US20120144472A1 - Fraud Detection - Google Patents

Fraud Detection Download PDF

Info

Publication number
US20120144472A1
US20120144472A1 US13/371,077 US201213371077A US2012144472A1 US 20120144472 A1 US20120144472 A1 US 20120144472A1 US 201213371077 A US201213371077 A US 201213371077A US 2012144472 A1 US2012144472 A1 US 2012144472A1
Authority
US
United States
Prior art keywords
information
privacy
account
authentication
authentication data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/371,077
Inventor
Aaron T. Emigh
James A. Roskind
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US13/371,077 priority Critical patent/US20120144472A1/en
Publication of US20120144472A1 publication Critical patent/US20120144472A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/42Loop networks
    • H04L12/427Loop networks with decentralised control
    • H04L12/433Loop networks with decentralised control with asynchronous transmission, e.g. token ring, register insertion
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1061Peer-to-peer [P2P] networks using node-based peer discovery mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1061Peer-to-peer [P2P] networks using node-based peer discovery mechanisms
    • H04L67/1065Discovery involving distributed pre-established resource-based relationships among peers, e.g. based on distributed hash tables [DHT] 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1061Peer-to-peer [P2P] networks using node-based peer discovery mechanisms
    • H04L67/1068Discovery involving direct consultation or announcement among potential requesting and potential source peers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting

Definitions

  • the present invention relates generally to the area of information security. More specifically, techniques for detecting fraud are disclosed.
  • credentials used to access information at one institution may also be used to access information at another institution.
  • the use of a credential incorrectly at one institution may signal potential fraud at a second institution at which the credential is valid.
  • Current information security technologies do not provide proactive detection of such potential fraud.
  • FIG. 1 is a diagram of a system for detecting and reacting to fraud, according to some embodiments.
  • FIG. 2 is a flow diagram of a method for distributing failed authentication information, according to some embodiments.
  • FIG. 3 is a flow diagram of a method for detecting fraud, according to some embodiments.
  • FIG. 4 is a flow diagram of a method for distributing privacy-preserved authentication data, according to some embodiments.
  • the invention can be implemented in numerous ways, including as a process, an apparatus, a system, a composition of matter, a computer readable medium such as a computer readable storage medium or a computer network wherein program instructions are sent over optical or electronic communication links.
  • these implementations, or any other form that the invention may take, may be referred to as techniques.
  • the order of the steps of disclosed processes may be altered within the scope of the invention.
  • FIG. 1 is a diagram of a system for detecting and reacting to fraud, according to some embodiments.
  • a client 101 may be connected to a network 102 .
  • a client may be any device capable of communicating via a network 102 , including a personal computer, a PDA, or a cell phone.
  • the network 102 may be any type of network, for example a public network such as the internet or a cellular phone network.
  • the network 102 may be an enterprise or home network, a virtual private network, a proprietary network, or a wireless network such as an 802.11 or Bluetooth network.
  • the network 102 may include more than one network.
  • An example of a network 102 including more than one network is a local area network connected to a public network such as the internet.
  • a sending institution server 103 may be connected to the network 102 .
  • the sending institution server 103 may provide information related to attempts at fraud such as identity theft.
  • Examples of a sending institution server 103 include a server associated with a financial institution such as a bank, a server associated with a corporate intranet, and any other server that may be associated with an issuer of confidential information and/or a target of fraud relating to misuse of confidential information.
  • Identity theft refers herein to the misappropriation of any confidential information, such as a credential and/or other information related to identity.
  • information related to identity include a user name, a password, a financial identifier such as a credit card number or bank account number, a social security number, a driver's license number, medical information, and personal information such as a mother's maiden name, birthday or place of birth.
  • a receiving institution server 104 may receive reports of potential attempts at fraud such as identity theft, for example directly or indirectly from the sending institution server 103 .
  • Examples of a receiving institution server 104 include a server associated with a financial institution such as a bank, a server associated with a corporate intranet, and any other server that may be associated with an issuer of confidential information and/or a target of fraud relating to misuse of confidential information.
  • a coordinating server 105 may act as an intermediary between a sending institution server 103 and a receiving institution server 104 .
  • Examples of acting as an intermediary include storing and forwarding data relating to potential fraud attempts, providing selective access to such data to parties authorized to access it, and processing of such data in a privacy-preserving manner, such as encrypting and/or generating keyed hashes of the data.
  • FIG. 2 is a flow diagram of a method for distributing failed authentication information, according to some embodiments.
  • the technique of this FIG. 2 may be performed by a sending institution server 103 of FIG. 1 .
  • an authentication attempt fails ( 201 ).
  • An example of a failed authentication attempt is an attempt to log into an account in which one or more credentials are invalid.
  • a credential refers herein to any verifiable element that may be used for authentication. Examples of a credential include a user name (also referred to herein as an account name), a password, a one-time or time-varying passcode, and an informational credential such as a birthdate, birthplace or mother's maiden name.
  • Another example of a failed authentication attempt is an attempt that failed, which was not followed within a short time period (such as two minutes) and/or from the same client (determined, for example, by IP address) by a successful authentication attempt.
  • An example of an account is a financial services account, such as a banking or brokerage account.
  • An example of a failed authentication attempt is login information such as an account name and password, or an account name, password and one-time passcode, that is not valid.
  • An example of a one-time passcode is a one-time or time variant code generated by a device, such as an RSA SecurID token.
  • Authentication data may be consolidated ( 202 ).
  • An example of consolidating authentication data is to combine credentials associated with the authentication data, such as an account name and password, or account name, password and one-time passcode, for example by concatenating them.
  • the consolidated authentication data may be transformed to preserve privacy ( 203 ).
  • An example of a privacy-preserving transformation is a cryptographic hash, such as a SHA1 or MD5 hash.
  • cryptographically hashing the authentication data may include keyed hashing. Keyed hashing refers herein to hashing data in combination with a key, for example a secret key shared with another entity such as a receiving institution server 104 of FIG. 1 .
  • a privacy-preserving transformation is encryption, for example encryption using a secret symmetric key or the public half of a public/private key pair.
  • the secret symmetric key or the private half of the public/private key pair may be known to a coordinating server 105 of FIG. 1 .
  • Transformed authentication data may be distributed ( 204 ).
  • An example of distributing the transformed authentication data is to transmit it to a receiving server 104 of FIG. 1 , for example using the network 102 of FIG. 1 .
  • Another example of distributing the transformed authentication data is to transmit it to a coordinating server 105 of FIG. 1 , for example using the network 102 of FIG. 1 .
  • FIG. 3 is a flow diagram of a method for detecting fraud, according to some embodiments.
  • the technique of this FIG. 3 may be performed by a receiving institution server 104 of FIG. 1 .
  • privacy-preserved authentication data is received ( 301 ). Examples of authentication data are discussed in conjunction with 201 of FIG. 2 , and may include login credentials and/or second-factor authentication information. Examples of privacy-preserved authentication data are discussed in conjunction with 203 of FIG. 2 , and include data that has been processed using cryptographic hashing, keyed cryptographic hashing, and/or encryption.
  • privacy-preserved authentication data may be received from a sending institution server 103 of FIG. 1 .
  • privacy-preserved authentication data may be received from a coordinating server 105 of FIG. 1 .
  • Account information relating to valid accounts may be retrieved ( 302 ).
  • information relating to valid accounts may be pre-processed with a privacy-preserving transformation such as a cryptographic hash or keyed hash.
  • An example of retrieving account information is to retrieve the information, or entire or partial metadata associated with the account information, from a filesystem and/or a database such as a relational database.
  • An example of determining whether the current set of account information matches the privacy-preserved authentication data is to determine whether they are substantially the same.
  • Another example of determining whether the current set of account information matches the privacy-preserved authentication data is to transform the current set of account information, for example using a cryptographic hash, keyed cryptographic hash or encryption, and determine whether they are substantially the same.
  • security measures relating to the current account may be taken ( 308 ).
  • An example of a security measure relating to an account is to restrict access to the account.
  • One example of restricting access to an account is to disable online access to an account, for example temporarily.
  • Another example of restricting access to an account is to require additional authentication, such as answers to one or more questions associated with the account, or a phone call to enable access to the account.
  • Another example of a security measure relating to an account is to contact an accountholder, for example via phone or email, and inform the account holder that his account(s), at the detecting institution and/or at another institution, may be at risk of fraud.
  • the techniques of 303 - 307 may be performed using other implementations, such as batch processing in which more than one set of authentication data is checked at each iteration, and/or using a data structure such as a hash table instead of a linear search for matches.
  • FIG. 4 is a flow diagram of a method for distributing privacy-preserved authentication data, according to some embodiments.
  • the technique of this FIG. 4 may be performed by a coordinating server 105 of FIG. 1 .
  • privacy-preserved authentication data is received ( 401 ). Examples of authentication data are discussed in conjunction with 201 of FIG. 2 , and may include login credentials and/or second-factor authentication information. Examples of privacy-preserved authentication are discussed in conjunction with 203 of FIG. 2 , and include data processed with cryptographic hashing, keyed cryptographic hashing, and/or encryption.
  • privacy-preserved authentication data may be received from a sending institution server 103 of FIG. 1 .
  • the authentication data may be decrypted ( 402 ), for example using a symmetric key or the private half of a public/private key pair.
  • authentication data may be transformed to preserve privacy ( 403 ).
  • transformations to preserve privacy are discussed in conjunction with 203 of FIG. 2 , and include cryptographic hashing, keyed cryptographic hashing and encryption, such as encryption with the public half of a public/private key pair or a secret symmetric key.
  • Privacy-preserved authentication data may be distributed ( 404 ).
  • An example of distributing privacy-preserved authentication data is to transmit it to a receiving institution server 104 of FIG. 1 .
  • access controls may be imposed prior to distributing privacy-preserved authentication data, such as receiving a request for privacy-preserved authentication data and requiring authentication such as a proof of possession of a secret before providing such information.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Cardiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

In some embodiments, techniques for information security include receiving information related to an authentication credential, wherein the information is related to a failed authentication attempt; determining whether the authentication credential is related to a valid account; and performing a security measure related to the valid account, if it is determined that the authentication credential is related to the valid account.
In some embodiments, techniques for information security include Determining that an authentication attempt has failed, applying a privacy-performing transformation such as a cryptographic hash or encryption to an authentication credential, and distributing the privacy-preserved credential.
In some embodiments, techniques for information security include receiving and redistributing a privacy-preserved authentication credential.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This Application is a Continuation of U.S. patent application No. 11/394,764, filed Mar. 31, 2006 which claims priority to U.S. Provisional Patent Application No. 60/667,333, filed Mar. 31, 2005; all of the aforementioned priority applications being hereby incorporated in their entirety for all purposes.
    • FIELD OF THE INVENTION
  • The present invention relates generally to the area of information security. More specifically, techniques for detecting fraud are disclosed.
    • BACKGROUND OF THE INVENTION
  • An increasing volume of confidential information, such as personal and financial information, is being stored electronically, in locations accessible through electronic networks such as the internet. This information has value to parties who can illicitly gain access to such information. In many cases, credentials used to access information at one institution may also be used to access information at another institution. The use of a credential incorrectly at one institution may signal potential fraud at a second institution at which the credential is valid. Current information security technologies do not provide proactive detection of such potential fraud.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Various embodiments of the invention are disclosed in the following detailed description and the accompanying drawings.
  • FIG. 1 is a diagram of a system for detecting and reacting to fraud, according to some embodiments.
  • FIG. 2 is a flow diagram of a method for distributing failed authentication information, according to some embodiments.
  • FIG. 3 is a flow diagram of a method for detecting fraud, according to some embodiments.
  • FIG. 4 is a flow diagram of a method for distributing privacy-preserved authentication data, according to some embodiments.
    •  DETAILED DESCRIPTION
  • The invention can be implemented in numerous ways, including as a process, an apparatus, a system, a composition of matter, a computer readable medium such as a computer readable storage medium or a computer network wherein program instructions are sent over optical or electronic communication links. In this specification, these implementations, or any other form that the invention may take, may be referred to as techniques. In general, the order of the steps of disclosed processes may be altered within the scope of the invention.
  • A detailed description of one or more embodiments of the invention is provided below along with accompanying figures that illustrate the principles of the invention. The invention is described in connection with such embodiments, but the invention is not limited to any embodiment. The scope of the invention is limited only by the claims and the invention encompasses numerous alternatives, modifications and equivalents. Numerous specific details are set forth in the following description in order to provide a thorough understanding of the invention. These details are provided for the purpose of example and the invention may be practiced according to the claims without some or all of these specific details. For the purpose of clarity, technical material that is known in the technical fields related to the invention has not been described in detail so that the invention is not unnecessarily obscured.
  • FIG. 1 is a diagram of a system for detecting and reacting to fraud, according to some embodiments. In this example, a client 101 may be connected to a network 102. A client may be any device capable of communicating via a network 102, including a personal computer, a PDA, or a cell phone.
  • The network 102 may be any type of network, for example a public network such as the internet or a cellular phone network. In another example, the network 102 may be an enterprise or home network, a virtual private network, a proprietary network, or a wireless network such as an 802.11 or Bluetooth network. In some embodiments, the network 102 may include more than one network. An example of a network 102 including more than one network is a local area network connected to a public network such as the internet.
  • A sending institution server 103 may be connected to the network 102. The sending institution server 103 may provide information related to attempts at fraud such as identity theft. Examples of a sending institution server 103 include a server associated with a financial institution such as a bank, a server associated with a corporate intranet, and any other server that may be associated with an issuer of confidential information and/or a target of fraud relating to misuse of confidential information.
  • Identity theft refers herein to the misappropriation of any confidential information, such as a credential and/or other information related to identity. Examples of information related to identity include a user name, a password, a financial identifier such as a credit card number or bank account number, a social security number, a driver's license number, medical information, and personal information such as a mother's maiden name, birthday or place of birth.
  • A receiving institution server 104 may receive reports of potential attempts at fraud such as identity theft, for example directly or indirectly from the sending institution server 103. Examples of a receiving institution server 104 include a server associated with a financial institution such as a bank, a server associated with a corporate intranet, and any other server that may be associated with an issuer of confidential information and/or a target of fraud relating to misuse of confidential information.
  • In some embodiments, a coordinating server 105 may act as an intermediary between a sending institution server 103 and a receiving institution server 104. Examples of acting as an intermediary include storing and forwarding data relating to potential fraud attempts, providing selective access to such data to parties authorized to access it, and processing of such data in a privacy-preserving manner, such as encrypting and/or generating keyed hashes of the data.
  • FIG. 2 is a flow diagram of a method for distributing failed authentication information, according to some embodiments. In some embodiments, the technique of this FIG. 2 may be performed by a sending institution server 103 of FIG. 1. In this example, an authentication attempt fails (201). An example of a failed authentication attempt is an attempt to log into an account in which one or more credentials are invalid. A credential refers herein to any verifiable element that may be used for authentication. Examples of a credential include a user name (also referred to herein as an account name), a password, a one-time or time-varying passcode, and an informational credential such as a birthdate, birthplace or mother's maiden name. Another example of a failed authentication attempt is an attempt that failed, which was not followed within a short time period (such as two minutes) and/or from the same client (determined, for example, by IP address) by a successful authentication attempt. An example of an account is a financial services account, such as a banking or brokerage account. An example of a failed authentication attempt is login information such as an account name and password, or an account name, password and one-time passcode, that is not valid. An example of a one-time passcode is a one-time or time variant code generated by a device, such as an RSA SecurID token.
  • Authentication data may be consolidated (202). An example of consolidating authentication data is to combine credentials associated with the authentication data, such as an account name and password, or account name, password and one-time passcode, for example by concatenating them. The consolidated authentication data may be transformed to preserve privacy (203). An example of a privacy-preserving transformation is a cryptographic hash, such as a SHA1 or MD5 hash. In some embodiments, cryptographically hashing the authentication data may include keyed hashing. Keyed hashing refers herein to hashing data in combination with a key, for example a secret key shared with another entity such as a receiving institution server 104 of FIG. 1. Another example of a privacy-preserving transformation is encryption, for example encryption using a secret symmetric key or the public half of a public/private key pair. In some such embodiments, the secret symmetric key or the private half of the public/private key pair may be known to a coordinating server 105 of FIG. 1.
  • Transformed authentication data may be distributed (204). An example of distributing the transformed authentication data is to transmit it to a receiving server 104 of FIG. 1, for example using the network 102 of FIG. 1. Another example of distributing the transformed authentication data is to transmit it to a coordinating server 105 of FIG. 1, for example using the network 102 of FIG. 1.
  • FIG. 3 is a flow diagram of a method for detecting fraud, according to some embodiments. In some embodiments, the technique of this FIG. 3 may be performed by a receiving institution server 104 of FIG. 1. In this example, privacy-preserved authentication data is received (301). Examples of authentication data are discussed in conjunction with 201 of FIG. 2, and may include login credentials and/or second-factor authentication information. Examples of privacy-preserved authentication data are discussed in conjunction with 203 of FIG. 2, and include data that has been processed using cryptographic hashing, keyed cryptographic hashing, and/or encryption. In some embodiments, privacy-preserved authentication data may be received from a sending institution server 103 of FIG. 1. In some embodiments, privacy-preserved authentication data may be received from a coordinating server 105 of FIG. 1.
  • Account information relating to valid accounts may be retrieved (302). In some embodiments, information relating to valid accounts may be pre-processed with a privacy-preserving transformation such as a cryptographic hash or keyed hash. An example of retrieving account information is to retrieve the information, or entire or partial metadata associated with the account information, from a filesystem and/or a database such as a relational database.
  • It may be determined whether another account remains to be processed (303). If it is determined that there is not another account to process (303), then in this example processing is complete (305). If it is determined that another account remains to be processed (303), then in this example a next set of account information may be retrieved (306), for example from memory or from a database such as a relational database.
  • It may be determined whether the current set of account information matches the privacy-preserved authentication data (307). An example of determining whether the current set of account information matches the privacy-preserved authentication data is to determine whether they are substantially the same. Another example of determining whether the current set of account information matches the privacy-preserved authentication data is to transform the current set of account information, for example using a cryptographic hash, keyed cryptographic hash or encryption, and determine whether they are substantially the same.
  • If it is determined that the current set of account information does not match the privacy-preserved authentication data (307), then in this example it may be determined whether another account remains to be processed (303).
  • If it is determined that the current set of account information matches the privacy-preserved authentication data (307), then in this example security measures relating to the current account may be taken (308). An example of a security measure relating to an account is to restrict access to the account. One example of restricting access to an account is to disable online access to an account, for example temporarily. Another example of restricting access to an account is to require additional authentication, such as answers to one or more questions associated with the account, or a phone call to enable access to the account. Another example of a security measure relating to an account is to contact an accountholder, for example via phone or email, and inform the account holder that his account(s), at the detecting institution and/or at another institution, may be at risk of fraud.
  • In some embodiments, the techniques of 303-307 may be performed using other implementations, such as batch processing in which more than one set of authentication data is checked at each iteration, and/or using a data structure such as a hash table instead of a linear search for matches.
  • FIG. 4 is a flow diagram of a method for distributing privacy-preserved authentication data, according to some embodiments. In some embodiments, the technique of this FIG. 4 may be performed by a coordinating server 105 of FIG. 1. In this example, privacy-preserved authentication data is received (401). Examples of authentication data are discussed in conjunction with 201 of FIG. 2, and may include login credentials and/or second-factor authentication information. Examples of privacy-preserved authentication are discussed in conjunction with 203 of FIG. 2, and include data processed with cryptographic hashing, keyed cryptographic hashing, and/or encryption. In some embodiments, privacy-preserved authentication data may be received from a sending institution server 103 of FIG. 1.
  • In some embodiments, such as embodiments in which the authentication data is encrypted as discussed in conjunction with 203 of FIG. 2, the authentication data may be decrypted (402), for example using a symmetric key or the private half of a public/private key pair.
  • In some embodiments, authentication data may be transformed to preserve privacy (403). Examples of transformations to preserve privacy are discussed in conjunction with 203 of FIG. 2, and include cryptographic hashing, keyed cryptographic hashing and encryption, such as encryption with the public half of a public/private key pair or a secret symmetric key.
  • Privacy-preserved authentication data may be distributed (404). An example of distributing privacy-preserved authentication data is to transmit it to a receiving institution server 104 of FIG. 1. In some embodiments, access controls may be imposed prior to distributing privacy-preserved authentication data, such as receiving a request for privacy-preserved authentication data and requiring authentication such as a proof of possession of a secret before providing such information.
  • Although the foregoing embodiments have been described in some detail for purposes of clarity of understanding, the invention is not limited to the details provided. There are many alternative ways of implementing the invention. The disclosed embodiments are illustrative and not restrictive.

Claims (1)

1. A method for electronic security, comprising:
receiving information related to an authentication credential;
wherein the information is related to a failed authentication attempt;
determining whether the authentication credential is related to a valid account; and
performing a security measure related to the valid account, if it is determined that the authentication credential is related to the valid account.
US13/371,077 2005-03-31 2012-02-10 Fraud Detection Abandoned US20120144472A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/371,077 US20120144472A1 (en) 2005-03-31 2012-02-10 Fraud Detection

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US66733305P 2005-03-31 2005-03-31
US11/394,764 US8146143B1 (en) 2005-03-31 2006-03-31 Fraud detection
US13/371,077 US20120144472A1 (en) 2005-03-31 2012-02-10 Fraud Detection

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US11/394,764 Continuation US8146143B1 (en) 2005-03-31 2006-03-31 Fraud detection

Publications (1)

Publication Number Publication Date
US20120144472A1 true US20120144472A1 (en) 2012-06-07

Family

ID=45813376

Family Applications (7)

Application Number Title Priority Date Filing Date
US11/395,752 Active 2029-08-18 US8139508B1 (en) 2005-03-31 2006-03-31 Self-forming network
US11/394,764 Active 2028-04-11 US8146143B1 (en) 2005-03-31 2006-03-31 Fraud detection
US13/365,971 Active US8681662B2 (en) 2005-03-31 2012-02-03 Self-forming network
US13/371,077 Abandoned US20120144472A1 (en) 2005-03-31 2012-02-10 Fraud Detection
US14/172,781 Active US9166899B2 (en) 2005-03-31 2014-02-04 Self-forming network
US14/830,643 Active US9825836B2 (en) 2005-03-31 2015-08-19 Self-forming network
US15/792,509 Abandoned US20180091412A1 (en) 2005-03-31 2017-10-24 Self-forming network

Family Applications Before (3)

Application Number Title Priority Date Filing Date
US11/395,752 Active 2029-08-18 US8139508B1 (en) 2005-03-31 2006-03-31 Self-forming network
US11/394,764 Active 2028-04-11 US8146143B1 (en) 2005-03-31 2006-03-31 Fraud detection
US13/365,971 Active US8681662B2 (en) 2005-03-31 2012-02-03 Self-forming network

Family Applications After (3)

Application Number Title Priority Date Filing Date
US14/172,781 Active US9166899B2 (en) 2005-03-31 2014-02-04 Self-forming network
US14/830,643 Active US9825836B2 (en) 2005-03-31 2015-08-19 Self-forming network
US15/792,509 Abandoned US20180091412A1 (en) 2005-03-31 2017-10-24 Self-forming network

Country Status (1)

Country Link
US (7) US8139508B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10891621B2 (en) 2017-08-09 2021-01-12 Microsoft Technology Licensing, Llc Systems and methods of providing security in an electronic network
US11397950B2 (en) 2019-06-20 2022-07-26 Microsoft Technology Licensing, Llc Systems and methods for authenticating an electronic transaction

Families Citing this family (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090224889A1 (en) * 2003-12-12 2009-09-10 Abhinav Aggarwal System and method for universal identity verification of biological humans
US7684352B2 (en) * 2006-11-02 2010-03-23 Nortel Networks Ltd Distributed storage of routing information in a link state protocol controlled network
EP2087667A4 (en) * 2006-11-27 2015-03-04 Ericsson Telefon Ab L M A method and system for providing arouting architecture for overlay networks
FI20075577A0 (en) * 2007-08-17 2007-08-17 Exove Oy Secure data transfer
US8903973B1 (en) 2008-11-10 2014-12-02 Tanium Inc. Parallel distributed network management
EP2377294B1 (en) * 2008-12-18 2017-05-17 Scality, SA Multipurpose storage system based upon a distributed hashing mechanism with transactional support and failover capability
US9595049B2 (en) * 2012-06-11 2017-03-14 Retailmenot, Inc. Cross-device geolocation sensing to geotarget offers
US9059961B2 (en) 2012-12-21 2015-06-16 Tanium Inc. Creation and maintenance of self-organizing communication orbits in distributed networks
US11172470B1 (en) 2012-12-21 2021-11-09 Tanium Inc. System, security and network management using self-organizing communication orbits in distributed networks
NL2011132C2 (en) * 2013-07-10 2015-01-13 Stertil Bv Lifting system for lifting a vehicle and method for operating the lifting system.
US9769037B2 (en) 2013-11-27 2017-09-19 Tanium Inc. Fast detection and remediation of unmanaged assets
US9684737B2 (en) * 2014-02-18 2017-06-20 International Business Machines Corporation Accessing an N-way linked list
US10873645B2 (en) 2014-03-24 2020-12-22 Tanium Inc. Software application updating in a local network
US9769275B2 (en) * 2014-03-24 2017-09-19 Tanium Inc. Data caching and distribution in a local network
US9910752B2 (en) 2015-04-24 2018-03-06 Tanium Inc. Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
US11461208B1 (en) 2015-04-24 2022-10-04 Tanium Inc. Reliable map-reduce communications in a decentralized, self-organizing communication orbit of a distributed network
US10270801B2 (en) * 2016-01-25 2019-04-23 Oath Inc. Compromised password detection based on abuse and attempted abuse
US10498744B2 (en) 2016-03-08 2019-12-03 Tanium Inc. Integrity monitoring in a local network
US10482242B2 (en) 2016-03-08 2019-11-19 Tanium Inc. System and method for performing event inquiries in a network
US10929345B2 (en) 2016-03-08 2021-02-23 Tanium Inc. System and method of performing similarity search queries in a network
US11609835B1 (en) 2016-03-08 2023-03-21 Tanium Inc. Evaluating machine and process performance in distributed system
US11153383B2 (en) 2016-03-08 2021-10-19 Tanium Inc. Distributed data analysis for streaming data sources
US11372938B1 (en) 2016-03-08 2022-06-28 Tanium Inc. System and method for performing search requests in a network
US11886229B1 (en) 2016-03-08 2024-01-30 Tanium Inc. System and method for generating a global dictionary and performing similarity search queries in a network
US10044605B2 (en) * 2016-12-23 2018-08-07 Juniper Networks, Inc. Apparatus, system, and method for distributing routing-protocol information in clos fabrics
US10824729B2 (en) 2017-07-14 2020-11-03 Tanium Inc. Compliance management in a local network
CN110661733B (en) * 2018-06-29 2021-07-30 智邦科技股份有限公司 Network interface card, exchange card and line card
US10841365B2 (en) * 2018-07-18 2020-11-17 Tanium Inc. Mapping application dependencies in a computer network
US11343355B1 (en) * 2018-07-18 2022-05-24 Tanium Inc. Automated mapping of multi-tier applications in a distributed system
US11956135B2 (en) * 2018-11-07 2024-04-09 Xerox Corporation Network measurement in an enterprise environment
CN110572303B (en) * 2019-09-12 2022-06-07 苏州浪潮智能科技有限公司 Method and device for automatically discovering nodes
US11831670B1 (en) 2019-11-18 2023-11-28 Tanium Inc. System and method for prioritizing distributed system risk remediations
US11563764B1 (en) 2020-08-24 2023-01-24 Tanium Inc. Risk scoring based on compliance verification test results in a local network
US11720504B2 (en) * 2021-04-15 2023-08-08 Apple Inc. Secure storage of datasets in a thread network device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030131255A1 (en) * 2002-01-10 2003-07-10 Youngtack Shim Secure data storage systems
US20030149900A1 (en) * 2002-02-06 2003-08-07 Glassman Steven Charles System and method for providing multi-class processing of login requests
US20040059951A1 (en) * 2002-04-25 2004-03-25 Intertrust Technologies Corporation Secure authentication systems and methods
US20040153668A1 (en) * 2001-03-22 2004-08-05 Baier Saip Herbert Alexander Method, system, and end user device for identifying a sender in a network
US20040268154A1 (en) * 2003-06-27 2004-12-30 Ullrich Kai O Authentication scheme system and method
US20050097364A1 (en) * 2003-07-23 2005-05-05 Edeki Omon A. System and method for securing computer system against unauthorized access
US20050138435A1 (en) * 2003-12-23 2005-06-23 Kaufman Charles W. Method and system for providing a login and arbitrary user verification function to applications
US20050188423A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for monitoring user behavior for a server application
US6993790B2 (en) * 2001-08-30 2006-01-31 International Business Machines Corporation Host-based systematic attack detection tool
US20060089906A1 (en) * 2004-10-21 2006-04-27 Michael Rowley Method for securing a payment transaction over a public network
US7058817B1 (en) * 1999-07-02 2006-06-06 The Chase Manhattan Bank System and method for single sign on process for websites with multiple applications and services

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6070243A (en) * 1997-06-13 2000-05-30 Xylan Corporation Deterministic user authentication service for communication network
US6263446B1 (en) * 1997-12-23 2001-07-17 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
US6662228B1 (en) * 2000-02-01 2003-12-09 Sun Microsystems, Inc. Internet server authentication client
US7032026B1 (en) * 2001-08-31 2006-04-18 Oracle International Corp. Method and apparatus to facilitate individual and global lockouts to network applications
US7228417B2 (en) * 2002-02-26 2007-06-05 America Online, Inc. Simple secure login with multiple-authentication providers
US8204992B2 (en) * 2002-09-26 2012-06-19 Oracle America, Inc. Presence detection using distributed indexes in peer-to-peer networks
US20060059346A1 (en) * 2004-09-14 2006-03-16 Andrew Sherman Authentication with expiring binding digital certificates

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7058817B1 (en) * 1999-07-02 2006-06-06 The Chase Manhattan Bank System and method for single sign on process for websites with multiple applications and services
US20040153668A1 (en) * 2001-03-22 2004-08-05 Baier Saip Herbert Alexander Method, system, and end user device for identifying a sender in a network
US6993790B2 (en) * 2001-08-30 2006-01-31 International Business Machines Corporation Host-based systematic attack detection tool
US20030131255A1 (en) * 2002-01-10 2003-07-10 Youngtack Shim Secure data storage systems
US20030149900A1 (en) * 2002-02-06 2003-08-07 Glassman Steven Charles System and method for providing multi-class processing of login requests
US20040059951A1 (en) * 2002-04-25 2004-03-25 Intertrust Technologies Corporation Secure authentication systems and methods
US20040268154A1 (en) * 2003-06-27 2004-12-30 Ullrich Kai O Authentication scheme system and method
US20050097364A1 (en) * 2003-07-23 2005-05-05 Edeki Omon A. System and method for securing computer system against unauthorized access
US20050138435A1 (en) * 2003-12-23 2005-06-23 Kaufman Charles W. Method and system for providing a login and arbitrary user verification function to applications
US20050188423A1 (en) * 2004-02-24 2005-08-25 Covelight Systems, Inc. Methods, systems and computer program products for monitoring user behavior for a server application
US20060089906A1 (en) * 2004-10-21 2006-04-27 Michael Rowley Method for securing a payment transaction over a public network

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10891621B2 (en) 2017-08-09 2021-01-12 Microsoft Technology Licensing, Llc Systems and methods of providing security in an electronic network
US11397950B2 (en) 2019-06-20 2022-07-26 Microsoft Technology Licensing, Llc Systems and methods for authenticating an electronic transaction

Also Published As

Publication number Publication date
US9166899B2 (en) 2015-10-20
US9825836B2 (en) 2017-11-21
US8146143B1 (en) 2012-03-27
US20140164610A1 (en) 2014-06-12
US20180091412A1 (en) 2018-03-29
US8681662B2 (en) 2014-03-25
US8139508B1 (en) 2012-03-20
US20120269096A1 (en) 2012-10-25
US20160036681A1 (en) 2016-02-04

Similar Documents

Publication Publication Date Title
US8146143B1 (en) Fraud detection
US12113792B2 (en) Authenticator centralization and protection including selection of authenticator type based on authentication policy
CN109951489B (en) Digital identity authentication method, equipment, device, system and storage medium
EP2731040B1 (en) Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method
RU2747947C2 (en) Systems and methods of personal identification and verification
US8788836B1 (en) Method and apparatus for providing identity claim validation
US9525690B2 (en) Securely integrating third-party applications with banking systems
CN101312453B (en) User terminal, method for login network service system
US20180288031A1 (en) Collection point anchored multi-property identity based application specific token origination
US20080216172A1 (en) Systems, methods, and apparatus for secure transactions in trusted systems
CN114662079A (en) Method and system for accessing data from multiple devices
CN107733933B (en) Method and system for double-factor identity authentication based on biological recognition technology
US20070255951A1 (en) Token Based Multi-protocol Authentication System and Methods
GB2434724A (en) Secure transactions using authentication tokens based on a device "fingerprint" derived from its physical parameters
US20130305378A1 (en) Method and system for establishing trust between a service provider and a client of the service provider
US20180262471A1 (en) Identity verification and authentication method and system
TW201223225A (en) Method for personal identity authentication utilizing a personal cryptographic device
CN110098925B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number
EP2920732B1 (en) Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method
US20100146605A1 (en) Method and system for providing secure online authentication
US11671475B2 (en) Verification of data recipient
EP2920733B1 (en) Computer system for storing and retrieval of encrypted data items using a tablet computer and computer-implemented method
CN116703310A (en) Resource transfer method, device, computer equipment and storage medium
Corella et al. A comprehensive approach to cryptographic and biometric authentication from a mobile perspective
JP2004021591A (en) Management device and authentication device

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION