Method and system for identifying users and detecting fraud by use of the internet

US 7,853,533 B2
Filed: 09/29/2005
Issued: 12/14/2010
Est. Priority Date: 03/02/2004
Status: Active Grant

First Claim

Patent Images

1. A method for identifying a client computer using a website server comprising the steps of:

providing a time capture script from the website server for execution by the client computer;

executing the time capture script to instruct a browser of the client computer to obtain selected information about the client computer during an online connection including a local time according to a client computer clock and at least one non-personal identification parameter;

returning the local time of the client computer clock and the non-personal identification parameter to the website server in accordance with the time capture script;

obtaining a local server time from a website server clock;

calculating, at the website server, a delta of time parameter based upon a difference in time between the local server time and the local time of the client computer clock received from the client computer;

generating a computer identifier which incorporates the non-personal identification parameter related to the client computer and the delta of time parameter;

comparing the computer identifier with another selected computer identifier;

calculating a matching parameter based on said comparing, wherein said matching parameter is a raw number, score, or increment of measurement based on the difference between the computer identifiers;

determining whether the matching parameter falls within a selected range; and

based on the determination that the matching parameter falls within the selected range indicating, by some device or application, a positive match for linking one of the computer identifiers to one or more fraudulent transactions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

168 Citations

14 Claims

1. A method for identifying a client computer using a website server comprising the steps of:
- providing a time capture script from the website server for execution by the client computer;
  
  executing the time capture script to instruct a browser of the client computer to obtain selected information about the client computer during an online connection including a local time according to a client computer clock and at least one non-personal identification parameter;
  
  returning the local time of the client computer clock and the non-personal identification parameter to the website server in accordance with the time capture script;
  
  obtaining a local server time from a website server clock;
  
  calculating, at the website server, a delta of time parameter based upon a difference in time between the local server time and the local time of the client computer clock received from the client computer;
  
  generating a computer identifier which incorporates the non-personal identification parameter related to the client computer and the delta of time parameter;
  
  comparing the computer identifier with another selected computer identifier;
  
  calculating a matching parameter based on said comparing, wherein said matching parameter is a raw number, score, or increment of measurement based on the difference between the computer identifiers;
  
  determining whether the matching parameter falls within a selected range; and
  
  based on the determination that the matching parameter falls within the selected range indicating, by some device or application, a positive match for linking one of the computer identifiers to one or more fraudulent transactions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14)
- - 2. The method as recited in claim 1 further comprising the step of:
    - obtaining additional identification parameters including personal identification information from the selected information.
  - 3. The method as recited in claim 2, wherein the personal identification information includes consumer identification information.
  - 4. The method as recited in claim 3, wherein the consumer identification information includes at least one of the following:
    - consumer name, address, billing information, shipping information, telephone number and e-mail address.
  - 5. The method as recited in claim 1, wherein the non-personal identification parameter is computer identification information.
  - 6. The method as recited in claim 5, wherein the computer identification information includes an Internet parameter.
  - 7. The method as recited in claim 6, wherein the Internet parameter is a CGI parameter.
  - 8. The method as recited in claim 7, wherein the CGI parameter includes at least one of the following:
    - IP address, and Browser ID.
  - 9. The method as recited in claim 1 further comprising the step of:
    - capturing relevant time zone information in which the client computer is physically located from the selected information about the client computer.
  - 10. The method as recited in claim 9, wherein the relevant time zone information is for one or more future dates indicating whether DST is observed in the relevant time zone.
  - 12. The method of claim 1, wherein correlating the client computer with potentially fraudulent transactions includes correlating the non-personal identification parameter with additional transaction related information based on the delta of time parameter.
  - 13. The method of claim 1, further comprising differentiating the client computer from other computers based on the delta of time parameter.
  - 14. The method of claim 1, wherein the delta of time parameter is stored in a time increment of seconds or greater.

11. A computer readable medium residing on a website server containing program instructions for identifying a client computer comprising:
- computer code that provides a time capture script from the website server for execution by the client computer;
  
  computer code that executes the time capture script to instruct a browser of the client computer to obtain from the client computer, at least one non-personal identification parameter;
  
  computer code that captures from a clock of the client computer, the client computer time;
  
  computer code that obtains from a clock of the website server, the server time;
  
  computer code that calculates and stores, at the website server, a delta of time parameter based upon the difference between the server time and the client computer time received from the client computer;
  
  computer code that generates a computer identifier which incorporates the delta of time parameter and the non-personal identification parameter;
  
  computer code that compares the computer identifier with another selected computer identifier;
  
  computer code that calculates a matching parameter based on said comparison, wherein said matching parameter is a raw number, score, or increment of measurement based on the difference between the computer identifiers;
  
  computer code that determines whether the matching parameter falls within a selected range; and
  
  computer code that indicates based on the determination that the matching parameter falls within the selected range, a positive match for linking one of the computer identifiers to one or more fraudulent transactions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The 41st Parameter, Inc. (Experian plc)
Original Assignee
The 41st Parameter, Inc. (Experian plc)
Inventors
Eisen, Ori
Primary Examiner(s)
Fischer; Andrew J.
Assistant Examiner(s)
Zelaskiewicz; Chrystina

Application Number

US11/241,739
Publication Number

US 20070239606A1
Time in Patent Office

1,902 Days
Field of Search

705/64
US Class Current

705/64
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

H04L 2463/102   applying security measure f...

H04L 63/1408   by monitoring network traff...

H04L 63/1483   service impersonation, e.g....

Method and system for identifying users and detecting fraud by use of the internet

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

168 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for identifying users and detecting fraud by use of the internet

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

168 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links