Patents by Inventor Nicola A Maiorana

Nicola A Maiorana has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12126646
    Abstract: Disclosed herein are systems and methods for using machine learning for geographic analysis of access attempts. In an embodiment, a trained machine-learning model classifies source IP addresses of login attempts to a system as either blacklisted or allowed based on a set of aggregated features that correspond to login attempts to the system from the source IP addresses. The set of aggregated features includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas that each correspond to the respective source IP address. Source IP addresses that are classified by the machine-learning model as blacklisted are added to a system blacklist, such that the system will disallow login attempts from such source IP addresses.
    Type: Grant
    Filed: May 12, 2022
    Date of Patent: October 22, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Nicola A. Maiorana, Bryan D. Hall, Richard Joseph Schroeder
  • Publication number: 20240340286
    Abstract: Systems and methods may generally be used to automatically curate a blocklist of internet protocol (IP) addresses. An example method may include using risk factor scores for a particular IP address that was blocked by a traffic control component to determine whether to add the particular IP address to a blocklist. The example method may include, in response to a determination to add the particular IP address to the blocklist, generating an IP address entry in the blocklist for the particular IP address, the IP address entry optionally including a corresponding time-based expiration. The example method may include outputting the blocklist or the IP address entry, such as in response to a request from a firewall.
    Type: Application
    Filed: June 14, 2024
    Publication date: October 10, 2024
    Inventors: Upul D. Hanwella, Shawna K. Murphy Butterworth, Bryan D. Hall, James Condron Hudson, Christian Tobias Sorensen, Samantha T. Grosby, Nicola A. Maiorana, Richard Joseph Schroeder, Shailesh Hedaoo, William Norton Hebert
  • Patent number: 12058137
    Abstract: Systems and methods may generally be used to automatically curate a blocklist of internet protocol (IP) addresses. An example method may include using risk factor scores for a particular IP address that was blocked by a traffic control component to determine whether to add the particular IP address to a blocklist. The example method may include, in response to a determination to add the particular IP address to the blocklist, generating an IP address entry in the blocklist for the particular IP address, the IP address entry optionally including a corresponding time-based expiration. The example method may include outputting the blocklist or the IP address entry, such as in response to a request from a firewall.
    Type: Grant
    Filed: October 20, 2021
    Date of Patent: August 6, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Upul D. Hanwella, Shawna K. Murphy Butterworth, Bryan D. Hall, James Condron Hudson, Christian Tobias Sorensen, Samantha T. Grosby, Nicola A. Maiorana, Richard Joseph Schroeder, Shailesh Hedaoo, William Norton Hebert
  • Publication number: 20240251007
    Abstract: Disclosed herein are systems and methods for establishing, using, and recovering universal digital identifiers. In an embodiment, a system establishes a universal identifier (ID) associated with a user and a device of the user. The universal ID is universal with respect to a plurality of distinct entities, has at least a suspended state and an unsuspended state, and initially is in the unsuspended state. The system transmits the universal ID to the device of the user. Thereafter, the system detects an ID-suspension event in connection with the universal ID, and responsively suspends the universal ID, including placing the universal ID in the suspended state. After suspending the universal ID, the system completes an ID-recovery process for the universal ID, and responsively unsuspends the universal ID, including placing the universal ID in the unsuspended state.
    Type: Application
    Filed: April 3, 2024
    Publication date: July 25, 2024
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 12021834
    Abstract: In an example aspect, a method includes receiving a plurality of login attempts from a network address over a length of time, querying log data to determine, for the network address, an average number of login failures of the plurality of login attempts over the length of time, calculating a failure rate metric based on the average number of login failures, determining that, the failure rate metric exceeds a reference number of login failures for the length of time, the reference number of login failures based on a historical average number of login failures for the length of time, and based in part on the determining, adding the network address to a system deny list.
    Type: Grant
    Filed: June 9, 2023
    Date of Patent: June 25, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Bryan D. Hall, Richard Joseph Schroeder, Nicola A. Maiorana
  • Publication number: 20240135004
    Abstract: A system determines a baseline cyberthreat-risk score for a user, and displays the baseline cyberthreat-risk score via a user interface. The system presents at least one cyberthreat-education activity via the user interface, and receives, via the user interface, at least one user input associated with the presented at least one cyberthreat-education activity. The system generates an updated cyberthreat-risk score at least in part by updating the baseline cyberthreat-risk score based at least in part on the user input, and displays the updated cyberthreat-risk score via the user interface.
