Patents Examined by Izunna Okeke
  • Patent number: 11665200
    Abstract: A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication via a backchannel to reduce the potential for malicious third-party impersonation of the client prior to transfer of the call to the customer call center. Pre-authorized customer support calls may be intelligently and efficiently routed directly to call center agents, without incurring further delay. During call handling, call center agents may initiate further client authentication processes, including contactless card authentication requests, over one or more different communication channels for authorizing access to sensitive information or to allay suspicion.
    Type: Grant
    Filed: August 17, 2021
    Date of Patent: May 30, 2023
    Assignee: Capital One Services, LLC
    Inventors: Rajko Ilincic, Kaitlin Newman, Jeffrey Rule
  • Patent number: 11665544
    Abstract: A method for providing multicast frames in a Multi-Dwelling Unit (MDU) is provided herein. An Access Point (AP) can receive a join request from a first client device. The AP can generate a Group Master Key (GMK) from the Pre-Shared Key (PSK) associated with a Basic Service Set (BSS) that includes the first client device. The AP can then derive a Group Transient Key (GTK) from the GMK. The AP may then send the GTK to the first client device. Thereinafter, the AP can send multicast frames to the first client device encrypted by the GTK. The first client device can decrypt the multicast frames with the GTK. However, a second client device, that does not share the PSK, may receive the multicast frame but cannot decrypt the multicast frames.
    Type: Grant
    Filed: January 12, 2021
    Date of Patent: May 30, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Ugo Mario Campiglio, Amine Choukir, Roberto Muccifora, Domenico Ficara, Sachin Dinkar Wakudkar
  • Patent number: 11657181
    Abstract: A system protects personally identifiable information (PII) by implementing an unconventional key management scheme. In this scheme, the system uses a set of keys rather than an individual key for encrypting PII. Different portions of the PII are encrypted using different keys from the set of keys. In this manner, even if a malicious user were to access a key, that key would not give the malicious user the ability to decrypt all of the PII. Additionally, the system generates a new set of keys periodically (e.g., once a month). The system also deletes sets of keys that are too old (e.g., six months old). As a result, even if a malicious user were to access a key, the usefulness of that key would be time limited.
    Type: Grant
    Filed: February 1, 2022
    Date of Patent: May 23, 2023
    Inventors: Venkatesh Sarvottamrao Apsingekar, Sahil Vinod Motadoo, Christopher John Schille, James Francis Lavine
  • Patent number: 11645412
    Abstract: A method includes receiving a data capture event affecting personal data of a user stored in at least one storage device of a computing system and mapped in a privacy graph database. Personal data of the user may be identified in the data capture event and classified into the data categories. In response to the data capture event, a mapping of user-centric nodes associated with the at least one user associated with other users in the privacy graph database is automatically updated using the classified personal data in the data capture event. A request by a requester for personal data of at least one specific user stored in the at least one storage device is received. The privacy graph database is queried to provide the requested personal data and locations of the requested personal data of the at least one specific user in the request stored in the computing system.
    Type: Grant
    Filed: November 4, 2021
    Date of Patent: May 9, 2023
    Assignee: Capital One Services, LLC
    Inventors: Anindya Misra, Eckow Fred Ayison, Sripal Togaru
  • Patent number: 11640457
    Abstract: System and methods are disclosed for organizations to run a test against an active directory list to see if any user-provided passwords have been part of an existing data breach. Utilizing information from such a test identifies users that have weak passwords, reused passwords or shared passwords that have been associated with an earlier breach. With this information, the organization can seek to reduce risk by training staff for this specific issue in a timely and appropriate manner to significantly reduce the risk of a future breach by those identified users. Training can be customized and targeted at those users who attempt to use passwords that have been associated with a breach (either of their own account or of another account on the same or related domain.
    Type: Grant
    Filed: June 14, 2021
    Date of Patent: May 2, 2023
    Assignee: KnowBe4, Inc.
    Inventor: Greg Kras
  • Patent number: 11640452
    Abstract: In one embodiment, a set of feature vectors can be derived from any biometric data, and then using a deep neural network (“DNN”) on those one-way homomorphic encryptions (i.e., each biometrics' feature vector) can determine matches or execute searches on encrypted data. Each biometrics' feature vector can then be stored and/or used in conjunction with respective classifications, for use in subsequent comparisons without fear of compromising the original biometric data. In various embodiments, the original biometric data is discarded responsive to generating the encrypted values. In another embodiment, the homomorphic encryption enables computations and comparisons on cypher text without decryption. This improves security over conventional approaches. Searching biometrics in the clear on any system, represents a significant security vulnerability. In various examples described herein, only the one-way encrypted biometric data is available on a given device.
