Network security and fraud detection system and method

US 20050278542A1
Filed: 02/15/2005
Published: 12/15/2005
Est. Priority Date: 06/14/2004
Status: Active Grant

First Claim

Patent Images

1. A computer implemented network security and fraud detection and prevention method for a system with one or more network service providers that provides a service and a network device that connects to at least one of the network service providers over a communications network to use the provided service, the method comprising:

gathering information about the network device to generate a device identifier that identifies the network device;

storing the device identifier in the database;

associating the device identifier with and one or more reputation factors to generate a reputation of the network device; and

sharing the reputation of the network device between the one or more network service providers to detect fraud using the network device across the network service providers.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to detect and prevent fraud in a system is provided. The system may uniquely identify physical devices connecting to a network, register unique devices, track end-user logins, associate end-user accounts with specific devices, and share information with multiple network service providers is described.

316 Citations

32 Claims

1. A computer implemented network security and fraud detection and prevention method for a system with one or more network service providers that provides a service and a network device that connects to at least one of the network service providers over a communications network to use the provided service, the method comprising:
- gathering information about the network device to generate a device identifier that identifies the network device;
  
  storing the device identifier in the database;
  
  associating the device identifier with and one or more reputation factors to generate a reputation of the network device; and
  
  sharing the reputation of the network device between the one or more network service providers to detect fraud using the network device across the network service providers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprising generating a network device identifier for each network device that connects to at least one network service provider wherein the network device identifier uniquely identifies each network device in combination with the device identifier.
  - 3. The method of claim 1 further comprising validating each network device on a periodic random basis.
  - 4. The method of claim 1 further comprising validating each network device upon connection of the network device to the network service provider.
  - 5. The method of claim 1 further comprising validating each network device when the network device logs onto the network service provider.
  - 6. The method of claim 1 further comprising validating each network device when the network device performs a transaction with the network service provider.
  - 7. The method of claim 1 further comprising validating each network device each time that the network device re-connects to the network service provider.
  - 8. The method of claim 1, wherein the reputations factors further comprise one or more of end-user account information provided by the network service provider, a credit card account number of a user, a fingerprint of the user, an email address of the user, a phone number of the user, a physical address of the user and a cellular phone number of the user.

9. A network security and fraud detection and prevention system, comprising:
- one or more network service providers that provides a service;
  
  a network device that connects to at least one of the network service providers over a communications network to use the provided service; and
  
  at least one network service provider further comprising a fraud detector comprising a client wherein the client gathers information about the network device to generate a device identifier that identifies the network device, a database, and a module that receives the device identifier, stores the device identifier in the database and associates the device identifier with one or more reputation factors to generate a reputation of the network device and wherein the reputation of the network device is shared between the one or more network service providers to detect fraud using the network device across the network service providers.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 10. The system of claim 9, wherein the database further comprises a plurality of records wherein each record further comprises a host field containing an identifier of a particular network service provider, a user account information field containing information from the particular network service provider that identifies a particular user and the device identifier that uniquely identifies the particular network device.
  - 11. The system of claim 9, wherein the fraud detector further comprises a module that generates a network device identifier for each network device that connects to at least one network service provider wherein the network device identifier uniquely identifies each network device in combination with the device identifier.
  - 12. The system of claim 11, wherein the device identifier further comprises a fingerprint.
  - 13. The system of claim 9, wherein the fraud detector validates each network device on a periodic random basis.
  - 14. The system of claim 9, wherein the fraud detector validates each network device upon connection of the network device to the network service provider.
  - 15. The system of claim 9, wherein the fraud detector validates each network device when the network device logs onto the network service provider.
  - 16. The system of claim 9, wherein the fraud detector validates each network device when the network device performs a transaction with the network service provider.
  - 17. The system of claim 9, wherein the fraud detector validates each network device each time that the network device re-connects to the network service provider.
  - 18. The system of claim 9, wherein the device identifier further comprises a fingerprint.
  - 19. The system of claim 9, wherein the device identifier further comprises a serial number for a cellular phone.
  - 20. The system of claim 9, wherein the client is embedded in a software application being downloaded to the network device from the network service provider.
  - 21. The system of claim 9, wherein the client is a stand-alone software application that is downloaded to the network device from the network service provider.
  - 22. The system of claim 9, wherein the client is a piece of code that is automatically downloaded to the network device from the network service provider.
  - 23. The system of claim 9, wherein the client is downloaded to the network device when the network device connects to the network service provider.
  - 24. The system of claim 9, wherein the network device further comprises one of a cellular phone, a personal digital assistant, a laptop computer, a personal computer and a telephone.
  - 25. The system of claim 9, wherein the reputations factors further comprise one or more of end-user account information provided by the network service provider, a credit card account number of a user, a fingerprint of the user, an email address of the user, a phone number of the user, a physical address of the user and a cellular phone number of the user.

26. A computer based user account authentication system, comprising:
- one or more network service providers that provides a service;
  
  a first network device that connects to at least one of the network service providers over a communications network to use the provided service; and
  
  at least one network service provider having a fraud detector unit that further comprises;
  
  a client wherein the client gathers information about the network device to generate a device identifier that identifies the network device;
  
  a database;
  
  a module that receives the device identifier, stores the device identifier in the database and associates the device identifier with end-user account information provided by the network service provider; and
  
  a user account module that compares the device identifier for the first network device with a list of one or more network devices approved to access the user account stored in the database and determines if the first network device accesses the user account based on the list of approved network devices.
- View Dependent Claims (27, 28, 29)
- - 27. The system of claim 26, wherein the user account module further comprises computer instructions that notify a holder of the user account if the first network device is not approved to access the user account and computer instructions that deny access to the user account if the first network device is not approved.
  - 28. The system of claim 26, wherein instructions notifying the holder of the user account further comprises instructions that determine if the holder approves the first network device to access the user account even if the first network device is not on the list of network devices approved to access the user account and instructions that permit access to the user account if the first network device is approved by the holder of the user account.
  - 29. The system of claim 28, wherein the instructions that permit access to the user account further comprises instructions that add the first network device to the list of network devices approved to access the user account.

30. A user account authentication method comprising:
- determining a unique identifier for a first network device that is requesting access to a user account;
  
  comparing the unique identifier for the first network device with a list of one or more network devices approved to access the user account;
  
  notifying a holder of the user account if the first network device is not approved to access the user account; and
  
  denying access to the user account if the first network device is not approved.
- View Dependent Claims (31, 32)
- - 31. The method of claim 30, wherein notifying the holder of the user account further comprises determining if the holder approves the first network device to access the user account even if the first network device is not on the list of network devices approved to access the user account and permitting access to the user account if the first network device is approved by the holder of the user account.
  - 32. The method of claim 31, wherein permitting access to the user account further comprises adding the first network device to the list of network devices approved to access the user account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
iovation Incorporated
Original Assignee
iovation Incorporated
Inventors
Pierson, Greg, DeHaan, Jason

Granted Patent

US 8,776,225 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/0876 based on the identity of th...

Network security and fraud detection system and method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

316 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Network security and fraud detection system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

316 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links