Preventing fraudulent internet account access
First Claim
1. A method comprising:
- maintaining, in a storage device of a server, network address information associated with a network resource user;
receiving, at the server, a request to authenticate the network resource user, the request including a network address identifier;
authenticating, by the server, the network resource user based on the network address information and the network address identifier;
sending, by the server and based on the authenticating, a response to the request, the response indicating an authenticity of the network resource user;
denying, by the server and when the authenticity of the network resource user is not established, the request to authenticate the network resource user;
requesting, by the server and when the request to authenticate the network resource user is denied, verification information from the network resource user;
receiving, by the server, the verification information;
determining, by the server, a validity of the verification information;
overriding, by the server and when the validity of the verification information is established, the denial of the request to authenticate the network resource user; and
modifying, by the server and when the denial of the request to authenticate the network resource user is overridden, the network address information to indicate the authenticity of the network address identifier.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for authenticating requests for accessing network resources are described. Network address information may be associated with a network resource user. An authenticator may maintain the associated network address information. The authenticator may receive, from a requesting party, a request to authenticate the network resource user, where the request may include a network address identifier. The network resource user may be authenticated based on the network address information and the network address identifier. The authentication determination may be forwarded to the requesting party for purposes of controlling access to a network resource of a network resource provider in response to an access request made by the network resource user.
-
Citations
19 Claims
-
1. A method comprising:
-
maintaining, in a storage device of a server, network address information associated with a network resource user; receiving, at the server, a request to authenticate the network resource user, the request including a network address identifier; authenticating, by the server, the network resource user based on the network address information and the network address identifier; sending, by the server and based on the authenticating, a response to the request, the response indicating an authenticity of the network resource user; denying, by the server and when the authenticity of the network resource user is not established, the request to authenticate the network resource user; requesting, by the server and when the request to authenticate the network resource user is denied, verification information from the network resource user; receiving, by the server, the verification information; determining, by the server, a validity of the verification information; overriding, by the server and when the validity of the verification information is established, the denial of the request to authenticate the network resource user; and modifying, by the server and when the denial of the request to authenticate the network resource user is overridden, the network address information to indicate the authenticity of the network address identifier. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
establishing, in a storage device of a server, an authorization list including at least one network address, the authorization list being associated with at least one network resource; receiving, at the server, a request to access the at least one network resource, where the request includes a source network address; providing, by the server and when the source network address is included in the authorization list, access to the at least one network resource; restricting, by the server and when the source network address is not included in the authorization list, access to the at least one network resource; requesting, by the server and based on the restricted access, verification information associated with the at least one network resource be provided to the server; determining, by the server, whether provided verification information, responsive to the request, is valid; maintaining, by the server and upon a determination that the provided verification information is invalid, the access restriction to the at least one network resource; overriding, by the server and upon a determination that the provided verification information is valid, the access restriction to the at least one network resource; providing, by the server and based on the overridden access restriction, access to the at least one network resource; and adding, by the server and upon the access to the at least one network resource being provided, the source network address to the authorization list. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus comprising:
a server to; pre-authorize at least one network address to connect to the server; receive a request, from a client device having a source address, to connect to the server; determine whether the source address matches the at least one network address that has been pre-authorized to connect to the server; grant the request based on the determination that the source address matches the at least one network address that has been pre-authorized; deny the request based on the determination that the source address does not match the at least one network address that has been pre-authorized; obtain, based on the denied request, verification information from a user of the client device; determine whether, responsive to the request, the obtained verification information is valid; maintain the denied request based upon a determination that the obtained verification information is invalid; override the denied request based upon a determination that the obtained verification information is valid; allow, based on the overridden denied request, the client device to connect to the server; and designate, upon the connection being allowed, the source address as being pre-authorized to connect to the server. - View Dependent Claims (16, 17, 18)
-
19. A system comprising:
-
means for receiving, from a client device having a dynamically assigned source network address from a range of network addresses, a request for connection to a network resource; means for selectively authenticating the source network address, where the source network address is compared to a list of authorized network addresses; means for connecting an authenticated source network address to the network resource; means for restricting access to the network resource when the source network address is not on the list of authorized network addresses; means for sending, to the client device and when the access is restricted, a response to the request indicating that access to the network resource is restricted and requesting verification information to override the access restriction; means for receiving the verification information; means for determining a validity of the received verification information; means for overriding, when the validity of the received verification information is established, the access restriction; and means for adding, when the access restriction is overridden, the source network address to the list of authorized network addresses.
-
Specification