Abstract: Systems and methods are provided for accessing records using derivative locators. An open financial transaction may be initiated by a consumer at a merchant. The merchant may provide information relating to the transaction, which may include information about the consumer's device, to a repository. The merchant may provide transaction information to the acquiring bank, which may provide transaction to the global financial network, which may provide transaction information to an issuing bank. One or more requesting party (e.g., one or more of the acquiring bank, global financial network, or issuing bank) may formulate a derivative locator based on the transaction information received. The derivative locator may function as an index through which records in the repository may be accessed by the requesting party. A time comparison may be made in assisting with accessing the correct record in the repository.

Abstract: A system, method and device for detecting keystroke entries in a field entered by keyboard in connection with an online transaction that may be fraudulent or erroneous. A score can be assigned to a keystroke based upon its distance from another keystroke. The scores of keystrokes in a string can be summed to obtain a string score. The string score can be normalized by dividing the string score by the number of keystrokes summed to obtain the normalized string score. A risk of fraud or error can be determined based upon the value of the normalized string score in comparison to a predetermined value.

Abstract: Systems and methods for authentication with resistance to replay attacks are provided. A device may be used to capture image data of a physical token to authenticate or identify a user. Authentication information may be obtained by processing and analyzing the captured image data. Data about a state of the imaging device and the captured image data may be used for fraud detection. The data may be collected when the image data is processed and analyzed. The state of the imaging device and captured image data are unlikely to be repeated. The detected repetition of a state of the imaging device and captured image data may be a cause for increasing the likelihood that a replay attack is taking place. The device may be used to perform a transaction.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: Provided is a network-enabled method for creating an online account using a network of devices. The method comprises: receiving by an authentication system, a request to create an online account with an online server; generating a visual graphical code by the authentication system, which is displayed on a display screen and comprises a validation identity; acquiring image data of the visual graphical code from a user device with aid of optical detection apparatus, by capturing an image of the visual graphical code displayed on the display screen; processing the image data to extract the validation identity; based on the validation identity identifying an online serve provider associated with the online server and user information categories associated with the online account; and based on identification information related to the user identifying the user, and the data to the online server for the online account with the online server.

Abstract: Systems and methods for authentication with resistance to replay attacks are provided. A device may be used to capture image data of a user to authenticate or identify the user. Authentication information may be obtained by processing and analyzing the captured image data. Data about a state of the imaging device and the captured image data may be used for fraud detection. The data may be collected when the image data is processed and analyzed. The state of the imaging device and captured image data are unlikely to be repeated. The detected repetition of a state of the imaging device and captured image data may be a cause for increasing the likelihood that a replay attack is taking place. The device may be used to perform a transaction.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: Provided herein are systems and methods for verifying online communications. A sender and/or a recipient of an online communication can be a registered user of a verification system. Upon request by the sender and/or the recipient in relation to a particular instance of an online communication, the verification system can (1) confirm that the sender and/or the recipient is a registered user of the verification system, (2) verify that the sender and/or the recipient has sent and/or received, respectively, the particular instance of the online communication, and (3) communicate the verification of the particular instance of online communication to the sender and/or the recipient.

Abstract: Systems and methods for authentication with resistance to replay attacks are provided. A device may be used to capture image data of a physical token to authenticate or identify a user. Authentication information may be obtained by processing and analyzing the captured image data. Data about a state of the imaging device and the captured image data may be used for fraud detection. The data may be collected when the image data is processed and analyzed. The state of the imaging device and captured image data are unlikely to be repeated. The detected repetition of a state of the imaging device and captured image data may be a cause for increasing the likelihood that a replay attack is taking place. The device may be used to perform a transaction.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by a delta of time parameter between a user device used and a reference time. Other parameters may be analyzed to identify a computer user and/or device and noteworthy transactions. The invention may be used for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, ratings-based communities and law enforcement. User may be permitted to register user devices in order to control access for performing transactions.

Abstract: Systems and methods are provided for persistent cross-application mobile device identification. A mobile device may have a plurality of sandboxes in memory containing applications. The mobile device may have a shared storage which may accessible by applications from different sandboxes. A storage location identifier may be used to access information in shared storage. A universal device identifier may be stored in the shared storage to identify the mobile device and may be accessible by multiple applications and updates to applications. The universal device identifier may be used to track the mobile device for advertising, fraud detection, reputation tracking, or other purposes.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: Provided herein are systems and methods for verifying online communications. A sender and/or a recipient of an online communication can be a registered user of a verification system. Upon request by the sender and/or the recipient in relation to a particular instance of an online communication, the verification system can (1) confirm that the sender and/or the recipient is a registered user of the verification system, (2) verify that the sender and/or the recipient has sent and/or received, respectively, the particular instance of the online communication, and (3) communicate the verification of the particular instance of online communication to the sender and/or the recipient.

Abstract: Provided herein are systems and methods for verifying emails. Upon request by a sender in relation to a sender's email, a verification system can generate a visual graphical code corresponding to an email identity of the sender's email, acquire image data of the visual graphical code from a recipient device with aid of optical detection apparatus, and process the image data to extract the email identity of the sender's email so that the recipient can verify whether the sender in fact sent the email.

Abstract: Systems and methods are provided for persistent cross-application mobile device identification. A mobile device may have a plurality of sandboxes in memory containing applications. The mobile device may have a shared storage which may accessible by applications from different sandboxes. A storage location identifier may be used to access information in shared storage. A universal device identifier may be stored in the shared storage to identify the mobile device and may be accessible by multiple applications and updates to applications. The universal device identifier may be used to track the mobile device for advertising, fraud detection, reputation tracking, or other purposes.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for transmitting or streaming unredacted image cells alone or in combination with redacted image cells for secured viewing on a user browser or computer.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by a delta of time parameter between a user device used and a reference time. Other parameters may be analyzed to identify a computer user and/or device and noteworthy transactions. The invention may be used for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, ratings-based communities and law enforcement. User may be permitted to register user devices in order to control access for performing transactions.

Abstract: Systems and methods for authenticating a user are provided. A method may comprise providing interactive media on a computing device associated with a user. The interactive media may comprise a plurality of images. The plurality of images may be presented on a graphical display of the computing device. The method may also comprise receiving input data from the computing device when the user selects a sequence of images from the plurality of images on the graphical display of the computing device. The selected sequence of images may correspond to a sequence of grammatical words. The method may further comprise analyzing the input data by comparing the sequence of grammatical words to a passcode, and authenticating the user when the sequence of grammatical words is equal to the passcode.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by tag-based computer information. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for transmitting or streaming unredacted image cells alone or in combination with redacted image cells for secured viewing on a user browser or computer.