RECEIVING AN INDICATION OF A SECURITY BREACH OF A PROTECTED SET OF FILES
Embodiments include a system, a computer program product, an apparatus, a device, and a method. An embodiment provides a method. The method includes a tripwire file into a protected set of files that includes at least one normal file. The method facilitates a communication to a second party of at least a portion of the protected set of files. The method also receives a signal indicating an occurrence of an activity related to the tripwire file.
Latest SEARETE LLC Patents:
- Wireless power transfer along a prescribed path
- Waveguide-backed antenna array with distributed signal amplifiers for transmission of a high-power beam
- Cavity-backed antenna array with distributed signal amplifiers for transmission of a high-power beam
- Non-Gaussian beamforming for wireless power transfer optimization
- Wireless power transfer in the fresnel zone with a dynamic metasurface antenna
The present application is related to and claims the benefit of the earliest available effective filing date(s) from the following listed application(s) (the “Related Applications”) (e.g., claims earliest available priority dates for other than provisional patent applications or claims benefits under 35 USC §119(e) for provisional patent applications, for any and all parent, grandparent, great-grandparent, etc. applications of the Related Application(s)). All subject matter of the Related Applications and of any and all parent, grandparent, great-grandparent, etc. applications of the Related Applications, including any priority claims, is incorporated herein by reference to the extent such subject matter is not inconsistent herewith.
PRIORITY APPLICATIONS
-
- (1) For purposes of the USPTO extra-statutory requirements, the present application constitutes a continuation of U.S. patent application Ser. No. 11/444,979, entitled “Receiving an Indication of a Security Breach of a Protected Set of Files”, naming Alexander J. Cohen, Edward K. Y. Jung, Royce A. Levien, Robert W. Lord, Mark A. Malamud, William Henry Mangione-Smith, John D. Rinaldo, Jr., and Clarence T. Tegreene as inventors, filed May 31, 2006, which is currently co-pending or is an application of which a currently co-pending application is entitled to the benefit of the filing date.
- (2) For purposes of the USPTO extra-statutory requirements, the present application constitutes a continuation of U.S. patent application Ser. No. 11/444,893, entitled “Indicating a Security Breach of a Protected Set of Files”, naming Alexander J. Cohen, Edward K. Y. Jung, Royce A. Levien, Robert W. Lord, Mark A. Malamud, William Henry Mangione-Smith, John D. Rinaldo, Jr., and Clarence T. Tegreene as inventors, filed May 31, 2006, now issued as U.S. Pat. No. 8,191,140, and is an application of which a currently co-pending application is entitled to the benefit of the filing date.
- (3) For purposes of the USPTO extra-statutory requirements, the present application constitutes a continuation of U.S. patent application Ser. No. 11/444,963, entitled “Signaling a Security Breach of a Protected Set of Files”, naming Alexander J. Cohen, Edward K. Y. Jung, Royce A. Levien, Robert W. Lord, Mark A. Malamud, William Henry Mangione-Smith, John D. Rinaldo, Jr., and Clarence T. Tegreene as inventors, filed May 31, 2006, now issued as U.S. Pat. No. 8,209,755, and is an application of which a currently co-pending application is entitled to the benefit of the filing date.
- (4) For purposes of the USPTO extra-statutory requirements, the present application constitutes a continuation of U.S. patent application Ser. No. 11/445,485, entitled “Monitoring a Status of a Database by Placing a False Identifier in the Database”, naming Alexander J. Cohen, Edward K. Y. Jung, Royce A. Levien, Robert W. Lord, Mark A. Malamud, William Henry Mangione-Smith, John D. Rinaldo, Jr., and Clarence T. Tegreene as inventors, filed May 31, 2006, now abandoned, and is an application of which a currently co-pending application is entitled to the benefit of the filing date.
None.
The United States Patent Office (USPTO) has published a notice to the effect that the USPTO's computer programs require that patent applicants reference both a serial number and indicate whether an application is a continuation, continuation-in-part, or divisional of a parent application. Stephen G. Kunin, Benefit of Prior-Filed Application, USPTO Official Gazette Mar. 18, 2003. The USPTO further has provided forms for the Application Data Sheet which allow automatic loading of bibliographic data but which require identification of each application as a continuation, continuation-in-part, or divisional of a parent application. The present Applicant Entity (hereinafter “Applicant”) has provided above a specific reference to the application(s) from which priority is being claimed as recited by statute. Applicant understands that the statute is unambiguous in its specific reference language and does not require either a serial number or any characterization, such as “continuation” or “continuation-in-part,” for claiming priority to U.S. patent applications. Notwithstanding the foregoing, Applicant understands that the USPTO's computer programs have certain data entry requirements, and hence Applicant has provided designation(s) of a relationship between the present application and its parent application(s) as set forth above and in any ADS filed in this application, but expressly points out that such designation(s) are not to be construed in any way as any type of commentary and/or admission as to whether or not the present application contains any new matter in addition to the matter of its parent application(s).
