TECHNIQUES FOR FRAUD MONITORING AND DETECTION USING APPLICATION FINGERPRINTING
First Claim
1. A method for detecting anomalous data submitted to a software application, the method comprising:
- receiving first data submitted via an input field of the software application,generating a first application fingerprint based on the first data, wherein the first application fingerprint is associated with one or more first contexts, and wherein the one or more first contexts represent contexts in which the first data was submitted;
comparing the first application fingerprint with at least one second application fingerprint, wherein the at least one second application fingerprint is based on second data previously submitted via the input field, and wherein the at least one second application fingerprint is associated with one or more second contexts substantially similar to the one or more first contexts; and
calculating a risk score based on the comparison of the first application fingerprint with the at least one second application fingerprint, the risk score indicating a likelihood that the first data was submitted for a fraudulent or malicious purpose.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for fraud monitoring and detection using application fingerprinting. As used herein, an “application fingerprint” is a signature that uniquely identifies data submitted to a software application. In an embodiment, a plurality of historical application fingerprints are stored for data previously submitted to a software application. Each historical application fingerprint is associated with one or more contexts in which its corresponding data was submitted. When new (i.e., additional) data is subsequently submitted to the application, a new application fingerprint is generated based on the new data, and the new application fingerprint is associated with one or more contexts in which the new data was submitted. The new application fingerprint is then compared with one or more historical application fingerprints that share the same, or substantially similar, context(s). Based on this comparison, a risk score is generated indicating a likelihood that the new data was submitted for a fraudulent/malicious purpose.
-
Citations
21 Claims
-
1. A method for detecting anomalous data submitted to a software application, the method comprising:
-
receiving first data submitted via an input field of the software application, generating a first application fingerprint based on the first data, wherein the first application fingerprint is associated with one or more first contexts, and wherein the one or more first contexts represent contexts in which the first data was submitted; comparing the first application fingerprint with at least one second application fingerprint, wherein the at least one second application fingerprint is based on second data previously submitted via the input field, and wherein the at least one second application fingerprint is associated with one or more second contexts substantially similar to the one or more first contexts; and calculating a risk score based on the comparison of the first application fingerprint with the at least one second application fingerprint, the risk score indicating a likelihood that the first data was submitted for a fraudulent or malicious purpose. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for detecting anomalous data submitted to a software application, the system comprising:
-
a storage component configured to store a plurality of historical fingerprints, each historical fingerprint being based on historical data submitted to the software application via an input field of the software application; and a processing component communicatively coupled with the storage component, the processing component being configured to; receive first data submitted via the input field; generate a first application fingerprint based on the first data, wherein the first application fingerprint is associated with one or more first contexts, and wherein the one or more first contexts represent contexts in which the first data was submitted; compare the first application fingerprint with at least one historical fingerprint in the plurality of historical fingerprints, wherein the at least one historical fingerprint is associated with one or more second contexts substantially similar to the one or more first contexts; and calculate a risk score based on the comparison of the first application fingerprint with the at least one historical fingerprint, the risk score indicating a likelihood that the first data was submitted for a fraudulent or malicious purpose. - View Dependent Claims (18, 19, 20)
-
-
21. A machine-readable medium for a computer system, the machine-readable medium having stored thereon a series of instructions which, when executed by a processing component of the computer system, cause the processing component to detect anomalous data submitted to a software application by:
-
receiving first data submitted via an input field of the software application, generating a first application fingerprint based on the first data, wherein the first application fingerprint is associated with one or more first contexts, and wherein the one or more first contexts represent contexts in which the first data was submitted; comparing the first application fingerprint with at least one second application fingerprint, wherein the at least one second application fingerprint is based on second data previously submitted via the input field, and wherein the at least one second application fingerprint is associated with one or more second contexts substantially similar to the one or more first contexts; and calculating a risk score based on the comparison of the first application fingerprint with the at least one second application fingerprint, the risk score indicating a likelihood that the first data was submitted for a fraudulent or malicious purpose.
-
Specification