Network security and fraud detection system and method

US 7,272,728 B2
Filed: 06/14/2004
Issued: 09/18/2007
Est. Priority Date: 06/14/2004
Status: Active Grant

First Claim

Patent Images

1. A network security and fraud detection and prevention system, comprising:

one or more network service providers that provides a service;

a network device that connects to at least one of the network service providers over a communications network to use the provided service; and

at least one network service provider further comprising a fraud detector comprising a clientwherein the client gathers information about the network device to generate a device identifier that identifies the network device, a database, and a module that receives the device identifier, stores the device identifier in the database and associates the device identifier with end-user account information provided by the network service provider and wherein the device identifier and end-user account information is shared between the one or more network service providers to detect fraud using the network device across the network service providers.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Reexamination

Accused Products

Abstract

A system and method to detect and prevent fraud in a system is provided. The system may uniquely identify physical devices connecting to a network, register unique devices, track end-user logins, associate end-user accounts with specific devices, and share information with multiple network service providers is described.

219 Citations

56 Claims

1. A network security and fraud detection and prevention system, comprising:
- one or more network service providers that provides a service;
  
  a network device that connects to at least one of the network service providers over a communications network to use the provided service; and
  
  at least one network service provider further comprising a fraud detector comprising a clientwherein the client gathers information about the network device to generate a device identifier that identifies the network device, a database, and a module that receives the device identifier, stores the device identifier in the database and associates the device identifier with end-user account information provided by the network service provider and wherein the device identifier and end-user account information is shared between the one or more network service providers to detect fraud using the network device across the network service providers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1, wherein the database further comprises a plurality of records wherein each record further comprises a host field containing an identifier of a particular network service provider, a user account information field containing information from the particular network service provider that identifies a particular user and the device identifier that uniquely identifies the particular network device.
  - 3. The system of claim 1, wherein the fraud detector further comprises a module that generates a network device identifier for each network device that connects to at least one network service provider wherein the network device identifier uniquely identifies each network device in combination with the device identifier.
  - 4. The system of claim 3, wherein the device identifier further comprises a fingerprint.
  - 5. The system of claim 1, wherein the fraud detector validates each network device on a periodic random basis.
  - 6. The system of claim 1, wherein the fraud detector validates each network device upon connection of the network device to the network service provider.
  - 7. The system of claim 1, wherein the fraud detector validates each network device when the network device logs onto the network service provider.
  - 8. The system of claim 1, wherein the fraud detector validates each network device when the network device performs a transaction with the network service provider.
  - 9. The system of claim 1, wherein the fraud detector validates each network device each time that the network device re-connects to the network service provider.
  - 10. The system of claim 1, wherein the device identifier further comprises a fingerprint.
  - 11. The system of claim 1, wherein the device identifier further comprises a serial number for a cellular phone.
  - 12. The system of claim 1, wherein the client is embedded in a software application being downloaded to the network device from the network service provider.
  - 13. The system of claim 1, wherein the client is a stand-alone software application that is downloaded to the network device from the network service provider.
  - 14. The system of claim 1, wherein the client is a piece of code that is automatically downloaded to the network device from the network service provider.
  - 15. The system of claim 1, wherein the client is downloaded to the network device when the network device connects to the network service provider.
  - 16. The system of claim 1, wherein the network device further comprises one of a cellular phone, a personal digital assistant, a laptop computer, a personal computer and a telephone.

17. A method for detecting fraud during a connection of a network device to a network service provider using the fraud detection information from a plurality of associated network service providers, the method comprising:
- validating a network device identifier assigned to the network device;
  
  validating a combination of the network device identifier and a network device fingerprint for the network device;
  
  verifying that the status of the network device identifier and the network device fingerprint for the network device are acceptable to the network service provider based on a set of status rules of the network service provider; and
  
  verifying that the status of the network device identifier and the network device fingerprint for the network device are acceptable to the associated network service providers.
- View Dependent Claims (18)
- - 18. The method of claim 17 further comprising verifying that the number of user accounts per network device identifier are acceptable to the network service provider, and verifying that the number of network device identifiers per user account are acceptable to the network service provider.

19. A method for detecting fraud during a connection of an unknown network device to a network service provider, the method comprising:
- launching an application on a network device that launches a fraud detection client;
  
  determining, using the client, that the network device is an unregistered network device;
  
  receiving a network device identifier requested from a fraud detection system;
  
  generating, using the client, a fingerprint based on characteristics of the network device that is forwarded to the fraud detection system; and
  
  verifying, at the fraud detection system, that the fingerprint of the network device is not duplicative.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19 further comprising providing a login dialog to the network device.
  - 21. The method of claim 19 further comprising verifying that a username and password provided by the user of the network device are valid, providing the network device identifier and an end user identifier to the fraud detection system from the network service provider and checking a status of the network device identifier and end user identifier based on a set of rules of the network service provider.

22. A method for detecting fraud during a connection of a known network device to a network service provider, the method comprising:
- launching an application on a network device that launches a fraud detection client on the network device;
  
  determining, using the client, that the network device is a registered network device having an assigned network device identifier;
  
  generating, using the client, a fingerprint based on characteristics of the network device that is forwarded to the fraud detection system with the assigned network device identifier; and
  
  verifying, at the fraud detection system, that the fingerprint of the network device is not duplicative and that the network device identifier is valid.
- View Dependent Claims (23, 24)
- - 23. The method of claim 22 further comprising providing a login dialog to the network device.
  - 24. The method of claim 22 further comprising verifying that a username and password provided by the user of the network device are valid, providing the network device identifier and an end user identifier to the fraud detection system from the network service provider and checking a status of the network device identifier and end user identifier based on a set of rules of the network service provider.

