公开(公告)号：US20200329029A1

公开(公告)日：2020-10-15

申请号：US16915492

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US20200329026A1

公开(公告)日：2020-10-15

申请号：US16915473

申请日：2020-06-29

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US10798126B2

公开(公告)日：2020-10-06

申请号：US15995837

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  G06F21/33 ,  G06F21/50

Abstract: The invention relates generally to an alternate display generation based on user identification of unauthorized users. When the user is identified as an unauthorized user, the organization may present an alternative interface to the unauthorized user. The organization monitors how the unauthorized user utilizes the alternative interface, such as action requests that the unauthorized user may take through the use of the alternative interface. In response to any action requests from the unauthorized user, the organization may take alternative actions in order to make it seem that the unauthorized user was successful in the action request. In this way, the organization may monitor the use of the alternative interface by the unauthorized user, and capture additional information from the unauthorized user in order to identify, track, and/or prevent access by unauthorized users in the future.

公开(公告)号：US10785220B2

公开(公告)日：2020-09-22

申请号：US15995830

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06

Abstract: A system and methods for alternate user communication routing are described. Unauthorized users are identified and alternate treatments are provided in order to deter unauthorized access and create opportunities for data collection. The use of a varied set of alternate treatments provides an enhanced view of unauthorized user behavior and an increased ability to track future unauthorized user actions by recording various user identity/communication characteristics specific to known unauthorized users. Alternate treatments may be provided randomly based on a set of alternate treatments previously provided to a specific user, or may be varied based on an identified group of unauthorized users presumed to be acting in concert.

公开(公告)号：US10785214B2

公开(公告)日：2020-09-22

申请号：US15995831

申请日：2018-06-01

Applicant: BANK OF AMERICA CORPORATION

Inventor： Dharmender Kumar Satija ,  Eren Kursun ,  Andrew DongHo Kim ,  Scott Anderson Sims ,  Craig D. Widmann

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/707

Abstract: The invention relates to alternate user communication routing for a one-time credential. When a user is determined to be an unauthorized user, the unauthorized user may be provided with an alternative one-time credential (e.g., one-time password, or the like) in response to the user trying to take an action (e.g., to access the organization systems in order to access information). When the unauthorized user tries to utilize the alternative one-time credential, the organization may identify the user as unauthorized and determine how to respond to the unauthorized user. In addition to the alternative one-time credential, one or more additional alternate treatments may be presented to the unauthorized user in order to identify, track, and/or prevent access by the unauthorized user.

公开(公告)号：US10728256B2

公开(公告)日：2020-07-28

申请号：US15798163

申请日：2017-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Scott Anderson Sims ,  Kolt Arthur Bell ,  Michael Joseph Carroll ,  Andrew DongHo Kim ,  Elliot Piatetsky ,  Stephen M. Schneeweis ,  Michael E. Toth ,  Craig D. Widmann ,  Dharmender Kumar Satija ,  Sai Kishan Alapati

IPC: H04L29/06 ,  G06N99/00 ,  G06N20/00

Abstract: Systems, computer program products, and methods are described herein for elevated authentication model using cross-channel data. The present invention is configured to receive one or more exposure events from a detection system, wherein at least one of the one or more exposure events indicates that a user has failed an authentication requirement in at least one communication channel associated with the detection system; store the one or more exposure events in a centralized repository; determine one or more other communication channels across the one or more detection systems available for access to the user; and increase an authentication requirement of the user in the one or more other communication channels, wherein increasing the authentication requirement further comprises increasing an authentication level required to enable the user to access at least one of the one or more functions associated with at least one of the one or more applications.

公开(公告)号：US20190272361A1

公开(公告)日：2019-09-05

申请号：US15908959

申请日：2018-03-01

Applicant: Bank of America Corporation

Inventor： Eren Kursun ,  Scott Anderson Sims ,  Dharmender Kumar Satija ,  David Eugene Swain ,  Kolt Arthur Bell

IPC: G06F21/32 ,  G06F21/31 ,  H04L9/32 ,  H04L29/06 ,  G06F17/30 ,  H04L29/08

Abstract: The invention is a novel system that uses a continuous and competitive authentication process to identify users within an entity's systems. In particular, the invention may continuously collect authentication data across multiple channels (e.g., authentication data obtained through a mobile app, website, telephone, on-site methods, and the like) as well as non-authentication data. The obtained data may be compared with reference data (e.g., historical data) to continuously update a confidence level associated with the user. Based on the confidence level, profile the user to detect any inconsistencies in the data collected over time. The system may further execute one or more competitive processes in parallel with traditional authentication processes to identify potentially unauthorized users. In this way, the system provides not only a way to authenticate users, but also to create and build profiles of users who are suspected of being unauthorized and/or malicious users