Device reputation

US 9,292,677 B2
Filed: 10/10/2014
Issued: 03/22/2016
Est. Priority Date: 03/09/2011
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a network interface component for collecting at least one parameter for a communication device;

a non-transitory memory storing the at least one parameter, device history data for the communication device, at least one device attribute for the communication device, and a network risk determination associated with the communication device; and

at least one hardware processor coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

generating a universally unique identifier (UUID) for the communication device using the at least one parameter;

determining, a risk level for the communication device using the device history data, the at least one device attribute, and the network risk determination comprising a weight of the network risk determination in the risk level that decreases with an increasing length of time since an update of the network risk determination and a weight of the network risk determination for an IP address that is based on a timestamp of calculating the network risk determination for the IP address and that decreases in significance as the timestamp ages;

associating, the risk level with the UUID,and wherein the update of the network risk determination is based on an additive increase/multiplicative decrease (AIMD) algorithm.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user device is associated with a dynamic trust score that may be updated as needed, where the trust score and the updates are based on various activities and information associated with the mobile device. The trust score is based on both parameters of the device, such as device type, registered device location, device phone number, device ID, the last time the device has been accessed, etc. and activities the device engages in, such as amount of transactions, dollar amount of transactions, amount of denied requests, amount of approved requests, location of requests, etc. Based on a transaction request from the user device, the trust score and a network reputation score is used to determine an overall trust/fraud score associated with the transaction request.

13 Citations

View as Search Results

17 Claims

1. A system comprising:
- a network interface component for collecting at least one parameter for a communication device;
  
  a non-transitory memory storing the at least one parameter, device history data for the communication device, at least one device attribute for the communication device, and a network risk determination associated with the communication device; and
  
  at least one hardware processor coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  generating a universally unique identifier (UUID) for the communication device using the at least one parameter;
  
  determining, a risk level for the communication device using the device history data, the at least one device attribute, and the network risk determination comprising a weight of the network risk determination in the risk level that decreases with an increasing length of time since an update of the network risk determination and a weight of the network risk determination for an IP address that is based on a timestamp of calculating the network risk determination for the IP address and that decreases in significance as the timestamp ages;
  
  associating, the risk level with the UUID,and wherein the update of the network risk determination is based on an additive increase/multiplicative decrease (AIMD) algorithm.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the at least one hardware processor is further configured to read instructions from the non-transitory memory to cause the system to perform operations comprising:
    - determining a device fingerprint for the device communication using the at least one parameter, wherein the UUID for the communication device is determined using the device fingerprint.
  - 3. The system of claim 1, wherein the at least one parameter comprises at least one of a user agent string sent from a browser of the communication device, a display resolution for the communication device, color depth information for the communication device, at least one browser plugin for the communication device, and an operating system of the communication device.
  - 4. The system of claim 1, wherein at least one of the device history data and the network risk determination score are based on previous transactions and result of the previous transactions using the user communication device.
  - 5. The system of claim 1, wherein the at least one device attribute comprises information elements specific to the communication device.
  - 6. The system of claim 1, wherein the device history data comprises changes to the user device, and wherein the network risk determination comprises activities engaged in by the user device.
  - 7. The system of claim 1, wherein the network risk determination is based on transactions conducted through the same or similar IP addresses as an IP address for a transaction request.

8. A method comprising:
- receiving, via a network interface component of a server device, at least one parameter for a communication device;
  
  generating, using at least one hardware processor of the server device, a universally unique identifier (UUID) for the communication device using the at least one parameter;
  
  determining a risk level for the communication device using device history data, at least one device attribute, and network risk determination, comprising a weight of the network risk determination in the risk level that decreases with an increasing length of time since an update of the network risk determination and a weight of the network risk determination for an IP address that is based on a timestamp of calculating the network risk determination for the IP address and that decreases in significance as the timestamp ages;
  
  associating the risk level with the UUID,and wherein the update of the network risk determination is based on an additive increase/multiplicative decrease (AIMD) algorithm.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8 further comprising:
    - determining a device fingerprint for the device communication using the at least one parameter,wherein the UUID for the communication device is determined using the device fingerprint.
  - 10. The method of claim 8, wherein the at least one parameter comprises at least one of a user agent string sent from a browser of the communication device, a display resolution for the communication device, color depth information for the communication device, at least one browser plugin for the communication device, and an operating system of the communication device.
  - 11. The method of claim 8, wherein at least one of the device history data and the network risk determination are based on previous transactions and results of the previous transactions using the user communication device.
  - 12. The method of claim 8, wherein the at least one device attribute comprises information elements specific to the communication device.
  - 13. The method of claim 8, wherein the device history data comprises changes to the user device, and wherein the network risk determination comprises activities engaged in by the user device.
  - 14. The method of claim 8, wherein the network risk determination is based on transactions conducted through the same or similar IP addresses as an IP address for a transaction request.

15. A non-transitory computer-readable medium having stored thereon machine-readable instructions executable by a machine to perform operations comprising:
- receiving, via a network interface component of a server device, at least one parameter for a communication device;
  
  generating, using at least one hardware processor of the server device, a universally unique identifier (UUID) for the communication device using the at least one parameter;
  
  determining a risk level for the communication device using device history data, at least one device attribute, and network risk determination, comprising a weight of the network risk determination in the risk level that decreases with an increasing length of time since an update of the network risk determination and a weight of the network risk determination for an IP address that is based on a timestamp of calculating the network risk determination for the IP address and that decreases in significance as the timestamp ages;
  
  associating the risk level with the UUID,and wherein the update of the network risk determination is based on an additive increase/multiplicative decrease (AIMD) algorithm.
- View Dependent Claims (16, 17)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the machine-readable instructions are executable by the machine to perform the operations further comprising:
    - determining a device fingerprint for the device communication using the at least one parameter,wherein the UUID for the communication device is determined using the device fingerprint.
  - 17. The non-transitory computer-readable medium of claim 15, wherein at least one of the device history data and the network risk determination are based on previous transactions and results of the previous transactions using the user communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Ranganathan, Prashanth, Olson, Alexander J., Bluemle, Frieder, Speckbacher, Tobias
Primary Examiner(s)
Nalven, Andrew
Assistant Examiner(s)
FIELDS, COURTNEY D

Application Number

US14/511,785
Publication Number

US 20150095990A1
Time in Patent Office

529 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/33   using certificates

G06F 21/51   at application loading time...

G06F 2221/031   Protect user input by softw...

G06F 2221/2141   Access rights, e.g. capabil...

G06Q 20/4016   involving fraud or risk lev...

H04L 63/0876   based on the identity of th...

Device reputation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Device reputation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links