IP Verse

Fraud Deterrence For Secure Transactions

Patent No. US12229768 (titled "Fraud Deterrence For Secure Transactions") was filed by Fraud Free Transactions Llc on Mar 12, 2024.

What is this patent about?

’768 is related to the field of fraud prevention in electronic transactions , particularly concerning the secure delivery and utilization of digital assets like software. The background acknowledges the increasing challenges faced by sellers due to fraudulent activities, such as stolen credit card usage, leading to financial losses and the need for robust security measures. Existing methods, like license software modules and online validation, have drawbacks including user inconvenience and susceptibility to circumvention.

The underlying idea behind ’768 is to implement a dynamic, multi-factor authentication system that adapts to the risk profile of each transaction. Instead of relying on static security measures, the system analyzes various characteristics of the request, such as the device identifier, IP address, and geographic location, to determine whether additional authentication steps are necessary. This allows for a more flexible and user-friendly approach to fraud prevention, balancing security with convenience.

The claims of ’768 focus on a non-transitory computer-readable storage medium storing instructions that, when executed, configure processors to receive a request for a software program, perform a validation analysis based on a rule set that considers device identifiers, IP addresses, and geographic locations. Based on this analysis, the system determines if multi-factor authentication (MFA) is required. If MFA is required, the user is instructed to undertake the necessary actions, and the request is fulfilled only upon successful authentication.

In practice, the invention works by first receiving a request for a digital asset, such as software. The system then analyzes the request based on a pre-defined rule set, which includes verification steps that consider factors like the device's identifier, the IP address, and the user's geographic location. The system then determines if the request meets certain conditions. If the conditions are not met, the user is prompted to undertake one or more MFA actions. Upon successful completion of these actions, the request is fulfilled, granting access to the software.

This approach differs from prior solutions by implementing a dynamic risk assessment and offering a flexible authentication process. Instead of forcing all users through the same rigid security protocols, the system adapts to the specific characteristics of each request, minimizing inconvenience for legitimate users while effectively deterring fraudulent activity. The use of multiple factors, including device identification, IP address analysis, and geographic location verification, provides a more robust defense against various types of fraud.

How does this patent fit in bigger picture?

Technical landscape at the time

In the late 2000s when ’768 was filed, electronic transactions were typically implemented using client-server architectures, when systems commonly relied on username/password combinations rather than multi-factor authentication, and when hardware or software constraints made real-time risk assessment during transactions non-trivial.

Novelty and Inventive Step

The examiner allowed the claims because they recite a specific way of performing identity verification and validation that integrates a judicial exception into a practical application. The software program limits identity validation rules to a plurality of verification steps based on preselected characteristics for use in a validation analysis. This analysis includes device identifiers, IP addresses, or geographic locations, and determines whether multi-factor authentication is needed based on the verification steps and characteristics. This provides a specific improvement over prior systems, resulting in improved identity verification and validation.

Claims

This patent contains 58 claims, of which claims 1, 12, 18, 24, 31, 46, and 53 are independent. The independent claims generally focus on a non-transitory computer readable storage medium storing instructions for multi-factor authentication based on characteristics like device identifier, IP address, and geographic location. The dependent claims generally elaborate on the specifics of the characteristics, the multi-factor authentication actions, and the validation rule sets.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)Support for SpecificationInterpretation
Device-identifier
(Claim 1, Claim 12, Claim 18, Claim 24, Claim 46, Claim 53)		“If a client-side FFT software application has been implemented upon a client's computer, then information it relays to the FFT-server (e.g. computer ID number, operating system identification code, software and license codes, purchase history) can be stored in the transaction profile.”A characteristic associated with a device from which the request originated, used in a validation analysis.
Identity validation rule set
(Claim 1, Claim 12, Claim 18, Claim 24, Claim 31, Claim 46, Claim 53)		“In one aspect of the invention the fraud prevention deterrents are selectively and automatically implemented, or automatically proposed, during the sale of a digital product based upon a user's electronic profile. The particular fraud prevention deterrents that are implemented or proposed can also be selected based upon the value of the item being purchased, a seller's deterrence preference, a random assignment, a user's recent web activity, a user's electronic profile, a user's preference, and any aspect of a referring website by which the user arrived at the seller's website.”A set of rules that includes a plurality of verification steps based on characteristics, determinable by the processors, and designated for use in a validation analysis.
Multi-factor authentication (MFA) action
(Claim 1, Claim 12, Claim 18, Claim 24, Claim 31, Claim 46, Claim 53)		“By providing a number of options, a compromise between the client and the seller, or client and the client's bank, is reached. For example, a client may not be comfortable conducting part of the transaction over the phone, may not have access to a web-camera, and may not wish to submit a biometric validation marker. In this case, the FFT allows the client to choose or configure alternative FFT options which the seller or bank is comfortable. Although the seller may prefer a multi-media based transaction, rather than simply offering only a web-cam based transaction option, the user may be allowed to choose 2 or 3 alternative deterrent options which the seller believes is functionally equivalent to the web-cam option, or at least sufficient for permitting the particular e-transaction.”An action required based on results of one or more combinations of determinations, the combinations defined by respective ones of the verification steps and based at least in part on the characteristics.
Originating geographic location
(Claim 1, Claim 12, Claim 18, Claim 24, Claim 31, Claim 46, Claim 53)		“To some extent, pre-charge client authentication can automatically take advantage of checking and cross-checking client related information to verify each transaction, including evaluation of chargeback history, geo-targeting, IP address scanning, and real-time verification techniques.”A characteristic determined by utilizing the IP address from which the software-usage request originated to obtain a geographic location associated with the IP address.
Validation analysis
(Claim 1, Claim 12, Claim 18, Claim 24)		“The FFP can adaptive and dynamically be applied to the transaction process in a manner which empowers the client and in accordance with a client's preferences. For example, a client who is in a hurray or who is not a good typist may prefer a voice and/or human based purchase, or may have access to a RFID and credit card, which can be used to quickly validate a client's identity. Manufactures and clients are also empowered because they can require deterrent options to be implemented in a graduated and unique manner according to particular characteristics of the transaction.”Analysis including a plurality of verification steps according to the rule set to determine whether at least one multi-factor authentication (MFA) action associated with at least one of the verification steps is required based on results of one or more combinations of determinations.

Patent Family

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

  • Date

    Description

  • Get instant alerts for new documents

US12229768

FRAUD FREE TRANSACTIONS LLC
Application Number
US18602262
Filing Date
Mar 12, 2024
Status
Granted
Expiry Date
Jul 22, 2028
External Links
Slate, USPTO, Google Patents