System and method for early detection and prevention of identity theft
First Claim
1. A computer implemented method of authenticating use of an identity, the computer implemented method comprising:
- receiving a request to authenticate the use of the identity from an electronic device in a first location;
determining a current location of a mobile device associated with the identity, the current location of the mobile device being a second location;
comparing the first location to the second location; and
determining whether to authorize the use of the identity based on results of comparing the first location to the second location;
wherein determining whether to authorize the use of the identity based on results of comparing the first location to the second location comprises includes;
determining whether the first location is within a predetermined distance from the second location wherein the electronic device is a source and wherein determining whether the first location is within a predetermined distance from the second location further comprises;
responsive to a determination that the electronic device in the first location is not within a predetermined proximity to at least one other source, establishing a range as a radial distance from the electronic device in the first location to form a circular area around the electronic device, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the circular area; and
responsive to a determination that the electronic device in the first location is within a predetermined proximity to at least one other source, establishing a non-circular area around the electronic device in the first location to form a bounding polygon shaped area around the electronic device, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the non-circular area;
responsive to a determination that the first location is within the predetermined distance from the second location, automatically authorizing the use of the identity without a notification being sent to a notification device;
responsive to a determination that the first location is more than the predetermined distance away from the second location, automatically determining whether to send a notification message to notification device, wherein automatically determining whether to send the notification message further comprises;
retrieving a notification profile associated with the identity, wherein the notification profile includes one or more notification criteria, wherein the notification criteria are used to determine whether to send a notification message to the notification device associated with the identity, wherein the one or more notification criteria limit a number of notifications that are sent to the notification device wherein the notification device is a different device than the mobile device;
comparing the one or more notification criteria to circumstances of the use of the identity;
responsive to a determination that the circumstances of the use of the identity meet at least one of the one or more notification criteria, automatically sending the notification message to the notification device;
responsive to receiving a response from the notification device indicating that authorized user approves the use of the identity, transmitting an approval completion message to the electronic device at the first location, wherein the approval completion message indicates authorization for the use of the identity;
responsive to receiving a response from the notification device indicating that authorized user rejects the use of the identity, transmitting a rejection message to the electronic device at the first location, wherein the rejection message indicates denial of the use of the identity; and
responsive to a failure to receive a response from the notification device indication that the authorized user approves or rejects the user of the identity within a predetermined time-out period of time, transmitting a rejection message indicting that the transaction is rejected.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for early detection of identity theft are provided. An authorized user establishes an identity with an organization'"'"'s computing system and registers a mobile device and a notification device with the organization'"'"'s computing system. When a use of the identity is attempted, a record associated with the identity is retrieved and a request is sent to the registered mobile device for location information. The current location of the mobile device is compared to the location of the source of the request for authorization. If the current location of the mobile device is not within an area of the source of the authentication request, information about the attempted use is compared with the registered notification criteria. If the conditions of the attempted use fall within the notification criteria, a notification message is sent to the notification device.
-
Citations
20 Claims
-
1. A computer implemented method of authenticating use of an identity, the computer implemented method comprising:
-
receiving a request to authenticate the use of the identity from an electronic device in a first location; determining a current location of a mobile device associated with the identity, the current location of the mobile device being a second location; comparing the first location to the second location; and
determining whether to authorize the use of the identity based on results of comparing the first location to the second location;
wherein determining whether to authorize the use of the identity based on results of comparing the first location to the second location comprises includes;determining whether the first location is within a predetermined distance from the second location wherein the electronic device is a source and wherein determining whether the first location is within a predetermined distance from the second location further comprises; responsive to a determination that the electronic device in the first location is not within a predetermined proximity to at least one other source, establishing a range as a radial distance from the electronic device in the first location to form a circular area around the electronic device, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the circular area; and responsive to a determination that the electronic device in the first location is within a predetermined proximity to at least one other source, establishing a non-circular area around the electronic device in the first location to form a bounding polygon shaped area around the electronic device, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the non-circular area; responsive to a determination that the first location is within the predetermined distance from the second location, automatically authorizing the use of the identity without a notification being sent to a notification device; responsive to a determination that the first location is more than the predetermined distance away from the second location, automatically determining whether to send a notification message to notification device, wherein automatically determining whether to send the notification message further comprises; retrieving a notification profile associated with the identity, wherein the notification profile includes one or more notification criteria, wherein the notification criteria are used to determine whether to send a notification message to the notification device associated with the identity, wherein the one or more notification criteria limit a number of notifications that are sent to the notification device wherein the notification device is a different device than the mobile device; comparing the one or more notification criteria to circumstances of the use of the identity;
responsive to a determination that the circumstances of the use of the identity meet at least one of the one or more notification criteria, automatically sending the notification message to the notification device;responsive to receiving a response from the notification device indicating that authorized user approves the use of the identity, transmitting an approval completion message to the electronic device at the first location, wherein the approval completion message indicates authorization for the use of the identity; responsive to receiving a response from the notification device indicating that authorized user rejects the use of the identity, transmitting a rejection message to the electronic device at the first location, wherein the rejection message indicates denial of the use of the identity; and responsive to a failure to receive a response from the notification device indication that the authorized user approves or rejects the user of the identity within a predetermined time-out period of time, transmitting a rejection message indicting that the transaction is rejected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 19)
