What technology area does this patent fall under?

Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Identifying accounts having shared credentials

US10469497B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10469497-B2
Application number	US-201615166194-A
Country	US
Kind code	B2
Filing date	May 26, 2016
Priority date	May 26, 2016
Publication date	Nov 5, 2019
Grant date	Nov 5, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Disclosed are systems, methods, and non-transitory computer-readable storage media for identifying accounts having shared credentials. In some implementations, a content management system can collect user login context data when a user logs in to or accesses a user account of the content management system. For example, the content management system can collect client device data, client application data, internet protocol (IP) address data, and/or other data from the user's device when the user logs in to the user account. The content management system can analyze the login context data to determine patterns that indicate that the user account login credentials are being shared among multiple users.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: obtaining, by a content management system, login context data from a user device, the login context data corresponding to a successful log in to a user account managed by the content management system; creating, by the content management system, a fingerprint for the user device based on characteristics of the user device, the characteristics comprising at least one of device language settings, display settings, accessories connected to the user device, web browser plugins, processor specifications, volatile memory size, non-volatile memory size, and subcomponent identifiers; storing, by the content management system, the login context data and the fingerprint as records in association with an account identifier corresponding to the user account in a historical login context data repository, the historical login context data repository including a plurality of login context data records, each login context data record corresponding to a login attempt associated with a user account; in response to the successful log in to the user account, determining, by the content management system, that the user account is being shared among multiple users by: generating, by the content management system, a first value using a first login metric by analyzing a plurality of login context data records for the user account and the fingerprint of the user device associated with the user account that are stored in the historical login context data repository, the login metric associated with at least one of a browser types metric, a native clients metric, a login session metric, an anonymous proxy metric, or a number of devices metric; comparing, by the content management system, the first value to a first threshold value corresponding to the first login metric; and determining, by the content management system, the user account is being shared among multiple users when the first value exceeds the first threshold value; and blocking, by the content management system, access to the user account. 2. The method of claim 1 , wherein the first metric is a login frequency metric and the first threshold value is a threshold login frequency, and wherein generating the first value using a login frequency metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of times a user logged in to the user account over a specified threshold time period. 3. The method of claim 1 , wherein the first metric is a browser types metric and the first threshold value is a threshold number of browser types, and wherein generating the first value using a browser types metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of different browser types used by a user to log in to the user account over a specified threshold period of time. 4. The method of claim 1 , wherein the first metric is a native clients metric and the first threshold value is a threshold number of different client types, and wherein generating the first value using a native clients metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of different clients used by a user to log in to the user account over a specified threshold period of time. 5. The method of claim 1 , wherein the first metric is a login sessions metric and the first threshold value is a threshold number of sessions, and wherein generating the first value using a login sessions metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of different sessions used by a user to log in to the user account over a specified threshold period of time. 6. The method of claim 1 , wherein the first metric is an anonymous proxy metric and the first threshold value is a threshold number of anonymous logins, and wherein generating the first value using an anonymous proxy metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of times a log in to the user account originated from an IP address associated with an anonymous proxy server over a specified threshold period of time. 7. The method of claim 1 , wherein the first metric is a number of devices metric and the first threshold value is a threshold number of client devices, and wherein generating the first value using a number of devices metric comprises: analyzing, by the content management system, the plurality of login context data records for the user account to determine a number of different client devices used to log in to the user account over a threshold period of time, where the number of different client devices is determined based on a fingerprint generated for each client device used to log in to the user account. 8. A method comprising: obtaining, by a content management system, login context data from a user device, the login context data corresponding to an attempt to log in to a user account managed by the content management system; creating, by the content management system, a fingerprint for the user device based on characteristics of the user device, the characteristics comprising at least one of device language settings, display settings, accessories connected to the user device, web browser plugins, processor specifications, volatile memory size, non-volatile memory size, and subcomponent identifiers; storing, by the content management system, the login context data and the fingerprint in association with an account identifier corresponding to the user account in a historical login context data repository, the historical login context data repository including historical login context data corresponding to a plurality of login attempts associated with the user account; in response to the successful log in to the user account: generating, by the content management system, a first value using a first login metric based on the historical login context data for the user account and the fingerprint of the user device associated with the user account that are stored in the historical login context data repository, the login metric associated with at least one of a browser types metric, a native clients metric, a login session metric, an anonymous proxy metric, or a number of devices metric; comparing, by the content management system, the first value to a first threshold value corresponding to the first login metric; and in response to determining, by the content management system, based on the comparison that the first value exceeds the first threshold value indicating that the user account is being shared among multiple users, initiating, by the content management system, remedial action for the user account. 9. The method of claim 8 , further comprising: in response to determining, by the content management system, that the first value does not exceed the first threshold value, generating, by the online content management system, a second value using a second login metric based on the historical login context data for the user account stored in the historical login context data repository; comparing, by the content management system, the second value to a second threshold value corresponding to the second login metric; determining, by the content management system, whether the user account is being shared among multiple users based on the comparison of the second value to the second threshold value; and initiating, by the content management system, remedial action fo

Assignees

Dropbox Inc

Inventors

Classifications

H04L63/0876
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
H04L63/083
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
H04L63/0884Primary
by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity · CPC title

Patent family

Related publications grouped by family.

View patent family 60419015

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10469497B2 cover?: Disclosed are systems, methods, and non-transitory computer-readable storage media for identifying accounts having shared credentials. In some implementations, a content management system can collect user login context data when a user logs in to or accesses a user account of the content management system. For example, the content management system can collect client device data, client applica…
Who is the assignee on this patent?: Dropbox Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).