公开(公告)号：US12072965B2

公开(公告)日：2024-08-27

申请号：US18373230

申请日：2023-09-26

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Sai Kishan Alapati ,  Jeffrey Brian Bashore ,  Michael Joseph Carroll ,  Brian H. Corr ,  Andrew DongHo Kim ,  Holly J. Martinez ,  Aron Megyeri ,  Ronnie Joe Morris, Jr. ,  Elliot Piatetsky ,  Jennifer Quillen ,  Tracy R. Regehr ,  Dharmender Kumar Satija ,  Craig Douglas Widmann

IPC: G06F21/32 ,  G06V10/147 ,  G06V40/16 ,  H04L9/40 ,  H04N23/90

CPC classification number: G06F21/32 ,  G06V10/147 ,  G06V40/168 ,  G06V40/172 ,  H04L63/0861 ,  H04N23/90 ,  G06F2221/2111

Abstract: The present invention is generally related to systems and methods for providing an improved authentication and verification system through the use of compiled user data and user location or traffic data from multiple channels of input. Multiple devices may be utilized by the system in order to receive and process data to authenticate user identities and verify the validity of account activity.

公开(公告)号：US11637838B2

公开(公告)日：2023-04-25

申请号：US17172234

申请日：2021-02-10

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Andrew DongHo Kim ,  Craig Douglas Widmann ,  Jeffrey Brian Bashore

IPC: H04L9/40 ,  H04W12/63 ,  H04W12/08

Abstract: Systems, computer program products, and methods are described herein for intrusion detection using resource activity analysis. The present invention is configured to receive, from a computing device of a user, an indication that the user has accessed a resource allocation portfolio of a customer; determine a geographic information of the user; retrieve a geographic information of the customer; determine that the geographic information of the user does not match the geographic information of the customer; determine an exposure level associated with the user access of the resource allocation portfolio of the customer; determine that the exposure level is greater than a predetermined threshold; and automatically trigger a transmission of a notification to a computing device of an administrator indicating that the exposure level associated with the user access of the resource allocation portfolio of the customer is greater than the predetermined threshold.

公开(公告)号：US20220321586A1

公开(公告)日：2022-10-06

申请号：US17222440

申请日：2021-04-05

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Jeffrey Brian Bashore ,  Michael Joseph Carroll ,  Christopher J. Cooley ,  Andrew DongHo Kim ,  Pavan Kumar Reddy Kotlo ,  Randy J. Nelson ,  Jennifer Quillen ,  Lizabeth Rosenberg ,  Dharmender Kumar Satija ,  James F. Stevens ,  Craig Douglas Widmann

IPC: H04L29/06

Abstract: Embodiments of the present invention provide an innovative system, method, and computer program product for automated device activity analysis in both a forward and reverse fashion. A collaborative system for receiving data and continuously analyzing the data to determine emerging patterns associated with particular user devices is provided. The system is also designed to generate a historical query of user device touch points or interaction points with entity systems across multiple data vectors, and generate system alerts as patterns or potential issues are identified. Common characteristics of data may be used to detect patterns that are broadened in scope and used in a generative neural network approach.

公开(公告)号：US20220255946A1

公开(公告)日：2022-08-11

申请号：US17172234

申请日：2021-02-10

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Andrew DongHo Kim ,  Craig Douglas Widmann ,  Jeffrey Brian Bashore

IPC: H04L29/06 ,  H04W12/08 ,  H04W12/63

Abstract: Systems, computer program products, and methods are described herein for intrusion detection using resource activity analysis. The present invention is configured to receive, from a computing device of a user, an indication that the user has accessed a resource allocation portfolio of a customer; determine a geographic information of the user; retrieve a geographic information of the customer; determine that the geographic information of the user does not match the geographic information of the customer; determine an exposure level associated with the user access of the resource allocation portfolio of the customer; determine that the exposure level is greater than a predetermined threshold; and automatically trigger a transmission of a notification to a computing device of an administrator indicating that the exposure level associated with the user access of the resource allocation portfolio of the customer is greater than the predetermined threshold.

