Methods and Apparatus for Detecting Fraud with Time Based Computer Tags

US 20090083184A1
Filed: 09/26/2007
Published: 03/26/2009
Est. Priority Date: 09/26/2007
Status: Active Grant

First Claim

Patent Images

1. A network security system for a financial institution comprising:

a computer network having a series of one or more web servers accessible by customer network devices, wherein the customer network devices include time stamped computer tags communicated to the web server over a communications network while accessing a user account; and

a fraud detection system containing a fraud detection server for analyzing the time stamped computer tags received from the network devices to determine when they were created as part of a fraud risk analysis associated with user accounts.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for creating and analyzing computer tag information for the prevention or detection of potential fraud. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity.

267 Citations

17 Claims

1. A network security system for a financial institution comprising:
- a computer network having a series of one or more web servers accessible by customer network devices, wherein the customer network devices include time stamped computer tags communicated to the web server over a communications network while accessing a user account; and
  
  a fraud detection system containing a fraud detection server for analyzing the time stamped computer tags received from the network devices to determine when they were created as part of a fraud risk analysis associated with user accounts.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system as recited in claim 1, wherein the fraud detection system further comprises a computer tag database having a plurality of records, wherein each record further comprises at least one of the following:
    - a computer tag identifier field, a time stamp field, and a user account information field for containing information related to a particular user or a network device.
  - 3. The system of claim 1, wherein the computer tags are embedded in cookies downloadable to the network devices.
  - 4. The system of claim 1, wherein the computer tags are pieces of data that are automatically downloadable to network devices.
  - 5. The system of claim 4, wherein the pieces of data are encrypted.
  - 6. The system of claim 1, wherein the customer network devices include at least one of the following:
    - a cellular phone, a personal digital assistant, a laptop computer, a personal computer and a telephone.

7. A method for detecting potential fraud during a connection between a secure network and a network device comprising:
- launching an application on a network device that initiates the downloading of a time stamped computer tag from the secure network onto the network device;
  
  determining whether the network device possesses the time stamped computer tag;
  
  retrieving the time stamped computer tag from the network device; and
  
  determining an issue date from the time stamped computer tag indicating when it was created; and
  
  considering the issue date of the time stamped computer tag in combination with another fraud parameter to detect possibly fraudulent activity associated with the network device.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method as recited in claim 7, wherein the time stamped computer tag is encrypted.
  - 9. The method as recited in claim 7, further comprising the steps of:
    - creating a new time stamped computer tag after determining the device does not already possess a time stamped computer tag; and
      
      delivering the new time stamped computer tag to the network device.
  - 10. The method as recited in claim 9, further comprising the step of:
    - encrypting the new time stamped computer tag before delivering it to the network device.
  - 11. The method as recited in claim 10, further comprising the step of:
    - decrypting the new time stamped computed tag before determining the issue date from the time stamped computer tag indicating when it was created.

12. A network security system comprising:
- one or more network devices that connect to at least one secure network over a communications network; and
  
  a fraud detection system for generating encrypted time stamped cookies that are downloaded to the network devices connected to the secure network, wherein the encrypted time stamped cookies includes information about the network devices to generate corresponding device identifiers that identify the network devices, and wherein the fraud detection system further comprises a computer tag database for storing information related to the time stamped cookies, and a computer tag analyzer for analyzing the device identifiers and the time stamped cookies including a determination as to when the time stamped cookers were generated by the fraud detection system.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, wherein the fraud detection system is configured to instruct the computer tag analyzer to analyze time stamped cookies on a periodic random basis.
  - 14. The system of claim 12, wherein the fraud detection system is configured to instruct the computer tag analyzer to analyze time stamped cookies upon authentication of the user.

15. A method of generating time stamped cookies for detecting possible fraudulent activity comprising:
- establishing a connection between a computer network having a fraud detection server and a user device operated by a user;
  
  instructing the fraud detection server to create a cookie for delivery to the user device;
  
  time stamping the cookie with date/time information indicating when the cookie was created;
  
  encrypting the cookie to generate an encrypted cookie;
  
  storing the encrypted cookie on the user device operated by the user for later inspection by the fraud detection server;
  
  retrieving the encrypted cookie from the user device;
  
  decrypting the encrypted cookie to determine the date/time information indicating when the cookie was created; and
  
  analyzing the date/time information indicating when the cookie was created as part of a predetermined risk analysis to detect possible fraudulent activity.
- View Dependent Claims (16, 17)
- - 16. The method as recited in claim 15, wherein the cookie includes personalized data corresponding to the user.
  - 17. A computer program product comprising a computer useable medium having computer readable program code embodied therein for detecting possible fraudulent activity over a network, the computer program product comprising a set of instructions for carrying out the method as recited in claim 15.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The 41st Parameter, Inc. (Experian plc)
Original Assignee
The 41st Parameter, Inc. (Experian plc)
Inventors
Eisen, Ori

Granted Patent

US 9,060,012 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/4016   involving fraud or risk lev...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/0823   using certificates cryptogr...

H04L 63/1408   by monitoring network traff...

H04L 63/1466   Active attacks involving in...

H04L 69/28   Timers or timing mechanisms...

Methods and Apparatus for Detecting Fraud with Time Based Computer Tags

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

267 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and Apparatus for Detecting Fraud with Time Based Computer Tags

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

267 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links