Protecting multi-factor authentication
First Claim
1. A method for online fraud prevention comprising:
- monitoring state information of a first and a second device, both of which are associated with a single user, the state information indicating whether or not the device associated with the respective state information has been active on an Internet domain; and
during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participating in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;
wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods are detailed for online fraud prevention. In one approach state information of a first and a second device is monitored, both of which are associated with one user. During a multi-factor authentication procedure which utilizes at least one of the first and the second devices for authorizing a transaction by an Internet domain, a security server participates in a supplemental security procedure which is conditional on the monitored state information. In another approach the second device receives a message that is ostensibly related to multi-factor authorization by an Internet domain, and in response sends a query about state information of the first device. Based on the response to the query that indicates the state information, the second device performs a supplemental security procedure.
-
Citations
12 Claims
-
1. A method for online fraud prevention comprising:
-
monitoring state information of a first and a second device, both of which are associated with a single user, the state information indicating whether or not the device associated with the respective state information has been active on an Internet domain; and
during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participating in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus comprising a processing system, the processing system comprising at least one processor and a memory storing a set of computer instructions such that the processing system is configured to cause the apparatus at least to:
-
monitor state information of a first and a second device, both of which are associated with a single user, the respective state information indicating whether or not the device associated with the state information has been active on an Internet domain; and
during a multi-factor authentication procedure which utilizes at least the second device for authorizing a transaction by the Internet domain, participate in a supplemental security procedure that comprises sending information about the monitored state information of the first device to the second device;wherein for a case in which the sent information about the monitored state information of the first device indicates that the user has entered identifying user information at the Internet domain via the first device within a prescribed period of time, the supplemental security procedure comprises checking authenticity of an application on the second device or of an application for which there is an installation link on the second device. - View Dependent Claims (6, 7)
-
-
8. A method for online fraud prevention comprising:
-
receiving a message at a second device associated with a single user, the message including an application to be installed on the second device or a link to such an application and the message is recognizable as being related to multi-factor authentication by an Internet domain and the application is recognizable as being from the Internet domain; in response to the second device receiving the message and further determining that the application is not trusted, the second device sending a query about state information of a first device associated with the user, the state information identifying whether or not the first device has been active on an Internet domain; and
based on a response to the query that indicates the state information of the first device, performing a supplemental security procedure to the second device. - View Dependent Claims (9, 10, 11, 12)
-
Specification