Using Record Or Token Patents (Class 713/185)
  • Patent number: 10708271
    Abstract: A scalable configurable universal full spectrum cyberspace identity verification test for determining whether or not one specific tested person if the same person as one specific known person.
    Type: Grant
    Filed: September 26, 2019
    Date of Patent: July 7, 2020
    Inventor: Jeffry David Aronson
  • Patent number: 10708262
    Abstract: A method of operating a security token to authenticate a user in a multi-factor authentication system is disclosed. The method includes: monitoring user custody of the token, the token having an identifying characteristic representing a possession factor for use through possession factor authentication; during a period of continuous user custody of the token based on the monitoring, obtaining a knowledge factor from a user having the continuous user custody; caching the knowledge factor in a memory of the token; and in response to a second authentication request, retrieving the knowledge factor from the memory to demonstrate to an authentication system knowledge of the knowledge factor, during the period of continuous user custody.
    Type: Grant
    Filed: June 19, 2018
    Date of Patent: July 7, 2020
    Assignee: Applied Invention, LLC
    Inventor: W. Daniel Hillis
  • Patent number: 10706655
    Abstract: In accordance with one embodiment, an access control system is disclosed. The access control system comprises an access control panel including a touchable surface, a multi-dimensional touch sensor under the touchable surface, and a processor coupled to the multi-dimensional touch sensor. The multi-dimensional touch sensor captures a multi-dimensional motion signal including a micro-motion signal component representing neuro-mechanical micro-motions of a user touching the multi-dimensional touch sensor. The processor performs signal processing of the multi-dimensional motion signal to obtain the micro-motion signal component; and extracts unique values of predetermined features from the micro-motion signal component to form a neuro-fingerprint (NFP) that uniquely identifies the user. The NFP can be used as a gatekeeper to control entry into homes, offices, buildings, or other real properly typically protected by access control.
    Type: Grant
    Filed: November 21, 2017
    Date of Patent: July 7, 2020
    Assignee: Proprius Technologies S.A.R.L.
    Inventors: Martin Zizi, Hugh Sharkey
  • Patent number: 10701237
    Abstract: An information processing apparatus includes: a non-volatile memory; and a hardware processor that controls the non-volatile memory, wherein the hardware processor determines whether communication speed of a communication path to the non-volatile memory is equal to or less than a threshold value and encrypts the data transmitted to the non-volatile memory when the communication speed is determined to be equal to or less than the threshold value.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: June 30, 2020
    Assignee: KONICA MINOLTA, INC.
    Inventors: Takehisa Yamaguchi, Yuji Okamoto, Hidetaka Iwai, Nobuhiro Mishima, Atsushi Tamura, Katsuyuki Sugita
  • Patent number: 10700853
    Abstract: One example method of operation may include receiving a request, from an entity, for one or more tokens based on one or more attributes, encrypting and masking the one or more attributes, adding the encrypted and masked one or more attributes to the one or more tokens, and transmitting the one or more tokens to the entity.
    Type: Grant
    Filed: May 9, 2017
    Date of Patent: June 30, 2020
    Assignee: International Business Machines Corporation
    Inventors: David W. Kravitz, Dulce B. Ponceleon, Diego A. Masini, Raul O. Laprida, Andres Garagiola, John B. Geagan, III
  • Patent number: 10678880
    Abstract: The present invention relates to a method for distributing digital keys. The method includes the steps of a first database storing a plurality of keys relating to a plurality of products; for each product, transferring keys from the first database to a corresponding cache in a second database; in response to a request for a key for a product, retrieving and distributing a key from the corresponding cache; and refreshing the corresponding cache by transferring further keys from the first database to the corresponding cache. A system for distributing digital keys is also disclosed.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: June 9, 2020
    Assignee: Greenman Gaming Limited
    Inventors: Lee Packham, Krzysztof Bandurski, James Phillips, Daniel Smedley
  • Patent number: 10672212
    Abstract: Described herein is a system and universal access control device that may be installed in proximity to, or within, an access control system to enable a user to use a user device to gain access to a secure area or resource. In some embodiments, a user may submit a request for access to a remote server and may be provided with an access token. The user may relay the received access token to the universal access device via a wireless transmission means on his or her user device. The universal access device may verify the authenticity of the access token by relaying the access token information to the remote server. Once the access token has been authenticated, the universal access control device may retrieve a credential stored in memory and provide that credential to the access control system to enable the user to gain entry to a secure area.