If the listings of applications provided above are inconsistent with the listings provided via an ADS, it is the intent of the Applicant to claim priority to each application that appears in the Priority Applications section of the ADS and to each application that appears in the Priority Applications section of this application.
All subject matter of the Priority Applications and the Related Applications and of any and all parent, grandparent, great-grandparent, etc. applications of the Priority Applications and the Related Applications, including any priority claims, is incorporated herein by reference to the extent such subject matter is not inconsistent herewith.
If an Application Data Sheet (ADS) has been filed on the filing date of this application, it is incorporated by reference herein. Any applications claimed on the ADS for priority under 35 U.S.C. §§119, 120, 121, or 365(c), and any and all parent, grandparent, great-grandparent, etc. applications of such applications, are also incorporated by reference, including any priority claims made in those applications and any material incorporated by reference, to the extent such subject matter is not inconsistent herewith.
In the following detailed description, reference is made to the accompanying drawings, which form a part hereof. In the drawings, similar symbols typically identify similar components, unless context dictates otherwise. The illustrated embodiments described in the detailed description, drawings, and claims are not meant to be limiting. Other embodiments may be utilized, and other changes may be made, without departing from the spirit or scope of the subject matter presented here.
The computing system environment 100 typically includes a variety of computer-readable media products. Computer-readable media may include any media that can be accessed by the computing device 110 and include both volatile and nonvolatile media, removable and non-removable media. By way of example, and not of limitation, computer-readable media may include computer storage media and communications media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules, or other data. Computer storage media include, but are not limited to, random-access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory, or other memory technology, CD-ROM, digital versatile disks (DVD), or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage, or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the computing device 110. Communications media typically embody computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and include any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communications media include wired media such as a wired network and a direct-wired connection and wireless media such as acoustic, RF, optical, and infrared media. Combinations of any of the above should also be included within the scope of computer-readable media.
The system memory 130 includes computer storage media in the form of volatile and nonvolatile memory such as ROM 131 and RAM 132. A basic input/output system (BIOS) 133, containing the basic routines that help to transfer information between elements within the computing device 110, such as during start-up, is typically stored in ROM 131. RAM 132 typically contains data and program modules that are immediately accessible to or presently being operated on by processing unit 120. By way of example, and not limitation,
The computing device 110 may also include other removable/non-removable, volatile/nonvolatile computer storage media products. By way of example only,
The drives and their associated computer storage media discussed above and illustrated in
The computing system environment 100 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a server, a router, a network PC, a peer device, or other common network node, and typically includes many or all of the elements described above relative to the computing device 110, although only a memory storage device 181 has been illustrated in
When used in a LAN networking environment, the computing system environment 100 is connected to the LAN 171 through a network interface or adapter 170. When used in a WAN networking environment, the computing device 110 typically includes a modem 172 or other means for establishing communications over the WAN 173, such as the Internet. The modem 172, which may be internal or external, may be connected to the system bus 121 via the user input interface 160, or via another appropriate mechanism. In a networked environment, program modules depicted relative to the computing device 110, or portions thereof, may be stored in a remote memory storage device. By way of example, and not limitation,
In the description that follows, certain embodiments may be described with reference to acts and symbolic representations of operations that are performed by one or more computing devices, such as the computing device 110 of
Embodiments may be implemented with numerous other general-purpose or special-purpose computing devices and computing system environments or configurations. Examples of well-known computing systems, environments, and configurations that may be suitable for use with an embodiment include, but are not limited to, personal computers, handheld or laptop devices, personal digital assistants, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network, minicomputers, server computers, game server computers, web server computers, mainframe computers, and distributed computing environments that include any of the above systems or devices.
