Patents by Inventor Dino D'Agostino
Dino D'Agostino has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11605070Abstract: A payment processing server generates an asymmetric cryptographic key pair, over one secure communications channel providing a mobile device with one cryptographic key of the cryptographic key pair, and saves another cryptographic key of the cryptographic key pair in a pending transaction database in unique association with a single-use payment number and a financial account. The server encrypts the payment number, which does not identify the financial account, with the another cryptographic key and provides the mobile device with the encrypted payment number over another secure communications channel distinct from the one secure communications channel. The server receives from a payment terminal a payment completion request that includes the encrypted payment number decrypted with the one cryptographic key.Type: GrantFiled: July 29, 2014Date of Patent: March 14, 2023Assignee: The Toronto-Dominion BankInventors: Dino D'Agostino, Paul Mon-Wah Chan
-
Patent number: 11544694Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.Type: GrantFiled: January 13, 2021Date of Patent: January 3, 2023Assignee: The Toronto-Dominion BankInventors: Dino D'Agostino, Perry Aaron Jones Haldenby, Dean C. N. Tseretopoulos, Jeffrey Aaron Ecker, Adam Douglas McPhee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
-
Patent number: 11546345Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.Type: GrantFiled: November 9, 2020Date of Patent: January 3, 2023Assignee: The Toronto-Dominion BankInventors: Dino D'Agostino, Perry Aaron Jones Haldenby, Dean Tseretopoulos, Jeffrey Ecker, Adam Douglas Mcphee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
-
Patent number: 11470091Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, dynamically authorize pre-stages data exchanges based on contextual data. For example, an apparatus may receive first data characterizing an initiation of a first exchange of data between a client device and a terminal device. Based on the first data, the apparatus may obtain second data that characterizes an expected initiation of a second exchange of data during a corresponding temporal interval, which may be specified relative to an initiation time of the first data exchange. The apparatus may generate and transmit, to a computing system, pre-authorization data that requests a pre-authorization of the second data exchange to a computing system. The pre-authorization data may include a portion of the second data and may instruct the computing system to pre-authorize the second data exchange in accordance with the second data.Type: GrantFiled: June 18, 2020Date of Patent: October 11, 2022Assignee: The Toronto-Dominion BankInventors: Robert Alexander McCarter, Vipul Lalka, Nadia Moretti, Paige Dickie, Denny Kuruvilla, Dino D'Agostino, Dean Tseretopoulos, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga, Ruby Walia
-
Patent number: 11227275Abstract: A payment processing method involves a server receiving a payee identifier, and linking the payee identifier to a device identifier identifying a payee device. The server receives from a payor device a payment initiation request identifying a specified payment amount and a payor identifier, links a unique token to the specified payment amount and to the payor identifier, and provides the payor device with the token. The token excludes the payor identifier and particulars of the associated payor. The server receives a payment completion request including the payee identifier and the token, and excluding the payment amount, the payor identifier and payor particulars. The server uses the payee identifier to confirm that the payment completion request was signed with the device identifier, uses the payee identifier to locate a payee account, and uses the token to determine the specified payment amount and a payor account associated with the payor identifier.Type: GrantFiled: September 5, 2017Date of Patent: January 18, 2022Assignee: The Toronto-Dominion BankInventors: Lauren Van Heerden, Prabaharan Sivashanmugam, Dino D'Agostino, Michael D. Cummins, Orin Del Vecchio, Gunalan Nadarajah, Steven Robert Langham
-
Publication number: 20210133723Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.Type: ApplicationFiled: January 13, 2021Publication date: May 6, 2021Inventors: DINO D'AGOSTINO, Perry Aaron Jones Haldenby, Dean C.N. Tseretopoulos, Jeffrey Aaron Ecker, Adam Douglas McPhee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
-
Publication number: 20210058404Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.Type: ApplicationFiled: November 9, 2020Publication date: February 25, 2021Inventors: Dino D'AGOSTINO, Perry Aaron Jones HALDENBY, Dean TSERETOPOULOS, Jeffrey ECKER, Adam Douglas MCPHEE, Milos DUNJIC, John Jong-Suk LEE, Arun Victor JAGGA
-
Patent number: 10922673Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client device.Type: GrantFiled: February 9, 2018Date of Patent: February 16, 2021Assignee: The Toronto-Dominion BankInventors: Dino D'Agostino, Perry Aaron Jones Haldenby, Dean C. N. Tseretopoulos, Jeffrey Aaron Ecker, Adam Douglas McPhee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
