Browse Prior Art Database

System and Method for Providing Clientless Fraud Protection as a Service

IP.com Disclosure Number: IPCOM000244673D
Publication Date: 2016-Jan-06
Document File: 3 page(s) / 74K

Publishing Venue

The IP.com Prior Art Database

Abstract

Cloud enabled Client less fraud protection as a service offers applications running on PaaS a seemless interface for fraud protection with a pay-per-use advantage in a non-intrusive automated way. The article describes the system and components that realize fraud protection as a service.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 3

System and Method for Providing Clientless Fraud Protection as a Service

Internet fraud prevention is the act of stopping various types of internet fraud. Websites that facilitates transactions over the web needs to have mechanisms that verify the content exchanged between the end user and the application for man-in-the middle attacks, viruses and spyware.

The available solutions in the market include Fraud Prevention Engines implemented for enterprise applications (like Online Banking) consists of a server component that looks for suspicious transactions and verifies the requests/responses to detect anomalies / Malware and ensures the security for its users. For the existing solutions to work the customer's application needs to be updated to provided with security code that can be used to monitor the transactions. This is mostly requires the customer application code to be reviewed and fraud protection code is inserted in appropriate places. Some of the fraud prevention software also provides Software Development Kit (SDK) that financial institutions can integrate within their existing security/mobile solutions to provide protection from fraud.

The existing approaches work well for traditional applications but it requires lot of manual steps and tweaking to work for born on the web which are build on PaaS platforms like IBM BlueMix, Windows Azure or Google App Engine.

The article is about providing a cloud enabled clientless fraud protection as a service which can

protect any web application from fraud without any manual intervention.

Following are the advantages in the approach:

1. The capability of fraud protection is made available as a service in a Platform as a Service Catalog

2. This means any application can make use of the service without requiring any client side installation of any software component


3. The modification of the code required on the server side is done automatically


4. The service is continuously updated on intelligence feeds that the proposed solution can

use to look for new attacks/malware etc.

5. Since this is made available as a service, the consumer has the pay-per-user advantage.

The following diagram illustrates the system to realize fraud...