Verification of a person identifier received online

US 8,650,103 B2
Filed: 10/16/2002
Issued: 02/11/2014
Est. Priority Date: 10/17/2001
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of verifying a first person identifier, executed by a verification system realized by one or more computers connected to a data network, the method comprising:

Receiving a Verification Request including the first person identifier in a first message sent via the data network by a first sender; and

Estimating, by use of a data processor, whether Verification Conditions are true, the Verification Conditions including;

whether the first person identifier and a second person identifier satisfy a Same Person Condition, the second person identifier being received in a second message at a different time from a time when the first message is received, the second message being sent via the data network by a second sender, wherein the Same Person Condition is satisfied if the first person identifier and the second person identifier have a Same Person Relation that includes at least one relation between the first person identifier and the second person identifier selected from the group consisting of;

the first person identifier and the second person identifier include substantially similar portions,the first person identifier and the second person identifier are verified against encrypted person identifier information stored in a user device, the encrypted person identifier information being accessed upon request to an encrypting authority,the first person identifier and the second person identifier include geographically proximate geographical parameters, andeach of the first person identifier and the second person identifier has a respective Same Person Relation with a third person identifier,whether the first sender and the second sender satisfy a Same Sender Condition, wherein the Same Sender Condition is satisfied if, based on a comparison between information associated with the first message and information associated with the second message, the first message and the second message have a Same Sender Relation that includes at least one relation, between the first message and the second message, selected from the group consisting of;

there is a relation between a reliable network address of the first sender and a reliable network address of the second sender,a first secret known to the first sender and a second secret contained in the second message are derivatives of a common secret, andeach of the first message and the second message has a respective Same Sender Relation with a third message, andwhether the second person identifier, previously determined to satisfy a Same Person Condition in relation to the first person identifier, identifies the second sender, previously determined to satisfy a Same Sender Condition in relation to the first sender.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A_system and method for verification of a person identifier received online is described. The method includes receiving a request for verifying a person identifier (PI1); and estimating whether (a) PI1 identifies the same person as another person identifier (PI2), (b) sender of PI1 is the same person as sender of PI2, and (c) PI2 identifies the sender of PI2.

92 Citations

View as Search Results

32 Claims

1. A computer-implemented method of verifying a first person identifier, executed by a verification system realized by one or more computers connected to a data network, the method comprising:
- Receiving a Verification Request including the first person identifier in a first message sent via the data network by a first sender; and
  
  Estimating, by use of a data processor, whether Verification Conditions are true, the Verification Conditions including;
  
  whether the first person identifier and a second person identifier satisfy a Same Person Condition, the second person identifier being received in a second message at a different time from a time when the first message is received, the second message being sent via the data network by a second sender, wherein the Same Person Condition is satisfied if the first person identifier and the second person identifier have a Same Person Relation that includes at least one relation between the first person identifier and the second person identifier selected from the group consisting of;
  
  the first person identifier and the second person identifier include substantially similar portions,the first person identifier and the second person identifier are verified against encrypted person identifier information stored in a user device, the encrypted person identifier information being accessed upon request to an encrypting authority,the first person identifier and the second person identifier include geographically proximate geographical parameters, andeach of the first person identifier and the second person identifier has a respective Same Person Relation with a third person identifier,whether the first sender and the second sender satisfy a Same Sender Condition, wherein the Same Sender Condition is satisfied if, based on a comparison between information associated with the first message and information associated with the second message, the first message and the second message have a Same Sender Relation that includes at least one relation, between the first message and the second message, selected from the group consisting of;
  
  there is a relation between a reliable network address of the first sender and a reliable network address of the second sender,a first secret known to the first sender and a second secret contained in the second message are derivatives of a common secret, andeach of the first message and the second message has a respective Same Sender Relation with a third message, andwhether the second person identifier, previously determined to satisfy a Same Person Condition in relation to the first person identifier, identifies the second sender, previously determined to satisfy a Same Sender Condition in relation to the first sender.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The computer-implemented method of claim 1, further including sending a Verification Report indicating whether the first person identifier identifies the first sender, said Verification Report being based on results of said estimating.
  - 3. The computer-implemented method of claim 1, wherein said Verification Request further includes at least one information element chosen from the group consisting of:
    - the second person identifier; and
      
      the first person identifier.
  - 4. The computer-implemented method of claim 1, wherein the estimating further includes:
    - Sending at least one query to at least one Person Identifier-Sender Identifier Database; and
      
      Receiving at least one response to the at least one query.
  - 5. The computer-implemented method of claim 4 wherein the at least one query is a conditional query describing at least one of the Verification Conditions.
  - 6. The computer-implemented method of claim 5 including estimating whether the at least one response to the at least one query satisfies at least one of the verification Conditions other than the at least one Verification Condition that was described in the at least one query.
  - 7. The computer-implemented method of claim 1, wherein the Same Person Condition is satisfied if the first person identifier and the second person identifier have a Same Person Relation that includes at least one relation between the first person identifier and the second person identifier selected from the group consisting of:
    - the first person identifier and the second person identifier include identical portions,the first person identifier and the second person identifier include portions that are identical except for spelling differences,a first of the first person identifier or the second person identifier includes an abbreviation of a second of the first person identifier or the second person identifier,the first person identifier and the second person identifier include numerically similar phone numbers, anda directory record associates a person identifier that has a Same Person Relation with a first of the first person identifier or the second person identifier with another person identifier that has a Same Person Relation with a second of the first person identifier or the second person identifier.
  - 8. The computer-implemented method of claim 1, wherein the Same Sender Condition is satisfied if the first message and the second message have a Same Sender Relation that includes at least one relation, between the first message and the second message, selected from the group consisting of:
    - the first message and the second message are included in a common integral message,there is a relation between a time the first message was sent and a time the second message was sent, anda first secret contained in the first message and a second secret contained in the second message are derivatives of a common secret.
  - 9. The computer-implemented method of claim 8, wherein the relation between the reliable network address of the first sender and the reliable network address of the second sender includes at least one relation selected from the group consisting of:
    - Identity of the reliable network address of the first sender and the reliable network address of the second sender;
      
      Membership in a common sub-network of the reliable network address of the first sender and the reliable network address of the second sender;
      
      Use of the reliable network address of the first sender and the reliable network address of the second sender by a common organization;
      
      Use of the reliable network address of the first sender and the reliable network address of the second sender by two related organizations;
      
      Use of the reliable network address of the first sender and the reliable network address of the second sender by a common Internet Service Provider;
      
      Use of the reliable network address of the first sender and the reliable network address of the second sender by a common Internet Service Provider Point of Presence; and
      
      Association of the reliable network address of the first sender and the reliable network address of the second sender with proximate geographical locations.
  - 10. The computer-implemented method of claim 8, wherein at least one of the reliable network addresses is a reliable network address selected from the group consisting of:
    - An IP address, an IP address together with a UDP port number, a TCP session handle, and a physical interface identifier.
  - 11. The computer-implemented method of claim 8, wherein at least one of the first and second secrets is a secret selected from the group consisting of:
    - A secret kept by a device, a secret HTTP cookie, a secret HTTP secure cookie, an SMTP header, an HTTP header, a hardware identifier, a secret kept in a software component installed on the device, a secret assigned to a person for online use, a username and password, a secret URL, a network address, an IP address, a UDP port number, and a TCP session handle.
  - 12. The computer-implemented method of claim 1, wherein the second person identifier is considered to identify the second sender if at least one second person identifier condition is true, the second person identifier condition being selected from the group consisting of:
    - the second person identifier was verified using a standard method for verification of a person identifier;
      
      the second person identifier was verified by performing a successful offline action based on the second person identifier;
      
      the second person identifier was verified by successfully charging an account;
      
      the second person identifier was verified by receiving online a code sent to a mailing address;
      
      the second person identifier was verified by receiving online a code sent in a phone call;
      
      the second person identifier was verified by receiving, during a phone call, a code sent online;
      
      the second person identifier was received in conditions atypical of fraud;
      
      the second person identifier was sent a considerable period of time before the first person identifier was sent;
      
      the second person identifier was sent a considerable period of time after the first person identifier was sent;
      
      the second person identifier was sent to a service that fraudsters lack incentive to defraud;
      
      the second person identifier is associated with significant online activity typical of legitimate users;
      
      the second person identifier was provided by a trustable authorized agent of the sender of the second person identifier; and
      
      the second person identifier was verified using the trustable authorized agent.
  - 13. The computer-implemented method of claim 1 wherein the estimating is effected using at least one estimating method selected from the group consisting of:
    - Rule-based logic;
      
      An automatic learning technology;
      
      A neural network; and
      
      Probabilistic analysis.
  - 14. The computer-implemented method of claim 2 wherein the Verification Report includes at least one information element selected from the group consisting of:
    - A positive response;
      
      A negative response;
      
      the second person identifier;
      
      Verification Information of the second person identifier;
      
      A score describing a probability that the first person identifier and the second person identifier satisfy a Same Person Condition;
      
      A score describing a probability that the first sender and the second sender satisfy a Same Sender Condition;
      
      A score describing a probability that the second person identifier identifies the second sender; and
      
      A score describing a probability that the first person identifier identifies the first sender.
  - 15. The computer-implemented method of claim 14 wherein the score describing the probability that the first person identifier identifies the first sender is based on at least one parameter selected from the group consisting of:
    - A probability that the first person identifier and the second person identifier satisfy a Same Person Condition;
      
      A probability that the first sender and the second sender satisfy a Same Sender Condition;
      
      A probability that the second person identifier identifies the second sender;
      
      Difficulty in gaining access to a secret upon which the Same Sender Condition is based;
      
      Reliability of an address of the first sender;
      
      Reliability of an address of the second sender;
      
      Accuracy and reliability of external data sources used in estimating;
      
      Popularity of the first person identifier;
      
      Popularity of the second person identifier;
      
      Tendency of people to change a person identifier;
      
      Time elapsed between sending of the first person identifier and sending of the second person identifier; and
      
      Time elapsed since charging an account identified by the second person identifier.
  - 16. The computer-implemented method of claim 1, wherein the estimating further includes:
    - Sending at least one query to at least one Person Identifier Directory; and
      
      Receiving at least one response to the at least one query.
  - 17. The computer-implemented method of claim 1, further including generating at least one hash of at least a part of at least one information element selected from the group consisting of:
    - the first person identifier; and
      
      the second person identifier.
  - 18. The computer-implemented method of claim 17 further including determining a size of the at least one hash, based on at least one consideration selected from the group consisting of:
    - Information confidentiality; and
      
      An acceptable level of false verifications.
  - 19. The computer-implemented method of claim 1 wherein an entity receiving the first person identifier from the first sender is different than an entity receiving the second person identifier from the second sender.
  - 20. The computer-implemented method of claim 1, wherein estimating is repeated with at least one person identifier other than the second person identifier.
  - 21. The computer-implemented method of claim 1, further including choosing which person identifier from a plurality of person identifiers to use as the second person identifier.
  - 22. The computer-implemented method of claim 1, further including obtaining at least one sender identifier from the first sender.
  - 23. The computer-implemented method of claim 1, further including combining results of the estimating with results of at least one other method of verifying a person identifier.
  - 24. The computer-implemented method of claim 1, wherein at least one person identifier selected from the group consisting of the first person identifier and the second person identifier includes at least one information element selected from the group consisting of:
    - a full name, a first name, a middle name, a last name, name initials, a title, an address, a country, a state, a city, a street address, an apartment number, a zip code, a phone number, an email address, a financial account number, a credit card number, a bank account number, a government-issued identifier, a social security number, a driver'"'"'s license number, a national ID number, a passport number, personal characteristics, a height, a weight, a gender, a complexion, a race, and a hair color.
  - 25. The computer-implemented method of claim 1, wherein the first person identifier is sent via a data network selected from the group comprising:
    - the Internet, a private data network, a CATV data network and a mobile data network.

26. A computer-implemented system for verifying a first person identifier comprising:
- A Receiver for receiving a Verification Request including the first person identifier in a first message sent via a data network by a first sender; and
  
  A Verification Estimator for estimating whether Verification Conditions are true, the Verification Conditions including;
  
  whether the first person identifier and a second person identifier satisfy a Same Person Condition, the second person identifier being received in a second message at a different time from a time when the first message is received, the second message being sent via the data network by a second sender, wherein the Same Person Condition is satisfied if the first person identifier and the second person identifier have a Same Person Relation that includes at least one relation between the first person identifier and the second person identifier selected from the group consisting of;
  
  the first person identifier and the second person identifier include substantially similar portions, the first person identifier and the second person identifier are verified against encrypted person identifier information stored in a user device, the encrypted person identifier information being accessed upon request to an encrypting authority, the first person identifier and the second person identifier include geographically proximate geographical parameters, and each of the first person identifier and the second person identifier has a respective Same Person Relation with a third person identifier, whether the first sender and the second sender satisfy a Same Sender Condition, wherein the Same Sender Condition is satisfied if, based on a comparison between information associated with the first message and information associated with the second message, the first message and the second message have a Same Sender Relation that includes at least one relation, between the first message and the second message, selected from the group consisting of;
  
  there is a relation between a reliable network address of the first sender and a reliable network address of the second sender, a first secret known to the first sender and a second secret contained in the second message are derivatives of a common secret, and each of the first message and the second message has a respective Same Sender Relation with a third message, and whether the second person identifier, previously determined to satisfy a Same Person Condition in relation to the first person identifier, identifies the second sender, previously determined to satisfy a Same Sender Condition in relation to the first sender.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. The computer-implemented system of claim 26, further comprising a Reporter for sending a Verification Report indicating whether the first person identifier identifies the first sender, the Verification Report being based on output of the Verification Estimator.
  - 28. The computer-implemented system of claim 26, further including a Person Identifier Directory Query Module for sending a query to a Person Identifier Directory and receiving a response to the query, the response then used by the Verification Estimator.
  - 29. The computer-implemented system of claim 28, further including at least one Person Identifier Directory.
  - 30. The computer-implemented system of claim 26, further including a Person Identifier-Sender Identifier Database Query Module for sending a query to at least one Person Identifier-Sender Identifier Database and receiving a response to the query, the response then used by the Verification Estimator.
  - 31. The computer-implemented system of claim 30, further including at least one Person Identifier-Sender Identifier Database.
  - 32. The computer-implemented system of claim 26, further including a Hash Generator for generating at least one hash of at least a part of at least one information element selected from the group comprising:
    - the first person identifier; and
      
      the second person identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Paypal Israel Ltd. (PayPal Holdings, Inc.)
Original Assignee
eBay Inc.
Inventors
Wilf, Saar, Shaked, Shvat
Primary Examiner(s)
JOHNSON, GREGORY L

Application Number

US10/492,920
Publication Number

US 20040243832A1
Time in Patent Office

4,136 Days
Field of Search

None
US Class Current

705/35
CPC Class Codes

G06F 21/33   using certificates

G06Q 10/10   Office automation; Time man...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G07C 9/33   by means of a password

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 63/126   the source of the received ...

H04L 63/168   above the transport layer

Verification of a person identifier received online

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of a person identifier received online

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links