User fraud detection and prevention of access to a distributed network communication system

US 8,108,916 B2
Filed: 05/21/2003
Issued: 01/31/2012
Est. Priority Date: 05/21/2003
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;

a second network provider, different from the first network provider, initiating a first network access of the first computing device associated with a first computing device identification;

storing a first set of identification data associated with initiating the first network access in response to initiating the first network access, wherein the first set of identification data comprises the first computing device identification, wherein the first computing device identification includes at least one of a first interne, protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification, wherein the first set of identification data further comprises the username and the password;

receiving the username and the password from a second computing device, wherein the second computing device is different from the first computing device;

the second network provider initiating a second network access of the second computing device associated with a second computing device identification, wherein the second computing device identification is different from the first computing device identification;

storing a second set of identification data associated with initiating the second network access in response to initiating the second network access, wherein the second set of identification data comprises the second computing device identification and the username and the password, wherein the second computing device identification includes at least one of a second interne protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification;

determining one or more fraud indicators in the first set of identification data and the second set of identification data indicating that the first computing device and the second computing device are different computing devices, wherein the one or more fraud indicators comprise a use of the username and the password with both the first computing device identification and the second computing device identification; and

revoking at least one of the first network access and the second network access in response to determining the one or more fraud indicators.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are disclosed for user fraud protection and prevention of access to a distributed network communication system. A first set of identification data associated with a first network access are stored. A second set of identification data associated with a second network access are stored. The first and second sets of identification data comprise a first computing device identification and a second computing device identification, respectively. If one or more fraud indicators are determined in the two sets of identification data, then the first and/or second network access may be revoked. The fraud indicators may include, e.g., use of the same username with different computing device identifications, use of the same computing device identification at different geographical locations, violation of a threshold for computing device identifications, violation of a threshold for authentication failures, and violation of a threshold for rate of network propagation by a user account.

Citations

110 Claims

1. A method, comprising:
- receiving a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;
  
  a second network provider, different from the first network provider, initiating a first network access of the first computing device associated with a first computing device identification;
  
  storing a first set of identification data associated with initiating the first network access in response to initiating the first network access, wherein the first set of identification data comprises the first computing device identification, wherein the first computing device identification includes at least one of a first interne, protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification, wherein the first set of identification data further comprises the username and the password;
  
  receiving the username and the password from a second computing device, wherein the second computing device is different from the first computing device;
  
  the second network provider initiating a second network access of the second computing device associated with a second computing device identification, wherein the second computing device identification is different from the first computing device identification;
  
  storing a second set of identification data associated with initiating the second network access in response to initiating the second network access, wherein the second set of identification data comprises the second computing device identification and the username and the password, wherein the second computing device identification includes at least one of a second interne protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification;
  
  determining one or more fraud indicators in the first set of identification data and the second set of identification data indicating that the first computing device and the second computing device are different computing devices, wherein the one or more fraud indicators comprise a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  revoking at least one of the first network access and the second network access in response to determining the one or more fraud indicators.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 88)
- - 2. The method of claim 1,wherein the first set of identification data comprises a first geographic location;
    - wherein the second set of identification data comprises a second geographic location which is different from the first geographic location; and
      
      wherein the one or more fraud indicators comprise use of the username and the password at both the first geographical location and the second geographical location.
  - 3. The method of claim 1,wherein the second network access is initiated during the first network access.
  - 4. The method of claim 1,wherein the second network access is initiated after the first network access has ended.
  - 5. The method of claim 1,wherein determining the one or more fraud indicators comprises using a fraud detection algorithm.
  - 6. The method of claim 1,wherein the one or more fraud indicators comprise a use the user account in violation of a threshold quantity of different computing device identifications.
  - 7. The method of claim 1,wherein the one or more fraud indicators comprise one or more authentication failures during the initiating at least one of the first network access and the second network access in violation of a threshold quantity of authentication failures.
  - 8. The method of claim 1,wherein the one or more fraud indicators comprise an abnormal rate increase of subscriber usage by a roaming partner.
  - 9. The method of claim 1, further comprising:
    - determining a rate of network propagation by comparing the first set of identification data and the second set of identification data;
      
      wherein the one or more fraud indicators comprise a violation of a threshold rate of network propagation by the determined rate of network propagation.
  - 10. The method of claim 1,wherein the one or more fraud indicators comprise a use of one or more RF channels for wireless access during the first network access or the second network access.
  - 11. The method of claim 1, further comprising:
    - suspending a user account in response to determining the one or more fraud indicators.
  - 12. The method of claim 1, further comprising:
    - de-activating the user account in response to determining the one or more fraud indicators.
  - 13. The method of claim 12, further comprising:
    - verifying an owner identification associated with the user account; and
      
      re-activating the user account in response to verifying the owner identification.
  - 14. The method of claim 13,wherein re-activating the user account is performed by the first network provider.
  - 15. The method of claim 13,wherein re-activating the user account is performed by the second network provider.
  - 16. The method of claim 13, further comprising assigning at least one of a new username and a new password to the user account.
  - 17. The method of claim 1,wherein the second set of identification data is received from a broadcast.
  - 18. The method of claim 1,wherein the second set of identification data is received from a multicast.
  - 88. The method of claim 1, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

19. A method, comprising:
- receiving a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;
  
  receiving a first set of identification data associated with the first computing device, wherein the first set of identification data comprises the username, the password, and a first computing device identification that identifies the first computing device, wherein the first computing device identification includes at least one of a first internet protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification;
  
  receiving the username and the password from a second computing device, wherein the second computing device is different from the first computing device;
  
  receiving a second set of identification data associated with the second computing device, wherein the second set of identification data comprises the username, the password, and a second computing device identification that identifies the second computing device accessing the network, wherein the second computing device identification includes at least one of a second internet protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, wherein the second computing device is different from the first computing device, wherein the first computing device identification and the second computing device identification comprise different computing device identifications;
  
  determining, from the first set of identification data and the second set of identification data, a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  a second network provider, different from the first network provider, revoking at least one of a first network access of a network by the first computing device and a second network access of the network by the second computing device in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 89)
- - 20. The method of claim 19,wherein the second network access is initiated during the first network access.
  - 21. The method of claim 19,wherein the second network access is initiated after the first network access has ended.
  - 22. The method of claim 19, further comprising:
    - suspending the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 23. The method of claim 19, further comprising:
    - de-activating the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 24. The method of claim 23, further comprising:
    - verifying an owner identification associated with the user account; and
      
      re-activating the user account in response to verifying the owner identification.
  - 25. The method of claim 24,wherein re-activating the user account is performed by the first network provider.
  - 26. The method of claim 24,wherein re-activating the user account is performed by the second network provider.
  - 27. The method of claim 24, further comprising assigning at least one of a new username and a new password to the user account.
  - 28. The method of claim 19,wherein the second set of identification data is received from a broadcast.
  - 29. The method of claim 19,wherein the second set of identification data is received from a multicast.
  - 89. The method of claim 19, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

30. An article of manufacture, comprising:
- a computer-readable storage medium; and
  
  program instructions stored on the computer-readable storage medium that when executed on a processing system, the processing system;
  
  receives a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;
  
  stores a first set of identification data associated with a first network access provided by a second network provider, different from the first network provider, wherein the first set of identification data comprises a first computing device identification, wherein the first computing device identification includes at least one of a first internet protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification, wherein the first set of identification data further comprises the username and the password;
  
  receives the username and the password from a second computing device, wherein the second computing device is different from the first computing device;
  
  stores a second set of identification data associated with a second network access provided by the second network provider, wherein the second set of identification data comprises a second computing device identification, the username, and the password, wherein the second computing device identification includes at least one of a second internet protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, wherein the first computing device identification and the second computing device identification comprise different computing device identifications;
  
  determines one or more fraud indicators in the first set of identification data and the second set of identification data indicating that the first computing device and the second computing device are different computing devices, wherein the one or more fraud indicators comprise a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  revokes at least one of the first network access and the second network access in response to determining the one or more fraud indicators.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 90)
- - 31. The article of manufacture according to claim 30,wherein the first set of identification data comprises a first geographic location;
    - wherein the second set of identification data comprises a second geographic location which is different from the first geographic location; and
      
      wherein the one or more fraud indicators comprise use of the username and the password at both the first geographical location and the second geographical location.
  - 32. The article of manufacture according to claim 30,wherein the second network access is initiated during the first network access.
  - 33. The article of manufacture according to claim 30,wherein the second network access is initiated after the first network access has ended.
  - 34. The article of manufacture according to claim 30,wherein determining the one or more fraud indicators comprises using a fraud detection algorithm.
  - 35. The article of manufacture according to claim 30,wherein the one or more fraud indicators comprise a use of the user account in violation of a threshold quantity of different computing device identifications.
  - 36. The article of manufacture according to claim 30,wherein the one or more fraud indicators comprise at least one of one or more authentication failures during the first network access and the second network access in violation of a threshold quantity of authentication failures.
  - 37. The article of manufacture according to claim 30,wherein the one or more fraud indicators comprise an abnormal rate increase of subscriber usage by the second network provider.
  - 38. The article of manufacture according to claim 30, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system furtherdetermines a rate of network propagation by comparing the first set of identification data and the second set of identification data;
    - andwherein the one or more fraud indicators comprise a violation of a threshold rate of network propagation by the determined rate of network propagation.
  - 39. The article of manufacture according to claim 30,wherein the one or more fraud indicators comprise a use of one or more RF channels for wireless access during the first network access or the second network access.
  - 40. The article of manufacture according to claim 30, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system furthersuspends the user account in response to determining the one or more fraud indicators.
  - 41. The article of manufacture according to claim 30, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system furtherde-activates the user account in response to determining the one or more fraud indicators.
  - 42. The article of manufacture according to claim 41, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system furtherverifies an owner identification associated with the user account;
    - andre-activates the user account in response to verifying the owner identification.
  - 43. The article of manufacture according to claim 42, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system further receives information from the first network provider to re-activate the user account.
  - 44. The article of manufacture according to claim 42, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system further receives information from the second network provider to re-activate the user account.
  - 45. The article of manufacture according to claim 42, wherein the program instructions stored on the computer-readable storage medium that when executed on the processing system, the processing system furtherassigns at least one of a new username and a new password to the user account.
  - 46. The article of manufacture according to claim 30,wherein the second set of identification data is received from a broadcast.
  - 47. The article of manufacture according to claim 30,wherein the second set of identification data is received from a multicast.
  - 90. The article of manufacture of claim 30, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

48. An article of manufacture comprising a computer readable memory medium that includes program instructions, wherein the program instructions are computer-executable to implement:
- receiving a username and a password from a first hardware device, wherein the username and the password are associated with a user account of a first network provider;
  
  receiving a first set of identification data associated with a first network access provided by a second network provider, different from the first network provider, wherein the first set of identification data comprises the username, the password, and a first computing device identification that identifies a first hardware device accessing the network, wherein the first computing device identification includes at least one of a first interne protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification,receiving the username and the password from a second hardware device, wherein the second hardware device is different from the first hardware device;
  
  receiving a second set of identification data associated with a second network access provided by the second network provider, wherein the second set of identification data comprises the username, the password, and a second computing device identification that identifies a second hardware device, wherein the second computing device identification includes at least one of a second interne protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, wherein the first computing device identification and the second computing device identification comprise different computing device identifications;
  
  determining, from the first set of identification data and the second set of identification data, a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  revoking at least one of the first network access and the second network access in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
- View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 91)
- - 49. The article of manufacture according to claim 48,wherein the second network access is initiated during the first network access.
  - 50. The article of manufacture according to claim 48,wherein the second network access is initiated after the first network access has ended.
  - 51. The article of manufacture according to claim 48, wherein the program instructions stored on the computer readable memory medium that when executed on the processing system, cause the processing system to further perform:
    - suspending the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 52. The article of manufacture according to claim 48, wherein the program instructions stored on the computer readable memory medium that when executed on the processing system, cause the processing system to further perform:
    - de-activating the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 53. The article of manufacture according to claim 52, wherein the program instructions stored on the computer readable memory medium that when executed on the processing system, cause the processing system to further perform:
    - verifying an owner identification associated with the user account; and
      
