Security Or Fraud Prevention Patents (Class 455/410)
  • Patent number: 10992645
    Abstract: At least one of a measure of trust or a measure of spoofing risk associated with a sender of a message is determined. A measure of similarity between an identifier of the sender of the message and an identifier of at least one trusted contact of a recipient of the message is determined. The measure of similarity is combined with at least one of the measure of trust or the measure of spoofing risk to at least in part determine a combined measure of risk associated with the message. The sender of the message is not included in the at least one trusted contact of the recipient of the message. Based at least in part on the combined measure of risk associated with the message, the message is modified to alter content of a data field that includes an identification of the sender of the message.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: April 27, 2021
    Assignee: Agari Data, Inc.
    Inventors: Bjorn Markus Jakobsson, Theodore C. Loder, Jacob R. Rideout, Arthur Kwan Jakobsson, Michael L. Jones
  • Patent number: 10992689
    Abstract: A vehicle network system is configured to detect unauthorized intrusions by a passenger-owned device, and to identify the passenger-owned device based at least in part on stored information representative of network communications. The vehicle network system can be further configured to determine a position of the intruding passenger-owned device within a passenger area of the vehicle and to obtain a name and/or camera image of a passenger associated with the device. The position of the intruding device can be identified based at least in part on communications between the intruding device and one or more network-access devices distributed throughout the passenger area.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: April 27, 2021
    Assignee: The Boeing Company
    Inventors: Michael R. Vanguardia, Daniel Nguyen, Timothy M. Mitchell
  • Patent number: 10986502
    Abstract: A method of detecting, controlling and managing transmission of a transmitting device within a facility is disclosed. The method involves transmitting information to the transmission device, detecting a response transmission from the transmission device by a least one transmission detection facility, extracting identification information associated with the transmission device in response to the transmitted information; and determining a location of the transmission device based on the response transmission received by the at least one received transmission detection facility, wherein the response transmissions are sorted by the identification information, determining an allowability of the located transmission device within the set area and reducing a power level of a transmitted signal for a predetermined period of time, when allowability is indicated.
    Type: Grant
    Filed: November 11, 2019
    Date of Patent: April 20, 2021
    Assignee: BINJ Laboratories, Inc.
    Inventors: Joseph S. Noonan, James P. Noonan, Jr.
  • Patent number: 10986099
    Abstract: Aspects of the disclosure relate to multicomputer processing of data from social media service computing platforms and other sources with centralized event control. A first computing platform may receive a request to authorize an event from a first device as well as information from one or more social media service computing platforms. The first computing platform may determine whether or not to authorize the event and may request authorization for the event from a second device. Subsequently, the first computing platform may command a second computing platform to authorize or not authorize the event accordingly. The rules and conditions evaluated by the first computing platform in determining whether or not to authorize the event may be determined or altered by a machine learning engine of the first computing platform.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: April 20, 2021
    Assignee: Bank of America Corporation
    Inventors: Mohamed A. Gahnoog, Cameron Darnell Wadley, Minh N. Vuong, Gail R. Davis, Victoria L. Dravneek, Susan Varghese, William August Stahlhut, Katherine Dintenfass
  • Patent number: 10979855
    Abstract: Systems and methods are disclosed for determining whether or not an apparatus, such as a mobile device, is being handled or otherwise used within a vehicle. The apparatus may comprise an accelerometer configured to measure acceleration and a gyroscope configured to measure orientation. The apparatus may determine an axis of gravity of the apparatus based on acceleration measurements made by the accelerometer over a period of time. The apparatus may also determine a rotation vector of the apparatus based on orientation measurements made by the gyroscope. Using the axis of gravity of the apparatus and the rotation vector of the apparatus, the apparatus may determine a rate of rotation of the apparatus perpendicular to the axis of gravity. If the rate of rotation of the apparatus perpendicular to the axis of gravity exceeds a threshold, the apparatus may determine that it is being handled or otherwise used within the vehicle.
    Type: Grant
    Filed: May 18, 2020
    Date of Patent: April 13, 2021
    Assignee: Arity International Fimited
    Inventors: Jared S. Snyder, Dana Ferguson
  • Patent number: 10979550
    Abstract: A method of accessing a partition on a mobile communication device may include the steps of receiving data specifying a partition, receiving an identification code from an identification module in or associated with the device, determining, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed, and allowing or denying access to the specified partition accordingly.
