公开(公告)号：US20200184271A1

公开(公告)日：2020-06-11

申请号：US16210125

申请日：2018-12-05

Applicant: BANK OF AMERICA CORPORATION

Inventor： Eren Kursun ,  Craig D. Widmann

IPC: G06K9/62 ,  G06N3/08

Abstract: An artificial intelligence system and method leveraging deep learning technology for data pattern processing and identifying misappropriation are provided herein comprising a deep learning engine comprising a data patterning component and a reasoning component. A controller is configured to: monitor a data stream comprising user interaction data; extract the interaction data from the data stream; determine, using the data patterning component, a data pattern from the extracted interaction data, wherein the data pattern is output to the reasoning component; analyze, using the reasoning component, the data pattern by comparing the data pattern to predetermined rules and factual reference data; identify an anomaly in the data pattern based on comparing the data pattern, wherein the anomaly is associated with misappropriation resources; in response, generate a revised data pattern, wherein the revised data pattern is output to the data patterning component; and confirm the revised data pattern using the data patterning component.

公开(公告)号：US20190373019A1

公开(公告)日：2019-12-05

申请号：US15995837

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  G06F21/33 ,  G06F21/50

Abstract: The invention relates generally to an alternate display generation based on user identification of unauthorized users. When the user is identified as an unauthorized user, the organization may present an alternative interface to the unauthorized user. The organization monitors how the unauthorized user utilizes the alternative interface, such as action requests that the unauthorized user may take through the use of the alternative interface. In response to any action requests from the unauthorized user, the organization may take alternative actions in order to make it seem that the unauthorized user was successful in the action request. In this way, the organization may monitor the use of the alternative interface by the unauthorized user, and capture additional information from the unauthorized user in order to identify, track, and/or prevent access by unauthorized users in the future.

公开(公告)号：US20190132328A1

公开(公告)日：2019-05-02

申请号：US15798163

申请日：2017-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Andrew DongHo Kim ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Michael E. Toth ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati

IPC: H04L29/06 ,  G06N99/00

Abstract: Systems, computer program products, and methods are described herein for elevated authentication model using cross-channel data. The present invention is configured to receive one or more exposure events from a detection system, wherein at least one of the one or more exposure events indicates that a user has failed an authentication requirement in at least one communication channel associated with the detection system; store the one or more exposure events in a centralized repository; determine one or more other communication channels across the one or more detection systems available for access to the user; and increase an authentication requirement of the user in the one or more other communication channels, wherein increasing the authentication requirement further comprises increasing an authentication level required to enable the user to access at least one of the one or more functions associated with at least one of the one or more applications.

公开(公告)号：US20220286476A1

公开(公告)日：2022-09-08

申请号：US17191377

申请日：2021-03-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： Michael Joseph Carroll ,  Jeffrey Brian Bashore ,  Joel Filliben ,  Andrew DongHo Kim ,  Akhilendra Reddy Kotha ,  Pavan Kumar Reddy Kotlo ,  Ronnie Joe Morris, JR. ,  Dharmender Kumar Satija ,  Michael Shih ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for cross-channel network security with tiered adaptive mitigation operations. In this regard, the invention is structured for dynamic detection of security events associated with network devices and resources, and triggering real-time mitigation operations across a plurality of resource channels. The invention provides a novel method for employing activity data to construct and implement mitigation actions for de-escalating authorization tiers that are adapted to the specific attributes of the activity data, in order to prevent security exposure associated with the activity. Another aspect of the invention is directed to determining whether to continue the tiered adaptive mitigation actions and/or trigger a security proceed signal.

公开(公告)号：US11297053B2

公开(公告)日：2022-04-05

申请号：US16915492

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L45/30 ,  H04L45/00

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20210051015A1

公开(公告)日：2021-02-18

申请号：US16537888

申请日：2019-08-12

Applicant: BANK OF AMERICA CORPORATION

Inventor： Craig D. Widmann ,  Eren Kursun

IPC: H04L9/32 ,  H04L9/08 ,  G06K9/62 ,  G06N20/00

Abstract: A system for generating a hybrid token architecture for chaining authenticated interactions is provided. The system comprises a memory device for storing computer-readable program; a communication device connected to a network; and a processing device, wherein the processing device is configured to: initiate an authentication session of a user associated with a user interaction; determine an authentication identifier based on at least one of the authentication session and the user interaction, the authentication identifier comprising at least one of a device portion, a user portion, and an authentication record portion; generate a unique token based on the authentication identifier, wherein the unique token is required for a subsequent authentication session, and wherein the unique token links the authentication session with the subsequent authentication session, the authentication session and the subsequent authentication session forming a chain of successive authentication sessions; and store the unique token for the subsequent authentication session.

公开(公告)号：US20200329030A1

公开(公告)日：2020-10-15

申请号：US16915496

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US10721246B2

公开(公告)日：2020-07-21

申请号：US15798155

申请日：2017-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Andrew Dongho Kim ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Michael E. Toth ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati ,  Hitesh J. Shah

IPC: H04L29/06

Abstract: Systems, computer program products, and methods are described herein for the creation of an exposure identification and distribution system for across silo channel integration. In this way, the system allows team integration of data across rails and silos for exposure identification. As such, the system generates a centralized repository for data and a communication linkage across the various systems used for identifying exposure and manipulated for linkage via a specific taxonomy overlay. Furthermore the system also includes logic that, when identification of a potential exposure indicate occurs, the system may communicate via distribution over the rails for integration and sharing for cross entity exposure identification.

公开(公告)号：US20200159919A1

公开(公告)日：2020-05-21

申请号：US16774430

申请日：2020-01-28

Applicant: Bank of America Corporation

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati

IPC: G06F21/55 ,  G06N20/00 ,  H04L29/06

Abstract: Systems, computer program products, and methods are described herein for cross platform user event record aggregation system. The present invention is configured to receive one or more exposure events from one or more detection systems; determine that a combination of at least a portion of the one or more exposure events indicates an intrusion in at least one of the one or more detection systems, thereby requiring elevated review of each exposure event; initiate the elevated review based on at least the indication of the intrusion; determine whether the intrusion is benign or harmful; and re-train the machine learning algorithm based on at least determining whether the intrusion is benign or harmful, thereby adjusting the score for future incidents of each exposure event in the combination of at least a portion of the one or more exposure events.

公开(公告)号：US20190372966A1

公开(公告)日：2019-12-05

申请号：US15995831

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/707 ,  H04L12/725

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.