Systems and methods for assessing security risk

US 9,378,354 B2
Filed: 03/18/2014
Issued: 06/28/2016
Est. Priority Date: 04/01/2008
Status: Active Grant

First Claim

Patent Images

1. A system for assessing security risk associated with an electronic transaction, the system comprising at least one processor programmed to:

analyze current user information indicative of at least one user behavior observed in connection with the electronic transaction;

determine at least one user identifier associated with the electronic transaction;

analyze history information associated with the at least one user identifier, the history information being indicative of at least one previously observed behavior associated with the at least one user identifier;

analyze at least one risk factor associated with the electronic transaction; and

provide a risk assessment for the electronic transaction at least in part by combining the current user information, the history information associated with the at least one user identifier, and the at least one risk factor associated with the electronic transaction;

wherein the at least one user identifier comprises at least one network address;

wherein the at least one processor is further programmed to;

obtain a first risk value based on the current user information;

obtain a second risk value based on the history information associated with the at least one network address; and

obtain a third risk value based on the least one risk factor associated with the electronic transaction; and

use a plurality of weights to combine the first, second, and third risk values to thereby obtain an overall risk value indicative of a level of risk associated with the electronic transaction, wherein the plurality of weights comprises first, second, and third weights applied respectively to the first, second, and third risk values.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a challenge character set whose appearance may change over time. In some embodiments, marketing content may be incorporated into a challenge message for use in an identification test. The marketing content may be accompanied by randomly selected content to increase a level of security of the identification test, hi some embodiments, a challenge message for use in an identification test may be provided based on information regarding a transaction for which the identification test is administered. For example, the transaction information may include a user identifier such as an IP address. In some embodiments, identification test results may be tracked and analyzed to identify a pattern of behavior associated with a user identifier. A score indicative of a level of trustworthiness may be computed for the user identifier.

54 Citations

View as Search Results

16 Claims

1. A system for assessing security risk associated with an electronic transaction, the system comprising at least one processor programmed to:
- analyze current user information indicative of at least one user behavior observed in connection with the electronic transaction;
  
  determine at least one user identifier associated with the electronic transaction;
  
  analyze history information associated with the at least one user identifier, the history information being indicative of at least one previously observed behavior associated with the at least one user identifier;
  
  analyze at least one risk factor associated with the electronic transaction; and
  
  provide a risk assessment for the electronic transaction at least in part by combining the current user information, the history information associated with the at least one user identifier, and the at least one risk factor associated with the electronic transaction;
  
  wherein the at least one user identifier comprises at least one network address;
  
  wherein the at least one processor is further programmed to;
  
  obtain a first risk value based on the current user information;
  
  obtain a second risk value based on the history information associated with the at least one network address; and
  
  obtain a third risk value based on the least one risk factor associated with the electronic transaction; and
  
  use a plurality of weights to combine the first, second, and third risk values to thereby obtain an overall risk value indicative of a level of risk associated with the electronic transaction, wherein the plurality of weights comprises first, second, and third weights applied respectively to the first, second, and third risk values.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the at least one processor is further programmed to:
    - determine, based on the risk assessment, whether the electronic transaction is likely to be associated with an attack at a first publisher; and
      
      upon detecting an attack at the first publisher, notify a second publisher of the attack.
  - 3. The system of claim 1, wherein the at least one processor is further to programmed to:
    - provide the overall risk value to a publisher associated with the electronic transaction.
  - 4. The system of claim 1, wherein the at least one processor is further to programmed to:
    - use the overall risk value to determine whether the electronic transaction is likely to be associated with an attack; and
      
      provide to a publisher associated with the electronic transaction an indication of whether the electronic transaction is likely to be associated with an attack.
  - 5. The system of claim 1, wherein the current user information indicates whether a user associated with the electronic transaction provided a correct response to an identification test.
  - 6. The system of claim 1, wherein the current user information indicates how much time the user took to respond to an identification test.
  - 7. The system of claim 1, wherein the at least one processor is programmed to analyze history information associated with the at least one network address repeatedly over time, each analysis taking into account recent history information associated with the at least one network address.
  - 8. The system of claim 1, wherein the electronic transaction is a current transaction, and wherein the history information associated with the at least one network address comprises information regarding one or more prior transactions associated with the at least one network address.

9. A method for assessing security risk associated with an electronic transaction, the method comprising acts of:
- analyzing current user information indicative of at least one user behavior observed in connection with the electronic transaction;
  
  determining at least one user identifier associated with the electronic transaction;
  
  analyzing history information associated with the at least one user identifier, the history information being indicative of at least one previously observed behavior associated with the at least one user identifier;
  
  analyzing at least one risk factor associated with the electronic transaction; and
  
  providing a risk assessment for the electronic transaction at least in part by combining the current user information, the history information associated with the at least one user identifier, and the at least one risk factor associated with the electronic transaction;
  
  wherein the at least one user identifier comprises at least one network address;
  
  further comprising acts of;
  
  obtaining a first risk value based on the current user information;
  
  obtaining a second risk value based on the history information associated with the at least one network address; and
  
  obtaining a third risk value based on the least one risk factor associated with the electronic transaction; and
  
  using a plurality of weights to combine the first, second, and third risk values to thereby obtain an overall risk value indicative of a level of risk associated with the electronic transaction, wherein the plurality of weights comprises first, second, and third weights applied respectively to the first, second, and third risk values.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, further comprising acts of:
    - determining, based on the risk assessment, whether the electronic transaction is likely to be associated with an attack at a first publisher; and
      
      upon detecting an attack at the first publisher, notifying a second publisher of the attack.
  - 11. The method of claim 9, further comprising an act of:
    - providing the overall risk value to a publisher associated with the electronic transaction.
  - 12. The method of claim 9, further comprising acts of:
    - using the overall risk value to determine whether the electronic transaction is likely to be associated with an attack; and
      
      providing to a publisher associated with the electronic transaction an indication of whether the electronic transaction is likely to be associated with an attack.
  - 13. The method of claim 9, wherein the current user information indicates whether a user associated with the electronic transaction provided a correct response to an identification test.
  - 14. The method of claim 9, wherein the current user information indicates how much time the user took to respond to an identification test.
  - 15. The method of claim 9, wherein the act of analyzing history information associated with the at least one network address is performed repeatedly over time, each analysis taking into account recent history information associated with the at least one network address.
  - 16. The method of claim 9, wherein the electronic transaction is a current transaction, and wherein the history information associated with the at least one network address comprises information regarding one or more prior transactions associated with the at least one network address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NuData Security Inc. (MasterCard Incorporated)
Original Assignee
NuData Security Inc. (MasterCard Incorporated)
Inventors
Bailey, Christopher Everett
Primary Examiner(s)
Gaffin, Jeffrey A
Assistant Examiner(s)
Torres, Ayesha Huertas

Application Number

US14/218,839
Publication Number

US 20140317751A1
Time in Patent Office

833 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/36   by graphic or iconic repres...

G06F 2221/2103   Challenge-response

G06F 2221/2133   Verifying human interaction...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0277   Online advertisement

G06T 13/80   2D [Two Dimensional] animat...

H04L 63/1433   Vulnerability analysis

Systems and methods for assessing security risk

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for assessing security risk

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links