-
-
10. A computer readable medium having computer instructions tangibly stored therein which when executed by a data processing system cause the system to perform the following steps:
-
receiving a request to authenticate the use of the identity from an electronic device in a first location; determining a current location of a mobile device associated with the identity, the current location of the mobile device being a second location; comparing the first location to the second location; and determining whether to authorize the use of the identity based on results of comparing the first location to the second location, wherein the fourth instructions for determining whether to authorize the use of the identity based on results of comparing the first location to the second location comprises; determining whether the first location is within a predetermined distance from the second location wherein the electronic device is a source and wherein the instructions for determining whether the first location is within a predetermined distance from the second location further comprises; establishing a range as a radial distance from the electronic device in the first location to form a circular area around the electronic device in response to a determination that the electronic device in the first location is not within a predetermined proximity to at least one other source, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the circular area; and establishing a non-circular area around the electronic device in the first location to form a bounding polygon shaped area around the electronic device in response to a determination that the electronic device in the first location is within a predetermined proximity to at least one other source, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the non-circular area; automatically authorizing the use of the identity without a notification being sent to a notification device in response to a determination that the first location is within the predetermined distance from the second location; automatically determining whether to send a notification message to a notification device in response to a determination that the first location is more than the predetermined distance away from the second location, wherein automatically determining whether to send the notification message further comprises; retrieving a notification profile associated with the identity, wherein the notification profile includes one or more notification criteria, wherein the notification criteria are used to determine whether to send a notification message to the notification device associated with the identity, wherein the one or more notification criteria limit a number of notifications that are sent to the notification device, wherein the notification device is a different device than the mobile device; comparing the one or more notification criteria to circumstances of the use of the identity; automatically sending the notification message to the notification device associated with the identity in response to a determination that the circumstances of the use of the identity meet at least one of the one or more notification criteria; transmitting an approval completion message to the electronic device at the first location in response to receiving a response from the notification device indicating that authorized user approves the use of the identity, wherein the approval completion message indicates authorization for the use of the identity; transmitting a rejection message to the electronic device at the first location in response to receiving a response from the notification device indicating that the authorized user rejects the use of the identity, wherein the rejection message indicates denial of the use of the identity; and transmitting the rejection message indicating that the transaction is rejected in response to a failure to receive a response from the notification device indicating that the authorized user approves or rejects the user of the identity within a predetermined time-out period of time. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 20)
-
-
18. An apparatus for authenticating use of an identity, comprising:
-
means for receiving a request to authenticate the use of the identity from an electronic device in a first location; means for determining a current location of a mobile device associated with the identity, the current location of the mobile device being a second location; means for comparing the first location to the second location; and means for determining whether to authorize the use of the identity based on results of comparing the first location to the second location;
wherein the means for determining whether to authorize the use of the identity based on results of comparing the first location to the second location comprises;means for determining whether the first location is within a predetermined distance from the second location wherein the electronic device is a source and wherein determining whether the first location is within a predetermined distance from the second location further comprises; means for establishing a range as a radial distance from the electronic device in the first location to form a circular area around the electronic device in response to a determination that the electronic device in the first location is not within a predetermined proximity to at least one other source, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the circular area; and means for establishing a non-circular area around the electronic device in the first location to form a bounding polygon shaped area around the electronic device in response to a determination that the electronic device in the first location is within a predetermined proximity to at least one other source, wherein the first location is within the predetermined distance from the second location if the mobile device is present within the non-circular area; means for automatically authorizing the use of the identity without a notification being sent to a notification device in response to a determination that the first location is within the predetermined distance from the second location; and means for automatically determining whether to send a notification message to a notification device in response to a determination that the first location is more than the predetermined distance away from the second location, wherein automatically determining whether to send the notification message further comprises; means for retrieving a notification profile associated with the identity, wherein the notification profile includes one or more notification criteria, wherein the notification criteria are used to determine whether to send a notification message to a notification device associated with the identity, wherein the one or more notification criteria limit a number of notifications that are sent to the notification device, wherein the notification device is a different device than the mobile device; means for comparing the one or more notification criteria to circumstances of the use of the identity; and means for automatically sending the notification message to the notification device associated with the identity in response to a determination that the circumstances of the use of the identity meet at least one of the one or more notification criteria; and means for transmitting an approval completion message to the electronic device at the first location in response to receiving a response from the notification device indicating that authorized user approves the use of the identity;
transmitting a rejection message to the electronic device at the first location in response to receiving a response from the notification device indicating that authorized user rejects the use of the identity, wherein the rejection message indicates denial of the use of the identity; and
transmitting a rejection message indicting that the transaction is rejected in response to a failure to receive a response from the notification device indication that the authorized user approves or rejects the user of the identity within a predetermined time-out period of time, wherein the approval completion message indicates authorization for the use of the identity.
-
Specification