    Type: Grant
    Filed: February 25, 2013
    Date of Patent: April 13, 2021
    Assignee: TapNav Ltd
    Inventors: Christopher Iain Johnston, Michel Leduc
  • Patent number: 10972313
    Abstract: A relay device includes: a memory; and a hardware processor coupled to the memory. The hardware processor: receives data from a sensor; backs up the data from the sensor, in the memory, to store data failed to be transmitted to a server on a network; determines, based on a server communication status representing a state of data transmission to the server, a priority for data to be transmitted to the server among the data from the sensor and the backed-up data; transmits, to the server, data determined to have a highest priority among the data from the sensor and the backed-up data; and determines the server communication status based on whether communication with the server fails.
    Type: Grant
    Filed: March 8, 2019
    Date of Patent: April 6, 2021
    Assignee: YOKOGAWA ELECTRIC CORPORATION
    Inventor: Yoshihiro Imamura
  • Patent number: 10970748
    Abstract: A unique session is obtained and an anonymous session is generated that maps to the session. The anonymous session is passed to a selected advertisement service, and the selected advertisement service provides, in response thereto, an interface, which is proxied together with an existing interface of a device (associated with the unique session) during the unique session for a consumer to interact with the proxied interface on the device.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: April 6, 2021
    Assignee: NCR Corporation
    Inventor: Niraj Gopal
  • Patent number: 10956905
    Abstract: Computer-implemented methods and systems reliant on establishing a common session key between an electronic device and a computer server are disclosed. The method and systems may be for processing de-tokenization requests in payment transaction processing and for preparing an electronic device to perform payment transactions. During such a transaction, the server may perform a method that includes receiving a de-tokenization request including a payment token and a cryptogram generated by the electronic device using a session key generated by the electronic device based on a fingerprint of the electronic device, a secret value previously shared with the electronic device, the payment token, and a transaction counter; retrieving the fingerprint, the secret value, and the transaction counter and generating the session key based on the same; verifying the cryptogram using the session key; retrieving an associated account number; and sending response to the request including the account number.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: March 23, 2021
    Assignee: The Toronto-Dominion Bank
    Inventors: Milos Dunjic, Perry Aaron Jones Haldenby, Arthur Carroll Chow, Anthony Haituyen Nguyen, Het Anand Patel, Casey Lyn Doyle, Yubing Liu, John Jong-Suk Lee, David Samuel Tax, Arun Victor Jagga
  • Patent number: 10958692
    Abstract: A security capability negotiation method is provided that is applicable to perform security capability negotiation during a mobile network handover. Moreover, a security capability negotiation system is also provided. Consistent with the provided system and method, it may be unnecessary for the MME to know the security capability of the corresponding eNB in a certain manner during a handover from a 2G/3G network to an LTE network. Meanwhile, during the handover from the LTE network to the 3G network, the SGSN does not need to introduce new requirements.
    Type: Grant
    Filed: August 12, 2019
    Date of Patent: March 23, 2021
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Chengdong He
  • Patent number: 10959177
    Abstract: An energy detection method includes the following steps: controlling a communication device to enter a sleep mode during a first time interval; intermittently turning on and turning off a part of receiving functions of the communication device during a second time interval, in which the second time interval is after the first time interval, and when the part of receiving functions of the communication device are turned on, the communication device is controlled to receive a signal; and determining if a beacon signal is present according to energy of the signal received by the communication device. The first time interval and the second time interval form a detection period. First average power consumption of the communication device during the second time interval is smaller than second average power consumption of the communication device, in which the second average power consumption corresponds to enabling all receiving functions of the communication device.
    Type: Grant
    Filed: October 30, 2019
    Date of Patent: March 23, 2021
    Assignee: Realtek Semiconductor Corp.
    Inventor: Zuohui Peng
  • Patent number: 10949530
    Abstract: A transaction method includes: receiving, by a secure function module of a transaction terminal, a first transaction message sent by a transaction application module, where the first transaction message includes a first identifier and/or a secure transaction data requirement parameter; obtaining, by the secure function module, secure transaction data according to the first transaction message, or the first transaction message and a second identifier, where the second identifier is used to uniquely identify the secure function module; sending, by the secure function module, the secure transaction data to the transaction application module; and sending, by the transaction application module, a second transaction message to an acquiring terminal, where the second transaction message includes the secure transaction data, the first identifier, and a third identifier, and the third identifier is used to identify the transaction terminal.
    Type: Grant
    Filed: March 30, 2016
    Date of Patent: March 16, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Jingqing Mei, Guoqing Li
  • Patent number: 10951418
    Abstract: Systems and methods of managing enrollment of digital identities (e.g., for aeronautical communication) can involve a line-replaceable unit (LRU) in an aircraft establishing a digital identity with a ground-based server by requesting a public certificate from the ground-based server. The LRU may receive a public certificate from the ground-based server. The LRU may validate the public certificate. The LRU may generate, based on validating the public certificate, an enrollment status message indicative of at least one status code from a plurality of predefined status codes associated with a plurality of corresponding actions for the ground-based server. The LRU may transmit the enrollment status message including the at least one status code to the ground-based server, to cause the ground-based server to perform a corresponding action based on the at least one status code.
