BlackBerry Limited
METHODS AND SYSTEMS FOR DETECTING UNAUTHORIZED ACCESS

Abstract:

Described are methods and systems to identify unauthorized attempts to access an account in a computer system, the account having an authorized user. The methods and systems include determining that a count of failed attempts to access the account exceeds a maximum. Based on the count exceeding the maximum, one or more peer contacts associated with the authorized user are retrieved from stored user data. A failure attribution request is transmitted to the one or more peer contacts and a response is received from at least one of the one or more peer contacts. If the response denies that the authorized user caused the failed attempts, then a security action is taken with respect to the account. The method may include first confirming that the number of failure attributions requests sent has not exceeded an abuse threshold to prevent denial-of-service attacks.