Method and system for identifying users and detecting fraud by use of the internet

US 20070239606A1
Filed: 09/29/2005
Published: 10/11/2007
Est. Priority Date: 03/02/2004
Status: Active Grant

First Claim

Patent Images

1. A method for identifying a computer comprising the steps of:

obtaining selected information about the computer during an online connection including a local time according to a resident computer clock and at least one non-personal identification parameter;

measuring a local server time from a website server clock;

calculating a delta of time parameter based upon a difference in time between the local server time and the local time according to the resident computer clock; and

generating a computer identifier to identify the computer that is derived from the delta of time parameter in combination with at least one non-personal identification parameter related to the computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

223 Citations

25 Claims

1. A method for identifying a computer comprising the steps of:
- obtaining selected information about the computer during an online connection including a local time according to a resident computer clock and at least one non-personal identification parameter;
  
  measuring a local server time from a website server clock;
  
  calculating a delta of time parameter based upon a difference in time between the local server time and the local time according to the resident computer clock; and
  
  generating a computer identifier to identify the computer that is derived from the delta of time parameter in combination with at least one non-personal identification parameter related to the computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as recited in claim 1 further comprising the step of:
    - obtaining additional identification parameters including personal identification information from the selected information.
  - 3. The method as recited in claim 2, wherein the personal identification information includes consumer identification information.
  - 4. The method as recited in claim 3, wherein the consumer identification information includes at least one of the following:
    - consumer name, address, billing information, shipping information, telephone number and e-mail address.
  - 5. The method as recited in claim 1, wherein the non-personal identification parameter is computer identification information.
  - 6. The method as recited in claim 5, wherein the computer identification information includes an Internet parameter.
  - 7. The method as recited in claim 6, wherein the Internet parameter is a CGI parameter.
  - 8. The method as recited in claim 7, wherein the CGI parameter includes at lease one of the following:
    - IP address, and Browser ID.
  - 9. The method as recited in claim 1 further comprising the step of:
    - capturing relevant time zone information in which the computer is physically located from the selected information about the computer.
  - 10. The method as recited in claim 9, wherein the relevant time zone information is for one or more future dates to indicate whether DST is observed in the relevant time zone.

11. A method for detecting fraud in an online transaction with a customer comprising the steps of:
- creating a first computer identifier in the course of a first online transaction, and a second computer identifier in the course of a second online transaction, wherein each computer identifier includes a delta of time parameter defined by a time difference measured as between a first clock measurement and a second clock measurement;
  
  selecting a matching parameter with a value that is based upon a comparison of the first computer identifier and the second computer identifier;
  
  defining a matching value against which any differences between the first computer identifier and the second computer identifier are measured; and
  
  assessing the risk of fraud based upon the value of the matching parameter relative to the matching value in connection with the second online transaction when the first online transaction is known to be associated with fraudulent activity.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method as recited in claim 11 wherein the first clock measurement is based upon a customer computer clock, and the second clock measurement is based upon a merchant web server clock, and wherein the clock measurements are derived from timestamp information associated with data packets transmitted across a network.
  - 13. The method as recited in claim 11 wherein the value of the matching parameter is different than the matching value indicating the second online transaction may be fraudulent.
  - 14. The method as recited in claim 11 further comprising the step of:
    - communicating to a website operator that the second online transaction is fraudulent, not fraudulent, or requires further case analysis.
  - 15. The method in claim 14 further comprising the step of:
    - blocking the second online transaction based upon the value of the matching parameter.
  - 16. The method as recited in claim 11 wherein the value of the matching parameter is the same as the matching value indicating the second online transaction is not likely fraudulent.
  - 17. The method as recited in claim 11 wherein the matching parameter may fall within a defined range communicating to the customer the status of the second online transaction based upon the value of the matching parameter.
  - 18. The method in claim 11, wherein the delta of time parameter is stated as a range of time measured in seconds or milliseconds.
  - 19. The method of claim 11 wherein the personal or non-personal identification parameter is a Browser ID.

20. A computer readable medium containing program instructions for creating a computer identifier in the course of an online transaction comprising the steps of:
- receiving, from an online customer computer, at least one of either a personal or non-personal identification parameter;
  
  capturing, from the clock of the customer computer, the computer local time;
  
  capturing, from the clock of the website server computer, the server computer local time;
  
  calculating and storing a delta of time parameter based upon the difference between the customer computer local time and the server computer local time, wherein calculating the delta of time parameter is performed at the time of the online transaction; and
  
  identifying a customer based upon customer identification data comprising the delta of time parameter and the personal or non-personal identification parameter.

21. A fingerprinting method to identify a computer comprising the steps of:
- creating a first computer identifier in the course of a first online transaction, and a second computer identifier in the course of a second online transaction, wherein each computer identifier includes a delta of time parameter defined by a time difference measured between a first clock measurement and a second clock measurement over a selected time interval;
  
  comparing the first computer identifier and the second computer identifier;
  
  generating a matching parameter having a value based upon any measured difference between the first computer identifier and the second computer identifier; and
  
  identifying the computer with a selected level of certainty upon a comparison of the calculated value of the matching parameter with a defined matching value to indicate whether the computer was involved in both the first online transaction and the second online transaction.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method as recited in claim 21, wherein the first clock measurement and the second clock measurement are each a measured amount of time to travel from the computer to a web site server according to a timestamped packet of data that is transmitted during the first and second online transaction respectively.
  - 23. The method as recited in claim 21, wherein the selected time interval is a measured time between when a first timestamped packet of data and a second timestamped packet of data are sent by the computer, and wherein each include TCP timestamp information.
  - 24. The method as recited in claim 21, wherein the delta of time parameter is a clock skew for the computer.
  - 25. A computer readable medium comprising a computer program to perform a method as recited in claim 21 to identify a computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The 41st Parameter, Inc. (Experian plc)
Original Assignee
The 41st Parameter, Inc. (Experian plc)
Inventors
Eisen, Ori

Granted Patent

US 7,853,533 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

H04L 2463/102   applying security measure f...

H04L 63/1408   by monitoring network traff...

H04L 63/1483   service impersonation, e.g....

Method and system for identifying users and detecting fraud by use of the internet

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

223 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for identifying users and detecting fraud by use of the internet

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

223 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links