-
1.发明授权公开(公告)号:US08528049B1
公开(公告)日:2013-09-03
申请号:US12974732
申请日:2010-12-21
申请人: Amnon Khen , Roy Hodgman , Alon Kaufman
发明人: Amnon Khen , Roy Hodgman , Alon Kaufman
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/36 , H04L2463/082
摘要: A technique provides user authentication. The technique involves generating a pointer data profile entry in a pointer data profile database, the pointer data profile entry having a pointer data profile which is based on first pointer data obtained during a first user session. Such pointer data can be collected from a standard pointing device such as an electronic mouse, a touch-based track pad, a trackball, a scroll wheel, etc. The technique further involves receiving new pointer data during a second user session, and performing an authentication operation based on (i) the pointer data profile entry in the pointer data profile database and (ii) the new pointer data to determine whether a user providing the first pointer data during the first user session and a user providing the new pointer data during the second user session is the same person.
摘要翻译: 一种技术提供用户认证。 该技术涉及在指针数据简档数据库中生成指针数据简档条目,指针数据简档条目具有基于在第一用户会话期间获得的第一指针数据的指针数据简档。 可以从诸如电子鼠标,基于触摸的轨迹板,轨迹球,滚轮等的标准指示装置收集这样的指针数据。该技术还包括在第二用户会话期间接收新的指针数据,并执行 基于(i)指针数据简档数据库中的指针数据简档条目的认证操作和(ii)新指针数据,以确定在第一用户会话期间提供第一指针数据的用户和在第一用户会话期间提供新指针数据的用户 第二个用户会话是同一个人。
-
公开(公告)号:US08478688B1
公开(公告)日:2013-07-02
申请号:US13329377
申请日:2011-12-19
申请人: Yael Villa , Alon Kaufman , Ayelet Eliezer , Marcelo Blatt , Tomer Meidan
发明人: Yael Villa , Alon Kaufman , Ayelet Eliezer , Marcelo Blatt , Tomer Meidan
IPC分类号: G06Q40/00
CPC分类号: G06Q40/02
摘要: An improved technique identifies risky transactions from a set of transactions and updates risk scores only for those transactions identified as risky. Along these lines, a transaction sorting engine sorts the set of transactions according to risk score. The transaction sorting engine identifies as risky those transactions having risk scores above a specified percentile; for instance, the transactions having risk scores above the 90th percentile would be identified as risky. Some time later, a risk score engine adjusts, based on new historical transaction data, Bayesian weights which it uses to compute risk scores. The transaction sorting engine sends to the risk score engine only those transactions it identified as risky. The risk score engine computes new risk scores for the risky transactions and makes the new risk scores available to the transaction sorting engine so that it can sort all of current transactions (e.g., received within the past week).
摘要翻译: 一种改进的技术可以识别一组交易中的风险交易,并仅对那些被认定为有风险的交易更新风险分数。 按照这些方面,交易排序引擎根据风险分数对交易集进行排序。 交易排序引擎将风险评分高于指定百分位数的交易识别为风险; 例如,具有高于第90百分位数的风险分数的交易将被确定为具有风险。 一段时间后,风险分数引擎根据新的历史交易数据调整贝叶斯权重,用于计算风险分数。 交易排序引擎仅向风险评分引擎发送那些被认定为具有风险的交易。 风险分数引擎计算风险交易的新风险分数,并使新的风险分数可用于交易排序引擎,以便它可以对所有当前交易进行排序(例如,在过去一周内收到)。
-
公开(公告)号:US08850575B1
公开(公告)日:2014-09-30
申请号:US13340768
申请日:2011-12-30
申请人: Triinu Magi Shaashua , Harel Efraim , Alon Kaufman
发明人: Triinu Magi Shaashua , Harel Efraim , Alon Kaufman
IPC分类号: G06F11/00
摘要: An improved technique tracks errors in collecting geolocation data associated with a transaction. Along these lines, an adaptive authentication engine stores information indicative of a failure to collect geolocation data associated with the transaction. In particular, this information takes the form of a geolocation collection state; the adaptive authentication engine stores such a state in a field of a database that contains historical transaction information. If a service provider failed to collect geolocation information for a transaction, the adaptive authentication engine stores a “Fail” value in the geolocation collection state field of the database entry associated with the transaction. Adaptive authentication techniques may then correlate such “Fail” values with other field values such as time of submission and device type. The result of such a correlation is to build a risk model based on geolocation collection error which the risk engine may then use to compute risk score.
摘要翻译: 改进的技术跟踪与事务相关联的地理位置数据的错误。 沿着这些线路,自适应认证引擎存储指示故障收集与交易相关联的地理定位数据的信息。 特别地,这种信息采取地理位置收集状态的形式; 自适应认证引擎将这种状态存储在包含历史交易信息的数据库的字段中。 如果服务提供商未能收集交易的地理位置信息,则自适应认证引擎在与交易相关联的数据库条目的地理位置收集状态字段中存储“失败”值。 然后,自适应认证技术可以将这样的“失败”值与诸如提交时间和设备类型的其他字段值相关联。 这种相关性的结果是构建基于地理位置收集误差的风险模型,风险引擎可以用来计算风险评分。
-
公开(公告)号:US09906511B1
公开(公告)日:2018-02-27
申请号:US14753458
申请日:2015-06-29
申请人: Eyal Kolman , Alon Kaufman , Yehuda Lindell , Binyamin Pinkas
发明人: Eyal Kolman , Alon Kaufman , Yehuda Lindell , Binyamin Pinkas
CPC分类号: H04L63/08 , G06F2221/2111 , H04L9/3242 , H04L63/0428 , H04L63/10
摘要: Techniques of performing impersonation detection involve using encrypted access request data. Along these lines, an impersonation detection server stores historical access request data only in encrypted form and has no way to decrypt such data. When a new access request is received by a client, the client sends the username associated with the request to the server, which in turns sends the client the encrypted historical access request data. In addition, the server sends the client instructions to perform impersonation detection. The client then carries out the instructions based on the encrypted historical access request data and data contained in the new access request.
-
公开(公告)号:US09830599B1
公开(公告)日:2017-11-28
申请号:US12974768
申请日:2010-12-21
申请人: Amnon Khen , Roy Hodgman , Alon Kaufman
发明人: Amnon Khen , Roy Hodgman , Alon Kaufman
CPC分类号: G06Q20/40 , G06F21/30 , G06F21/316 , G06Q20/4014
摘要: An improved technique of processing an electronic transaction is disclosed. In the improved technique, a validation operation is performed on a set of standard user input and a set of peripheral device data received by a server connected to a client computer, the validation operation verifying a link between the set of standard user input and the set of peripheral device data. Based on results of the validation operation, an authorization code is assigned to the electronic transaction.
-
公开(公告)号:US09729525B1
公开(公告)日:2017-08-08
申请号:US14753453
申请日:2015-06-29
申请人: Eyal Kolman , Alon Kaufman
发明人: Eyal Kolman , Alon Kaufman
CPC分类号: G06F17/30864 , G06F17/30477 , G06F21/6227 , G06F21/6245 , H04L63/0428
摘要: Techniques of performing queries involve adapting a query to whether query data is encrypted. Along these lines, a data sensitivity policy defines which types of data is encrypted prior to storage in a data analytics database and which other types of data remain unencrypted. When a client formulates a query, the client encrypts a query input and then conceals the encrypted query input and query function to form concealed query logic. When the concealed query logic is received by a data analytics server, the data analytics server determines whether the query data to be input into the concealed query logic is encrypted or unencrypted. If the query data is unencrypted, then the concealed query logic is unconcealed and the query input unencrypted so that the data analytics server may evaluate the query function without concealment to produce a query result.
-
7.发明授权公开(公告)号:US08875267B1
公开(公告)日:2014-10-28
申请号:US13538120
申请日:2012-06-29
申请人: Eyal Kolman , Alon Kaufman , Yael Villa
发明人: Eyal Kolman , Alon Kaufman , Yael Villa
IPC分类号: G06F21/00
摘要: Active learning-based fraud detection techniques are provided in adaptive authentication systems. An authentication request from an authentication requestor is processed by receiving the authentication request from the authentication requester; comparing current data for the user associated with the user identifier with historical data for the user; generating an adaptive authentication result based on the comparison indicating a likelihood current user data is associated with a fraudulent user; and performing one or more additional authentication operations to improve learning if the request satisfies one or more predefined non-risk based criteria. The predefined non-risk based criteria comprises, for example, (i) the request receiving a riskiness score below a threshold based on current data and wherein the request was expected to have a risk score above a threshold, or (ii) the request being in a bucket having a number of tagged events below a threshold.
