Contextual mapping of web-pages, and generation of fraud-relatedness score-values
First Claim
Patent Images
1. A method comprising:
- (a) automatically analyzing content of a banking or retailer website, by performing;
analyzing a log of historical transactions that are known to be fraudulent;
identifying in said log a first Graphical User Interface (GUI) element that is typically clicked by cyber-attackers as part of cyber-attacks;
identifying in said log a second Graphical User Interface (GUI) element that is typically not clicked by cyber-attackers as part of cyber-attacks;
constructing a lookup table that indicates that the first GUI element is typically clicked by cyber-attackers as part of cyber-attacks, and that further indicates that the second GUI element is typically not clicked by cyber-attackers as part of cyber-attacks;
(b) monitoring interactions of a user with said banking or retailer website via one or more input units of an end-user device, and detecting one or more user interactions that indicate a possibly-fraudulent activity based on one or more pre-defined threshold parameters;
(c) if said possibly-fraudulent activity that was detected in step (b), is a click of said user on the first GUI element, then activating a fraud-mitigation unit;
(d) if said possibly-fraudulent activity that was detected in step (b), is a click of said user on the second GUI element, then maintaining said fraud-mitigation unit deactivated;
wherein the method further comprises;
generating a security-exposure map of on-screen GUI elements of said banking or retailer website,by generating a first indication that user-engagement with a first particular on-screen GUI element on a particular web-page of said banking or retailer website creates a potential security risk for said banking or retailer website,and by generating a second indication that user-engagement with a second particular on-screen GUI element on said particular web-page of said banking or retailer website does not create a potential security risk for said banking or retailer website.
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of contextual mapping of web-page elements and other User Interface elements, for the purpose of differentiating between fraudulent transactions and legitimate transactions, or for the purpose of distinguishing between a fraudulent user and a legitimate user. User Interface elements of a website or webpage or application or other computerized service, are contextually analyzed. A first User Interface element is assigned a low fraud-relatedness score-value, since user engagement with the first User Interface element does not create a security risk or a monetary exposure. A second, different, User Interface element is assigned a high fraud-relatedness score-value, since user engagement with the second User Interface element creates a security risk or a monetary exposure. The fraud-relatedness score-values are taken into account, together with user-specific behavioral characteristics, in order to determine whether to generate a possible-fraud notification, or as part of generating a possible-fraud score for a particular set-of-operations.
426 Citations
4 Claims
-
1. A method comprising:
-
(a) automatically analyzing content of a banking or retailer website, by performing; analyzing a log of historical transactions that are known to be fraudulent; identifying in said log a first Graphical User Interface (GUI) element that is typically clicked by cyber-attackers as part of cyber-attacks; identifying in said log a second Graphical User Interface (GUI) element that is typically not clicked by cyber-attackers as part of cyber-attacks; constructing a lookup table that indicates that the first GUI element is typically clicked by cyber-attackers as part of cyber-attacks, and that further indicates that the second GUI element is typically not clicked by cyber-attackers as part of cyber-attacks; (b) monitoring interactions of a user with said banking or retailer website via one or more input units of an end-user device, and detecting one or more user interactions that indicate a possibly-fraudulent activity based on one or more pre-defined threshold parameters; (c) if said possibly-fraudulent activity that was detected in step (b), is a click of said user on the first GUI element, then activating a fraud-mitigation unit; (d) if said possibly-fraudulent activity that was detected in step (b), is a click of said user on the second GUI element, then maintaining said fraud-mitigation unit deactivated; wherein the method further comprises; generating a security-exposure map of on-screen GUI elements of said banking or retailer website, by generating a first indication that user-engagement with a first particular on-screen GUI element on a particular web-page of said banking or retailer website creates a potential security risk for said banking or retailer website, and by generating a second indication that user-engagement with a second particular on-screen GUI element on said particular web-page of said banking or retailer website does not create a potential security risk for said banking or retailer website. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBiocatch Ltd.
-
Original AssigneeBiocatch Ltd.
-
InventorsTurgeman, Avi, Kedem, Oren
-
Primary Examiner(s)Lagor, Alexander
-
Assistant Examiner(s)Jones, William B
-
Application NumberUS15/194,593Publication NumberTime in Patent Office1,386 DaysField of Search726 1US Class CurrentCPC Class CodesG06F 21/31 User authenticationG06F 21/316 by observing the pattern of...G06F 21/32 using biometric data, e.g. ...G06F 21/552 involving long-term monitor...G06F 21/554 involving event detection a...G06F 2221/2133 Verifying human interaction...G06Q 20/321 using wearable devicesG06Q 20/4016 involving fraud or risk lev...H04L 2463/144 Detection or countermeasure...H04L 63/08 for authentication of entit...H04L 63/1408 by monitoring network traff...H04L 63/1441 Countermeasures against mal...
