Human interaction detection

US 9,830,599 B1
Filed: 12/21/2010
Issued: 11/28/2017
Est. Priority Date: 12/21/2010
Status: Active Grant

First Claim

Patent Images

1. A method of processing an electronic transaction, the method comprising:

receiving, by a server and from a client computer connected to the server over a network, user input and peripheral device data, the client computer including an input peripheral device, the user input including electronic transaction data, the peripheral device data including a representation of a user action executed by a user on the input peripheral device in the course of generating the electronic transaction data;

performing, by the server, a validation operation on the user input and the peripheral device data, the validation operation verifying a link between the user input and the peripheral device data; and

assigning, by the server, an authorization code to the electronic transaction based on the validation operation;

wherein the peripheral device data includes a set of keystrokes and a corresponding timestamp for each keystroke in the set of keystrokes, the timestamp denoting a time of execution of the corresponding keystroke;

wherein performing the validation operation includes verifying that the set of keystrokes with each keystroke in the set of keystrokes executed at the time of execution denoted by the corresponding timestamp, produces the electronic transaction data;

wherein assigning the authorization code includes assigning, to the electronic transaction, a designation from a group of designations which includes transaction approved unconditionally, transaction approved with a flag, transaction conditionally approved pending further information received from the at least one client computer, and transaction not approved;

wherein the peripheral device data further includes a set of mouse clicks and a corresponding timestamp for each mouse click in the set of mouse clicks, the timestamp denoting a time of execution of the corresponding mouse click;

wherein performing the validation operation further includes verifying that the set of mouse clicks, each mouse click executed at the time of execution denoted by the corresponding timestamp, in addition to the set of keystrokes, produces the electronic transaction data;

wherein the peripheral device data further includes a form focus event, the form focus event denoting an identification of an active window on the client computer; and

wherein performing the validation operation further includes verifying that the set of keystrokes and the set of mouse clicks includes only those keystrokes and mouse clicks with time stamps corresponding to a form focus event for a window whose identification is associated with the electronic transaction on the client computer.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved technique of processing an electronic transaction is disclosed. In the improved technique, a validation operation is performed on a set of standard user input and a set of peripheral device data received by a server connected to a client computer, the validation operation verifying a link between the set of standard user input and the set of peripheral device data. Based on results of the validation operation, an authorization code is assigned to the electronic transaction.

Citations

14 Claims

1. A method of processing an electronic transaction, the method comprising:
- receiving, by a server and from a client computer connected to the server over a network, user input and peripheral device data, the client computer including an input peripheral device, the user input including electronic transaction data, the peripheral device data including a representation of a user action executed by a user on the input peripheral device in the course of generating the electronic transaction data;
  
  performing, by the server, a validation operation on the user input and the peripheral device data, the validation operation verifying a link between the user input and the peripheral device data; and
  
  assigning, by the server, an authorization code to the electronic transaction based on the validation operation;
  
  wherein the peripheral device data includes a set of keystrokes and a corresponding timestamp for each keystroke in the set of keystrokes, the timestamp denoting a time of execution of the corresponding keystroke;
  
  wherein performing the validation operation includes verifying that the set of keystrokes with each keystroke in the set of keystrokes executed at the time of execution denoted by the corresponding timestamp, produces the electronic transaction data;
  
  wherein assigning the authorization code includes assigning, to the electronic transaction, a designation from a group of designations which includes transaction approved unconditionally, transaction approved with a flag, transaction conditionally approved pending further information received from the at least one client computer, and transaction not approved;
  
  wherein the peripheral device data further includes a set of mouse clicks and a corresponding timestamp for each mouse click in the set of mouse clicks, the timestamp denoting a time of execution of the corresponding mouse click;
  
  wherein performing the validation operation further includes verifying that the set of mouse clicks, each mouse click executed at the time of execution denoted by the corresponding timestamp, in addition to the set of keystrokes, produces the electronic transaction data;
  
  wherein the peripheral device data further includes a form focus event, the form focus event denoting an identification of an active window on the client computer; and
  
  wherein performing the validation operation further includes verifying that the set of keystrokes and the set of mouse clicks includes only those keystrokes and mouse clicks with time stamps corresponding to a form focus event for a window whose identification is associated with the electronic transaction on the client computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as in claim 1, wherein assigning the authorization code further includes assigning the authorization code of transaction approved with a flag to the electronic transaction when a group of keystrokes from the set of keystrokes and corresponding timestamps for each keystroke in the group of keystrokes produce a prefix of an electronic transaction datum.
  - 3. A method as in claim 1, wherein the server is a proxy server corresponding to an institutional server on which the electronic transaction is capable of being processed;
    - andwherein the method further comprises;
      
      sending, by the proxy server and to the institutional server, the authorization code.
  - 4. A method as in claim 3, wherein the client computer includes a set of user computers connected to the proxy server, the number of user computers in the set of user computers being substantially greater than one;
    - wherein the proxy server includes a set of compiled libraries; and
      
      wherein performing the validation operation includes running, on the proxy server, an executable file defined by the compiled libraries, the executable file constructed and arranged to verify, on each client computer, that each mouse click and keystroke from the set of keystrokes and the set of mouse clicks, executed at the time of execution denoted by the corresponding timestamp, produces the set of transaction data.
  - 5. A method as in claim 3, wherein the institutional server hosts a banking application for a banking institution;
    - wherein an electronic transaction includes a transfer of funds from a first account in the banking institution to a second account in the banking institution;
      
      wherein receiving the user input includes receiving a request to transfer the funds from the first account to the second account;
      
      wherein performing the validation operation includes verifying that the set of event data considered as a set of keystrokes and mouse clicks during a form focus event produces the request to transfer the funds from the first account to the second account.
  - 6. A method as in claim 1, wherein the server includes a cache;
    - wherein receiving the peripheral device data includes receiving a stream of keystrokes from the set of keystrokes, each streamed keystroke sent form the client computer to the server in real time, each streamed keystroke stored in the cache; and
      
      wherein performing the validation operation includes obtaining the received keystrokes from the cache.
  - 7. A method as in claim 1, wherein receiving the user input and the set of peripheral device data includes:
    - acquiring, as the user input, input which is manually entered by a user operating the input peripheral device, the input being pertinent to the electronic transaction, andacquiring, as the set of peripheral device data, ancillary information which is generated by the client computer;
      
      wherein performing the validation operation on the user input and the set of peripheral device data includes;
      
      generating a consistency result based on an comparison between (i) the input which is manually entered by the user and (ii) the ancillary information which is generated by the client computer, the consistency result indicating whether the user input was genuinely manually entered by the user; and
      
      wherein assigning the authentication code to the electronic transaction based on the validation operation includes;
      
      providing, as the authentication code, a first command to authorize processing of the electronic transaction when the consistency result indicates that the user input was genuinely manually entered by the user and a second command to prevent processing of the electronic transaction when the consistency result indicates that the user input was not genuinely manually entered by the user.
  - 8. A method as in claim 7, wherein the server is provisioned with a set of remedial policies;
    - and wherein providing the second command when the consistency result indicates that the user input was not genuinely manually entered by the user includes providing the user with a new authentication challenge when the set of policies includes a challenge policy directing the user to be challenged when the consistency result indicates that the user input was not genuinely manually entered by the user.

9. An electronic apparatus for processing an electronic transaction, the apparatus comprising:
- a network interface coupled to a network;
  
  a memory; and
  
  a processor coupled to the memory, the processor programmed to perform the operations of;
  
  receiving, from a client computer connected to the apparatus over a network, a user input and a set of standard peripheral device data, the client computer including an input peripheral device, the user input including electronic transaction data, the peripheral device data including a representation of a user action executed by a user on the input peripheral device in the course of generating the electronic transaction data;
  
  performing a validation operation on the user input and the peripheral device data, the validation operation verifying a link between the user input and the peripheral device data; and
  
  assigning an authorization code to the electronic transaction based on the validation operation;
  
  wherein the peripheral device data includes a set of keystrokes and a corresponding timestamp for each keystroke in the set of keystrokes, the timestamp denoting a time of execution of the corresponding keystroke;
  
  wherein performing the validation operation includes verifying that the set of keystrokes with each keystroke in the set of keystrokes executed at the time of execution denoted by the corresponding timestamp, produces the electronic transaction data;
  
  wherein assigning the authorization code includes assigning, to the electronic transaction, a designation from a group of designations which includes transaction approved unconditionally, transaction approved with a flag, transaction conditionally approved pending further information received from the at least one client computer, and transaction not approved;
  
  wherein the peripheral device data further includes a set of mouse clicks and a corresponding timestamp for each mouse click in the set of mouse clicks, the timestamp denoting a time of execution of the corresponding mouse click;
  
  wherein performing the validation operation further includes verifying that the set of mouse clicks, each mouse click executed at the time of execution denoted by the corresponding timestamp, in addition to the set of keystrokes, produces the data in the set of transaction data;
  
  wherein the peripheral device data further includes a form focus event, the form focus event denoting an identification of an active window on the client computer; and
  
  wherein performing the validation operation further includes verifying that the set of keystrokes and the set of mouse clicks includes only those keystrokes and mouse clicks with time stamps corresponding to a form focus event for a window whose identification is associated with the electronic transaction on the client computer.
- View Dependent Claims (10, 11)
- - 10. An apparatus as in claim 9, wherein assigning the authorization code further includes assigning the authorization code of transaction approved with a flag to the electronic transaction when a group of keystrokes from the set of keystrokes and corresponding timestamps for each keystroke in the group of keystrokes produce a prefix of an electronic transaction datum.
  - 11. An apparatus as in claim 9, further comprising a cache;
    - wherein receiving the set of peripheral device data includes receiving a stream of keystrokes from the set of keystrokes, each streamed keystroke sent form the client computer to the server in real time, each streamed keystroke stored in the cache; and
      
      wherein performing the validation operation includes obtaining the received keystrokes from the cache.

12. A computer program product having a non-transitory computer readable storage medium which stores a set of instructions to process an electronic transaction, the set of instructions, when carried out by a server, causing the server to perform a method of:
- receiving, from a client computer connected to the server over a network, user input and peripheral device data, the client computer including an input peripheral device, the user input including electronic transaction data, the peripheral device data including a representation of a user action executed by a user on the input peripheral device in the course of generating the electronic transaction data;
  
  performing a validation operation on the user input and the peripheral device data, the validation operation verifying a link between the user input and the set of peripheral device data; and
  
  assigning an authorization code to the electronic transaction based on the validation operation;
  
  wherein the peripheral device data includes a set of keystrokes and a corresponding timestamp for each keystroke in the set of keystrokes, the timestamp denoting a time of execution of the corresponding keystroke;
  
  wherein performing the validation operation includes verifying that the set of keystrokes with each keystroke in the set of keystrokes executed at the time of execution denoted by the corresponding timestamp, produces the electronic transaction data;
  
  wherein assigning the authorization code includes assigning, to the electronic transaction, a designation from a group of designations which includes transaction approved unconditionally, transaction approved with a flag, transaction conditionally approved pending further information received from the at least one client computer, and transaction not approved;
  
  wherein the peripheral device data further includes a set of mouse clicks and a corresponding timestamp for each mouse click in the set of mouse clicks, the timestamp denoting a time of execution of the corresponding mouse click;
  
  wherein performing the validation operation further includes verifying that the set of mouse clicks, each mouse click executed at the time of execution denoted by the corresponding timestamp, in addition to the set of keystrokes, produces the data in the set of transaction data;
  
  wherein the peripheral device data further includes a form focus event, the form focus event denoting an identification of an active window on the client computer; and
  
  wherein performing the validation operation further includes verifying that the set of keystrokes and the set of mouse clicks includes only those keystrokes and mouse clicks with time stamps corresponding to a form focus event for a window whose identification is associated with the electronic transaction on the client computer.
- View Dependent Claims (13, 14)
- - 13. A computer program product as in claim 12, wherein assigning the authorization code further includes assigning the authorization code of transaction approved with a flag to the electronic transaction when a group of keystrokes from the set of keystrokes and corresponding timestamps for each keystroke in the group of keystrokes produce a prefix of an electronic transaction datum.
  - 14. A computer program product as in claim 12, wherein the server includes a cache;
    - wherein receiving the set of peripheral device data includes receiving a stream of keystrokes from the set of keystrokes, each streamed keystroke sent form the client computer to the server in real time, each streamed keystroke stored in the cache; and
      
      wherein performing the validation operation includes obtaining the received keystrokes from the cache.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Inventors
Khen, Amnon, Hodgman, Roy, Kaufman, Alon
Primary Examiner(s)
Kim, Steven

Application Number

US12/974,768
Time in Patent Office

2,534 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

G06F 21/316   by observing the pattern of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

Human interaction detection

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Human interaction detection

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links