Browse Prior Art Database

Method and apparatus to detect fraud registration to Web based services

IP.com Disclosure Number: IPCOM000181766D
Original Publication Date: 2009-Apr-13
Included in the Prior Art Database: 2009-Apr-13
Document File: 5 page(s) / 191K

Publishing Venue

IBM

Abstract

The core innovation of this disclosure is to introduce a mechanism to track user's beheavior before a successful web form submission is performed.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 41% of the total text.

Page 1 of 5

Method and apparatus to detect fraud registration to Web based services

Main Idea

1. Background: What is the problem solved by your invention? Describe known solutions to this problem (if any). What are the drawbacks of such known solutions, or why is an additional solution required? Cite any relevant technical documents or references.

Fraud registration to web based services means that conterfeit information are composed by users through the registration process to gain the access of the services.

Here is one real example:

Fraud registration real example (netsuite)

Fraud registration
accepted by service provider, resources started to be involved (netsuite)

Fraud registration is a very common phenomenon in the Web based service domain for the following reasons:

Users don't want to be bothered by the service provider before they decide to be contacted by the service provider
Competitors of the service provider want to learn the product and offering of the service provider by hiding their identities
Users who don't have required profile characteristics want to access the service (e.g. a student want to learn the service but a student has no job title and company information)

Though there are many Web service providers dont care too much whether the information of the registrations are valid or ture as they have related business model(e.g. eyeball attraction based adverstisment), fraud registration wastes many service provider's resources especially for those who gain revenue from the users's usage of the service:

Resources spent on supporting such users on the system

Resources spent on communicating and engaging with such users

There are two common types of solution to tackle this problem partially.

1

[This page contains 2 pictures or other non-text objects]

Page 2 of 5

The first one is to strengthen web form validations at client side(browser) to make sure illegal or illegimate users can not submit web form to trigger server side process. The widely used approach leverage client side javascript to verify web form data so as to achieve this objective, for example:

Single field: e.g. telephone number should be number and follow certain rule Cross fields: zip code in united states should be 5 digits and ….

The limitations of this approach include:
Fraud registration users may try to input multiple times to understand the validation rules and finally find out correct input which then be eventually accepted by the registration form.

The key problem is Web application only collect final data from the Web form, but the fraud behavior on the web page at client side can not be collected

The second one is to employ human process or computer software program to check the validity of the submitted information from the web form and analyze fraud possibility. The limitation of this approach is that the source information to s...