Abstract: Methods, systems, and computer program products for performing passive and active identity verification in association with online communications. For example, a computer-implemented method may include receiving one or more electronic messages associated with a user account, analyzing the electronic messages based on a plurality of identity verification profiles associated with the user account, generating an identity trust score associated with the electronic messages based on the analyzing, determining whether to issue a security challenge in response to the electronic messages based on the generated identity trust score, and issuing the security challenge in response to the electronic messages based on the determining.

Abstract: Methods and systems are presented for providing enriched technical security data to a risk engine of an online service provider, and for adjusting security settings based on the enriched data. The enriched security data may be generated by recursively deriving additional security information from an initial security data input. The initial security data input may be associated with a risk source, such as a person or a device that submits an electronic request to the online service provider. Based on the initial security data input, the risk engine may recursively derive additional security information that enriches the initial security data input. The risk engine may then use the derived security information as well as the initial security data input to assess a risk level of the risk source, and then adjust a security setting of the online service provider based on the assessed risk level of the risk source.

Abstract: Methods, systems, and computer program products for performing passive and active identity verification in association with online communications. For example, a computer-implemented method may include receiving one or more electronic messages associated with a user account, analyzing the electronic messages based on a plurality of identity verification profiles associated with the user account, generating an identity trust score associated with the electronic messages based on the analyzing, determining whether to issue a security challenge in response to the electronic messages based on the generated identity trust score, and issuing the security challenge in response to the electronic messages based on the determining.

Abstract: A computer system detects an action corresponding to a resource page being rendered within a web view of an application. In response to the detecting the action corresponding to a resource page being rendered within the web view of the application, the computer system identifies information associated with the resource page and determines if one or more risk indications correspond to the identified information. In response to determining that one or more risk indications correspond to the identified information, the computer system implements one or more security measures.

Abstract: A computer system determines that authentication information has been requested from a user device by a requesting device. In response to determining that authentication information has been requested by the requesting device, the computer system identifies information corresponding to the requesting device and determines if one or more risk indications correspond to the identified information corresponding to the requesting device. In response to determining that one or more risk indications correspond to the identified information corresponding to the requesting device, the computer system implements one or more security measures.

Abstract: Methods and systems for implementing keyboard linked authentication challenges are described. A visual representation of a first string of characters is provided for display on a client computing device. In response to the providing the visual representation for display, several keystrokes on the client computing device that produces a second string of characters are received. A determination that the second string of characters matches the first string of characters is made. A determination that no unauthorized keystrokes are included in the detected plurality of keystrokes is further made. Access is provided to the client computing device upon determining that the second string of characters matches the first string of characters, and determining that no unauthorized keystrokes are included in the detected plurality of keystrokes.

Abstract: Methods, systems, and computer program products for performing passive and active identity verification in association with online communications. For example, a computer-implemented method may include receiving one or more electronic messages associated with a user account, analyzing the electronic messages based on a plurality of identity verification profiles associated with the user account, generating an identity trust score associated with the electronic messages based on the analyzing, determining whether to issue a security challenge in response to the electronic messages based on the generated identity trust score, and issuing the security challenge in response to the electronic messages based on the determining.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods and systems are presented for providing enriched technical security data to a risk engine of an online service provider, and for adjusting security settings based on the enriched data. The enriched security data may be generated by recursively deriving additional security information from an initial security data input. The initial security data input may be associated with a risk source, such as a person or a device that submits an electronic request to the online service provider. Based on the initial security data input, the risk engine may recursively derive additional security information that enriches the initial security data input. The risk engine may then use the derived security information as well as the initial security data input to assess a risk level of the risk source, and then adjust a security setting of the online service provider based on the assessed risk level of the risk source.

Abstract: Methods and systems for implementing keyboard linked authentication challenges are described. A visual representation of a first string of characters is provided for display on a client computing device. In response to the providing the visual representation for display, several keystrokes on the client computing device that produces a second string of characters are received. A determination that the second string of characters matches the first string of characters is made. A determination that no unauthorized keystrokes are included in the detected plurality of keystrokes is further made. Access is provided to the client computing device upon determining that the second string of characters matches the first string of characters, and determining that no unauthorized keystrokes are included in the detected plurality of keystrokes.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: A computer system determines that authentication information has been requested from a user device by a requesting device. In response to determining that authentication information has been requested by the requesting device, the computer system identifies information corresponding to the requesting device and determines if one or more risk indications correspond to the identified information corresponding to the requesting device. In response to determining that one or more risk indications correspond to the identified information corresponding to the requesting device, the computer system implements one or more security measures.

Abstract: A computer system detects an action corresponding to a resource page being rendered within a web view of an application. In response to the detecting the action corresponding to a resource page being rendered within the web view of the application, the computer system identifies information associated with the resource page and determines if one or more risk indications correspond to the identified information. In response to determining that one or more risk indications correspond to the identified information, the computer system implements one or more security measures.

Abstract: Methods, systems, and computer program products for performing passive and active identity verification in association with online communications. For example, a computer-implemented method may include receiving one or more electronic messages associated with a user account, analyzing the electronic messages based on a plurality of identity verification profiles associated with the user account, generating an identity trust score associated with the electronic messages based on the analyzing, determining whether to issue a security challenge in response to the electronic messages based on the generated identity trust score, and issuing the security challenge in response to the electronic messages based on the determining.

Abstract: Methods, systems, and computer program products for eliminating abuse caused by password reuse in different computer systems are disclosed. For example, a computer-implemented method may include receiving a security request comprising an anonymized version of authentication data from a first computer system of a first organization, analyzing the security request to determine a second computer system of a second organization to contact for detecting reuse of the authentication data, generating a second security request comprising the anonymized authentication data for the second computer system, sending the second security request to the second computer system of the second organization, analyzing a response to the second security request from the second computer system to determine whether the anonymized authentication data associated was detected, and providing a response to the first security request indicating whether the second computer system detected reuse of the authentication data.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods, systems, and computer program products for eliminating abuse caused by password reuse in different computer systems are disclosed. For example, a computer-implemented method may include receiving a security request comprising an anonymized version of authentication data from a first computer system of a first organization, analyzing the security request to determine a second computer system of a second organization to contact for detecting reuse of the authentication data, generating a second security request comprising the anonymized authentication data for the second computer system, sending the second security request to the second computer system of the second organization, analyzing a response to the second security request from the second computer system to determine whether the anonymized authentication data associated was detected, and providing a response to the first security request indicating whether the second computer system detected reuse of the authentication data.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods, systems, and computer program products for accurately classifying a computer program interacting with a computer system using questioning and fingerprinting are provided. A computer-implemented method may include issuing a challenge to an application interacting with a computer system to determine whether activity performed by the application is scripted, analyzing data associated with a result of the challenge to determine whether the result is at least partially correct, and computing a reputation score for the application based on the result of the challenge. A computer-implemented method also may include comparing the reputation score for the application to a threshold for identifying non-scripted activity, and determining that the activity performed by the application is scripted when the reputation score for the application does not meet the threshold for identifying non-scripted activity.