Access Control Or Authentication Patents (Class 726/2)
  • Patent number: 10667133
    Abstract: The invention relates to a method for detecting an attempt to reroute a communication channel between a port of a security module and a port of a near-field communication router, which are in a telecommunication device, wherein, upon receiving a message in a near-field communication format, the security module verifies from which port of the communication router said message originates.
    Type: Grant
    Filed: February 28, 2011
    Date of Patent: May 26, 2020
    Assignee: Proton World International N.V.
    Inventors: Thierry Huque, Olivier Van Nieuwenhuyze
  • Patent number: 10666663
    Abstract: Techniques to detect unauthorized access and/or use of a user's account provided by an online web service are provided. A user's activity on the online web service can be monitored to determine a model of the user flow through the online web service. The model of user flow can be unique to the user or can be a model assigned to a cluster of users having similar behaviors or mannerisms when navigating the online web service. The model can vary based on the type of device used by the user to access the online web service. Once a model is determined, subsequent activity on the online web service by the user can be monitored and compared to the model of user flow. Unauthorized access and/or use of the user's online account can be detected if the subsequent activity fails to fit the model of the user flow.
    Type: Grant
    Filed: March 4, 2019
    Date of Patent: May 26, 2020
    Assignee: Capital One Services, LLC
    Inventors: Jeremy Edward Goodsitt, Austin Grant Walters, Fardin Abdi Taghi Abad, Reza Farivar, Anh Truong, Vincent Pham, Mark Louis Watson, Kenneth Taylor
  • Patent number: 10666531
    Abstract: A publish/subscribe interface is used to enable a non-publish/subscribe first system (such as an IP network device) to obtain status information about a publish/subscribe device that cannot be pinged by the first system. The first system sends a status request to a domain name server. The status request includes a domain name for the publish/subscribe device. Topic space maintained by a message broker in the publish/subscribe system includes status topics associated with publish/subscribe devices. The status topics contents reflect the current availability of the associated publish/subscribe device.
    Type: Grant
    Filed: December 1, 2016
    Date of Patent: May 26, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Benjamin J. Fletcher, Andrew J. Stanford-Clark
  • Patent number: 10664836
    Abstract: A payment system for facilitating a desired transaction over a social media platform includes a computer server programmed and operating to maintain a user account in a database, the user account including at least a user credential, a user computing device credential, and a user mobile credit account. The computer server maintains a merchant account in the database, the merchant account including at least a merchant mobile credit account. The computer server further operates to authenticate the user, authenticate the user computing device, and process a debit to the user mobile credit account a credit to the merchant mobile credit account.
    Type: Grant
    Filed: September 14, 2016
    Date of Patent: May 26, 2020
    Assignee: Dave's Slingshot, LLC
    Inventors: John Leonard Snyder, Andrew Anthony Boemi, Peter Charles Vogelberger
  • Patent number: 10656011
    Abstract: An enclosed benchtop analytical device, as well as systems, processes, and techniques related thereto are disclosed. A benchtop analytical device can include an enclosure enclosing a probe and a sample. A compliance component can determine satisfaction of one or more compliance rules, such as a compliance rule relating to an enclosure being in an operable configuration based on a lid of the enclosure being closed. If the compliance rule(s) is determined to be satisfied, the compliance component may enable the release of optical energy for interrogation of the sample via the probe. In some embodiments, the enclosure can enclose a sample plate that can be used to conveniently and accurately retain a sample in a suitable position within the enclosure.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: May 19, 2020
    Assignee: MarqMetrix, Inc.
    Inventors: Brian James Marquardt, John Scott Van Vuren
  • Patent number: 10649756
    Abstract: Systems and methods for centralized client application management are provided. In an example embodiment, device data is received from a user device. The user device is identified according to an identification rule. A client state is received from the user device. A match between the client state and a specified state is determined. Based on the client state matching the specified state, an instruction to be performed on the user device is generated. The instruction is caused to be performed on the user device. The instruction causes a change to the client state stored on the user device.
    Type: Grant
    Filed: November 24, 2015
    Date of Patent: May 12, 2020
    Assignee: eBay Inc.
