Solely Password Entry (no Record Or Token) Patents (Class 713/183)
  • Patent number: 12164620
    Abstract: A method and system for safely entering a password, the method comprising: a smart key device receives a password verification request sent from an upper computer, generates and displays randomly arranged characters, and returns a password verification response to the upper computer; upon the reception of the password verification response, the upper computer displays a password input interface and waits for a user to input, upon the reception of a user input, obtains a password acquisition response according to the user input, and sends the password acquisition response to the smart key device; and the smart key device determines whether the user input is correct according to the received password acquisition response. By means of the present invention, a password input solution in which a user needs to click a different position every time a password character is entered is achieved.
    Type: Grant
    Filed: October 22, 2020
    Date of Patent: December 10, 2024
    Assignee: Feitian Technologies Co., Ltd.
    Inventors: Zhou Lu, Huazhang Yu
  • Patent number: 12120227
    Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.
    Type: Grant
    Filed: October 25, 2022
    Date of Patent: October 15, 2024
    Assignee: INTEL CORPORATION
    Inventors: Santosh Ghosh, Marcio Juliato, Manoj Sastry
  • Patent number: 12111977
    Abstract: A method includes displaying a first screen of a keyboard area having an upper pseudo-image part, a lower pseudo-image part, and multiple image-pixel keys, changing a Unicode character in one of the upper pseudo-image part and the lower pseudo-image part into a first non-blank Unicode character in the first screen in response to a first image-pixel key input, displaying a second screen of the keyboard area different from the first screen, providing the upper pseudo-image part in a text input area in response to a first image-part key input, providing a word in the text input area in response to at least one letter key input, and providing the lower pseudo-image part in the text input area in response to a second image-part key input.
    Type: Grant
    Filed: April 27, 2023
    Date of Patent: October 8, 2024
    Inventor: Bonggeun Kim
  • Patent number: 12101396
    Abstract: A first device obtains a public key of a first home device and a first message leaving key that is used to encrypt an offline message between the first device and the first home device; obtains a public key of a second device and a second message leaving key that is used to encrypt an offline message between the first device and the second device; obtains a third message leaving key used to encrypt an offline message between the second device and the first home device; encrypts the public key of the second device and the third message leaving key by using the first message leaving key, to obtain first encrypted information, and requests a server to push the first encrypted information to the first home device; and encrypts the public key of the first home device and the third message leaving key by using the second message leaving key.
    Type: Grant
    Filed: October 29, 2020
    Date of Patent: September 24, 2024
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Bingkun Xu, Yong Qiao
  • Patent number: 12054157
    Abstract: An example operation includes one or more of determining a portion of memory in a transport to store data, establishing a timeframe when the data may be accessed based on a type of the data, and clearing the data from the portion of memory after the timeframe. The type of the data may be related to one or more of the transport and an occupant of the transport. A length of the timeframe is inversely proportional to a criticality of the type of the data.
    Type: Grant
    Filed: September 9, 2021
    Date of Patent: August 6, 2024
    Assignee: TOYOTA MOTOR NORTH AMERICA, INC.
    Inventors: Roger J. Baker, Satyajit P. Patne
  • Patent number: 11983293
    Abstract: Systems, computer program products, and methods are described herein for predicting, detecting, and preventing unauthorized access events associated with electronic systems. The systems, computer program products, and methods may be configured to receive, from a first automated teller machine, an alert message including information associated with a first unauthorized access event occurring at the first automated teller machine and determine, based on the information in the alert message, a location of the first automated teller machine. The systems, computer program products, and methods may be configured to identify a second automated teller machine proximate the location of the first automated teller machine and provide, to the second automated teller machine, one or more commands to be executed by the second automated teller machine to prevent a second unauthorized access event from occurring at the second automated teller machine.
    Type: Grant
    Filed: September 23, 2021
    Date of Patent: May 14, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Sree Krishna Vaishanavy Krishnaswamy Ravindran, Sneha Padiyar, Ravikiran Subramanya Rao
  • Patent number: 11943216
    Abstract: A client device is configured to receive user-input and provide user-output to a client-user. A service provider is configured to serve a network-provided service for authorized users. An identity provider is configured to: maintain authorization information for the network-provided service and generate a permission-object that i) specifies that the client-user is an authorized user of the network-provided service and ii) may include an access-override field that specifies a network address of a remote browser isolation (RBI) host. The system also includes the RBI host configured to access the network-provided service; run the network-provided service in an isolation environment to generate a graphic user interface (GUI); provide a visual reproduction of the GUI to the client device; receive browser-input from the client device; and apply the browser-input to the running network-provided service.
    Type: Grant
    Filed: April 25, 2023
    Date of Patent: March 26, 2024
    Assignee: iBoss Inc.
    Inventor: Paul Michael Martini
  • Patent number: 11928229
    Abstract: A method for automatically encrypting files is disclosed. In some cases, the method may be performed by computer hardware comprising one or more processors. The method can include detecting access to a first file, which may be stored in a primary storage system. Further, the method can include determining whether the access comprises a write access. In response to determining that the access comprises a write access, the method can include accessing file metadata associated with the first file and accessing a set of encryption rules. In addition, the method can include determining whether the file metadata satisfies the set of encryption rules. In response to determining that the file metadata satisfies the set of encryption rules, the method can include encrypting the first file to obtain a first encrypted file and modifying an extension of the first encrypted file to include an encryption extension.
    Type: Grant
    Filed: May 17, 2021
    Date of Patent: March 12, 2024
    Assignee: Commvault Systems, Inc.
    Inventors: Andrei Erofeev, Rahul S. Pawar
  • Patent number: 11914752
    Abstract: A secure token (ST) system including at least one ST computing device to provision data using secure tokens over a network is provided. The ST computing device is configured to receive first customer data from a credit issuer computing device, the first customer data including at least one or more account identifiers associated with a customer and a social security number (SSN) associated with the customer. The ST computing device is also configured to hash the SSN, wherein the hashed SSN includes a hash value, assign a unique identifier to each of the one or more account identifiers, and generate a secure token by associating the hash value to each unique identifier. The ST computing device is further configured to store the secure token within the database, and transmit the secure token to at least one of the credit issuer computing device and a third party computing device.
    Type: Grant
    Filed: September 16, 2022
    Date of Patent: February 27, 2024
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Keyur Patel
  • Patent number: 11886417
    Abstract: A system may receive, via a web browser plugin on a user device, a first timestamp associated with first click data at a website associated with a merchant, a referring uniform resource location (URL), a current URL, and first user identification data. The system may also receive transaction data including a second timestamp, second user identification data, and a first merchant name associated with a transaction with the merchant. The system may determine whether the first timestamp is within a predetermined period of the second timestamp and determine whether the first user identification data corresponds with the second user identification data. When the system determines that the first timestamp is within the predetermined period of the second timestamp and the first user identification data corresponds with the second user identification data, the system may store the referring URL and the current URL with the first merchant name in a database.
    Type: Grant
    Filed: November 4, 2021
    Date of Patent: January 30, 2024
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Allison Fenichel, Amanda Sneider, Zenobia Zoila Liendo
  • Patent number: 11874903
    Abstract: The application provides an example user interface switching method and an example terminal. The method includes, after the terminal triggers a trusted user interface (TUI) display request of a client application (CA) according to a first operation on a CA interface by a user, the terminal switches a display environment of the CA from a rich execution environment (REE) to a trusted execution environment (TEE) according to the TUI display request, and then displays a trusted application (TA) interface that is of the CA and that is in the TEE. The method also includes performing, by the user, an operation of inputting sensitive information on the TA interface.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: January 16, 2024
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Dongdong Yao
  • Patent number: 11853411
    Abstract: There are provided systems and methods for user specific error detection for accepting authentication credential errors. A service provider, such as an authentication server and/or transaction processor, may require credentials for a user to utilize a specific service, such as an account and account services. The user may establish an authentication credential, such as a password or other secret, that allows the user to use the account. The user may then attempt to utilize the credentials with the service provider but may perform a typo in entering the authentication credential. The service provider may reject an authentication of the user but may allow the user to reenter the authentication credential. If the user correctly enters the authentication credential at this stage, the service provider may perform analysis of the incorrect and correct authentication credential to determine whether to allow the incorrect authentication credential for future authentications.
    Type: Grant
    Filed: April 17, 2020
    Date of Patent: December 26, 2023
    Assignee: PAYPAL, INC.
    Inventor: George Chen Kaidi
  • Patent number: 11843596
    Abstract: Subsequent to registration of a client device with a server device such that credentials by which the client device is authenticated are securely stored at the client device, the client device provides a user device and a server device a recovery identifier and a recovery secret key associated with the client device. Upon the credentials no longer being stored at the client device such that the client device has to be reregistered with the server device to store new credentials by which the client device is authenticated, the user device generates and provides a recovery code to the client device, which provides the recovery code to the server device. Upon validating the recovery code based on the recovery identifier and the recovery secret key, the server device reregisters the client device with the server device such that the new credentials are securely stored at the client device.
    Type: Grant
    Filed: June 30, 2021
    Date of Patent: December 12, 2023
    Assignee: Micro Focus LLC
    Inventors: Vamsi Krishna, Jason Blackett, Harinath Jarugula
  • Patent number: 11798002
    Abstract: A user may provide a financial card to an automated teller machine (ATM) or point of sale (POS) terminal and may be authenticated by providing a gesture and/or an image selection via a mobile device to the ATM or the POS. The gesture and/or image selection may be provided using a touchscreen of the mobile device. The gesture and/or image provided by the user via the mobile device may be compared to a stored gesture and/or image provided by the user during an earlier registration of the financial card. If there is a match between the gesture and/or image provided by the user via the mobile device and the previously stored gesture and/or image, then the user is authenticated and may access an account associated with the financial card.
    Type: Grant
    Filed: December 21, 2021
    Date of Patent: October 24, 2023
    Assignee: United Services Automobile Association (USAA)
    Inventors: Christopher Paul Courtright, Bradly Jay Billman
  • Patent number: 11782089
    Abstract: IHSs (Information Handling Systems) may include connectors, such as an XDP connector, that support couplings by diagnostic tools that utilize a debugging interface that is supported by the IHS, such as JTAG interface. These connectors provide a useful debugging mechanism but may be exploited to access protected information and to install malicious software. Detecting when these debugging capabilities have been compromised is very difficult. In embodiments, a remote access controller of the IHS disables the JTAG interface prior to initialization of the IHS processor by maintaining the interface in reset state. The remote access controller does not include instructions necessary for releasing the JTAG interface from this reset state until its firmware has been updated. If the remote access controller detects debugging activity while the JTAG interface is still in a reset state, the remote access controller signals an attempt to conduct an unauthorized debug session.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: October 10, 2023
    Assignee: Dell Products, L.P.
    Inventors: Mukund P. Khatri, Mark A. Linebaugh
  • Patent number: 11734449
    Abstract: A data using device includes: a data storage part storing pieces of data used for the predetermined process; a user storage part storing a first user identification information; an authentication data acquisition part; a user acquisition part acquiring a second user identification information from the external apparatus; a user determination part; an authentication storage processing part storing the authentication data such that the authentication data is available for the predetermined process when the user determination part determines that the first and second user identification information match each other or when the first user identification information is not stored; a user deletion part deleting or instructing a user to delete the first user identification information when the first and second user identification information do not match each other; and a data use prohibition part prohibiting use of the authentication data when the first user identification information is deleted.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: August 22, 2023
    Assignee: Roland Corporation
    Inventors: Ikuo Tanaka, Koji Iida, Naoyuki Ide
  • Patent number: 11726923
    Abstract: Devices and methods for preventing unauthorized access to memory devices are disclosed. A one-time programmable (OTP) memory is included in both a memory device and a processing device. The OTP memories store encryption keys and the encryption and decryption of messages between the two devices are used as a heartbeat to determine that the memory device has not been separated from the processing device and, in some instances, connected to a malicious processing device.
    Type: Grant
    Filed: June 18, 2019
    Date of Patent: August 15, 2023
    Assignee: Micron Technology, Inc.
    Inventor: Gil Golov
  • Patent number: 11657127
    Abstract: The present disclosure describes exemplary methods and systems of protecting an integrated circuit. One exemplary method comprises receiving a plurality of key inputs for enabling operation of the integrated circuit; determining whether the received key inputs are correct key inputs for enabling operation of the integrated circuit; and if the received key inputs are determined to be incorrect key inputs, locking sequential logic and combinational logic of the integrated circuit until correct key inputs are received.
    Type: Grant
    Filed: December 14, 2020
    Date of Patent: May 23, 2023
    Assignee: University of Florida Research Foundation, Inc.
    Inventors: Swarup Bhunia, Md Moshiur Rahman, Abdulrahman Alaql
  • Patent number: 11640453
    Abstract: In aspects of user authentication facilitated by an additional device, a computing device can maintain authentication data usable to authenticate a user to use the computing device. The computing device implements an authentication control module that can determine an additional device is equipped to facilitate authentication of a user to the computing device. The authentication control module can then receive additional authentication data associated with the user from the additional device, and authenticate the user to use the computing device based in part on the additional authentication data received from the additional device.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: May 2, 2023
    Assignee: Motorola Mobility LLC
    Inventors: John J. Gorsica, IV, Rachid M. Alameh
  • Patent number: 11620376
    Abstract: A method for generating a dynamic username includes receiving a static component of a dynamic username and a selection of a dynamic parameter component of the dynamic username from a user. The static component and the selected dynamic parameter component are combined in a predetermined order, based on a user selected option. The dynamic username is produced from the combined static component and the selected dynamic parameter component based on the predetermined order. A rule for producing the dynamic username is generated. The rule defines the predetermined order of the static component and the selected dynamic parameter component. The static component and the rule are stored in a credential database with the rule being associated with the static component.
    Type: Grant
    Filed: November 11, 2021
    Date of Patent: April 4, 2023
    Assignee: Mastercard International Incorporated
    Inventors: Marthom Daetz, Tara L. Sauer
  • Patent number: 11616775
    Abstract: Embodiments of the present application provide a network access authentication method, apparatus, and system. The network access authentication method mainly comprises: obtaining a user name by a network access management client through encryption using a device ID of a terminal device, and obtaining a dynamic password through encryption using the device ID and a time value within a time step, so that the terminal device performs network access authentication using the user name and the dynamic password. The device ID is uniquely assigned by an authentication server to the terminal device, and thus functions to identify the identity of the terminal device, so that network access authentication can be independent of digital certificates, thereby solving the problem that the terminal device cannot accomplish network access authentication for unsupported use of or unavailability of a digital certificate, while meeting network access security requirements.
    Type: Grant
    Filed: July 9, 2018
    Date of Patent: March 28, 2023
    Assignee: Alibaba Group Holding Limited
    Inventor: Hongzhan Yin
  • Patent number: 11606372
    Abstract: Techniques are disclosed for mitigating against malicious login attempts. In some examples, a computer system receives a plurality of login attempts to the system, the plurality of login attempts being originated from an Internet Protocol (IP) subnet. The computer system determines a ratio of successful login attempts to unsuccessful login attempts of the plurality of login attempts. Then, in response to determining that the ratio of a number of successful login attempts to total login attempts is below a predetermined threshold, the computer system denies a future login attempt to the system that is associated with the IP subnet for a first time period.
    Type: Grant
    Filed: December 19, 2017
    Date of Patent: March 14, 2023
    Assignee: T-Mobile USA, Inc.
    Inventor: Brett C. Peppe
  • Patent number: 11539516
    Abstract: The invention is notably directed to a method for encoding information. This method first comprises generating an encryption key according to polymorphic features of nucleic acids from one or more entities. Next, information is encrypted based on the generated key. Finally, the encrypted information is encoded into synthetic DNA. Another aspect concerns a method for retrieving information. Consistently with the above encoding scheme, synthetic DNA in provided, which encodes encrypted information. Such information is read by sequencing the synthetic DNA and by decrypting the information read using a decryption key. The latter is generated according to polymorphic features of nucleic acids from one or more entities (e.g., from the legitimate individual(s) requesting access to information). Thus, the encoded information cannot be interpreted unless a suitable decryption key is available. The invention is further directed to related DNA samples and systems, including DNA vaults.
    Type: Grant
    Filed: September 25, 2018
    Date of Patent: December 27, 2022
    Assignee: ETH ZURICH
    Inventors: Robert N. Grass, Wendelin Jan Stark
  • Patent number: 11516008
    Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.
    Type: Grant
    Filed: December 23, 2020
    Date of Patent: November 29, 2022
    Assignee: INTEL CORPORATION
    Inventors: Santosh Ghosh, Marcio Juliato, Manoj Sastry
  • Patent number: 11507652
    Abstract: A method, a communication device and a computer program product for protecting communication devices from access by unauthorized users. The method includes retrieving, from a memory, a biometric sensor disable time range and determining, via a processor of the communication device, if a current time is within the biometric sensor disable time range. In response to determining that the current time is within the biometric sensor disable time range, the method further includes determining if the communication device is in a sleep mode and in response to determining that the communication device is in the sleep mode, disabling at least one biometric sensor.
    Type: Grant
    Filed: January 17, 2020
    Date of Patent: November 22, 2022
    Assignee: Motorola Mobility LLC
    Inventors: Ranjeet Gupta, Joel D. Voss
  • Patent number: 11496457
    Abstract: Systems and methods may be used for providing more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions selected, for example by a user. These systems and methods secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols. Some systems and methods may use a subset of a credential with the interspersed noise symbols.
    Type: Grant
    Filed: June 10, 2019
    Date of Patent: November 8, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer Aref Hassan, Wei-Chen Chen
  • Patent number: 11455349
    Abstract: Described herein are methods, systems, and software to handle verification information in a content node. In one example, a method of operating a content node includes receiving a secure content request from an end user device and determining the availability of verification information stored on the content node to service the secure content request. The method further provides, if the verification information is available, verifying the end user device based on the verification information. The method also includes, if the verification information is unavailable, querying an origin server to verify the end user device.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: September 27, 2022
    Assignee: Fastly, Inc.
    Inventors: Artur Bergman, Tyler B. McMullen
  • Patent number: 11449636
    Abstract: A secure token (ST) system including at least one ST computing device to provision data using secure tokens over a network is provided. The ST computing device is configured to receive first customer data from a credit issuer computing device, the first customer data including at least one or more account identifiers associated with a customer and a social security number (SSN) associated with the customer. The ST computing device is also configured to hash the SSN, wherein the hashed SSN includes a hash value, assign a unique identifier to each of the one or more account identifiers, and generate a secure token by associating the hash value to each unique identifier. The ST computing device is further configured to store the secure token within the database, and transmit the secure token to at least one of the credit issuer computing device and a third party computing device.
    Type: Grant
    Filed: October 4, 2019
    Date of Patent: September 20, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Keyur Patel
  • Patent number: 11438460
    Abstract: Tangible, non-transitory, machine-readable media include instructions that cause a processor to receive a first indication that a user is attempting to communicate with a provider, and intercept communication between the user and the provider based on the first indication being received. The instructions also cause the processor to send user information to a provider application server based on the first indication being received, and display a visual interface that establishes communication with the relevant provider department or performs a transaction based on the first indication being received. The instructions further cause the processor to receive a second indication associated with performing the action associated with the provider via the visual interface; and performing the action based on the second indication being received.
    Type: Grant
    Filed: August 10, 2020
    Date of Patent: September 6, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Gualberto Camacho, David Tuomikoski
  • Patent number: 11429327
    Abstract: A computer system includes an information processing system configured to authenticate a user using one of multiple login methods and a terminal configured to request the information processing system to authenticate the user. The terminal includes a processor programmed to determine a login method based on a previously-used login method and display a login screen corresponding to the determined login method.
    Type: Grant
    Filed: September 3, 2020
    Date of Patent: August 30, 2022
    Assignee: Ricoh Company, Ltd.
    Inventor: Tohta Yasuda
  • Patent number: 11431760
    Abstract: A system and method for routing IP-based messaging, voice and video calling, comprising detecting network parameters of a network that a device is connected to, detecting a location of the device and routing the call based on the network parameters and the location.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: August 30, 2022
    Assignee: RELIANCE JIO INFOCOMM USA, INC.
    Inventors: Gautam Reddy, Mathew Oommen, Pallavur Sankaranaraynan, Chao Kan
  • Patent number: 11425109
    Abstract: A method and system for provisioning credentials is disclosed. The method includes receiving an encrypted data packet including a first passcode and credentials in encrypted form, and a second passcode. The second passcode is compared to a first passcode. If the passcodes match, then a server computer can transmit a token associated with the credentials to a service provider computer.
    Type: Grant
    Filed: September 12, 2018
    Date of Patent: August 23, 2022
    Assignee: Visa International Service Association
    Inventor: Madhuri Chandoor
  • Patent number: 11416616
    Abstract: A system is provided for managing booting of an OS that includes a UEFI controller comprising embedded application code instructions and a pre-loaded signed certificate, a boot process controller comprising application code instructions for the OS, pre-loaded signed certificates, and a plurality of application hash identifiers. The boot process controller receives signed communications from the UEFI controller and determines if the UEFI controller is authorized to manage the OS. The UEFI controller manages the OS in response to a positive authorization. The boot process controller determines if the UEFI controller is authorized to manage the OS in response to installation or execution of the OS. The UEFI controller receives a signed communication from the boot loader program, compares the signed communications with the plurality of application identifiers, and executes the boot loader program in response to the pre-loaded signed certificate matching an application identifier from the plurality.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: August 16, 2022
    Assignee: FORCEPOINT LLC
    Inventors: Robert W. Kliewer, Micky S. Martin, Mickey J. Malone, II
  • Patent number: 11411893
    Abstract: A method for real-time management of chat session data is disclosed. The method includes: receiving data from a client device via a web-based form; receiving, from the client device, a request to initiate a chat session between the client device and the computing system; in response to receiving the request to initiate the chat session, providing a chat interface for a new chat session on a display of the client device; populating a form with select data from the received data; and transmitting an encrypted version of the form via the chat interface to the client device.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: August 9, 2022
    Assignee: The Toronto-Dominion Bank
    Inventor: Inna Kharshak
  • Patent number: 11394551
    Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for secure authentication using puncturing. An authentication system receives an encoded obfuscated authentication credential as part of an authentication request and accesses a stored authentication credential. The authentication system performs a puncturing of the encoded obfuscated authentication credential. The resulting punctured authentication credential includes a subset of individual values from the encoded obfuscated authentication credential. The authentication determines whether the punctured encoded data input corresponds to at least a portion of the stored authentication credential. In response to determining that the punctured encoded data input corresponds to at least a portion of the stored authentication credential, the authentication system approves the authentication request.
    Type: Grant
    Filed: July 17, 2019
    Date of Patent: July 19, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer Aref Hassan, Edward C. Giaimo, III, Russell Andrew Penar
  • Patent number: 11394698
    Abstract: Provided herein are system, devices and methods for applying Multi-Party Computation (MPC) to authenticate a user accessing a secure resource using a plurality of computing nodes. The computing nodes, each receiving a respective one of a plurality of encrypted shares created using a plurality of keys to encrypt private data captured by a client device used by the user accessing the secure resource, engage in a secure MPC to compare between the encrypted shares and reference encrypted private data copies also encrypted using the plurality of keys without decrypting the private data since the keys are not available to the computing nodes. The computing nodes compute a match score based on the comparison and transmit it to a controller of the secure resource configured to grant or deny the client device access to the secure resource based on the match score.
    Type: Grant
    Filed: July 29, 2020
    Date of Patent: July 19, 2022
    Assignee: NEC Corporation Of America
    Inventors: Tsvi Lev, Yaacov Hoch
  • Patent number: 11386194
    Abstract: The current embodiments offer a method to generate, send, and authenticate users through validations codes without the need for data retention. Codes are generated each time they are sent and received based on original and identifiable inputs. They are then compared to authenticate a user. Eliminating the need for data retention or persistence removes the risks associated with keeping data on the service provider's storage as can be maliciously accessed.
    Type: Grant
    Filed: July 9, 2021
    Date of Patent: July 12, 2022
    Assignee: Oversec, UAB
    Inventor: Kazimieras Celiesius
  • Patent number: 11363056
    Abstract: Systems and methods are disclosed for analyzing a plurality of failed login records that correspond to failed login attempts detected by a computing system, to identify suspicious patterns of activity that can facilitate the supplementation of password blacklists for improving account security. To accomplish the foregoing, failed login records that include information associated with failed login attempts are obtained for analysis. The failed login records are analyzed to identify a set of failed login records that show initial characteristics of a suspicious pattern of activity. The information included in the set of failed login records are further analyzed to determine whether a suspicious pattern of activity is actually present. When a suspicious pattern of activity is identified in the set of failed login records, the passwords used in the failed login attempts are stored in password blacklists associated with the account identifier(s) with which the passwords were used.
    Type: Grant
    Filed: January 6, 2020
    Date of Patent: June 14, 2022
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Lachlan A. Maxwell, Donald J. McQueen, William C. Wakefield, III
  • Patent number: 11343860
    Abstract: Techniques are described herein for establishing two wireless networks at a premises, a dedicated network configured to be used by devices of an automation and security system of the premises and a user network configured to be used by devices associated with users. The dedicated network may be more rigorously secured than the user network. The dedicated network may be secured in such a way that computing devices associated with users are not permitted to access the dedicated network. In this manner, the dedicated network may be prevented from becoming compromised. In some examples, a contention management entity may mediate network traffic scheduling between the dedicated network and the user network. The dedicated network may be configured to give deference to traffic being communicated across the user network to maintain a quality of service for end users of the user network.
    Type: Grant
    Filed: October 15, 2019
    Date of Patent: May 24, 2022
    Assignee: VIVINT, INC.
    Inventor: Jeremy B. Warren
  • Patent number: 11316847
    Abstract: Systems and methods are described for authenticating a user accessing a user account. A behavior event associated with a current user using the user account during a session is obtained. The behavior event comprises of keystroke events and mouse events. The obtained behavior event of the current user is compared with a behavior profile of a registered user associated with the user account. The behavior profile comprises keystroke events and mouse events associated with the registered user. The current user is authenticated during the session, when the current user is determined to be the same as the registered user based on the comparison.
    Type: Grant
    Filed: July 26, 2021
    Date of Patent: April 26, 2022
    Assignee: KING ABDULAZIZ UNIVERSITY
    Inventors: Fahad Alsolami, Nada Alruhaily
  • Patent number: 11283794
    Abstract: The present invention discloses a tamper-proof ERP (Enterprise Resource Planning) system against a database server administrator, and a Logbook is setup for the database server administrator on the database server level in the ERP system. A reliable Logbook is created for the database server administrator on the database server level outside an ERP Application. Additionally, the Logbook also contains the needed information to restore the SQL database completely. This solution can be realized together with selection of a suitable SQL database server which prevents full unrestricted administrator access by using a two-factor authentication, wherein a first factor is known/selectable by end user only, and a second factor is managed by the ERP Application only.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: March 22, 2022
    Inventor: Michael Kübler
  • Patent number: 11277411
    Abstract: Described herein includes a data controller that secures personal data and efficiency and reliably records data access events using blockchain. The system may include a data controller for: receiving a request to access data stored in a database on the data controller, the request including a web token; verifying the web token of the request; providing access to the data stored in the database; generating a data access event indicating that the data stored in the database has been accessed; and recording the data access event on a blockchain platform in accordance with blockchain.
    Type: Grant
    Filed: December 13, 2018
    Date of Patent: March 15, 2022
    Assignee: SAP SE
    Inventors: Xun Sun, Jianmin Xue
  • Patent number: 11276062
    Abstract: A method implemented on an augmented reality electronic device includes establishing a wireless connection with an automated teller machine (ATM). The AR electronic device is used to authenticate a user of the AR electronic device at the ATM. An initiation is permitted of a financial transaction through user interface functionality for the ATM that is displayed on the AR electronic device. Financial information for the financial transaction is displayed on a display screen of the AR electronic device, instead of displaying the financial information at the ATM.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: March 15, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Harlen Bayha, Jennifer Stacey Borchardt, Adam Clifford Christensen, Charles Cowell, Eduardo DeLa Torre, Kourtney Eidam, Darren M. Goetz, Eric David Greene, Robert Glenn Hamchuk, Miranda C. Hill, Pey-Ning Huang, Richard Harrison Luttrell, Jr., Orsolya Oldroyd, Paul Vittimberga, Dominik Vltavsky
  • Patent number: 11269987
    Abstract: Method and system are provided for security credentials management for client applications. The method includes: detecting a user is entering security credentials for authentication of a client application; hashing at least a portion of the entered credentials to obtain current hashed credentials and storing the current hashed credentials; and comparing the current hashed credentials to previously stored hashed credentials for the client application. If the current hashed credentials and the previously stored hashed credentials match, the method may store the credentials for automatic completion of the credentials for the client application.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: March 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Sophie D. Green, David James Nice, Ledina Hido-Evans, Stewart O. M. Francis, Thomas Foyle
  • Patent number: 11258582
    Abstract: Distributed systems and methods for encrypting data on a blockchain network are disclosed. One system comprises at least one injector coupled to a node on the blockchain, a controller coupled to the injector, and a generator coupled to the controller. The injector intercepts messages bound for the blockchain and encrypts data in the messages using encryption information received from the controller. The controller acquires encryption information from the generator, which generates encryption keys and derives encryption information from those encryption keys. The encryption information may be divided into multiple parts and distributed between a plurality of injectors. As a result, to assemble an encryption key for encrypting or decrypting data, an injector may have to cooperate with other injectors to acquire sufficient encryption information to re-assemble the encryption key.
