Systems and methods of sharing information through a tag-based consortium

US 9,112,850 B1
Filed: 03/25/2010
Issued: 08/18/2015
Est. Priority Date: 03/25/2009
Status: Active Grant

First Claim

Patent Images

1. A fraud detection consortium, comprising:

a plurality of online company servers for online companies that provide a service;

an authentication repository that connects to the plurality of online company servers over a communications network; and

a user computer that connects to an online company server of the plurality of online company servers over a communications network to use the provided service;

wherein the online company server receives information about the user computer and transmits the information about the user computer to the authentication repository, andwherein the authentication repository, with aid of one or more processors;

checks for tag-based information about the user computer collected from the plurality of online company servers,receives the tag-based information including a tag-generation time stamp from the user computer, wherein the tag-generation time stamp is indicative of the time that the tag-based information was generated,shares the tag-based information including the tag-generation time stamp with the plurality of online companies,analyzes the time that the tag-based information was generated as part of a fraud detection analysis,initiates a fraud detection protocol that provides an indication of an increased likelihood of fraud when the tag-generation time stamp is created within less than a predetermined time interval of initiation of said fraud detection protocol,conducts further fraud analysis when the indication of the increased likelihood of fraud is provided utilizing the authentication repository, to measure an amount of tag-based information received within a particular time period, and created within less than the predetermined time interval, andconveys information about the further fraud analysis to the plurality of online companies.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides one or more consortia of networks that identify and share information about users and/or user devices. User devices may be identified by tag-based computer information. A time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity. The invention may be use for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, reputation-based communities, and law enforcement.

170 Citations

View as Search Results

30 Claims

1. A fraud detection consortium, comprising:
- a plurality of online company servers for online companies that provide a service;
  
  an authentication repository that connects to the plurality of online company servers over a communications network; and
  
  a user computer that connects to an online company server of the plurality of online company servers over a communications network to use the provided service;
  
  wherein the online company server receives information about the user computer and transmits the information about the user computer to the authentication repository, andwherein the authentication repository, with aid of one or more processors;
  
  checks for tag-based information about the user computer collected from the plurality of online company servers,receives the tag-based information including a tag-generation time stamp from the user computer, wherein the tag-generation time stamp is indicative of the time that the tag-based information was generated,shares the tag-based information including the tag-generation time stamp with the plurality of online companies,analyzes the time that the tag-based information was generated as part of a fraud detection analysis,initiates a fraud detection protocol that provides an indication of an increased likelihood of fraud when the tag-generation time stamp is created within less than a predetermined time interval of initiation of said fraud detection protocol,conducts further fraud analysis when the indication of the increased likelihood of fraud is provided utilizing the authentication repository, to measure an amount of tag-based information received within a particular time period, and created within less than the predetermined time interval, andconveys information about the further fraud analysis to the plurality of online companies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 28, 29, 30)
- - 2. The consortium of claim 1 wherein the tag-based information gathered by the authentication repository also includes user identifiers.
  - 3. The consortium of claim 1 wherein the tag-based information is stored on the user computer as a cookie, local shared object, flash object, text protocol, or lines of code.
  - 4. The consortium of claim 1 wherein the tag-based information is encrypted.
  - 5. The consortium of claim 4 wherein the authentication repository has a decryptor to decrypt the encrypted tag-based information.
  - 6. The consortium of claim 1 wherein the tag-based information expires from a memory of the user computer after a predetermined amount of time.
  - 7. The consortium of claim 1 wherein the tag-generation time stamp is generated based on time provided at the user computer.
  - 8. The consortium of claim 7 wherein the further fraud analysis includes analyzing the format of the tag-generation time stamp.
  - 28. The consortium of claim 1 wherein the further fraud analysis includes an analysis of whether the user computer is trying to access an account with the online company, wherein the account had not been accessed for a predetermined period of time.
  - 29. The consortium of claim 1 wherein a difference between a time of said fraud detection analysis and when the tag-generation time stamp is created is indicative of an age of the tag-based information.
  - 30. The consortium of claim 1 wherein the further fraud analysis includes analyzing when a threshold number of accounts are accessed within a predetermined period of time, said accesses all having associated tag-generation time stamps created within the predetermined time interval of initiation of the fraud detection protocol.

9. A network security system for an online organization comprising:
- a computer network having a series of one or more web servers accessible by customer network devices, wherein the customer network devices include;
  
  a first time stamped computer tag communicated to a first web server over a communications network while accessing a user account, wherein a first time stamp of the first time stamped computer tag is indicative of a time the first time stamped computer tag was created; and
  
  a second time stamped computer tag communicated to a second web server over a communications network while accessing a user account, wherein a second time stamp of the second time stamped computer tag is indicative of a time the second time stamped computer was created; and
  
  a fraud detection system containing a fraud detection server for analyzing the first time stamped computer tag and the second time stamped computer tag received from the network devices to determine when they were created as part of a fraud risk analysis associated with user accounts, wherein the fraud detection system initiates a fraud detection protocol that provides an indication of an increased likelihood of fraud when the first time stamped computer tag or the second time stamped computer tag is created within less than a predetermined time interval of initiation of said fraud risk protocol, wherein the fraud detection system conducts further fraud analysis when the indication of the increased likelihood of fraud is provided to measure a number of time stamped computer tags received within a particular time period and created within less than the predetermined time interval, and wherein the fraud detection system conveys information about the further fraud analysis to the first web server and the second web server.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9 wherein the first time stamped computer tag is provided based on a time at a user device from which the user account is accessed, and the second time stamped computer tag is generated based on a time at a user device from which the user account is accessed.
  - 11. The system of claim 10 wherein the first time stamped computer tag and the second time stamped computer tag include time stamps of at least one of the following:
    - when they were delivered to the user device, or when they were generated at the user device.
  - 12. The system of claim 11 wherein the time stamps are encrypted.
  - 13. The system of claim 10 wherein the time stamps are stored as a hashed string.
  - 14. The system of claim 9 wherein the fraud detection system includes a decryptor that decrypts the first time stamped computer tag and the second time stamped computer tag.
  - 15. The system of claim 9 wherein the fraud detection system considers time stamp information aside from the rest of the time stamped computer tags.

16. A method for detecting fraud in a consortia comprising:
- creating a first computer tag in the course of a first online transaction, and a second computer tag in the course of a second online transaction, wherein each computer tag includes time stamp information indicative of the time at the creation of each computer tag;
  
  sharing the first computer tag and the second computer tag with one or more institutions of the consortium;
  
  generating, with aid of one or more processors, a matching parameter based on a comparison of information provided by the first computer tag and the second computer tag not including the time stamp information;
  
  initiating a fraud detection protocol that provides an indication of an increased likelihood of fraud when the first computer tag or the second computer tag is created within less than a predetermined time interval of initiation of said fraud detection protocol;
  
  conducting further fraud analysis when the indication of the increased likelihood of fraud is provided to measure a number of computer tags received within a particular time period and created within less than the predetermined time interval; and
  
  conveying, to the one or more institutions, information about the further fraud analysis.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The method of claim 16 wherein the information about the further fraud analysis includes an indication whether the second transaction is fraudulent, not fraudulent, or requires further analysis.
  - 18. The method of claim 17 further comprising blocking the second transaction based on the likelihood of fraudulent transaction.
  - 19. The method of claim 16 further comprising providing an authentication repository that connects to the one or more institutions, shares the first computer tag and the second computer tag with the one or more institutions, and assesses the likelihood of fraudulent transaction.
  - 20. The method of claim 19 wherein the authentication repository shares the first computer tag and the second computer tag with one or more institutions in one or more consortia.
  - 21. The method of claim 19 wherein the authentication repository shares the first computer tag and the second computer tag with one or more authentication repositories.

22. A method for detecting fraud in a consortia comprising:
- creating a first computer tag in the course of a first online transaction with a first device, and a second computer tag in the course of a second online transaction with a second device, wherein the first computer tag includes a first time stamp indicative of the time of creation of the first computer tag and the second computer tag includes a second time stamp indicative of the time of creation of the second computer tag;
  
  sharing the first computer tag and the second computer tag with one or more institutions of the consortium;
  
  initiating a fraud detection protocol that provides an indication of an increased likelihood of fraud when the first computer tag or the second computer tag is created within less than a predetermined time interval of initiation of said fraud detection protocol;
  
  conducting further fraud analysis when the indication of the increased likelihood of fraud is provided to measure a number of computer tags received within a particular time period and created within less than the predetermined time interval; and
  
  conveying information about the further fraud analysis the one or more institutions of the consortium.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The method of claim 22 wherein a format of the first time stamp is compared with a format of the second time stamp to assist with assessing risk of fraud.
  - 24. The method of claim 22 further comprising storing the first time stamp and the second time stamp in a time stamp database.
  - 25. The method of claim 22 wherein the first time stamp is based on a clock of the first device and the second time stamp is based on a clock of the second device.
  - 26. The method of claim 22 wherein the first time stamp is based on a clock of a server that provided the first computer tag and the second time stamp is based on a clock of a server that provided the second computer tag.
  - 27. The method of claim 22 wherein the first time stamp and the second time stamps are based on a consortium reference time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The 41st Parameter, Inc. (Experian plc)
Original Assignee
The 41st Parameter, Inc. (Experian plc)
Inventors
Eisen, Ori
Primary Examiner(s)
LANIER, BENJAMIN E

Application Number

US12/732,034
Time in Patent Office

1,972 Days
Field of Search

726/29
US Class Current

1/1
CPC Class Codes

G06Q 2220/00   Business processing using c...

G06Q 40/02   Banking, e.g. interest calc...

G06Q 50/265   Personal security, identity...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/10   for controlling access to d...

H04L 63/1408   by monitoring network traff...

H04L 63/1483   service impersonation, e.g....

Systems and methods of sharing information through a tag-based consortium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

170 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods of sharing information through a tag-based consortium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

170 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links