公开(公告)号：US20190372966A1

公开(公告)日：2019-12-05

申请号：US15995831

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/707 ,  H04L12/725

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20190132336A1

公开(公告)日：2019-05-02

申请号：US15798155

申请日：2017-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Andrew DongHo Kim ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Michael E. Toth ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati ,  Hitesh J. Shah

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/1425 ,  H04L63/1441

Abstract: Systems, computer program products, and methods are described herein for the creation of an exposure identification and distribution system for across silo channel integration. In this way, the system allows team integration of data across rails and silos for exposure identification. As such, the system generates a centralized repository for data and a communication linkage across the various systems used for identifying exposure and manipulated for linkage via a specific taxonomy overlay. Furthermore the system also includes logic that, when identification of a potential exposure indicate occurs, the system may communicate via distribution over the rails for integration and sharing for cross entity exposure identification.

公开(公告)号：US20220318348A1

公开(公告)日：2022-10-06

申请号：US17223079

申请日：2021-04-06

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Sai Kishan Alapati ,  Jeffrey Brian Bashore ,  Michael Joseph Carroll ,  Brian H. Corr ,  Andrew DongHo Kim ,  Holly J. Martinez ,  Aron Megyeri ,  Ronnie Joe Morris, JR. ,  Elliot Piatetsky ,  Jennifer Quillen ,  Tracy R. Regehr ,  Dharmender Kumar Satija ,  Craig Douglas Widmann

IPC: G06F21/32 ,  H04L29/06 ,  H04N5/247 ,  G06K9/00 ,  G06K9/20

Abstract: The present invention is generally related to systems and methods for providing an improved authentication and verification system through the use of compiled user data and user location or traffic data from multiple channels of input. Multiple devices may be utilized by the system in order to receive and process data to authenticate user identities and verify the validity of account activity.

公开(公告)号：US11336646B2

公开(公告)日：2022-05-17

申请号：US16915371

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06

Abstract: A system and methods for alternate user communication routing are described. Unauthorized users are identified and alternate treatments are provided in order to deter unauthorized access and create opportunities for data collection. The use of a varied set of alternate treatments provides an enhanced view of unauthorized user behavior and an increased ability to track future unauthorized user actions by recording various user identity/communication characteristics specific to known unauthorized users. Alternate treatments may be provided randomly based on a set of alternate treatments previously provided to a specific user, or may be varied based on an identified group of unauthorized users presumed to be acting in concert.

公开(公告)号：US10972472B2

公开(公告)日：2021-04-06

申请号：US15995824

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707 ,  G06F21/31

Abstract: A system and method for providing an alternate treatment for an interaction with unauthorized users is provided. The system receives a request from a user to access information and further receives an authentication credential from the user, wherein the authentication credential is received from one or more user computer systems. The system determines that the user is an unauthorized user based on the authentication credential, and in response, provides an alternate treatment to the unauthorized user. Unauthorized user information is captured from the unauthorized user based on the alternate treatment; and used to generate a unique user identification profile for the unauthorized user. User profiles are further categorized for efficient application of additional alternate treatments.

公开(公告)号：US20200329028A1

公开(公告)日：2020-10-15

申请号：US16915484

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20200329027A1

公开(公告)日：2020-10-15

申请号：US16915480

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20190373019A1

公开(公告)日：2019-12-05

申请号：US15995837

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  G06F21/33 ,  G06F21/50

Abstract: The invention relates generally to an alternate display generation based on user identification of unauthorized users. When the user is identified as an unauthorized user, the organization may present an alternative interface to the unauthorized user. The organization monitors how the unauthorized user utilizes the alternative interface, such as action requests that the unauthorized user may take through the use of the alternative interface. In response to any action requests from the unauthorized user, the organization may take alternative actions in order to make it seem that the unauthorized user was successful in the action request. In this way, the organization may monitor the use of the alternative interface by the unauthorized user, and capture additional information from the unauthorized user in order to identify, track, and/or prevent access by unauthorized users in the future.

公开(公告)号：US20190132328A1

公开(公告)日：2019-05-02

申请号：US15798163

申请日：2017-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Andrew DongHo Kim ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Michael E. Toth ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati

IPC: H04L29/06 ,  G06N99/00

Abstract: Systems, computer program products, and methods are described herein for elevated authentication model using cross-channel data. The present invention is configured to receive one or more exposure events from a detection system, wherein at least one of the one or more exposure events indicates that a user has failed an authentication requirement in at least one communication channel associated with the detection system; store the one or more exposure events in a centralized repository; determine one or more other communication channels across the one or more detection systems available for access to the user; and increase an authentication requirement of the user in the one or more other communication channels, wherein increasing the authentication requirement further comprises increasing an authentication level required to enable the user to access at least one of the one or more functions associated with at least one of the one or more applications.

公开(公告)号：US11962617B2

公开(公告)日：2024-04-16

申请号：US17191377

申请日：2021-03-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： Michael Joseph Carroll ,  Jeffrey Brian Bashore ,  Joel Filliben ,  Andrew DongHo Kim ,  Akhilendra Reddy Kotha ,  Pavan Kumar Reddy Kotlo ,  Ronnie Joe Morris, Jr. ,  Dharmender Kumar Satija ,  Michael Shih ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L9/00 ,  H04L9/40

CPC classification number: H04L63/1466 ,  H04L63/105 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/20

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for cross-channel network security with tiered adaptive mitigation operations. In this regard, the invention is structured for dynamic detection of security events associated with network devices and resources, and triggering real-time mitigation operations across a plurality of resource channels. The invention provides a novel method for employing activity data to construct and implement mitigation actions for de-escalating authorization tiers that are adapted to the specific attributes of the activity data, in order to prevent security exposure associated with the activity. Another aspect of the invention is directed to determining whether to continue the tiered adaptive mitigation actions and/or trigger a security proceed signal.