Online machine data collection and archiving process

US 7,330,871 B2
Filed: 06/05/2001
Issued: 02/12/2008
Est. Priority Date: 06/07/2000
Status: Expired due to Term

- Alert
- Pin

First Claim

Patent Images

1. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:

said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;

said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;

wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;

said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;

whereby said transaction identification string associates said transaction record with said machine fingerprint; and

monitoring for possible fraudulent transactions, wherein said monitoring is based at least in part on said machine fingerprint.

View all claims

11 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

An online machine data collection and archiving process generates a machine data profile of a customer computer accessing a transaction form of a merchant web site and links the machine data profile and a transaction record with customer identifying information using a unique transaction identification string. The process preferably captures parameters typically communicated as a part of web accesses, such as an IP address, an HTTP header, and cookie information. The process additionally causes the customer computer to process self-identification routines by processing coding within the merchant transaction form, the self-identification routines yielding further profile parameters. The process further includes a routine for bypassing an intervening proxy to the merchant web site to reveal the true IP address of the customer computer.

172 Citations

12 Claims

1. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
  
  said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
  
  wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
  
  said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
  
  whereby said transaction identification string associates said transaction record with said machine fingerprint; and
  
  monitoring for possible fraudulent transactions, wherein said monitoring is based at least in part on said machine fingerprint.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A process as set forth in claim 1 wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string along with a conventional hypertext transfer protocol (HTTP) header, and wherein the process further comprises the step of said archiver service additionally storing said HTTP header in association with said machine data profile.
  - 3. A process as set forth in claim 1 further comprising said machine data collection script querying said customer browser for a configuration setting thereof.
  - 4. A process as set forth in claim 1 wherein said script causes said customer browser to provide a plurality of configuration settings, and to form an attribute string from said plurality of configuration settings, and to process said attribute string to form said machine fingerprint of said customer computer.
  - 5. A process as set forth in claim 4 wherein said script performs a hashing function on said attribute string to form said machine fingerprint.
  - 6. A process as set forth in claim 1 wherein said redirect script causes customer computer to access said merchant web site by way of a proxy, and to communicate said machine fingerprint and said transaction identification string to said archiver web site using a protocol which bypasses said proxy.
  - 7. A process as set forth in claim 1 wherein said machine data collection script causes said customer browser to communicate said machine fingerprint to said archiver web site using a protocol other than HTTP.
  - 8. A process as set forth in claim 1 wherein said customer computer comprises a digital clock, and wherein said script causes said customer browser to query said clock for a time value, and to send said time value to said archiver web site along with said machine fingerprint.

9. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
  
  said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
  
  wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
  
  said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
  
  whereby said transaction identification string associates said transaction record with said machine fingerprint; and
  
  a qualified party accessing said archiver web site to examine said machine fingerprint and said transaction identification string along with other machine fingerprints and transaction identification strings in order to determine evidence of a pattern of suspicious behavior by a customer associated with said transaction identification string.

10. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
  
  said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
  
  wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
  
  said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
  
  whereby said transaction identification string associates said transaction record with said machine fingerprint; and
  
  analyzing information related to said transaction record and said machine fingerprint to monitor whether said online transaction is fraudulent.

11. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
  
  said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
  
  wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
  
  said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
  
  whereby said transaction identification string associates said transaction record with said machine fingerprint; and
  
  examining information related to said transaction record and said machine fingerprint along with information related to at least one other transaction identification string in order to monitor for possible fraudulent transactions.

12. A process for use in identifying a customer computer involved in an online transaction via a merchant web site between a customer using a customer browser operating on said customer computer and a merchant who operates said merchant web site, in order to monitor for possible fraudulent transactions using the computer, said method comprising the steps of:
- said merchant web site providing to said customer browser a redirect script request within a transaction form of said merchant web site, wherein said redirect script causes said customer browser to communicate to an archiver web site of a machine data archiving service an electronic request for a machine data collection script;
  
  said archiver web site returning said machine data collection script to said customer browser along with a transaction identification string, wherein said machine data collection script causes said customer browser processing said machine data collection script to cause said customer browser to query said customer computer for a machine fingerprint of said customer computer, wherein said machine fingerprint comprises a hashed attribute string associated with one or more attributes of said customer computer, and wherein said machine data collection script causes said customer browser to communicate said machine fingerprint and said transaction identification string to said archiver web site, and said archiver web site storing said machine fingerprint and said transaction identification string in a machine data profile as an archiver record;
  
  wherein said machine data collection script also causes said customer browser to write said transaction identification string into said transaction form;
  
  said merchant web site receiving from said customer browser customer identification information with said transaction form to thereby comprise a transaction record, and storing the transaction record with the transaction identification string as a merchant record;
  
  whereby said transaction identification string associates said transaction record with said machine fingerprint; and
  
  accessing said archiver web site to examine information related to said machine fingerprint and said transaction identification string along with other machine fingerprints and transaction identification strings in order to monitor for possible fraudulent transactions.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Kount Incorporated (Equifax, Inc.)
Original Assignee
Telecheck Services Incorporated (Fiserv Incorporated)
Inventors
Barber, Timothy P.
Primary Examiner(s)
Vaughn; William
Assistant Examiner(s)
Shingles; Kristie D

Application Number

US09/873,339
Publication Number

US 20020035622A1
Time in Patent Office

2,443 Days
Field of Search

709/219, 709/225, 709/224, 705/17, 705/18, 705/26, 705/76, 705/75, 705/78, 705/64, 705/67
US Class Current

709/201
CPC Class Codes

G06Q 10/00   Administration; Management

G06Q 20/0855   involving a third party

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0251   Targeted advertisements

G06Q 30/0255   based on user history

G06Q 30/0269   based on user profile or at...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0609   Buyer or seller confidence ...

G06Q 40/12   Accounting

H04L 67/303   Terminal profiles

Online machine data collection and archiving process

First Claim

11 Assignments

Litigations

0 Petitions

Accused Products

Abstract

172 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

Online machine data collection and archiving process

First Claim

11 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

172 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others