Abstract: The disclosed embodiments provide a system that manages access to a computer-based resource. During operation, the system obtains a request for the computer-based resource, wherein the request identifies a user seeking access to the computer-based resource. Next, the system obtains a set of security levels for a set of identity-proofing techniques, wherein the set of security levels is based on a first set of success rates of the identity-proofing techniques in preventing fraudulent access to computer-based resources. The system then calculates an identity assurance level for the user based on the set of security levels and a second set of success rates of the user in completing one or more of the identity-proofing techniques. Upon determining that the identity assurance level of the user meets a minimum identity assurance level for accessing the computer-based resource, the system enables access to the computer-based resource in a response to the request.

Abstract: The disclosed embodiments provide a system that manages access to a computer-based resource. During operation, the system obtains a request for the computer-based resource, wherein the request identifies a user seeking access to the computer-based resource. Next, the system obtains a set of security levels for a set of identity-proofing techniques, wherein the set of security levels is based on a first set of success rates of the identity-proofing techniques in preventing fraudulent access to computer-based resources. The system then calculates an identity assurance level for the user based on the set of security levels and a second set of success rates of the user in completing one or more of the identity-proofing techniques. Upon determining that the identity assurance level of the user meets a minimum identity assurance level for accessing the computer-based resource, the system enables access to the computer-based resource in a response to the request.

Abstract: A re-stacking data visualization display is generated that includes individual graphic representations of instances (virtual computing systems) used to provide a software application in a cloud computing environment. The re-stacking data visualization display shows a launch date for each instance, a termination date for the instance, an indication of the instance creation template used to generate that instance, and the base instance creation template release dates for each of the base instance creation templates. Consequently, the re-stacking policy associated with a software application offering can be readily determined by a simple examination of the re-stacking data visualization display. As a result, any potential security issues and vulnerabilities can be readily identified and addressed.

Abstract: A re-stacking and security vulnerability data display is generated that includes individual graphic representations of instances (virtual computing systems) used to provide a software application in a cloud computing environment. The re-stacking and security vulnerability data display shows a launch date for each instance, a termination date for the instance, an indication of an instance vulnerability score assigned to the instance, and the base instance creation template release dates for each of the base instance creation templates. Consequently, the re-stacking policy and security vulnerabilities associated with that re-stacking policy for an account can be readily determined by a simple examination of the re-stacking and security vulnerability data display. As a result, any potential security issues and vulnerabilities can be readily identified and addressed.

Abstract: The disclosed embodiments provide a system that manages access to a computer-based resource. During operation, the system obtains a request for the computer-based resource, wherein the request identifies a user seeking access to the computer-based resource. Next, the system obtains a set of security levels for a set of identity-proofing techniques, wherein the set of security levels is based on a first set of success rates of the identity-proofing techniques in preventing fraudulent access to computer-based resources. The system then calculates an identity assurance level for the user based on the set of security levels and a second set of success rates of the user in completing one or more of the identity-proofing techniques. Upon determining that the identity assurance level of the user meets a minimum identity assurance level for accessing the computer-based resource, the system enables access to the computer-based resource in a response to the request.

Abstract: Account takeover is one of a number of types of Internet-centric crime (i.e., cybercrime) that includes the unauthorized access/use of a user's account with the user's identity or credentials (e.g., username and/or password). Because fraudsters acquire user credentials through phishing, spyware, or malware scams, it can be difficult to detect unauthorized access of a user's account. Methods and systems of the present disclosure identify and address potential account takeover activity, according to one embodiment. The methods and systems acquire system access data, apply the system access data to one or more predictive models to generate one or more risk scores, and perform one or more risk reduction actions based on the one or more risk scores, according to one embodiment. The financial system is a tax return preparation system according to one embodiment.

Abstract: A method and system provides facilitating identification of fraudulent tax filing patterns. The method and system include receiving historical tax return data and generating a visual representation of the relationships in the tax return data.

Abstract: Disclosed are methods, systems, and articles of manufacture for implementing adaptive levels of authentication assurance according to sensitivity or criticality of information accessed or actions performed in a financial management system to enhance user experience and usability of the financial management system while providing adequate security to safeguard sensitive data. Various flow nodes are associated with one or more levels of assurance which are further associated with some authentication tokens of different authentication strengths. Users are usually first authenticated with a lower authentication strength token. Risk profiles may also be accessed to examine the users' requests for access for fraud detection or prevention purposes.

Abstract: The disclosed embodiments provide a system that manages access to a computer-based resource. During operation, the system obtains a request for the computer-based resource, wherein the request identifies a user seeking access to the computer-based resource. Next, the system obtains a set of security levels for a set of identity-proofing techniques, wherein the set of security levels is based on a first set of success rates of the identity-proofing techniques in preventing fraudulent access to computer-based resources. The system then calculates an identity assurance level for the user based on the set of security levels and a second set of success rates of the user in completing one or more of the identity-proofing techniques. Upon determining that the identity assurance level of the user meets a minimum identity assurance level for accessing the computer-based resource, the system enables access to the computer-based resource in a response to the request.