Systems and methods of sharing information through a tag-based consortium
First Claim
1. A system comprising:
- a network interface configured to communicate with a plurality of network service devices comprising a first network service device associated with a first institution, a second network service device associated with a second institution, and a third network service device associated with a third institution;
a data store configured to store computer-executable instructions; and
a processor in communication with the data store, the processor, when executing the computer-executable instructions, configured to, during an online transaction;
retrieve a first transaction tag from a customer computing device, wherein the first transaction tag is associated with a first electronic transaction between the customer computing device and a first network service device, and wherein the first transaction tag is issued by the first network service device and is associated with the customer computing device and a first account associated with the first institution, the first transaction tag comprising;
a first timestamp indicative of a first time of creation of the first transaction tag by the first network service device; and
identification information corresponding to the customer computing device;
retrieve a second transaction tag from the customer computing device, wherein the second transaction tag is associated with a second electronic transaction associated with the customer computing device and a second network service device, and wherein the second transaction tag is issued by the second network service device and is associated with the customer computing device and a second account associated with the second institution which is different from the first account, the second transaction tag comprising;
a second timestamp indicative of a second time of creation of the second transaction tag by the second network device; and
the identification information corresponding to the customer computing device;
automatically analyze the first transaction tag and the second transaction tag using a fraud detection protocol, wherein the fraud detection protocol provides an indication of an increased risk of fraud associated with transaction tags with times of creation that are within a predetermined time interval;
determine, based at least in part on the first timestamp and the second timestamp, that the first transaction tag and the second transaction tag were created within the predetermined time interval;
associate an increased risk of fraud with the customer computing device, based at least in part on the determination that the first transaction tag and the second transaction tag were created within the predetermined time interval, wherein the increased risk of fraud is indicative of the customer computing device conducting transactions with different institutions within a short period of time;
generate a risk data packet configured for transmission to at least one of the first network service and the second network service, the risk data packet comprising encrypted identifying information corresponding to the customer computing device and an electronic indication of the increased risk of fraud associated with the customer computing device; and
share the risk data packet with the third network service device which indicates to the third network service device that the customer computing device is associated with the increased risk of fraud.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by tag-based computer information. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity. The invention may be use for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, reputation-based communities, and law enforcement.
710 Citations
19 Claims
-
1. A system comprising:
-
a network interface configured to communicate with a plurality of network service devices comprising a first network service device associated with a first institution, a second network service device associated with a second institution, and a third network service device associated with a third institution; a data store configured to store computer-executable instructions; and a processor in communication with the data store, the processor, when executing the computer-executable instructions, configured to, during an online transaction; retrieve a first transaction tag from a customer computing device, wherein the first transaction tag is associated with a first electronic transaction between the customer computing device and a first network service device, and wherein the first transaction tag is issued by the first network service device and is associated with the customer computing device and a first account associated with the first institution, the first transaction tag comprising; a first timestamp indicative of a first time of creation of the first transaction tag by the first network service device; and identification information corresponding to the customer computing device; retrieve a second transaction tag from the customer computing device, wherein the second transaction tag is associated with a second electronic transaction associated with the customer computing device and a second network service device, and wherein the second transaction tag is issued by the second network service device and is associated with the customer computing device and a second account associated with the second institution which is different from the first account, the second transaction tag comprising; a second timestamp indicative of a second time of creation of the second transaction tag by the second network device; and the identification information corresponding to the customer computing device; automatically analyze the first transaction tag and the second transaction tag using a fraud detection protocol, wherein the fraud detection protocol provides an indication of an increased risk of fraud associated with transaction tags with times of creation that are within a predetermined time interval; determine, based at least in part on the first timestamp and the second timestamp, that the first transaction tag and the second transaction tag were created within the predetermined time interval; associate an increased risk of fraud with the customer computing device, based at least in part on the determination that the first transaction tag and the second transaction tag were created within the predetermined time interval, wherein the increased risk of fraud is indicative of the customer computing device conducting transactions with different institutions within a short period of time; generate a risk data packet configured for transmission to at least one of the first network service and the second network service, the risk data packet comprising encrypted identifying information corresponding to the customer computing device and an electronic indication of the increased risk of fraud associated with the customer computing device; and share the risk data packet with the third network service device which indicates to the third network service device that the customer computing device is associated with the increased risk of fraud.
-
-
2. The system of claim 1, wherein the processor is further configured to cause transmission of the risk data packet to at least one of the first network service device and the second network service device.
-
3. The system of claim 1, wherein the risk data packet further comprises the predetermined time interval.
-
4. The system of claim 1, wherein the processor is further configured to receive a timestamp of the customer computing device in a first format and associated with a clock of the customer computing device.
-
5. The system of claim 4, wherein the determining that there is an increased risk of fraud associated with the customer computing device is further based on the timestamp of the customer computing device.
-
6. The system of claim 1, wherein the first transaction tag further comprises a first transaction timestamp indicative of a time of the first electronic transaction, and the second transaction tag further comprises a second transaction timestamp indicative of a time of the second electronic transaction.
