Search

EP-4738155-A1 - GENERATIVE CONSTRUCTION OF DIGITAL USER IDENTITY AS VERIFIED BY PERSONALLY IDENTIFIABLE INFORMATION

EP4738155A1EP 4738155 A1EP4738155 A1EP 4738155A1EP-4738155-A1

Abstract

Provided are a method and system for digital user identification in use of corresponding personally identifiable information (PII) as an instrument of verifying the identification. For one or more iterations of execution of the method and system, aggregated user data obtained by a server and corresponding to a digital user defines a digital profile confirmed for PII transacted at the time of the aggregation. Accordingly, and when one or more components of the profile are inspected for deviation thereof relative to the profile, as confirmed, legitimacy of the digital user identification is determined.

Inventors

  • BOUSO, Samer
  • ABREU, PABLO YSRRAEL
  • VELMURUGAN, ARUN

Assignees

  • Socure, Inc.

Dates

Publication Date
20260506
Application Date
20250619

Claims (15)

  1. A method of determining a digital profile of an entity, comprising: receiving data corresponding to the entity, the data being associated with a digital device of the entity and use thereof, by the entity, during operation of the digital device for a transaction; aggregating the received data into specified types thereof, forming aggregated data; for one or more iterations of the aggregating forming the aggregated data, receiving personally identifiable information (PII) corresponding to the entity; inspecting the aggregated data to determine correlation between the aggregated data and the PII, wherein the inspecting comprises applying machine learning to the aggregated data, for the correlation to the PII, to determine a deviation of the aggregated data; based on the determined deviation of the aggregated data, resolving the digital profile of the entity; generating an identification (ID) candidacy of the entity via weighting the ID candidacy by an amount of the deviation; and determining the digital profile as legitimate for the entity according to the ID candidacy at least meeting a predetermined threshold.
  2. The method of claim 1, wherein: the aggregated data comprises one or more of (a) device data for the digital device, (b) entity behavior for use of the digital device, (c) entity-device interaction data for the digital device, or (d) any combination thereof.
  3. The method of claim 2, wherein: in response to the aggregated data comprising (a), the aggregated data comprises one or more of (e) device/browser settings, (f) device hardware description, (g) current software information, (h) network internet service provider and connection characteristics, (i) geolocation, or (j) any combination thereof.
  4. The method of claim 2 or claim 3, wherein: in response to the aggregated data comprising (b), the aggregated data comprises (k) interaction patterns with the digital device, (l) usage frequency and duration regarding one or more applications or websites, (m) navigation paths regarding an application or website, (n) typing patterns within an application or website, or (o) any combination thereof.
  5. The method of any of claims 2 to 4, wherein: in response to the aggregated data comprising (c), the aggregated data comprises (p) keystroke dynamics, (q) touch dynamics, (r) mouse movement criteria, or (s) any combination thereof.
  6. The method of any preceding claim, wherein: the at least the aggregating the received data is performed at a server.
  7. The method of claim 6, wherein: wherein the server continuously receives data of external data stores, and in response to the at least the aggregating the received data being performed, one or more portions of the server are transformed for the inspecting the aggregated data to determine correlation between the aggregated data and the PII.
  8. The method of claim 6, wherein: the aggregated data corresponds to a browser session identification (ID) assigned at one or more portions of the server, and optionally wherein: the resolving the digital profile of the entity is further based on correspondence between the browser session ID and the received PII.
  9. A computing system for determining a digital profile, the computing system comprising: one or more processors; and one or more memories storing instructions that, when executed by the one or more processors, cause the computing system to perform a process comprising: receiving data corresponding to the entity, the data being associated with a digital device of the entity and use thereof, by the entity, during operation of the digital device for a transaction; aggregating the received data into specified types thereof, forming aggregated data; for one or more iterations of the aggregating forming the aggregated data, receiving personally identifiable information (PII) corresponding to the entity; inspecting the aggregated data to determine correlation between the aggregated data and the PII, wherein the inspecting comprises applying machine learning to the aggregated data, for the correlation to the PII, to determine a deviation of the aggregated data; based on the determined deviation of the aggregated data, resolving the digital profile of the entity; generating an identification (ID) candidacy of the entity via weighting the ID candidacy by an amount of the deviation; and determining the digital profile as legitimate for the entity according to the ID candidacy at least meeting a predetermined threshold.
  10. The computing system of claim 9, wherein: the aggregated data comprises one or more of (a) device data for the digital device, (b) entity behavior for use of the digital device, (c) entity-device interaction data for the digital device, or (d) any combination thereof.
  11. The computing system of claim 10, wherein: in response to the aggregated data comprising (a), the aggregated data comprises one or more of (e) device/browser settings, (f) device hardware description, (g) current software information, (h) network internet service provider and connection characteristics, (i) geolocation, or (j) any combination thereof.
  12. The computing system of claim 10 or claim 11, wherein: in response to the aggregated data comprising (b), the aggregated data comprises (k) interaction patterns with the digital device, (l) usage frequency and duration regarding one or more applications or websites, (m) navigation paths regarding an application or website, (n) typing patterns within an application or website, or (o) any combination thereof.
  13. The computing system of any of claims 10 to 12, wherein: in response to the aggregated data comprising (c), the aggregated data comprises (p) keystroke dynamics, (q) touch dynamics, (r) mouse movement criteria, or (s) any combination thereof.
  14. The computing system of any of claims 9 to 13, wherein: the at least the aggregating the received data is performed at a server.
  15. The computing system of claim 14, wherein: wherein the server continuously receives data of external data stores, and in response to the at least the aggregating the received data being performed, one or more portions of the server are transformed for the inspecting the aggregated data to determine correlation between the aggregated data and the PII, and/or the aggregated data corresponds to a browser session identification (ID) assigned at one or more portions of the server, and optionally further wherein the resolving the digital profile of the entity is further based on correspondence between the browser session ID and the received PII.