    Type: Grant
    Filed: February 15, 2018
    Date of Patent: March 16, 2021
    Assignee: Rockwell Collins, Inc.
    Inventors: Charles David Graziano, Patrick J. Morrissey, Benjamin David Mossman
  • Patent number: 10945126
    Abstract: A system and method according to the principles of the invention identifies mobile phone aliases. The system processes mobile location data and call event data to generate mobility profiles. The profiles indicate a mobile's geographic zone history over a specified time. To produce a mobility profile, the system aggregates location data into zones and associates the zones with times of day, week or month. Particular zones for different mobiles can be compared according to weighting algorithms to provide data indicating whether the mobiles belong to the same user.
    Type: Grant
    Filed: February 26, 2019
    Date of Patent: March 9, 2021
    Assignee: Polaris Wireless, Inc.
    Inventors: Ankit Bansal, Ravi Gyani, Karthik Shashiraj, Arijit Mukherjee
  • Patent number: 10944860
    Abstract: Agencies oftentimes desire to monitor personnel in the field during the course of their duties. To provide flexible monitoring capabilities to agencies, a common mobile device such as a mobile phone is converted for use as a radio-based listening system to collect and transmit audio data. Phone features and accessories are leveraged to collect additional data for transmission. Collected data is streamed or otherwise transmitted to monitoring devices at the agency or in the field for operational oversight and recordation.
    Type: Grant
    Filed: January 4, 2019
    Date of Patent: March 9, 2021
    Assignee: World Emergency Network-Nevada, Ltd.
    Inventor: Christopher Ryan Bennett
  • Patent number: 10939298
    Abstract: Example implementations relate to application access based on a network. For example, a computing device may include a processor. The processor may detect that the computing device is connected to a particular network and may identify an identifier associated with the particular network. The processor may access settings indicating a subset of applications associated with the identifier of the particular network, where the subset of applications is part of a set of applications available on the computing device. The processor may restrict access to the subset of applications based on the settings.
    Type: Grant
    Filed: October 17, 2019
    Date of Patent: March 2, 2021
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Shaun Henry, Gerold Keith Shelton, Gregory Doyle Creager
  • Patent number: 10932173
    Abstract: Disclosed aspects relate to access point selection. A set of beacon frame transmission data for a set of access points is collected by a computing device. The set of beacon frame transmission data includes first and second subsets including frame rates for access points and network capability data including security data for access points. The computing device compares factors derived utilizing the frame rates. The computing device weights the beacon frame transmission data with respect to the network capability data for the access points, wherein the weighting indicates security data has a heavier weight than network signal strength. The computing device computes, using the first and second factors and the weighting, a set of expected network quality scores. The computing device determines, using the set of expected network quality scores, to establish the connection utilizing the first access point. The computing device establishes the connection utilizing the first access point.
    Type: Grant
    Filed: June 20, 2019
    Date of Patent: February 23, 2021
    Assignee: International Business Machines Corporation
    Inventors: Hsiang-Wen Chen, Hsiao-Yung Chen, Wen-Ping Chi, Hsin Yu Hsieh, Wendy Ping Wen Wang
  • Patent number: 10931983
    Abstract: Devices, servers, systems and methods for content protection are provided. Disclosed embodiments improve temporal granularity of controlling access to the protected content and increase resilience against attacks attempting to prevent re-evaluation of conditions of access. Enforcement of re-evaluation may be based on the receipt and/or verification of tokens. In some embodiments, re-evaluation is enforced by periodically rendering content keys required for content decryption unuseable and/or clearing content keys already in use.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: February 23, 2021
    Assignee: NAGRAVISION S.A.
    Inventors: Christian Schwarz, André Nicoulin, Didier Hunacek
  • Patent number: 10931537
    Abstract: A method for updating a predictive model of a variable representing the operation of a mobile terminal connected to a communication network by packets is described. A first predictive model is configured to estimate a value of the variable as a function of the value of predictors, linked to the variable by a common operating context. The method can be implemented by the mobile terminal and can include generating a feed message, comprising at least the measured value and the values of the predictors, if the difference between the measured value and the estimated value is greater than or equal to a determined threshold, called the feed threshold, the method can further include transmitting the at least one feed message generated, to an update server connected to the network, receiving an update message, comprising a second predictive model updated on the basis of at least the feed message, coming from the update server, and replacing the first predictive model with the second predictive model.
    Type: Grant
    Filed: November 10, 2017
    Date of Patent: February 23, 2021
    Assignee: ORANGE
    Inventors: Philippe Dooze, Alassane Samba, Eric Debeau
  • Patent number: 10924500
    Abstract: A system is provided for detecting behaviour of a mobile telecommunications device in a telecommunications network. Malware in mobile devices can cause malicious behaviour in the device, for example sequential attaching and detaching of an infected device relative to a telecommunications network. A telecommunications network is provided which is configured to identify at least one mobile telecommunications device and to receive signals from the mobile telecommunications device and process the signals into data streams. The data streams include data of a first type arranged to cause an event of a first type within the telecommunications network. The network is arranged to monitor an occurrence in the data streams of the data of the first type and to register when the occurrence exceeds a level indicating acceptable behaviour of the mobile telecommunications device in the telecommunications network. A device for detection of mobile device behaviour is also described.
    Type: Grant
    Filed: November 22, 2013
    Date of Patent: February 16, 2021
    Assignees: Koninklijke KPN N.V., Nederlandse Organisatie Voor Toegepast—Natuurwetenschappelijk Onderzoek TNO
    Inventor: Frank Muller
  • Patent number: 10924931
    Abstract: A computing system includes a processor and memory storing instructions executable by the at least one processor. The instructions, when executed, provide a user interface component that receives an indication of an external user with which to share an item of electronic content, a link generation component that generates a link to share the item of electronic content and identifies a communication endpoint associated with the external user, and an access control component that receives a request to access the item of electronic content using the link and, in response to the request, generates an access code that is communicated to the communication endpoint associated with the external user. The user interface component receives an access input, and the access control component grants access to the item of electronic content based on a determination that the access input includes the access code communicated to the communication endpoint associated with the external user.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: February 16, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Omar H. Shahine, Greg S. Friedman, Eugene S. Lin, Rafael Lopez-Uricoechea, Sean Lamont Grant Livingston, Hui Huang, Gang Zhai, Michael Scott Pierce, Sarat Chandra Subramaniam
  • Patent number: 10917790
    Abstract: Disclosed herein are techniques for enabling a user to activate a new device with a Mobile Network Operator (MNO) without requiring the user to provide MNO authentication credentials that are easily forgotten. The user activates the new device using credentials from an existing device (associated with the user) that is trusted by the MNO and also using a trust score provided by a third-party server that has knowledge of associations between the user and the existing device. The new device can be a supplemental device, such as a wearable device to a cellular phone, where both devices remain capable of accessing services provided by the MNO after the new device is activated with the MNO. The new device can also be a replacement device, such as a new phone, tablet, or wearable device, where the new device supplants access to services provided by the MNO for an existing device.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: February 9, 2021
    Assignee: Apple Inc.
    Inventors: Li Li, Arun G. Mathias, Gokul P. Thirumalai, Najeeb M. Abdulrahiman, Francisco J. Gonzalez, Jonathon Sodos
  • Patent number: 10911434
    Abstract: This disclosure provides a method and system for protecting phone numbers from being exposed to third parties. The method comprises receiving a request, from a caller smart phone, for establishing telephone communication with a callee smart phone, wherein the request contains a code to designate the smart phone of the callee. The method further comprises checking whether the code is formally provided to the callee. The method further comprises: in response to determining that the code is formally provided to the caller, retrieving the phone number of the caller and the phone number of the callee based on the request and establishing a phone call connection via a cellular network with the phone number of the caller and the phone number of the callee.
    Type: Grant
    Filed: November 15, 2017
    Date of Patent: February 2, 2021
    Assignee: International Business Machines Corporation
    Inventors: Hui Wang, Mai Zeng, Yu Mei Dai, Xin Xin Lv, Yong Wu, Si Jun Gz Zhou, De Ting Hu, Zhi Jun Wang
  • Patent number: 10911238
    Abstract: Examples of the present disclosure describe systems and methods relating to the offline protection of secrets. A secret may be encrypted using a public key provided by the client. The client may have obtained the public key from a cryptographic hardware device, wherein the private key of the cryptographic key pair may be bound to the cryptographic hardware device. The encrypted secret may be transmitted by a service to the client using a secured or an unsecured transmission method. In some examples, the service may transmit a subsequent encrypted secret, which may invalidate a previously encrypted secret. In order to authenticate with the service, the client may select an encrypted secret for decryption. The client may access the private key stored by the cryptographic device and decrypt the encrypted secret with the private key. The client may then use the decrypted secret to authenticate with the service.
    Type: Grant
    Filed: May 11, 2017
    Date of Patent: February 2, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Nicolae Voicu, Shane Brady
  • Patent number: 10904750
    Abstract: In a method for security handling in a mobility of a terminal device, a target access and mobility management function (AMF) entity receives a first message for registering a terminal device, sends a second message to a source AMF entity after receiving the first message. The source AMF entity derives a first key based on a key between the source AMF entity and the terminal device, sends the first key to the target AMF entity. The target AMF entity determines to use the first key based on security related information after receiving the first key and determines a communication key between the target AMF entity and the terminal device based on the first key after determining to use the first key.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: January 26, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Jing Chen, Kai Pan, He Li
  • Patent number: 10897489
    Abstract: Techniques are provided to manage the casting of content from user devices to media playback devices. The proposed approach employs intermediate network components that intercept and manipulate session and configuration protocol traffic according to network rules. Enforcement of such rules ensures user devices only discover and cast content to allowed media playback devices. The proposed techniques support casting to local and remote public and private media playback devices and also regulate media playback device reconfiguration.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: January 19, 2021
    Assignee: MCOM MEDIA COMUNICATIONS DMCC
    Inventors: Eleftherios Simotas, Konstantinos Sakellariou, Ioannis Aglamisis, Peter Politopoulos
  • Patent number: 10896425
    Abstract: Disclosed are various embodiments for improvements in customer relationship management and point of sale payment processing at remote event spaces. The system, apparatuses, and methods disclosed herein facilitate the transaction processing of credit cards and other payment vehicles in often remote locations where network connections may be intermittent and suffer from frequent disconnects or interruptions of service. The embodiments disclosed operate to detect network events, dynamically adjust to the event space, and processes the transactions on demand. The apparatuses are equipped to facilitate the event environment and are adapted to execute instructions to facilitate the financial transactions.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: January 19, 2021
    Assignee: FESTIVAL CONTROL SYSTEMS PROCESSING, LLC
    Inventor: Jeff Waughtal
  • Patent number: 10893052
    Abstract: An online system, an application on a computing device, or an operating system of a computing device stores a primary password and a duress password for a user account. The primary password grants access to the user account in a regular access mode, which allows the user to access any account data that is ordinarily accessible to the user. The duress password grants access to the user account in a limited access mode that makes at least some of the account data inaccessible to the user. The limited access mode can make some of the account data inaccessible while still providing the appearance of full access. For example, some of the account data remains accessible in the limited access mode while more sensitive account data is made inaccessible. The limited access mode can also display a mock error message to provide the appearance of a technical error.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: January 12, 2021
    Assignee: Facebook, Inc.
    Inventor: Andrew Garrod Bosworth
  • Patent number: 10893039
    Abstract: This disclosure provides a method and system for protecting phone numbers from being exposed to third parties. The method comprises receiving a request, from a caller smart phone, for establishing telephone communication with a callee smart phone, wherein the request contains a code to designate the smart phone of the callee. The method further comprises checking whether the code is formally provided to the callee. The method further comprises: in response to determining that the code is formally provided to the caller, retrieving the phone number of the caller and the phone number of the callee based on the request and establishing a phone call connection via a cellular network with the phone number of the caller and the phone number of the callee.
    Type: Grant
    Filed: September 27, 2017
    Date of Patent: January 12, 2021
    Assignee: International Business Machines Corporation
    Inventors: Hui Wang, Mai Zeng, Yu Mei Dai, Xin Xin Lv, Yong Wu, Si Jun Gz Zhou, De Ting Hu, Zhi Jun Wang
  • Patent number: 10893408
    Abstract: The present disclosure relates to a communication technique for converging a 5G communication system for supporting a higher data rate beyond a 4G system with an IoT technology, and a system therefor. The present disclosure can be applied to an intelligent service (e.g., smart home, smart building, smart city, smart car or connected car, health care, digital education, retail, security and safety related service, and the like) on the basis of a 5G communication technology and an IoT related technology. An embodiment of the present disclosure proposes a method for transmitting and receiving a profile by a terminal in a communication system, the method comprising the steps of: downloading the profile from a server that manages a profile for providing a communication service, and installing the same in an internal universal integrated circuit card (UICC); and deleting the profile from the UICC when a request event related to deletion of the profile is detected.
    Type: Grant
    Filed: December 26, 2016
    Date of Patent: January 12, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Jong-Han Park
  • Patent number: 10887468
    Abstract: Systems and methods for adapting traditional landline telephones to make and receive Voice over Internet Protocol (VoIP) calls and other communications are described. In some embodiments, an adapter, adaptor, or other device or apparatus connects an IP router, such as a WiFi router or other access point, to a traditional landline telephone (e.g., a phone using dual-tone multi-frequency, or DTMF, signaling), enabling the traditional landline phone to make and/or receive VoIP calls.
    Type: Grant
    Filed: June 5, 2018
    Date of Patent: January 5, 2021
    Assignee: T-Mobile USA, Inc.
    Inventors: Michael Lasso, Samir Hodroj, Della Conley, Omar Hassan, Dragos Lazar
  • Patent number: 10873637
    Abstract: Systems, methods, and computer-readable storage media are provided for publishing, discovering, connecting with and activating services in a peer-to-peer environment. Services available in association with a first computing device are determined and encoded with instructions for accessing and understanding such services via their respective activation protocols. The encoded services are published via a publication protocol such that they are discoverable by at least a second computing device, irrespective of whether such services may be activated via the publication protocol. The second computing device discovers the available services via the publication protocol and accesses and understands the instructions associated with a desired service. Upon receipt of a request from the second computing device, via the activation protocol, to activate the requested service, the requested service is activated by the first computing device.
    Type: Grant
    Filed: May 2, 2016
    Date of Patent: December 22, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Niket Ashok Sanghvi, Benjamin Scott McGregor, Kushal Suresh Narkhede, Alain Michaud, Andrew Gordon Cunningham, Samuel David Adams, James George Cavalaris
  • Patent number: 10873605
    Abstract: Disclosed is a system for tracking an information leakage of an endpoint. The system includes a management server which transmits the detection pattern information to an endpoint terminal connected through a network and an endpoint terminal which monitors generation and change of a file by using the detection pattern information, performs a first detection activity through matching information stored in a heap memory of a currently-executed process with the detection pattern information, and a second detection activity according to monitoring of a particular application program interface (API) according to process execution, executes an information leakage response process corresponding to first detection activity information and second detection activity information, and transmits the first detection activity information and the second detection activity information to the management server.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: December 22, 2020
    Assignee: SOMANSA CO., LTD.
    Inventors: Sang Wook Kim, Tae Wan Kim, Il Hoon Choi
  • Patent number: 10867025
    Abstract: The inventors recently developed a system that authenticates and/or identifies a user of an electronic device based on passive factors, which do not require conscious user actions. During operation of the system, in response to a trigger event, the system collects sensor data from one or more sensors in the electronic device, wherein the sensor data includes movement-related sensor data caused by movement of the portable electronic device while the portable electronic device is in control of the user. Next, the system extracts a feature vector from the sensor data, and analyzes the feature vector to authenticate and/or identify the user. During this process, the feature vector is analyzed using a model trained with sensor data previously obtained from the portable electronic device while the user was in control of the portable electronic device.
    Type: Grant
    Filed: February 26, 2018
    Date of Patent: December 15, 2020
    Assignee: UnifyID, Inc.
    Inventor: John C. Whaley
  • Patent number: 10867326
    Abstract: A method for securing a transaction in a reputation system includes the following steps: authenticating a user vis-à-vis an end device by means of an electronic proof of identity for releasing authentication data for the digital identity that are stored on the end device, and authenticating the digital pseudonym assigned to the user vis-à-vis the reputation system by means of the end device while employing the stored authentication data pertaining to the digital pseudonym. The electronic proof of identity can be present as an electronic identity card in the form of a portable data carrier.
    Type: Grant
    Filed: December 9, 2013
    Date of Patent: December 15, 2020
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Gisela Meister, Dirk Wacker, Katharina Wallhausser
  • Patent number: 10864889
    Abstract: A vehicle operating apparatus is provided. The vehicle operating apparatus includes a memory configured to store data generated in association with an operation of a vehicle, and a processor configured to perform communication connection to a first external device, determine a first authorization level of the first external device, determine a second authorization level corresponding to a task according to characteristics of the task for performing the operation of the vehicle, and assign the task to a second external device corresponding to the second authorization level.
    Type: Grant
    Filed: December 4, 2017
    Date of Patent: December 15, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Hye-jung Yang, Bo-seok Moon, Mu-sik Kwon, Jong-hyun Kim, Hae-in Chun
  • Patent number: 10855664
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for proximity-based logical access. In some implementations, a method includes receiving, by a mobile electronic device, a request from a server system to approve a session for a logical resource accessed by a second electronic device. In response to receiving the request, the mobile electronic device, initiates communication over a wireless communication link using a radio of the mobile electronic device. The mobile electronic device receives data from the second electronic device over the wireless communication link, the received data from the second electronic device indicating a session identifier. After receiving the data from the second electronic device, the mobile electronic device provides a response to the server system that indicates approval of the session and indicates the session identifier.
    Type: Grant
    Filed: February 8, 2017
    Date of Patent: December 1, 2020
    Assignee: MicroStrategy Incorporated
    Inventors: Siamak Ziraknejad, Feng Xia, Liang Chen, Quan Jia
  • Patent number: 10841322
    Abstract: According to some embodiments, a plurality of monitoring nodes may each generate a series of current monitoring node values over time that represent a current operation of the industrial asset. A node classification computer may determine, for each monitoring node, a classification result indicating whether each monitoring node is in a normal or abnormal state. A disambiguation engine may receive the classification results from the node classification computer and associate a Hidden Markov Model (“HMM”) with each monitoring node. For each node in an abnormal state, the disambiguation engine may execute the HMM associated with that monitoring node to determine a disambiguation result indicating if the abnormal state is a result of an attack or a fault and output a current status of each monitoring node based on the associated classification result and the disambiguation result.
    Type: Grant
    Filed: April 20, 2018
    Date of Patent: November 17, 2020
    Assignee: GENERAL ELECTRIC COMPANY
    Inventors: Annarita Giani, Masoud Abbaszadeh, Lalit Keshav Mestha
  • Patent number: 10841899
    Abstract: This application relates to the field of wireless communications technologies, and in particular, to a system message transmission technology, so as to resolve a system message update problem of a terminal device with DRX cycle. This application provides a terminal device, including: a receiving module, configured to receive a first system message; and a processing module, configured to: obtain first indication information from the first system message, and update system messages other than the first system message according to the obtained first indication information, where the first system message is periodically sent, and occupies a fixed physical resource location. The first indication information is sent in the first system message instead of a paging message. The terminal device may update the system messages other than the first system message according to the indication information, thereby updating all system messages.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: November 17, 2020
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Yinghui Yu, Baokun Shan, Chenwan Li
  • Patent number: 10838739
    Abstract: A network-connected device, and methods for executing operating programs stored in a RAM-based file storage system, where the network-connected device includes a bootloader configured to be executed during a boot of the network-connected device. When executed, the bootloader causes the network-connected device to connect to an external computing device via a network, and to download an operating program. The network-connected device then stores the operating program in a RAM-based file storage system that is located in a simulated disk drive that resides in the RAM memory, and executes the operating program from within the RAM-based file storage system. In some embodiments, the network-connected device also is configured to store configuration files in the RAM-based file storage system, make changes to the configuration files stored in the RAM-based file storage system, and synchronize those changes with a remote persistent file store hosted by an external computing device.
    Type: Grant
    Filed: April 19, 2018
    Date of Patent: November 17, 2020
    Assignee: Circle Media Labs Inc.
    Inventor: Tiebing Zhang
  • Patent number: 10841302
    Abstract: A method for performing a security procedure by a terminal in a wireless communication system, and an apparatus thereof. The method includes transmitting a first access request message for accessing a first network of a core network to a first radio access network (RAN) node, performing an authentication procedure for mutual authentication with a node performing an authentication server function (AUSF) of the core network, generating a common key commonly used in one or more networks included in the core network based on an authentication vector obtained through the mutual authentication procedure, generating a first base key of the first network based on the common key and a network code corresponding to a type of the first network, and receiving an access accept message indicating an access accept of the first network from the first RAN node.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: November 17, 2020
    Assignee: LG ELECTRONICS INC.
    Inventors: Genebeck Hahn, Jiwon Kang, Heejin Kim, Ilmu Byun, Hyunjin Shim, Heejeong Cho
  • Patent number: 10820240
    Abstract: A communication system is described in which user plane communication and control plane communication for a particular mobile communication device can be split between a base station that operates a small cell and a macro base station. Appropriate security for the user plane and control plane communications is safeguarded by ensuring that each base station is able to obtain or derive the correct security parameters for protecting the user plane or control plane communication for which it is responsible.
    Type: Grant
    Filed: April 17, 2020
    Date of Patent: October 27, 2020
    Assignee: NEC Corporation
    Inventor: Vivek Sharma
  • Patent number: 10820197
    Abstract: Systems and methods for selectively disabling encryption for user equipment are disclosed. A technique comprises interrogating a location code of a device authenticated to a network through an encrypted connection and determining whether the location code corresponds to an unencrypted region. If the location code does not correspond to an unencrypted region, the technique comprises registering the device to the network for communication using the encrypted connection. If the location code corresponds to an unencrypted region, the technique comprises sending an intercept challenge to the device to re-authenticate the device to the network, the intercept challenge including parameters to establish an unencrypted connection, receiving re-registration information including unencrypted location information from the device using the unencrypted connection, and registering the device to the network using the unencrypted connection.
