Detecting fraudulent activity from compromised devices

Assignee

• EMC IP Holding Company LLC · US

Inventors

• Uri Fleyder · Givat Shmuel, IL
• Rotem Kerner · Nes Ziona, IL
• Zeev Rabinovich · Nes Ziona, IL
• Rotem Salinas · Netanya, IL
• Lior Ben-Porat · Petah Tikva, IL
• Daniel Frank · Sachsenheim, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/34
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A technique for detecting fraudulent activity in a compromised device involves downloading a software application from a processor that controls access to a resource to an electronic device requesting access to the resource. The software application includes instructions that gather selected information from the electronic device such as mouse coordinates and active windows at a selected time and transmitting the information to the processor for analysis. The analysis includes determining whether more than a single input operation is occurring simultaneously. Simultaneous input operations are an improbable combination of processes for a single electronic device, and suggest a potential fraudulent activity. The technique may include sending a message to a security location for further analysis of the potential fraudulent activity, or the user may be contacted while the transaction attempt is delayed, or the attempted transaction operation may be terminated until enhanced security procedures are implemented.