公开(公告)号：US09971885B2

公开(公告)日：2018-05-15

申请号：US15016130

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06F21/31 ,  H04L29/06 ,  H04W4/02

CPC classification number: G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/10 ,  H04W4/02 ,  H04W4/021 ,  H04W4/023

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to predetermined boundaries of location that have altered authentication requirements, in the form of, increased or decreased authentication requirements/credentials that differ from the standard authentication requirements.

公开(公告)号：US09647999B2

公开(公告)日：2017-05-09

申请号：US14175962

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F21/30 ,  H04L29/06 ,  G06Q40/02

CPC classification number: H04L63/08 ,  G06Q40/02 ,  H04L63/105

Abstract: Embodiments are directed to systems, methods and computer program products for assigning a level of authentication to an authentication bucket. Embodiments determine a current level of authentication corresponding to a first authentication bucket comprising a plurality of mobile banking functions; collect a set of circumstantial data corresponding with the apparatus; determine a circumstances score based at least in part on the set of circumstantial data; and determine whether the current level of authentication corresponding to the first authentication bucket is appropriate based at least in part on the circumstances score.

公开(公告)号：US09519934B2

公开(公告)日：2016-12-13

申请号：US13946658

申请日：2013-07-19

Applicant: BANK OF AMERICA CORPORATION

Inventor： Matthew A. Calman ,  William E. Kelley ,  Chris Purvis ,  Dipika Jain ,  Michael E. Toth

IPC: G06Q40/00 ,  G06Q40/02 ,  G06Q20/40 ,  G06Q20/32 ,  G06Q20/42 ,  G06Q30/06 ,  G06Q20/10 ,  G06Q30/00

CPC classification number: G06Q40/02 ,  G06Q20/108 ,  G06Q20/32 ,  G06Q20/322 ,  G06Q20/3221 ,  G06Q20/3224 ,  G06Q20/325 ,  G06Q20/40 ,  G06Q20/4014 ,  G06Q20/4016 ,  G06Q20/403 ,  G06Q20/4037 ,  G06Q20/405 ,  G06Q20/425 ,  G06Q30/00 ,  G06Q30/06 ,  G06Q30/0601 ,  G06Q30/0633 ,  G06Q40/00

Abstract: Disclosed is a system and associated method for restricting access to a customer's online banking account. The system typically includes a processor, a memory, and an online banking module stored in the memory. The module is typically configured for determining that a computing device has initiated a first online banking transaction associated with the customer's online banking account. If the first online banking transaction is within a first restricted transaction definition and if the computing device is not enrolled with the customer's online banking account, geographic location information associated with the computing device and geographic location information associated with a first mobile device enrolled with the customer's account are received. The module determines whether the location of the computing device is proximate to a predefined location and/or whether the location of the computing device is proximate to the location of the first mobile device.

Abstract translation: 公开了一种用于限制访问客户的在线银行账户的系统和相关联的方法。 该系统通常包括存储在存储器中的处理器，存储器和网上银行模块。 该模块通常被配置用于确定计算设备已经启动与客户的在线银行帐户相关联的第一网上银行交易。 如果第一网上银行交易是在第一受限制的交易定义内，并且如果计算设备未被注册到客户的在线银行帐户，则与计算设备相关联的地理位置信息和与登记有客户端的第一移动设备相关联的地理位置信息 收到帐号。 该模块确定计算设备的位置是否靠近预定义的位置和/或计算设备的位置是否接近第一移动设备的位置。

公开(公告)号：US09509685B2

公开(公告)日：2016-11-29

申请号：US15047786

申请日：2016-02-19

Applicant: Bank of America Corporation

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06 ,  G06F21/31 ,  G06F21/41

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F21/41 ,  H04L63/04 ,  H04L63/08 ,  H04L63/10

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

公开(公告)号：US09384478B2

公开(公告)日：2016-07-05

申请号：US13946519

申请日：2013-07-19

Applicant: BANK OF AMERICA CORPORATION

Inventor： Matthew A. Calman ,  Dipika Jain ,  William Kelley ,  Chris Purvis ,  Michael E. Toth

IPC: G06Q40/06 ,  G06Q20/36 ,  G06Q20/32 ,  G06Q40/02

CPC classification number: G06Q20/3223 ,  G06Q40/02

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for providing an offline mobile banking system. An exemplary apparatus is configured to: provide, at a mobile device, a transaction request, determine a connection is not established between the mobile device and a device associated with the financial institution, store the transaction request in response to determining a connection has not been established, establish a connection between the mobile device and a server associated with the financial institution, and communicate the stored transaction request from the mobile device to a device associated with the financial institution.

Abstract translation: 本发明的实施例涉及用于提供离线移动银行系统的系统，方法和计算机程序产品。 一种示例性设备被配置为：在移动设备处提供交易请求，确定在移动设备与与金融机构相关联的设备之间未建立连接，响应于确定连接而存储交易请求尚未被 建立，建立移动设备和与金融机构相关联的服务器之间的连接，并将存储的交易请求从移动设备传送到与金融机构相关联的设备。

公开(公告)号：US20160173484A1

公开(公告)日：2016-06-16

申请号：US15047786

申请日：2016-02-19

Applicant: Bank of America Corporation

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: H04L29/06

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F21/41 ,  H04L63/04 ,  H04L63/08 ,  H04L63/10

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

公开(公告)号：US20160156608A1

公开(公告)日：2016-06-02

申请号：US15016125

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: H04L29/06 ,  H04W4/02

CPC classification number: G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/10 ,  H04W4/02 ,  H04W4/021 ,  H04W4/023

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to predetermined boundaries of location that have altered authentication requirements, in the form of, increased or decreased authentication requirements/credentials that differ from the standard authentication requirements.

公开(公告)号：US20150363761A1

公开(公告)日：2015-12-17

申请号：US14457908

申请日：2014-08-12

Applicant: Bank of America Corporation

Inventor： David M. Grigg ,  James Gregory Ronca ,  Henry J. Chou ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06Q20/22 ,  G06Q20/10

CPC classification number: G06Q20/223 ,  G06Q20/102

Abstract: Systems, apparatus, and computer program products are provided for promoting payment via a Person-to-Person (P2P) payment rail through use of a widget embedded in or accessible through a web page, application, electronic document, text message or the like.

Abstract translation: 提供系统，装置和计算机程序产品，用于通过使用嵌入或通过网页，应用程序，电子文档，文本消息等可访问的小部件来促进通过个人对人（P2P）支付轨道的支付。

公开(公告)号：US20150229650A1

公开(公告)日：2015-08-13

申请号：US14175954

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson

IPC: H04L29/06

CPC classification number: H04L63/105 ,  G06F21/31 ,  G06F21/316 ,  G06F2221/2111 ,  G06F2221/2113 ,  H04L63/08 ,  H04L63/107 ,  H04L63/205 ,  H04L2463/082 ,  H04W12/06

Abstract: Embodiments provide user authentication based on proximity to a close network of a user. Embodiments receive from a user a request to execute a user action associated with an application, wherein execution of the user action requires validation of one or more authentication credentials; collect a set of data comprising information related to a physical location of the user; determine a close network score associated with the user; determine a level of authentication associated with the close network score; determine which one or more authentication types are associated with the level of authentication associated with the close network score; request one or more authentication credentials corresponding to the determined one or more authentication types; receive credentials from the user; validate the credentials, thereby resulting in a successful validation of the credentials; and, in response to the successful validation of the credentials, execute the user action.

Abstract translation: 实施例提供了基于与用户的紧密网络的接近度的用户认证。 实施例从用户接收执行与应用相关联的用户动作的请求，其中用户动作的执行需要验证一个或多个认证证书; 收集包括与用户的物理位置有关的信息的一组数据; 确定与用户相关联的紧密网络评分; 确定与关闭网络得分相关联的认证级别; 确定哪个一个或多个认证类型与与关闭网络评分相关联的认证级别相关联; 请求与所确定的一种或多种认证类型相对应的一个或多个认证证书; 从用户接收凭证; 验证凭据，从而导致凭证的成功验证; 并且响应于证书的成功验证，执行用户操作。

公开(公告)号：US20150229624A1

公开(公告)日：2015-08-13

申请号：US14175947

申请日：2014-02-07

Applicant: Bank of America Corporation

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson

IPC: H04L29/06

CPC classification number: H04L63/08 ,  G06F21/316 ,  H04L63/105 ,  H04L2463/082

Abstract: Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a set of data comprising information related to usage patterns associated with the apparatus of the user; determine a user pattern score associated with the user; determine a level of authentication; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation, execute the user action.

Abstract translation: 实施例涉及用于基于历史用户模式提供用户认证的系统，方法和计算机程序产品。 实施例从用户接收执行与应用相关联的用户动作的请求，其中用户动作的执行需要认证证书的验证; 收集包括与用户的装置相关联的使用模式的信息的一组数据; 确定与用户相关联的用户模式得分; 确定认证级别; 确定哪些认证类型与认证级别相关联; 请求与认证类型相对应的认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应成功的验证，执行用户操作。