    Type: Application
    Filed: January 4, 2024
    Publication date: April 25, 2024
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Publication number: 20240098092
    Abstract: Systems, methods, and apparatuses for authenticating requests to access one or more accounts over a network using authenticity evaluations of two or more automated decision engines are discussed. A login request for access to a user account may be submitted to multiple decision engines that each apply different rulesets for authenticating the login request, and output an evaluation of the authenticity of the login request. Based on evaluations from multiple automated decision engines, the login request may be allowed to proceed to validation of user identity and, if user identity is validated, access to the user account may be authorized. Based on the evaluations, the login attempt may also be rejected. One or more additional challenge question may be returned to the computing device used to request account access, and the login request allowed to proceed to validation of identity if the response to the challenge question is deemed acceptable.
    Type: Application
    Filed: November 27, 2023
    Publication date: March 21, 2024
    Applicant: Wells Fargo Bank, N.A.
    Inventors: Mark David Castonguay, Upul D. Hanwella, Bryan Hall, Nicola A. Maiorana, David Lerner
  • Publication number: 20240089260
    Abstract: A method may include receiving a first classification of a network address associated with a login attempt as an AVA, and in response, generating a first random number, selecting a first blocking length of time from a plurality of blocking lengths of time, calculating a first deny list duration based on summing the first random number and the first blocking length of time, and adding the network address to a deny list for the first deny list duration, and adding the network address to a parole list for a parole duration, receiving a second classification of the address as an AVA during the duration; and in response selecting a second blocking length of time from a plurality of blocking lengths, calculating a second deny list duration based on summing the second random number and the second blocking length and adding the address to the deny list for the second duration
    Type: Application
    Filed: November 20, 2023
    Publication date: March 14, 2024
    Inventors: Bryan D. Hall, Nicola A. Maiorana, Richard Joseph Schroeder
  • Patent number: 11914719
    Abstract: A system determines a baseline cyberthreat-risk score for a user, and displays the baseline cyberthreat-risk score via a user interface. The system presents at least one cyberthreat-education activity via the user interface, and receives, via the user interface, at least one user input associated with the presented at least one cyberthreat-education activity. The system generates an updated cyberthreat-risk score at least in part by updating the baseline cyberthreat-risk score based at least in part on the user input, and displays the updated cyberthreat-risk score via the user interface.
    Type: Grant
    Filed: April 15, 2020
    Date of Patent: February 27, 2024
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11855989
    Abstract: A method may include receiving a first classification of a network address associated with a login attempt as an AVA, and in response, generating a first random number, selecting a first blocking length of time from a plurality of blocking lengths of time, calculating a first deny list duration based on summing the first random number and the first blocking length of time, and adding the network address to a deny list for the first deny list duration, and adding the network address to a parole list for a parole duration, receiving a second classification of the address as an AVA during the duration; and in response selecting a second blocking length of time from a plurality of blocking lengths, calculating a second deny list duration based on summing the second random number and the second blocking length and adding the address to the deny list for the second duration.
    Type: Grant
    Filed: June 7, 2021
    Date of Patent: December 26, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Bryan D. Hall, Nicola A. Maiorana, Richard Joseph Schroeder
  • Patent number: 11848943
    Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.
    Type: Grant
    Filed: July 11, 2022
    Date of Patent: December 19, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11831648
    Abstract: Systems, methods, and apparatuses for authenticating requests to access one or more accounts over a network using authenticity evaluations of two or more automated decision engines are discussed. A login request for access to a user account may be submitted to multiple decision engines that each apply different rulesets for authenticating the login request, and output an evaluation of the authenticity of the login request. Based on evaluations from multiple automated decision engines, the login request may be allowed to proceed to validation of user identity and, if user identity is validated, access to the user account may be authorized. Based on the evaluations, the login attempt may also be rejected. One or more additional challenge question may be returned to the computing device used to request account access, and the login request allowed to proceed to validation of identity if the response to the challenge question is deemed acceptable.
    Type: Grant
    Filed: December 12, 2022
    Date of Patent: November 28, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Mark David Castonguay, Upul D. Hanwella, Bryan Hall, Nicola A. Maiorana, David Lerner
  • Publication number: 20230353537
    Abstract: In an example aspect, a method includes receiving a plurality of login attempts from a network address over a length of time, querying log data to determine, for the network address, an average number of login failures of the plurality of login attempts over the length of time, calculating a failure rate metric based on the average number of login failures, determining that the failure rate metric exceeds a reference number of login failures for the length of time, the reference number of login failures based on a historical average number of login failures for the length of time, and based in part on the determining, adding the network address to a system deny list.
    Type: Application
    Filed: June 9, 2023
    Publication date: November 2, 2023
    Inventors: Bryan D. Hall, Richard Joseph Schroeder, Nicola A. Maiorana
  • Patent number: 11722459
    Abstract: In an example aspect, a method includes receiving a plurality of login attempts from a network address over a length of time, querying log data to determine, for the network address, an average number of login failures of the plurality of login attempts over the length of time, calculating a failure rate metric based on the average number of login failures, determining that the failure rate metric exceeds a reference number of login failures for the length of time, the reference number of login failures based on a historical average number of login failures for the length of time, and based in part on the determining, adding the network address to a system deny list.
    Type: Grant
    Filed: June 7, 2021
    Date of Patent: August 8, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Bryan D. Hall, Richard Joseph Schroeder, Nicola A. Maiorana
  • Patent number: 11601435
    Abstract: In an example aspect, a method includes receiving, using a hardware processing device, a first classification of a network address associated with a login attempt as an account validator actor. The method also includes based on the first classification, updating, using the hardware processing device, a system deny list to include the network address for a first length of time. The method also includes after expiration of the first length of time removing the network address from the system deny list, receiving a second of classification of the network address as an account validator actor, and updating the system deny list to include the network address for a second length of time.
    Type: Grant
    Filed: June 7, 2021
    Date of Patent: March 7, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Bryan D. Hall, Nicola A. Maiorana, Richard Joseph Schroeder
  • Patent number: 11528277
    Abstract: Systems, methods, and apparatuses for authenticating requests to access one or more accounts over a network using authenticity evaluations of two or more automated decision engines are discussed. A login request for access to a user account may be submitted to multiple decision engines that each apply different rulesets for authenticating the login request, and output an evaluation of the authenticity of the login request. Based on evaluations from multiple automated decision engines, the login request may be allowed to proceed to validation of user identity and, if user identity is validated, access to the user account may be authorized. Based on the evaluations, the login attempt may also be rejected. One or more additional challenge question may be returned to the computing device used to request account access, and the login request allowed to proceed to validation of identity if the response to the challenge question is deemed acceptable.
    Type: Grant
    Filed: March 10, 2021
    Date of Patent: December 13, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Mark David Castonguay, Upul D. Hanwella, Bryan Hall, Nicola A. Maiorana, David Lerner
  • Publication number: 20220353281
    Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.
    Type: Application
    Filed: July 11, 2022
    Publication date: November 3, 2022
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11394766
    Abstract: Disclosed herein are systems and methods for establishing, using, and recovering universal digital identifiers. In an embodiment, a system establishes a universal identifier (ID) associated with a user and a device of the user. The universal ID is universal with respect to a plurality of distinct entities, has at least a suspended state and an unsuspended state, and initially is in the unsuspended state. The system transmits the universal ID to the device of the user. Thereafter, the system detects an ID-suspension event in connection with the universal ID, and responsively suspends the universal ID, including placing the universal ID in the suspended state. After suspending the universal ID, the system completes an ID-recovery process for the universal ID, and responsively unsuspends the universal ID, including placing the universal ID in the unsuspended state.
    Type: Grant
    Filed: April 15, 2020
    Date of Patent: July 19, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11388179
    Abstract: Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.
    Type: Grant
    Filed: May 6, 2020
    Date of Patent: July 12, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Chad E. Adams, Daniel Robert Caricato, Kahlidah B. Covington, Ashley Brook Godfrey, Christopher Wayne Howser, Nicola A. Maiorana, Nirali J. Patel, Richard Joseph Schroeder, Roger Daryll White
  • Patent number: 11356472
    Abstract: Disclosed herein are systems and methods for using machine learning for geographic analysis of access attempts. In an embodiment, a trained machine-learning model classifies source IP addresses of login attempts to a system as either blacklisted or allowed based on a set of aggregated features that correspond to login attempts to the system from the source IP addresses. The set of aggregated features includes, in association with each respective source IP address, a geographical login-attempt failure rate of login attempts to the system from each of one or more geographical areas that each correspond to the respective source IP address. Source IP addresses that are classified by the machine-learning model as blacklisted are added to a system blacklist, such that the system will disallow login attempts from such source IP addresses.
    Type: Grant
    Filed: December 16, 2019
    Date of Patent: June 7, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Nicola A. Maiorana, Bryan D. Hall, Richard Joseph Schroeder