	US 12,093,950 B2
	Fraud deterrence for secure transactions
Michael Sasha John, Larchmont, NY (US)
Assigned to FRAUD FREE TRANSACTIONS LLC, Long Branch, NJ (US)
Filed by Michael Sasha John, Larchmont, NY (US)
Filed on Mar. 12, 2024, as Appl. No. 18/602,817.
Application 18/602,817 is a continuation of application No. 18/378,331, filed on Oct. 10, 2023.
Application 18/378,331 is a continuation of application No. 18/095,237, filed on Jan. 10, 2023, granted, now 11,907,946, issued on Feb. 20, 2024.
Application 18/095,237 is a continuation of application No. 17/677,581, filed on Feb. 22, 2022, granted, now 11,551,215, issued on Jan. 10, 2023.
Application 17/677,581 is a continuation of application No. 17/201,835, filed on Mar. 15, 2021, granted, now 11,257,080, issued on Feb. 22, 2022.
Application 17/201,835 is a continuation of application No. 15/404,184, filed on Jan. 11, 2017, granted, now 10,949,851, issued on Mar. 16, 2021.
Application 15/404,184 is a continuation of application No. 14/873,165, filed on Oct. 1, 2015, abandoned.
Application 14/873,165 is a continuation of application No. 13/286,211, filed on Oct. 31, 2011, abandoned.
Application 14/873,165 is a continuation of application No. 12/124,144, filed on May 20, 2008, granted, now 10,853,855, issued on Dec. 1, 2020.
Application 13/286,211 is a continuation of application No. 12/115,538, filed on May 5, 2008, granted, now 8,078,515, issued on Dec. 13, 2011.
Claims priority of provisional application 60/980,498, filed on Oct. 17, 2007.
Claims priority of provisional application 60/977,375, filed on Oct. 4, 2007.
Claims priority of provisional application 60/939,066, filed on May 20, 2007.
Claims priority of provisional application 60/915,934, filed on May 4, 2007.
Prior Publication US 2024/0220980 A1, Jul. 4, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/40 (2012.01); G06F 21/32 (2013.01); G06F 21/35 (2013.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); G06Q 20/12 (2012.01); G06Q 20/38 (2012.01); G06Q 20/42 (2012.01); G06Q 30/06 (2023.01); G06Q 30/0601 (2023.01); G06Q 40/00 (2023.01)

CPC G06Q 20/40 (2013.01) [G06F 21/32 (2013.01); G06F 21/35 (2013.01); G06F 21/606 (2013.01); G06F 21/6263 (2013.01); G06Q 20/123 (2013.01); G06Q 20/382 (2013.01); G06Q 20/4012 (2013.01); G06Q 20/40145 (2013.01); G06Q 20/4016 (2013.01); G06Q 20/405 (2013.01); G06Q 20/409 (2013.01); G06Q 20/425 (2013.01); G06Q 30/06 (2013.01); G06Q 30/0601 (2013.01); G06Q 30/0613 (2013.01); G06Q 40/00 (2013.01)]

30 Claims

1. A non-transitory computer readable storage medium storing instructions that, when executed by one or more processors, configure one or more executing processors to

receive a request to access a software program, wherein the software program has a rule set associated therewith, the rule set at least situationally restricting access to the software program, the rule set including:

a plurality of configurable rules that define determinations for verification of a user identity of users requesting access to the software program, and that include one or more configurable parameters, associated with one or more of the plurality of rules, that designate situational applicability of a given rule for which a given parameter is defined,

wherein the rules of the rule set are configurable with respect to, and collectively include, at least:

identification of characteristics, including least an originating IP address, from which the request originated, a device ID of a device from which the request originated and an originating geographic location from which the request originated, to be considered for verification of the identity, including association of at least one stored value with a respective one of a plurality of the characteristics including at least the originating IP address, the originating device ID and the originating geographic location, and wherein the instructions configure the executing one or more processors to utilize the originating IP address to obtain the originating geographic location;

definition of a plurality of determinations, based on the characteristics, including at least a plurality of determinations defined for a plurality of the rules of the rule set;

definition of what constitutes a determination being met for the plurality of determinations; and

definition of an action to be taken responsive to an outcome of analysis of a given of the rules, including at least:

one first action for a first rule type that is based on first ones of the determinations, the first action permitting access to the software program absent multi-factor authentication (MFA) and based on a first one of the outcomes indicating a first condition where the first ones of the determinations resulted in expected values for first present values of first ones of the characteristics included in the first ones of the determinations,

one second action for a second rule type that is based on second ones of the determinations, the second action requiring at least one first configurable MFA action in order to access the software program and based on a second one of the outcomes indicating a second condition where one or more of the second ones of the determinations resulted in at least one unexpected value for at least one second present value of at least one second one of the characteristics included in the second ones of the determinations,

one third action for a third rule type that is based on third ones of the determinations, the third action requiring at least one second configurable MFA action in order to access the software program and based on a third one of the outcomes resulted in a third condition indicating one or more of the third ones of the determinations indicated potential fraud based at least one third present value of at least one third one of the characteristics, of the third ones of the determinations, corresponding to a risky value indicative of risk and stored in association with the third one of the characteristics;

wherein the first and second configurable MFA actions are configurable with respect to at least:

definition of whether a respective one of the first or second configurable at least one MFA actions includes at least one specifically-required authentication action to be undertaken by a user; and

definition of whether a respective one of the first or second configurable at least one MFA actions includes a choice of a plurality of authentication actions to be undertaken by the user, including, definition of two or more different selectable MFA actions from which the choice can be made;

analyze first data associated with the received request to determine whether the one or more of the configurable rules having the configurable parameters defined therefor apply to the received request based on correlation of the analyzed data to the configurable parameters;

derive an applicable rule set including at least:

the one or more of the configurable rules determined to apply based on the configurable parameters;

any default rules designated as applicable to the requests for the software;

and

at least one rule type of the first type, second type and third type;

analyze the determinations of one or more of the rules of the applicable rule set, including determination of whether the respective outcomes of respective analyzed determinations indicate at least one of the first, second or third conditions;

responsive to at least one of the second or third conditions being indicated by the respective outcomes, instruct a user, who submitted the received request, to undertake at least one respective first or second configurable MFA actions based on which of the respective second or third conditions was indicated;

receive MFA results of the respective first or second MFA actions having been undertaken by the user; and

responsive to the MFA results indicating successful authentication, provide access to the requested software program.