Online machine data collection and archiving process
DCFirst Claim
1. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
whereby said transaction identification string associates said transaction record with said machine fingerprint; and
monitoring for possible fraudulent transactions, wherein said monitoring is based at least in part on said machine fingerprint.
11 Assignments
Litigations
0 Petitions
Accused Products
Abstract
An online machine data collection and archiving process generates a machine data profile of a customer computer accessing a transaction form of a merchant web site and links the machine data profile and a transaction record with customer identifying information using a unique transaction identification string. The process preferably captures parameters typically communicated as a part of web accesses, such as an IP address, an HTTP header, and cookie information. The process additionally causes the customer computer to process self-identification routines by processing coding within the merchant transaction form, the self-identification routines yielding further profile parameters. The process further includes a routine for bypassing an intervening proxy to the merchant web site to reveal the true IP address of the customer computer.
172 Citations
12 Claims
-
1. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
-
said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script; said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record; wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form; said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record; whereby said transaction identification string associates said transaction record with said machine fingerprint; and monitoring for possible fraudulent transactions, wherein said monitoring is based at least in part on said machine fingerprint. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
-
said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script; said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record; wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form; said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record; whereby said transaction identification string associates said transaction record with said machine fingerprint; and a qualified party accessing said archiver web site to examine said machine fingerprint and said transaction identification string along with other machine fingerprints and transaction identification strings in order to determine evidence of a pattern of suspicious behavior by a customer associated with said transaction identification string.
-
-
10. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
-
said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script; said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record; wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form; said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record; whereby said transaction identification string associates said transaction record with said machine fingerprint; and analyzing information related to said transaction record and said machine fingerprint to monitor whether said online transaction is fraudulent.
-
-
11. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
-
said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script; said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record; wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form; said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record; whereby said transaction identification string associates said transaction record with said machine fingerprint; and examining information related to said transaction record and said machine fingerprint along with information related to at least one other transaction identification string in order to monitor for possible fraudulent transactions.
-
-
12. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
-
said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script; said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record; wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form; said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record; whereby said transaction identification string associates said transaction record with said machine fingerprint; and accessing said archiver web site to examine information related to said machine fingerprint and said transaction identification string along with other machine fingerprints and transaction identification strings in order to monitor for possible fraudulent transactions.
-
Specification