Security system monitoring techniques by mapping received security score with newly identified security score
First Claim
Patent Images
1. A method, comprising:
- receiving, by executable instructions that execute on a hardware processor of a server from a non-transitory computer-readable storage medium over a network, a security score along with an alert rate for the security score, wherein receiving further includes identifying a particular security rule that relies on the security score and identifying an original scoring mechanism relied on by the particular security rule, wherein the alert rate is calculated as a total number of particular alerts generated for the particular security rule divided by a total number of transactions occurring over the network;
identifying, by the executable instructions, a new security score by matching the alert rate with the new security score;
mapping, by the executable instructions, the security score to the new security score in the original scoring mechanism;
triggering, by the executable instructions, over the network, a processing of an automated security action in response to the new security score;
processing, a transaction rule directed to a financial transaction with transaction information for the financial transaction and the new security rule as the automated security action; and
declining the financial transaction when the transaction rule evaluates to true.
7 Assignments
0 Petitions
Accused Products
Abstract
Security rules of a security system include original security scores as conditions for raising alerts. The original security scores are dependent on the underlying scoring mechanism of the security system. When the scoring mechanism is updated to produce new security scores, the security rules are updated ensuring that the alert rates associated with the original security scores match the alert rates associated with the new security scores, which replace the original security scores in the security rules.
21 Citations
20 Claims
-
1. A method, comprising:
-
receiving, by executable instructions that execute on a hardware processor of a server from a non-transitory computer-readable storage medium over a network, a security score along with an alert rate for the security score, wherein receiving further includes identifying a particular security rule that relies on the security score and identifying an original scoring mechanism relied on by the particular security rule, wherein the alert rate is calculated as a total number of particular alerts generated for the particular security rule divided by a total number of transactions occurring over the network; identifying, by the executable instructions, a new security score by matching the alert rate with the new security score; mapping, by the executable instructions, the security score to the new security score in the original scoring mechanism; triggering, by the executable instructions, over the network, a processing of an automated security action in response to the new security score; processing, a transaction rule directed to a financial transaction with transaction information for the financial transaction and the new security rule as the automated security action; and declining the financial transaction when the transaction rule evaluates to true. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
maintaining, by executable instructions that execute on a hardware processor from a non-transitory computer-readable medium over a network, an original mapping between original security scores and alert rates produced by an original scoring mechanism of a risk management system, wherein each alert rate calculated as a total number of particular alerts generated for a particular security rule divided by a total number of transactions occurring over the network, wherein the particular security rule relies on a particular original score and the original scoring mechanism; creating, by the executable instructions, a new mapping between new security scores and the alert rates produced by a new scoring mechanism that is to update the original scoring mechanism within the risk management system; updating, by the executable instructions, security rules that include the original security scores with the new security scores and maintaining for each security rule update a proper alert rate that corresponds to both that security rule'"'"'s original security score and a replacement new security score for that security rule by utilizing the original mapping and the new mapping; automatically triggering, by the executable instructions, over the network, a processing of a security action in response to evaluation of the updated security rules having the new security scores; processing, a transaction rule directed to a financial transaction with transaction information for the financial transaction and a particular one of the new security rules as the automated security action; and declining the financial transaction when the transaction rule evaluates to true. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system, comprising:
-
a processor configured to execute instructions representing a score mapper from memory or a non-transitory computer-readable storage medium, wherein the processor is part of a server accessible over a network; and the score mapper configured and adapted to;
i) execute on the processor, ii) maintain a linkage between original security scores embedded in security rules of a security system and alert rates, wherein each alert rate calculated as a total number of particular alerts generated for a particular security rule divided by a total number of transactions, wherein the particular secure rule relies on a particular security score associated with a scoring mechanism of the security system, iii) update the security rules with new security scores when the scoring mechanism of the security system is updated by maintaining a same alert rate for each updated security rule that existed prior to update;
iv) trigger over the network an automatic processing of a security action in response to evaluation of the updated security rules with the new security scores, v) process a transaction rule directed to a financial transaction with transaction information for the financial transaction and a particular one of the new security rules as the automated security action; and
vi) decline the financial transaction when the transaction rule evaluates to true. - View Dependent Claims (19, 20)
-
Specification