    Inventors: Roy Leon Camp, Gireesh Sreepathi, Hui Chen, Frederik van Voorden
  • Patent number: 10647301
    Abstract: A monitoring system in which a mounting device of a moving body and a monitoring center device are connected via a communication network, wherein the mounting device includes a photographing unit configured to photograph a passenger, and a feature transmission unit configured to transmit feature data of the passenger, and the monitoring center device includes a monitoring processing unit which determines whether the feature data is recorded in a database and performs monitoring processing on the basis of a result of the determination.
    Type: Grant
    Filed: March 13, 2019
    Date of Patent: May 12, 2020
    Assignee: NEC CORPORATION
    Inventor: Akiyoshi Ichimura
  • Patent number: 10650154
    Abstract: Securing an endpoint against malicious activity includes encrypting a plurality of files on an endpoint to prevent unauthorized access to the plurality of files, receiving a request to access a file from a process executing on the endpoint, decrypting the file for the process, and monitoring a security state of the process. If the security state becomes a compromised state, a technique involves maintaining access to any open files (including the file decrypted for the process), prohibiting access to other files, and initiating a remediation of the process by facilitating a restart of the process. If the remediation is successful, access by the process to the plurality of files may be restored.
    Type: Grant
    Filed: February 12, 2016
    Date of Patent: May 12, 2020
    Assignee: Sophos Limited
    Inventors: Kenneth D. Ray, Andrew J. Thomas, Anthony John Merry, Harald Schütz, Andreas Berger, John Edward Tyrone Shaw
  • Patent number: 10643212
    Abstract: Aspects of the disclosure relate to linking channel-specific systems with a user authentication hub. In some embodiments, a computing platform may receive, from a mobile device, an authentication request for a user account and may generate one or more authentication prompts. Subsequently, the computing platform may provide the one or more authentication prompts and may validate responses to the authentication prompts. Based on validating the responses to the authentication prompts, the computing platform may generate one or more security questions based on historical information associated with the user account. Subsequently, the computing platform may provide the one or more security questions and may validate one or more responses to the one or more security questions. Based on validating the one or more responses to the one or more security questions, the computing platform may provide user account information associated with the user account to the mobile device.
    Type: Grant
    Filed: May 15, 2016
    Date of Patent: May 5, 2020
    Assignee: Bank of America Corporation
    Inventors: Mark A. Pender, Daniel L. Carpenter, Kapil Pruthi, Xianhong Zhang, Apeksh M. Dave, Elizabeth S. Votaw, Andrew T. Keys
  • Patent number: 10645095
    Abstract: A network node may include one or more processors. The one or more processors may receive a message that is associated with one or more signatures and one or more second signatures. The one or more signatures may have been validated by a particular node. The one or more processors may determine that the particular node is a trusted node. The network node may be configured not to validate signatures that have been validated by a trusted node. The one or more processors may determine that the one or more signatures have been validated by the particular node. The one or more processors may sign or provide the message, without validating the one or more signatures, based on determining that the one or more signatures have been validated by the particular node.
    Type: Grant
    Filed: September 24, 2018
    Date of Patent: May 5, 2020
    Assignee: Juniper Networks, Inc.
    Inventors: Jonathan T. Looney, John G. Scudder
  • Patent number: 10645117
    Abstract: Systems and methods to detect the identities of victims of phishing activities, in which embedding, in an item, an element having a reference to a server, is embedded in an item (e.g., a webpage or a mobile application) that may be copied by attackers. When used on a user computer, the element generates a request to the server. Based on the request, the server identifies a user of the element embedded in the item or a copy of the item. Based on uses of the element, the server tracks a history of the user using the item or the copy of the item. In response to a determination that the element is currently being used by the user in the item and the history indicates that the user has used the copy of the item, the server identifies the user as a victim of the copy of the item.
    Type: Grant
    Filed: October 26, 2017
    Date of Patent: May 5, 2020
    Assignee: Easy Solutions Enterprises Corp.