      re-activating the user account in response to verifying the owner identification.
  - 54. The article of manufacture according to claim 53,wherein re-activating the user account is performed by the first network provider.
  - 55. The article of manufacture according to claim 53,wherein re-activating the user account is performed by the second network provider.
  - 56. The article of manufacture according to claim 53, wherein the program instructions stored on the computer readable memory medium that when executed on the processing system, cause the processing system to further perform:
    - assigning at least one of a new username and a new password to the user account.
  - 57. The article of manufacture according to claim 48,wherein the second set of identification data is received from a broadcast.
  - 58. The article of manufacture according to claim 48,wherein the second set of identification data is received from a multicast.
  - 91. The article of manufacture of claim 48, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

59. A system, comprising:
- a CPU coupled to a network;
  
  a memory coupled to the CPU, wherein the memory stores program instructions which when executed by the CPU, the systemreceives a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;
  
  receives a first set of identification data associated with a first network access provided by a second network provider, different from the first network provider, wherein the first set of identification data comprises a first computing device identification, wherein the first computing device identification includes at least one of a first internet protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification;
  
  receives the username and the password from a second computing device, wherein the second computing device is different from the first computing device;
  
  receives a second set of identification data associated with a second network access provided by the second network provider, wherein the second set of identification data comprises a second computing device identification and the username, wherein the second computing device identification includes at least one of a second interne protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, wherein the first computing device identification and the second computing device identification comprise different computing device identifications;
  
  determines one or more fraud indicators in the first set of identification data and the second set of identification data that indicate the first computing device and the second computing device are different computing devices, wherein the one or more fraud indicators comprise a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  revokes at least one of the first network access and the second network access in response to determining the one or more fraud indicators.
- View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 92)
- - 60. The system of claim 59,wherein the first set of identification data comprises a first geographic location;
    - wherein the second set of identification data comprises a second geographic location which is different from the first geographic location; and
      
      wherein the one or more fraud indicators comprise use of the username and the password at both the first geographical location and the second geographical location.
  - 61. The system of claim 59,wherein the second network access is initiated during the first network access.
  - 62. The system of claim 59,wherein the second network access is initiated after the first network access has ended.
  - 63. The system of claim 59,wherein when the system determines the one or more fraud indicators, the system utilizes a fraud detection algorithm.
  - 64. The system of claim 59,wherein the one or more fraud indicators comprise a use of the user account in violation of a threshold quantity of different computing device identifications.
  - 65. The system of claim 59,wherein the one or more fraud indicators comprise at least one of one or more authentication failures during the first network access and the second network access in violation of a threshold quantity of authentication failures.
  - 66. The system of claim 59,wherein the one or more fraud indicators comprise an abnormal rate increase of subscriber usage by the second network provider.
  - 67. The system of claim 59, wherein the program instructions which when executed by the CPU, the system furtherdetermines a rate of network propagation by comparing the first set of identification data and the second set of identification data;
    - andwherein the one or more fraud indicators comprise a violation of a threshold rate of network propagation by the determined rate of network propagation.
  - 68. The system of claim 59,wherein the one or more fraud indicators comprise a use of one or more RF channels for wireless access during the first network access or the second network access.
  - 69. The system of claim 59, wherein the program instructions which when executed by the CPU, the system furthersuspends the user account in response to determining the one or more fraud indicators.
  - 70. The system of claim 59, wherein the program instructions which when executed by the CPU, the system furtherde-activates the user account in response to determining the one or more fraud indicators.
  - 71. The system of claim 70, wherein the program instructions which when executed by the CPU, the system furtherverifies an owner identification associated with the user account;
    - andre-activates the user account in response to verification of the owner identification.
  - 72. The system of claim 71, wherein the program instructions which when executed by the CPU, the system further receives information from the first network provider to re-activate the user account.
  - 73. The system of claim 71, wherein the program instructions which when executed by the CPU, the system further receives information from the second network provider to re-activate the user account.
  - 74. The system of claim 71, wherein the program instructions which when executed by the CPU, the system furtherassigns at least one of a new username and a new password to the user account.
  - 75. The system of claim 59,wherein the second set of identification data is received from a broadcast.
  - 76. The system of claim 59,wherein the second set of identification data is received from a multicast.
  - 92. The system of claim 59, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