Embodiments may be described in a general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types. An embodiment may also be practiced in a distributed computing environment where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
At least one entity of the Merchant's point of sale unit 410, the Processor 420, and/or the Card-Issuing Bank 430 illustrated in
An indicium of an activity related to the tripwire file is detected. For example, a detected indicium of activity related to the tripwire file may include a receipt from the Processor 420 of the credit card charge “authorization request” by the Card-Issuing Bank 430 as illustrated in
A signal is generated indicating an occurrence of an unauthorized activity related to the protected set of files in response to the detected indicium of an activity related to the tripwire file. For example, the generated signal may include a human-perceivable indication of an unauthorized activity related to the protected set of files in response to the detected indicium of an activity related to the tripwire file. By way of further example, the generated signal may include a machine-readable signal indicating an occurrence of an unauthorized activity related to the protected set of files in response to the detected indicium of an activity related to the tripwire file. The machine-readable signal may be used to activate an additional security or protection for the set of files.
In another embodiment, the exemplary operational flow 200 of
In an embodiment, the marker circuit 532 further includes a marker circuit for saving a tripwire file in a protected database that includes at least one normal file. In another embodiment, the marker circuit further includes a marker circuit for saving a tripwire file misleadingly appearing to allow provision of a benefit to a beneficiary into a protected set of files that includes at least one regular file actually allowing provision of the benefit to another beneficiary. In a further embodiment, the marker circuit further includes a marker circuit for saving a tripwire file in a protected set of files that includes at least one normal file. In an embodiment, the tripwire file has a property that does not facilitate a return of an approval in response to a health insurance claim. Each normal file of the at least one normal file has a property that does facilitate a return of an approval in response to a health insurance claim. In an embodiment, the marker circuit further includes a marker circuit for causing a tripwire file subtype to be included in a protected set of files of files that includes at least one normal file subtype. In another embodiment, the marker circuit further includes a marker circuit for causing a tripwire file and a tripwire file identification tool to be included in a protected set of files that includes at least one normal file. In a further embodiment, the marker circuit further includes a marker circuit for causing a tripwire file to be included in a protected set of files that includes at least one normal file and for causing a tripwire file identification tool to be included in another set of files.
In an embodiment, the monitor circuit 534 further includes a monitor circuit for detecting an indicium of an activity related to the tripwire file 528 in response to at least two instances of an activity related to the tripwire file. In another embodiment, the monitor circuit further includes a monitor circuit for detecting at least one of an indicium of a credit card charge authorization request, an account information change request, a funds transfer request, an inquiry, a query, a charge, a transaction, a claim, a correction, a change of attributes request, a refund, and/or a benefits transfer related to the tripwire file.
In an embodiment, the notification circuit 536 further includes a notification circuit for generating an electrical signal indicating an occurrence of an unauthorized activity related to the protected set of files 524 in response to the detected indicium of an activity related to the tripwire file 528. In a further embodiment, the notification circuit further includes a notification circuit for generating a human-perceptible indication of an occurrence of an unauthorized activity related to the protected set of files in response to the detected indicium of an activity related to the tripwire file.
In an embodiment, the apparatus 510 may further include a sentry circuit 542 for broadcasting a human-understandable indication of the occurrence of an unauthorized activity related to the protected set of files 524 in response to the detected indicium of an activity related to the tripwire file 528. In another embodiment, the apparatus may further include a fortification circuit 544 for facilitating application of a security measure to the protected set of files in response to the detected indicium of an activity related to the tripwire file. In further embodiment, the apparatus may include the fortification circuit for facilitating application of a security measure to another set of files in response to the detected indicium of an activity related to the tripwire file.
In an embodiment, the apparatus 510 may be used to implement the operational flow 200 of
In an embodiment, the apparatus 600 may include a means 640 for broadcasting a human-understandable indication of an occurrence of an unauthorized activity related to the protected set of files. In another embodiment, the apparatus may include a means 650 for facilitating application of a security measure to the protected set of files.
In an embodiment, the information store 720 includes a computer storage media and/or a quantum memory device. In another embodiment, the information store further includes an information store configured by a database 722 that includes a record of at least one fully operational account 724 and a record of a limited operational account 726. In a further embodiment, the information store further includes an information store configured by a database that includes a record of at least one account facilitating provision of a benefit and a record of a limited operational account not facilitating provision of the benefit. In another embodiment, the information store further includes an information store configured by a database that includes at least one normal credit card account subtype and a limited operational credit card account subtype.
In an embodiment, the monitor module 732 further includes a monitor module operable to detect a sign of at least one of a financial transaction card charge authorization request, an account information change request, a funds transfer request, an inquiry, a query, a charge, a transaction, a claim, a correction, a change of attributes request, a refund, and/or a benefit transfer related to the limited operational account. In another embodiment, the alert module 734 further includes an alert module operable to generate an electronic signal indicating an unauthorized activity related to the database 722 in response to the detected sign of an activity related to the limited operational account 726. In a further embodiment, the alert module further includes an alert module operable to generate a human-understandable indication of an unauthorized activity related to the database in response to the detected sign of an activity related to the limited operational account.