    Inventor: Javier Fernando Vargas Gonzalez
  • Patent number: 10632967
    Abstract: A vehicle alarm system includes a first device mounted on a vehicle, and a second device mounted on the vehicle. The first device authenticates the second device by first wireless communication processing with the second device, detects that a state of the vehicle is changed in a predetermined pattern in a case where the second device is successfully authenticated, and outputs a predetermined alarm instruction when the first device detects that the first wireless communication processing is stopped. The second device authenticates a portable terminal device by second wireless communication processing with the portable terminal device, and performs the first wireless communication processing with the first device in a case where the portable terminal device is successfully authenticated. The first device causes the second device to stop the first wireless communication processing when the first device detects a predetermined first state change of the vehicle.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: April 28, 2020
    Assignee: TOYOTA JIDOSHA KABUSHIKI KAISHA
    Inventor: Ryuta Atsumi
  • Patent number: 10635495
    Abstract: A method of registering devices (2), in particular access control devices or payment or vending machines, on a server (3) of a system where the device (2) which is to be registered generates a public and a private key with asymmetrical cryptology. The device (2) subsequently transmits a registration request, signed with the device's private key, containing at least one device ID, the device's public key and the login details of a technician. The server (3) verifies the registration request using the device's public key and, after verification, assigns the device (2) to a ‘data reception room’ where no operational communication with the server (3) occurs. Subsequently, the device (2) is cleared for communication by a technician logged in to the server (3). The device is assigned to an area of the server memory for operationally cleared devices, and a notification of registration is transmitted to the device (2).
    Type: Grant
    Filed: May 12, 2017
    Date of Patent: April 28, 2020
    Assignee: SKIDATA AG
    Inventors: Sebastian Maurer, Ramiz Ismailov, Michael Grafl, Andreas Kerschbaumer
  • Patent number: 10637951
    Abstract: Systems and methods are provided for managing data proxies. The systems and methods enable a proxy management system to store and manage data proxies that digitally represent real-world objects equipped with sensors. The data proxy of an object is made up of data sampled by the object's sensors and data estimated using the sampled data. The sampling rate at which the data is sampled can be optimized such that it conforms with target quality of data (QoD) requirements and/or target data acquisition costs. The QoD requirements can be based on requirements set by each of the applications associated with an object. The proxy management system can use the sampled data and estimated data to (1) ensure that incoming messages, if executed, would not have negative consequences; and (2) monitor objects to determine if and when they are expected to approach undesirable states, or if they have already reached such undesirable states.
    Type: Grant
    Filed: April 10, 2017
    Date of Patent: April 28, 2020
    Assignee: Massachusetts Institute of Technology
    Inventors: Joshua E. Siegel, Sanjay E. Sarma
  • Patent number: 10635822
    Abstract: Embodiments of the present invention are directed to data integration and threat assessment for triggering analysis of connection oscillations in order to improve data and connection security. The invention leverages a security threat assessment engine and an analytics engine to gather and process data from a combination of internal and external data sources for a third party connection. The system continuously monitors and updates a generated threat level for a third party connection to determine changes or triggers indicating a potential security threat. In response to these determined changes or triggers, the system then responds to a detected security threat and minimizes damages resulting from data compromised by third party systems. Further, the system may extract and recover data from the third party systems and alter connection channels in order to further limit losses.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: April 28, 2020
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: David Michael Steele, Nelson John Chevis, Sr., Jason Dean Vaughn, Allan Carlton Byers
  • Patent number: 10628597
    Abstract: On an endpoint that encrypts local files to protect against data leakage and other harmful malware events, newly detected files are dynamically encrypted when they are detected as long as the endpoint is not compromised. If a compromised state is detected, the newly detected file will not be added to the encrypted files until the endpoint can be remediated and the compromised state resolved.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: April 21, 2020
    Assignee: Sophos Limited
    Inventors: Andreas Berger, Harald Schutz, Kenneth D. Ray, Anthony John Merry, Norbert Gruber, Markus Hein, Gerald Wintersberger, Artur Wenzel
  • Patent number: 10629040
    Abstract: The intrusion detection system includes a base station and a plurality of sensor nodes communicatively coupled to the base station. The intrusion detection system may be connected to other client devices via a server or a network. The base station sets at least one of the sensor nodes into either a partial system activation mode or full system activation mode. The base station triggers an alarm event including information to a stakeholder in the event an abnormal movement or behavior is detected. The base station transmits a message to the sensor node and deactivates the sensor node. The sensor node return to low power mode.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: April 21, 2020
    Assignee: Robert Bosch GmbH
    Inventors: Abtin Keshavarzian, Christian Peters, Maurizio Bocca
  • Patent number: 10630764
    Abstract: According to an embodiment of the present disclosure, there is provided an information processing device including an activation control unit configured to transmit first information that includes information read through near field communication to a server device, to acquire second information transmitted from the server device according to the first information, and to control activation of an application of the information processing device itself based on the acquired second information.
