Method and system for authenticating user content
US-2024394347-A1 · Nov 28, 2024 · US
Method, device, and system of differentiating among users based on platform configurations
US9536071B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9536071-B2 |
| Application number | US-201514675767-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 1, 2015 |
| Priority date | Nov 29, 2010 |
| Publication date | Jan 3, 2017 |
| Grant date | Jan 3, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are introduced; and the server tracks the response or the reaction of the end-user to such interferences. The system determines whether the user is a legitimate user, or a cyber-attacker or automated script posing as the legitimate user. The system utilizes classification of users into classes or groups, to deduce or predict how a group-member would behave when accessing the service through a different type of device. The system identifies user-specific traits that are platform-independent and thus can be further monitored when the user switches from a first platform to a second platform.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: (A) in a first usage session of a user that utilizes an electronic device to interact with a computerized service: (A1) monitoring user interactions with an input unit of said electronic device; (A2) extracting from said user interactions, a first user-specific characteristic; determining that said first user-specific characteristic is a cross-platform user-specific characteristic that is expected to characterize said user if said user switches to utilizing a subsequent, different, electronic device to access said computerized service; and assigning a first weight value to the first user-specific characteristic; (A3) extracting from said user interactions, a second user-specific characteristic; determining that said first user-specific characteristic is not a cross-platform user-specific characteristic that is expected to characterize said user if said user switches to utilizing a subsequent, different, electronic device to access said computerized service; and assigning a second, smaller, weight value to the second user-specific characteristic; (B) in a second, subsequent, usage session of said user that utilizes said subsequent electronic device to interact with computerized service: (B1) monitoring user interactions with an input unit of said subsequent electronic device; (B2) differentiating between: (i) said user, and (ii) other users of said computerized service, by analyzing said user interactions with the input unit of the subsequent electronic device through a weighted formula that takes into account, at least, said first weight value for the first user-specific characteristic and said second weight value for the second user-specific characteristic. 2. The method of claim 1 , wherein the checking comprises: if it is determined that said user is utilizing in said subsequent session, a computing device that belongs to said first type of computing device, then: determining whether user interactions of said user during the subsequent usage session of said user, match the first cross-platform user-specific trait. 3. The method of claim 1 , wherein the checking comprises: if it is determined that said user is utilizing in said subsequent session, a computing device that belongs to said first type of computing device, then: comparing user interactions of said user during said subsequent usage session, against a group of user-specific traits that includes the first cross-platform user-specific trait and that excludes the second cross-platform user-specific trait. 4. The method of claim 1 , wherein the method comprises: identifying the first cross-platform user-specific trait as a first trait which characterizes usage sessions in which said user interacted with the computerized service via any portable computing device selected from the group consisting of smartphone and tablet; identifying the second cross-platform user-specific trait as a second trait which characterizes usage sessions in which said user interacted with the computerized service via any non-portable computing device; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second traits, based on a determination of whether said user utilizes either a portable or a non-portable computing device to access the computerized service during the subsequent usage session. 5. The method of claim 1 , wherein the method comprises: identifying the first cross-platform user-specific trait as a first trait which characterizes usage sessions in which said user interacted with the computerized service via any non-portable computing device selected from the group consisting of laptop computer and desktop computer; identifying the second cross-platform user-specific trait as a second trait which characterizes usage sessions in which said user interacted with the computerized service via any portable computing device; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second traits, based on a determination of whether said user utilizes either a portable or a non-portable computing device to access the computerized service during the subsequent usage session. 6. The method of claim 1 , wherein the method comprises: identifying the first cross-platform user-specific trait as a first trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device having a touch-screen; identifying the second cross-platform user-specific trait as a second trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device having a non-touch screen; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second traits, based on a determination of whether said user utilizes either a touch-screen computing device or a non-touch-screen computing device to access the computerized service during the subsequent usage session. 7. The method of claim 1 , wherein the method comprises: identifying the first cross-platform user-specific trait as a first trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device through any Web browser; identifying the second cross-platform user-specific trait as a second trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device through a non-browser native application of said computerized service; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second traits, based on a determination of whether said user utilizes either a Web browser or a native application to access the computerized service during the subsequent usage session. 8. The method of claim 1 , comprising: identifying a first cross-platform user-specific trait that characterizes usage sessions in which said user interacted with the computerized service via a first type of software application; identifying a second cross-platform user-specific trait that characterizes usage sessions in which said user interacted with the computerized service via a second type of software application; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second cross-platform user-specific traits, based on a type of software application that is actually utilized by said user in said subsequent usage to access the computerized service. 9. The method of claim 1 , wherein the method comprises: identifying the first cross-platform user-specific trait as a first trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device through any Web browser; identifying the second cross-platform user-specific trait as a second trait which characterizes usage sessions in which said user interacted with the computerized service via any computing device through a non-browser native application of said computerized service; in a subsequent usage session that is assumed to belong to said user, checking whether user interactions during said subsequent usage session match only one of said first or second traits, based on a determination of whether said user utilizes either a Web b
Assignees
Inventors
Classifications
Digitisers, e.g. for touch screens or touch pads, characterised by the transducing means · CPC title
Detection or countermeasures against botnets · CPC title
using biometric data, e.g. fingerprints, iris scans or voiceprints · CPC title
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
involving event detection and direct action · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9536071B2 cover?
- Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregulari…
- Who is the assignee on this patent?
- Biocatch Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/316. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 03 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).