In an embodiment, the database manager device 730 further includes a communications module 736 operable to broadcast a human-understandable indication of an occurrence of an unauthorized activity related to the database 722 in response to the detected sign of an activity related to the limited operational account 726. In another embodiment, the database manager device further includes a fortification module 738 operable to facilitate changing a protection status of the database in response to the detected sign of an activity related to the limited operational account.
In use, the apparatus 710 may be used to implement the operational flow 200 of
In an embodiment, the operational flow 800 of
The monitoring circuit 932 includes a monitoring circuit for detecting a sign of an activity related to a tripwire file of a protected set of files, the protected set of files including at least one normal file 926 and a tripwire file 928. The protected set of files may include an at least a portion of the protected set of files 924 communicated from the protected set of files 520. In an embodiment, the at least a portion of the protected set of files may be saved in an information store 922 local to the apparatus 910. In another embodiment, the protected set of files may be saved in a remote information store (not shown) available to the apparatus 910 over the network. In a further embodiment, the protected set of files may be saved in the remote information 522 store available to the apparatus 910 over the network. The alert circuit includes an alert circuit for generating a signal indicating an unauthorized activity related to the protected set of files in response to the detected sign of an activity related to a tripwire file.
In an alternative embodiment, the apparatus 910 includes a communications circuit 936 for receiving from another party the protected set of files that includes the at least one normal file and the tripwire file. In a further embodiment, the communications circuit further includes a communications circuit for transmitting an indication of an occurrence of an unauthorized activity related to the protected set of files in a manner receivable by an owner and/or administrator of the protected set of files in response to the detected sign of an activity related to a tripwire file. For example, the owner and/or administrator of the protected set of files may include the database owner/administrator 505. In another alternative embodiment, the apparatus 910 includes a guard circuit 938 for facilitating application of a security measure to the protected set of files in response to the detected sign of an activity related to a tripwire file.
In an alternative embodiment, the apparatus 1000 includes a means 1030 for receiving from another party at least a portion of the another parties' protected set of files that includes the at least one normal file and the tripwire file. In a further embodiment, the apparatus includes a means 1040 for broadcasting a human-understandable indication of an occurrence of an unauthorized activity related to the protected set of files. In another embodiment, the apparatus includes a means 1050 for transmitting an indication of an occurrence of an unauthorized activity related to the protected set of files in a manner receivable by an owner and/or administrator of the protected set of files. In an embodiment, the apparatus includes a means 1060 for facilitating application of a security measure to the protected set of files in response to the detected sign of an activity related to a tripwire file.
The communications device 1172 includes a communications device operable to receive an at least a portion of a protected database 1164 that includes at least one fully operational account 1166 and a limited operational tripwire account 1168. In an embodiment, the operability to receive an at least a portion of a protected database includes an operability to receive at least a portion of a protected database 1124 of apparatus 1110. The information store 1162 includes an information storage device configurable by a received at least a portion of a protected database. In another embodiment, the information store further includes an information store configured by the received at least a portion of a protected database.
The database manager circuit 1180 includes a recognizer module 1186 operable to detect a sign of an activity related to the limited operational tripwire account. The database manager circuit further includes an alert module 1188 operable to generate signal indicating an unauthorized activity related to the received at least a portion of a database 1164 in response to the detected sign of an activity related to a limited operational tripwire account 1168. In a further embodiment, the alert module further includes an alert module operable to generate signal indicating an unauthorized activity related to the received at least a portion of a database and to transmit the signal in a manner receivable by an owner and/or administrator 1105 of the received at least a portion of a database.
In an alternative embodiment, the process further includes generating 1306 a signal indicating an occurrence of an unauthorized activity related to the protected set of files in response to the received signal indicating an occurrence of an activity related to the tripwire file. In another embodiment, the process further includes facilitating 1308 application of a security measure to the protected set of files in response to the received signal indicating an occurrence of an activity related to the tripwire file. In an alternative embodiment, the computer program product 1300 may be implemented in hardware, software, and/or firmware.
In a further embodiment, the computer-readable signal-bearing medium includes a computer storage medium 1312. In another embodiment, the computer-readable signal-bearing medium includes a communication medium 1314.
