Fraud analyst smart cookie
First Claim
1. A method for authenticating a transaction, the method comprising the steps of:
- a. storing on a server a behavior profile associated with a user, the behavior profile including one or more factors associated with the user, the behavior profile also including an encryption key associated with the user;
b. encrypting the one or more factors using an encryption key to create one or more encrypted factors;
c. storing a cookie on a client device, the cookie including the one or more encrypted factors;
d. initiating by the user the transaction using the client device;
e. deriving one or more factors from the transaction;
f. decrypting the one or more factors stored in the cookie using the encryption key to create one or more decrypted factors; and
g. authenticating the transaction by comparing the one or more factors in the behavior profile with the one or more decrypted factors.
1 Assignment
0 Petitions
Accused Products
Abstract
A fraudulent business transaction application (FBTA) is provided in embodiments of the present invention for monitoring fraudulent transactions. When a consumer supplies account access information in order to carry out an Internet business transaction, the FBTA uses an online fraud mitigation engine to detect phishing intrusions and identity theft. Embodiments are also provided for calculating travel velocity and transaction frequency, which are useful for determining a fraudulent transaction. Further embodiments are provided for authenticating a transaction using a cookie stored on a client device and a behavior profile stored on a server.
-
Citations
7 Claims
-
1. A method for authenticating a transaction, the method comprising the steps of:
-
a. storing on a server a behavior profile associated with a user, the behavior profile including one or more factors associated with the user, the behavior profile also including an encryption key associated with the user;
b. encrypting the one or more factors using an encryption key to create one or more encrypted factors;
c. storing a cookie on a client device, the cookie including the one or more encrypted factors;
d. initiating by the user the transaction using the client device;
e. deriving one or more factors from the transaction;
f. decrypting the one or more factors stored in the cookie using the encryption key to create one or more decrypted factors; and
g. authenticating the transaction by comparing the one or more factors in the behavior profile with the one or more decrypted factors. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7-25. -25. (canceled)
Specification