Solely Password Entry (no Record Or Token) Patents (Class 713/183)
  • Patent number: 11455349
    Abstract: Described herein are methods, systems, and software to handle verification information in a content node. In one example, a method of operating a content node includes receiving a secure content request from an end user device and determining the availability of verification information stored on the content node to service the secure content request. The method further provides, if the verification information is available, verifying the end user device based on the verification information. The method also includes, if the verification information is unavailable, querying an origin server to verify the end user device.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: September 27, 2022
    Assignee: Fastly, Inc.
    Inventors: Artur Bergman, Tyler B. McMullen
  • Patent number: 11449636
    Abstract: A secure token (ST) system including at least one ST computing device to provision data using secure tokens over a network is provided. The ST computing device is configured to receive first customer data from a credit issuer computing device, the first customer data including at least one or more account identifiers associated with a customer and a social security number (SSN) associated with the customer. The ST computing device is also configured to hash the SSN, wherein the hashed SSN includes a hash value, assign a unique identifier to each of the one or more account identifiers, and generate a secure token by associating the hash value to each unique identifier. The ST computing device is further configured to store the secure token within the database, and transmit the secure token to at least one of the credit issuer computing device and a third party computing device.
    Type: Grant
    Filed: October 4, 2019
    Date of Patent: September 20, 2022
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Keyur Patel
  • Patent number: 11438460
    Abstract: Tangible, non-transitory, machine-readable media include instructions that cause a processor to receive a first indication that a user is attempting to communicate with a provider, and intercept communication between the user and the provider based on the first indication being received. The instructions also cause the processor to send user information to a provider application server based on the first indication being received, and display a visual interface that establishes communication with the relevant provider department or performs a transaction based on the first indication being received. The instructions further cause the processor to receive a second indication associated with performing the action associated with the provider via the visual interface; and performing the action based on the second indication being received.
    Type: Grant
    Filed: August 10, 2020
    Date of Patent: September 6, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Gualberto Camacho, David Tuomikoski
  • Patent number: 11429327
    Abstract: A computer system includes an information processing system configured to authenticate a user using one of multiple login methods and a terminal configured to request the information processing system to authenticate the user. The terminal includes a processor programmed to determine a login method based on a previously-used login method and display a login screen corresponding to the determined login method.
    Type: Grant
    Filed: September 3, 2020
    Date of Patent: August 30, 2022
    Assignee: Ricoh Company, Ltd.
    Inventor: Tohta Yasuda
  • Patent number: 11431760
    Abstract: A system and method for routing IP-based messaging, voice and video calling, comprising detecting network parameters of a network that a device is connected to, detecting a location of the device and routing the call based on the network parameters and the location.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: August 30, 2022
    Assignee: RELIANCE JIO INFOCOMM USA, INC.
    Inventors: Gautam Reddy, Mathew Oommen, Pallavur Sankaranaraynan, Chao Kan
  • Patent number: 11425109
    Abstract: A method and system for provisioning credentials is disclosed. The method includes receiving an encrypted data packet including a first passcode and credentials in encrypted form, and a second passcode. The second passcode is compared to a first passcode. If the passcodes match, then a server computer can transmit a token associated with the credentials to a service provider computer.
    Type: Grant
    Filed: September 12, 2018
    Date of Patent: August 23, 2022
    Assignee: Visa International Service Association
    Inventor: Madhuri Chandoor
  • Patent number: 11416616
    Abstract: A system is provided for managing booting of an OS that includes a UEFI controller comprising embedded application code instructions and a pre-loaded signed certificate, a boot process controller comprising application code instructions for the OS, pre-loaded signed certificates, and a plurality of application hash identifiers. The boot process controller receives signed communications from the UEFI controller and determines if the UEFI controller is authorized to manage the OS. The UEFI controller manages the OS in response to a positive authorization. The boot process controller determines if the UEFI controller is authorized to manage the OS in response to installation or execution of the OS. The UEFI controller receives a signed communication from the boot loader program, compares the signed communications with the plurality of application identifiers, and executes the boot loader program in response to the pre-loaded signed certificate matching an application identifier from the plurality.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: August 16, 2022
    Assignee: FORCEPOINT LLC
    Inventors: Robert W. Kliewer, Micky S. Martin, Mickey J. Malone, II
  • Patent number: 11411893
    Abstract: A method for real-time management of chat session data is disclosed. The method includes: receiving data from a client device via a web-based form; receiving, from the client device, a request to initiate a chat session between the client device and the computing system; in response to receiving the request to initiate the chat session, providing a chat interface for a new chat session on a display of the client device; populating a form with select data from the received data; and transmitting an encrypted version of the form via the chat interface to the client device.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: August 9, 2022
    Assignee: The Toronto-Dominion Bank
    Inventor: Inna Kharshak
  • Patent number: 11394698
    Abstract: Provided herein are system, devices and methods for applying Multi-Party Computation (MPC) to authenticate a user accessing a secure resource using a plurality of computing nodes. The computing nodes, each receiving a respective one of a plurality of encrypted shares created using a plurality of keys to encrypt private data captured by a client device used by the user accessing the secure resource, engage in a secure MPC to compare between the encrypted shares and reference encrypted private data copies also encrypted using the plurality of keys without decrypting the private data since the keys are not available to the computing nodes. The computing nodes compute a match score based on the comparison and transmit it to a controller of the secure resource configured to grant or deny the client device access to the secure resource based on the match score.
    Type: Grant
    Filed: July 29, 2020
    Date of Patent: July 19, 2022
    Assignee: NEC Corporation Of America
    Inventors: Tsvi Lev, Yaacov Hoch
  • Patent number: 11394551
    Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for secure authentication using puncturing. An authentication system receives an encoded obfuscated authentication credential as part of an authentication request and accesses a stored authentication credential. The authentication system performs a puncturing of the encoded obfuscated authentication credential. The resulting punctured authentication credential includes a subset of individual values from the encoded obfuscated authentication credential. The authentication determines whether the punctured encoded data input corresponds to at least a portion of the stored authentication credential. In response to determining that the punctured encoded data input corresponds to at least a portion of the stored authentication credential, the authentication system approves the authentication request.
    Type: Grant
    Filed: July 17, 2019
    Date of Patent: July 19, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer Aref Hassan, Edward C. Giaimo, III, Russell Andrew Penar
  • Patent number: 11386194
    Abstract: The current embodiments offer a method to generate, send, and authenticate users through validations codes without the need for data retention. Codes are generated each time they are sent and received based on original and identifiable inputs. They are then compared to authenticate a user. Eliminating the need for data retention or persistence removes the risks associated with keeping data on the service provider's storage as can be maliciously accessed.
    Type: Grant
    Filed: July 9, 2021
    Date of Patent: July 12, 2022
    Assignee: Oversec, UAB
    Inventor: Kazimieras Celiesius
  • Patent number: 11363056
    Abstract: Systems and methods are disclosed for analyzing a plurality of failed login records that correspond to failed login attempts detected by a computing system, to identify suspicious patterns of activity that can facilitate the supplementation of password blacklists for improving account security. To accomplish the foregoing, failed login records that include information associated with failed login attempts are obtained for analysis. The failed login records are analyzed to identify a set of failed login records that show initial characteristics of a suspicious pattern of activity. The information included in the set of failed login records are further analyzed to determine whether a suspicious pattern of activity is actually present. When a suspicious pattern of activity is identified in the set of failed login records, the passwords used in the failed login attempts are stored in password blacklists associated with the account identifier(s) with which the passwords were used.
    Type: Grant
    Filed: January 6, 2020
    Date of Patent: June 14, 2022
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Lachlan A. Maxwell, Donald J. McQueen, William C. Wakefield, III
  • Patent number: 11343860
    Abstract: Techniques are described herein for establishing two wireless networks at a premises, a dedicated network configured to be used by devices of an automation and security system of the premises and a user network configured to be used by devices associated with users. The dedicated network may be more rigorously secured than the user network. The dedicated network may be secured in such a way that computing devices associated with users are not permitted to access the dedicated network. In this manner, the dedicated network may be prevented from becoming compromised. In some examples, a contention management entity may mediate network traffic scheduling between the dedicated network and the user network. The dedicated network may be configured to give deference to traffic being communicated across the user network to maintain a quality of service for end users of the user network.
    Type: Grant
    Filed: October 15, 2019
    Date of Patent: May 24, 2022
    Assignee: VIVINT, INC.
    Inventor: Jeremy B. Warren
  • Patent number: 11316847
    Abstract: Systems and methods are described for authenticating a user accessing a user account. A behavior event associated with a current user using the user account during a session is obtained. The behavior event comprises of keystroke events and mouse events. The obtained behavior event of the current user is compared with a behavior profile of a registered user associated with the user account. The behavior profile comprises keystroke events and mouse events associated with the registered user. The current user is authenticated during the session, when the current user is determined to be the same as the registered user based on the comparison.
    Type: Grant
    Filed: July 26, 2021
    Date of Patent: April 26, 2022
    Assignee: KING ABDULAZIZ UNIVERSITY
    Inventors: Fahad Alsolami, Nada Alruhaily
  • Patent number: 11283794
    Abstract: The present invention discloses a tamper-proof ERP (Enterprise Resource Planning) system against a database server administrator, and a Logbook is setup for the database server administrator on the database server level in the ERP system. A reliable Logbook is created for the database server administrator on the database server level outside an ERP Application. Additionally, the Logbook also contains the needed information to restore the SQL database completely. This solution can be realized together with selection of a suitable SQL database server which prevents full unrestricted administrator access by using a two-factor authentication, wherein a first factor is known/selectable by end user only, and a second factor is managed by the ERP Application only.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: March 22, 2022
    Inventor: Michael Kübler
  • Patent number: 11277411
    Abstract: Described herein includes a data controller that secures personal data and efficiency and reliably records data access events using blockchain. The system may include a data controller for: receiving a request to access data stored in a database on the data controller, the request including a web token; verifying the web token of the request; providing access to the data stored in the database; generating a data access event indicating that the data stored in the database has been accessed; and recording the data access event on a blockchain platform in accordance with blockchain.
    Type: Grant
    Filed: December 13, 2018
    Date of Patent: March 15, 2022
    Assignee: SAP SE
    Inventors: Xun Sun, Jianmin Xue
  • Patent number: 11276062
    Abstract: A method implemented on an augmented reality electronic device includes establishing a wireless connection with an automated teller machine (ATM). The AR electronic device is used to authenticate a user of the AR electronic device at the ATM. An initiation is permitted of a financial transaction through user interface functionality for the ATM that is displayed on the AR electronic device. Financial information for the financial transaction is displayed on a display screen of the AR electronic device, instead of displaying the financial information at the ATM.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: March 15, 2022
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Harlen Bayha, Jennifer Stacey Borchardt, Adam Clifford Christensen, Charles Cowell, Eduardo DeLa Torre, Kourtney Eidam, Darren M. Goetz, Eric David Greene, Robert Glenn Hamchuk, Miranda C. Hill, Pey-Ning Huang, Richard Harrison Luttrell, Jr., Orsolya Oldroyd, Paul Vittimberga, Dominik Vltavsky
  • Patent number: 11269987
    Abstract: Method and system are provided for security credentials management for client applications. The method includes: detecting a user is entering security credentials for authentication of a client application; hashing at least a portion of the entered credentials to obtain current hashed credentials and storing the current hashed credentials; and comparing the current hashed credentials to previously stored hashed credentials for the client application. If the current hashed credentials and the previously stored hashed credentials match, the method may store the credentials for automatic completion of the credentials for the client application.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: March 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Sophie D. Green, David James Nice, Ledina Hido-Evans, Stewart O. M. Francis, Thomas Foyle
  • Patent number: 11258582
    Abstract: Distributed systems and methods for encrypting data on a blockchain network are disclosed. One system comprises at least one injector coupled to a node on the blockchain, a controller coupled to the injector, and a generator coupled to the controller. The injector intercepts messages bound for the blockchain and encrypts data in the messages using encryption information received from the controller. The controller acquires encryption information from the generator, which generates encryption keys and derives encryption information from those encryption keys. The encryption information may be divided into multiple parts and distributed between a plurality of injectors. As a result, to assemble an encryption key for encrypting or decrypting data, an injector may have to cooperate with other injectors to acquire sufficient encryption information to re-assemble the encryption key.
    Type: Grant
    Filed: May 1, 2018
    Date of Patent: February 22, 2022
    Assignee: QBRICS, INC.
    Inventors: Rakesh Ramachandran, Rajiv Chandran, Brennan Bennett
  • Patent number: 11244525
    Abstract: A method can include obtaining access code data corresponding to an access code transmitted to a user device. The method can further include monitoring the user device. The method can further include determining, based on the monitoring, that the access code is shared. The method can further include initiating, in response to the determining that the access code is shared, an invalidation of the access code.
    Type: Grant
    Filed: March 2, 2020
    Date of Patent: February 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Saurabh Yadav, Raghuveer Prasad Nagar, Arvind Kumar
  • Patent number: 11216822
    Abstract: A user may provide a financial card to an automated teller machine (ATM) or point of sale (POS) terminal and may be authenticated by providing a gesture and/or an image selection via a mobile device to the ATM or the POS. The gesture and/or image selection may be provided using a touchscreen of the mobile device. The gesture and/or image provided by the user via the mobile device may be compared to a stored gesture and/or image provided by the user during an earlier registration of the financial card. If there is a match between the gesture and/or image provided by the user via the mobile device and the previously stored gesture and/or image, then the user is authenticated and may access an account associated with the financial card.
    Type: Grant
    Filed: September 26, 2019
    Date of Patent: January 4, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Christopher Paul Courtright, Bradly Jay Billman
  • Patent number: 11194897
    Abstract: A method for generating a dynamic username includes receiving a static component of a dynamic username and a selection of a dynamic parameter component of the dynamic username from a user. The static component and the selected dynamic parameter component are combined in a predetermined order, based on a user selected option. The dynamic username is produced from the combined static component and the selected dynamic parameter component based on the predetermined order. A rule for producing the dynamic username is generated. The rule defines the predetermined order of the static component and the selected dynamic parameter component. The static component and the rule are stored in a credential database with the rule being associated with the static component.
    Type: Grant
    Filed: April 10, 2019
    Date of Patent: December 7, 2021
    Assignee: Mastercard International Incorporated
    Inventors: Marthom Daetz, Tara L. Sauer
  • Patent number: 11190501
    Abstract: An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: November 30, 2021
    Assignee: Terawe Corporation
    Inventors: Anilkumar Balakrishnan, Ashutosh Badwe, Hilal Al-Hilali, Ramakrishnan Peruvemba, David K. Downing, Javier Dalzell
  • Patent number: 11184242
    Abstract: Automating discovery server configuration as part of a discovery process includes determining one or more subnets selected from multiple subnets. Each of the one or more subnets selected is associated with a respective scheduled task. In response to determining the one or more subnets selected, one or more available discovery servers are identified from multiple discovery servers. The one or more discovery servers are configured based at least in part on the one or more subnets selected. In response to the automatic configuration, network discovery is initiated to perform the respective scheduled task.
    Type: Grant
    Filed: December 4, 2019
    Date of Patent: November 23, 2021
    Assignee: ServiceNow, Inc.
    Inventors: Bradley David Owen, Chris Nguyen, Ardis Gabrielle Maison, Marjan Marzban, Amit Chandulal Dhuleshia
  • Patent number: 11178150
    Abstract: Methods, non-transitory computer readable media, and access policy manager apparatus that assists with enforcing an access control list based on one or more managed applications includes receiving a request to access a web application from an enrolled mobile device. An access control for the received request is identified based on data associated with the enrolled mobile device and a user using the enrolled mobile device. The identified access control list is enforced on the enrolled mobile device to determine when to provide access to the requested web application. Access to the requested web application is provided to the enrolled mobile device when enforced access control list comprises data to allow the enrolled mobile device access to the requested web application.
    Type: Grant
    Filed: January 20, 2017
    Date of Patent: November 16, 2021
    Assignee: F5 NETWORKS, INC.
    Inventors: Wui Chung Lie, Ravi Natarajan
  • Patent number: 11176270
    Abstract: An information handling system with improved data security has a signal detector circuit to receive a signal interrupt from a plurality of signal interrupt sources, and an authentication timer circuit that starts measuring a configured time duration based upon the received signal interrupt. A scrambler module initiates data scrambling upon completion of the configured time duration.
    Type: Grant
    Filed: May 10, 2019
    Date of Patent: November 16, 2021
    Assignee: Dell Products L.P.
    Inventors: Shane Michael Chiasson, Aditi R. Satam, Bijan Noorbakhsh, Thomas Cantwell
  • Patent number: 11151571
    Abstract: A computer-implement method of processing resource exchange information includes the following steps: obtaining a data package including a user card identifier and a social network application identifier from a mobile phone; establishing a correspondence between the user card identifier and the social network application identifier and storing the correspondence in the computer system; obtaining user card data and resource exchange information from a payment terminal, wherein the user card data includes the user card identifier; performing security verification to the user card data and obtaining the corresponding social network application identifier when the security verification succeeds; processing a resource transfer request according to the social network application identifier and the resource exchange information and generating corresponding processing state information; and returning the corresponding processing state information to the payment terminal.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: October 19, 2021
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Kai Liu, Liangliang Fan, Leteng Weng, Yaxuan Zhu
  • Patent number: 11144675
    Abstract: In particular embodiments, a sensitive data management system is configured to remove sensitive data after a period of non-use. Credentials used to access remote systems and/or third-party systems are stored with metadata that is updated with each use of the credentials. After a period of non-use, determined based on credential metadata, the credentials are deleted. Personal data retrieved to process a consumer request is stored with metadata that is updated with each use of the personal data. After a period of non-use, determined based on personal data metadata, the personal data is deleted. The personal data is also deleted if the system determines that the process or system that caused the personal data to be retrieved is no longer in use. An encrypted version of personal data may be stored for later use in verifying proper consumer request fulfillment.
    Type: Grant
    Filed: March 11, 2021
    Date of Patent: October 12, 2021
    Assignee: OneTrust, LLC
    Inventors: Jonathan Blake Brannon, Kevin Jones, Saravanan Pitchaimani, Jeremy Turk
  • Patent number: 11138608
    Abstract: An example operation may include one or more of creating a proposed transaction including one or more assets, transmitting the proposed transaction to a user device for authorization, receiving authorization from the user device via an asynchronous one-time password to authorize the proposed transaction, and creating a blockchain transaction including the asynchronous one-time password and content of the proposed transaction responsive to receiving the authorization.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: October 5, 2021
    Assignee: International Business Machines Corporation
    Inventor: Matthew Green
  • Patent number: 11132435
    Abstract: A method includes: training a prediction model with sample data; obtaining user information of a user as an input feature to the prediction model; predicting, using the prediction model according to a set of determination conditions, whether the user has forgotten a payment password associated with a payment application; and in response to predicting that the user has forgotten the payment password and detecting the user logging in the payment application with a login password different from the payment password, displaying a user interface for directing the user to a payment password resetting interface for resetting the payment password.
    Type: Grant
    Filed: January 4, 2021
    Date of Patent: September 28, 2021
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Yipeng Yang, Kangbei Jiang, Ning Wang, Hua Zhao, Tong Zhu
  • Patent number: 11113381
    Abstract: A device may receive an input that indicates a request to initiate a transaction at an ATM device. The device may instruct the user to capture one or more images of the ATM device. The device may determine that an image has been captured and process the image to determine first information that identifies the ATM device. The device may send the first information to a server device and receive a signal that indicates the ATM device has been validated. The device may cause an augmented reality (AR) overlay to be displayed, wherein the AR overlay includes second information related to authenticating the user to the ATM device. The device may determine whether a user action is performed with respect to the second information included in the AR overlay, and perform a device action related to the second information, the ATM device, or the AR overlay.
    Type: Grant
    Filed: May 15, 2019
    Date of Patent: September 7, 2021
    Assignee: Capital One Services, LLC
    Inventors: Abdelkadar M'Hamed Benkreira, Michael Mossoba, Joshua Edwards
  • Patent number: 11108766
    Abstract: An information processing apparatus includes a memory, a request unit, an authenticating unit, and a determination unit. The memory stores authentication information for performing user authentication. When authentication information of a user who is a target of the user authentication is not stored in the memory, the request unit requests the authentication information from a different information processing apparatus. The authenticating unit performs the user authentication by using the authentication information stored in the memory or obtained from the different apparatus in response to the request from the request unit. The determination unit determines whether the apparatus or the different apparatus is to store the authentication information. When the authentication information is not stored in the apparatus, if it is determined that the apparatus is to store the authentication information, the memory stores the authentication information obtained in response to the request from the request unit.
    Type: Grant
    Filed: June 7, 2018
    Date of Patent: August 31, 2021
    Assignee: FUJIFILM Business Innovation Corp.
    Inventor: Shunsuke Kiryu
  • Patent number: 11108793
    Abstract: The present disclosure is related to devices, systems, and methods for preemptive alerts in a connected environment. An example device can include instructions to receive a log from a first log source, determine whether a pattern of events in the log exceeds an alert threshold of the first log source, wherein the pattern of events is associated with an event source, in response to the pattern of events exceeding the alert threshold, trigger an alert particular to the event source, and in response to the pattern of events exceeding the alert threshold, initiate a sensitivity threshold of a second log source that provides a same functionality as the first log source, wherein the sensitivity threshold is more sensitive than the alert threshold, and wherein the sensitivity threshold is particular to the event source.
    Type: Grant
    Filed: April 29, 2016
    Date of Patent: August 31, 2021
    Assignee: VMWARE, INC.
    Inventor: Vardan Movsisyan
  • Patent number: 11089008
    Abstract: Disclosed is a client system for facilitating authentication of a user characterized by validating a password, at the client machine, transmitted by a server. In order to authenticate the user, initially, the client machine transmits a User Identification (ID) to the server. Upon receipt of the User ID, the server receives the User ID from the client machine and accordingly transmits a password to the client machine. In one aspect, the password may be transmitted by identifying the password, pertaining to the User ID, from a server password database and altering the password, to be transmitted, based on the metadata by using a Random Character Generator (RCG) algorithm. Subsequently, the client machine receives the password pertaining to the User ID from the server. Post receipt of the password, the client machine compares the password with a complementary password stored in a client password database presents on a client machine.
    Type: Grant
    Filed: November 20, 2018
    Date of Patent: August 10, 2021
    Assignee: HCL Technologies Italy S.p.A.
    Inventors: Longobardi Giuseppe, Barillari Fabio
  • Patent number: 11070534
    Abstract: A system for vaultless tokenization and encryption includes an iframe service for collecting data and a tokenization service for (de)tokenizing and encrypting/decrypting data. The system is accessible to users and partners that submit requests causing various functions to be executed by the system. The functions include, but are not limited to, providing (de)tokenization and/or encryption services, and managing and creating templates for iframe collection, (de)tokenization, and encryption/decryption. A template service facilitates generation of templates that parametrize collection of original data via served iframe elements, tokenization and/or encryption of original data, and detokenizing and/or decrypting tokens to recover original data. An iframe service is configured for providing a virtual terminal, an iframe that provides users direct access to (de)tokenization and/or decryption/encryption services.
    Type: Grant
    Filed: May 13, 2020
    Date of Patent: July 20, 2021
    Assignee: BLUEFIN PAYMENT SYSTEMS LLC
    Inventor: Timothy William Barnett
  • Patent number: 11048792
    Abstract: A computerized method of reducing a probability for falsely classifying a legitimate authentication process conducted by a legitimate user as a password guessing attack, comprising estimating a password guessing attack risk for an authentication process conducted by a user for accessing a secure service by performing the following for each of a plurality of failed access attempts in which the user provides incorrect authentication credentials: (1) calculate a risk score for a respective failed access attempt based on analysis of the incorrect authentication credentials provided during the respective failed access attempt and (2) update an authentication session score of the authentication process according to the calculated risk score and initiate one or more actions in case the updated authentication session value exceeds one or more threshold values extracted from a security policy predefined for the secure service.
    Type: Grant
    Filed: October 28, 2018
    Date of Patent: June 29, 2021
    Assignee: Transmit Security Ltd.
    Inventor: Michael Boodaei
  • Patent number: 11044592
    Abstract: Some examples include detecting that a source computing device is in proximity to a target computing device. For instance, a user credential of the source computing device may be received from the source computing device. Further, a copy of system data of the source computing device may be retrieved from a cloud storage service. A system state of the source computing device may be restored on the target computing device by using the user credential received from the source computing device and the copy of the system data of the source computing device retrieved from the cloud storage. In some cases, the user credential may expire on the target computing device after a predetermined system event in the target computing device.
    Type: Grant
    Filed: October 1, 2018
    Date of Patent: June 22, 2021
    Assignee: RAZER (ASIA-PACIFIC) PTE. LTD.
    Inventors: Michael A. Chan, Tom Moss, Daniel R Bornstein, Michael K Fleming, Justin Quan, Linda Tong
  • Patent number: 11043222
    Abstract: A speech interface device is configured to defer encryption of audio data on-device until a time when the encryption operation is not competing with other computationally-intensive operations for responding to the audio data. For example, audio data based on sound captured in an environment of the speech interface device can be stored in volatile memory of the speech interface device, without encrypting it, until a set of processing operations (e.g., ASR processing, NLU processing, audio event processing, etc.) performed based on the audio data have stopped. Based on a determination that these processing operations for responding to the audio data have stopped, the logic may encrypt the audio data to generate encrypted data, and the encrypted data can be stored in non-volatile memory of the speech interface device for uploading to a remote system when a connection is available.
    Type: Grant
    Filed: December 3, 2018
    Date of Patent: June 22, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin Charles Eagan, Maciej Makowski, Zack Shahaf Matorin
  • Patent number: 11030096
    Abstract: Preparing a key block in a memory system. Various methods include: selecting a candidate key block of memory; checking a quality of the candidate key block using a word line of the candidate key block; altering operating parameters of the candidate key memory block; and registering the candidate key memory block as the key block. Where altering the operating parameters includes replacing a first set of parameters associated with the first memory block with a second set of parameters, where the first set of parameters includes a first erase parameter, a first program parameter, and a first read parameter, where the memory block operating in a normal block mode is accessed using the first set of parameters, and the second set of parameters includes a second erase parameter, a second program parameter, and a second read parameter, where the first memory block is accessed using the second set of parameters.
    Type: Grant
    Filed: January 10, 2019
    Date of Patent: June 8, 2021
    Inventors: Niles Yang, Sahil Sharma, Rohit Sehgal, Phil Reusswig
  • Patent number: 11005859
    Abstract: Techniques are provided for preventing suspicious computer operations using a multi-channel protocol. An exemplary method includes detecting an operation comprising suspicious activity on a first device of a user; in response to the detecting, providing a control signal to suspend the operation on the first device; providing a notification of the suspicious activity to an identity system, wherein the identity system (i) provides an approval request to a distinct second device of the user to verify whether the operation is an authorized operation, (ii) receives a reply from the second device comprising an indication of whether the operation is an authorized operation, and (iii) notifies the first device of whether the operation is an authorized operation; and providing a control signal to enable the operation to proceed on the first device responsive to the reply from the second device indicating that the operation was an authorized operation.
    Type: Grant
    Filed: September 23, 2016
    Date of Patent: May 11, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: Boris Kronrod, Ayelet Biger-Levin, Maor Franco
  • Patent number: 11003745
    Abstract: The application provides a user interface switching method and a terminal. After the terminal triggers a TUI display request of a CA according to a first operation on a CA interface by a user, the terminal switches a display environment of the CA from an REE to a TEE according to the TUI display request, and then displays a TA interface that is of the CA and that is in the TEE. In this case, the user may perform an operation of inputting sensitive information on the TA interface, and a malicious program that runs in the REE cannot access a hardware device to obtain the input operation in the TEE by the user. Therefore, t sensitive information of the user is stolen is prevented, thereby effectively enhancing security of the input operation by the user.
    Type: Grant
    Filed: May 29, 2018
    Date of Patent: May 11, 2021
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventor: Dongdong Yao
  • Patent number: 10999272
    Abstract: Techniques are provided for using tokenization in conjunction with “behind-the-wall” JWT authentication. “Behind-the-wall” JWT authentication refers to JWT authentication techniques in which the JWT stays exclusively within the private network that is controlled by the web application provider. Because the JWT stays within the private network, the security risk posed by posting the JWT in a client cookie is avoided. However, because JWT is used behind-the-wall to authenticate a user with the services requested by the user, the authentication-related overhead is significantly reduced.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: May 4, 2021
    Assignee: LendingClub Corporation
    Inventors: Fernando Lores, Albert Tam
  • Patent number: 10992462
    Abstract: A concealed-decision-tree computation system includes a user apparatus and 0th to (n?1)-th server apparatuses, where n is a predetermined positive integer. The user apparatus secret-shares data D into n shares [D]j (j=0, . . . , n?1) and sends the n shares [D]j (j=0, . . . , n?1) to the 0th to (n?1)-th server apparatuses, respectively. The 0th to (n?1)-th server apparatuses use the n shares [D]j (j=0, n?1) to perform secret cooperation computation to obtain n shares [out]0, . . . , [out]n-1 of a value “out” corresponding to the data D in a predetermined decision tree and send the n shares [out]0, . . . , [out]n-1 to the user apparatus. The user apparatus uses at least k shares out of the n received shares [out]0, . . . , [out]n-1 to restore the value “out” corresponding to the data D in the predetermined decision tree, where k is a predetermined integer equal to or smaller than n.
    Type: Grant
    Filed: January 13, 2017
    Date of Patent: April 27, 2021
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Ryo Kikuchi, Koki Hamada
  • Patent number: 10970897
    Abstract: A method for accessing legacy devices via Augmented Reality (AR) devices. The method includes acquiring, via an AR device, an image of a keyboard of a legacy device. The method includes accessing customer commands for initiating of a transaction using the legacy device. The method includes determining a command sequence based, at least in part, on the customer commands, the command sequence mapping to a keystroke sequence to be entered using the keyboard. The method includes generating an overlay indicating a keystroke sequence corresponding to the command sequence. The method also includes displaying, via the AR device, the overlay by visually projecting the overlay over the keyboard of the legacy device.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: April 6, 2021
    Assignee: PAYPAL, INC.
    Inventors: Michael Charles Todasco, Braden Christopher Ericson
  • Patent number: 10956558
    Abstract: Methods and systems for authenticating a user account based on a password are disclosed. In one aspect, a method includes receiving input defining a sequence of characters included in an entered password, ignoring characters between a first position in the sequence of characters and a second position in the sequence of characters, and validating the password based on non-ignored characters in the sequence of characters.
    Type: Grant
    Filed: October 31, 2018
    Date of Patent: March 23, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Amer A. Hassan, Edward C. Giaimo, III, Wei-Chen Chen
  • Patent number: 10943232
    Abstract: Systems and methods are provided for online transactions using pattern recognition. A user of a payment provider may create and register patterns drawn by the user on a pattern entry image. The user may register the patterns by associating transaction options with each drawn pattern. Each pattern may be used to execute a particular transaction such as a purchase transaction, a payment of a specific amount, a payment to a specific recipient, or a sales transaction. When the user wishes to execute a transaction such as an online payment to a particular recipient for a particular amount, the user can redraw the registered pattern associated with payments to that recipient for that amount. A pattern can be drawn at a particular location on the pattern entry image. Different transactions can be associated with patterns drawn at different locations.
    Type: Grant
    Filed: September 4, 2018
    Date of Patent: March 9, 2021
    Assignee: PAYPAL, INC.
    Inventor: Puvanenthiran Subbaraj
  • Patent number: 10943002
    Abstract: Provided is a password authenticating apparatus that can provide a hint for selecting a password without displaying a part of the password. The input-receiving unit receives input of a password as an input password. A password-header-comparing unit compares a header portion of the input password up to a number of header comparison characters with authentication information, and determines whether or not the header portion of the input password up to the number of header comparison characters matches a portion from the start of a registered password up to the number of header comparison characters. A screen-generating unit, when it is determined there is no match, generates a header-error screen providing guidance that the input password already does not match in the header portion as a display screen. A display-control unit causes a display unit to display the display screen generated by the screen-generating unit.
    Type: Grant
    Filed: February 1, 2019
    Date of Patent: March 9, 2021
    Assignee: KYOCERA Document Solutions Ine.
    Inventor: Yohei Yamada
  • Patent number: 10917678
    Abstract: Tracking and analysis of the location of user and device access to telecommunications services may be used to validate that a given user or device is part of an authorized subscriber household and is therefore properly accessing those services in accordance with the terms of service. A service provider may determine, based on previously collected data and user information collected while a user accesses a service, whether the user's pattern of access establishes a required pattern of access determined by the service provider, such as access on a minimum periodic basis from the home of an authorized subscriber.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: February 9, 2021
    Assignee: CSC Holdings, LLC
    Inventor: Jonathan Greenfield
  • Patent number: 10915633
    Abstract: A method and an apparatus for device security verification utilizing a virtual trusted computing base are provided. The validity of a key for decryption is verified by a secure memory loader running on a processor of a device after booting of the device which is a computing device, and if the key is valid, encrypted firmware stored in a memory of the device is decrypted using the key to verify the confidentiality of the firmware. Then, the security memory loader verifies the authentication and integrity of the firmware by comparing a signature value generated for the decrypted firmware with an existing signature value.
    Type: Grant
    Filed: November 29, 2018
    Date of Patent: February 9, 2021
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Yong Hyuk Moon, Dae Won Kim, Young Sae Kim, Seung Yong Yoon, Jin Hee Han, Jeong Nyeo Kim, Jae Deok Lim
  • Patent number: 10909233
    Abstract: A method includes: training a prediction model with sample data; obtaining user information of a user as an input feature to the prediction model; predicting, using the prediction model according to a set of determination conditions, whether the user has forgotten a payment password associated with a payment application; and in response to predicting that the user has forgotten the payment password and detecting the user logging in the payment application with a login password different from the payment password, displaying a user interface for directing the user to a payment password resetting interface for resetting the payment password.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: February 2, 2021
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Yipeng Yang, Kangbei Jiang, Ning Wang, Hua Zhao, Tong Zhu