In an alternative embodiment, the apparatus includes a means 1440 for facilitating application of a security measure to the protected set of files in response to the received signal indicating an occurrence of an activity corresponding to the tripwire file. In another embodiment, the apparatus includes a means 1450 for generating a human-perceivable signal indicating an occurrence of an unauthorized activity related to the protected set of files in response to the received signal indicating an occurrence of an activity corresponding to the tripwire file.
In an alternative embodiment, the security assessment module 1640 further includes a security assessment module 1632 operable to periodically monitor an unauthorized usage state of the fake financial transaction card identifier. In another embodiment, the security assessment module further includes a security assessment module 1634 operable to periodically monitor an unauthorized tender state of the fake financial transaction card identifier.
In a further embodiment, the apparatus 1605 includes an alert module 1640 operable to generate a signal perceivable by an owner and/or an administrator of the set-of-files indicating an occurrence of an unauthorized activity related to the customer database. In another embodiment, the apparatus includes a transmitter module 1650 operable to broadcast a human-understandable indication of an occurrence of an unauthorized activity related to the customer database. In a further embodiment, the apparatus includes a safeguard module 1660 operable to facilitate application of a security measure to the customer database.
The First Merchant 1705 may include a dummy financial transaction card identifier (or a fake card identifier as described in conjunction with
In another embodiment, a prepaid long distance telephone card issuer may include a dummy prepaid telephone card identifier in its protected database that includes genuine prepaid telephone card identifiers. The prepaid long distance telephone card issuer would maintain the dummy prepaid telephone card identifier dormant. The prepaid long distance telephone card issuer can monitor a status of the dummy prepaid telephone card identifier. The monitoring may include monitoring information generated by others indicating stolen or fraudulent prepaid telephone card identifiers. Appearance of the dummy prepaid telephone card identifier in such information may treated by the prepaid long distance telephone card issuer as a change in status of dummy prepaid telephone card identifier from a dormant status to a tendered in commerce status. This change in status of the dummy prepaid telephone card identifier may be regarded by the prepaid long distance telephone card issuer as an indication that a security breach has occurred to their database.
In an alternative embodiment, the apparatus 1800 includes a means 1840 for generating a signal perceivable by an owner and/or an administrator of the set-of-files indicating an occurrence of an unauthorized activity related to the protected customer database. In another embodiment, the apparatus includes a means 1850 for broadcasting a human-understandable indication of an occurrence of a unauthorized activity related to the protected customer database. In a further means, the apparatus includes a means 1860 for facilitating application of a security measure to the protected customer database.
The foregoing detailed description has set forth various embodiments of the devices and/or processes via the use of block diagrams, flow diagrams, operation diagrams, flowcharts, illustrations, and/or examples. Insofar as such block diagrams, operation diagrams, flowcharts, illustrations, and/or examples contain one or more functions and/or operations, it will be understood that each function and/or operation within such block diagrams, operation diagrams, flowcharts, illustrations, or examples can be implemented, individually and/or collectively, by a wide range of hardware, software, firmware, or virtually any combination thereof unless otherwise indicated. A particular block diagram, operation diagram, flowchart, illustration, environment, and/or example should not be interpreted as having any dependency or requirement relating to any one or combination of components illustrated therein. For example, in certain instances, one or more elements of an environment may be deemed not necessary and omitted. In other instances, one or more other elements may be deemed necessary and added.
Those having skill in the art will recognize that the state of the art has progressed to the point where there is little distinction left between hardware and software implementations of aspects of systems; the use of hardware or software is generally (but not always, in that in certain contexts the choice between hardware and software can become significant) a design choice representing cost vs. efficiency tradeoffs. Those having skill in the art will appreciate that there are various vehicles by which processes and/or systems and/or other technologies described herein can be effected (e.g., hardware, software, and/or firmware), and that the preferred vehicle will vary with the context in which the processes and/or systems and/or other technologies are deployed. For example, if an implementer determines that speed and accuracy are paramount, the implementer may opt for a mainly hardware and/or firmware vehicle; alternatively, if flexibility is paramount, the implementer may opt for a mainly software implementation; or, yet again alternatively, the implementer may opt for some combination of hardware, software, and/or firmware. Hence, there are several possible vehicles by which the processes and/or devices and/or other technologies described herein may be effected, none of which is inherently superior to the other in that any vehicle to be utilized is a choice dependent upon the context in which the vehicle will be deployed and the specific concerns (e.g., speed, flexibility, or predictability) of the implementer, any of which may vary. Those skilled in the art will recognize that optical aspects of implementations will typically employ optically-oriented hardware, software, and or firmware.
