Fraud risk advisor

US 20060282285A1
Filed: 08/24/2006
Published: 12/14/2006
Est. Priority Date: 09/17/2004
Status: Active Grant

First Claim

Patent Images

1-8. -8. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A fraudulent business transaction application (FBTA) is provided for monitoring application based fraud. When a consumer supplies account access information in order to carry out an Internet business transaction, the FBTA uses an online fraud mitigation engine to detect phishing intrusions and identity theft. Methods are also provided for calculating travel velocity and transaction frequency, which are useful for determining a fraudulent transaction.

Citations

43 Claims

1-8. -8. (canceled)

9. A method for determining if an online transaction is fraudulent, comprising the steps of:
- computing one or more factors based on the IP address of the user, wherein at least one factor is the travel velocity of the user between a first access location and a second access location; and
  
  determining whether the transaction is fraudulent based on the one or more factors.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 10. The method of claim 9, wherein the determining step comprises determining whether the transaction is fraudulent by applying one or more rules to at least one factor.
  - 11. The method of claim 9, wherein the user'"'"'s travel velocity is determined according to the steps of:
    - determining for the user the first access location based a first IP address;
      
      determining for the user a first access time;
      
      determining for the user the second access location based on a second IP address;
      
      determining for the user a second access time; and
      
      calculating the user'"'"'s travel velocity between the first access location and the second access location as a function of the first access location and the first access time and the second access location and the second access time.
  - 12. The method of claim 11, wherein the calculating the user'"'"'s travel velocity step comprises the steps of:
    - computing a distance between the first access location and the second access location;
      
      computing a time difference between the first access time and the second access time; and
      
      calculating the travel velocity between the first access location and the second access location by dividing the computed distance by the computed time difference.
  - 13. The method of claim 9, further comprising forwarding the determination to a client for further processing by the client.
  - 14. The method of claim 9, further comprising generating a report based on the determination.
  - 15. The method of claim 9, further comprising generating a risk score associated with the transaction.
  - 16. The method of claim 15, further comprising storing the risk score in a database.
  - 17. The method of claim 15, wherein a client assigns a threshold level for comparison with the risk score.
  - 18. The method of claim 17, wherein the transaction is determined to be fraudulent when the risk score exceeds the threshold level.
  - 19. The method of claim 15, wherein the risk score is generated in real time.
  - 20. The method of claim 9, further comprising accessing the determination by a client.
  - 21. The method of claim 9, wherein the client may designate whether or not the transaction is fraudulent.
  - 22. The method of claim 9, wherein at least one of the one or more factors is static or dynamic.
  - 23. The method of claim 9, wherein a factor comprises a country, region or city associated with the IP address.
  - 24. The method of claim 9, wherein a factor is a proximity of the user in comparison to a purported location of the user associated with the IP address.
  - 25. The method of claim 9, wherein a factor is an address supplied by a client for comparison with an address associated with the IP address.
  - 26. The method of claim 9, wherein a factor is an area code and a telephone number supplied by a client for comparison with an area code and a telephone number stored in a database that is associated with the client.
  - 27. The method of claim 9, wherein a factor is an email address supplied by a client for validation.
  - 28. The method of claim 9, wherein a factor is an access behavior associated with the user based on transaction habits stored in a database that are compared with a current transaction.
  - 29. The method of claim 9, wherein a factor is a frequency in which the transaction is attempted within a predetermined period of time.
  - 30. The method of claim 9, wherein a factor is a velocity with which a single IP address accesses or uses multiple unique identifiers within a specified period of time.
  - 31. The method of claim 9, wherein a client may assign a threshold level for at least one of the one or more factors.
  - 32. The method of claim 9, wherein a client may create one or more user defined factors.
  - 33. The method of claim 9, wherein a client may define constraint rules for at least one of the one or more factors.
  - 34. The method of claim 9, wherein the first access location is determined from a behavior profile associated with the user.
  - 35. The method of claim 9, wherein the first access location is based on the user'"'"'s last valid access location.
  - 36. The method of claim 9, wherein the second access location and the second access time are the user'"'"'s current access location and current access time.
  - 37. The method of claim 9, wherein information about the second access location is stored in a behavior profile associated with the user.
  - 38. The method of claim 9, wherein information about the first access location and the second access location is stored in a database.
  - 39. The method of claim 9, wherein a factor comprises a connection type associated with the IP address, where connection type includes dial-up, Integrated Services Digital Network (ISDN), cable modem, Digital Subscriber Line (DSL), Digital Signal 1 (T1), or Optical Carrier 3 (OC3).
  - 40. The method of claim 9, wherein a factor comprises a connection type stored in a behavior profile associated with the user, where connection type includes dial-up, Integrated Services Digital Network (ISDN), cable modem, Digital Subscriber Line (DSL), Digital Signal 1 (T1), or Optical Carrier 3 (OC3).
  - 41. The method of claim 9, wherein a factor comprises a host type associated with the IP address of the user, where host type includes network end point, network proxy, or network firewall.
  - 42. The method of claim 9, wherein a factor comprises a domain name stored in a behavior profile associated with the user.

43-47. -47. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David Helsper, Dennis Maicon
Original Assignee
David Helsper, Dennis Maicon
Inventors
Helsper, David, Maicon, Dennis

Granted Patent

US 7,708,200 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/238
CPC Class Codes

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

G06Q 50/265   Personal security, identity...

Fraud risk advisor

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Fraud risk advisor

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links