公开(公告)号：US20150363764A1

公开(公告)日：2015-12-17

申请号：US14457940

申请日：2014-08-12

Applicant: Bank of America Corporation

Inventor： David M. Grigg ,  James Gregory Ronca ,  Henry J. Chou ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: G06Q20/32 ,  G06Q20/38 ,  G06Q20/20

CPC classification number: G06Q20/327 ,  G06Q20/102 ,  G06Q20/223 ,  G06Q20/3278 ,  G06Q20/3821

Abstract: Systems, apparatus, and computer program products are provided for conducting person-to-person (P2P) payments via a short-range wireless payment beacon.

Abstract translation: 提供系统，装置和计算机程序产品，用于通过短距离无线支付信标进行个人对个人（P2P）支付。

公开(公告)号：US09185117B2

公开(公告)日：2015-11-10

申请号：US14175954

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson

IPC: G06F21/31 ,  H04L29/06

CPC classification number: H04L63/105 ,  G06F21/31 ,  G06F21/316 ,  G06F2221/2111 ,  G06F2221/2113 ,  H04L63/08 ,  H04L63/107 ,  H04L63/205 ,  H04L2463/082 ,  H04W12/06

Abstract: Embodiments provide user authentication based on proximity to a close network of a user. Embodiments receive from a user a request to execute a user action associated with an application, wherein execution of the user action requires validation of one or more authentication credentials; collect a set of data comprising information related to a physical location of the user; determine a close network score associated with the user; determine a level of authentication associated with the close network score; determine which one or more authentication types are associated with the level of authentication associated with the close network score; request one or more authentication credentials corresponding to the determined one or more authentication types; receive credentials from the user; validate the credentials, thereby resulting in a successful validation of the credentials; and, in response to the successful validation of the credentials, execute the user action.

Abstract translation: 实施例提供了基于与用户的紧密网络的接近度的用户认证。 实施例从用户接收执行与应用相关联的用户动作的请求，其中用户动作的执行需要验证一个或多个认证证书; 收集包括与用户的物理位置有关的信息的一组数据; 确定与用户相关联的紧密网络评分; 确定与关闭网络得分相关联的认证级别; 确定哪个一个或多个认证类型与与关闭网络评分相关联的认证级别相关联; 请求与所确定的一种或多种认证类型相对应的一个或多个认证证书; 从用户接收凭证; 验证凭据，从而导致凭证的成功验证; 并且响应于证书的成功验证，执行用户操作。

公开(公告)号：US20150227724A1

公开(公告)日：2015-08-13

申请号：US14175956

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F21/30 ,  G06F21/31

CPC classification number: G06Q20/108 ,  G06F21/30 ,  G06F21/31 ,  G06F2221/2113 ,  G06F2221/2149 ,  G06Q40/02 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/105 ,  H04L2463/102

Abstract: Embodiments are directed to systems, methods and computer program products for sorting mobile banking functions into authentication buckets. Embodiments determine, for each of a plurality of mobile banking functions, a corresponding authentication buckets, where each authentication bucket corresponds with a level of authentication. Some embodiments receive a request, from a user, to access a function; access the plurality of authentication buckets to determine which of the authentication buckets corresponds with the requested function; determine the level of authentication associated with the determined authentication bucket; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, enable access to the function requested by the user.

Abstract translation: 实施例涉及用于将移动银行功能分类到认证桶中的系统，方法和计算机程序产品。 对于多个移动银行业务中的每一个，实施例确定相应的认证桶，其中每个认证桶对应于认证级别。 一些实施例从用户接收到访问功能的请求; 访问所述多个认证桶以确定所述认证桶中的哪一个对应于所请求的功能; 确定与确定的认证桶相关联的认证级别; 确定哪些认证类型与认证级别相关联; 请求与认证类型相对应的认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应于认证证书的成功验证，使得能够访问由用户请求的功能。

公开(公告)号：US20150193781A1

公开(公告)日：2015-07-09

申请号：US14149003

申请日：2014-01-07

Applicant: Bank of America Corporation

Inventor： Apeksh M. Dave ,  John F. Zemaitis ,  Kenneth B. Norris ,  Michael E. Toth

IPC: G06Q30/00

CPC classification number: G06Q30/0185 ,  H04L63/0807 ,  H04L63/20

Abstract: According to certain embodiments of the disclosure, a system receives a request from a user device to conduct an activity with an enterprise and determines an authentication level associated with the activity. The system receives information associated with the user from a plurality of disparate channels and calculates a risk score associated with the user based on the received information associated with the user. The system generates a token based on the authentication level and risk score and communicates the token to the user device.

Abstract translation: 根据本公开的某些实施例，系统从用户设备接收与企业进行活动的请求，并确定与活动相关联的认证级别。 系统从多个不同的信道接收与用户相关的信息，并且基于与用户相关联的所接收的信息来计算与用户相关联的风险评分。 系统根据认证级别和风险分数生成令牌，并将令牌传送给用户设备。

公开(公告)号：US11797661B2

公开(公告)日：2023-10-24

申请号：US17332557

申请日：2021-05-27

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah

IPC: G06F21/31 ,  G06F21/45 ,  G06N20/00

CPC classification number: G06F21/45 ,  G06F21/31 ,  G06N20/00

Abstract: Aspects of the disclosure relate to dynamically generating activity prompts to build and refine machine learning authentication models. A computing platform may process a first set of login events associated with a first user account and may build a first user-specific authentication model for the first user account. Then, the computing platform may process a second set of login events associated with a second user account and may build a second user-specific authentication model for the second user account. The computing platform also may build a population-level authentication model for a plurality of user accounts. Thereafter, the computing platform may identify one or more activity parameters associated with at least one authentication model for refinement. Subsequently, the computing platform may generate and send one or more activity prompts to one or more client computing devices to request at least one user response.

公开(公告)号：US11790062B2

公开(公告)日：2023-10-17

申请号：US17498317

申请日：2021-10-11

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah ,  Xianhong Zhang

IPC: G06F21/31 ,  G06F21/62 ,  G06N20/00 ,  H04L67/306 ,  H04L67/50

CPC classification number: G06F21/316 ,  G06F21/6218 ,  G06N20/00 ,  H04L67/306 ,  H04L67/535 ,  G06F2221/2141

Abstract: Aspects of the disclosure relate to processing authentication requests to secured information systems based on machine-learned user behavior profiles. A computing platform may receive an authentication request corresponding to a request for a user of a client computing device to access one or more secured information resources associated with a user account. The computing platform may capture behavioral parameters associated with the client computing device and may evaluate the behavioral parameters using a behavioral profile associated with the user account to determine a behavioral deviation score. Based on the behavioral deviation score, the computing platform may select an authentication action from a plurality of pre-defined authentication actions. Subsequently, the computing platform may generate commands directing an account portal computing platform to allow access, conditionally allow access, or prevent access based on the selected authentication action. Then, the computing platform may send the commands to the account portal computing platform.

公开(公告)号：US10965675B2

公开(公告)日：2021-03-30

申请号：US15920549

申请日：2018-03-14

Applicant: Bank of America Corporation

Inventor： Xianhong Zhang ,  Kalyan V. Pasumarthi ,  Jeffrey Jacoby ,  Hitesh Shah ,  Archie Agrawal ,  Michael E. Toth ,  Yu Fu

IPC: H04L29/06

Abstract: Aspects of the disclosure relate to preventing unauthorized access to secured information systems using advanced pre-authentication techniques. A computing platform may receive, from a local traffic manager, a first enriched access request associated with a first remote computing device. Then, the computing platform may apply a pre-authentication classification model to the first enriched access request associated with the first remote computing device. Thereafter, the computing platform may determine that the first enriched access request associated with the first remote computing device is likely malicious. Then, the computing platform may generate one or more first pre-authentication response commands directing client portal server infrastructure to process the first enriched access request associated with the first remote computing device as a malicious request. Subsequently, the computing platform may send the one or more first pre-authentication response commands to the client portal server infrastructure.

公开(公告)号：US10965662B2

公开(公告)日：2021-03-30

申请号：US16019775

申请日：2018-06-27

Applicant: Bank of America Corporation

Inventor： Ashish Arora ,  Jothimuthu Palanisamy ,  Andrew T. Keys ,  Michael E. Toth ,  Daniel L. Carpenter

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/32

Abstract: Aspects of the present disclosure are directed to electronic computer implemented methods of data communication. At least one method includes, via a data communications network, receiving one or more mobile EDI token datasets associated with each of one or more mobile devices; each of the mobile EDI token datasets including a mobile online ID attribute data element, a beacon attribute data element and biometric ID attribute data element; via a data communications network, receiving a matching score attribute data element associated with at least one of the mobile EDI token datasets; electronically processing and authenticating the least one mobile EDI token dataset based on the received matching score attribute data element; and via a data communications network, transmitting the mobile online ID attribute associated with the authenticated mobile EDI token dataset.

公开(公告)号：US20200184065A1

公开(公告)日：2020-06-11

申请号：US16210092

申请日：2018-12-05

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah

IPC: G06F21/45 ,  G06F21/31 ,  G06N20/00

Abstract: Aspects of the disclosure relate to dynamically generating activity prompts to build and refine machine learning authentication models. A computing platform may process a first set of login events associated with a first user account and may build a first user-specific authentication model for the first user account. Then, the computing platform may process a second set of login events associated with a second user account and may build a second user-specific authentication model for the second user account. The computing platform also may build a population-level authentication model for a plurality of user accounts. Thereafter, the computing platform may identify one or more activity parameters associated with at least one authentication model for refinement. Subsequently, the computing platform may generate and send one or more activity prompts to one or more client computing devices to request at least one user response.

公开(公告)号：US20200184049A1

公开(公告)日：2020-06-11

申请号：US16210028

申请日：2018-12-05

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah ,  Xianhong Zhang

IPC: G06F21/31 ,  G06F21/41 ,  H04L29/06

Abstract: Aspects of the disclosure relate to processing authentication requests to secured information systems based on machine-learned event profiles. A computing platform may receive an authentication request corresponding to a request for a user of a client computing device to access one or more secured information resources associated with a user account in a client portal session. The computing platform may capture one or more behavioral parameters and may generate one or more authentication prompts. Thereafter, the computing platform may receive one or more authentication prompt responses and may evaluate an event pattern. Based on evaluating the event pattern and validating the one or more authentication prompt responses, the computing platform may generate and send one or more authentication commands directing an account portal computing platform to allow access to the one or more secured information resources associated with the user account in the client portal session.