A system for communicating electronically over a communications medium
regarding an account includes (a) maintaining information pertaining to
the account in a database such that the information is retrievable by a
unique identifier, the information including security features of a
device that generates digital signatures using a private key of a
public-private key pair, (b) associating the public key of the device
with the unique identifier in the database, (c) receiving an electronic
communication including the unique identifier and a digital signature for
a message generated by a suspect device (d) authenticating the message
using the public key associated with the unique, (e) upon successful
authentication of the message, identifying the security features
retrievable by the unique identifier as being the security features of
the genuine device, and (f) gauging the risk that said generated digital
signature was fraudulently sent based on said identified security
features of the genuine device.