公开(公告)号：US11048793B2

公开(公告)日：2021-06-29

申请号：US16210092

申请日：2018-12-05

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah

IPC: G06F21/31 ,  G06F21/45 ,  G06N20/00

Abstract: Aspects of the disclosure relate to dynamically generating activity prompts to build and refine machine learning authentication models. A computing platform may process a first set of login events associated with a first user account and may build a first user-specific authentication model for the first user account. Then, the computing platform may process a second set of login events associated with a second user account and may build a second user-specific authentication model for the second user account. The computing platform also may build a population-level authentication model for a plurality of user accounts. Thereafter, the computing platform may identify one or more activity parameters associated with at least one authentication model for refinement. Subsequently, the computing platform may generate and send one or more activity prompts to one or more client computing devices to request at least one user response.

公开(公告)号：US20200007528A1

公开(公告)日：2020-01-02

申请号：US16019775

申请日：2018-06-27

Applicant: Bank of America Corporation

Inventor： Ashish Arora ,  Jothimuthu Palanisamy ,  Andrew T. Keys ,  Michael E. Toth ,  Daniel L. Carpenter

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/06

Abstract: Aspects of the present disclosure are directed to electronic computer implemented methods of data communication. At least one method includes, via a data communications network, receiving one or more mobile EDI token datasets associated with each of one or more mobile devices; each of the mobile EDI token datasets including a mobile online ID attribute data element, a beacon attribute data element and biometric ID attribute data element; via a data communications network, receiving a matching score attribute data element associated with at least one of the mobile EDI token datasets; electronically processing and authenticating the least one mobile EDI token dataset based on the received matching score attribute data element; and via a data communications network, transmitting the mobile online ID attribute associated with the authenticated mobile EDI token dataset.

公开(公告)号：US20190303553A1

公开(公告)日：2019-10-03

申请号：US15938516

申请日：2018-03-28

Applicant: BANK OF AMERICA CORPORATION

Inventor： Matthew M. Choiniere ,  Michael E. Toth ,  Hitesh J. Shah

IPC: G06F21/34 ,  G06F21/32 ,  G06F1/16

Abstract: An authentication device that includes an authentication engine configured to detect devices proximate to a terminal and to identify a user profile based on the detected one or more devices. The user profile identifies at least one of the detected devices in a device registry. The authentication engine is further configured to receive a data access request for a data resource and to identify authentication requirements for a multifactor authentication process for the user based on the detected devices. Identifying the authentication requirements includes setting types of authentication and a number of authentication levels that are used for performing multifactor authentication with the user. The authentication engine is further configured to execute the multifactor authentication process for the user, to determine whether the user has satisfied the authentication requirements, and to provide access to the data resource in response to determining the user has satisfied the authentication requirements.

公开(公告)号：US20190289007A1

公开(公告)日：2019-09-19

申请号：US15920549

申请日：2018-03-14

Applicant: Bank of America Corporation

Inventor： Xianhong Zhang ,  Kalyan V. Pasumarthi ,  Jeffrey Jacoby ,  Hitesh Shah ,  Archie Agrawal ,  Michael E. Toth ,  Yu Fu

IPC: H04L29/06

Abstract: Aspects of the disclosure relate to preventing unauthorized access to secured information systems using advanced pre-authentication techniques. A computing platform may receive, from a local traffic manager, a first enriched access request associated with a first remote computing device. Then, the computing platform may apply a pre-authentication classification model to the first enriched access request associated with the first remote computing device. Thereafter, the computing platform may determine that the first enriched access request associated with the first remote computing device is likely malicious. Then, the computing platform may generate one or more first pre-authentication response commands directing client portal server infrastructure to process the first enriched access request associated with the first remote computing device as a malicious request. Subsequently, the computing platform may send the one or more first pre-authentication response commands to the client portal server infrastructure.

公开(公告)号：US10050962B2

公开(公告)日：2018-08-14

申请号：US14928312

申请日：2015-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: H04L29/06 ,  G06F21/31

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for function requiring authentication based on determining a location along an authentication continuum. The location along the authentication continuum defines the degree of authentication/credentials required to access the function and is determined based on a current state of the user and/or function attributes. The more or less that is known about the current state of the user the more or less likely the user is the user that is attempting to access the function and, thus, the authentication requirements required to access the function can be adjusted according (increased or decreased).

公开(公告)号：US09525685B2

公开(公告)日：2016-12-20

申请号：US14980974

申请日：2015-12-28

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06 ,  G06F21/31 ,  G06F21/41

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F21/41 ,  H04L63/04 ,  H04L63/08 ,  H04L63/10

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

公开(公告)号：US20160164857A1

公开(公告)日：2016-06-09

申请号：US15047114

申请日：2016-02-18

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: H04L29/06 ,  G06F17/30

CPC classification number: G06Q20/405 ,  G06F17/3053 ,  G06Q20/3224 ,  G06Q20/327 ,  G06Q20/34 ,  G06Q20/4016 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/04

Abstract: Embodiments are directed to systems, methods and computer program products for providing user authentication based on transaction data. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a transaction set of data comprising information related to transactions conducted by the user; collect a location set of data comprising information related to a physical location of the user; determine a transaction proximity score associated with the user and the transactions; determine a level of authentication associated with the determined transaction proximity score; determine which authentication types are associated with the level of authentication; request authentication credentials; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, execute the user action.

公开(公告)号：US20160156609A1

公开(公告)日：2016-06-02

申请号：US15016130

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: H04L29/06 ,  H04W4/02

CPC classification number: G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/10 ,  H04W4/02 ,  H04W4/021 ,  H04W4/023

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to predetermined boundaries of location that have altered authentication requirements, in the form of, increased or decreased authentication requirements/credentials that differ from the standard authentication requirements.

公开(公告)号：US20160155189A1

公开(公告)日：2016-06-02

申请号：US15016132

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06Q40/02 ,  G06Q20/10

CPC classification number: G06Q20/108 ,  G06F21/30 ,  G06F21/31 ,  G06F2221/2113 ,  G06F2221/2149 ,  G06Q40/02 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/105 ,  H04L2463/102

Abstract: Embodiments are directed to systems, methods and computer program products for sorting mobile banking functions into authentication buckets. Embodiments determine, for each of a plurality of mobile banking functions, a corresponding authentication buckets, where each authentication bucket corresponds with a level of authentication. Some embodiments receive a request, from a user, to access a function; access the plurality of authentication buckets to determine which of the authentication buckets corresponds with the requested function; determine the level of authentication associated with the determined authentication bucket; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, enable access to the function requested by the user.

公开(公告)号：US09331994B2

公开(公告)日：2016-05-03

申请号：US14175701

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06 ,  H04W12/04

CPC classification number: G06Q20/405 ,  G06F17/3053 ,  G06Q20/3224 ,  G06Q20/327 ,  G06Q20/34 ,  G06Q20/4016 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/04

Abstract: Embodiments are directed to systems, methods and computer program products for providing user authentication based on transaction data. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a transaction set of data comprising information related to transactions conducted by the user; collect a location set of data comprising information related to a physical location of the user; determine a transaction proximity score associated with the user and the transactions; determine a level of authentication associated with the determined transaction proximity score; determine which authentication types are associated with the level of authentication; request authentication credentials; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, execute the user action.