    Type: Grant
    Filed: September 17, 2018
    Date of Patent: June 2, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Ahmet Musabeyoglu, Balarajan Balasubramaniam, William Greger, Carl Haverl, Prakash Krishnamurthy, Kaushik Mani, Peeyush Champalal Nahar, Hoshgeldy Tachmuradov
  • Patent number: 10667033
    Abstract: A system, method and one or more wireless earpieces for authenticating functionality of one or more wireless earpieces. A request that requires authentication is received through the one or more wireless earpieces. Biometric readings are performed for a user utilizing sensors of the one or more wireless earpieces. The biometric readings are analyzed to determine whether the user is authorized for the one or more wireless earpieces to fulfill the request. The request is authenticated in response to determining the biometric readings performed by the one or more wireless earpieces authorize fulfillment of the request.
    Type: Grant
    Filed: February 27, 2017
    Date of Patent: May 26, 2020
    Assignee: BRAGI GmbH
    Inventors: Peter Vincent Boesen, Veniamin Milevski
  • Patent number: 10666763
    Abstract: Techniques for automatically generating an integrity check hash value for a content asset served by a third-party server when the content asset is added to a template in a user interface. The techniques include displaying, by the user interface, a visual layout of web content, the UI configured to receive modifications to a component of the web content. The component comprising a template for generating hypertext markup language (HTML) embodying the component. The techniques further include receiving a modification to the component of the web content, wherein the modification includes instructions to include a content asset in the component of the web content and detecting that the content asset is hosted on a third-party server. Additionally, the techniques include generating HTML for the web content, the HTML including an integrity hash value for the content asset based on the template.
    Type: Grant
    Filed: September 7, 2016
    Date of Patent: May 26, 2020
    Assignee: Adobe Inc.
    Inventors: Damien Antipa, Antonio Sanso
  • Patent number: 10657279
    Abstract: A portable electronic device, a wearable device and methods for operating the same are provided. The portable electronic device includes a display; a communication interface configured to communicate with a wearable device using wireless short-range communication; a processor; and a memory storing instructions, which when executed by the processor, cause the portable electronic device to establish, via the communication interface, a connection between the portable electronic device and the wearable device, identify a security status of the connected wearable device, limit access to at least one predefined setting item among a plurality of setting items and control the display to display an indication of the identified security status if the identified security status corresponds to a lock status, wherein the at least one predefined setting item relates to a passcode, and allow access to the at least one predefined setting item if the identified security status corresponds to an unlock status.
    Type: Grant
    Filed: April 10, 2019
    Date of Patent: May 19, 2020
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Dong-Il Son, Heung-Sik Shin, Eui-Chang Jung, Ju-Yeong Lee, Ki-Tae Lee
  • Patent number: 10649877
    Abstract: An agent inserts one or more hooks into a sub-execution runtime environment that is configured to include a script and/or targeted to include the script. The agent including the one or more hooks monitors a behavior of the sub-execution runtime environment and/or the script. The agent subsequently obtains context information regarding the sub-execution runtime environment and/or the script so that it can control the runtime of at least the sub-execution runtime environment. Related systems, methods, and articles of manufacture are also disclosed.
    Type: Grant
    Filed: November 29, 2018
    Date of Patent: May 12, 2020
    Assignee: Cylance Inc.
    Inventor: Derek A. Soeder
  • Patent number: 10635793
    Abstract: Systems and techniques are provided for restricted accounts on a mobile platform. A request to create a restricted account may be received. The restricted account may be a user account with a restriction. Credentials for the restricted account may be received. A restriction for the restricted account may be received. The restriction may include an access restriction or a lifetime restriction. An access restriction may prevent an application from accessing the restricted account and a lifetime restriction may limit the lifetime of the restricted account. The restricted account may be stored with the credentials and the restriction. A request may be received for a list of user accounts from an application. The restricted account may be determined to include an access restriction that prevents the application from accessing the restricted account. The list of user accounts may be sent to the application and without an identifier for the restricted account.
    Type: Grant
    Filed: September 1, 2017
    Date of Patent: April 28, 2020
    Assignee: Google LLC
    Inventors: Ushasree Kode, Carlos Valdivia
  • Patent number: 10630679
    Abstract: A method providing use of an application may include providing a session for a user of the application, wherein the session is provided based on a credential for the user. While providing the session, image data for the session may be obtained, and responsive to the image data for the session, authentication may be performed based on a determination whether the image data for the session includes a facial image that matches the user credential. Responsive to success of the authentication based on the image data for the session, the session for the user of the application may continue to be provided. Related devices and computer program products are also discussed.
