Abstract: The disclosed techniques provide systems and methods for detecting malicious or otherwise abusive access of private end-user data in social networking systems. More specifically, various malicious action detection procedures are described for identifying a target user account that is examined via a private data access, generating a relationship scorecard including various social factors that together indicate a measure of social connectedness between a source user that initiates the private data access and the target user whose account is examined via the private data access, and making a determination as to whether the private data access is potentially abusive based on the social connectedness.

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: An online system determines whether a request for creating a session with the online system is suspicious. The online system associates a user account with a mobile key of a mobile device and geographical locations of the mobile device. The mobile key comprises unique identifier of the mobile device that is permanently stored on the mobile device. Upon receiving a request to create a session for the user account, the online system compares information associated with the user request with information describing the mobile device. For example, information associated with the user request can be a location determined by mapping internet protocol addresses obtained from the request. The online system determines whether the request is suspicious based on the comparison. If the online system determines that the request is suspicious, the online system may require enhanced authentication before granting the request.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.

Abstract: An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: A social networking system obtains parental authorization from a parent for a child to access a computing resource, where the parent and the child are users of the social networking system. The child user may request the authorization by identifying a purported parent user. The social networking system attempts to verify the validity of the purported parent user's account, the age of the user associated with the purported parent's account, and/or the existence of a parent-child relationship between users of the accounts associated with the purported parent and the child. The social networking system makes these determinations, at least in part, using social and transactional information associated with the purported parent user's account and the child user's account in the social networking system. Upon verification of these items, the social networking system may allow the purported parent to provide authorization responsive to the child's request to access the computing resource.

Abstract: An online system determines whether a request for creating a session with the online system is suspicious. The online system associates a user account with a mobile key of a mobile device and geographical locations of the mobile device. The mobile key comprises unique identifier of the mobile device that is permanently stored on the mobile device. Upon receiving a request to create a session for the user account, the online system compares information associated with the user request with information describing the mobile device. For example, information associated with the user request can be a location determined by mapping internet protocol addresses obtained from the request. The online system determines whether the request is suspicious based on the comparison. If the online system determines that the request is suspicious, the online system may require enhanced authentication before granting the request.

Abstract: An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed.

Abstract: An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed.

Abstract: A social networking system obtains parental authorization from a parent for a child to access a computing resource, where the parent and the child are users of the social networking system. The child user may request the authorization by identifying a purported parent user. The social networking system attempts to verify the validity of the purported parent user's account, the age of the user associated with the purported parent's account, and/or the existence of a parent-child relationship between users of the accounts associated with the purported parent and the child. The social networking system makes these determinations, at least in part, using social and transactional information associated with the purported parent user's account and the child user's account in the social networking system. Upon verification of these items, the social networking system may allow the purported parent to provide authorization responsive to the child's request to access the computing resource.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.