IBM today announced it has patented a technique that helps online and cloud-based businesses improve their ability to eliminate fraud by analyzing browsing behavior to determine whether customers are who they say they are after accessing a website or app via a computer, tablet or other mobile device.
IBM's patented invention can help web site operators, cloud service providers and mobile application developers more efficiently and effectively detect and deal with threats by using analytics to thwart fraudsters.
For example, when individuals access a banking or shopping site, they subconsciously establish characteristics of how they interact with the site, such as clicking certain areas more often than others; using the up and down arrow keys on the keyboard to navigate; relying solely on the mouse; or tapping or swiping the screen of a tablet or smartphone in a distinct manner. Similar to how individuals recognize changes in the behavior of a family member or friend on the phone – even when the audio is fuzzy – by the words they use, how they answer the phone, their mannerisms, etc., IBM's invention helps businesses analyze and identify sudden changes in online behavior.
If the invention detects a change in behavior, it triggers a secondary authentication measure, such as a security question. This helps businesses and website operators avoid unintentionally hindering legitimate customer activities or transactions.
"Our invention improves the effectiveness of authentication and security systems with insights derived from real-time data analytics," said Keith Walker, IBM Master Inventor and co-inventor on the patent. "For example, if an individual suddenly changes how they interact with an online bank or store, such as due to a broken hand or using a tablet instead of a desktop computer, I want these web sites to detect the change, and then ask for extra identity confirmation before accepting a transaction. Our experience developing and testing a prototype, which flawlessly confirmed identities, shows that such a change would more likely be due to fraud, and we all want these sites to provide more protection while simultaneously processing our transactions quickly."
As commerce is increasingly conducted online and via the cloud, a new generation of criminals is using digital channels – such as mobile devices, social networks and cloud platforms – to probe for weaknesses and vulnerabilities, including the ability to steal login and password information from the ecommerce sites we use every day. Despite strong passwords and authentication systems, troublesome fraudulent charges remain a reality in today's digital world.
IBM received U.S. Patent #8,650,080: "User-browser interaction-based fraud detection system" for the invention.
Explore further: Enabling secure notifications to mobile devices via the cloud