| CPC G06F 21/6263 (2013.01) [G06F 21/602 (2013.01); H04L 63/0876 (2013.01); H04L 63/1416 (2013.01)] | 20 Claims |
|
8. A method comprising:
receiving, via a network from a device of a user, an authentication request for the user to access a website using a web browser executable at the device;
responsive to the received authentication request, identifying a series of storage locations available on the device for storing web cookies, wherein the series of storage locations are sorted in order of increasing risk of fraud starting from a first storage location;
determining that the user has previously visited the website based on at least one web cookie stored at the first storage location in the series of storage locations;
retrieving, via the network from the device, a cookie value for each storage location in the series of storage locations;
determining whether the retrieved cookie value for each storage location after the first storage location in the series of storage locations matches an expected cookie value for that storage location;
calculating a score representing a level of fraud risk for the authentication request when there is a mismatch between the retrieved cookie value and the expected cookie value for at least one storage location in the series of storage locations, wherein the score is based on a position of the at least one storage location in the series of storage locations; and
authenticating the user, based on the calculated score.
|