    Type: Grant
    Filed: October 4, 2021
    Date of Patent: May 2, 2023
    Assignee: Private Identity LLC
    Inventor: Scott Edward Streit
  • Patent number: 11621953
    Abstract: This invention relates to a process for detecting and mitigating risk generated when a customer's log-in credentials are compromised. A significant majority of stolen credentials and customer's personally identifiable information data eventually make their way to the dark web. By dynamically monitoring the dark web and combining the analysis with related information about the user and their credentials on the deep web and the surface web, through a machine learning model, a service provider pre-emptively or otherwise can act to mitigate the risk arising from such compromise of said customer log-in credentials.
    Type: Grant
    Filed: August 31, 2021
    Date of Patent: April 4, 2023
    Assignee: Guardinex LLC
    Inventors: Vishal Verma, Aravind Immaneni
  • Patent number: 11611553
    Abstract: An online identity verification application may be provided. According to an exemplary embodiment, an online identity verification application may utilize photographic, biometric, and documentation identification protocols. The verification application may use a multi-tier verification process based on identification protocols to verify the owner of a verification account and subsequently verify any linked accounts.
    Type: Grant
    Filed: June 3, 2020
    Date of Patent: March 21, 2023
    Assignee: LAURIE CAL LLC
    Inventor: Laurie A. Caluwaert
  • Patent number: 11611436
    Abstract: A technique provides cohesive and secure access to management services of a distributed storage architecture deployed on compute and storage nodes of a cluster. The management services are organized as a platform that encompasses a plurality of underlying individual services each having an applications programming interface (API) that are together securely accessible via an API gateway. The gateway is configured to support a “browsable” directory of the APIs that enables a client to identify various underlying services available within the cluster. In an embodiment, the underlying services “self-register” at the gateway to provide a single, unified location for the client to access the services. The API gateway includes a reverse-proxy server that is configured to provide a single point of entry for clients interacting with the individual services underlying the management services platform.
    Type: Grant
    Filed: April 24, 2020
    Date of Patent: March 21, 2023
    Assignee: NetApp, Inc.
    Inventors: Eric Ziegler, Adam Haid, Brian Macdonald
  • Patent number: 11606380
    Abstract: Methods and apparatus for evaluating collected data relating to online activity, and modification of services within a service provider network. In one embodiment, a service provider collects data relating to the online activity of users of third-party services and correlates the data with subscribers of the service provider to generate useful products and analytics (e.g., classifications, behavioral models, etc.) containing information relating to the subscribers' online activity. The generated products may be used to determine whether and how to modify services provided to individual subscribers, exported for use by third parties, or for other purposes.
    Type: Grant
    Filed: July 2, 2021
    Date of Patent: March 14, 2023
    Inventors: Chris Roosenraad, Richard Harman, John W. Watson, Christopher Turner, Philip Arnhold, Brian Durham, Barbara Stovall
  • Patent number: 11606384
    Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.
    Type: Grant
    Filed: July 28, 2021
    Date of Patent: March 14, 2023
    Assignee: Splunk Inc.
    Inventor: Munawar Monzy Merza
  • Patent number: 11601272
    Abstract: A system for efficient third-party authentication of asset transfers using trusted computing includes a process authentication node configured to receive transfer data relating to an asset transfer, wherein the transfer data includes at least a first authentication datum, retrieve, from an instance of a secure listing, a first digitally signed assertion including at least a second authentication datum, wherein the first digitally signed assertion is generated by a data validator device as a function of information of a transferring entity, compare the at least a first authentication datum to the at least a second authentication datum, and authenticate the transfer data as a function of the comparing of the at least a first authentication datum to the at least a second authentication datum.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: March 7, 2023
    Assignee: Ares Technologies, Inc.
    Inventor: Christian T Wentz
  • Patent number: 11593504
    Abstract: A system for determining access for a hypercube includes an interface configured to receive a request for access from a user to data in a location in a hypercube; receive a tree structure with subcubes of the hypercube arranged in a hierarchical structure; and receive a user permission list, wherein an element of the user permission list comprises a permission, a root node, and a set of pruned nodes. The system also includes a processor configured to determine a user permission associated with the data in the location of the hypercube using the user permission list; and provide an indication of the user permission.
    Type: Grant
    Filed: July 17, 2019
    Date of Patent: February 28, 2023
    Assignee: Workday, Inc.
    Inventors: John Yates, Mark Hampton, Francis Wang, Lian Zheng, Thomas Nguyen
  • Patent number: 11589229
    Abstract: Methods and systems for dynamic wireless network configuration are provided. Aspects include receiving, by an application on a user device, a token, deriving, by the application, a unique identifier and passcode based at least in part on the token, and controlling remote access to a first computer system based on the unique identifier and passcode.