-
Patent number: 10896248Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.Type: GrantFiled: January 23, 2018Date of Patent: January 19, 2021Assignee: The Toronto-Dominion BankInventors: Hisham I. Salama, Paul Mon-Wah Chan, Dino D'Agostino, Orin Del Vecchio
-
Patent number: 10862897Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data in real-time based on dynamically generated tokenized data. For example, an apparatus may receive first positional data identifying a first geographic position of a client device and based on the first positional data, the apparatus may determine a value of a parameter characterizing an exchange of data between the client device and a terminal device disposed proximate to the client device during a temporal interval. The apparatus may transmit data requesting a pre-authorization of the data exchange to a computing system, which perform operations that pre-authorize the data exchange in accordance with the parameter value and transmit a digital token representative of the pre-authorized data exchange to the terminal device. The digital token may be valid during the temporal interval and may include a cryptogram associated with the client device.Type: GrantFiled: April 5, 2018Date of Patent: December 8, 2020Assignee: The Toronto-Dominion BankInventors: Dino D'Agostino, Perry Aaron Jones Haldenby, Dean Tseretopoulos, Jeffrey Ecker, Adam Douglas McPhee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
-
Patent number: 10728259Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, dynamically authorize pre-stages data exchanges based on contextual data. For example, an apparatus may receive first data characterizing an initiation of a first exchange of data between a client device and a terminal device. Based on the first data, the apparatus may obtain second data that characterizes an expected initiation of a second exchange of data during a corresponding temporal interval, which may be specified relative to an initiation time of the first data exchange. The apparatus may generate and transmit, to a computing system, pre-authorization data that requests a pre-authorization of the second data exchange to a computing system. The pre-authorization data may include a portion of the second data and may instruct the computing system to pre-authorize the second data exchange in accordance with the second data.Type: GrantFiled: April 5, 2018Date of Patent: July 28, 2020Assignee: The Toronto-Dominion BankInventors: Robert Alexander McCarter, Vipul Lalka, Nadia Moretti, Paige Dickie, Denny Kuruvilla, Dino D'Agostino, Dean Tseretopoulos, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga, Ruby Walia
-
Patent number: 10601860Abstract: Methods and systems provide application platform security enforcement. A distributed system communicates between a plurality of remote devices and at least one secured server to facility providing a secured service. The distributed system may comprise a remote communication server and one or more security layer components where the plurality of remote devices connect through ones of the security layer components. Upon detection of a security breach by a first remote device, the distributed system determines potential devices at risk from the plurality of remote devices, analyzing risk factors for commonalities. A lock down and/or quarantine of the first remote device and the devices at risk is instructed. Risk factors may include whether the remote devices communicate via a same security layer component, are geographically proximate; and/or are associated at the user level, for example are proximate users in a social network graph. Reactivation is also provided.Type: GrantFiled: March 10, 2017Date of Patent: March 24, 2020Assignee: THE TORONTO-DOMINION BANKInventors: Koko Mihan, Dino D'Agostino, Paul Mon-Wah Chan, John Jong-Suk Lee, Paul Milkman, Satwinder Singh Brar
-
Patent number: 10305926Abstract: Methods and systems provide application platform security enforcement. A distributed system communicates between a plurality of remote devices and at least one secured server to facility providing a secured service. The distributed system may comprise a remote communication server and a plurality of security layer components where the plurality of remote devices connect through respective ones of the security layer components. Upon detection of a security breach by a first remote device, the distributed system determines potential devices at risk from the plurality of remote devices, analyzing risk factors for commonalities. A lock down of the first remote device and the devices at risk is instructed. Analysis of risk factors examines whether the first remote device and other remote devices communicate via a same security layer component, are geographically proximate; and/or are associated at the user level, for example are proximate users in a social network graph. Reactivation is also provided.Type: GrantFiled: March 10, 2017Date of Patent: May 28, 2019Assignee: THE TORONTO-DOMINION BANKInventors: Koko Mihan, Dino D'Agostino, Paul Mon-Wah Chan, John Jong-Suk Lee, Paul Milkman, Steve Brar
-
Publication number: 20180157815Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.Type: ApplicationFiled: January 23, 2018Publication date: June 7, 2018Inventors: Hisham I. Salama, Paul Mon-Wah Chan, Dino D'Agostino, Orin Del Vecchio