In addition, those skilled in the art will appreciate that the mechanisms of the subject matter described herein are capable of being distributed as a program product in a variety of forms, and that an illustrative embodiment of the subject matter described herein applies equally regardless of the particular type of signal-bearing media used to actually carry out the distribution. Examples of a signal-bearing media include, but are not limited to, the following: recordable type media such as floppy disks, hard disk drives, CD ROMs, digital tape, and computer memory; and transmission type media such as digital and analog communication links using TDM or IP based communication links (e.g., packet links).
It will be understood by those within the art that, in general, terms used herein, and especially in the appended claims (e.g., bodies of the appended claims) are generally intended as “open” terms (e.g., the term “including” should be interpreted as “including but not limited to,” the term “having” should be interpreted as “having at least,” the term “includes” should be interpreted as “includes but is not limited to,” etc.). It will be further understood by those within the art that if a specific number of an introduced claim recitation is intended, such an intent will be explicitly recited in the claim, and in the absence of such recitation no such intent is present. For example, as an aid to understanding, the following appended claims may contain usage of the introductory phrases “at least one” and “one or more” to introduce claim recitations. However, the use of such phrases should not be construed to imply that the introduction of a claim recitation by the indefinite articles “a” or “an” limits any particular claim containing such introduced claim recitation to inventions containing only one such recitation, even when the same claim includes the introductory phrases “one or more” or “at least one” and indefinite articles such as “a” or “an” (e.g., “a” and/or “an” should typically be interpreted to mean “at least one” or “one or more”); the same holds true for the use of definite articles used to introduce claim recitations. In addition, even if a specific number of an introduced claim recitation is explicitly recited, those skilled in the art will recognize that such recitation should typically be interpreted to mean at least the recited number (e.g., the bare recitation of “two recitations,” without other modifiers, typically means at least two recitations, or two or more recitations). Furthermore, in those instances where a convention analogous to “at least one of A, B, and C, etc.” is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., “a system having at least one of A, B, and C” would include but not be limited to systems that have A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B, and C together, etc.). In those instances where a convention analogous to “at least one of A, B, or C, etc.” is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., “a system having at least one of A, B, or C” would include but not be limited to systems that have A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B, and C together, etc.).
The herein described aspects depict different components contained within, or connected with, different other components. It is to be understood that such depicted architectures are merely exemplary, and that in fact many other architectures can be implemented which achieve the same functionality. In a conceptual sense, any arrangement of components to achieve the same functionality is effectively “associated” such that the desired functionality is achieved. Hence, any two components herein combined to achieve a particular functionality can be seen as “associated with” each other such that the desired functionality is achieved, irrespective of architectures or intermedial components. Likewise, any two components so associated can also be viewed as being “operably connected,” or “operably coupled,” to each other to achieve the desired functionality. Any two components capable of being so associated can also be viewed as being “operably couplable” to each other to achieve the desired functionality. Specific examples of operably couplable include but are not limited to physically mateable and/or physically interacting components and/or wirelessly interactable and/or wirelessly interacting components.
While various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope and spirit being indicated by the following claims.
Claims
1-129. (canceled)
130. A method at least partially implemented using one or more processing devices, the method comprising:
- including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database;
- monitoring a status of the dummy financial transaction card identifier; and
- generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier, the dummy financial transaction card identifier having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one valid financial transaction card identifier having at least one validation property that facilitates an approval in response to the attempted transaction.
131. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database, the financial transaction card including at least one of a credit card, a charge card, a debit card, a phone card, a cash card, a calling card, and/or a gift card.
132. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database, the financial transaction card including a card that provides a financial benefit to a holder of the card.
133. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database, the at least one valid financial transaction card includes at least a financial transaction card linked to an account that provides a financial benefit to a holder of the financial transaction card.
134. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database, the at least one valid financial transaction card includes at least one of: a credit card, a credit plate, a charge plate, a courtesy card, a bank services card, a banking card, a check guarantee card, a debit card, an electronic benefit system card, an electronic benefit transfer card, or an assistance transaction card issued for use in obtaining at least one of a credit, a money, a good, a service, a public assistance benefit, or a thing of value.
135. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including at least one of a dummy financial transaction card number or a name, and at least one valid financial transaction card identifier in a protected customer database.
136. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy financial transaction card identifier misleadingly appearing to allow provision of a benefit to a beneficiary and at least one valid financial transaction card identifier actually allowing provision of the benefit to another beneficiary in a protected customer database.
137. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- including a dummy customer financial transaction card identifier and at least one valid customer financial transaction card identifier in a protected customer database.
138. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- adding a dummy financial transaction card identifier into a protected customer database that includes at least one valid financial transaction card identifier.
139. The method of claim 130, wherein the including a dummy financial transaction card identifier and at least one valid financial transaction card identifier in a protected customer database includes:
- facilitating inclusion of a dummy financial transaction card identifier into a protected customer database that includes at least one valid financial transaction card identifier.
140. The method of claim 130, further comprising;
- maintaining the dummy financial transaction card identifier dormant.
141. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- subjecting the dummy financial transaction card identifier to at least one of a usage restriction or an access restriction.
142. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- maintaining the dummy financial transaction card identifier inactive.
143. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- maintaining the dummy financial transaction card identifier financially inactive.
144. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- subjecting the dummy financial transaction card identifier to at least a substantial effort to preserve a confidentiality of the dummy financial transaction card identifier.
145. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- abstaining from tendering the dummy financial transaction card identifier in conjunction with a transaction.
146. The method of claim 140, wherein maintaining the dummy financial transaction card identifier dormant includes:
- instructing one or more others that a tender of the dummy financial transaction card identifier in conjunction with any transaction is prohibited.
147. The method of claim 130, wherein the monitoring a status of the dummy financial transaction card identifier includes:
- monitoring, at least one of periodically or non-periodically, a status of an activity associated with the dummy financial transaction card identifier.
148. The method of claim 130, wherein the monitoring a status of the dummy financial transaction card identifier includes:
- monitoring, at least one of periodically or non-periodically, a status of a financial activity associated with the dummy financial transaction card identifier.
149. The method of claim 130, wherein the monitoring a status of the dummy financial transaction card identifier includes:
- monitoring, at least one of periodically or non-periodically, a tender status of the dummy financial transaction card identifier in conjunction with a financial transaction.
150. The method of claim 130, wherein the monitoring a status of the dummy financial transaction card identifier includes:
- monitoring, at least one of periodically or non-periodically, a received tender status of the dummy financial transaction card identifier from at least one of a card brand association, a processor of a transaction involving the financial transaction card identifier, a card issuer, a merchant, a financial institution, and/or a card processor.
151. The method of claim 130, wherein the monitoring a status of the dummy financial transaction card identifier includes:
- monitoring, at least one of periodically or non-periodically, a status of an unauthorized activity associated with the dummy financial transaction card identifier.
152. The method of claim 130, wherein generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier comprises:
- generating a human-perceivable signal indicating an occurrence of an activity related to the protected customer database.
153. The method of claim 130, wherein generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier comprises:
- generating a human-perceivable signal indicating an occurrence of an unauthorized activity related to the protected customer database.
154. The method of claim 130, wherein generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier comprises:
- broadcasting a human-understandable indication of an occurrence of an activity related to the protected customer database.
155. The method of claim 130, further comprising:
- facilitating application of a security measure to the protected customer database.
156. An apparatus comprising:
- a manager module operable to plant a fake financial transaction card identifier in a customer database that includes at least one genuine financial transaction card identifier;
- a security assessment module operable to monitor a usage state of the fake financial transaction card identifier; and
- an alert module operable to generate a signal indicative of an unauthorized activity relating to the customer database at least partially based on a detected sign of an activity related to the fake financial transaction card identifier, the fake financial transaction card identifier having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one genuine financial transaction card identifier having at least one validation property that facilitates an approval in response to the attempted transaction.
157. The apparatus of claim 156, wherein the security assessment module operable to monitor a usage state of the fake financial transaction card identifier includes:
- a security assessment module operable to at least one of periodically monitor or non-periodically monitor an unauthorized usage state of the fake financial transaction card identifier.
158. The apparatus of claim 156, wherein the security assessment module operable to monitor a usage state of the fake financial transaction card identifier includes:
- a security assessment module operable to at least one of periodically monitor or non-periodically monitor an unauthorized tender state of the fake financial transaction card identifier.
159. The apparatus of claim 156, wherein the alert module operable to generate a signal indicative of an unauthorized activity relating to the customer database at least partially based on a detected sign of an activity related to the fake financial transaction card identifier comprises:
- an alert module operable to generate a signal perceivable by at least one of an owner or an administrator of the customer database indicating an occurrence of an unauthorized activity related to the customer database.
