Targeted biometric challenges
    1.
    发明授权
    Targeted biometric challenges 有权
    针对性的生物特征挑战

    公开(公告)号:US08752144B1

    公开(公告)日:2014-06-10

    申请号:US13325131

    申请日:2011-12-14

    IPC分类号: H04K1/00 G06F7/00

    摘要: An improved technique tailors a biometric challenge activity to a particular user. The particular user submits electronic input from which an authentication system extracts information concerning traits of the particular user; such traits can include keystroke and swiping patterns, handheld device positions, and place of origin. An authentication server maps values of user attributes such as place of origin, age, and UI device to the extracted traits. The authentication server then selects biometric challenges for the particular user based on user attributes having values which deviate most from a mean value of that attribute taken across a population of users. That is, the authentication server bases biometric challenges on the most distinguishing traits of the particular user.

    摘要翻译: 改进的技术为特定用户定制生物特征挑战活动。 特定用户提交电子输入,认证系统从该电子输入提取关于特定用户的特征的信息; 这种特征可以包括击键和滑动模式,手持设备位置和原点。 验证服务器将用户属性的值(如原始位置,年龄和UI设备)映射到提取的特征。 然后认证服务器基于具有偏离最终与该用户群体的该属性的平均值偏离的值的用户属性来选择特定用户的生物特征挑战。 也就是说,认证服务器基于特定用户的最显着特征的生物特征挑战。

    Rapid transaction processing
    2.
    发明授权
    Rapid transaction processing 有权
    快速交易处理

    公开(公告)号:US08478688B1

    公开(公告)日:2013-07-02

    申请号:US13329377

    申请日:2011-12-19

    IPC分类号: G06Q40/00

    CPC分类号: G06Q40/02

    摘要: An improved technique identifies risky transactions from a set of transactions and updates risk scores only for those transactions identified as risky. Along these lines, a transaction sorting engine sorts the set of transactions according to risk score. The transaction sorting engine identifies as risky those transactions having risk scores above a specified percentile; for instance, the transactions having risk scores above the 90th percentile would be identified as risky. Some time later, a risk score engine adjusts, based on new historical transaction data, Bayesian weights which it uses to compute risk scores. The transaction sorting engine sends to the risk score engine only those transactions it identified as risky. The risk score engine computes new risk scores for the risky transactions and makes the new risk scores available to the transaction sorting engine so that it can sort all of current transactions (e.g., received within the past week).

    摘要翻译: 一种改进的技术可以识别一组交易中的风险交易,并仅对那些被认定为有风险的交易更新风险分数。 按照这些方面,交易排序引擎根据风险分数对交易集进行排序。 交易排序引擎将风险评分高于指定百分位数的交易识别为风险; 例如,具有高于第90百分位数的风险分数的交易将被确定为具有风险。 一段时间后,风险分数引擎根据新的历史交易数据调整贝叶斯权重,用于计算风险分数。 交易排序引擎仅向风险评分引擎发送那些被认定为具有风险的交易。 风险分数引擎计算风险交易的新风险分数,并使新的风险分数可用于交易排序引擎,以便它可以对所有当前交易进行排序(例如,在过去一周内收到)。

    Click stream analysis for fraud detection
    4.
    发明授权
    Click stream analysis for fraud detection 有权
    点击流分析进行欺诈检测

    公开(公告)号:US08880441B1

    公开(公告)日:2014-11-04

    申请号:US13433633

    申请日:2012-03-29

    IPC分类号: G06F15/18

    CPC分类号: G06F15/18 G06F21/316

    摘要: An improved technique trains a fraud detection system to use mouse movement data as part of a user profile. Along these lines, a training apparatus receives sets of mouse movement datasets generated by a legitimate user and/or a fraudulent user. The training apparatus assigns each mouse movement dataset to a cluster according to one of several combinations of representations, distance metrics, and cluster metrics. By correlating the clusters with the origins of the mouse movement datasets (legitimate or fraudulent user), the training apparatus constructs a robust framework for detecting fraud at least partially based on mouse movement data.

    摘要翻译: 改进的技术训练欺诈检测系统,以使用鼠标移动数据作为用户简档的一部分。 沿着这些线路,训练装置接收由合法用户和/或欺诈用户生成的一组鼠标移动数据集。 训练装置根据表示,距离度量和簇度量的若干组合之一将每个鼠标移动数据集分配给群集。 通过将群集与鼠标移动数据集(合法或欺诈用户)的起源相关联,训练装置至少部分地基于鼠标移动数据构建用于检测欺诈的鲁棒框架。

    Active learning-based fraud detection in adaptive authentication systems
    5.
    发明授权
    Active learning-based fraud detection in adaptive authentication systems 有权
    自适应认证系统中主动学习型欺诈检测

    公开(公告)号:US08875267B1

    公开(公告)日:2014-10-28

    申请号:US13538120

    申请日:2012-06-29

    IPC分类号: G06F21/00

    CPC分类号: G06F21/31 G06N7/005 H04L63/08

    摘要: Active learning-based fraud detection techniques are provided in adaptive authentication systems. An authentication request from an authentication requestor is processed by receiving the authentication request from the authentication requester; comparing current data for the user associated with the user identifier with historical data for the user; generating an adaptive authentication result based on the comparison indicating a likelihood current user data is associated with a fraudulent user; and performing one or more additional authentication operations to improve learning if the request satisfies one or more predefined non-risk based criteria. The predefined non-risk based criteria comprises, for example, (i) the request receiving a riskiness score below a threshold based on current data and wherein the request was expected to have a risk score above a threshold, or (ii) the request being in a bucket having a number of tagged events below a threshold.

    摘要翻译: 在自适应认证系统中提供了基于学习的主动欺诈检测技术。 来自认证请求者的认证请求通过从认证请求者接收认证请求来处理; 将与用户标识符相关联的用户的当前数据与用户的历史数据进行比较; 基于表示可能性当前用户数据与欺诈用户相关联的比较来生成自适应认证结果; 以及如果所述请求满足一个或多个预定义的基于非风险的准则,则执行一个或多个附加认证操作以改善学习。 预定义的基于非风险的标准包括例如(i)基于当前数据接收风险评分低于阈值的请求,并且其中预期该请求具有高于阈值的风险评分,或者(ii)请求为 在具有低于阈值的多个标记事件的桶中。

    Methods and apparatus for risk-based authentication between two servers on behalf of a user

    公开(公告)号:US10592978B1

    公开(公告)日:2020-03-17

    申请号:US13537525

    申请日:2012-06-29

    IPC分类号: G06Q40/00

    摘要: Methods and apparatus are provided for risk-based authentication between two servers on behalf of a user. A method is provided for controlling access by a consumer to a service provider on behalf of a user. An authentication request is issued responsive to an initial access request from the consumer to access the service provider on behalf of the user. An access token is provided to the consumer upon approval from the user to grant access to the consumer. Upon receiving a subsequent access request from the consumer with the access token to access the service provider on behalf of the user; a risk analysis is performed to determine if the subsequent access request should be granted. The risk analysis can determine if the subsequent access complies with one or more rules of the user. The user is optionally prompted to specify whether to allow the subsequent access request and/or future similar transactions.

    Methods and apparatus for risk evaluation of compromised credentials
    8.
    发明授权
    Methods and apparatus for risk evaluation of compromised credentials 有权
    损害凭证风险评估的方法和手段

    公开(公告)号:US09092782B1

    公开(公告)日:2015-07-28

    申请号:US13537506

    申请日:2012-06-29

    IPC分类号: G06F21/00 G06Q20/40

    摘要: Techniques are provided for evaluating compromised credential information. A method for evaluating compromised credentials comprises the steps of: collecting data regarding previously compromised credentials that were used to commit an unauthorized activity; applying one or more statistical learning methods to the collected data to identify one or more patterns; and evaluating a risk of credentials that have been compromised by one or more attackers using the identified patterns. According to a further aspect of the invention, a risk score is generated for one or more users and devices. The risk scores are optionally ordered based on an order of risk. The data can be collected, for example, from one or more of anti-fraud servers and information sources.

