公开(公告)号：US11750598B2

公开(公告)日：2023-09-05

申请号：US16517004

申请日：2019-07-19

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic

IPC: H04L9/40 ,  G06Q20/40

CPC classification number: H04L63/0853 ,  G06Q20/401

Abstract: Technologies are shown for network attribution tracking for a multi-legged transaction that involve receiving a tracking token registration request from a partner service, generating a tracking token associated with the partner service, adding an entry to an attribution stack for a transaction, where the entry associates the tracking token with the partner service, and returning the tracking token to the partner service. Receiving a tracking token request can include determining whether the tracking token request includes a previously generated tracking token and using the previously generated tracking token to identify the attribution stack for the transaction. Adding an entry to an attribution stack for a transaction can include adding the entry to the attribution stack identified for the transaction. Attribution for a transaction can be obtained by accumulating attribution entities from each entry in the attribution stack identified for the transaction.

公开(公告)号：US11503062B2

公开(公告)日：2022-11-15

申请号：US16870721

申请日：2020-05-08

Applicant: eBay Inc.

Inventor： Tatjana Vlahovic ,  Gail Anna Rahn Frederick

IPC: H04L29/00 ,  H04L9/40 ,  G06Q10/06 ,  G06Q10/10 ,  G06Q30/00 ,  G06Q50/26 ,  G06N20/00 ,  G06F9/54

Abstract: Technologies are shown for application risk assessment in an authentication service where an authorization request is received from a third party application calling an Application Programming Interface (API). Risk assessment policies that pertain to behavioral characteristics, such as API usage patterns or past delegation of permissions, are applied to the authorization request to obtain a risk assessment score. If the risk assessment score does not exceed a risk threshold, then an authorization message is sent in response to the authorization request. If the risk assessment score exceeds the risk threshold, then remedial action, such as suspending the application, limiting the available actions, or sending a notification to a trusted security application, is executed for an account associated with the third party application. Machine learning can be applied to historical behavioral data to generate the risk assessment policies.

公开(公告)号：US11758406B2

公开(公告)日：2023-09-12

申请号：US17977628

申请日：2022-10-31

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic

IPC: H04W12/60 ,  G06F21/62 ,  H04L9/32 ,  H04L9/40

CPC classification number: H04W12/66 ,  G06F21/6245 ,  H04L9/3255 ,  H04L63/0869 ,  H04L63/0884

Abstract: Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor.

公开(公告)号：US20210352097A1

公开(公告)日：2021-11-11

申请号：US16870721

申请日：2020-05-08

Applicant: eBay Inc.

Inventor： Tatjana Vlahovic ,  Gail Anna Rahn Frederick

IPC: H04L29/06 ,  G06Q10/06 ,  G06Q10/10 ,  G06Q30/00 ,  G06Q50/26 ,  G06F9/54 ,  G06N20/00

Abstract: Technologies are shown for application risk assessment in an authentication service where an authorization request is received from a third party application calling an Application Programming Interface (API). Risk assessment policies that pertain to behavioral characteristics, such as API usage patterns or past delegation of permissions, are applied to the authorization request to obtain a risk assessment score. If the risk assessment score does not exceed a risk threshold, then an authorization message is sent in response to the authorization request. If the risk assessment score exceeds the risk threshold, then remedial action, such as suspending the application, limiting the available actions, or sending a notification to a trusted security application, is executed for an account associated with the third party application. Machine learning can be applied to historical behavioral data to generate the risk assessment policies.

公开(公告)号：US20230370488A1

公开(公告)日：2023-11-16

申请号：US18227637

申请日：2023-07-28

Applicant: ebay Inc

Inventor： Tatjana VLAHOVIC ,  Gail Anna Rahn Frederick

IPC: H04L9/40 ,  G06Q10/0635 ,  G06Q10/10 ,  G06Q30/018 ,  G06Q50/26 ,  G06N20/00 ,  G06F9/54

CPC classification number: H04L63/1433 ,  G06F9/54 ,  G06N20/00 ,  G06Q10/0635 ,  G06Q10/10 ,  G06Q30/0185 ,  G06Q50/265 ,  H04L63/0884 ,  H04L63/102 ,  H04L63/1425 ,  H04L63/20

Abstract: Risk assessment in an authentication service is performed where an authorization request is received from a third-party application. Risk assessment policies for the authorization request are determined based on a class of the third-party application. The risk assessment policies are applied to the authorization request to determine an action to be performed for the authorization request, such as sending an authorization message in response to the authorization request or taking a remedial action (e.g., suspending the application, limiting the available actions, or sending a notification to a trusted security application).

公开(公告)号：US11295373B2

公开(公告)日：2022-04-05

申请号：US16805965

申请日：2020-03-02

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic ,  Sanjeev Katariya

IPC: G06Q30/06

Abstract: Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the inventory data based on attributes of the second server, and cause display of a presentation of the modified inventory data at a client device.

公开(公告)号：US11057778B2

公开(公告)日：2021-07-06

申请号：US16288689

申请日：2019-02-28

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic

IPC: H04W12/60 ,  G06F21/62 ,  H04L9/32 ,  H04L29/06

Abstract: Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor.

公开(公告)号：US20210099449A1

公开(公告)日：2021-04-01

申请号：US16588958

申请日：2019-09-30

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic

IPC: H04L29/06 ,  H04W12/08

Abstract: Systems and methods for transforming an API authorization to a UX session are provided. An authorization server receives, from a third-party application developed by a third-party, a request to access a user experience (UX) session on behalf of a user. The request comprises an access token previously granted by the authorization server to the third-party application in response to consent, by the user, to allow the third-party application to perform actions on behalf of the user. In one embodiment, this previous authorization comprises an Open Authorization (OAuth). In response to receiving the request the authorization server transforms the access token into a single sign on (SSO) link with a session token. The authorization server then returns the SSO link that includes the session token the third-party application hosted by the third-party. The SSO link causes the third-party application to redirect the user to the UX session corresponding to the SSO link.

公开(公告)号：US12182855B2

公开(公告)日：2024-12-31

申请号：US17676950

申请日：2022-02-22

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic ,  Sanjeev Katariya

IPC: G06Q30/0601

Abstract: Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the inventory data based on attributes of the second server, and cause display of a presentation of the modified inventory data at a client device.

公开(公告)号：US12160421B2

公开(公告)日：2024-12-03

申请号：US18418524

申请日：2024-01-22

Applicant: eBay Inc.

Inventor： Gail Anna Rahn Frederick ,  Tatjana Vlahovic

IPC: H04L9/40 ,  G06Q20/40

Abstract: Technologies are shown for network attribution tracking for a multi-legged transaction. In accordance with some aspects, a request is received at a second service from a client device via a first redirect including a first token associated with a first service. The second service sends, to a token service, a token request including the first token, wherein the token request causes the token service to associate a second token with the first token. The second service receives, from the token service, a token response including the second token. The second service provides, to the client device, a second redirect to a third service, the second redirect including the second token. In some aspects, a transaction is attributed to at least the first service and the second service based on the association of the second token with the first token.