公开(公告)号：US10115108B1

公开(公告)日：2018-10-30

申请号：US15083685

申请日：2016-03-29

申请人： EMC Corporation

发明人： Anatoly Gendelev ,  Alex Zaslavsky ,  Kineret Raviv ,  Eyal Kolman ,  Alma Zohar

IPC分类号： G06Q40/00 ,  G06Q20/40 ,  G06T11/20 ,  G06F3/0482

摘要： Techniques of identifying fraud detection rule strength involve varying the rendering of a graph from transaction data. Along these lines, a rules server computer provides a general graph from a group of transaction entries defining a group of fraudulent and authentic transactions on an electronic display. A user defines selection criteria that the rules server computer applies to the group of transaction entries to generate a subgroup of transaction entries. From the subgroup of transaction entries, the rules server computer provides a focused graph on the electronic display from the subgroup of transaction entries defining a subgroup of the group of fraudulent and authentic transactions. A ratio of the number of fraudulent transactions to the number of authentic transactions represented in the focused graph identifies the strength of the selection criteria for use in a fraud detection rule.

公开(公告)号：US10013539B1

公开(公告)日：2018-07-03

申请号：US14866139

申请日：2015-09-25

申请人： EMC Corporation

发明人： Alon Hazan ,  Marcelo Blatt ,  Zohar Duchin ,  Alex Zaslavsky ,  Shay Amram

IPC分类号： G06F21/00 ,  G06F21/31 ,  H04L9/32

CPC分类号： G06F21/316 ,  G06F21/44 ,  H04L9/3247

摘要： Techniques of performing authentication involve comparing current user authentication factors with previous authentication factors selected from multiple users during a single authentication session. Along these lines, suppose that an authentication server receives current browser characteristics from a user computer during a current authentication session. Based on the current browser characteristics, the authentication server selects previous browser characteristics received from devices used by multiple users during previous authentication sessions. For example, the authentication server may select previous browser characteristics based on the whether any of the results of a modified, locally sensitive hashing (LSH) of the previous browser characteristics match any of the results of a modified LSH of the current browser characteristics. After the authentication server selects the previous browser characteristics, the authentication server compares those selected, previous browser characteristics with the current browser characteristics.

公开(公告)号：US09614838B1

公开(公告)日：2017-04-04

申请号：US14662377

申请日：2015-03-19

申请人： EMC Corporation

发明人： Zohar Duchin ,  Marcelo Blatt ,  Alex Zaslavsky ,  Liron Liptz

IPC分类号： H04L29/06 ,  G06F21/36 ,  G06F21/35 ,  G06F21/34 ,  H04W12/06 ,  G06F21/32 ,  G06F21/33 ,  H04L9/32

CPC分类号： H04L63/0838 ,  G06F21/32 ,  G06F21/33 ,  G06F21/34 ,  G06F21/35 ,  G06F21/36 ,  H04L9/3228 ,  H04L9/3234 ,  H04L2209/80 ,  H04W12/06

摘要： Techniques involve a user taking a picture of a current one-time use passcode (OTP) and using the picture to authenticate. Such techniques alleviate the burden and frustration of the user having to manually type in the current OTP. Additionally, the user will not trigger a lockout via accidental typing errors. Furthermore, the current OTP can be augmented to include more than a string of six or eight alphanumeric characters for stronger security (e.g., by using non-alphanumeric characters, by capturing multi-digit seven-segment LCD display patterns, by using a QR code, by using a randomly selected image, etc.). One technique involves taking a picture of an OTP provided by a user. The particular technique further involves extracting the OTP from the picture and performing an authentication operation based on the OTP extracted from the picture to determine whether the user is authentic.

公开(公告)号：US10147065B1

公开(公告)日：2018-12-04

申请号：US14672419

申请日：2015-03-30

申请人： EMC Corporation

发明人： Peleg Yiftachel ,  Alex Zaslavsky ,  Marcelo Blatt ,  Alon Kaufman

IPC分类号： G06Q10/06

摘要： A system for optimized configuration of an adaptive authentication service is disclosed that automatically generates one or more risk score thresholds. The system generates a risk score threshold or thresholds for an upcoming time period such that the business damages estimated to occur during the upcoming time period are minimized. The business damages estimated to occur during the upcoming time period may include business damages resulting from false negative authentication determinations, which incorrectly indicate that a fraudulent authentication request is legitimate, and false positive authentication determinations, which incorrectly indicate that a legitimate authentication request is fraudulent, and may be offset by the beneficial value of the enhancement to an organization's reputation resulting from true positive authentication determinations, which correctly indicate that an authentication request is fraudulent.

公开(公告)号：US09210147B1

公开(公告)日：2015-12-08

申请号：US13928880

申请日：2013-06-27

申请人： EMC Corporation

发明人： Ido Zilberberg ,  Lior Asher ,  Marcelo Blatt ,  Alex Zaslavsky

IPC分类号： H04L29/06

CPC分类号： H04L63/08 ,  H04L63/0876

摘要： There is disclosed a technique for use in providing an assessment of authentication requests. In one embodiment, the technique comprises receiving an authentication request with post-authentication feedback and an authentication request with no post-authentication feedback. In the same embodiment, the post-authentication feedback can include a marking indicating that the request is one of a genuine or fraudulent status after review by an analyst. If a request does not possess a post-authentication feedback then it is considered genuine status. The technique can then assign the status of the requests to a distinctive attribute associated with the requests before performing a computation which produces a computational result that is indicative of the risk associated with the distinctive attribute.

摘要翻译： 公开了一种用于提供认证请求的评估的技术。 在一个实施例中，该技术包括接收具有认证后反馈的认证请求和没有认证后反馈的认证请求。 在同一实施例中，认证后反馈可以包括指示在分析者审查之后请求是真实或欺诈状态之一的标记。 如果请求没有认证后的反馈，那么它被认为是真正的状态。 然后，该技术可以在执行计算之前将请求的状态分配给与请求相关联的独特属性，该计算产生指示与该特征属性相关联的风险的计算结果。