    Type: Grant
    Filed: May 1, 2018
    Date of Patent: February 22, 2022
    Assignee: QBRICS, INC.
    Inventors: Rakesh Ramachandran, Rajiv Chandran, Brennan Bennett
  • Patent number: 11244525
    Abstract: A method can include obtaining access code data corresponding to an access code transmitted to a user device. The method can further include monitoring the user device. The method can further include determining, based on the monitoring, that the access code is shared. The method can further include initiating, in response to the determining that the access code is shared, an invalidation of the access code.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: February 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Saurabh Yadav, Raghuveer Prasad Nagar, Arvind Kumar
  • Patent number: 11216822
    Abstract: A user may provide a financial card to an automated teller machine (ATM) or point of sale (POS) terminal and may be authenticated by providing a gesture and/or an image selection via a mobile device to the ATM or the POS. The gesture and/or image selection may be provided using a touchscreen of the mobile device. The gesture and/or image provided by the user via the mobile device may be compared to a stored gesture and/or image provided by the user during an earlier registration of the financial card. If there is a match between the gesture and/or image provided by the user via the mobile device and the previously stored gesture and/or image, then the user is authenticated and may access an account associated with the financial card.
    Type: Grant
    Filed: September 26, 2019
    Date of Patent: January 4, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Christopher Paul Courtright, Bradly Jay Billman
  • Patent number: 11194897
    Abstract: A method for generating a dynamic username includes receiving a static component of a dynamic username and a selection of a dynamic parameter component of the dynamic username from a user. The static component and the selected dynamic parameter component are combined in a predetermined order, based on a user selected option. The dynamic username is produced from the combined static component and the selected dynamic parameter component based on the predetermined order. A rule for producing the dynamic username is generated. The rule defines the predetermined order of the static component and the selected dynamic parameter component. The static component and the rule are stored in a credential database with the rule being associated with the static component.
    Type: Grant
    Filed: April 10, 2019
    Date of Patent: December 7, 2021
    Assignee: Mastercard International Incorporated
    Inventors: Marthom Daetz, Tara L. Sauer
  • Patent number: 11190501
    Abstract: An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: November 30, 2021
    Assignee: Terawe Corporation
    Inventors: Anilkumar Balakrishnan, Ashutosh Badwe, Hilal Al-Hilali, Ramakrishnan Peruvemba, David K. Downing, Javier Dalzell
  • Patent number: 11184242
    Abstract: Automating discovery server configuration as part of a discovery process includes determining one or more subnets selected from multiple subnets. Each of the one or more subnets selected is associated with a respective scheduled task. In response to determining the one or more subnets selected, one or more available discovery servers are identified from multiple discovery servers. The one or more discovery servers are configured based at least in part on the one or more subnets selected. In response to the automatic configuration, network discovery is initiated to perform the respective scheduled task.
    Type: Grant
    Filed: December 4, 2019
    Date of Patent: November 23, 2021
    Assignee: ServiceNow, Inc.
    Inventors: Bradley David Owen, Chris Nguyen, Ardis Gabrielle Maison, Marjan Marzban, Amit Chandulal Dhuleshia