Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.

Abstract: System, method, and device of detecting identity of a user and authenticating a user; as well as detecting a possible attacker or impostor, and differentiating among users of an electronic device or of a computerized service. A mobile or portable electronic device is utilized to capture a self-taken image of a user, which is utilized as a user-authentication factor. The accelerometer and gyroscope of the mobile device, sense and measure spatial device properties during, before or after the submission of the self-image authentication factor; and based on such spatial device properties, the system determines liveness of the user, freshness of the submitted self-image, and possibly differentiates between a legitimate user and an attacker.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user, or a cyber-attacker or automated script posing as the legitimate human user. The system further detects click-fraud, and prevents or mitigates Application Distributed Denial-of-Service attacks.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user; or a cyber-attacker posing as the legitimate human user. The system displays gauges indicating cyber fraud scores or cyber-attack threat-levels.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.

Abstract: Devices, systems, and methods of detecting whether an electronic device or computerized device or computer, is communicating with a computerized service or a trusted server directly and without an intermediary web-proxy, or indirectly by utilizing a proxy server or web-proxy. The system searches for particular characteristics or attributes, that characterize a proxy-based communication session or channel and that do not characterize a direct non-proxy-based communication session or channel; or conversely, the system searches for particular characteristics or attributes, that characterize a direct non-proxy-based communication session or channel and that do not characterize a proxy-based communication session or channel; and based on these characteristics, determines whether or not a proxy server exists and operates.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. Communication interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user device to such communication interferences. The system determines whether the user is a legitimate human user; or a cyber-attacker posing as a legitimate human user but actually utilizing a Virtual Machine.

Abstract: Device, system, and method of detecting identity of a user based on motor-control loop model. A method includes: during a first session of a user who utilizes a pointing device for interacting with a computerized service, monitoring the pointing device dynamics and gestures of the user; based on the monitored dynamics and gestures, estimating parameters that characterize a sensorimotor control loop model of the user; storing in a database a record indicating that the user is associated with the parameters that characterize the sensorimotor control loop model of the user.

Abstract: Systems and method are provided for forming an integrated communication network. The network includes a plurality of locally distributed integrated communications modules (ICMs) which are placed at predetermined positions. The ICMs monitor a plurality of roaming communication devices that communicate using both the cellular communication network and the internet. Further, the integrated communication network forms a private database on the roaming sender communication device to allow data communication with a specifically identified roaming communication device.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are introduced; and the server tracks the response or the reaction of the end-user to such interferences. The system determines whether the user is a legitimate user, or a cyber-attacker or automated script posing as the legitimate user. The system utilizes classification of users into classes or groups, to deduce or predict how a group-member would behave when accessing the service through a different type of device. The system identifies user-specific traits that are platform-independent and thus can be further monitored when the user switches from a first platform to a second platform.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device interacts and communicates with a server of a computerized service, or with a local application or Web-browser running on the end-user device. A usage interference is injected or introduced, or an input/output mismatch or abnormality is created, causing an output displayed on the screen of the end-user device, to be non-matching to the expected or intended output that is typically displayed in response to regular non-interfered user gestures or regular non-interfered user input. The reaction or corrective manual actions of the user are tracked and analyzed, to differentiate among users, or to differentiate between an authorized human user and a human cyber-attacker, or to differentiate between an authorized human user and a computer bot or an automated computerized script.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of user interactions from which the system extracts one or more user-specific features. The extracted user-specific features are used as part of the user authentication process, and are further used to differentiate among users.

Abstract: A method for confirming identity of a user of a mobile electronic device, the method including: receiving touch data from a touch-screen of the mobile electronic device; receiving acceleration data from an accelerometer of the mobile electronic device; correlating between the touch data and the acceleration data; based on the correlating, generating a user-specific trait indicative of said user. The method further includes storing a reference value of the user-specific trait, indicative of said user; in a subsequent usage session of the mobile electronic device, generating a current value of the user-specific trait correlating between touch data and acceleration data; and based on a comparison between the current value of the user-specific trait and the reference value of the user-specific trait, determining whether or not a current user of the mobile electronic device is an authorized user of the mobile electronic device.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, detecting a cyber-attacker, and detecting click-fraud. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user, or a cyber-attacker or automated script posing as the legitimate human user. The system further detects click-fraud, and prevents or mitigates Application Distributed Denial-of-Service attacks.

Abstract: Devices, systems, and methods of user authentication. A system includes a spatial challenge unit to distinguish between a human user and a non-human user. The spatial challenge unit requires the user to perform one or more spatial operations that modify the spatial properties of an electronic device operated by the user. Correct performance of the required spatial operations, indicates that the user is human. The system also includes a spatial password unit, which tracks a manner in which a human user handles the electronic device while the user enters a password; and then utilizes this user-specific manner for user authentication, by checking whether a manner in which the user enters his password matches a reference manner of password entry or a historical manner of password entry. The system also utilizes sequence of spatial operations or spatial gestures, as a pure spatial password or purely-spatial user-authentication factor.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, detecting a cyber-attacker, and detecting click-fraud. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user, or a cyber-attacker or automated script posing as the legitimate human user. The system further detects click-fraud, and prevents or mitigates Application Distributed Denial-of-Service attacks.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. Communication interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user device to such communication interferences. The system determines whether the user is a legitimate human user; or a cyber-attacker posing as a legitimate human user but actually utilizing a Virtual Machine.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.