    Type: Grant
    Filed: January 20, 2020
    Date of Patent: February 21, 2023
    Inventors: Joshua Varghese, Phani Pavan Kumar Mangaiahgari
  • Patent number: 11582022
    Abstract: A scheme for securely transferring a patient data file to an intended recipient regardless of a transfer mode selected by a sender. Encryption system executing at the sender device is operative to encrypt each plaintext data line of a file, one by one, using a symmetric key and a starting IV that is incremented per each line, resulting in corresponding ciphertext lines added to an encrypted file. A hash is generated based on the encrypted file. An encrypted header containing the symmetric key, starting IV and the hash is generated using a public key of the recipient, which is appended to the encrypted file. The encrypted header and associated encrypted file are transmitted to the recipient in any manner. Upon receipt, the recipient decrypts the encrypted header using a private key to obtain the symmetric key, starting IV and the hash, which are used by the recipient to validate and decrypt the encrypted file on a line-by-line basis.
    Type: Grant
    Filed: November 3, 2020
    Date of Patent: February 14, 2023
    Assignee: Advanced Neuromodulation Systems, Inc.
    Inventors: Greg Creek, James Thomas Nagle, Jagatkumar Shah
  • Patent number: 11580218
    Abstract: Disclosed herein are systems and methods for enabling the automatic detection of executable code from a stream of bytes. In some embodiments, the stream of bytes can be sourced from the hidden areas of files that traditional malware detection solutions ignore. In some embodiments, a machine learning model is trained to detect whether a particular stream of bytes is executable code. Other embodiments described herein disclose systems and methods for automatic feature extraction using a neural network. Given a new file, the systems and methods may preprocess the code to be inputted into a trained neural network. The neural network may be used as a “feature generator” for a malware detection model. Other embodiments herein are directed to systems and methods for identifying, flagging, and/or detecting threat actors which attempt to obtain access to library functions independently.
    Type: Grant
    Filed: September 21, 2021
    Date of Patent: February 14, 2023
    Assignee: Sentinel Labs Israel Ltd.
    Inventors: Shlomi Salem, Roy Ronen, Assaf Nativ, Amit Zohar, Gal Braun, Pavel Ferencz, Eitan Shterenbaum, Tal Maimon
  • Patent number: 11582218
    Abstract: Various embodiments include computing devices and methods for management of access credentials. A processor of a computing device may receive an authentication request from a client application support service to authenticate a client application. The processor may send a response comprising an authentication token to the client application support service. The processor may receive from the client application support service a request for an access token to access a target system. The processor may send a response comprising the access token to the client application support service to enable the client application support service to access the target system using the access token on behalf of the client application.
    Type: Grant
    Filed: June 15, 2020
    Date of Patent: February 14, 2023
    Assignee: Charter Communications Operating, LLC
    Inventors: Jon Svede, Colin B. Holm
  • Patent number: 11546757
    Abstract: Apparatuses, methods, and systems are disclosed for protecting the user identity and credentials. One apparatus includes a processor registers with a mobile communication network using a first set of credentials, the mobile communication network supporting a plurality of network slices. The processor receives a public key for a network slice where slice-specific authentication is required and encrypts a second set of credentials using the public key. Here, the second set of credentials is used for authentication with the network slice. The apparatus includes a transceiver that sends a message to the mobile communication network, the message including the encrypted second set of credentials.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: January 3, 2023
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Andreas Kunz, Genadi Velev
  • Patent number: 11545242
    Abstract: Techniques are provided for computing with private healthcare data. The techniques include a method comprising constructing an isolated memory partition that forms a secure enclave and pre-provisioning software within the secure enclave. The pre-provisioned software is configured to receive at least one of input data or the instructions for the one or more application computing processes in an encrypted form; decrypt the at least one of input data or instructions using one or more cryptographic keys; execute the one or more application computing processes based on the decrypted at least one of input data or instructions to generate output data; generate a proof of execution that indicates that the one or more application computing processes operated on the received input data; encrypt the output data using the one or more cryptographic keys; and provide external access to the encrypted output data and the proof of execution.
    Type: Grant
    Filed: June 22, 2020
    Date of Patent: January 3, 2023
    Assignee: NFERENCE, INC.
    Inventors: Murali Aravamudan, Karthik Murugadoss, Sankar Ardhanari, Ajit Rajasekharan, Akash Anand, Rakesh Barve, Venkataramanan Soundararajan, Samir Awasthi, Tyler Wagner, Shamim Naqvi
  • Patent number: 11537737
    Abstract: Methods and systems of data de-tokenization are described herein to provide solutions to utilizing tokenized data files. A de-tokenization service controller may extract instances of tokenized data by determining a schema associated with a tokenized file, wherein the schema identifies which fields contain tokenized data. A decryption system may decrypt the tokens and send decrypted sensitive values to the de-tokenization service controller. The de-tokenization service controller may then generate a de-tokenized data file comprising a plurality of records corresponding to the plurality of original tokenized records, using the decrypted sensitive values in place of the instances of tokenized data. In some embodiments, the methods may further comprise generating a validated file by adding one or more fields indicating the results of validation based on a set of validation rules.
    Type: Grant
    Filed: February 18, 2020
    Date of Patent: December 27, 2022
    Assignee: Capital One Services, LLC
    Inventors: Naveen Teja Koduru, Kishore Doppalapudi, Siva Vegesana