Browse Prior Art Database

Input Based User Tracking For Authenticating And Non Authenticating Systems

IP.com Disclosure Number: IPCOM000250631D
Publication Date: 2017-Aug-10
Document File: 3 page(s) / 48K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Input Based User Tracking for Authenticating and Non-Authenticating Systems

Abstract

Disclosed is a server-side system that supports website security by collecting unique usage and biometric data from the input device(s) being used to access said system, and then using that information to create a user profile. This profile can be used later to identify individuals that repeatedly carry out offenses on the system.

A method or system is needed to prevent an individual from carrying out endless repeat offenses on the same system. The current known solutions are cookie profiling, use of login credentials for authentication, tracking by Internet Protocol (IP), human reporting of offenses, and session logging. All these solutions have ways of being circumvented. Cookies can be turned off or deleted. Offenders can use multiple devices at multiple physical locations. IP addresses can be masked using proxy servers, virtual private networks (VPNs), anonymity networks, and other methods. Passwords can be lost, stolen, guessed, and cracked. Human reporting is not thorough nor all-encompassing enough to detect all threats and offenses. Session logging does not provide real time monitoring and action against offenses, but is a method of “after-the-fact” investigation.

The novel solution is a server-side system that requires the collection of unique usage and biometric data from the input device(s) being used to access said system. This data is used to create a profile containing the data required to identify an individual as well as the type of input device they are using to access the system. It can be used on systems that do not require any account authentication. The novel system also includes specification for use with systems that already employ account authentication. Both use cases are illustrated in the flow chart below.

This approa...