摘要翻译: 在自适应认证系统中提供了基于学习的主动欺诈检测技术。 来自认证请求者的认证请求通过从认证请求者接收认证请求来处理; 将与用户标识符相关联的用户的当前数据与用户的历史数据进行比较; 基于表示可能性当前用户数据与欺诈用户相关联的比较来生成自适应认证结果; 以及如果所述请求满足一个或多个预定义的基于非风险的准则,则执行一个或多个附加认证操作以改善学习。 预定义的基于非风险的标准包括例如(i)基于当前数据接收风险评分低于阈值的请求,并且其中预期该请求具有高于阈值的风险评分,或者(ii)请求为 在具有低于阈值的多个标记事件的桶中。
-
公开(公告)号:US09460390B1
公开(公告)日:2016-10-04
申请号:US13332889
申请日:2011-12-21
申请人: Derek Lin , Alon Kaufman , Yael Villa
发明人: Derek Lin , Alon Kaufman , Yael Villa
CPC分类号: G06N5/04 , G06F17/30705 , G06N7/005 , G06N99/005 , G06Q10/08 , G06Q30/00
摘要: A method is used in analyzing device similarity. Data describing a device is received and a similarity analysis is applied to the data. Based on the similarity analysis, a measure of similarity between the device and a previously known device is determined.
摘要翻译: 一种方法用于分析设备相似性。 接收到描述设备的数据,并对数据应用相似性分析。 基于相似性分析,确定了装置与先前已知的装置之间的相似度的度量。
-
公开(公告)号:US08880441B1
公开(公告)日:2014-11-04
申请号:US13433633
申请日:2012-03-29
申请人: Jidong Chen , Derek Lin , Alon Kaufman , Yael Villa
发明人: Jidong Chen , Derek Lin , Alon Kaufman , Yael Villa
IPC分类号: G06F15/18
CPC分类号: G06F15/18 , G06F21/316
摘要: An improved technique trains a fraud detection system to use mouse movement data as part of a user profile. Along these lines, a training apparatus receives sets of mouse movement datasets generated by a legitimate user and/or a fraudulent user. The training apparatus assigns each mouse movement dataset to a cluster according to one of several combinations of representations, distance metrics, and cluster metrics. By correlating the clusters with the origins of the mouse movement datasets (legitimate or fraudulent user), the training apparatus constructs a robust framework for detecting fraud at least partially based on mouse movement data.
摘要翻译: 改进的技术训练欺诈检测系统,以使用鼠标移动数据作为用户简档的一部分。 沿着这些线路,训练装置接收由合法用户和/或欺诈用户生成的一组鼠标移动数据集。 训练装置根据表示,距离度量和簇度量的若干组合之一将每个鼠标移动数据集分配给群集。 通过将群集与鼠标移动数据集(合法或欺诈用户)的起源相关联,训练装置至少部分地基于鼠标移动数据构建用于检测欺诈的鲁棒框架。
-
公开(公告)号:US08752144B1
公开(公告)日:2014-06-10
申请号:US13325131
申请日:2011-12-14
申请人: Alon Kaufman , Yael Villa , Yedidya Dotan
发明人: Alon Kaufman , Yael Villa , Yedidya Dotan
CPC分类号: G06F21/32 , H04L63/0861 , H04L2463/082
摘要: An improved technique tailors a biometric challenge activity to a particular user. The particular user submits electronic input from which an authentication system extracts information concerning traits of the particular user; such traits can include keystroke and swiping patterns, handheld device positions, and place of origin. An authentication server maps values of user attributes such as place of origin, age, and UI device to the extracted traits. The authentication server then selects biometric challenges for the particular user based on user attributes having values which deviate most from a mean value of that attribute taken across a population of users. That is, the authentication server bases biometric challenges on the most distinguishing traits of the particular user.
摘要翻译: 改进的技术为特定用户定制生物特征挑战活动。 特定用户提交电子输入,认证系统从该电子输入提取关于特定用户的特征的信息; 这种特征可以包括击键和滑动模式,手持设备位置和原点。 验证服务器将用户属性的值(如原始位置,年龄和UI设备)映射到提取的特征。 然后认证服务器基于具有偏离最终与该用户群体的该属性的平均值偏离的值的用户属性来选择特定用户的生物特征挑战。 也就是说,认证服务器基于特定用户的最显着特征的生物特征挑战。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.014 秒)
