Patents by Inventor Ricardo Varanda
Ricardo Varanda has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240121235Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: ApplicationFiled: December 19, 2023Publication date: April 11, 2024Inventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
-
Patent number: 11895107Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: GrantFiled: December 20, 2022Date of Patent: February 6, 2024Assignee: Bank of America CorporationInventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
-
Publication number: 20240039942Abstract: Aspects of the disclosure relate to malware detection at endpoint devices. A computing platform may send rule information to a browser extension including a set of rules defining reportable behavior of network traffic associated with a website. Subsequently, the computing platform may receive report information including an identification of a loaded web page associated with the website that exhibits the reportable behavior defined by at least one rule of the set of rules and an indication of which rules of the set of rules have been met. Based on receiving the report information, the computing platform may assign a risk score for the identified loaded web page. Thereafter, the computing platform may determine that the risk score is above a predetermined threshold, and in response, the computing platform may send commands to the browser extension directing the browser extension to close the identified loaded web page.Type: ApplicationFiled: October 16, 2023Publication date: February 1, 2024Inventor: Ricardo Varanda
-
Patent number: 11824878Abstract: Aspects of the disclosure relate to malware detection at endpoint devices. A computing platform may send rule information to a browser extension including a set of rules defining reportable behavior of network traffic associated with a website. Subsequently, the computing platform may receive report information including an identification of a loaded web page associated with the website that exhibits the reportable behavior defined by at least one rule of the set of rules and an indication of which rules of the set of rules have been met. Based on receiving the report information, the computing platform may assign a risk score for the identified loaded web page. Thereafter, the computing platform may determine that the risk score is above a predetermined threshold, and in response, the computing platform may send commands to the browser extension directing the browser extension to close the identified loaded web page.Type: GrantFiled: January 5, 2021Date of Patent: November 21, 2023Assignee: Bank of America CorporationInventor: Ricardo Varanda
-
Patent number: 11750595Abstract: Systems for credential evaluation and control are provided. In some examples, a request to access data via a website may be received. The request may include a username. A browser extension embedded in the web browser used to request the data via the website may be triggered and one or more credential evaluation functions may be executed. An event record associated with the request to access data may be generated. The event record may be analyzed to determine a designation associated with the website and a designation associated with user credentials provided with the request to access the data. The designation of the website and the designation of the credentials may be compared to determine whether the designations match. If so, access to the requested data may be provided. If not, one or more mitigating actions may be identified and executed.Type: GrantFiled: February 9, 2021Date of Patent: September 5, 2023Assignee: Bank of America CorporationInventors: Stuart David Ford, Ricardo Varanda, Andrew Paul Montgomery, Sanjay Bhanu
-
Patent number: 11687614Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are installed on the computing device. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTP request to a known service via the web browser. The secure browser extension receives a response to the HTTP request via the web browser. The secure browser extension determines whether the received response is an HTTP response (e.g., from an unauthorized application) or a non-HTTP response (e.g., from the known service). Based on determining the received response is an HTTP response, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: GrantFiled: February 28, 2022Date of Patent: June 27, 2023Assignee: Bank of America CorporationInventors: Andrew Paul Montgomery, Stuart David Ford, Ricardo Varanda
-
Publication number: 20230128881Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: ApplicationFiled: December 20, 2022Publication date: April 27, 2023Inventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
-
Patent number: 11582223Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: GrantFiled: January 7, 2021Date of Patent: February 14, 2023Assignee: Bank of America CorporationInventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
-
Publication number: 20220269749Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are installed on the computing device. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTP request to a known service via the web browser. The secure browser extension receives a response to the HTTP request via the web browser. The secure browser extension determines whether the received response is an HTTP response (e.g., from an unauthorized application) or a non-HTTP response (e.g., from the known service). Based on determining the received response is an HTTP response, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: ApplicationFiled: February 28, 2022Publication date: August 25, 2022Inventors: Andrew Paul Montgomery, Stuart David Ford, Ricardo Varanda
-
Publication number: 20220255970Abstract: Aspects of the disclosure relate to deploying and maintaining a trust store to dynamically manage web browser extensions on end user computing devices. In some embodiments, an end user computing device may receive a user request to access resources located outside of the enterprise computing infrastructure. The end user computing device may extract and collect user attributes, system attributes, and request attributes from the user request, and deliver the attributes to an enterprise computing platform. The enterprise computing platform may evaluate the attributes to generate a trust score and rules. The enterprise computing platform may deliver the trust score and the rules to the web browser extension associated with the end user computing device. The web browser extension may analyze the trust score using the rules generated by the enterprise computing platform to either grant or deny the user request.Type: ApplicationFiled: February 10, 2021Publication date: August 11, 2022Inventors: Stuart David Ford, Andrew Paul Montgomery, Sanjay Bhanu, Ricardo Varanda
-
Publication number: 20220255917Abstract: Systems for credential evaluation and control are provided. In some examples, a request to access data via a website may be received. The request may include a username. A browser extension embedded in the web browser used to request the data via the website may be triggered and one or more credential evaluation functions may be executed. An event record associated with the request to access data may be generated. The event record may be analyzed to determine a designation associated with the website and a designation associated with user credentials provided with the request to access the data. The designation of the website and the designation of the credentials may be compared to determine whether the designations match. If so, access to the requested data may be provided. If not, one or more mitigating actions may be identified and executed.Type: ApplicationFiled: February 9, 2021Publication date: August 11, 2022Inventors: Stuart David Ford, Ricardo Varanda, Andrew Paul Montgomery, Sanjay Bhanu
-
Publication number: 20220217133Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: ApplicationFiled: January 7, 2021Publication date: July 7, 2022Inventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
-
Publication number: 20220215095Abstract: Aspects of the disclosure relate to detecting and preventing malicious browser extensions. A computing platform may send rule information to a master browser extension on a computing device including a set of rules defining reportable behavior associated with one or more other browser extensions. Subsequently, the computing platform may receive report information from the master browser extension on the computing device identifying an other browser extension of the one or more other browser extensions that exhibit the reportable behavior defined by at least one rule of the set of rules in the rule information. Based on receiving the report information, the computing platform may determine that the identified other browser extension is a malicious extension. Then, the computing platform may send one or more commands to the master browser extension on the computing device directing the master browser extension to disable or remove the identified other browser extension.Type: ApplicationFiled: January 7, 2021Publication date: July 7, 2022Inventor: Ricardo Varanda
-
Publication number: 20220217169Abstract: Aspects of the disclosure relate to malware detection at endpoint devices. A computing platform may send rule information to a browser extension including a set of rules defining reportable behavior of network traffic associated with a website. Subsequently, the computing platform may receive report information including an identification of a loaded web page associated with the website that exhibits the reportable behavior defined by at least one rule of the set of rules and an indication of which rules of the set of rules have been met. Based on receiving the report information, the computing platform may assign a risk score for the identified loaded web page. Thereafter, the computing platform may determine that the risk score is above a predetermined threshold, and in response, the computing platform may send commands to the browser extension directing the browser extension to close the identified loaded web page.Type: ApplicationFiled: January 5, 2021Publication date: July 7, 2022Inventor: Ricardo Varanda
-
Patent number: 11314841Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are installed on the computing device. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTP request to a known service via the web browser. The secure browser extension receives a response to the HTTP request via the web browser. The secure browser extension determines whether the received response is an HTTP response (e.g., from an unauthorized application) or a non-HTTP response (e.g., from the known service). Based on determining the received response is an HTTP response, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.Type: GrantFiled: January 7, 2021Date of Patent: April 26, 2022Assignee: Bank of America CorporationInventors: Andrew Paul Montgomery, Stuart David Ford, Ricardo Varanda