IBM’s patented invention can help web site operators, cloud service providers and mobile application developers more efficiently and effectively detect and deal with threats by using analytics to thwart fraudsters.
For example, when individuals access a banking or shopping site, they subconsciously establish characteristics of how they interact with the site, such as clicking certain areas more often than others; using the up and down arrow keys on the keyboard to navigate; relying solely on the mouse; or tapping or swiping the screen of a tablet or smartphone in a distinct manner.
Similar to how individuals recognize changes in the behaviour of a family member or friend on the phone – even when the audio is fuzzy – by the words they use, how they answer the phone, their mannerisms, etc., IBM’s invention helps businesses analyse and identify sudden changes in online behavior.
If the invention detects a change in behavior, it triggers a secondary authentication measure, such as a security question. This helps businesses and website operators avoid unintentionally hindering legitimate customer activities or transactions.
“Our invention improves the effectiveness of authentication and security systems with insights derived from real-time data analytics,” said Keith Walker, IBM Master Inventor and co-inventor on the patent. “For example, if an individual suddenly changes how they interact with an online bank or store, such as due to a broken hand or using a tablet instead of a desktop computer, I want these web sites to detect the change, and then ask for extra identity confirmation before accepting a transaction. Our experience developing and testing a prototype, which flawlessly confirmed identities, shows that such a change would more likely be due to fraud, and we all want these sites to provide more protection while simultaneously processing our transactions quickly.”
As commerce is increasingly conducted online and via the cloud, a new generation of criminals is using digital channels – such as mobile devices, social networks and cloud platforms – to probe for weaknesses and vulnerabilities, including the ability to steal login and password information from the ecommerce sites we use every day. Despite strong passwords and authentications systems, troublesome fraudulent charges remain a reality in today’s digital world.
IBM received U.S. Patent #8,650,080: “User-browser interaction-based fraud detection system” for the invention.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.