An Internet-facing identity management system is vulnerable to a variety of attacks, including account take over, fraudulent activities, creation of fraudulent accounts and denial of service attacks. As hackers and fraudsters are getting better and more sophisticated in online transaction attacks, there is a need to detect and remediate fraud in real-time to protect consumers and businesses. Today the US Patent & Trademark Office published a patent application from Apple that reveals a new fraud detection ID management system. To a certain degree Apple is already using it context with their iTunes online store. As Apple moves into the ecommerce world with a future iWallet, such a system is going to be a huge benefit to users. So with Apple testing out their new fraud detection system out now, it will ensure that the system is in place once they introduce their iWallet application which, from many accounts, could debut in the next year or two.
Apple Invents Fraud Detection for ID Management Systems
Apple's invention relates to systems, methods and computer program products for identifying and remediating in real-time fraudulent activities associated with identity management systems.
An event (e.g., client request to logon to an account) is received during a time interval. An abnormal pattern in characteristics of one or more attributes of the event is determined. The event is associated with a client identity. One or more reputation scores for the client identity are determined based on event history data associated with the client identity. One or more state objects for one or more client identifier attributes are updated with the reputation scores. One or more remedial actions are implemented against the client request using the one or more updated state objects.
Particular implementations disclosed herein provide one or more of the following advantages. A decision on whether to take remedial action against a client request is improved by determining a reputation of a client identity associated with the client request based on historical event data associated with the client identity. The reputation may be used to detect potential fraudulent activity in real-time or near real-time and to implement an appropriate remedial action against the client request.
Apple's patent FIG. 1 noted below is a block diagram of an exemplary fraud detection system for identity management systems.
In some implementations, the fraud detection system (#100 above) may include online service (#102), identity management system (IMS) (#108), centralized account fraud engine or CAFÉ (#110) and client devices. The online service and client devices communicate through a network such as the Internet.
The online service may be any service that requires users to have a user account. Some examples of online services are online stores for purchasing and downloading digital content, such as music, videos, books and software applications.
During operation, the Identity Management System (IMS) receives requests from the client devices (iDevices, Macs, Apple TV) to access an online service. The request may require that the user of the client device provide login information, such as a username and password. This request is also referred to as an "event." When the IMS detects a real-time event (e.g., a user login event), the IMS submits a fraud processing request to the fraud engine or CAFE. Based on the results of the fraud processing, the IMS may send a response to client device to accept or deny the request.
The CAFE system is a centralized real-time or near real-time system for identifying and remediating fraudulent events for the IMS. The CAFE system identifies fraudulent network events based on a combination of processes applied to attributes. Some examples of attributes may include but are not limited to: network signatures, device signatures, client account information, remediation history of client identity, event history of the client identity, external intelligence collected on the client identity (e.g., black lists, white lists, scores), request velocity from a client source or any other information that can be used by the CAFÉ system to detect patterns of fraudulent activities.
Some examples of network and device signatures may include but are not limited to: user identifier (ID), device ID, client Internet Protocol (IP) address, device IP address, proxy IP address, user-agent header, timestamp, geo-location, language, requesting services or any other information that may be used by the CAFE system to identify a client identity or event.
The remediation of fraudulent events by the CAFE system may include combinations of the following remedial actions: deny client request, slowdown response time to the client request, enforce additional security protocols on the client request or the attacked resource (e.g., an online account) or any other desired remedial action.
Some of you may have received a notice from Apple like the one noted below, which to a certain degree is one application for this new system of Apple's relating to detecting possible fraud.
Apple's patent FIG. 2 below is a block diagram of an exemplary centralized account fraud engine for identity management systems.
Apple's patent FIG. 5 is below is a flow diagram of an exemplary process of fraud detection.
Apple's patent FIG. 6 noted below is a block diagram of exemplary computer system architecture for implementing fraud detection.
Apple credits Saravanan Vallinayagam,); Gunaranjan Chandraraju, Selvarajan Subramaniam, Lon Hardeman, Vinamra Agarwal, Hai-Toa Li, Umesh Batra and Prabhakaran Vaidyanathaswami as the inventors of this patent application that is titled "Fraud Detection for Identity Management Systems." The patent was originally filed in Q1 2013. Considering that this is a patent application, the timing of such a product to market is unknown at this time.
A Note for Tech Sites covering our Report: We ask tech sites covering our report to kindly limit the use of our graphics to one image. Thanking you in advance for your cooperation.
Patently Apple presents a detailed summary of patent applications with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Comments are reviewed daily from 4am to 8pm MST and sporadically over the weekend.
New on Patently Mobile this Week