×

Using packet interception to integrate risk-based user authentication into online services

  • US 8,683,568 B1
  • Filed: 09/22/2011
  • Issued: 03/25/2014
  • Est. Priority Date: 09/22/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method, performed by a network analyzer device connected to a network, the method comprising:

  • sniffing packets traversing the network between a web-based application server and a user machine, the user machine being operated by a user;

    analyzing the sniffed packets to extract event information relating to interaction events between the user machine and the web-based application server; and

    sending the extracted event information to an authentication server for risk-based authentication of the user;

    wherein;

    analyzing the sniffed packets to extract event information relating to interaction events between the user machine and the web-based application server includes examining the sniffed packets to detect specific interaction events that occur between the user machine and the web-based application server at an application layer;

    the specific interaction events include events drawn from a set of application-layer events;

    the authentication server is configured to perform risk-based authentication of the user by analyzing the specific interaction events drawn from the set of application-layer events; and

    the web-based application server provides a secure online banking service to the user as the web-based application.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×