-
7. The system of claim 6, wherein the processor is further configured to:
-
determine, based at least in part on the first transaction timestamp and a previous electronic transaction associated with the first network service device, a first duration of account inactivity; and determine, based at least in part on the second transaction timestamp and a previous electronic transaction associated with the second network service device, a second duration of account inactivity.
-
-
8. The system of claim 6, wherein the fraud detection protocol further provides an indication of an increased risk of fraud associated with durations of account inactivity exceeding a predetermined threshold.
-
9. The system of claim 8, wherein the processor is further configured to determine that the first duration of account inactivity and the second duration of account inactivity exceed the predetermined threshold, and wherein the determination that there is an increased risk of fraud associated with the customer computing device is further based at least in part on the determination that-the first duration and the second duration exceed the predetermined threshold.
-
10. A computer-implemented method comprising:
-
accessing computer-executable instructions from at least one computer-readable storage medium; and executing the computer-executable instructions, thereby causing computer hardware comprising at least one computer processor to perform operations comprising; receiving, from a first institution device of a consortium, a first transaction tag associated with a first electronic transaction involving a first network service device of the first institution device and a customer computing device, the first transaction tag being associated with the customer computing device and a first account associated with a first institution, and comprising a first timestamp and a first set of device identification information associated with the customer computing device, wherein the first transaction tag is issued to the customer computing device by the first institution device during the first electronic transaction; receiving, from a second institution device of the consortium, a second transaction tag for a second electronic transaction involving a second network service device of the second institution device and the customer computing device, the second transaction tag being associated with the customer computing device and a second account associated with a second institution which is different from the first account, and comprising a second timestamp and a second set of device identification information associated with the customer computing device, wherein the second transaction tag is issued to the customer computing device by the second institution device during the second electronic transaction; determine whether the first account and the second account are on the same computing device based at least in part on the first set of device identification information and the second set of device identification information associated with the first electronic transaction and the second electronic transaction; automatically analyzing the first transaction tag and the second transaction tag using a fraud detection protocol, wherein the fraud detection protocol indicates an increased risk of fraud associated with at least one of; a plurality of transaction tags created within a predetermined time interval of each other;
ora plurality of electronic transactions, each of the plurality of electronic transactions involving a respective network service, each of the plurality of electronic transactions preceded by a respective time interval of inactivity between the respective network service and the computing device, wherein each respective time interval of inactivity exceeds a respective threshold; determining, based at least in part on the fraud detection protocol, that at least one of the first transaction tag and the second transaction tag indicates an increased risk of fraud; determining, based at least in part on the determination that at least one of the first transaction tag and the second transaction tag indicates an increased risk of fraud, an increased risk of fraud associated with the computing device; and generating an encrypted data packet, the encrypted data packet comprising identifying information corresponding to the computing device and an electronic indication of the increased risk of fraud associated with the customer computing device.
-
-
11. The computer-implemented method of claim 10 further comprising causing transmission of the encrypted data packet to at least one of the first institution and the second institution.
-
12. The computer-implemented method of claim 10 further comprising causing transmission of the encrypted data packet to a third institution of the consortium.
-
13. The computer-implemented method of claim 10, wherein the first timestamp comprises a first creation time associated with the first transaction tag, and wherein the second timestamp comprises a second creation time associated with the second transaction tag.
-
14. The computer-implemented method of claim 13, wherein determining that at least one of the first transaction tag and the second transaction tag indicates an increased risk of fraud comprises determining that the first timestamp and the second timestamp are within the predetermined time interval of each other.
-
15. The computer-implemented method of claim 13, wherein the encrypted data packet further comprises the predetermined time interval.
-
16. The computer-implemented method of claim 10, wherein the first timestamp comprises a first transaction timestamp indicative of a time of the first electronic transaction, and wherein the second timestamp comprises a second transaction timestamp indicative of a time of the second electronic transaction.
-
17. The computer-implemented method of claim 16, wherein determining that at least one of the first transaction tag and the second transaction tag indicates an increased risk of fraud comprises:
-
identifying a first previous electronic transaction between the first network service device and the customer computing device; identifying a second previous electronic transaction between the second network service device and the customer computing device; identifying a first previous timestamp associated with the first previous electronic transaction; identifying a second previous timestamp associated with the second previous electronic transaction; determining, based at least in part on the first timestamp and the first previous timestamp, a first time interval of inactivity; determining, based at least in part on the second timestamp and the second previous timestamp, a second time interval of inactivity; determining that the first time interval of inactivity exceeds a first predetermined threshold; and determining that the second time interval of inactivity exceeds a second predetermined threshold.
-
-
18. The computer-implemented method of claim 10 further comprising receiving a timestamp of the customer computing device in a first format and associated with a clock of the customer computing device.
-
19. The computer-implemented method of claim 18, wherein the determining an increased risk of fraud associated with the customer computing device is further based on the timestamp of the customer computing device.
Specification