77. A system, comprising:
- a CPU coupled to a network;
  
  a memory coupled to the CPU, wherein the memory stores program instructions which when executed by the CPU, the systemreceives a username and a password from a first computing device, wherein the username and the password are associated with a user account of a first network provider;
  
  stores a first set of identification data associated with a first network access in provided by a second network provider, different from the first network provider, wherein the first set of identification data comprises the username, the password, and a first computing device identification that identifies a first hardware device accessing the network, wherein the first computing device identification includes at least one of a first interne protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification;
  
  receives the username and the password from a second computing device, wherein the second computing device is different from the first computing device and the second user is different from the first user;
  
  stores a second set of identification data associated with a second network access provided by the second network provider, wherein the second set of identification data comprises the username, the password, and a second computing device identification that identifies a second hardware device accessing the network, wherein the second computing device identification includes at least one of a second internet protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, wherein the first computing device identification and the second computing device identification comprise different computing device identifications;
  
  determines, from the first set of identification data and the second set of identification data, a use of the username and the password with both the first computing device identification and the second computing device identification; and
  
  revokes at least one of the first network access and the second network access in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
- View Dependent Claims (78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 93)
- - 78. The system of claim 77,wherein the second network access is initiated during the first network access.
  - 79. The system of claim 77,wherein the second network access is initiated after the first network access has ended.
  - 80. The system of claim 77, wherein the program instructions which when executed by the CPU, the system furthersuspends the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 81. The system of claim 77, wherein the program instructions which when executed by the CPU, the system furtherde-activates the user account in response to determining, from the first set of identification data and the second set of identification data, the use of the username and the password with both the first computing device identification and the second computing device identification.
  - 82. The system of claim 81, wherein the program instructions which when executed by the CPU, the system furtherverifies an owner identification associated with the user account;
    - andre-activates the user account in response to verification of the owner identification.
  - 83. The system of claim 82, wherein the program instructions which when executed by the CPU, the system further receives information from the first network provider to re-activate the user account.
  - 84. The system of claim 82, wherein the program instructions which when executed by the CPU, the system further receives information from the second network provider to re-activate the user account.
  - 85. The system of claim 82, wherein the program instructions which when executed by the CPU, the system furtherassigns at least one of a new username and a new password to the user account.
  - 86. The system of claim 77,wherein the second set of identification data is received from a broadcast.
  - 87. The system of claim 77,wherein the second set of identification data is received from a multicast.
  - 93. The system of claim 77, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.

94. A method, comprising:
- a first network provider receiving a username and a password from a first computing device associated with a first computing device identification, wherein the username and the password are associated with a user account of a second network provider, wherein the second network provider is different from the first network provider, wherein the first computing device identification includes at least one of a first internet protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification;
  
  the first network provider providing the username and the password to the second network provider for a first authorization of first network access;
  
  the first network provider receiving, from the second network provider, first authorization information indicating that the first network access is permitted;
  
  permitting, based the first authorization information indicating that the first network access is permitted and the first computing device identification, the first network access to the first computing device;
  
  the first network provider receiving the username and the password from a second computing device associated with a second computing device identification, wherein the second computing device identification is different from the first computing device identification, wherein the second computing device identification includes at least one of a second interne protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification;
  
  the first network provider providing the username and the password to the second network provider for a second authorization of second network access;
  
  the first network provider receiving, from the second network provider, second authorization information indicating that the second network access is permitted; and
  
  revoking, based the second authorization information indicating that the second network access is permitted and the first computing device identification, the first network access of the first computing device.
- View Dependent Claims (95, 96, 97, 98, 99, 100)
- - 95. The method of claim 94, further comprising:
    - the first network provider authenticating the username and the password with the second network provider.
  - 96. The method of claim 94,wherein the first computing device is coupled to a first network;
    - andwherein permitting the first network access to the first computing device includes permitting access to a second network.
  - 97. The method of claim 96, wherein the second network includes an Internet.
  - 98. The method of claim 96, wherein revoking the first network access of the first computing device includes revoking access to the second network.
  - 99. The method of claim 96, wherein the second computing device is coupled to the first network.
  - 100. The method of claim 96, wherein the second computing device is coupled to a third network.

101. A system, comprising:
- a first network operated by a first network provider;
  
  an access controller coupled to the first network, wherein the access controller is configured to be coupled to a second network;
  
  a server configured to;
  
  be coupled to at least one of the first network and the second network, receive multiple usernames and multiple corresponding passwords, and communicate with the access controller;
  
  wherein the serverreceives a username and a password from a first computing device associated with a first computing device identification and coupled to the first network, wherein the username and the password are associated with a user account of a second network provider, wherein the second network provider is different from the first network provider, and wherein the first computing device identification includes at least one of a first internet protocol address, a first media access control identification, a first CPU identification, a first electronic serial number (ESN), a first mobile information number (MIN), a first mobile directory number (MDN), a first cookie identification, and a first certificate identification; and
  
  communicates first access information to the access controller to permit the first computing device access of the second network;
  
  wherein the access controllercommunicates with the server to receive the first access information to permit the first computing device access of the second network; and
  
  permits, based on the username, the password, and the first computing device identification, the first computing device access to the second network;
  
  wherein the server furtherreceives the username and the password from a second computing device associated with a second computing device identification and coupled to the first network, wherein the second computing device identification includes at least one of a second internet protocol address, a second media access control identification, a second CPU identification, a second ESN, a second MIN, a second MDN, a second cookie identification, and a second certificate identification, and wherein the second computing device identification is different from the first computing device identification; and
  
  communicates second access information to the access controller to permit the second computing device access of the second network; and
  
  wherein the access controller furthercommunicates with the server to receive the second access information to permit the second computing device access of the second network; and
  
  revokes the access of the first computing device to the second network.
- View Dependent Claims (102, 103, 104, 105, 106, 107, 108, 109, 110)
- - 102. The system of claim 101, wherein the access controller furtherpermits, based on the second computing device identification, the second computing device access to the second network.
  - 103. The system of claim 101, wherein the second network includes an Internet.
  - 104. The system of claim 103,wherein the server is further configured to be coupled to the second network;
    - andwherein the access controller and the server communicate via the Internet.
  - 105. The system of claim 101,wherein the server is operable to be coupled to the second network;
    - andwherein the access controller and the server communicate via the second network.
  - 106. The system of claim 101, wherein the access controller includes the server.
  - 107. The system of claim 101, wherein at least one of the first computing device identification and the second computing device identification is associated with a portable computing device.
  - 108. The system of claim 101,wherein the server furtherreceives the username and the password from a third computing device associated with a third computing device identification, different from the second computing device identification, and coupled to a third network, wherein the third computing device identification includes at least one of a third internet protocol address, a third media access control identification, a third CPU identification, a third ESN, a third MN, a third MDN, a third cookie identification, and a third certificate identification;
    - andcommunicates information to the first network provider, wherein the information indicates that access to the second network has been permitted to the third computing device;
      
      wherein the access controller furtherrevokes the access of the second computing device to the second network in response to the information communicated to the first network provider.
  - 109. The system of claim 108, wherein the third network is operated by the first network provider.
  - 110. The system of claim 108, wherein the third network is operated by a third network provider that is different from the first network provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wayport, Inc. (AT&T, Inc.)
Original Assignee
Wayport, Inc. (AT&T, Inc.)
Inventors
Fink, Ian M., Keeler, James D.
Primary Examiner(s)
Cervetti, David Garcia
Assistant Examiner(s)
HOANG, DANIEL L

Application Number

US10/442,526
Publication Number

US 20040236702A1
Time in Patent Office

3,177 Days
Field of Search

726/27, 380/270
US Class Current

726/6
CPC Class Codes

G06Q 20/382 insuring higher security of...

H04W 12/12 Detection or prevention of ...

User fraud detection and prevention of access to a distributed network communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

110 Claims

Specification

Solutions

Use Cases

Quick Links

User fraud detection and prevention of access to a distributed network communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

110 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links