In-application commerce system and method with fraud prevention, management and control
First Claim
1. An in-application fraud prevention, management and control system comprising:
- a web application server comprising a network communication device, a processor and a memory, the memory having executable instructions stored thereon and executed by the processor, the executable instructions configured to access a database of administrator-defined and configured user behavior events specific to an internet-accessible on-line application and indicating fraudulent behavior, the executable instructions further configured to allow a user to access and interact with the internet-accessible on-line application stored in memory while the system performs user behavior tracking for the configured events;
an e-commerce transaction server providing in-application purchasing, operatively connected to the web application server through the network communication device, comprising a processor and a memory and further comprising;
an account management module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to perform the operations of managing a user account, the user account comprising a fraud score which is a sum of fraud points or a user wallet with a personal threshold for making in-application purchases;
a communications module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to receive event messages from third party systems comprising offer companies, payment providers or technology firms or other applications with which the user'"'"'s user wallet has been integrated;
from the on-line application; and
from within the e-commerce system;
a fraud defender module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to perform a method of;
determining a risk classification applicable to the user;
assigning positive or negative fraud points based on customer-specified, configurable rules defining the events to utilize in generating a fraud score, the rules stored in a fraud database and applied to the event messages received at the communications module via batch and messaging frameworks and associated with particular user behavior occurring in the on-line application, third party systems with which the user wallet has been integrated, or from within the e-commerce system;
updating the fraud score for the user account based on the assigned fraud points in near real time; and
applying application fraud controls in near real time to limit the features available to users within the risk classification, for subsequent user transactions, in response to the updated fraud score and the risk classification, the controls applied to at least one of the following application features available to the user;
(i) offers, (ii) allowed payment types and (iii) reverse wallet thresholds, the application fraud controls changable in near real time as the user interacts with the internet-accessible on-line application.
6 Assignments
0 Petitions
Accused Products
Abstract
A full-service turn-key in-application commerce solution with fraud detection is disclosed that provides web service interfaces to a commerce system. The in-application solution features fraud detection with user behavior tracking and fraud controls that limit the features that are offered to a user. Fraud detection involves input from the application, the commerce system, or third party systems. User fraud scores are updated frequently as events are processed. Controls are applied to the user account based on the user fraud score and risk classifications for ranges of fraud scores. An in-application solution also features a wallet with a personal threshold for microtransaction spending, limiting the amount that the user is allowed to spend before a wallet is cleared. The wallet is integrated with the fraud detection such that the personal threshold is determined from the user'"'"'s latest fraud score.
-
Citations
36 Claims
-
1. An in-application fraud prevention, management and control system comprising:
-
a web application server comprising a network communication device, a processor and a memory, the memory having executable instructions stored thereon and executed by the processor, the executable instructions configured to access a database of administrator-defined and configured user behavior events specific to an internet-accessible on-line application and indicating fraudulent behavior, the executable instructions further configured to allow a user to access and interact with the internet-accessible on-line application stored in memory while the system performs user behavior tracking for the configured events; an e-commerce transaction server providing in-application purchasing, operatively connected to the web application server through the network communication device, comprising a processor and a memory and further comprising; an account management module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to perform the operations of managing a user account, the user account comprising a fraud score which is a sum of fraud points or a user wallet with a personal threshold for making in-application purchases; a communications module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to receive event messages from third party systems comprising offer companies, payment providers or technology firms or other applications with which the user'"'"'s user wallet has been integrated;
from the on-line application; and
from within the e-commerce system;a fraud defender module containing program code stored in memory which when executed by the processor in the e-commerce transaction server causes the e-commerce transaction server to perform a method of; determining a risk classification applicable to the user; assigning positive or negative fraud points based on customer-specified, configurable rules defining the events to utilize in generating a fraud score, the rules stored in a fraud database and applied to the event messages received at the communications module via batch and messaging frameworks and associated with particular user behavior occurring in the on-line application, third party systems with which the user wallet has been integrated, or from within the e-commerce system; updating the fraud score for the user account based on the assigned fraud points in near real time; and applying application fraud controls in near real time to limit the features available to users within the risk classification, for subsequent user transactions, in response to the updated fraud score and the risk classification, the controls applied to at least one of the following application features available to the user;
(i) offers, (ii) allowed payment types and (iii) reverse wallet thresholds, the application fraud controls changable in near real time as the user interacts with the internet-accessible on-line application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for managing the risk of fraudulent transactions performed by users of an internet application stored and processed on a web application server, the internet application operatively connected to an in-application e-commerce system transaction server and third-party systems, the method comprising steps of:
-
maintaining a user account in the e-commerce system transaction server, the user account comprising a wallet for making in-application purchases and a fraud score which is a sum of fraud points; receiving event messages through the network, wherein event messages related to user behavior tracked as the user interacts with the internet application, from the internet application, third-party systems with which the user'"'"'s wallet is integrated, or the in-application e-commerce system for a user associated with the user account; assigning positive or negative fraud points based on the received event messages associated with particular user behavior occurring in the internet application, third-party systems or the in-application e-commerce system; updating the fraud score for the user account based the assigned fraud points in near real time; determining a risk classification based on the assigned fraud points; and applying fraud controls in near real time to limit the features of the internet application available to users within a risk classification, for the user'"'"'s subsequent interaction with the internet application based on the user'"'"'s updated fraud score and risk classification, where the controls are applied to at least one of the following features available to the user;
(i) offers, (ii) allowed payment types and (iii) reverse wallet thresholds, the fraud controls changable in near real time as the user interacts with the internet application. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification