WO2014097164A1 - System and method for determining a measure of identity authenticity - Google Patents

System and method for determining a measure of identity authenticity Download PDF

Info

Publication number
WO2014097164A1
WO2014097164A1 PCT/IB2013/061072 IB2013061072W WO2014097164A1 WO 2014097164 A1 WO2014097164 A1 WO 2014097164A1 IB 2013061072 W IB2013061072 W IB 2013061072W WO 2014097164 A1 WO2014097164 A1 WO 2014097164A1
Authority
WO
WIPO (PCT)
Prior art keywords
party
data
communication session
session
responsive
Prior art date
Application number
PCT/IB2013/061072
Other languages
French (fr)
Inventor
Eran Reshef
Tal YALON
Asher POLANI
Original Assignee
Saferend Security Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US201261739020P priority Critical
Priority to US61/739,020 priority
Application filed by Saferend Security Ltd. filed Critical Saferend Security Ltd.
Publication of WO2014097164A1 publication Critical patent/WO2014097164A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting

Abstract

Aspects of embodiments relate to providing a system and method for determining a measure of identity authenticity (IDA) of a first party responsive to assessing the veracity of information provided by the first party over an electronic communication network. With the ever increasing employment of electronic communication in which people communicating with each other do not meet face to face, use of false aliases and/or of false information has become a relatively convenient modus operandi for illicit purposes, such as by way of example, industrial espionage, unlawful enticement, and identity theft.

Description

SYSTEM AND METHOD FOR DETERMINING A MEASURE OF IDENTITY

AUTHENTICITY

RELATED APPLICATIONS

[0001 ] The present application claims the benefit under 35 U.S.C. §1 19(e) of US

Provisional Application 61/739,020 filed on December 19, 2012 the disclosure of which is incorporated herein by reference.

TECHNICAL FIELD

[0002] Embodiments relate to determining a measure of identity authenticity of a party communicating via a communication network.

BACKGROUND

[0003] With the ever increasing employment of electronic communication in which people communicating with each other do not meet face to face, use of false aliases and/or of false information has become a relatively convenient modus operandi for illicit purposes, such as by way of example, industrial espionage, unlawful enticement, and identity theft. Therefore, determining a measure of identity authenticity of a person communicating via an electronic network has become an advantageous, if not necessary undertaking, to provide acceptable personal and enterprise security when using today's electronic communication resources and networks.

SUMMARY

[0004] Aspects of embodiments relate to providing a system and method for determining a measure of identity authenticity (IDA) of a first party responsive to assessing the veracity of information provided by the first party over an electronic communication network.

[0005] The terms "first", "second", etc. may be used herein to distinguish one element from another. Furthermore, the term "party" may refer to any natural person, legal person, computer, and/or network entity operative, for example, to present himself or herself to another party as a lawful natural or legal person by providing the other party with relevant information over a communication network. Correspondingly, the term "identity" as used herein may refer to the identity of a natural person as well as to the identity of a legal person such as, for example, the identity of company. The term "communication session" as used herein may refer, for example, to electronically receiving, by a second party, information that is associated with a first party. A communication session may for example relate to viewing an online identity profile associated with the first party; receiving information associated with the first party over an email platform; over a chat platform, i.e., in a synchronous exchange of messages over an electronic communication network; over a short messaging service (SMS), over a multimedia messaging service (MMS), over internet forum platforms, and/or over any other electronic form of communication.

[0006] Assessing the veracity of information provided by the first party may be based on cross-referencing data descriptive of information provided by the first party ("session-data") against other data ("validation-data"). Validation-data may, for example, relate to network activity and/or the first party's personal biography acquired from third-party sources. Additionally or alternatively, validation-data may relate to information provided by the first party about another, third party. For example, validation-data may relate to information provided in an online identity profile about an individual connected with the first party via an electronic social network.

[0007] Validation-data may be acquired from databases that are substantially internal to a communication network (e.g., cloud database which may for example relate to an electronic social networking database) and/or substantially external to a communication network (e.g., an end-user database which may relate, for example, to government-based databases of, e.g., deceased persons). [0008] Cross-referencing session-data with validation-data may be made responsive to features of the communication session in which the parties engage. For example, responsive to a classification of the communication session, a set of test parameters may be generated. Generating the set of test parameters may include assigning weighting factors reflecting the test parameters' importance relative to each other.

[0009] For example, if the communication session was classified as a "business session", then test parameters such as "professional experience", "education", "endorsements/recommendations", "professional titles", and/or business-related terms in general, may be weighted higher than test parameters such as "sexual preference", "age" and/or "attractiveness", which may be more relevant to a communication session classified as a "dating-related communication session". In some embodiments, one or more test parameters such as, for example, "age" and/or "gender" may be weighted equally across different classes of communication sessions.

[0010] Validation-data may then be acquired and weighted in accordance with a classification of the communication session. For each test parameter, acquired validation- data may then be cross-referenced against session-data descriptive of the information provided by the first party. In some embodiments, cross-referencing may for example include checking for a degree of correlation of suggested age with a measure of complexity of syntax and/or sophistication of vocabulary and/or checking the frequency and/or the proper use of certain terms.

[001 1 ] Cross-referencing session-data with validation-data may yield for each test parameter an indication (henceforth: information veracity indicator) about the probability that the provided session-data is truthful, complete, accurate, and/or correct. The obtained information veracity indicator values may be weighted in accordance with the corresponding weighted test parameter. [0012] In some embodiments, responsive to provided session-data identified as an outlier, the value of a given information veracity indicator may either increase or decrease.

[0013] In some embodiments, the method may include generating an alert indicating that increased attention by the first, second and/or third party is required responsive to the measure of information veracity. The second and/or the third party may be embodied by, e.g., a human and/or a computerized system. The alert may be embodied, for example, by data that is descriptive of information (e.g., a message) indicating that increased awareness is required with respect to related session-data. Such data may for example be added, e.g., to a Customer Relationship Management System and/or to a due diligence system such as, for example, a "Know Your Customer" (KYC) regulatory system.

[0014] In some embodiments, the method includes determining values of the weighting factors responsive to session-data received for the test parameter.

[0015] In some embodiments, the method includes determining values of the weighting factors responsive to validation-data available.

[0016] In some embodiments, the method includes selecting information that the first party can receive responsive to the measure of identity authenticity.

[0017] In some embodiments, the method includes generating an alert indicating that attention by the second and/or third party is required responsive to the measure of identity authenticity of the first party.

[0018] In some embodiments, cross-referencing comprises receiving validation-data from a database of a communication network.

[0019] In some embodiments, generating the weighted test parameters comprises associating weights to a set of identification parameters to obtain weighted identification parameters. [0020] In some embodiments, the method includes selecting the test parameter from the set of weighted identification parameters.

[0021 ] In some embodiments, selecting the test parameters comprises setting the value of weighting factor for non-selected test parameters to Zero.

[0022] In some embodiments, features of the communication session are content-related.

[0023] In some embodiments, features of the communication session are technology- related.

[0024] In some embodiments, features of the communication session relate to a travel pattern of the first party.

[0025] In some embodiments, the method includes receiving a plurality of location indications along with respective time stamps, from a communication device associated with the first party; and associating a travel pattern to the first party responsive to the received plurality of location indications.

[0026] In some embodiments, the method includes cross-referencing session-data against validation-data descriptive of the travel pattern associated with the first party.

[0027] In some embodiments, cross-referencing includes confronting the first party with control queries.

[0028] In some embodiments, cross-referencing is accomplished based on reference-data provided by a third party. In some embodiments, the third party is a validated third-party.

[0029] In some embodiments, the system comprises a communication module operative to receive from a first party session-data descriptive of information provided by the first party during the communication session, and operative to receive validation-data descriptive of history of the first party; a computer memory operative to store a set of instructions; and a processor operative to execute the set of instructions resulting in processing the received session-data and the received validation-data to assess the veracity of the provided information.

[0030] Embodiments may relate to a computer-program product, comprising: a computer readable storage medium comprising an instruction set, , which when executed by a computer comprised in an Identity Authentication System in accordance with an embodiment of the invention for determining identity authenticity, causes the system to: classify a communication session between a first party and a second party responsive to features of the communication session; generate, responsive to the classification of the communication session, a weighted test parameter that relates to a feature of the communication session; associate the weighted test parameter to session-data descriptive of information provided in the communication session; cross-reference the session-data against validation-data descriptive of reference information; and assess, responsive to the cross-referencing, the veracity of the provided information.

[0031 ] In the discussion unless otherwise stated, adjectives such as "substantially" and "about" modifying a condition or relationship characteristic of a feature or features of an embodiment, are understood to mean that the condition or characteristic is defined to within tolerances that are acceptable for operation of the embodiment for an application for which it is intended.

[0032] This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.

[0033] It should be understood that where the claims or specification refer to "a" or "an" element, such reference is not to be construed as there being only one of that element. BRIEF DESCRIPTION OF THE FIGURES

[0034] Non-limiting examples of embodiments are described below with reference to figures attached hereto that are listed following this paragraph. Identical structures, elements or parts that appear in more than one figure are generally labeled with a same numeral in all the figures in which they appear, and a numeral labeling an icon representing a given feature in a figure may be used to reference the given feature. Dimensions of components and features shown in the figures are chosen for convenience and clarity of presentation and are not necessarily shown to scale.

[0035] Fig. 1 shows a block diagram of a system operative to determine a measure of identity authenticity, in accordance with some embodiments;

[0036] Fig. 2 shows a block diagram of an implementation of the system in conjunction with parties of a communication session, in accordance with some embodiments; and

[0037] Fig. 3 is a flow-chart of a method for determining a measure of identity authenticity, in accordance with some embodiments.

DESCRIPTION

[0038] In the description below aspects of embodiments are discussed with respect to a method operative to provide a second party engaging with a first party in a communication session over an electronic communication network with a measure of identity authenticity (IDA) of the first party responsive to an assessment of the veracity of information provided by the first party.

[0039] Reference is made to Fig. 1 , showing a block diagram of a system 100 that is operative to determine a measure of identity authenticity, in accordance with some embodiments; and to Fig. 2 showing a block diagram of a network system 900 in conjunction with parties of a communication session, in accordance with some embodiments. [0040] System 100 may include a computer memory 102 (which may include one or more computer readable storage mediums), a controller 103, a processor 104, a communication engine 105 for enabling communication over a communication network 500, and a storage 109, which may communicate with each other over one or more wire and/or wireless communication links 101 . System 100 may also comprise a power source 107 for powering the various components of system 100. Communication engine 105 is operative to receive and provide data, e.g., via communication links 101. System 100 may further include a communication interface 108 that couples communication engine 105 with processor 104 and computer memory 102. The one or more processors 104 run or execute various sets of instructions stored in computer memory 102 in an information analyzer engine or information analyzer 180. Information analyzer 180 may be operative to implement a method for determining a measure of identity authenticity of a first party, in accordance with an embodiment of the invention as outlined herein below in greater detail.

[0041 ] Information analyzer 180, as schematically shown in Fig. 2 may include a session classification engine 181 (Fig. 2), e.g., operative to classify a communication session responsive to features of the communication session; a weighting engine 182, e.g., operative to generate weighted test parameters relating to features of communication session and, e.g., operative to associate the weighted test parameters to session-data descriptive of information provided in the communication; a cross-referencing engine 183, e.g., operative to cross-reference session-data against validation-data; and an information veracity assessment engine 184, e.g., operative to assess, responsive to the cross- referencing, the information provided by the first party. Information analyzer 180 may further include, for example, an identity authentication engine 185 that is, e.g., operative to determine a measure of identity authenticity for the first party and/or the second party of the communication session. [0042] As schematically illustrated in Fig. 2, computer memory 102 may in some embodiments be comprised in a network server 900 that is operative to communicate with a plurality of communication devices such as, for example, a first communication device 210 and a second communication device 220. First communication device 210 may be associated with a first party 211 of the communication session; and second communication device 220 may be associated with a second party 221 of the communication session. Network server 900 may be operative to receive validation-data from one or more databases, exemplified herein as a first database 911 and a second database 912, each of which may embody, inter alia, storage 109 (Fig. 1) of system 100. Based on the received validation-data, information analyzer 180 may be operative to determine the veracity of information provided by first party 211 from first communication device 210 to second communication device 220 over communication network 500.

[0043] It should be noted that although information analyzer 180 is illustrated as being implemented solely in network server 900, this should by no means be construed as limiting. For example, some or all features of information analyzer 180 like, e.g., session classification engine 181 and/or weighting engine 182 may be implemented by second communication device 220 associated with second party 221.

[0044] It should be noted that although various features shown in Fig. 1 and Fig. 2, are illustrated as being implemented by a single element and/or feature, this should by no means be construed as limiting. Correspondingly, some features and/or components may be implemented by various features and/or components of system 100. For instance, features of information analyzer 180 may be implemented by components of network server 900, of first database 911 , of first communication device 210, and/or of second communication device 220. [0045] Additional reference is made to Fig. 3, showing a flow-chart 300 of a method for determining a measure of identity authenticity, in accordance with some embodiments.

[0046] As schematically illustrated by box 310, the method may include, for example, defining a set of parameters (henceforth: identification parameters) whose values may be used for authenticating the identity of a person communicating over a communication network.

[0047] A non-exhaustive list of identification parameters may comprise, for example, name, gender, marital status, date of birth, place of birth, private address, current job, previous job, appearance, level of education, schools currently attending and/or attended in the past, language skills, certifications, affiliated groups and/or associations, religious views, political views, personal data about spouse and/or life partner, organization memberships, publications (e.g., patents, scientific papers, newspaper articles, online clips, movies, blogs), places visited, current location, awards and/or honors, hobbies, friendships, medical conditions, character traits, ambitions, sexual preferences, dietary preferences and/or third-party recommendations.

[0048] As schematically illustrated by box 320, the method may further include, for example, classifying the communication session in which the first and second parties engage, e.g., by employing session classification engine 181 which may include, for example, a session classifier.

[0049] Classifying the communication session may be performed responsive to one or more features thereof. For instance, system 100 may be configured such that communication sessions monitored by system 100 will be associated to a given class. For instance, a person (hereinafter: administrator) appointed to be responsible for managing an end-user computer terminal that is property of a company may configure the end-user terminal in such a way that communication sessions conducted via the end-user computer terminal will be classified as being "business-related" responsive to features of the session. In some embodiments, the administrator may be embodied by one of the parties that might become or already are engaged in the communication session.

[0050] In some embodiments, features may be content-related. Features may thus for example relate to terms and/or expressions used during the communication session and/or the content of file attachments received during the communication session). For example, classification of the communication session may include comparing terms used in association with the session against keywords and/or key phrases, which may be grouped according to various topics and their associated vocabulary.

[0051 ] For instance, features of an electronic social network platform such as their associated online identity profiles may predominantly use business-related vocabulary, indicating that the electronic social network primarily targets an audience having interest in business related connections. Business-related vocabulary may for example comprise keywords that are associated with legal, financial, insurance, research and development, manufacturing, delivery, logistics, marketing, advertising, employment, professional experience, and other related issues.

[0052] On the other hand, features of another electronic social network platform such as their associated online identity profiles may predominantly use dating-related vocabulary, indicating that the latter electronic social network primarily targets an audience interested in a romantic relationship. Such a dating-related vocabulary may for example comprise keywords and/or key phrases that are descriptive of looks; age; sexual preferences; social status (e.g., income); marital status; hobbies; interests and/or place of residence of a party.

[0053] Additionally or alternatively, a computer file such as, for example, documents and/or media files received and/or provided by a party in association with a communication session as an attachment, e.g., along with an online identity profile and/or electronic message, may be analyzed for its specific content. The communication session may then be classified responsive to the content of the attached computer file. For example, data representing a spreadsheet document and/or a video file identified as being descriptive of a manufacturing process may indicate that the associated communication session is business-related. On the other hand, video files identified as being of private character such as, for example, holiday video material may be indicative of a dating-related communication session.

[0054] Additionally or alternatively, a communication session may be classified responsive to technology-related features. A communication session may for example be classified responsive to the software and/or hardware and/or communication link employed. For example, conducting a communication session over an unsecured communication link associated with, for example, a restaurant, may give an indication that the communication session is not business-related or not exclusively business-related.

[0055] On the other hand, system 100 may for example determine that the communication devices used by the parties for communicating over the communication network are primarily or exclusively associated with secured and/or encrypted Internet Protocol (IP) addresses associated with one company (e.g., associated with a Company Intranet). The characteristics of the associated communication session may thus be an indication as being business-related.

[0056] Additionally or alternatively, the time of day of the communication session conducted between the parties may provide an indication of its character. For example, a communication session between parties that is conducted off-hours may be classified as being of private character (e.g., dating-related). On the other hand, a communication session that is conducted during business hours may be classified as being business- related. [0057] Additionally or alternatively, features may relate to the location and/or travel pattern of first party 211 (Fig 2) ; and/or the location and/or travel patterns of the person described, e.g., in the online dating profile, as exemplified herein below in greater detail.

[0058] In some embodiments, classification of the communication session may be performed adaptively. For example, responsive to a change in the content of the information conveyed from first party 211 to second party 221 , the classification of the same communication session may be altered from a first classification to a second classification. System 100 may for example determine that from the onset of the communication session up until a certain point in time into the communication session, business-related terms (like, e.g., "output", "throughput", "revenue", "cost estimate", "meeting schedule") are on the average used, for each keyword sampling instance, much more frequently than terms associated with non-business related vocabulary. For example, up until about 5 minutes into the communication session, the ratio between business-related and non-business (e.g., dating-) related terms may be determined as being equal to, e.g., 5/1 . If the keyword threshold ratio is for example set to be equal 4/1 and higher, the communication session may be classified by system 100 as being business-related. However, in the course of the communication session, this ratio may change and, e.g., reverse. For example, for each sampling for keywords for more than 10 minutes into the communication session, the ratio between business-related terms and non-business (e.g., dating-) related terms may shift from 5/1 to 1/6. In other words, pass 10 minutes into the communication session, dating-related terms may be used 6 times more frequently than business-related terms. Accordingly, passing 10 minutes into the communication session, its classification may alter from being "business-related" to "dating-related". [0059] In some embodiments, weighting factors may be determined responsive to the availability of validation-data. For instance, if relatively few validation-data for a given test parameter are available, the weighting factor may be set at a lower the value relative to the weighting factors of the other test parameters, and vice versa.

[0060] Considering for example a test parameter for which a comparably large amount of validation-data is available, a relatively robust assessment may be made regarding the veracity of information provided with respect to the same test parameter. In that case, the weighting factor for this test parameter may set to a comparably higher value than the values of the weighting factors of other test parameters, for which the veracity of information may not be assessed with a comparably high level of robustness.

[0061 ] As schematically illustrated by box 330 the method may include, generating, responsive to a classification of the communication session, a plurality of weighted test parameters. Each of the plurality of test parameters may be weighted by a weighting factor w, e.g., by weighting engine 182, which may include, for example, a weighting classifier.

[0062] Assigning a higher weighting factor to a first test parameter than to a second test parameter causes data associated with the first test parameter to be given more importance than data associated with the second test parameter for determining an IDA for the first user.

[0063] A variety of methods may be employed for generating a set of weighted test parameters responsive to the classification of a communication session.

[0064] According to embodiments, system 100 may, responsive to the classification of the communication session, make a selection from the identification parameters. The obtained selection of identification parameters may be referred to as test parameters. Considering for example a scenario where the communication session is classified as being "business-related", a corresponding selection of identification parameters such as, for example, "education", "previous job experience", "current job", may be made. By contrast, identification parameters tagged as "dating-related", such as "looks" and "sexual preferences", may not be selected for assessing the veracity of provided information.

[0065] In some embodiments, identical test parameters may be generated for differently classified communication sessions. For example, identification parameter "date of birth" may be selected as test parameter for both "business-related" and "dating-related" communication sessions.

[0066] In embodiments, the obtained test parameters, which are a selection of identification parameters, may then be weighted by weighting factors w.

[0067] In embodiments, weighting factors w may be set responsive to information provided in association with the communication session, as outlined below in greater detail.

[0068] For exemplary purposes only, the discussion below relates to weighting factors w that can take values ranging from 0 to 1 . However, this should by no means to be construed as limiting. Correspondingly, alternative weighting schemes may be conceived.

For example, in another embodiment weighting factors w can take values ranging from 0 to 50. In some embodiments, weighting factors may attain ordinal values.

[0069] Test parameter "education" may for example be weighted by weighting factor weducation=0.95, test parameter "previous job experience" may be weighted by weighting factor

Figure imgf000017_0001
and test parameter "current job" may be weighted by weighting factor wcurrentJob=1 .

[0070] In some embodiments, test parameters that are identical to differently classified communication sessions, may be weighted equally. For example, the test parameter "date of birth" may be weighted by weighting factor

Figure imgf000017_0002
and "gender" may be weighted by weighting factor wgender=0.95 both in business and dating-related communication sessions. [0071 ] In some embodiments, identical test parameters may be weighted unequally across differently classified communication sessions. For example, for the communication session classified as "business-related", the test parameter "marital status" may be weighted by weighting factor WMARITAL_STATUS=0.6. On the other hand, for the communication session classified as "dating-related", the same test parameter "marital status" may be weighted by weighting factor WMARITAL_STATUS=1■

[0072] In some embodiments, weighting factors may already be assigned to identification parameters. By making a selection of weighted identification parameters, weighted test parameters are generated. Considering for example a set of identification parameters comprising "gender", "education" and "sexual preferences". These identification parameters may be weighted, e.g., by default, by weighting factors wgender=1 , weducation=0.7, and wsexUai_preferences=0.5, respectively. If a communication session is classified as being "dating-related", system 100 may select identification parameters "gender", and "sexual preferences" together with the associated weighting factors for determining a measure of identity authenticity. The weighted test parameters are thus "gender" weighted by weighting factor wgender=1 , and "education" weighted by weighting factor

Figure imgf000018_0001

[0073] In some embodiments, generating weighted test parameters may include the step of assigning and/or adapting the weighting factors of identification parameters and/or of test parameters. For instance, during a communication session classified as "dating-related", the value of weighting factor wgender assigned to test parameter "gender" may be adjusted from 1 to 0.85 and the value of weighting factor wsexuaLpreferences assigned to test parameter "sexual preferences" may be adjusted from 0.5 to 0.95. In another example, the value of weighting factor wgender assigned to identification parameter "gender" may be adapted from

Figure imgf000019_0001
to wgender=1 , prior to selecting the identification parameter for generating the corresponding test parameter.

[0074] In some embodiments, selecting identification parameters for obtaining weighted test parameters may be accomplished, for example, by setting a weighting factor of an identification parameter to zero. Considering for instance a scenario where identification parameters comprise "gender", "sexual preferences", "marital status", "education", "date of birth", and "place of residence". Responsive to classifying an undergoing communication session as being "business-related", system 100 may assign or set weighting factors associated with non-business related identification parameters to zero. For example, weighting factors associated with identification parameters tagged as "dating-related" such as, for example, "sexual preference" and "marital status", may be set to zero by system 100. All identification parameters may then be selected for use as test parameters along with the associated weighting factors. Consequently, the weighting factors associated with test parameters "sexual preference" and "marital status" are equal to zero.

[0075] Cross-referencing thereafter session-data against validation-data in relation to the test parameters "sexual preference" and "marital status" yields respective information veracity indicators. However, since the weighting parameters associated with "sexual preference" and "marital status" are set to Zero, the measure of identity authenticity is unaffected by the obtained information veracity indicators.

[0076] In some embodiments, identification or test parameters whose weights are below a certain threshold value may be disregarded by system 100. For example, a threshold value may be set to Th=0.1 . Therefore, identification parameter "marital status" for example having associated therewith weighting factor equaling, e.g.,

Figure imgf000019_0002
or
Figure imgf000019_0003
may be disregarded. In other words, no selection of identification parameter "marital status" may be made by system 100 to generate weighted test parameters.

[0077] As mentioned hereinabove, classification of a communication session may alter responsive to information provided by user during the same session. Correspondingly, values of the weighting factors assigned to test parameters may be adapted in the course of the communication session responsive to a change in the classification of the communication session from a first classification to a second classification.

[0078] In some embodiments, during a communication session that is associated with a given classification, weighting factors may be adapted responsive to features of the communication session. Considering, for example, a communication session classified as being "business-related" and for which a set of weighted test parameters are generated comprising, for example, "education" weighted by weighting factor weducation=1 , "current job" weighted by weighting factor

Figure imgf000020_0001
"previous job" weighted by weighting factor
Figure imgf000020_0002
and "place of residence" weighted by weighting factor wreSidence = 0. Features of the communication session, such as information provided by second party 221 to first party 211 , may indicate that second party 221 is searching for a new employee to occupy a particular position currently available in second party's 221 business. Information exchanged between first and second party 221 in association with the communication session classified as "business-related" may further indicate that the place of residence of a potential new employee outweighs in importance of the test parameters "education", "current job" and "previous job". Correspondingly, session-data descriptive of the place of residence indicated in an online identity may for example be weighted by weighting factor wreSidence = 0.9, session-data descriptive of the education of first party 211 education may be weighted by weighting factor
Figure imgf000020_0003
and data descriptive of first party's 211 previous job may be weighted by weighting factor wpreviousjob=0.85. [0079] As is schematically indicated by box 340 the method may include, for example, associating the plurality of weighted test parameters to session-data descriptive of features of the communication session. A feature of the communication session may for example relate to information about a person identified in the communication session.

[0080] Considering, for example, a reference online identity profile introducing a person named "John Miller" as living in Boston, holding an LL.B degree from New York University, working for Boston Consulting Group, and being friends or connected with the reference online identity profile of a user identifying himself as "Jack Brown".

[0081 ] Considering a communication session classified as being "business-related", test parameter "name", weighted by weighting factor Wname=1 , may for example be assigned to session data descriptive of the person's name "John Miller" shown in the reference online identity profile. Furthermore, test parameter "place of residence", weighted by weighting factor Whence, may be assigned to session-data descriptive of "Boston"; test parameter "education" weighted by weighting factor WeCiucation may be assigned to session-data descriptive of "LL.B degree from New York University"; test parameter "current job" weighted by weighting factor Wcurrentjob may be assigned to session-data descriptive of "working for Boston Consulting Group" and a test parameter "online connections", weighted by weighting factor Woniine_connections may be assigned to session-data descriptive of the information that "John Miller is friends or connected with the reference online identity profile of a user identifying himself as "Jack Brown"".

[0082] As indicated by box 350 the method may include, for example, cross-referencing the session-data with validation-data descriptive of reference information that relates to the test parameters. Cross-referencing may be employed, for example, by cross-referencing engine 183, which may include, for example, a referencing classifier. For this purpose, validation-data relating to the test parameter may first be acquired through the searching sources such as, for example, electronic databases. Acquired validation-data may then be cross-referenced against session-data by cross-referencing engine 183. Information veracity assessment engine 184 may then determine, for each test parameter, an information veracity indicator. The information veracity indicator may range, for example, from 0 (lowest veracity) to 100 (maximal veracity).

[0083] Electronic databases searched for validation data may include databases that are substantially internal and/or substantially external to communication network 500. Databases that are substantially internal or integral to communication network 500 may relate to the internet and/or to cloud databases, including for example, social graphs. In embodiments, the system 100 may be operative to gain access to data stored in external databases. Such external databases may, for example be accessible via the internet. An exemplary database is www.data.com.

[0084] Validation-data may for example be descriptive of information that relates to actual interactions between (e.g., commenting, tagging, endorsements and/or recommendations) a person described in an online identity profile with other online identity profiles describing persons first party 211 claims to be associated with. For example, session-data may indicate that first party 211 is recommended for his or her work at a given company by a person shown in a online identity profile associated with a third party. The details provided in this recommendation such as, for example, the name of the company and professional experience about the person described in the online identity profile associated with the first party, may form a basis for validation-data.

[0085] In some embodiments, validation-data may relate to visual analysis tools. For example, image analysis may be used to assess the probability of the authenticity of a profile picture shown in an online identity profile. Artificial and/or human intelligence-based analysis may be employed. Human intelligence-based analysis may include, for example, crowd-sourcing over, e.g., the Internet marketplace. Human intelligence-based analysis may for example assess that an online picture is most probably fake for being too attractive.

[0086] In some embodiments, validation-data may be obtained from image databases. Cloud databases for example may include image databases. Accordingly, a picture shown in an online identity profile and associated information may be cross-referenced against other pictures and associated information. This may, for example, be accomplished by employing a reverse image lookup engine.

[0087] In some embodiments, validation-data may be provided responsive to a control query provided by system 100 about a given test parameter during a communication session. Providing a control query may, for example, relate to posing a validation question.

[0088] For example, cross-referencing may include confronting first party 211 with a control query about a given test parameter. Session-data provided by first party 211 in response to the validation question may then be compared against validation-data descriptive of the information that first party 211 was supposed to provide. For instance, first party 211 may be asked the question from where he or she knows second party 221 and/or give the name of the elementary school he or she went to. The response provided by first party 211 to the control query may then be compared against related validation-data such as validation-data that is descriptive of the name of the elementary school. In some embodiments, providing a control query may relate to eliciting session-data for comparison against validation-data, for example, by deliberately providing first party 211 with incorrect information. For instance, first party 211 may be provided with false information about the person identified in the online identity profile. Accepting the information as truthful by first party 211 may indicate that party 21 1 is impersonating someone he or she is not. [0089] In some embodiments, validation-data may be provided by a third party embodied by a user of a network. Validation data may be considered to a greater extent if corroborated by a large number of network users. In an embodiment, the validation may be provided by a user identified as being a "validated" or "trusted" user. The trusted user may be selected from a group comprising a plurality of members sharing a parameter that is, according to the session-data, allegedly also shared by the person identified in the communication session. System 100 may locate such a trusted user and ask him or her to corroborate the session-data provided in the communication session. Considering for example a scenario where in a communication session information about a person indicates that the latter worked for a given company for a given period time. System 100 may then locate a trusted user who is confirmed to have been working for the given company over a time period that overlaps the period of employment of the person described in the communication session. System 100 may then ask the trusted user to confirm or disprove the information provided in the communication session. Optionally, system 100 may query the first user in order to find an overlapping parameter common to a trusted user of the system. For example, system 100 may query the first user with a query relating to periods of employment, or department of employment within a company to assist system 100 in finding users, optionally trusted users, having matching parameters for verification purposes.

[0090] In case of a trusted or verified user, the trusted or verified user may for example be an individual identified as being a close friend of the person described in the communication session.

[0091 ] In an example of operation of system 100, responsive to the name "John Miller" shown in a reference online identity profile, the internet may be searched for another instance of the name "John Miller". The searching of the internet for another instance of the name "John Miller" may, for example, return a multitude of communication activity logs related to the name "John Miller" such as, for example, a multitude of other online identity profiles, location logs, travel pattern indications, online queries, application usage patterns, online purchases and/or internet sites visited by persons tagged by the name "John Miller".

[0092] A first online identity profile of the multitude of online identity profiles may be descriptive of information about a person identified as "John Miller" but indicate that a person with that name lives in the UK, lacks any higher education, works for a construction company and lacks any online connections with an online identity profile of a user identifying him- or herself as "Jack Brown" or similar.

[0093] Except for the test parameter "name", the information veracity indicators obtained may thus be equal to zero. In such a case, the value obtained respective of the information veracity indicator for test parameter "name" may be disregarded.

[0094] Similar procedures may be undertaken for determining the veracity of information provided about a company in an online identity profile. For example, by cross-referencing company-related session-data against validation-data, it may be determined whether the company described in the online identity profile actually exists. Furthermore, the truthfulness of the provided information may be determined. Company-related session- data may for example be descriptive of a company's contact details; the number of employees; financial parameters associated with the company such as, turnover, revenue, income, earnings per share; the identity of executives; the identity of the board members; information about the company's operations; and/or job openings. Validation-data may be obtained, for example, from company registries, insolvency registries and/or reports provided by securities authorities. For example, the online identity profile of a company may found to be false if searching databases reveals that the company with a given name introduced in the online identity profile company is not registered with a company registry. In the event that that the company with the given name is found be registered (i.e., the company is authentic), then information provided about the same may be cross-referenced for determining the truthfulness of the provided information. For instance, the online identity profile may suggest that the number of employees is above 10,000, while validation-data may suggest that the actual number of employees is below 2,000.

[0095] As indicated by box 360 the method may include, for example, determining a measure of user identity authenticity for first party 211 responsive to the weighted test parameters, e.g., by employing identity authentication engine 185, which may include, for example, an authentication classifier.

[0096] The identity authenticity measure may be determined, for example, according to the following equation:

jDA = w Qi + w2 - Q2- + wK - QK (1 )

w, + w2 + ... + wn

where w, represents a given weighting factor, Q, the information veracity indicator and IDA the measure of identity authenticity. Clearly, the above-noted weighting scheme should be no means to be construed as limiting, and alternative weighting schemes may be employed for obtaining a value for IDA.

[0097] According to an embodiment of the invention, obtaining a value for IDA may also be weighted by analyzing number or frequency of communications between a first party and a second party during a given interval. For example, if multiple second parties are located within a certain organization and are all contacted within a short time interval by a first party, the value for the IDA may decrease as the communications may be viewed as an attempt to infiltrate the organization. Alternatively, if multiple second parties are all connected to a certain individual, if the multiple second parties are contacted within a short time interval by a first party, the value for the IDA may decrease, as the communications may be viewed as an attempt to connect to the certain individual.

[0098] Reference is now made again to the example of the first online identity profile wherein session-data cross-referenced with validation-data yields an information veracity indicator equaling zero, and wherein the information veracity indicator related to the test parameter "name" is discarded. The nominator of equation 1 in this case equals Zero. Consequently, the measure of identity authenticity also equals to zero and therefore be indicative of lowest measure of identity authenticity.

[0099] In case no additional validation-data is found other than the validation-data related to the first online identity profile, the measure of identity authenticity may remain zero. In response, system 100 may give notice to second party 221 that "The person described in the reference online identity profile uses incorrect information and/or an invented/ fake profile" and/or that "The system cannot corroborate the existence of the person described". However, if searching the internet and/or external databases reveals validation-data indicating that the person shown on the online identity profile is real, the value for the measure of identity authenticity may increase accordingly.

[00100] Considering now, for instance, a second online identity profile of the multitude of online identity profiles may for example be descriptive of information about the education and place of residence of another person identified as "John Miller", indicating that the person lives in Massachusetts, earned an LL.M. degree at Columbia University in New York and is friends or connected with the online identity profile of an internet user identifying himself as "James Brown". Session- and validation-data related to the test parameters "name" are an exact match. However, session- and validation-data related to the test parameters "education" and "place of residence" are not an exact match. However, they do not contradict each other, either. For instance, the LL.M. degree from Columbia University does not preclude the same person from holding an LL.B. degree from New York University. Moreover, the test parameter "place of residence", validation- data indicative of state Massachusetts as the place of residence, corroborates the claim made in the reference online identity profile that the place of living of the person identified as "John Miller" is Boston, a city in the state of Massachusetts. However, with regard to the test parameter "online connection" a discrepancy is identifiable with regard to the name of the person identified as an online connection ("Jack Brown" vs. "James Brown").

[00101 ] Responsive to the session-data cross-referenced with validation-data acquired from the second online identity profile, system 100 may, for example, obtain respective information veracity indicators:

Figure imgf000028_0001
available

[00102] For a communication session classified as being "business-related", weighting factors may be set as follows:

Wname=1

Figure imgf000028_0002
ata (due to insufficient validation-data available with respect to the second online identity profile).

[00103] It should be noted that the mere fact that no validation data is available for given test parameter relative to an online identity profile does not preclude the assigning of a weight to the given test parameter. For example, for a second online identity profile of a user having the same name as a first party, system 100 may find no data available relative to the second online identity's current job parameter by searching online databases. This lack of confirmation due to lack of data may be given a weight higher than a weight attributed to a mismatch between a first party's current job parameter and the second online identity's current job parameter.

[00104] With respect to the second online identity profile cross-referenced with the reference identity profile, the magnitude of the existence likelihood measure may thus equal IDA= 87.5.

[00105] For another communication session classified as being "business-related", weighting factors may be set as follows:

Wname=1

Figure imgf000029_0001

WCUrrentJob= No data

[00106] It should again be noted that the mere fact that no data is available for given test parameter does not preclude the assigning of a weight to the given test parameter.

[00107] With respect to the second online identity profile cross-referenced with the reference identity profile, the magnitude of the existence likelihood measure may thus equal IDA= 89.2.

[00108] As already briefly mentioned hereinabove, in embodiments, databases external to communication network 500 such as, for example, an online telephone directory; company registry; postcode address files; tax authority related database; alumni registries, e.g., of New York University and Columbia university, may be accessed by system 100 and scouring the registries, e.g., for records about persons with the name "John Miller". The New York University alumni registry may have a record indicating that a person named "John Miller" holds an LL.B degree from New York University, and Columbia University alumni registry may have a record indicating that a person named "John Miller" holds an LL.M degree from Columbia University. Furthermore, United States Internal Revenue Service (IRS) database records may indicate that a person named "John Miller" works for the Boston Consulting Group.

[00109] The records of the external database thus further corroborate claims made in the reference online profile and the second online identity profile. The values of the information veracity indicators Q, may increase accordingly.

[001 10] Correspondingly, the value for IDA may also increase for the communication session classified as "business-related" and the communication session classified as "dating-related". However, as already indicated herein above, a discrepancy remains with respect to the test parameter "online connection". Consequently, the information veracity indicator Qoniine ∞nnection remains below 100. Therefore, magnitude of the existence likelihood measure may increase, for example, above 95, but remain always below the value 100. In other words, system 1 00 may determine that there is a 95% likelihood that the person identified in the reference online identity profile actually exists, i.e., being a "real person" as opposed to an "invented person".

[001 1 1 ] On the other hand, considering for instance a scenario where responsive to cross-referencing, in the same electronic social network a second online identity profile is found that substantially matches the information provided in the first online identity profile. In such a scenario, either the first or the second online identity profile might be identified as fake and the corresponding veracity information indicator (e.g., QUniqueness) may thus be relatively low. Correspondingly, information provided by first party 21 1 about a person in the first online identity profile may significantly mismatch the data descriptive of first party 21 1 . [001 12] Even in the case where it may be determined with a likelihood of 100% that the person described in the online identity profile is an existing, real person, the identity of first party 211 engaging in a communication session may not match the identity of the person described in the reference online identity profile. In other words, in either scenario, first party 211 may conduct identity theft and impersonate the person of the reference online identity profile. In some embodiments, session-data may thus be cross-referenced with validation-data relating to the behavior of first party 211 .

[001 13] For example, the location of first party 211 may be determined based on a location indication, along with a time stamp, of a communication device associated with first party 211. In some embodiments, a travel pattern may be determined from a plurality of location indications of one or more communication devices associated with first party 211.

[001 14] A location indication, optionally along with a time stamp, and/or a travel pattern may be derived, for example, from the Internet Protocol address used by first party 211 for communicating with second party 221 ; from a wireless positioning system that is based, for example, on a Global Positioning System (GPS) and/or on a wireless local network.

[001 15] Session-data that is descriptive of the behavior (e.g., current location and/or travel pattern) of the person verified as substantially matching the data of a real person, may then be cross-referenced against validation-data descriptive of the location and/or the travel pattern of first party 211. The measure of identity authenticity may be determined, inter alia, responsive to the level of congruence of the location and/or travel pattern associated with first party 211 with the location and/or travel pattern of the individual identified by the online identity profile. The higher the level of congruence, the higher the magnitude of the measure of identity authenticity, and vice versa. [001 16] Reverting now to box 340, weighted test parameters may be generated responsive to one or more outliers that are e.g., related to features of the communication session. For example, session-data descriptive of information exchanged during the communication session may be identified as an outlier, if the feature does not fit into the context of the other features of the communication session. Otherwise stated, a feature of a communication session may be defined as an outlier if a value associated with this feature lies beyond the range of the values associated with the bulk of features of the same communication session. The respective test parameter may thus, in response to the outlier, be weighted higher compared to the other test parameters to reflect increased awareness for session-data that relates to said test parameter.

[001 17] For example, information related to test parameter "education" may be identified as an outlier if session-data descriptive of a particular college grade is way beyond the range of the other college grades as described by session-data. In response, compared to the other test parameters, more weight may be given to the test parameter "education". In another example, the identification of an outlier may be indicative of discrepancy in the information provided by first party 211. For example, information provided by first party 211 may be identified as an outlier if session-data descriptive of first party's 211 college grades are way beyond the range of session-data descriptive of content of recommendations claimed by first party 211 to have been made by his or her co-workers. For example, during the communication session, first party 211 may make claims about mediocre academic achievements. On the other hand, during the same communication session, first party 211 may make claims indicative of exceptionally high achievements and capabilities at his or her current place of employment. In response, the weighting of test parameters "education" and "professional experience" may be increased relative to the other test parameters, reflecting increased scrutiny regarding session-data relating to these two test parameters.

[001 18] In yet another example, outliers may be descriptive of inconsistencies in claims made by first party 211 in relation to a same set of session-data. In some embodiments, communication between first party 211 and second party 221 may be controlled responsive to the determined measure of identity authenticity, as exemplified herein below.

[001 19] The following first scenario relates to a communication session classified as a "business-related" communication session in which second party 221 is a second-tier executive of a large manufacturing company receiving for example an invitation to connect over an electronic social network (henceforth: connection attempt). In the connection attempt the first party may introduce him/herself as being a second-tier executive of a potential customer of the parts manufactured by the company with which second party 221 is affiliated. The connection attempt may further include a request for a price quote for the delivery of a certain amounts of parts by the company within a certain period of time.

[00120] The second-tier executive of the manufacturing company may be at about the same level of authorization as the first party suggests in his/her email or invite. According to the manufacturing company's policy, second party 221 may in principle be authorized to provide the requested information to the first party. However, the first party suggesting being a potential customer may merely impersonate as such and actually be one of the manufacturing company's fiercest competitors attempting to illicitly acquire price quotes and information related to the manufacturing company's production capabilities. Being aware of such a possibility, the manufacturing company has implemented regulations that may allow exchange of information only on the condition that the first party's suggested ID is verified. [00121 ] For example, a measure of identity authenticity rated as a "highest identity authenticity", may authorize second party 221 to provide any information the first party requests, including for example trade secrets associated with the enterprise of second party 221 . However, if the measure of identity authenticity of the first party is rated to be of "poor identity authenticity", the first party may be limited to provide only information that is publicly available.

[00122] In some embodiments, responsive to the measure of identity authenticity, an alert may be issued to the second and/or the third party, indicating for instance that the first party might be an attacker. Such an alert may be issued to the second and/or third party, for example, if the measure of identity authenticity indicates that the likelihood that the first party is an attacker is 50% or higher. Analogously to what is outlined with respect to the information veracity, the second and/or the third party may be embodied by, e.g., a human and/or a computerized system. The alert may here also be embodied, for example, by data that is descriptive of information (e.g., a message) indicating that increased awareness is required with respect to the first party and may for example be added, e.g., to a Customer Relationship Management System and/or to a due diligence system such as, for example, a "Know Your Customer" (KYC) regulatory system.

