Stolen credential use prevention on a web service

Abstract

Techniques to facilitate securing web services from unauthorized access are disclosed herein. In at least one implementation, user interactions with a web service are monitored, and sets of the user interactions are generated per originator based on origination information associated with the user interactions. The sets of the user interactions are processed to identify credentials used to access the web service per originator. The credentials used to access the web service per originator are compared with compromised credentials stored in a database to identify one or more user accounts of the web service associated with an originator that used the compromised credentials found in the database. Security measures are applied for at least the one or more user accounts of the web service associated with the originator that used the compromised credentials found in the database.

Description

RELATED APPLICATIONS[0001]This application is a continuation of U.S. patent application Ser. No. 15 / 081,184, entitled “STOLEN CREDENTIAL USE PREVENTION ON A WEB SERVICE,” filed Mar. 25, 2016, and claims the benefit of, and priority to, U.S. Provisional Patent Application No. 62 / 138,789, entitled “STOLEN CREDENTIAL USE PREVENTION ON A WEB SERVICE”, filed Mar. 26, 2015, all of which are hereby incorporated by reference in their entirety for all purposes.TECHNICAL BACKGROUND[0002]Security of a web service is of upmost importance to both the operators of the service and its users. As more people utilize the Internet to communicate, conduct business transactions, and utilize other services, more threats to website security arise. Website owners, insurers, hosting services, and others involved in the provision of a web service typically strive to create a robust security infrastructure for a website to prevent nefarious individuals from compromising the site. However, despite these securi...

AI Technical Summary

Problems solved by technology

As more people utilize the Internet to communicate, conduct business transactions, and utilize other services, more threats to website security arise.

However, despite these security precautions, a website could still be subject to intrusions by computer hackers, malware, viruses, and other malicious attacks.

Websites may be vulnerable to security breaches for a variety of reasons, including security loopholes, direct attacks by malicious individuals or software applications, and other security threats.

With every security breach on a web service, user credentials such as usernames, passwords, credit card numbers, and other personal information may be stolen.

There is a good likelihood that these unauthorized users will gain access to several accounts on other sites that have not actually suffered any past security breaches.

Such breaches, even if on a third party site, affect the legitimate account owners as well as the reputation of the site.

Images