-
公开(公告)号:US09363267B2
公开(公告)日:2016-06-07
申请号:US14496160
申请日:2014-09-25
Applicant: EBAY, INC.
Inventor: Kevin Sugihara , Bradley Wardman
CPC classification number: H04L9/3271 , G06F21/445 , H04L9/14 , H04L9/30 , H04L63/06 , H04L63/08 , H04L63/0869 , H04L63/10 , H04L63/1466
Abstract: Methods, systems, and computer program products for providing transaction verification through enhanced authentication are provided. A method performed by a computer system may include receiving one or more credentials to authenticate an application programming interface request received from a second computer system based on a first level of authentication, generating an additional authentication challenge to further authenticate the application programming interface request in response to detecting a change associated with the second computer system, issuing the additional authentication challenge to the second computer system, and processing the application programming interface request based on a result of the additional authentication challenge.In some examples, the additional authentication challenge may be encrypted using a key associated with the second computer system before issuance the additional authentication challenge. For example, the key may be a public key corresponding to a private key stored in a highly secure area on the second computer system.
Abstract translation: 提供了通过增强认证提供事务验证的方法,系统和计算机程序产品。 由计算机系统执行的方法可以包括接收一个或多个证书,以基于第一级认证来验证从第二计算机系统接收到的应用编程接口请求,生成额外的认证挑战以进一步验证应用编程接口请求以作出响应 检测与第二计算机系统相关联的改变,向第二计算机系统发出附加认证挑战,以及基于附加认证挑战的结果处理应用程序编程接口请求。 在一些示例中,可以在发布附加认证挑战之前使用与第二计算机系统相关联的密钥来加密附加认证挑战。 例如,密钥可以是对应于存储在第二计算机系统上的高度安全区域中的私钥的公钥。
-
公开(公告)号:US11695576B2
公开(公告)日:2023-07-04
申请号:US17369260
申请日:2021-07-07
Applicant: EBAY INC.
Inventor: Kevin Sugihara , Bradley Wardman
CPC classification number: H04L9/3271 , G06F21/445 , H04L9/14 , H04L9/30 , H04L63/06 , H04L63/08 , H04L63/0869 , H04L63/10 , H04L63/1466
Abstract: Systems and methods for authenticating requests to use an Application Programming Interface (“API”) are described. In some embodiments, a request to use an API is received. Based on a comparison of the request to use the API with a pattern of activity associated with the client, a determination is made whether the client deviates from an expected behavior. Once a determination that the client deviates from the expected behavior is made, an authentication challenge is generated and issued. In some embodiments, the comparison of the request to use the API with a pattern of activity involves comparing transactional attributes of the request to use the API with past client behavior.
-
3.发明申请ACCURATELY CLASSIFYING A COMPUTER PROGRAM INTERACTING WITH A COMPUTER SYSTEM USING QUESTIONING AND FINGERPRINTING 有权精确分类计算机程序与使用问题和指纹的计算机系统相互作用公开(公告)号:US20150381376A1
公开(公告)日:2015-12-31
申请号:US14320520
申请日:2014-06-30
Applicant: EBAY, INC.
Inventor: Bradley Wardman , Ryan A. Carrico , Nathan Robert Pratt
CPC classification number: H04L9/3271 , G06F21/36 , G06F21/44 , G06F2221/2133 , H04L63/0861 , H04L63/0876 , H04L63/1433 , H04L63/145 , H04L63/1483 , H04L67/02
Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include issuing a challenge to an application interacting with a computer system to determine whether activity performed by the application is scripted, analyzing data associated with a result of the challenge to determine whether the result is at least partially correct, and computing a reputation score for the application based on the result of the challenge. A computer-implemented method also may include comparing the reputation score for the application to a threshold for identifying non-scripted activity, and determining that that the activity performed by the application is scripted when the reputation score for the application does not meet the threshold for identifying non-scripted activity.
Abstract translation: 提供在线内容转介的方法,系统和计算机程序产品。 计算机实现的方法可以包括向与计算机系统交互的应用程序发出挑战以确定应用程序执行的活动是否被脚本化,分析与挑战结果相关联的数据以确定结果是否至少部分正确;以及 基于挑战的结果计算应用程序的信誉评分。 计算机实现的方法还可以包括将应用程序的信誉分数与用于识别非脚本活动的阈值进行比较,以及当应用程序的信誉评分不满足应用程序的阈值时,确定由应用程序执行的活动是脚本化的 识别非脚本活动。
-
公开(公告)号:US12041187B2
公开(公告)日:2024-07-16
申请号:US18198371
申请日:2023-05-17
Applicant: eBay Inc.
Inventor: Kevin Sugihara , Bradley Wardman
CPC classification number: H04L9/3271 , G06F21/445 , H04L9/14 , H04L9/30 , H04L63/06 , H04L63/08 , H04L63/0869 , H04L63/10 , H04L63/1466
Abstract: Systems and methods for authenticating requests to use an Application Programming Interface (“API”) are described. In some embodiments, a request to use an API is issued from a client to a server. One or more credentials for a first-level authentication challenge are provided from the client to the server. Responsive to the server determining that the client deviates from an expected behavior based on comparing the request to use the API with a pattern of activity associated with the client, the client receives a second authentication challenge.
-
Patent Agency Ranking
公开(公告)号:US11075767B2
公开(公告)日:2021-07-27
申请号:US15159398
申请日:2016-05-19
Applicant: EBAY INC.
Inventor: Kevin Sugihara , Bradley Wardman
Abstract: Methods, systems, and computer program products for providing transaction verification through enhanced authentication are provided. A method performed by a computer system may include receiving an application programming interface (API) request from a client, detecting a change associated with the API request as compared to a prior use of the API by the client, generating an encrypted challenge to authenticate the API request based on detecting the change, and issuing the encrypted challenge to the client to authenticate the API request.
-
公开(公告)号:US20170214531A1
公开(公告)日:2017-07-27
申请号:US15159398
申请日:2016-05-19
Applicant: EBAY INC.
Inventor: Kevin Sugihara , Bradley Wardman
CPC classification number: H04L9/3271 , G06F21/445 , H04L9/14 , H04L9/30 , H04L63/06 , H04L63/08 , H04L63/0869 , H04L63/10 , H04L63/1466
Abstract: Methods, systems, and computer program products for providing transaction verification through enhanced authentication are provided. A method performed by a computer system may include receiving an application programming interface (API) request from a client, detecting a change associated with the API request as compared to a prior use of the API by the client, generating an encrypted challenge to authenticate the API request based on detecting the change, and issuing the encrypted challenge to the client to authenticate the API request.
-
公开(公告)号:US20160094551A1
公开(公告)日:2016-03-31
申请号:US14496160
申请日:2014-09-25
Applicant: EBAY, INC.
Inventor: Kevin Sugihara , Bradley Wardman
IPC: H04L29/06
CPC classification number: H04L9/3271 , G06F21/445 , H04L9/14 , H04L9/30 , H04L63/06 , H04L63/08 , H04L63/0869 , H04L63/10 , H04L63/1466
Abstract: Methods, systems, and computer program products for providing transaction verification through enhanced authentication are provided. A method performed by a computer system may include receiving one or more credentials to authenticate an application programming interface request received from a second computer system based on a first level of authentication, generating an additional authentication challenge to further authenticate the application programming interface request in response to detecting a change associated with the second computer system, issuing the additional authentication challenge to the second computer system, and processing the application programming interface request based on a result of the additional authentication challenge.In some examples, the additional authentication challenge may be encrypted using a key associated with the second computer system before issuance the additional authentication challenge. For example, the key may be a public key corresponding to a private key stored in a highly secure area on the second computer system.
Abstract translation: 提供了通过增强认证提供事务验证的方法,系统和计算机程序产品。 由计算机系统执行的方法可以包括接收一个或多个证书,以基于第一级认证来验证从第二计算机系统接收到的应用编程接口请求,生成额外的认证挑战以进一步验证应用编程接口请求以作出响应 检测与第二计算机系统相关联的改变,向第二计算机系统发出附加认证挑战,以及基于附加认证挑战的结果处理应用程序编程接口请求。 在一些示例中,可以在发布附加认证挑战之前使用与第二计算机系统相关联的密钥来加密附加认证挑战。 例如,密钥可以是对应于存储在第二计算机系统上的高度安全区域中的私钥的公钥。
-
公开(公告)号:US20210336803A1
公开(公告)日:2021-10-28
申请号:US17369260
申请日:2021-07-07
Applicant: EBAY INC.
Inventor: Kevin Sugihara , Bradley Wardman
Abstract: Systems and methods for authenticating requests to use an Application Programming Interface (“API”) are described. In some embodiments, a request to use an API is received. Based on a comparison of the request to use the API with a pattern of activity associated with the client, a determination is made whether the client deviates from an expected behavior. Once a determination that the client deviates from the expected behavior is made, an authentication challenge is generated and issued. In some embodiments, the comparison of the request to use the API with a pattern of activity involves comparing transactional attributes of the request to use the API with past client behavior.
-
公开(公告)号:US20150371221A1
公开(公告)日:2015-12-24
申请号:US14311119
申请日:2014-06-20
Applicant: Ebay Inc.
Inventor: Bradley Wardman
CPC classification number: G06Q20/3674 , G06Q20/102 , G06Q20/3821 , G06Q20/401 , G06Q20/4097 , G06Q30/04
Abstract: Methods and systems for authenticating a transaction are described. A user provides a user account and contact information to a merchant, and the merchant transmits this information to a service provider. The service provider generates an access token for the transaction and sends it to the contact information. The service provider also sends a notification to the user account. The user provides the access token to the service provider. The service provider confirms the access token, and processes the payment.
Abstract translation: 描述用于认证交易的方法和系统。 用户向商家提供用户帐户和联系信息,并且商家将该信息发送到服务提供商。 服务提供商生成交易的访问令牌,并将其发送到联系人信息。 服务提供商还向用户帐户发送通知。 用户向服务提供商提供访问令牌。 服务提供商确认访问令牌,并处理付款。
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.012 seconds)