[00123] For example, in relation to a "business communication session" a higher- ranking, first-tier executive of the manufacturing company may be automatically messaged responsive to the connection attempt. The message may indicate that the second-tier executive received a request to provide information that might be conceived as company secret. On the condition that the first-tier executive gives his/her authorization, the second-tier executive may be allowed to provide the first party with the requested information. [00124] In the following second scenario, a communication session may be classified as a being "school-related" where parties engage in a conversation with each other using for example the communication system platform of a virtual chatroom. Second party 221 of the virtual chatroom may for example be a minor seeking to exchange information about homework assignments with fellow classmates. In that respect an effort may be made to reduce the probability that the minor unwillingly engages in a conversation with a sex offender impersonating him/herself as a classmate. The virtual chatroom may therefore be configured such that responsive to any attempt made by a first party to make initial contact with another party identified as a minor, information provided by the first party is automatically screened with respect to its identity authenticity.

[00125] Responsive to the screening, an adult responsible for the minor may be automatically messaged. The message sent to the adult may, for example, indicate that the minor was contacted by someone who's identity is not immediately verifiable. On the condition that the responsible adult gives his/her authorization, the minor may for example be allowed to engage with the first party in a chat conversation.

[00126] The following third scenario relates to a communication session classified as a "business-related" communication session in which second party 221 is an employee, named David Smith of a large international company receiving a connection attempt from an individual identifying himself as Mr. Macy Gordon. Another employee, Donald Simmons, also is a second party 221 who is employed by the large international company and on the same day, also received a connection attempt from an individual identifying himself as Macy Gordon. Information analyzer 180 may identify multiple connection attempts in a relatively short interval of time as a factor detracting from identity authenticity. Information analyzer 180 may factor in multiple connection attempts within an organization to identity authentication engine 185. As a result, an administrator working for the large international company may be alerted as to the relatively high frequency of connection attempts from a first party to a plurality of second parties associated with the same organization.

[00127] Any one of the mentioned classifiers (session classifier, weighting classifier, referencing classifier and identity authentication classifier) may be implemented, for example, by employing a method that consists of a procedure or a combination of procedures selected from a group consisting of: Frequentist procedure, a Bayesian procedure, a neural network, linear classifiers, Support Vector Machines, Quadratic classifiers, Kernel estimation, Boosting, Decision Trees, Gene expression programming, Bayesian networks, Hidden Markov Models, Learning vector quantization, and Proaftn.

[00128] Embodiments of system 100 and the method may be implemented by a computer-program product (not shown), comprising: a computer readable storage medium (not shown) having stored therein a computer executable instruction set , which when executed, causes system 100 to classify a communication session between first party 211 and second party 221 responsive to features of the communication session; generating, responsive to the classification of the communication session, a weighted test parameter that relates to a feature of the communication session; associating the weighted test parameter to session-data descriptive of information provided in the communication session; cross-referencing the session-data against validation-data descriptive of reference information; and assessing, responsive to the cross-referencing, the veracity of the provided information.

[00129] There is further provided, in accordance with an embodiment of the invention, a method of determining identity authenticity of a first party's identity, the method comprising: classifying a communication session between a first and a second party responsive to features of the communication session; generating, responsive to the classification of the communication session, a plurality of weighted test parameters relating to features of the communication session; associating the plurality of weighted test parameters with session-data descriptive of information provided in the communication session; cross-referencing the session-data against validation-data descriptive of reference information; and assessing, responsive to the cross-referencing, the veracity of the provided information.

[00130] Optionally, the method further comprises determining a measure of identity authenticity for the first party responsive to the weighted test parameters. Optionally, the method further comprises determining values of weighting factors responsive to session- data received for the test parameters. Optionally, the method further comprises determining values of the weighting factors responsive to validation-data available. Optionally, the method further comprises selecting information that the first party can receive responsive to the measure of identity authenticity. Optionally, the method further comprises generating an alert indicating that increased attention is required responsive to the measure of identity authenticity of the first party. Optionally, cross-referencing comprises receiving validation-data from a database or a communication network. Optionally, generating the weighted test parameters comprises associating weighting factors to a set of identification parameters to obtain weighted identification parameters. Optionally, the method further comprises selecting the test parameters from the set of weighted identification parameters. Optionally, selecting the test parameters comprises setting the value of a weighting factor for a non-selected test parameters to zero. Optionally, features of the communication session are content-related. Optionally, features of the communication session are technology-related. Optionally, features of the communication session relate to a travel pattern of the first party. Optionally, the method further comprises receiving a plurality of location indications along with respective plurality of time stamps, from a communication device associated with the first party; and associating a travel pattern to the first party responsive to the received plurality of location indications. Optionally, the method further comprises comprising cross-referencing session-data against validation-data descriptive of the travel pattern associated with the first party. Optionally, the weighted test parameters are generated responsive to an outlier related to features of the communication session. Optionally, cross-referencing comprises confronting the first party with control queries. Optionally, cross-referencing is accomplished based on reference-data provided by a third-party or multiple third parties. Optionally, the third-party has been validated. Optionally, wherein responsive to the assessment of the veracity of provided information, an alert is provided to at least one member of the group consisting of: the second party, and the third party. Optionally, the method further comprises identifying multiple communication sessions between a first party and multiple second parties. Optionally, assessing the veracity of the provided information is responsive to identity and/or frequency of communication sessions between a first party and multiple second parties.

[00131 ] There is further provided, in accordance with an embodiment of the invention, a system operative to determine a measure of identity authenticity, the system comprising: a communication module operative to receive from a first party, session-data descriptive of information provided by the first party during the communication session, and operative to receive validation-data descriptive of history of the first party; a computer memory operative to store a set of instructions; and a processor operative to execute the set of instructions resulting in processing the received session-data and the received validation-data to assess the veracity of the provided information. [00132] There is further provided, in accordance with an embodiment of the invention, a computer-program product, comprising: a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising instructions, which when executed by a system for determining identity authenticity, causes the system to: classify a communication session between a first party and a second party responsive to features of the communication session; generate, responsive to the classification of the communication session, a weighted test parameter that relates to a feature of the communication session; associate the weighted test parameter to session-data descriptive of information provided in the communication session; cross-reference the session-data against validation-data descriptive of reference information; and assess, responsive to the cross-referencing, the veracity of the provided information.

[00133] In the description and claims of the present application, each of the verbs, "comprise" "include" and "have", and conjugates thereof, are used to indicate that the object or objects of the verb are not necessarily a complete listing of components, elements or parts of the subject or subjects of the verb.

[00134] Descriptions of embodiments in the present application are provided by way of example and are not intended to limit the scope of the embodiments. The described embodiments comprise different features, not all of which are required in all embodiments. Some embodiments utilize only some of the features or possible combinations of the features. Variations of embodiments that are described, and embodiments comprising different combinations of features noted in the disclosure, will occur to persons of the art. The scope of the embodiments is limited only by the claims.

