Protecting multi-factor authentication

US 9,275,228 B2
Filed: 02/20/2014
Issued: 03/01/2016
Est. Priority Date: 02/20/2013
Status: Active Grant

First Claim

Patent Images

1. A method for online fraud prevention comprising:

monitoring state information of a first and a second device, both of which are associated with a single user, the state information indicating whether or not the device associated with the respective state information has been active on an Internet domain; and

during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participating in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;

wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods are detailed for online fraud prevention. In one approach state information of a first and a second device is monitored, both of which are associated with one user. During a multi-factor authentication procedure which utilizes at least one of the first and the second devices for authorizing a transaction by an Internet domain, a security server participates in a supplemental security procedure which is conditional on the monitored state information. In another approach the second device receives a message that is ostensibly related to multi-factor authorization by an Internet domain, and in response sends a query about state information of the first device. Based on the response to the query that indicates the state information, the second device performs a supplemental security procedure.

Citations

12 Claims

1. A method for online fraud prevention comprising:
- monitoring state information of a first and a second device, both of which are associated with a single user, the state information indicating whether or not the device associated with the respective state information has been active on an Internet domain; and
  
  during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participating in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;
  
  wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device.
- View Dependent Claims (2, 3, 4)
- - 2. The method according to claim 1, wherein:
    - for a case in which the authenticity of the application cannot be verified, the supplemental security procedure comprises signalling the second device that state information for the first device has changed within the prescribed period of time.
  - 3. The method according to claim 2, wherein:
    - the first device is a personal computer (PC) and the second device is a mobile device.
  - 4. The method according to claim 3, wherein the method is executed by at least one computer server which monitors the state information via a client software application installed in at least the mobile device.

5. An apparatus comprising a processing system, the processing system comprising at least one processor and a memory storing a set of computer instructions such that the processing system is configured to cause the apparatus at least to:
- monitor state information of a first and a second device, both of which are associated with a single user, the respective state information indicating whether or not the device associated with the state information has been active on an Internet domain; and
  
  during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participate in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;
  
  wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device.
- View Dependent Claims (6, 7)
- - 6. The apparatus according to claim 5, wherein:
    - for a case in which the authenticity of the application cannot be verified, the supplemental security procedure comprises signalling the second device that state information for the first device has changed within the prescribed period of time.
  - 7. The apparatus according to claim 6, wherein:
    - the first device is a personal computer (PC), the second device is a mobile device different from the PC, and the apparatus comprises at least one computer server which monitors the state information via a client software application installed in at least the mobile device.

8. A method for online fraud prevention comprising:
- receiving a message at a second device associated with a single user, the message including an application to be installed on the second device or a link to such an application and the message is recognizable as being related to multi-factor authentication by an Internet domain and the application is recognizable as being from the Internet domain;
  
  in response to the second device receiving the message and further determining that the application is not trusted, the second device sending a query about state information of a first device associated with the user, the state information identifying whether or not the first device has been active on an Internet domain; and
  
  based on a response to the query that indicates the state information of the first device, performing a supplemental security procedure to the second device.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method according to claim 8, wherein for a case in which the second device determines that the application is not trusted, the supplemental security procedure comprises the second device performing at least one of:
    - notifying the user that the application may be malware;
      
      blocking installation of the application on the second device; and
      
      sending a fraud alert about the application to the Internet domain.
  - 10. The method according to claim 8, wherein:
    - the message is part of a multi-factor authentication of the user by the Internet domain; and
      
      the supplemental security procedure is performed whenever the response to the query indicates that the first device has been active on the Internet domain.
  - 11. The method according to claim 10, wherein the supplemental security procedure comprises the second device prompting the user that the multi-factor authentication appears suspicious and further comprises conditioning completion of the multi-factor authentication on a positive response to the prompting being entered at the second device.
  - 12. The method according to claim 8, wherein:
    - the first device is a personal computer (PC) and the second device is a mobile device which executes the method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Withsecure Corporation
Original Assignee
F-Secure Corporation (F-Secure Oyj)
Inventors
Niemela, Jarno, Kesti, Veli-Jussi
Primary Examiner(s)
Avery, Jeremiah

Application Number

US14/184,845
Publication Number

US 20140237591A1
Time in Patent Office

740 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 2463/082   applying multi-factor authe...

H04L 63/0853   using an additional device,...

Protecting multi-factor authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Protecting multi-factor authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links