    Type: Grant
    Filed: May 8, 2018
    Date of Patent: October 27, 2020
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: William Harry Rosenberg, Mario Manuel Jardon
  • Patent number: 10819613
    Abstract: There is provided a method of controlling behaviour of a system that evaluates wireless device performance, and/or wireless network performance, and/or wireless network usage trends.
    Type: Grant
    Filed: January 16, 2018
    Date of Patent: October 27, 2020
    Assignee: Tutela Technologies Ltd.
    Inventors: Brennen Stephen Chow, Hunter Banford Bulmer MacDonald, David Daniel Yarish, Anthony Sean Kroeker, Stephen William Neville, Thomas E. Darcie
  • Patent number: 10812931
    Abstract: A method begins with identifying a geographic area associated with an adverse condition and identifying a plurality of user devices of a social network potentially associated with the identified geographic area. The method continues with issuing a safety notification to the plurality of user devices. The method continues with receiving a first safety status response from a first user device and a second safety status response from a second user device, where the responses include location information of a first and second safe location. The method continues with issuing evacuation information to at least some of the plurality of user devices based on the location information of the first and second safe locations.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: October 20, 2020
    Assignee: THE SAFETY NETWORK PARTNERSHIP, LLC
    Inventors: Gary W. Grube, Evan Edward Quisenberry, John Edward Buchalo
  • Patent number: 10812971
    Abstract: Techniques for providing service-based security per data network name in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per data network name in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network name information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network name information.
    Type: Grant
    Filed: September 10, 2019
    Date of Patent: October 20, 2020
    Assignee: Palo Alto Networks, Inc.
    Inventors: Sachin Verma, Leonid Burakovsky
  • Patent number: 10810571
    Abstract: Systems and methods for device and payment management include detecting, through a first network, that a user device that is associated with a user is located at a trusted location. A first anticipated activity that is associated with the user is determined. The first anticipated activity identifies a first activity location that is different from the trusted location. A first device management configuration that is associated with the first anticipated activity. A first user device action to be performed on the on the user device at the trusted location is determined using the device management configuration. A first notification that causes the first user device action to be performed on the user device while the user device remains at the trusted location is sent to the user device through the first network.
    Type: Grant
    Filed: October 13, 2016
    Date of Patent: October 20, 2020
    Assignee: PAYPAL, INC.
    Inventors: Michael Charles Todasco, Cheng Tian
  • Patent number: 10805794
    Abstract: The detection and prevention of unauthorized tracking devices is described herein. For example, a mobile device may be configured to detect nearby wireless devices. The communication signal between a detected wireless device and the mobile device may be tracked over time, and used to programmatically determine the likelihood that the detected wireless device is an unknown tracking device. The user of the mobile device may be given a notification and related data when a suspicious device is identified, and the user may choose to identify the unknown tracking device as an authorized tracking device or an unauthorized tracking device. When a detected wireless device is identified as an unauthorized tracking device, various remedial actions may be performed by a user and/or a central tracking system. In one example, the central tracking system remotely deactivates the unauthorized tracking device.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: October 13, 2020
    Assignee: Tile, Inc.
    Inventor: Wayne Patterson
  • Patent number: 10797888
    Abstract: Methods, non-transitory computer readable media, and mobile application manager apparatus that assists secured SCEP enrollment of client devices includes receiving a certificate signing request and an encrypted device key from an enrolled mobile device. The received certificate signing request is forwarded to a simple certificate enrollment protocol server upon determining a validity of the received encrypted device key. A signed device certificate is received from the simple certificate enrollment protocol server as a response to the forwarded certificate signing request. The secured simple certificate enrollment protocol enrollment is completed forwarding the signed device certificate to the enrolled mobile device.
    Type: Grant
    Filed: January 20, 2017
    Date of Patent: October 6, 2020
    Assignee: F5 Networks, Inc.
    Inventors: Ravi Natarajan, Wui Chung Lie, Saxon Amdahl, Nicholas Treat
  • Patent number: 10796030
    Abstract: Detecting an attempted theft of information stored in an RFID-enabled card, including: receiving, by a theft detection module, a transaction request, the transaction request including RFID-enabled card information; determining, by the theft detection module, that the RFID-enabled card information is mock card information, wherein mock card information is provided to an RFID reader by an RFID tag exterior to an RFID shield of an RFID-enabled card security enclosure responsive to an RFID request directed at the security enclosure; and responsive to determining that the RFID-enabled card information is mock card information, initiating, by the theft detection module, one or more security actions.
    Type: Grant
    Filed: October 27, 2016
    Date of Patent: October 6, 2020
    Assignee: International Business Machines Corporation
    Inventors: Chad M. Albertson, Eric J. Campbell, Nicholas J. Ollerich, Christopher W. Steffen