    Type: Grant
    Filed: November 2, 2016
    Date of Patent: April 21, 2020
    Assignee: CA, Inc.
    Inventor: Vineet Verma
  • Patent number: 10620714
    Abstract: Example implementations relate to configuration based operation modes. In some examples, a mobile computing device may include an integrated physical keyboard and an integrated display. The mobile computing device may include a memory resource comprising executable instructions to determine a configuration of the mobile computing device. The mobile computing device may include a memory resource comprising executable instructions to disable the integrated display and enable an operation mode permitting utilization of the physical keyboard with a non-integrated display based on the configuration.
    Type: Grant
    Filed: April 7, 2017
    Date of Patent: April 14, 2020
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Alexander Wayne Clark
  • Patent number: 10621550
    Abstract: Trusted, privacy-protected systems and method are disclosed for processing, handling, and performing tests on human genomic and other information. According to some embodiments, a system is disclosed that is a cloud-based system for the trusted storage and analysis of genetic and other information. Some embodiments of the system may include or support some or all of authenticated and certified data sources; authenticated and certified diagnostic tests; and policy-based access to data.
    Type: Grant
    Filed: October 17, 2012
    Date of Patent: April 14, 2020
    Assignee: Intertrust Technologies Corporation
    Inventors: W. Knox Carey, David P. Maher, Michael G. Manente, Jarl Nilsson, Talal G. Shamoon
  • Patent number: 10623975
    Abstract: An embedded modem for an unattended host device that provides improved cellular communications capabilities to the unattended host device. The embedded modem detects the occurrence of a signal effectiveness event reflective of the reliability of a cellular communication session, and upon detecting the occurrence of a signal effectiveness event, issues commands to improve the reliability of the cellular communications. The signal effectiveness event data can be communicated by the embedded modem on channel that is different from a channel provided for the host device to communicate its own data with an associated remote computer system.
    Type: Grant
    Filed: May 8, 2019
    Date of Patent: April 14, 2020
    Assignee: OptConnect Management, LLC
    Inventors: Steve Garrett, Todd Christiansen, Mark Wilson, Aaron Allred, Matt Voigt, Kurt Larson, John Young, Kyle Rodgers, Greg Nash
  • Patent number: 10600268
    Abstract: A key fob includes: communicator(s), a battery, memory, and processor(s) configured to: find signal strengths of received polls; determine, based on the signal strengths, that the received polls have: (a) increased, (b) decreased, (c) leveled off; and if (a), issue a poll response; if (c), not issue the poll response.
    Type: Grant
    Filed: October 1, 2018
    Date of Patent: March 24, 2020
    Assignee: Ford Global Technologies, LLC
    Inventors: Ryan Edwin Hanson, Stephen Scott Wieland
  • Patent number: 10587561
    Abstract: A method for optimizing and preventing failure of Sender Policy Framework (SPF) lookups by dynamically generating and returning flattened SPF records, recorded on computer-readable medium and capable of execution by a computer, the method comprising the steps of: requesting a regular SPF Record; receiving a SPF Record that includes an entry that points to a Proxy Server; the SPF Proxy server looking up a canonical SPF record optionally containing many included domains; and the SPF Proxy server flattening the canonical record into IP addresses and optionally sub records depending on the length of the flattened response.
    Type: Grant
    Filed: February 8, 2018
    Date of Patent: March 10, 2020
    Inventor: Amit Gupta
  • Patent number: 10581617
    Abstract: A technique for secure network storage includes generating, by a trusted execution environment in a first device, an encryption key and a certificate for a document, wherein the certificate comprises expiry information for the document and the encryption key, encrypting, by a general execution environment in the first device, the document with the encryption key, transmitting the encryption key to a remote key manager, and transmitting the document to a remote network storage device, wherein a second device is allowed to decrypt the document based on the expiry information.
    Type: Grant
    Filed: December 23, 2015
    Date of Patent: March 3, 2020
    Assignee: McAfee, LLC
    Inventors: Hormuzd M. Khosravi, Alex Nayshtut, Igor Muttik
  • Patent number: 10574660
    Abstract: Continuous sensitive content authentication is described. In one example, a request to open content, such as a photograph, spreadsheet, or text-based document, among other types of content, is received. Based on a sensitivity level or access profile rule associated with the content, an individual can be prompted to perform an authentication procedure before the content is displayed. The content can be displayed in response to a verification using the authentication procedure or removed (or not displayed) in response to a rejection using the authentication procedure. Additionally, the authentication procedure can be continuously polled to confirm the verification while the content is displayed. While the content is being displayed, the content can be removed from display at any time if the authentication procedure no longer produces the verification result. In some cases, the content can also be deleted after a rejection is detected using the authentication procedure.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: February 25, 2020
    Assignee: AirWatch, LLC
    Inventor: Erich Stuntebeck
  • Patent number: 10574767
    Abstract: In accordance with an embodiment, described herein is a system and method for use with a digital media content environment, such as a music streaming service, for providing real-time media consumption data. As users interact with the digital media content environment using media devices, usage data that describes the characteristics of media content being streamed for playing by the media devices, is collected by a counter processor, and associated with buckets indicative of periods of time within a plurality of time windows. The usage data associated with each time window can be processed, for example to generate real-time rankings, or other type of media consumption data, for use by a reporting server. The real-time media consumption data which is reported can be used, for example, by artists, managers, media content publishers, or other type of content providers, to evaluate fast-changing media consumption trends.
    Type: Grant
    Filed: April 16, 2018
    Date of Patent: February 25, 2020
    Assignee: SPOTIFY AB
    Inventor: Abeyu Mengistu
  • Patent number: 10541994
    Abstract: In an example of a system and method for time-based local authentication, an Information Handling System (IHS) may include a processor and a memory coupled to the processor. The memory may have program instructions stored thereon that, upon execution, cause the IHS to generate a first time token and to transmit the first time token to a secondary IHS via a local network, where the secondary IHS is configured to generate a second time token and to transmit the second time token to the IHS via the local network. The IHS may receive the second time token from the secondary IHS and it may determine whether the first time token matches the second time token. In response to the first time token matching the second time token, the IHS may receive access to a protected resource.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: January 21, 2020
    Assignee: Dell Products, L.P.
    Inventors: Daniel L. Hamlin, Minhaj Ahmed, Charles D. Robison
  • Patent number: 10541980
    Abstract: Disclosed is a file security method for reinforcing file security, which includes: by a first communication device, detecting an access to a file stored in a virtual drive; by the first communication device, requesting a decryption key of the file to a second communication device and receiving the decryption key; and by the first communication device, decrypting the access-detected file by using the decryption key.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: January 21, 2020
    Assignee: Facecon Co., Ltd.
    Inventors: Giho Yang, Jae-Yeob Hwang
  • Patent number: 10536574
    Abstract: Present invention provides a method, system and application for providing authentication of a mobile device user, based on the measurement of electromagnetic fields modified by a pre-established movement of a specific magnetic token associated to the user. This univocal process will be able to obtain new authentication factors, including something that the user owns (i.e., the token), something that the user knows (i.e., the interaction between the token and the device), and somewhere that the user is (i.e., where the interaction takes place).
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: January 14, 2020
    Assignee: Telefónica Digital España, S.L.U.
    Inventors: Aruna Prem Bianzino, Rafael De Las Heras Del Dedo, Sergio De Los Santos
  • Patent number: 10530760
    Abstract: Methods and apparatus, including computer program products, related to relationship-based authorization. In general, data characterizing a request for authorization to a computer-based resource is received, and the authorization may be provided based on one or more relationships of a requesting principal. A determination may be made as to whether a requesting principal is authorized, which may include determining whether the requesting user has a relationship with a principal that has management rights of the computer-based resource and determining whether the relationship allows for an access, such as a use of the computer-based resource, if the requesting principal has a relationship with the other principal. If there is no such relationship, a determination may be made as to whether an organization of the requesting principal has a relationship with the other principal that allows for the access.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: January 7, 2020
    Assignee: Medox Technologies, Inc.
    Inventor: Michael Beck
  • Patent number: 10523652
    Abstract: Aspects of the embodiments include performing, by a personal computing device, a secure handshake with a secure server accessible through an identity provider to log into the secure server. A temporary identity (TID) token can be received at the personal computing device a from an identity provider system over a telecommunications network. The TID token can be encrypted using a cryptographic key stored in a hardware storage element of the personal computing device. The encrypted TID token can be transmitted to a connected wearable device across a Bluetooth connection or other connection protocol. When a user wishes to log into a network location accessible through the identity provider, the wearable device can provide the encrypted TID token to the computing device. The personal computing device can decrypt the encrypted TID token and use the decrypted TID to access the network location.
    Type: Grant
    Filed: March 29, 2017
    Date of Patent: December 31, 2019
    Assignee: CA, Inc.
    Inventors: Andy N. Witrisna, Sascha Horst Preibisch
  • Patent number: 10509898
    Abstract: A transaction authorization apparatus includes a processor in communication with a communications interface. The processor is configured to receive a request for a transaction requested by a user with whom a plurality of user devices are associated, to obtain respective transaction measurements from at least some available devices from among the plurality of user devices, and to confirm approval of the request for the transaction in response to confirmation that the transaction measurements satisfy a multi-device authorization policy associated with the transaction.
    Type: Grant
    Filed: January 21, 2016
    Date of Patent: December 17, 2019
    Assignee: Jim Barney et al.
    Inventors: Andrew Csinger, Ildar Muslukhov, Hassan Khosravi, Peter Tuan Luong
  • Patent number: 10511576
    Abstract: A method and apparatus that securely obtains services in response to a request for a service while concealing personally identifiable information (PII) includes a software package having a user identification (ID) and network protection module that runs on a third party system and an anonymizer module that runs on a user system. The user system sends the request for the service via an API that invokes the user ID and network protection module to validate the request. In response to receiving validation, the anonymizer module modifies the request for the service to conceal at least part of the PII and sends the modified request to the service provider. In one embodiment, the third party system may be an application program configured to run on the user system. Thus, no PII or data to identify the unique individual is transmitted to the service provider.
    Type: Grant
    Filed: June 8, 2017
    Date of Patent: December 17, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Christian O Maier, Khaled Galal Mohamed Rashad, Mohamed Alaa Elmiligui
  • Patent number: 10491604
    Abstract: An identification, authentication and authorization method in a laboratory system is presented. The system comprises at least one laboratory device. The method comprises receiving identification data identifying a user; receiving identity confirmation data to authenticate the user; and generating authentication data upon successful authentication of the user. The authentication data is configured to enable authentication of the user based on only the identification data during a validity time period without repeated receipt of the identity confirmation data. The method further comprises receiving the identification data by an identification unit; validating the authentication data corresponding to the identification data comprising the step of verifying non-expiry of the validity time period; and granting authorization to the user for the laboratory device upon successful validation of the authentication data.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: November 26, 2019
    Assignee: Roche Diagnostics Operations, Inc.
    Inventors: Lothar Gramelspacher, Andrzej Knafel, Anton Steimle
  • Patent number: 10484368
    Abstract: A management system includes a reception unit configured to receive identification information for identifying an account, allocated by an authentication apparatus, corresponding to a terminal, the terminal being authenticated by the authentication apparatus, and a management unit configured to determine whether a function provided by the management system can be used by the terminal based on the identification information received by the reception unit.
    Type: Grant
    Filed: October 27, 2016
    Date of Patent: November 19, 2019
    Assignee: Ricoh Company, Ltd.
    Inventors: Hiroshi Hinohara, Naoki Umehara, Takeshi Horiuchi, Atsushi Miyamoto, Takuya Soneda
  • Patent number: 10467394
    Abstract: There is provided, in accordance with some embodiments, a method comprising using one or more hardware processors for receiving a behavioral biometric model that characterizes a human user according to pointing device data of the human user, where the pointing device data comprises screen coordinate and time stamp pairs. The method comprises an action of monitoring an input data stream from a pointing device in real time, wherein the input data stream covers two or more spatial regions of a display screen, and an action of segregating the input data stream into one or more subset streams that is restricted to one of the plurality of spatial regions. The method comprises an action of computing a similarity score based on one or more comparisons of the behavioral biometric model and the one or more subset streams, and an action of sending the similarity score to a user authorization system.
    Type: Grant
    Filed: July 11, 2016
    Date of Patent: November 5, 2019
    Assignee: International Business Machines Corporation
    Inventors: David Asulin, Oded Margalit, Ron Peleg, Shmulik Regev, Alexandra Shulman-Peleg
  • Patent number: 10462141
    Abstract: A system that includes a threat management server configured to store a device log identifying device information for endpoint devices that have passed authentication. The threat management server is configured to identify an endpoint device from the device log file and to identify a switch connected the endpoint device. The threat management server is further configured to send a device information request to the switch requesting device information for the endpoint device. The threat management server is configured to compare the received information to the information in the device log file. The threat management server is configured to block the endpoint device from accessing a communications network in response to determining the received device information does not match the information in the device log file.
    Type: Grant
    Filed: July 26, 2017
    Date of Patent: October 29, 2019
    Assignee: Bank of America Corporation
    Inventors: Rahul Isola, Jeremiah S. Nicholson
  • Patent number: 10447796
    Abstract: A Pushlet IM method for pushing a message from a first client device to a second client device includes the steps of: providing a Java-based web service; receiving a message from the first client device, the message including information of a recipient entity; verifying identity of a sender entity who intends to send the message to the recipient entity using the first client device; and creating a thread according to the information of the recipient entity for pushing the message to the second client device that is associated with the recipient entity.
    Type: Grant
    Filed: February 4, 2015
    Date of Patent: October 15, 2019
    Assignee: Wistron Corporation
    Inventors: Peng Guan, Cheng Xu, Tong-Wang Huo, Jin-Guang Wan
  • Patent number: 10444792
    Abstract: An unlocking control method is applied in a wearable device and a lockable electronic device. The wearable device communicates with the electronic device and can be bound to it. The wearable device can produce an unlocking setting instruction to set an unlocking mode of the electronic device, and can send the unlocking setting instruction to the bound electronic device. The wearable device can set the unlocking mode of the electronic device and produce an unlocking control instruction, sending the unlocking control instruction to the electronic device. The electronic device receives the unlocking control instruction, and is controlled to unlock itself according to the received unlocking control instruction and the unlocking mode of the electronic device.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: October 15, 2019
    Assignees: Fu Tai Hua Industry (Shenzhen) Co., Ltd., HON HAI PRECISION INDUSTRY CO., LTD.
    Inventor: Hai-Ping Tang
  • Patent number: 10417007
    Abstract: Methods, systems, and computer readable mediums for utilizing a platform controller device are disclosed. According to one method, the method includes obtaining, by a platform controller device in a computing system cabinet, identification data for each of a plurality of computing system components included in the computing system cabinet. The method further includes acquiring, upon the insertion of a removable memory device into the platform controller device, system configuration profile data that is stored on the removable memory device and includes component configuration data corresponding to each of the plurality of computing system components. The method also includes utilizing the identification data and the component configuration data to configure each of the computing system components in accordance to the system configuration profile data.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: September 17, 2019
    Assignee: VCE IP Holding Company LLC
    Inventors: Gregory Lawrence Smith, Alva Benjamin Eaton, Samuel Maxwell Marrs, Nicholas Adams Hansen
  • Patent number: 10419431
    Abstract: Disclosed is a method and apparatus for preventing cross-site request forgery. The recommendation method comprises storing a first environment fingerprint associated with a client, wherein the first environment fingerprint uniquely identifies the client based on local terminal information associated with the client; receiving an access request message from the client, the access request message including at least one operation and a second environment fingerprint generated by the client; determining whether the second environment fingerprint matches the first environmental fingerprint; rejecting the access request message if it is determined that the second environment fingerprint does not match the first environment fingerprint; and executing the operation included with the access request message if it is determined that the second environment fingerprint matches the first environment fingerprint.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: September 17, 2019
    Assignee: ALIBABA GROUP HOLDING LIMITED
    Inventor: Bin Long
  • Patent number: 10410235
    Abstract: Techniques for identifying a user and authenticating payment transactions based on the identification include requesting the user to send his audio, video, and/or image from the point of sale location and comparing the received audio, video, and/or image to an audio/video/image on file to identify and authenticate the user as being the official holder of the payment device being used in the transaction. Once the user is authenticated, the payment processing can be performed using conventional techniques. Some techniques involve use of accelerometer data associated with the user in addition to or in lieu of the audio, video, and/or image data to perform the identification and authentication of the user.
    Type: Grant
    Filed: April 7, 2014
    Date of Patent: September 10, 2019
    Assignee: Visa International Service Association
    Inventor: Patrick Faith
  • Patent number: 10389725
    Abstract: An approach is provided that enhances computer system security. In the approach, a set of users is authorized to be notified when any of a selected set of activities occurs on the user's account. When the system detects that one of the activities has occurred on the account, a notification is sent to the set of authorized users. The set of users may individually send a responsive security response to protect the user's account. Responsive to receiving the security response from one of the set of users, a security action is performed that is anticipated to protect the user's account.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: August 20, 2019
    Assignee: International Business Machines Corporation
    Inventors: Nataraj Nagaratnam, Kapil K. Singh
  • Patent number: 10390215
    Abstract: A method for authenticating a user of a user equipment provided with a mobile cellular network card module in a public wireless network. The method includes, during an authentication procedure following an attempt by the user to access the public wireless network with the user equipment for availing of services provided by the public wireless network: retrieving from the mobile cellular network card module a code that uniquely identifies such mobile cellular network card module; retrieving from a database wireless credentials of the user associated with said retrieved code that uniquely identifies such mobile cellular network card module; providing said retrieved wireless credentials of the user to the public wireless network; and granting the user access to the public wireless network conditioned to the correctness of the provided wireless credentials.
    Type: Grant
    Filed: April 28, 2015
    Date of Patent: August 20, 2019
    Assignee: TELECOM ITALIA S.p.A.
    Inventors: Fabio Ricciato, Nicolo Vaccaro
  • Patent number: 10389817
    Abstract: System-on-chip data security appliance (“SoC-DSA”) and methods of operating the same. In one embodiment, the SoC-DSA includes data security mechanisms enclosed within a protected boundary of a single chip. In some embodiments, isolation and access control features are hidden within an on-chip field-programmable gate array (“FPGA”). The isolation and access control features can be implemented such that they are not visible to or alterable by software executing on the processing cores of the SoC-DSA, which provides for continued data security even in the presence of software exploitation, such as a malicious implant, that otherwise compromises data security in software-only systems. The SoC-DSA can be used to enhance data security in existing data security devices and protocols, such as high assurance guards (“HAG”) and can be used to create new types of security devices, such as devices enforce alternative human data interactions (“HDI”) models.
    Type: Grant
    Filed: October 26, 2018
    Date of Patent: August 20, 2019
    Assignee: WEB SENSING, LLC
    Inventors: Jason Dahlstrom, Stephen Taylor
  • Patent number: 10382424
    Abstract: An authentication system includes an authentication server, an application having a proxy, and a token store. The token store receives an authentication request and sends the request to the authentication server. The authentication server authenticates the user based on the request. The token store requests an offline token from the authentication server. The authentication server sends the offline token to the token store. The token store generates a key-secret pair and stores the offline token and the key-secret pair in a database. The token store sends the authentication result of the user to the application. The application receives an authentication result and requests a key-secret pair from the token store. The token store sends the key-secret pair to the application. The key-secret pair is used to configure an agent, which adds the key-secret pair to a communication request sent to the application. The application processes the communication request.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: August 13, 2019
    Assignee: Redhat, Inc.
    Inventors: Juraci Paixao Kroehling, Stian Thorgersen
  • Patent number: 10380331
    Abstract: Multi-touch groupings of characters are detected for device authentication and access. In an embodiment, one or more non-character based factors are used in combination with an inputted authentication code (character based) for device authentication and access.
    Type: Grant
    Filed: October 14, 2014
    Date of Patent: August 13, 2019
    Assignee: NetIQ Corporation
    Inventors: Lloyd Leon Burch, Baha Masoud
  • Patent number: 10374801
    Abstract: An apparatus includes a tokenizer and a validator. The tokenizer divides a file into first, second, and third portions. The tokenizer also encrypts the first, second, and third portions using a first key to produce first, second, and third tokens. The validator receives a fourth token with a signature of a first user and receives a fifth token with a signature of a second user. The validator also combines the first token, the fourth token, and the fifth token to produce a second key and determines whether the second key matches the first key. If the second key does not match the first key, the validator communicates an alert indicating that the first key does not match the second key. If the second key does match the first key, the validator decrypts first, fourth, and fifth tokens to reproduce the file.
