Keystroke analysis
First Claim
Patent Images
1. A computer-implemented method for authenticating an online session, the method comprising:
- establishing, by a computer processor of a fraud detection server, a first online session with a remote computing device, the remote computing device configured to establish a second online session for an online transaction, wherein the online transaction involves an electronic form with a plurality of user input fields;
receiving, by the computer processor of the fraud detection server, a plurality of field data strings from the remote computing device via the first online session, the plurality of field data strings comprising user inputs for the plurality of user input fields;
for each field data string of the plurality of field data strings;
identifying, by the computer processor of the fraud detection server, a plurality of ordered alpha-numeric characters in the field data string;
determining, by the computer processor of the fraud detection server, whether one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with a shift key; and
calculating, by the computer processor of the fraud detection server, a field data string score based on the determination of whether the one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with the shift key, wherein the field data string score is adjusted to reflect less risk in response to a determination that the one or more alpha-numeric characters are entered with the shift key; and
calculating, by the computer processor of the fraud detection server, a transaction risk score associated with the online transaction, the transaction risk score calculated using the field data string scores;
determining, by the computer processor of the fraud detection server, whether the online transaction is potentially fraudulent based on the transactional score; and
in response to a determination that the online transaction is potentially fraudulent, providing, by the computer processor of the fraud detection server, an indication to the remote computing device that the online transaction is potentially fraudulent.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method and device for detecting keystroke entries in a field entered by keyboard in connection with an online transaction that may be fraudulent or erroneous. A score can be assigned to a keystroke based upon its distance from another keystroke. The scores of keystrokes in a string can be summed to obtain a string score. The string score can be normalized by dividing the string score by the number of keystrokes summed to obtain the normalized string score. A risk of fraud or error can be determined based upon the value of the normalized string score in comparison to a predetermined value.
-
Citations
18 Claims
-
1. A computer-implemented method for authenticating an online session, the method comprising:
-
establishing, by a computer processor of a fraud detection server, a first online session with a remote computing device, the remote computing device configured to establish a second online session for an online transaction, wherein the online transaction involves an electronic form with a plurality of user input fields; receiving, by the computer processor of the fraud detection server, a plurality of field data strings from the remote computing device via the first online session, the plurality of field data strings comprising user inputs for the plurality of user input fields; for each field data string of the plurality of field data strings; identifying, by the computer processor of the fraud detection server, a plurality of ordered alpha-numeric characters in the field data string; determining, by the computer processor of the fraud detection server, whether one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with a shift key; and calculating, by the computer processor of the fraud detection server, a field data string score based on the determination of whether the one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with the shift key, wherein the field data string score is adjusted to reflect less risk in response to a determination that the one or more alpha-numeric characters are entered with the shift key; and calculating, by the computer processor of the fraud detection server, a transaction risk score associated with the online transaction, the transaction risk score calculated using the field data string scores; determining, by the computer processor of the fraud detection server, whether the online transaction is potentially fraudulent based on the transactional score; and in response to a determination that the online transaction is potentially fraudulent, providing, by the computer processor of the fraud detection server, an indication to the remote computing device that the online transaction is potentially fraudulent. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for authenticating an online session, the system comprising:
-
a fraud detection server configured to establish an online session with a remote computing device; a memory configured to store computer-executable instructions; and
one or more processors of the fraud detection server in communication with the memory, the processor, when executing the computer-executable instructions, configured to;establish a first online session with the remote computing device, the remote computing device configured to establish a second online session for an online transaction, wherein the online transaction involves an electronic form with a plurality of user input fields; receive a plurality of field data strings from the remote computing device via the first online session, the plurality of field data strings comprising user inputs for the plurality of user input fields; for each field data string of the plurality field data strings; identify a plurality of ordered alpha-numeric characters in the field data string; determine whether one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with a shift key; and calculate a field data string score based on the determination of whether the one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with the shift key, wherein the field data string score is adjusted to reflect less risk in response to a determination that the one or more alpha-numeric characters are entered with the shift key; calculate a transaction risk score associated with the online transaction, the transaction risk score calculated using the field data string scores; determine, based on the transactional score, whether the online transaction is potentially fraudulent; and in response to a determination that the online transaction is potentially fraudulent, provide an indication to the remote computing device that the online transaction is potentially fraudulent. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. Non-transitory computer storage having stored thereon a computer program, the computer program including computer-executable instructions that instruct a computer system to at least:
-
establish a first online session with a remote computing device, the remote computing device configured to establish a second online session for an online transaction, wherein the online transaction involves an electronic form with a plurality of user input fields; receive, via the first online session, a plurality of field data strings from the remote computing device comprising user inputs for the plurality of user input fields; for each field data string of the plurality field data strings; identify a plurality of ordered alpha-numeric characters in the field data string; determine whether one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with a shift key; and calculate a field data string score based on the determination of whether the one or more of alpha-numeric characters in the plurality of the alpha-numeric characters are entered with the shift key, wherein the field data string score is adjusted to reflect less risk in response to a determination that the one or more alpha-numeric characters are entered with the shift key; calculate a transaction risk score associated with the online transaction, the transaction risk score calculated using the field data string scores; determine, based on the transactional score, whether the online transaction is potentially fraudulent; and in response to a determination that the online transaction is potentially fraudulent, provide an indication to the remote computing device that the online transaction is potentially fraudulent. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification