Abstract: The invention provides systems and methods of locating a network device based on the time latency between a request by a user device and the receipt of the request by a plurality of satellite servers provided at different locations. Preferably three or more satellites may be employed. The request may be for an item, which may have a known file size, and which may or may not exist. Triangulation techniques may be utilized to determine the location of the device relative to the satellite servers.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for redacting information to be secured in a high throughput automated process.

Abstract: Systems and methods are provided for persistent cross-application mobile device identification. A mobile device may have a plurality of sandboxes in memory containing applications. The mobile device may have a shared storage which may accessible by applications from different sandboxes. A storage location identifier may be used to access information in shared storage. A universal device identifier may be stored in the shared storage to identify the mobile device and may be accessible by multiple applications and updates to applications. The universal device identifier may be used to track the mobile device for advertising, fraud detection, reputation tracking, or other purposes.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: The invention provides systems and methods for risk assessment using a variable risk engine. A method for risk assessment may comprise setting an amount of real-time risk analysis for an online transaction, performing the amount of real-time risk analysis based on the set amount, and performing an amount of time-delayed risk analysis. In some embodiments, the amount of real-time risk analysis may depend on a predetermined period of time for completion of the real-time risk analysis. In other embodiments, the amount of real-time risk analysis may depend on selected tests to be completed during the real-time risk analysis.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: The invention provides systems and methods of locating a network device based on the time latency between a request by a user device and the receipt of the request by a plurality of satellite servers provided at different locations. Preferably three or more satellites may be employed. The request may be for an item, which may have a known file size, and which may or may not exist. Triangulation techniques may be utilized to determine the location of the device relative to the satellite servers.

Abstract: Systems and methods for security management based on cursor events. Click coordinates on a webpage of user's activity are logged in order to detect multiple or repeated transactions that bare the same exact coordinates. Such multiple or repeated activity may be helpful in detecting scripted attacks or bot net activity in a variety of environments and transactions. Further, the invention may also capture the coordinates of the location of submit buttons, and similar buttons, on a webpage to analyze whether a click action or other pointer action occurred within the button's parameters.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: The invention provides one or more consortia of networks that identify and share information about users and/or user devices interacting with the consortia. User devices may be identified, at least in part, by a delta of time parameter between a user device used and a reference time. Other parameters may be analyzed to identify a computer user and/or device and noteworthy transactions. The invention may be used for identity-based applications such as network security, the detection of fraudulent transactions, identity theft, ratings-based communities and law enforcement.

Abstract: Systems and methods for creating and analyzing computer tag information for the prevention or detection of potential fraud. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: A method of detecting fraudulent or erroneous data from a transaction data set is provided. A first transaction record having a plurality of key values is selected from a transaction record database. One of the key values is selected from the selected transaction record. The transaction record database is then queried for transaction records having the selected key value. A second database is compiled of transaction records that contain the selected key value. At least one other key value is then selected from the originally selected transaction record, and the transaction record database is again queried for transaction records also having the second key value. The results of the fist, second and any subsequent queries are added to a second or a suspect transaction database. Then, using the uncovered records, the transaction database is queried for the use of key values common to the uncovered set of transactions to see if additional records are suspect.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for transmitting or streaming unredacted image cells alone or in combination with redacted image cells for secured viewing on a user browser or computer.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: The invention provides methods and apparatus for detecting when an online session is compromised. A plurality of device fingerprints may be collected from a user computer that is associated with a designated Session ID. A server may include pages that are delivered to a user for viewing in a browser at which time device fingerprints and Session ID information are collected. By collecting device fingerprints and session information at several locations among the pages delivered by the server throughout an online session, and not only one time or at log-in, a comparison between the fingerprints in association with a Session ID can identify the likelihood of session tampering and man-in-the middle attacks.

Abstract: The invention provides methods and apparatus for securing personalized or sensitive information appearing in digital images. Digital images containing information to be secured is processed and divided into a plurality of image cells. At least one image cell from the plurality of image cells is selected and redacted or altered to render the information to be secured with the selected image cells indecipherable. The invention also provides methods and apparatus for redacting information to be secured in a high throughput automated process.

Abstract: A method and system for detecting and preventing Internet fraud in online transactions by utilizing and analyzing a number of parameters to uniquely identify a computer user and potential fraudulent transaction through predictive modeling. The method and system uses a delta of time between the clock of the computer used by the actual fraudulent use and the potentially fraudulent user and the clock of the server computer in conjunction with personal information and/or non-personal information, preferably the Browser ID.

Abstract: A system, method and device for detecting keystroke entries in a field entered by keyboard in connection with an online transaction that may be fraudulent or erroneous. A score can be assigned to a keystroke based upon its distance from another keystroke. The scores of keystrokes in a string can be summed to obtain a string score. The string score can be normalized by dividing the string score by the number of keystrokes summed to obtain the normalized string score. A risk of fraud or error can be determined based upon the value of the normalized string score in comparison to a predetermined value.