| CPC H04L 63/083 (2013.01) [G06Q 40/02 (2013.01); H04L 63/1416 (2013.01)] | 20 Claims |
|
1. A method comprising:
(a) receiving user log-in data or user-authentication data, that a user submits or provides to a first server via a web browser operated on a computer that is selected from the group consisting of: a laptop computer, a desktop computer;
(b) determining, at said first server, that said user log-in data or user-authentication data matches credentials that were established for a particular user-account that is served by said first server;
(c) determining, at said first server, an Internet Protocol (IP) address of said computer, by extracting the IP address that said computer advertises to Internet servers;
(d) determining, at said first server, that said particular user-account is associated with a Mobile App that was installed on a smartphone of an account-owner of said particular user-account;
(e) sending, by said first server or by a second server which is an applications server, a Push Notification to said Mobile App that was installed on the smartphone of said account-owner; and triggering the smartphone, via said Push Notification, to respond with a response that includes therein an Internet Protocol (IP) address of said smartphone;
(f) if (I) the IP address of the smartphone, that was obtained in step (e) in response to said Push Notification, is different from (II) the IP address of said computer as determined in step (c) by said first server, then: determining that said computer is possibly utilized by a cyber-attacker, and initiating one or more pre-defined fraud mitigation operations.
|