公开(公告)号：US20190372974A1

公开(公告)日：2019-12-05

申请号：US15995830

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06

Abstract: A system and methods for alternate user communication routing are described. Unauthorized users are identified and alternate treatments are provided in order to deter unauthorized access and create opportunities for data collection. The use of a varied set of alternate treatments provides an enhanced view of unauthorized user behavior and an increased ability to track future unauthorized user actions by recording various user identity/communication characteristics specific to known unauthorized users. Alternate treatments may be provided randomly based on a set of alternate treatments previously provided to a specific user, or may be varied based on an identified group of unauthorized users presumed to be acting in concert.

公开(公告)号：US20190289025A1

公开(公告)日：2019-09-19

申请号：US15921395

申请日：2018-03-14

Applicant: BANK OF AMERICA CORPORATION

Inventor： Eren Kursun ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Andrew DongHo Kim ,  Shawn Parris Bench ,  Kolt Arthur Bell ,  Scott Anderson Sims

IPC: H04L29/06 ,  H04L12/26 ,  G06F17/30 ,  G06N99/00

Abstract: The invention describes a system and method employing machine learning and artificial intelligence engines to monitor data streams in real-time across multiple channels in order to detect anomalies and generate prioritized alerts. In particular, the invention may continuously collect data across multiple channels. The obtained data may be compared with reference data to continuously update a confidence level associated with the user, channel, entity, or other identifying factor. Based on the confidence level, profile the user to detect any inconsistencies in the data collected over time and generate an alert to the user in question and potentially to other downstream users or entities. In this way, the invention not only provides a way to detect anomalies in a cross-channel fashion, but also creates a mechanism for feedback wherein the system may incorporate user feedback to resolve alerts and detected anomalies.

公开(公告)号：US11949686B2

公开(公告)日：2024-04-02

申请号：US18118423

申请日：2023-03-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Andrew DongHo Kim ,  Craig Douglas Widmann ,  Jeffrey Brian Bashore

IPC: H04L9/40 ,  G06F21/32 ,  G06F21/62 ,  H04W12/08 ,  H04W12/63

CPC classification number: H04L63/107 ,  G06F21/32 ,  G06F21/6245 ,  H04W12/08 ,  H04W12/63

Abstract: Systems, computer program products, and methods are described herein for intrusion detection using resource activity analysis. The present invention is configured to receive, from a computing device of a user, an indication that the user has accessed a resource allocation portfolio of a customer; determine a geographic information of the user; retrieve a geographic information of the customer; determine that the geographic information of the user does not match the geographic information of the customer; determine an exposure level associated with the user access of the resource allocation portfolio of the customer; determine that the exposure level is greater than a predetermined threshold; and automatically trigger a transmission of a notification to a computing device of an administrator indicating that the exposure level associated with the user access of the resource allocation portfolio of the customer is greater than the predetermined threshold.

公开(公告)号：US20220286476A1

公开(公告)日：2022-09-08

申请号：US17191377

申请日：2021-03-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： Michael Joseph Carroll ,  Jeffrey Brian Bashore ,  Joel Filliben ,  Andrew DongHo Kim ,  Akhilendra Reddy Kotha ,  Pavan Kumar Reddy Kotlo ,  Ronnie Joe Morris, JR. ,  Dharmender Kumar Satija ,  Michael Shih ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for cross-channel network security with tiered adaptive mitigation operations. In this regard, the invention is structured for dynamic detection of security events associated with network devices and resources, and triggering real-time mitigation operations across a plurality of resource channels. The invention provides a novel method for employing activity data to construct and implement mitigation actions for de-escalating authorization tiers that are adapted to the specific attributes of the activity data, in order to prevent security exposure associated with the activity. Another aspect of the invention is directed to determining whether to continue the tiered adaptive mitigation actions and/or trigger a security proceed signal.

公开(公告)号：US11297053B2

公开(公告)日：2022-04-05

申请号：US16915492

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L45/30 ,  H04L45/00

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20200329030A1

公开(公告)日：2020-10-15

申请号：US16915496

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.