Description

FIELD OF THE DISCLOSURE Disclosed embodiments relate to digital identity generation, and more specifically, to such generation employing contextual inspection for user digital activity linked to personally identifiable information (PII) of the user corresponding to one or more digital activities. BACKGROUND Digital activity of a user, whether when surfing the internet, interacting with a particular website to browse product or other information, or engaging with a website for one or more dedicated transactions (e.g., education, banking, contractual endeavor) is recognized as a means by which to gather information about the user and the user's device during the activity. Such gathered information, as is understood, can be compiled to produce a user identity. This is particularly the case when the user is either unaware of or accepts the use of cookies that track information during a web browser session. In recent years, however, regulatory regimes such as the General Data Protection Regulation in the European Union and the California Consumer Privacy Action in the United States impinge on the unfettered collection, use, and storage of cookies. For instance, such regimes require permission for cookie use and disclosure of manner of that use if acceptance is provided. Accordingly, browser implementations seeking to comply with these exemplary regimes must offer users the opportunity to tailor their browsing experience. Because of this, and particularly in the case of third-party cookies (i.e., cookies linked to ads provided on a website), it can become difficult to obtain a device-user association when that user corresponds to multiple devices which she may use to browse multiple websites. Such an association may be further hampered due to the increasing complexity of operating systems that enable malevolent actors to delete one or more portions of device identifiers. SUMMARY It is to be understood that both the following summary and the detailed description are exemplary and explanatory and are intended to provide further explanation of the present embodiments as claimed. Neither the summary nor the description that follows is intended to define or limit the scope of the present embodiments to the particular features mentioned in the summary or in the description. Rather, the scope of the present embodiments is defined by the appended claims. Embodiments may include a method and system regarding determining a digital profile of an entity, including receiving data corresponding to the entity, the data being associated with a digital device of the entity and use thereof, by the entity, during operation of the digital device for a transaction, aggregating the received data into specified types thereof, forming aggregated data, and for one or more iterations of the aggregating forming the aggregated data, receiving personally identifiable information (PII) corresponding to the entity. The method and system may further include inspecting the aggregated data to determine correlation between the aggregated data and the PII, wherein the inspecting comprises applying machine learning to the aggregated data, for the correlation to the PII, to determine a deviation of the aggregated data. The method and system may still further include, based on the determined deviation of the aggregated data, resolving the digital profile of the entity, and generating an identification (ID) candidacy of the entity via weighting the ID candidacy by an amount of the deviation. In these regards, the method and system may include determining the digital profile as legitimate for the entity according to the ID candidacy at least meeting a predetermined threshold. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 illustrates elements of a Digital Profile System (DPS) enabling inspection of user digital activity for verification against personally identifiable information (PII), according to embodiments herein;FIG. 2 illustrates various forms of aggregated user data included in the inspection of FIG. 1, according to embodiments herein; andFIG. 3 illustrates a flow diagram of a process for conducting the inspection of user digital activity for verification against PII of FIG. 1, according to embodiments herein. DETAILED DESCRIPTION The present disclosure will now be described in terms of various exemplary embodiments. This specification discloses one or more embodiments that incorporate features of the present embodiments. The embodiment(s) described, and references in the specification to "one embodiment", "an embodiment", "an example embodiment", etc., indicate that the embodiment(s) described may include a particular feature, structure, or characteristic. Such phrases are not necessarily referring to the same embodiment. The skilled artisan will appreciate that a particular feature, structure, or characteristic described in connection with one embodiment is not necessarily limited to that embodiment but typically has relevance and applicability to o