Systems and methods for detection of session tampering and fraud prevention
First Claim
1. A method of detecting an online transaction tampering, the method comprising:
- establishing a first online session regarding a first transaction between a computer and a first user device over a network;
establishing a first session ID for the first online session;
determining a type of transaction for the first transaction;
collecting a first set of device fingerprints during the first online session for the corresponding first session ID, a size of the first set of device fingerprints based at least on the type of transaction for the first transaction;
selecting a first device fingerprint from within the first set of device fingerprints, the first device fingerprint associated with a first location of a first electronic web page accessed during the first online session;
comparing the first device fingerprint to a subset of the first set of device fingerprints, the subset of device fingerprints collected at locations different from the first electronic web page; and
upon determination that the first device fingerprint is not identical to any of the subset of device fingerprints, generating an electronic indicator that the first online session has been compromised.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.
738 Citations
20 Claims
-
1. A method of detecting an online transaction tampering, the method comprising:
-
establishing a first online session regarding a first transaction between a computer and a first user device over a network; establishing a first session ID for the first online session; determining a type of transaction for the first transaction; collecting a first set of device fingerprints during the first online session for the corresponding first session ID, a size of the first set of device fingerprints based at least on the type of transaction for the first transaction; selecting a first device fingerprint from within the first set of device fingerprints, the first device fingerprint associated with a first location of a first electronic web page accessed during the first online session; comparing the first device fingerprint to a subset of the first set of device fingerprints, the subset of device fingerprints collected at locations different from the first electronic web page; and upon determination that the first device fingerprint is not identical to any of the subset of device fingerprints, generating an electronic indicator that the first online session has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for detecting that online session is compromised, the computer system comprising:
-
a network interface which establishes a connection with a first user device over a network; a hardware processor programmed to execute software instructions to cause a computer system to; establish a first online session regarding a first transaction between the computer system and the first user device; establish a first session ID for the first online session; determine a type of transaction for the first transaction; collect a first set of device fingerprints during the first online session for the corresponding first session ID, a size of the first set of device fingerprints based at least on the type of transaction for the first transaction; select a first device fingerprint from within the first set of device fingerprints, the first device fingerprint associated with a first location of a first electronic web page accessed during the first online session; compare the first device fingerprint to a subset of the first set of device fingerprints, the subset of device fingerprints collected at locations different from the first electronic web page; and upon determination that the first plurality of device fingerprints is not identical to any of the remainder of device fingerprints, generate an electronic indicator that the first online session has been compromised. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer storage having stored thereon a computer program, the computer program including executable instructions that instruct a computer system to at least:
-
establish a first online session regarding a first transaction between a computer system and a first user device over a network; establish a first session ID for the first online session; determine a type of transaction for the first transaction; collect a first set of device fingerprints during the first online session for the corresponding first session ID, a size of the first set of device fingerprints based at least on the type of transaction for the first transaction; select a first device fingerprint from within the first set of device fingerprints, the first device fingerprint associated with a first location of a first electronic web page accessed during the first online session; compare the first device fingerprint to a subset of the first set of device fingerprints, the subset of device fingerprints collected at locations different from the first electronic web page; and upon determination that the first plurality of device fingerprints is not identical to any of the remainder of device fingerprints, generate an electronic indicator that the first online session has been compromised. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification