System for automated prevention of fraud

US 8,826,400 B2
Filed: 12/28/2012
Issued: 09/02/2014
Est. Priority Date: 01/02/2012
Status: Active Grant

First Claim

Patent Images

1. A system for preventing fraud of a web service offered by a service provider at a website, which comprises:

a fake credential distributor for automatically creating a set of valid but fake credentials to access such website of the service provider and for distributing such set of fake credentials to a plurality of predefined websites;

a fake user database including at least said set of fake credentials;

a real-time monitor connected between any possible user connection to such website and the service provider for real-time monitoring any user login attempt from any origin network location to the website, and for comparing the credentials used in such user login attempt with the set of fake credentials in the fake user database, and if the credentials used in such user login attempt coincide with any fake credential in the fake user database, such origin network location is added to an internal list of tainted connections; and

if there is any other login attempt of a user from an origin network location in said list of tainted connections, said user access request is refused, even when it is using real credentials and such user is redirected to a pre-established webpage not enabling such user to access the web service.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for preventing fraud at a service provider'"'"'s website has a fake credential distributor for creating a set of valid but fake credentials to access such website and distributing such set to a plurality of predefined websites, a fake user database including said set of fake credentials and a monitor for real-time monitoring any user login attempt from any origin network location to the website and comparing the credentials used in such user login attempt with the set of fake credentials in the fake user database. If the credentials used in such a login attempt coincide with any fake credential in the fake user database, such origin network location is added to a tainted connections list; and if there is another login attempt of a user from a network location in said tainted connections list, said user access request is refused even when it is using real credentials.

20 Citations

View as Search Results

16 Claims

1. A system for preventing fraud of a web service offered by a service provider at a website, which comprises:
- a fake credential distributor for automatically creating a set of valid but fake credentials to access such website of the service provider and for distributing such set of fake credentials to a plurality of predefined websites;
  
  a fake user database including at least said set of fake credentials;
  
  a real-time monitor connected between any possible user connection to such website and the service provider for real-time monitoring any user login attempt from any origin network location to the website, and for comparing the credentials used in such user login attempt with the set of fake credentials in the fake user database, and if the credentials used in such user login attempt coincide with any fake credential in the fake user database, such origin network location is added to an internal list of tainted connections; and
  
  if there is any other login attempt of a user from an origin network location in said list of tainted connections, said user access request is refused, even when it is using real credentials and such user is redirected to a pre-established webpage not enabling such user to access the web service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system according to claim 1, wherein adding an origin network location to the internal list of tainted connections is carried out by means of IP address, geolocation, and/or persistent cookie injection.
  - 3. The system according to claim 1, wherein each origin network location in the internal list of tainted connections is also associated with one of a plurality of predefined websites that have been poisoned.
  - 4. The system according to claim 1, wherein a plurality of predefined websites to be poisoned is pre-populated by an external user of the system by means of an interface.
  - 5. The system according to claim 1, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 6. The system according to claim 2, wherein each origin network location in the internal list of tainted connections is also associated with one of a plurality of predefined websites that have been poisoned.
  - 7. The system according to claim 2, wherein a plurality of predefined websites to be poisoned is pre-populated by an external user of the system by means of an interface.
  - 8. The system according to claim 3, wherein the plurality of predefined websites to be poisoned is pre-populated by an external user of the system by means of an interface.
  - 9. The system according to claim 6, wherein the plurality of predefined websites to be poisoned is pre-populated by an external user of the system by means of an interface.
  - 10. The system according to claim 2, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 11. The system according to claim 3, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 12. The system according to claim 4, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 13. The system according to claim 6, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 14. The system according to claim 7, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 15. The system according to claim 8, wherein each credential includes one or more of the following:
    - username, password and PIN.
  - 16. The system according to claim 9, wherein each credential includes one or more of the following:
    - username, password and PIN.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonica SA
Original Assignee
Telefonica SA
Inventors
Amaya Calvo, Antonio Manuel, Pastor Perales, Antonio Agustin
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Zoubair, Noura

Application Number

US13/730,197
Publication Number

US 20130212658A1
Time in Patent Office

613 Days
Field of Search

726 2- 6, 726/22, 713168-170
US Class Current

726/6
CPC Class Codes

G06F 21/51   at application loading time...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2141   Access rights, e.g. capabil...

H04L 51/212   using filtering or selectiv...

H04L 63/0236   Filtering by address, proto...

H04L 63/083   using passwords cryptograph...

H04L 63/1441   Countermeasures against mal...

H04L 63/1483   service impersonation, e.g....

System for automated prevention of fraud

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

20 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System for automated prevention of fraud

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links