25. A network security and fraud detection and prevention system, comprising:
- one or more network service providers that provides a service;
  
  a network device that connects to at least one of the network service providers over a communications network to use the provided service; and
  
  at least one network service provider further comprising fraud detector means further comprising a client means, downloaded to the network device when the network device connects to the network service provider, for gathering information about the network device to generate a device identifier that identifies the network device, a database and means for receiving the device identifier, storing the device identifier in the database and associating the device identifier with end-user account information provided by the network service provider and wherein the device identifier and end-user account information is shared between the one or more network service providers to detect fraud using the network device across the network service providers.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 26. The system of claim 25, wherein the database further comprises a plurality of records wherein each record further comprises a host field containing an identifier of a particular network service provider, a user account information field containing information from the particular network service provider that identifies a particular user and the device identifier that uniquely identifies the particular network device.
  - 27. The system of claim 25, wherein the fraud detecting means further comprises means for generating a network device identifier for each network device that connects to at least one network service provider wherein the network device identifier uniquely identifies each network device in combination with the device identifier.
  - 28. The system of claim 27, wherein the device identifier further comprises a fingerprint.
  - 29. The system of claim 25, wherein the fraud detection means further comprises means for validating each network device on a periodic random basis.
  - 30. The system of claim 25, wherein the fraud detector means further comprises means for validating each network device upon connection of the network device to the network service provider.
  - 31. The system of claim 25, wherein the fraud detection means further comprises means for validating each network device when the network device logs onto the network service provider.
  - 32. The system of claim 25, wherein the fraud detection means further comprises means for validating each network device when the network device performs a transaction with the network service provider.
  - 33. The system of claim 25, wherein the fraud detection means further comprises means for validating each network device each time that the network device re-connects to the network service provider.
  - 34. The system of claim 25, wherein the device identifier further comprises a fingerprint.
  - 35. The system of claim 25, wherein the device identifier further comprises a serial number for a cellular phone.
  - 36. The system of claim 25, wherein the client means is embedded in a software application being downloaded to the network device from the network service provider.
  - 37. The system of claim 25, wherein the client means is a stand-alone software application that is downloaded to the network device from the network service provider.
  - 38. The system of claim 25, wherein the client means is a piece of code that is automatically downloaded to the network device from the network service provider.
  - 39. The system of claim 25, wherein the client means is downloaded to the network device when the network device connects to the network service provider.
  - 40. The system of claim 25, wherein the network device further comprises one of a cellular phone, a personal digital assistant, a laptop computer, a personal computer and a telephone.

41. A network security and fraud detection and prevention system, comprising:
- one or more network service providers that provides a service;
  
  a network device that connects to at least one of the network service providers over a communications network to use the provided service; and
  
  at least one network service provider further comprising a fraud detector further comprising a client piece of code that is downloaded to the network device when the network device connects to the network service provider wherein the client gathers information about the network device to generate a device identifier that identifies the network device, a database and computer instructions that receive the device identifier and store the device identifier in the database and associate the device identifier with end-user account information provided by the network service provider and wherein the device identifier and end-user account information is shared between the one or more network service providers to detect fraud using the network device across the network service providers.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 42. The system of claim 41, wherein the database further comprises a plurality of records wherein each record further comprises a host field containing an identifier of a particular network service provider, a user account information field containing information from the particular network service provider that identifies a particular user and the device identifier that uniquely identifies the particular network device.
  - 43. The system of claim 41, wherein the fraud detector further comprises instructions that generate a network device identifier for each network device that connects to at least one network service provider wherein the network device identifier uniquely identifies each network device in combination with the device identifier.
  - 44. The system of claim 43, wherein the device identifier further comprises a fingerprint.
  - 45. The system of claim 41, wherein the fraud detector further comprises instructions that validate each network device on a periodic random basis.
  - 46. The system of claim 41, wherein the fraud detector further comprises instructions that validate each network device upon connection of the network device to the network service provider.
  - 47. The system of claim 41, wherein the fraud detector further comprises instructions that validate each network device when the network device logs onto the network service provider.
  - 48. The system of claim 41, wherein the fraud detector further comprises instructions that validate each network device when the network device performs a transaction with the network service provider.
  - 49. The system of claim 41, wherein the fraud detector further comprises instructions that validate each network device each time that the network device re-connects to the network service provider.
  - 50. The system of claim 41, wherein the device identifier further comprises a fingerprint.
  - 51. The system of claim 41, wherein the device identifier further comprises a serial number for a cellular phone.
  - 52. The system of claim 41, wherein the client is embedded in a software application being downloaded to the network device from the network service provider.
  - 53. The system of claim 41, wherein the client is a stand-alone software application that is downloaded to the network device from the network service provider.
  - 54. The system of claim 41, wherein the client is a piece of code that is automatically downloaded to the network device from the network service provider.
  - 55. The system of claim 41, wherein the client is downloaded to the network device when the network device connects to the network service provider.
  - 56. The system of claim 41, wherein the network device further comprises one of a cellular phone, a personal digital assistant, a laptop computer, a personal computer and a telephone.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
iovation Incorporated
Original Assignee
iovation Incorporated
Inventors
DeHaan, Jason, Pierson, Greg
Primary Examiner(s)
Peeso; Thomas R.

Application Number

US10/867,871
Publication Number

US 20060048211A1
Time in Patent Office

1,191 Days
Field of Search

713/166, 713/167, 713/168, 713/194
US Class Current

713/194
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/0876 based on the identity of th...

Network security and fraud detection system and method

First Claim

4 Assignments

0 Petitions

Reexamination

Accused Products

Abstract

219 Citations

56 Claims

Specification

Use Cases

Quick Links

Others

Network security and fraud detection system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

219 Citations

56 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others