    Type: Grant
    Filed: January 24, 2019
    Date of Patent: April 21, 2020
    Assignee: FELICA NETWORKS, INC.
    Inventors: Naoto Tobita, Shuichi Sekiya, Tomoharu Hikita, Kenichi Motodate
  • Patent number: 10630492
    Abstract: There is provided a method for testing a Physically Unclonable Function (PUF) implemented in a device, said PUF being configured to receive at least one challenge, each challenge comprising a set of bits, and to produce a set of responses, each response comprising at least one bit and corresponding to one challenge, said PUF comprising a circuitry including a set of PUF elements, each PUF element being controlled by at least one input bit corresponding to at least one bit of said challenge, wherein the method comprises the steps of: applying at least one bit of the challenge to the PUF instance; determining (300) identifiers for at least some of the PUF elements, the identifier of each PUF element being determined from the response output by said PUF element in response to said at least one bit of the challenge; applying a statistical randomness test (304) to a group of identifiers comprising at least some of the identifiers determined for said PUF elements, which provides a test indicator; and testing sai
    Type: Grant
    Filed: April 6, 2017
    Date of Patent: April 21, 2020
    Assignee: SECURE-IC SAS
    Inventors: Sylvain Guilley, Jean-Luc Danger, Philippe Nguyen
  • Patent number: 10621840
    Abstract: Techniques for providing status information of a defined location are described. Data indicative of signal strength associated with radio frequency (RF) signals received by one or more devices communicating via a wireless communications protocol is accessed. A baseline signal strength profile based on the data is determined. The data indicative of signal strength associated with RF signals received by the one or more devices is monitored. Based on a comparison of the monitored data to the baseline signal strength profile, a presence of at least one person in a vicinity of the one or more devices is determined. At least one action based on the determined presence is initiated.
    Type: Grant
    Filed: July 31, 2017
    Date of Patent: April 14, 2020
    Assignee: Transform SR Brands LLC
    Inventors: Parag Kumar Garg, Nicholas Frank LaVassar, Joseph Reid Baird, Donald Smyth, Jonathan Kevin Gagliardoni, Daniel Sihe Kuang Lee
  • Patent number: 10618499
    Abstract: A monitoring system in which a mounting device of a moving body and a monitoring center device are connected via a communication network, wherein the mounting device includes a photographing unit configured to photograph a passenger, and a feature transmission unit configured to transmit feature data of the passenger, and the monitoring center device includes a monitoring processing unit which determines whether the feature data is recorded in a database and performs monitoring processing on the basis of a result of the determination.
    Type: Grant
    Filed: March 13, 2019
    Date of Patent: April 14, 2020
    Assignee: NEC CORPORATION
    Inventor: Akiyoshi Ichimura
  • Patent number: 10623402
    Abstract: A method, a computer system, and a computer program product for authenticating a transaction are provided. An authentication system receives the transaction over a particular channel of a plurality of support channels. A risk score is determined for the transaction based on a number of contextual risk factors. An authentication scheme is determined from a number of authentication schemes for authenticating an identity of the user within an authentication context. The authentication scheme is determined based on the particular channel and the risk score. In response to successfully authenticating the identity of the user within the authentication context, the authentication system determines whether the transaction is a permitted transaction based on an assurance level associated with the authentication context. In response to determining that the transaction is the permitted transaction, the transaction is authenticated.