    摘要翻译: 提供技术来评估受损的凭证信息。 用于评估受损凭据的方法包括以下步骤:收集关于用于提交未授权活动的先前被破坏的凭证的数据; 将一个或多个统计学习方法应用于所收集的数据以识别一个或多个模式; 并评估已被一个或多个攻击者使用识别的模式损害的凭据风险。 根据本发明的另一方面,为一个或多个用户和设备生成风险评分。 风险分数可根据风险顺序进行排序。 可以例如从一个或多个反欺诈服务器和信息源收集数据。

    Similarity-based fraud detection in adaptive authentication systems
    9.
    发明授权
    Similarity-based fraud detection in adaptive authentication systems 有权
    自适应认证系统中基于相似性的欺诈检测

    公开(公告)号:US08856923B1

    公开(公告)日:2014-10-07

    申请号:US13537958

    申请日:2012-06-29

    IPC分类号: G06Q20/00 G06Q20/40

    摘要: Similarity-based fraud detection techniques are provided in adaptive authentication systems. A method is provided for determining if an event is fraudulent by obtaining a plurality of tagged events and one or more untagged events, wherein the tagged events indicate a likelihood of whether the corresponding event was fraudulent; constructing a graph, wherein each node in the graph represents an event and has a value representing a likelihood of whether the corresponding event was fraudulent and wherein similar transactions are connected via weighted links; diffusing through weights in the graph to assign values to nodes such that neighbors of nodes having non-zero values receive similar values as the neighbors; and classifying whether at least one of the one or more untagged events is fraudulent based on the assigned values.

    摘要翻译: 在自适应认证系统中提供了基于相似性的欺诈检测技术。 提供一种用于通过获得多个标记事件和一个或多个未标记事件来确定事件是否是欺诈的方法,其中标记事件指示相应事件是否是欺诈性的可能性; 构建图形,其中图中的每个节点表示事件,并且具有表示相应事件是否为欺诈的可能性的值,并且其中相似的事务通过加权链接连接; 通过图中的权重扩散以将值分配给节点,使得具有非零值的节点的邻居接收与邻居相似的值; 以及基于所分配的值来分类所述一个或多个未标记事件中的至少一个是否是欺诈性的。

    Geolocation error tracking in transaction processing
    10.
    发明授权
    Geolocation error tracking in transaction processing 有权
    事务处理中的地理位置错误跟踪

    公开(公告)号:US08850575B1

    公开(公告)日:2014-09-30

    申请号:US13340768

    申请日:2011-12-30

    IPC分类号: G06F11/00

    CPC分类号: G06Q10/00 G06Q40/00

    摘要: An improved technique tracks errors in collecting geolocation data associated with a transaction. Along these lines, an adaptive authentication engine stores information indicative of a failure to collect geolocation data associated with the transaction. In particular, this information takes the form of a geolocation collection state; the adaptive authentication engine stores such a state in a field of a database that contains historical transaction information. If a service provider failed to collect geolocation information for a transaction, the adaptive authentication engine stores a “Fail” value in the geolocation collection state field of the database entry associated with the transaction. Adaptive authentication techniques may then correlate such “Fail” values with other field values such as time of submission and device type. The result of such a correlation is to build a risk model based on geolocation collection error which the risk engine may then use to compute risk score.

    摘要翻译: 改进的技术跟踪与事务相关联的地理位置数据的错误。 沿着这些线路,自适应认证引擎存储指示故障收集与交易相关联的地理定位数据的信息。 特别地,这种信息采取地理位置收集状态的形式; 自适应认证引擎将这种状态存储在包含历史交易信息的数据库的字段中。 如果服务提供商未能收集交易的地理位置信息,则自适应认证引擎在与交易相关联的数据库条目的地理位置收集状态字段中存储“失败”值。 然后,自适应认证技术可以将这样的“失败”值与诸如提交时间和设备类型的其他字段值相关联。 这种相关性的结果是构建基于地理位置收集误差的风险模型,风险引擎可以用来计算风险评分。