Dynamically adaptive policy management for securing mobile financial transactions

US 10,360,625 B2
Filed: 06/22/2010
Issued: 07/23/2019
Est. Priority Date: 06/22/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively;

presenting, via an external terminal, an input request associated with a vertex of a security policy;

receiving, via the external terminal, user input in response to the input request;

predicting whether the user of the external terminal is the cooperative user or the noncooperative user by;

matching the user input to one of the plurality of patterns;

identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching;

comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and

designating the user as either the cooperative user or the noncooperative user based on a result of the comparing;

retrieving, from the database, a rule associated with the vertex;

selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting;

routing a communication session of the external terminal to a subsequent vertex via the selected edge;

generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex;

selecting, based on the pseudorandom number, a first edge of the subsequent vertex;

transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal;

receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data;

compiling, by the security services module, the user response to the false data;

gathering, by the security services module, information on a current hacking technique being utilized from the external terminal;

recording, by the security services module, an IP address of the external terminal;

transmitting, by the security services module, the IP address of the external terminal to a third party;

computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique;

computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor;

routing, by the security services module, the communication session to a decoy payoff vertex; and

transferring, by the security services module, the decoy payoff amount to the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for securing a mobile financial transaction using an adaptive security policy is provided by presenting, via an external terminal, an input request associated with a vertex of the security policy. User input is received via the external terminal in response to the input request. A rule associated with the vertex is retrieved from a database. An edge is selected from a plurality of edges associated with the vertex according to the retrieved rule. A communication session of the external terminal is routed to a subsequent vertex via the selected edge.

Citations

18 Claims

1. A method comprising:
- storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively;
  
  presenting, via an external terminal, an input request associated with a vertex of a security policy;
  
  receiving, via the external terminal, user input in response to the input request;
  
  predicting whether the user of the external terminal is the cooperative user or the noncooperative user by;
  
  matching the user input to one of the plurality of patterns;
  
  identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching;
  
  comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and
  
  designating the user as either the cooperative user or the noncooperative user based on a result of the comparing;
  
  retrieving, from the database, a rule associated with the vertex;
  
  selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting;
  
  routing a communication session of the external terminal to a subsequent vertex via the selected edge;
  
  generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex;
  
  selecting, based on the pseudorandom number, a first edge of the subsequent vertex;
  
  transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal;
  
  receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data;
  
  compiling, by the security services module, the user response to the false data;
  
  gathering, by the security services module, information on a current hacking technique being utilized from the external terminal;
  
  recording, by the security services module, an IP address of the external terminal;
  
  transmitting, by the security services module, the IP address of the external terminal to a third party;
  
  computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique;
  
  computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor;
  
  routing, by the security services module, the communication session to a decoy payoff vertex; and
  
  transferring, by the security services module, the decoy payoff amount to the user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the rule includes at least one of a random number-based rule, a percentage-based rule, a user input-based rule, a security-related data-based rule, or a hybrid rule.
  - 3. The method of claim 1, wherein the vertex is further associated with at least one of a request for additional data from the user, a modification of a security measure, a sub-game including additional vertices and edges, or a compilation of data and a forwarding of the compilation of the data to a computer system of an authority for further investigation.
  - 4. The method of claim 1, wherein the predicting further includes predicting whether the user of the external terminal is the cooperative user or the noncooperative user based on statistics stored in the database, andwherein the selecting the edge from the plurality of edges associated with the vertex according to the retrieved rule further includes:
    - selecting a first edge from the plurality of edges if the user is predicted to be the cooperative user;
      
      orselecting a second edge from the plurality of edges if the user is predicted to be the noncooperative user.
  - 5. The method of claim 4, further comprising:
    - presenting honeypot data to the user of the external terminal if the user is predicted to be the noncooperative user.
  - 6. The method of claim 1, wherein the input request includes a request for a confirmation of inaccurate financial transaction history, and wherein the user is predicted to be the noncooperative user if the confirmation is received from the user via the external terminal.

7. A system comprising:
- a security services module, including a processor coupled to a memory, operable to;
  
  store, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively;
  
  present, via an external terminal, an input request associated with a vertex of a security policy;
  
  receive, via the external terminal, user input in response to the input request;
  
  predict whether the user of the external terminal is the cooperative user or the noncooperative user by;
  
  matching the user input to one of the plurality of patterns;
  
  identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching;
  
  comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and
  
  designating the user as either the cooperative user or the noncooperative user based on a result of the comparing;
  
  retrieve, from the database, a rule associated with the vertex;
  
  select an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting;
  
  route a communication session of the external terminal to a subsequent vertex via the selected edge;
  
  generate, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex;
  
  select, based on the pseudorandom number, a first edge of the subsequent vertex;
  
  transmit, by the security services module and in response to the selecting the first edge, false data to the external terminal;
  
  receive, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data;
  
  compile, by the security services module, the user response to the false data;
  
  gather, by the security services module, information on a current hacking technique being utilized from the external terminal;
  
  record, by the security services module, an IP address of the external terminal;
  
  transmit, by the security services module, the IP address of the external terminal to a third party;
  
  compute, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique;
  
  compute, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor;
  
  route, by the security services module, the communication session to a decoy payoff vertex; and
  
  transfer, by the security services module, the decoy payoff amount to the user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the rule includes at least one of a random number-based rule, a percentage-based rule, a user input-based rule, a security-related data-based rule, or a hybrid rule.
  - 9. The system of claim 7, wherein the vertex is further associated with at least one of a request for additional data from the user, a modification of a security measure, a sub-game including additional vertices and edges, or a compilation of data and a forwarding of the compilation of the data to a computer system of an authority for further investigation.
  - 10. The system of claim 7, wherein the processor is further operable to:
    - predict whether the user of the external terminal is the cooperative user or the noncooperative user based on statistics stored in the database;
      
      select a first edge from the plurality of edges if the user is predicted to be the cooperative user; and
      
      select a second edge from the plurality of edges if the user is predicted to be the noncooperative user.
  - 11. The system of claim 10, wherein the processor is further operable to:
    - present honeypot data to the user of the external terminal if the user is predicted to be the noncooperative user.
  - 12. The system of claim 7, wherein the input request includes a request for a confirmation of inaccurate financial transaction history, and wherein the user is predicted to be the noncooperative user if the confirmation is received from the user via the external terminal.

13. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to perform:
- storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively;
  
  presenting, via an external terminal, an input request associated with a vertex of a security policy;
  
  receiving, via the external terminal, user input in response to the input request;
  
  predicting whether the user of the external terminal is the cooperative user or the noncooperative user by;
  
  matching the user input to one of the plurality of patterns;
  
  identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching;
  
  comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and
  
  designating the user as either the cooperative user or the noncooperative user based on a result of the comparing;
  
  retrieving, from the database, a rule associated with the vertex;
  
  selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting;
  
  routing a communication session of the external terminal to a subsequent vertex via the selected edge;
  
  generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex;
  
  selecting, based on the pseudorandom number, a first edge of the subsequent vertex;
  
  transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal;
  
  receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data;
  
  compiling, by the security services module, the user response to the false data;
  
  gathering, by the security services module, information on a current hacking technique being utilized from the external terminal;
  
  recording, by the security services module, an IP address of the external terminal;
  
  transmitting, by the security services module, the IP address of the external terminal to a third party;
  
  computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique;
  
  computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor;
  
  routing, by the security services module, the communication session to a decoy payoff vertex; and
  
  transferring, by the security services module, the decoy payoff amount to the user.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer-readable medium of claim 13, wherein the rule includes at least one of a random number-based rule, a percentage-based rule, a user input-based rule, a security-related data-based rule, or a hybrid rule.
  - 15. The computer-readable medium of claim 13, wherein the vertex is further associated with at least one of a request for additional data from the user, a modification of a security measure, a sub-game including additional vertices and edges, or a compilation of data and a forwarding of the compilation of the data to an authority computer system of an authority for further investigation.
  - 16. The computer-readable medium of claim 13, wherein the sequences of instructions further include instructions, which, when executed by the computer system, cause the computer system to perform:
    - predicting whether the user of the external terminal is the cooperative user or the noncooperative user based on statistics stored in the database;
      
      selecting a first edge from the plurality of edges if the user is predicted to be the cooperative user; and
      
      selecting a second edge from the plurality of edges if the user is predicted to be the noncooperative user.
  - 17. The computer-readable medium of claim 16, wherein the sequences of instructions further include instructions, which, when executed by the computer system, cause the computer system to perform:
    - presenting honeypot data to the user of the external terminal if the user is predicted to be the noncooperative user.
  - 18. The computer-readable medium of claim 13, wherein the input request includes a request for a confirmation of inaccurate financial transaction history, and wherein the user is predicted to be the noncooperative user if the confirmation is received from the user via the external terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bailey, Jr., Samuel A.
Primary Examiner(s)
Detweiler, James M
Assistant Examiner(s)
Mandel, Monica A

Application Number

US12/820,190
Publication Number

US 20110313930A1
Time in Patent Office

3,318 Days
Field of Search

705 50- 79
US Class Current
CPC Class Codes

G06Q 10/10   Office automation; Time man...

G06Q 20/382   insuring higher security of...

G06Q 40/00   Finance; Insurance; Tax str...

Dynamically adaptive policy management for securing mobile financial transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamically adaptive policy management for securing mobile financial transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links