    Type: Grant
    Filed: July 14, 2017
    Date of Patent: August 6, 2019
    Assignee: Bank of America Corporation
    Inventors: Manu J. Kurian, Monika V. Kapur
  • Patent number: 10373165
    Abstract: A system includes one or more memory devices storing instructions, and one or more processors configured to execute the instructions to perform steps of a method providing sensor-based authentication of customers. The system may detect customer biometric data associated with an unknown customer present at a merchant location. The system may determine, based on a known customer identification profile and the detected customer biometric data, a confidence level that the unknown customer is the same individual as the known customer and authenticate the unknown customer based on a determination that the confidence level exceeds a predetermined threshold. The system may transmit identification information associated with the known customer to a financial service provider and receive payment credentials of one or more accounts associated with the known customer and authorization to utilize the one or more accounts to perform a financial transaction.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: August 6, 2019
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: David Gabriele, Justin Smith, Damaris Kroeber, Devin Barth
  • Patent number: 10367700
    Abstract: In one example in accordance with the present disclosure, a system may comprise a node accessor to access a first node belonging to a plurality of nodes and an interface determiner to determine a hardware interface associated with the first node. The system may comprise a template determiner to determine a template corresponding to the hardware interface, wherein the template contains a predefined identifier associated with the hardware interface. The system may comprise a network handler to identify a network associated with the predefined identifier associated with the hardware interface; and a network associater to associate each node in the plurality of nodes, including the first node, with a network specified in the template.
    Type: Grant
    Filed: June 5, 2017
    Date of Patent: July 30, 2019
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Corneliu Boac, Erik Jacobson
  • Patent number: 10366212
    Abstract: A verification system, includes: an arithmetic/logic unit (“ALU”) to perform one or more mathematical operations and compare selected variables; a register to hold a value from a comparison of selected variables performed by the ALU; an instruction decoder to provide read and write commands to memory; an address bus to provide an address to memory for a read or write operation; and a data bus to provide or access data for a write or read operation to or from memory, wherein the ALU generates and provides a recipient identifier to a target computational device, the recipient identifier being related to an identity of the target computational device and/or a target device human operator, and write the recipient identifier to memory in response to a write command issued by the instruction decoder and, as a part of a transaction, the ALU receives, from a user computational device of a first user, the recipient identifier and a credential of the first user and/or user computational device, compares each of the rec
    Type: Grant
    Filed: November 9, 2018
    Date of Patent: July 30, 2019
    Inventor: John K. Thomas
  • Patent number: 10346051
    Abstract: A method or system for determining a required certification level of storage area for storing data of a write request based on a characteristic of the data, selecting a target storage area based on a media certification table and the required determined certification level of the media area and storing data at the target storage area.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: July 9, 2019
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Andrew Michael Kowles
  • Patent number: 10341118
    Abstract: A security network system may include a security gateway operable to establish a client session between the security gateway and a client device. The security gateway is operable to receive client session information from the client session. The client session information includes an identification of a server with which the client device needs to exchange data. The security network system may also include a Hardware Security Module (HSM) in communication with the security gateway. The HSM is operable to establish, in concert with the security gateway, a secure session between the security gateway and the server based on the client session data, a public key, a secret key, and context attributed to the secure session.
    Type: Grant
    Filed: August 1, 2016
    Date of Patent: July 2, 2019
    Assignee: A10 Networks, Inc.
    Inventors: Yang Yang, Xuyang Jiang, Ali Golshan
  • Patent number: 10331424
    Abstract: Dynamic user interfaces modules are configured to communicate with a web service that provides, through HTTP requests and responses, JavaScript Object Notation objects declaring instances of user interface elements according to a predefined specification. The dynamic user interface modules render the instances in accordance with the JSON objects received from the web service and the properties defined for each user interface element declared thereby.
    Type: Grant
    Filed: July 27, 2018
    Date of Patent: June 25, 2019
    Assignee: Modo Labs, Inc.
    Inventors: Thomas Hughes Speller, III, Brian Lawrence Patt, Peter Eugene Akins
  • Patent number: 10304269
    Abstract: Disclosed are systems and methods for performing entry access over two or more networks. The two or more networks are leveraged to accelerate the entry access and provide redundancy. Performance over each of the two or more networks is tracked in order to allow a mobile device to exchange entry access messaging over the particular network providing fastest start-to-unlock time. The mobile device can alternatively exchange the entry access messaging simultaneously over the two or more networks to create a race condition whereby the fastest start-to-unlock time is obtained without monitoring network performance. Performing the entry access messaging exchange over the two or more networks also ensures reliability in the event a particular network is down or congested, an authorization device on a particular network is down or overloaded, a radio of a mobile device communicating over a particular network is disabled or slow performing.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: May 28, 2019
    Assignee: OPENPATH SECURITY INC.
    Inventors: Alexander A. Kazerani, Amir Reza Khakpour, Samy Kamkar, Robert J. Peters