Customer notification program alerting customer-specified network address of unauthorized access attempts to customer account
DC CAFCFirst Claim
1. A system for authorizing a request for remote access to customer account information, comprising:
- a server configured to receive the request via a network from a remote computing device;
a database storing the customer account information accessible by the server; and
memory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for(a) identifying, responsive to the server receiving the request, the remote computing device fingerprint and by a requesting location;
(b) determining whether the device fingerprint matches any of a number of device fingerprints previously authorized to access the customer account information;
(c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to an address of a separate device specified by the customer, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location;
(d) resolving the request responsive to a reply to the notification; and
(e) if resolving the request responsive to a reply to the notification results in permitting authorized access to the customer account information by the remote computing device, storing the device fingerprint as a previously authorized device fingerprint and associating the device fingerprint with the customer account information.
3 Assignments
Litigations
1 Petition
Accused Products
Abstract
A network security system includes a server configured to receive an access request via a network from a remote computing device, a database storing customer account information accessible by the server, and memory accessible by the server and storing a customer notification program. When executed by the server, the program identifies the remote computing device by a device fingerprint and requesting location, determines whether the device fingerprint matches any authorized device fingerprints stored in the database and sends, responsive to a mismatch between the device fingerprint and the authorized device fingerprints, a notification of the request to a customer-specified address. The notification indicates the request, the identity of the remote computing device, and the requesting location. The program may resolve the request responsive to a reply to the notification from the customer-specified address.
122 Citations
21 Claims
-
1. A system for authorizing a request for remote access to customer account information, comprising:
-
a server configured to receive the request via a network from a remote computing device;
a database storing the customer account information accessible by the server; andmemory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for (a) identifying, responsive to the server receiving the request, the remote computing device fingerprint and by a requesting location; (b) determining whether the device fingerprint matches any of a number of device fingerprints previously authorized to access the customer account information; (c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to an address of a separate device specified by the customer, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location; (d) resolving the request responsive to a reply to the notification; and (e) if resolving the request responsive to a reply to the notification results in permitting authorized access to the customer account information by the remote computing device, storing the device fingerprint as a previously authorized device fingerprint and associating the device fingerprint with the customer account information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 17, 18, 19, 20, 21)
-
-
15. A system for authorizing a request for remote access to customer account information, comprising:
-
a server configured to receive the request via a network from a remote computing device; a database storing the customer account information accessible by the server; and memory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for (a) identifying, responsive to the server receiving the request, the remote computing device by a device fingerprint and by a requesting location; (b) determining whether the device fingerprint matches any of a number of device fingerprints authorized to access the customer account information; and (c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to a customer-specified address, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location; wherein the determining step further comprises; determining based on the device fingerprint whether the remote computing device is a non-mobile computing device; determining whether the requesting location is an abnormal location; and if the remote computing device is a non-mobile computing device and if the requesting location is an abnormal location, bypassing the sending step and disapproving the request.
-
-
16. A system for authorizing a request for remote access to customer account information, comprising:
-
a server configured to receive the request via a network from a remote computing device; a database storing the customer account information accessible by the server; and memory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for (a) identifying, responsive to the server receiving the request, the remote computing device by a device fingerprint and by a requesting location; (b) determining whether the device fingerprint matches any of a number of device fingerprints authorized to access the customer account information; and (c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to a customer-specified address, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location; wherein the determining step further comprises; determining based on the device fingerprint whether the remote computing device is a mobile device; determining whether the requesting location is a preauthorized temporary location specified in the customer account information; determining whether timing of the request falls within the time limits specified for the temporary location; and if the remote computing device is a mobile device, if the requesting location matches the preauthorized temporary location, and if the timing of the request falls within the specified time limits, bypassing the sending step and approving the request.
-
Specification