160. The apparatus of claim 156, wherein the alert module operable to generate a signal indicative of an unauthorized activity relating to the customer database at least partially based on a detected sign of an activity related to the fake financial transaction card identifier comprises:
- a transmitter module operable to broadcast a human-understandable indication of an occurrence of an unauthorized activity related to the customer database.
161. The apparatus of claim 156, further comprising:
- a safeguard module operable to facilitate application of a security measure to the customer database.
162. An apparatus comprising:
- means for introducing a dummy financial transaction card identifier into a protected customer database that includes at least one valid financial transaction card identifier;
- means for monitoring a status of the dummy financial transaction card identifier; and
- means for generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier, the dummy financial transaction card identifier having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one valid financial transaction card identifier having at least one validation property that facilitates an approval in response to the attempted transaction.
163. The apparatus of claim 162, wherein the means for generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier comprises:
- means for generating a signal perceivable by at least one of an owner or an administrator of the customer database indicating an occurrence of an unauthorized activity related to the protected customer database.
164. The apparatus of claim 162, wherein the means for generating a signal indicative of an unauthorized activity relating to the protected customer database at least partially based on a detected sign of an activity related to the dummy financial transaction card identifier comprises:
- means for broadcasting a human-understandable indication of an occurrence of a unauthorized activity related to the protected customer database.
165. The apparatus of claim 162, further comprising:
- means for facilitating application of a security measure to the protected customer database.
166. A method at least partially implemented using one or more processing devices, the method comprising:
- causing a decoy financial transaction card account to be included in a protected set of files at least one of owned or administered by a second party and that includes at least one non-decoy financial transaction card account, the decoy financial transaction card account having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one non-decoy financial transaction card account having at least one validation property that facilitates an approval in response to the attempted transaction;
- monitoring a status of the financial transaction card account; and
- generating a signal indicative of an unauthorized activity relating to the protected set of files at least partially based on a detected sign of an activity related to the decoy financial transaction card account.
167. The method of claim 166, wherein the causing a financial transaction card account to be included in a protected set of files at least one of owned or administered by a second party and that includes at least one other financial transaction card account includes:
- at least one of initiating, applying for, or purchasing a financial transaction card account for inclusion in the protected set of files.
168. The method of claim 166, wherein the monitoring a status of the financial transaction card account includes:
- monitoring, at least one of periodically or non-periodically, a status of the financial transaction card account for a status corresponding with the financial transaction card being tendered in conjunction with a financial transaction.
169. The method of claim 166, wherein generating a signal indicative of an unauthorized activity relating to the protected set of files at least partially based on a detected sign of an activity related to the decoy financial transaction card account comprises:
- generating a signal indicating that security of the protected set of files has been compromised.
170. A computer-implemented device comprising:
- a first module operable to cause a decoy financial transaction card account to be included in a protected set of files at least one of owned or administered by a second party, the protected set of files including at least one non-decoy financial transaction card account, the decoy financial transaction account having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one non-decoy financial transaction account having at least one validation property that facilitates an approval in response to the attempted transaction;
- a third module operable to monitor a status of the financial transaction card account; and
- an alert module operable to generate a signal indicative of an unauthorized activity relating to the protected set of files at least partially based on a detected sign of an activity related to the decoy financial transaction account.
171. An apparatus comprising:
- means for causing a decoy financial transaction card account to be included in a protected set of files at least one of owned or administered by a second party, the protected set of files including at least one non-decoy financial transaction card account, the decoy financial transaction account having at least one property that facilitates a non-approval in response to an attempted transaction, and the at least one non-decoy financial transaction account having at least one validation property that facilitates an approval in response to the attempted transaction;
- means for periodically monitoring a status of the financial transaction card account; and
- an alert means for generating a signal indicative of an unauthorized activity relating to the protected set of files at least partially based on a detected sign of an activity related to the decoy financial transaction account.
Type: Application
Filed: Nov 5, 2013
Publication Date: May 8, 2014
Applicant: SEARETE LLC (Bellevue, WA)
Inventors: Alexander J. Cohen, JR. (Mill Valley, CA), Edward K.Y. Jung (Bellevue, WA), Royce A. Levien (Lexington, MA), Robert W. Lord (Seattle, WA), Mark A. Malamud (Seattle, WA), William Henry Mangione-Smith (Kirkland, WA), John D. Rinaldo, JR. (Bellevue, WA), Clarence T. Tegreene (Mercer Island, WA)
Application Number: 14/072,740
International Classification: G06Q 20/40 (20060101); G06Q 20/34 (20060101);