Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: Systems and methods for detecting replay attacks are provided. One or more sensors may be used to collect data about a state of a device. The device may be used to perform a transaction. The device may be used to authenticate or identify a user. The state of the device may pertain to a characteristic of the device position, movement, component, or may pertain to one or more environmental conditions around the device. The state of the device may be expected to change over time, and certain states are unlikely to be repeated. The detected repetition of a state of the device may be a cause for increasing the likelihood that a replay attack is taking place.

Abstract: A system for facilitating distribution of authentication information for a network of devices to be authenticated is provided.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by tag-based computer information. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity.

Abstract: Systems and methods for detecting replay attacks may use one or more sensors to collect data about a state of a device. The device may be used to perform a transaction. The device may be used to authenticate or identify a user. The state of the device may pertain to a characteristic of the device position, movement, component, or may pertain to one or more environmental conditions around the device. The state of the device may be expected to change over time, and certain states are unlikely to be repeated. The detected repetition of a state of the device may be a cause for increasing the likelihood that a replay attack is taking place.

Abstract: Provided is a network-enabled method for creating an online account using a network of devices. The method comprises: receiving by an authentication system, a request to create an online account with an online server; generating a visual graphical code by the authentication system, which is displayed on a display screen and comprises a validation identity; acquiring image data of the visual graphical code from a user device with aid of optical detection apparatus, by capturing an image of the visual graphical code displayed on the display screen; processing the image data to extract the validation identity; based on the validation identity identifying an online serve provider associated with the online server and user information categories associated with the online account; and based on identification information related to the user identifying the user, and the data to the online server for the online account with the online server.

Abstract: A system for facilitating distribution of authentication information for a network of devices to be authenticated is provided.

Abstract: A system, method and device for detecting keystroke entries in a field entered by keyboard in connection with an online transaction that may be fraudulent or erroneous. A score can be assigned to a keystroke based upon its distance from another keystroke. The scores of keystrokes in a string can be summed to obtain a string score. The string score can be normalized by dividing the string score by the number of keystrokes summed to obtain the normalized string score. A risk of fraud or error can be determined based upon the value of the normalized string score in comparison to a predetermined value.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: Systems and methods are provided for accessing records using derivative locators. An open financial transaction may be initiated by a consumer at a merchant. The merchant may provide information relating to the transaction, which may include information about the consumer's device, to a repository. The merchant may provide transaction information to the acquiring bank, which may provide transaction to the global financial network, which may provide transaction information to an issuing bank. One or more requesting party (e.g., one or more of the acquiring bank, global financial network, or issuing bank) may formulate a derivative locator based on the transaction information received. The derivative locator may function as an index through which records in the repository may be accessed by the requesting party. A time comparison may be made in assisting with accessing the correct record in the repository.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by a delta of time parameter between a user device used and a reference time. Other parameters may be analyzed to identify a computer user and/or device and noteworthy transactions. The invention may be used for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, ratings-based communities and law enforcement. User may be permitted to register user devices in order to control access for performing transactions.

Abstract: Systems and methods are provided for persistent cross-application mobile device identification. A mobile device may have a plurality of sandboxes in memory containing applications. The mobile device may have a shared storage which may accessible by applications from different sandboxes. A storage location identifier may be used to access information in shared storage. A universal device identifier may be stored in the shared storage to identify the mobile device and may be accessible by multiple applications and updates to applications. The universal device identifier may be used to track the mobile device for advertising, fraud detection, reputation tracking, or other purposes.

Abstract: A system, method and device for detecting keystroke entries in a field entered by keyboard in connection with an online transaction that may be fraudulent or erroneous. A score can be assigned to a keystroke based upon its distance from another keystroke. The scores of keystrokes in a string can be summed to obtain a string score. The string score can be normalized by dividing the string score by the number of keystrokes summed to obtain the normalized string score. A risk of fraud or error can be determined based upon the value of the normalized string score in comparison to a predetermined value.

Abstract: Systems and methods are provided for accessing records using derivative locators. An open financial transaction may be initiated by a consumer at a merchant. The merchant may provide information relating to the transaction, which may include information about the consumer's device, to a repository. The merchant may provide transaction information to the acquiring bank, which may provide transaction to the global financial network, which may provide transaction information to an issuing bank. One or more requesting party (e.g., one or more of the acquiring bank, global financial network, or issuing bank) may formulate a derivative locator based on the transaction information received. The derivative locator may function as an index through which records in the repository may be accessed by the requesting party. A time comparison may be made in assisting with accessing the correct record in the repository.

Abstract: A system for facilitating distribution of authentication information for a network of devices to be authenticated is provided.

Abstract: A method for authenticating a user is provided. The authentication method may be a multi-factor authentication method based on a token device. A tactile stylus token device may be provided. One or more tactile styluses of the token device may be moved to create contact with a touch screen of a user device during authentication. The one or more tactile styluses may be driven to generate a sequence of touching events according to a passcode. The detected touching events may be compared with the original passcode to verify an identity of the user.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by a delta of time parameter between a user device used and a reference time. Other parameters may be analyzed to identify a computer user and/or device and noteworthy transactions. The invention may be used for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, ratings-based communities and law enforcement. User may be permitted to register user devices in order to control access for performing transactions.

Abstract: Systems and methods are provided for persistent cross-application mobile device identification. A mobile device may have a plurality of sandboxes in memory containing applications. The mobile device may have a shared storage which may accessible by applications from different sandboxes. A storage location identifier may be used to access information in shared storage. A universal device identifier may be stored in the shared storage to identify the mobile device and may be accessible by multiple applications and updates to applications. The universal device identifier may be used to track the mobile device for advertising, fraud detection, reputation tracking, or other purposes.

Abstract: Systems and methods for authentication with resistance to replay attacks are provided. A device may be used to capture image data of a physical token to authenticate or identify a user. Authentication information may be obtained by processing and analyzing the captured image data. Data about a state of the imaging device and the captured image data may be used for fraud detection. The data may be collected when the image data is processed and analyzed. The state of the imaging device and captured image data are unlikely to be repeated. The detected repetition of a state of the imaging device and captured image data may be a cause for increasing the likelihood that a replay attack is taking place. The device may be used to perform a transaction.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.