AU2007215180B2 - System and method for network-based fraud and authentication services - Google Patents

System and method for network-based fraud and authentication services Download PDF

Info

Publication number
AU2007215180B2
AU2007215180B2 AU2007215180A AU2007215180A AU2007215180B2 AU 2007215180 B2 AU2007215180 B2 AU 2007215180B2 AU 2007215180 A AU2007215180 A AU 2007215180A AU 2007215180 A AU2007215180 A AU 2007215180A AU 2007215180 B2 AU2007215180 B2 AU 2007215180B2
Authority
AU
Australia
Prior art keywords
network
fraud detection
user
information
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU2007215180A
Other languages
English (en)
Other versions
AU2007215180A1 (en
Inventor
Joseph Adler
Jeffrey Burstein
Yueqin Lin
Kerry E. Loftus
David M'raihi
Alin M. Mutu
Bruce Ong
Nicolas Popp
Bajaj Siddharth
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gen Digital Inc
Original Assignee
NortonLifeLock Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NortonLifeLock Inc filed Critical NortonLifeLock Inc
Publication of AU2007215180A1 publication Critical patent/AU2007215180A1/en
Application granted granted Critical
Publication of AU2007215180B2 publication Critical patent/AU2007215180B2/en
Assigned to SYMANTEC INTERNATIONAL reassignment SYMANTEC INTERNATIONAL Request for Assignment Assignors: VERISIGN, INC.
Assigned to SYMANTEC CORPORATION reassignment SYMANTEC CORPORATION Request for Assignment Assignors: SYMANTEC INTERNATIONAL
Assigned to NortonLifeLock Inc. reassignment NortonLifeLock Inc. Request to Amend Deed and Register Assignors: SYMANTEC CORPORATION
Ceased legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
AU2007215180A 2006-02-10 2007-02-12 System and method for network-based fraud and authentication services Ceased AU2007215180B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US77186106P 2006-02-10 2006-02-10
US60/771,861 2006-02-10
PCT/US2007/003822 WO2007095242A2 (en) 2006-02-10 2007-02-12 System and method for network-based fraud and authentication services

Publications (2)

Publication Number Publication Date
AU2007215180A1 AU2007215180A1 (en) 2007-08-23
AU2007215180B2 true AU2007215180B2 (en) 2011-03-17

Family

ID=38372092

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2007215180A Ceased AU2007215180B2 (en) 2006-02-10 2007-02-12 System and method for network-based fraud and authentication services

Country Status (6)

Country Link
US (1) US7861286B2 (enExample)
EP (1) EP1987447A4 (enExample)
JP (1) JP5231254B2 (enExample)
AU (1) AU2007215180B2 (enExample)
CA (1) CA2641995C (enExample)
WO (1) WO2007095242A2 (enExample)

Families Citing this family (72)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080010678A1 (en) * 2004-09-17 2008-01-10 Jeff Burdette Authentication Proxy
US8112357B2 (en) * 2006-11-07 2012-02-07 Federal Reserve Bank Of Atlanta Systems and methods for preventing duplicative electronic check processing
US8272033B2 (en) * 2006-12-21 2012-09-18 International Business Machines Corporation User authentication for detecting and controlling fraudulent login behavior
KR100925176B1 (ko) * 2007-09-21 2009-11-05 한국전자통신연구원 지리 정보를 이용한 네트워크 상태 표시장치 및 방법
US8412932B2 (en) * 2008-02-28 2013-04-02 Red Hat, Inc. Collecting account access statistics from information provided by presence of client certificates
US20090287510A1 (en) * 2008-04-28 2009-11-19 Guggenheim Partners, Llc Methods and products for providing incentive compatible mortgage loans
US8321934B1 (en) * 2008-05-05 2012-11-27 Symantec Corporation Anti-phishing early warning system based on end user data submission statistics
US8689341B1 (en) 2008-05-21 2014-04-01 Symantec Corporation Anti-phishing system based on end user data submission quarantine periods for new websites
US8613064B1 (en) * 2008-09-30 2013-12-17 Symantec Corporation Method and apparatus for providing a secure authentication process
US9209994B2 (en) * 2008-12-31 2015-12-08 Sybase, Inc. System and method for enhanced application server
US8903434B2 (en) * 2008-12-31 2014-12-02 Sybase, Inc. System and method for message-based conversations
US8380989B2 (en) * 2009-03-05 2013-02-19 Sybase, Inc. System and method for second factor authentication
US9100222B2 (en) * 2008-12-31 2015-08-04 Sybase, Inc. System and method for mobile user authentication
DE102009021312A1 (de) * 2009-05-14 2010-11-18 Siemens Aktiengesellschaft Verfahren zum Verhindern einer Kompromittierung eines Webdienstes
US9471920B2 (en) * 2009-05-15 2016-10-18 Idm Global, Inc. Transaction assessment and/or authentication
US10346845B2 (en) 2009-05-15 2019-07-09 Idm Global, Inc. Enhanced automated acceptance of payment transactions that have been flagged for human review by an anti-fraud system
US20100306821A1 (en) * 2009-05-29 2010-12-02 Google, Inc. Account-recovery technique
DE102009060553A1 (de) * 2009-08-24 2011-03-03 Vitaphone Gmbh Verfahren und System zur Speicherung und Auswertung von Daten, insbesondere Vitaldaten
US8365264B2 (en) * 2009-10-12 2013-01-29 Microsoft Corporation Protecting password from attack
US8195664B2 (en) * 2009-10-22 2012-06-05 Symantec Corporation Method and system for clustering transactions in a fraud detection system
US8321360B2 (en) 2009-10-22 2012-11-27 Symantec Corporation Method and system for weighting transactions in a fraud detection system
US10467687B2 (en) 2009-11-25 2019-11-05 Symantec Corporation Method and system for performing fraud detection for users with infrequent activity
US8924733B2 (en) * 2010-06-14 2014-12-30 International Business Machines Corporation Enabling access to removable hard disk drives
US9473530B2 (en) 2010-12-30 2016-10-18 Verisign, Inc. Client-side active validation for mitigating DDOS attacks
US20120174196A1 (en) 2010-12-30 2012-07-05 Suresh Bhogavilli Active validation for ddos and ssl ddos attacks
US20120246483A1 (en) * 2011-03-25 2012-09-27 Netanel Raisch Authentication System With Time Attributes
US8504723B2 (en) 2011-06-15 2013-08-06 Juniper Networks, Inc. Routing proxy for resource requests and resources
US9571566B2 (en) 2011-06-15 2017-02-14 Juniper Networks, Inc. Terminating connections and selecting target source devices for resource requests
US9363327B2 (en) 2011-06-15 2016-06-07 Juniper Networks, Inc. Network integrated dynamic resource routing
US10237231B2 (en) 2011-09-26 2019-03-19 Verisign, Inc. Multiple provisioning object operation
US10565666B2 (en) 2011-09-26 2020-02-18 Verisign, Inc. Protect intellectual property (IP) rights across namespaces
US9525551B1 (en) * 2011-09-29 2016-12-20 EMC IP Holding Company LLC Randomly skewing secret values as a countermeasure to compromise
GB2496107C (en) * 2011-10-26 2022-07-27 Cliquecloud Ltd A method and apparatus for preventing unwanted code execution
US8850575B1 (en) * 2011-12-30 2014-09-30 Emc Corporation Geolocation error tracking in transaction processing
EP2834959B1 (en) 2012-04-01 2018-06-06 Early Warning Services, LLC Secure authentication in a multi-party system
US8612348B1 (en) * 2012-05-23 2013-12-17 Mp Platforms, Llc Systems and methods for interfacing merchants with third-party service providers
EP2750347A1 (en) * 2012-12-27 2014-07-02 Koninklijke KPN N.V. Location dependent recovery system
GB2511054B (en) * 2013-02-20 2017-02-01 F Secure Corp Protecting multi-factor authentication
CN104104652B (zh) * 2013-04-03 2017-08-18 阿里巴巴集团控股有限公司 一种人机识别方法、网络服务接入方法及相应的设备
JP2015095903A (ja) 2013-11-12 2015-05-18 ベリサイン・インコーポレイテッド 複数プロビジョニング・オブジェクトのオペレーション
US20150161611A1 (en) * 2013-12-10 2015-06-11 Sas Institute Inc. Systems and Methods for Self-Similarity Measure
CN104244516B (zh) * 2014-08-20 2017-01-18 深圳市芯飞凌半导体有限公司 高功率因数无频闪装置、led灯及方法
US10671980B2 (en) 2014-10-20 2020-06-02 Mastercard International Incorporated Systems and methods for detecting potentially compromised payment cards
CN107210918B (zh) * 2015-02-17 2021-07-27 维萨国际服务协会 用于使用基于交易特定信息的令牌和密码的交易处理的装置和方法
WO2016178088A2 (en) * 2015-05-07 2016-11-10 Cyber-Ark Software Ltd. Systems and methods for detecting and reacting to malicious activity in computer networks
US20170076292A1 (en) * 2015-09-14 2017-03-16 BIS Global, Inc. Enhanced fraud screening process for filtering of network statistics in order to detect, block, and deter fraudulent on-line activity
US9818116B2 (en) 2015-11-11 2017-11-14 Idm Global, Inc. Systems and methods for detecting relations between unknown merchants and merchants with a known connection to fraud
US9852427B2 (en) 2015-11-11 2017-12-26 Idm Global, Inc. Systems and methods for sanction screening
KR101765200B1 (ko) * 2015-11-25 2017-08-04 서일대학교산학협력단 시스템 보안관리장치 및 그 방법
US10861019B2 (en) * 2016-03-18 2020-12-08 Visa International Service Association Location verification during dynamic data transactions
US9888007B2 (en) 2016-05-13 2018-02-06 Idm Global, Inc. Systems and methods to authenticate users and/or control access made by users on a computer network using identity services
US10187369B2 (en) 2016-09-30 2019-01-22 Idm Global, Inc. Systems and methods to authenticate users and/or control access made by users on a computer network based on scanning elements for inspection according to changes made in a relation graph
US10250583B2 (en) 2016-10-17 2019-04-02 Idm Global, Inc. Systems and methods to authenticate users and/or control access made by users on a computer network using a graph score
US10965668B2 (en) 2017-04-27 2021-03-30 Acuant, Inc. Systems and methods to authenticate users and/or control access made by users based on enhanced digital identity verification
US10878067B2 (en) * 2017-07-13 2020-12-29 Nec Corporation Of America Physical activity and IT alert correlation
US11138333B2 (en) 2018-03-07 2021-10-05 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11789699B2 (en) 2018-03-07 2023-10-17 Private Identity Llc Systems and methods for private authentication with helper networks
US11502841B2 (en) 2018-03-07 2022-11-15 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US10721070B2 (en) 2018-03-07 2020-07-21 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11392802B2 (en) 2018-03-07 2022-07-19 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11394552B2 (en) 2018-03-07 2022-07-19 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11489866B2 (en) * 2018-03-07 2022-11-01 Private Identity Llc Systems and methods for private authentication with helper networks
US11265168B2 (en) 2018-03-07 2022-03-01 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11170084B2 (en) 2018-06-28 2021-11-09 Private Identity Llc Biometric authentication
US11210375B2 (en) 2018-03-07 2021-12-28 Private Identity Llc Systems and methods for biometric processing with liveness
US10938852B1 (en) * 2020-08-14 2021-03-02 Private Identity Llc Systems and methods for private authentication with helper networks
CN110932858B (zh) * 2018-09-19 2023-05-02 阿里巴巴集团控股有限公司 认证方法和系统
US20200242506A1 (en) * 2019-01-25 2020-07-30 Optum Services (Ireland) Limited Systems and methods for time-based abnormality identification within uniform dataset
US11218494B2 (en) * 2019-07-26 2022-01-04 Raise Marketplace, Llc Predictive fraud analysis system for data transactions
US11271933B1 (en) 2020-01-15 2022-03-08 Worldpay Limited Systems and methods for hosted authentication service
US20210397903A1 (en) * 2020-06-18 2021-12-23 Zoho Corporation Private Limited Machine learning powered user and entity behavior analysis
US20220300903A1 (en) * 2021-03-19 2022-09-22 The Toronto-Dominion Bank System and method for dynamically predicting fraud using machine learning

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050278192A1 (en) * 2003-02-21 2005-12-15 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5748742A (en) * 1995-11-30 1998-05-05 Amsc Subsidiary Corporation Fraud detection and user validation system for mobile earth terminal communication device
JP2001016198A (ja) * 1999-06-28 2001-01-19 Matsushita Electric Ind Co Ltd ネットワーク装置、アクセスサーバおよび認証サーバ
JP2003323407A (ja) * 2002-04-30 2003-11-14 Bank Of Tokyo-Mitsubishi Ltd サーバ間で認証情報を共有するための認証システムと、この認証システムに用いる記憶装置及び認証要求装置
JP2004334330A (ja) * 2003-04-30 2004-11-25 Sony Corp 端末機器、提供サーバ、電子情報利用方法、電子情報提供方法、端末機器プログラム、提供サーバプログラム、仲介プログラム、及び記憶媒体
JP2005044277A (ja) * 2003-07-25 2005-02-17 Fuji Xerox Co Ltd 不正通信検出装置
US20060020812A1 (en) 2004-04-27 2006-01-26 Shira Steinberg System and method of using human friendly representations of mathematical function results and transaction analysis to prevent fraud
EP1756995A4 (en) * 2004-05-21 2012-05-30 Emc Corp SYSTEM AND METHOD FOR REDUCING FRAUD
US7272728B2 (en) * 2004-06-14 2007-09-18 Iovation, Inc. Network security and fraud detection system and method
US20060157553A1 (en) * 2005-01-18 2006-07-20 International Business Machines Corporation Accommodating multiple users of a secure credit card
US7849501B2 (en) * 2005-09-30 2010-12-07 At&T Intellectual Property I, L.P. Methods and systems for using data processing systems in order to authenticate parties

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050278192A1 (en) * 2003-02-21 2005-12-15 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions

Also Published As

Publication number Publication date
WO2007095242A3 (en) 2008-02-28
CA2641995C (en) 2016-09-20
AU2007215180A1 (en) 2007-08-23
US20070220595A1 (en) 2007-09-20
EP1987447A4 (en) 2013-01-09
CA2641995A1 (en) 2007-08-23
WO2007095242A2 (en) 2007-08-23
JP2009526328A (ja) 2009-07-16
US7861286B2 (en) 2010-12-28
JP5231254B2 (ja) 2013-07-10
EP1987447A2 (en) 2008-11-05

Similar Documents

Publication Publication Date Title
AU2007215180B2 (en) System and method for network-based fraud and authentication services
US11108752B2 (en) Systems and methods for managing resetting of user online identities or accounts
Parmar et al. A comprehensive study on passwordless authentication
US9294288B2 (en) Facilitating secure online transactions
US8695097B1 (en) System and method for detection and prevention of computer fraud
CN103646197B (zh) 基于用户行为的用户可信度认证系统及方法
US8505085B2 (en) Flexible authentication for online services with unreliable identity providers
US20100217975A1 (en) Method and system for secure online transactions with message-level validation
CN101803272A (zh) 认证系统和方法
Abed The Techniques of authentication in the Context of Cloud Computing
US20220343095A1 (en) Fingerprint-Based Device Authentication
JP5186648B2 (ja) 安全なオンライン取引を容易にするシステム及び方法
US20090025066A1 (en) Systems and methods for first and second party authentication
Pampori et al. Securely eradicating cellular dependency for e-banking applications
Ibitola et al. Internet banking authentication methods in Nigeria Commercial Banks
CN115361217B (zh) 一种基于零信任的安全防护方法、网络及装置
Alaca Strengthening Password-Based Web Authentication through Multiple Supplementary Mechanisms
Dou Secure entity authentication
ALRUWAILI et al. A secure identity and access management framework in cloud environment based on dual-factor authentication
da Paula Manteigueiro Authentication and Identity Management for the EPOS Project
WO2025111216A1 (en) Electronic device, identity broker, service provider, client, secure electronic interaction system, and identity brokering
Dinne et al. Two Way Mobile Authentication System
Ashraf Securing cloud applications with two-factor authentication
Mandava et al. Two Way Mobile Authentication System
Singh A secure and reliable authentication mechanism for users of microsoft cardspace framework

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)
PC Assignment registered

Owner name: SYMANTEC INTERNATIONAL

Free format text: FORMER OWNER WAS: VERISIGN, INC.

PC Assignment registered

Owner name: SYMANTEC CORPORATION

Free format text: FORMER OWNER(S): SYMANTEC INTERNATIONAL

HB Alteration of name in register

Owner name: NORTONLIFELOCK INC.

Free format text: FORMER NAME(S): SYMANTEC CORPORATION

MK14 Patent ceased section 143(a) (annual fees not paid) or expired