second confidence level that one or more potential victim accounts are compromised. - View Dependent Claims (14, 15, 16, 17)
-
Specification