Method and system for mitigating risk of fraud in internet banking
First Claim
1. A method for mitigating the risk of fraud in Internet banking, comprising:
- receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site, said request having satisfied a first authentication requirement associated with a customer of the financial institution and said request having two or more attributes;
calculating a score corresponding to a measure of improbability of the occurrence of at least two of the attributes; and
conditioning approval of the request on satisfaction of a second authentication requirement if the score exceeds a configurable threshold.
10 Assignments
0 Petitions
Accused Products
Abstract
A method and system are provided for mitigating the risk of fraud in Internet banking. In an embodiment comprising an end user seeking access to the Internet banking site of a financial institution, the end user having already satisfied a first authentication requirement (such as providing a valid user id and password), the end user is required to satisfy a second authentication test when a measure of improbability associated with the login exceeds a threshold. The measure of improbability, in an embodiment, is based on the improbability of a combination of session statistics such as IP address, browser ID, hour of day, and time since the user'"'"'s last valid login.
155 Citations
18 Claims
-
1. A method for mitigating the risk of fraud in Internet banking, comprising:
-
receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site, said request having satisfied a first authentication requirement associated with a customer of the financial institution and said request having two or more attributes; calculating a score corresponding to a measure of improbability of the occurrence of at least two of the attributes; and conditioning approval of the request on satisfaction of a second authentication requirement if the score exceeds a configurable threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of mitigating the risk of fraud in Internet banking comprising:
-
receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site; determining that the request is unusual based on the improbability of occurrence of a plurality of attributes of the request; and reporting the request to the financial institution. - View Dependent Claims (10, 11)
-
-
12. A system for mitigating the risk of fraud in Internet banking, comprising:
-
a server comprising an authentication module wherein the authentication module includes instructions for; receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site; determining that the request is unusual based on the improbability of occurrence of a plurality of attributes of the request; and reporting the request to the financial institution. - View Dependent Claims (13)
-
-
14. A system for mitigating the risk of fraud in Internet Banking, comprising:
-
a session statistics module that computes an improbability measure of session attributes associated with a request for access to a financial institution'"'"'s Internet banking web site; and an additional authorization module that requires satisfaction of two or more authentication requirements before allowing access to the Internet Banking web site when the improbability measure of session attributes exceeds a configurable threshold. - View Dependent Claims (15)
-
-
16. A system for mitigating the risk of fraud in Internet banking, comprising:
a server comprising; a processor; and a memory containing instructions that are executed by the processor for; receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site, said request having satisfied a first authentication requirement associated with a customer of the financial institution and said request having a plurality of attributes; calculating a score corresponding to a measure of improbability of the occurrence of the plurality of attributes; and conditioning approval of the request on satisfaction of a second authentication requirement if the score exceeds a configurable threshold.
-
18. A computer readable storage medium comprising instructions for mitigating the risk of fraud in Internet banking by:
-
receiving from a remote site a request for access to a financial institution'"'"'s Internet banking site, said request having satisfied a first authentication requirement associated with a customer of the financial institution and said request having a plurality of attributes; calculating a score corresponding to a measure of improbability of the occurrence of the plurality of attributes; and conditioning approval of the request on satisfaction of a second authentication requirement if the score exceeds a configurable threshold.
-
Specification