Claims

1 . A method of determining identity authenticity of a first party's identity, the method comprising:
classifying a communication session between a first and a second party responsive to features of the communication session;
generating, responsive to the classification of the communication session, a plurality of weighted test parameters relating to features of the communication session;
associating the plurality of weighted test parameters with session-data descriptive of information provided in the communication session;
cross-referencing the session-data against validation-data descriptive of reference information; and
assessing, responsive to the cross-referencing, the veracity of the provided information.
2. The method according to claim 1 , further comprising determining a measure of identity authenticity for the first party responsive to the weighted test parameters.
3. The method according to claim 1 , further comprising determining values of weighting factors responsive to session-data received for the test parameters.
4. The method according to claim 3, further comprising determining values of the weighting factors responsive to validation-data available.
5. The method according to claim 1 , further comprising selecting information that the first party can receive responsive to the measure of identity authenticity.
6. The method according to claim 1 , further comprising generating an alert indicating that increased attention is required responsive to the measure of identity authenticity of the first party.
7. The method according to claim 1 , wherein cross-referencing comprises receiving validation-data from a database or a communication network.
8. The method according to claim 1 , wherein generating the weighted test parameters comprises associating weighting factors to a set of identification parameters to obtain weighted identification parameters.
9. The method according to claim 8, further comprising selecting the test parameters from the set of weighted identification parameters.
10. The method according to claim 9, wherein selecting the test parameters comprises setting the value of a weighting factor for a non-selected test parameters to zero.
1 1 . The method according to claim 1 , wherein features of the communication session are content-related.
12. The method according to claim 1 , wherein features of the communication session are technology-related.
13. The method according to claim 1 , wherein features of the communication session relate to a travel pattern of the first party.
14. The method according to claim 1 , further comprising receiving a plurality of location indications along with respective plurality of time stamps, from a communication device associated with the first party; and
associating a travel pattern to the first party responsive to the received plurality of location indications.
15. The method according to claim 14, comprising cross-referencing session-data against validation-data descriptive of the travel pattern associated with the first party.
16. The method according to claim 1 , wherein the weighted test parameters are generated responsive to an outlier related to features of the communication session.
17. The method according to claim 1 , wherein cross-referencing comprises confronting the first party with control queries.
18. The method according to claim 1 , wherein cross-referencing is accomplished based on reference-data provided by a third-party or multiple third parties.
19. The method according to claim 18 wherein the third-party has been validated.
20. The method according to claim 18, wherein responsive to the assessment of the veracity of provided information, an alert is provided to at least one member of the group consisting of: the second party, and the third party.
21 . The method according to claim 1 , further comprising identifying multiple communication sessions between a first party and multiple second parties.
22. The method according to claim 21 wherein assessing the veracity of the provided information is responsive to identity and/or frequency of communication sessions between a first party and multiple second parties.
23. A system operative to determine a measure of identity authenticity, the system comprising:
a communication module operative to receive from a first party, session-data descriptive of information provided by the first party during the communication session, and operative to receive validation-data descriptive of history of the first party;
a computer memory operative to store a set of instructions; and
a processor operative to execute the set of instructions resulting in processing the received session-data and the received validation-data to assess the veracity of the provided information.
24. A computer-program product, comprising: a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising instructions, which when executed by a system for determining identity authenticity, causes the system to:
classify a communication session between a first party and a second party responsive to features of the communication session;
generating, responsive to the classification of the communication session, a weighted test parameter that relates to a feature of the communication session;
associating the weighted test parameter to session-data descriptive of information provided in the communication session;
cross-referencing the session-data against validation-data descriptive of reference information; and assessing, responsive to the cross-referencing, the veracity of the provided information.
PCT/IB2013/061072 2012-12-19 2013-12-18 System and method for determining a measure of identity authenticity WO2014097164A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US201261739020P true 2012-12-19 2012-12-19
US61/739,020 2012-12-19

Publications (1)

Publication Number Publication Date
WO2014097164A1 true WO2014097164A1 (en) 2014-06-26

Family

ID=50977708

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2013/061072 WO2014097164A1 (en) 2012-12-19 2013-12-18 System and method for determining a measure of identity authenticity

Country Status (1)

Country Link
WO (1) WO2014097164A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010037451A1 (en) * 2000-03-06 2001-11-01 Bhagavatula Ravishankar S. Centralized identity authentication for electronic communication networks
US20080102766A1 (en) * 2006-10-31 2008-05-01 Schultz Michael J System and method for user identity authentication via mobile communication devices
US20080195867A1 (en) * 2007-02-08 2008-08-14 Nokia Corporation Authenticating security parameters
US20110030033A1 (en) * 2008-04-08 2011-02-03 Eads Secure Networks Managing secure use of a terminal
US20110099361A1 (en) * 2009-04-15 2011-04-28 Interdigital Patent Holdings, Inc. Validation And/Or Authentication Of A Device For Communication With Network
US20120144498A1 (en) * 2008-02-12 2012-06-07 Finsphere, Inc. System And Method For Mobile Identity Protection of a User of Multiple Computer Applications, Networks or Devices

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010037451A1 (en) * 2000-03-06 2001-11-01 Bhagavatula Ravishankar S. Centralized identity authentication for electronic communication networks
US20080102766A1 (en) * 2006-10-31 2008-05-01 Schultz Michael J System and method for user identity authentication via mobile communication devices
US20080195867A1 (en) * 2007-02-08 2008-08-14 Nokia Corporation Authenticating security parameters
US20120144498A1 (en) * 2008-02-12 2012-06-07 Finsphere, Inc. System And Method For Mobile Identity Protection of a User of Multiple Computer Applications, Networks or Devices
US20110030033A1 (en) * 2008-04-08 2011-02-03 Eads Secure Networks Managing secure use of a terminal
US20110099361A1 (en) * 2009-04-15 2011-04-28 Interdigital Patent Holdings, Inc. Validation And/Or Authentication Of A Device For Communication With Network

Similar Documents

Publication Publication Date Title
O'Murchu et al. Online Social and Business Networking Communities.
US9306927B2 (en) Single login procedure for accessing social network information across multiple external systems
US8412780B2 (en) Methods and systems for providing current email addresses and contact information for members within a social network
RU2417534C2 (en) Controlled communication system
US8423612B2 (en) Methods and apparatuses for selectively accessing an application
US8549651B2 (en) Determining a trust level in a social network environment
US8688701B2 (en) Ranking and selecting entities based on calculated reputation or influence scores
US9100438B2 (en) Shared identity profile management
US10380629B2 (en) Leveraging a social graph to deliver relevant recommendations
US7613769B1 (en) Methods and systems for providing blog information associated with a member of a social network
US8954500B2 (en) Identifying and employing social network relationships
John et al. Collaborative tagging and expertise in the enterprise
US9971993B2 (en) Leveraging a social graph for use with electronic messaging
US8316086B2 (en) System, method, and computer program product for verifying the identity of social network users
US20100306185A1 (en) Self Populating Address Book
US8095408B2 (en) System and method for facilitating network connectivity based on user characteristics
US20090171686A1 (en) Using social network information and transaction information
US9747650B2 (en) Determining connectivity within a community
US9972053B2 (en) System and method for creating insurance virtual affinity groups
US10007895B2 (en) System and method for indexing, correlating, managing, referencing and syndicating identities and relationships across systems
US20170171124A1 (en) Presentation of Organized Personal and Public Data Using Communication Mediums
US9141997B2 (en) System and method for providing a social customer care system
CN102090094B (en) Share owners privacy in mobile devices
US10311365B2 (en) Methods and systems for recommending a context based on content interaction
US8312097B1 (en) Segmenting access to electronic message boards

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13865329

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct app. not ent. europ. phase

Ref document number: 13865329

Country of ref document: EP

Kind code of ref document: A1