-
Patent number: 9904775Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.Type: GrantFiled: October 30, 2015Date of Patent: February 27, 2018Assignee: The Toronto-Dominion BankInventors: Hisham I. Salama, Paul Mon-Wah Chan, Dino D'Agostino, Orin Del Vecchio
-
Publication number: 20170364895Abstract: A payment processing method involves a server receiving a payee identifier, and linking the payee identifier to a device identifier identifying a payee device. The server receives from a payor device a payment initiation request identifying a specified payment amount and a payor identifier, links a unique token to the specified payment amount and to the payor identifier, and provides the payor device with the token. The token excludes the payor identifier and particulars of the associated payor. The server receives a payment completion request including the payee identifier and the token, and excluding the payment amount, the payor identifier and payor particulars. The server uses the payee identifier to confirm that the payment completion request was signed with the device identifier, uses the payee identifier to locate a payee account, and uses the token to determine the specified payment amount and a payor account associated with the payor identifier.Type: ApplicationFiled: September 5, 2017Publication date: December 21, 2017Inventors: Lauren Van Heerden, Prabaharan Sivashanmugam, Dino D'Agostino, Michael D. Cummins, Orin Del Vecchio, Gunalan Nadarajah, Steven Robert Langham
-
Publication number: 20170264644Abstract: Methods and systems provide application platform security enforcement. A distributed system communicates between a plurality of remote devices and at least one secured server to facility providing a secured service. The distributed system may comprise a remote communication server and a plurality of security layer components where the plurality of remote devices connect through respective ones of the security layer components. Upon detection of a security breach by a first remote device, the distributed system determines potential devices at risk from the plurality of remote devices, analyzing risk factors for commonalities. A lock down of the first remote device and the devices at risk is instructed. Analysis of risk factors examines whether the first remote device and other remote devices communicate via a same security layer component, are geographically proximate; and/or are associated at the user level, for example are proximate users in a social network graph. Reactivation is also provided.Type: ApplicationFiled: March 10, 2017Publication date: September 14, 2017Inventors: KOKO MIHAN, DINO D'AGOSTINO, PAUL MON-WAH CHAN, JOHN JONG-SUK LEE, PAUL MILKMAN, STEVE BRAR
-
Publication number: 20170264635Abstract: Methods and systems provide application platform security enforcement. A distributed system communicates between a plurality of remote devices and at least one secured server to facility providing a secured service. The distributed system may comprise a remote communication server and one or more security layer components where the plurality of remote devices connect through ones of the security layer components. Upon detection of a security breach by a first remote device, the distributed system determines potential devices at risk from the plurality of remote devices, analyzing risk factors for commonalities. A lock down and/or quarantine of the first remote device and the devices at risk is instructed. Risk factors may include whether the remote devices communicate via a same security layer component, are geographically proximate; and/or are associated at the user level, for example are, proximate users in a social network, graph. Reactivation is also provided.Type: ApplicationFiled: March 10, 2017Publication date: September 14, 2017Inventors: KOKO MIHAN, DINO D'AGOSTINO, PAUL MON-WAH CHAN, JOHN JONG-SUK LEE, PAUL MILKMAN, STEVE BRAR
-
Publication number: 20160132670Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.Type: ApplicationFiled: October 30, 2015Publication date: May 12, 2016Inventors: Hisham I. SALAMA, Paul Mon-Wah CHAN, Dino D'AGOSTINO, Orin DEL VECCHIO
-
Publication number: 20160012432Abstract: A method of credential-based electronic payment processing involves a credential processing server receiving from a mobile communications device a payment initiation request for initiating payment with a payment terminal, and providing the mobile communications device with a mode authorization for an authorized communications mode for the mobile communications device to provide the payment terminal with a payment pre-authorization credential. The payment pre-authorization credential is uniquely associated with a financial account and pre-authorizes electronic payment from the financial account. The credential processing server receives from the payment terminal a payment clearing request that identifies a payment amount and includes the payment pre-authorization credential.Type: ApplicationFiled: July 10, 2015Publication date: January 14, 2016Inventors: Mahnaz Meshkati, John Anthony Tarnowski, Lauren van Heerden, Orin Del Vecchio, Paul Mon-Wah Chan, Dino D'Agostino