    Type: Grant
    Filed: April 20, 2017
    Date of Patent: April 14, 2020
    Assignee: ADP, LLC
    Inventors: Frank Villavicencio, Zhitao Xu, Vincent Civetta, Deepak Kaushal, Nishant Kaushik
  • Patent number: 10611341
    Abstract: A monitoring system in which a mounting device of a moving body and a monitoring center device are connected via a communication network, wherein the mounting device includes a photographing unit configured to photograph a passenger, and a feature transmission unit configured to transmit feature data of the passenger, and the monitoring center device includes a monitoring processing unit which determines whether the feature data is recorded in a database and performs monitoring processing on the basis of a result of the determination.
    Type: Grant
    Filed: March 13, 2019
    Date of Patent: April 7, 2020
    Assignee: NEC CORPORATION
    Inventor: Akiyoshi Ichimura
  • Patent number: 10609037
    Abstract: Provided is a process of authenticating a user, the process including: receiving an authentication request sent by a first computing device; receiving an observed profile of the second computing device; accessing a known profile of the second computing device; determining that the known profile corresponds to the observed profile; sending an authentication credential to either the second computing device or the first computing device; receiving the authentication credential from either the first computing device or the second computing device; and in response to receiving the authentication credential and the determination that the known profile corresponds to the observed profile, determining that the user is authenticated.
    Type: Grant
    Filed: March 28, 2017
    Date of Patent: March 31, 2020
    Assignee: CA, Inc.
    Inventors: Jerry Jackson, Charley Chell, Jeff Frantz
  • Patent number: 10607074
    Abstract: Rationalization of network predictions using similarity to known connections is provided. In various embodiments, a graph is read. The graph comprises a plurality of nodes. Each of the plurality of nodes corresponds to an entity or property. The plurality of nodes is interconnected by a plurality of edges. Each edge corresponds to a relationship between connected nodes. A new edge in the graph is predicted. The new edge corresponds to a relationship between a first node and a second node. The first node corresponds to an entity and the second node corresponds to an entity or property. One or more additional nodes connected to the second node is located. The one or more additional nodes is scored according to its connections in common with the first node. One or more sources is provided to a user describing the connection between the one or more additional node and the second node.
    Type: Grant
    Filed: November 22, 2017
    Date of Patent: March 31, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Alix Lacoste, William S. Spangler, Feng Wang
  • Patent number: 10602202
    Abstract: Disclosed are examples for providing functions to receive a media file to be stored in a media repository. In the examples, a location in the media repository may be assigned to the media file. A media file address in a blockchain platform may be assigned to the media file. Metadata including the assigned location in the media repository and the assigned media file address in the blockchain platform may be added to the media file. A media file hash value may be generated by applying a hash function to the media file including the metadata. The media file hash value may be included in a message and uploaded to the assigned media file address in the blockchain platform as a transaction in the blockchain. An indication that the media file is uploaded to the media repository may be delivered to a subscriber device from which the media file was received.
    Type: Grant
    Filed: July 30, 2019
    Date of Patent: March 24, 2020
    Assignee: Capital One Services, LLC
    Inventors: Kenneth Taylor, Austin Grant Walters, Jeremy Edward Goodsitt, Fardin Abdi Taghi Abad, Reza Farivar, Vincent Pham, Anh Truong
  • Patent number: 10601718
    Abstract: A user device is configured to transmit, to a computing device, data indicative of a first routing network and data indicative of a second routing network. The computing device determines, based on the received, a plurality of parameters for the first and second routing networks. The computing device may generate a secure session connection between the computing device and a server associated with the second routing network and receive, from the server and via the secure session connection, a modification to one or more parameters of the plurality of parameters for the second routing network. The computing device may determine priorities for the first routing network and the second routing network based at least in part on the plurality of parameters for the first routing network and the modification to the one or more parameters of the plurality of parameters for the second routing network.
    Type: Grant
    Filed: April 3, 2017
    Date of Patent: March 24, 2020
    Assignee: Bank of America Corporation
    Inventors: Steven M. Twombly, Matthew Murphy, Mark Williams, Bradley Holland, Mark A. Nelson
  • Patent number: 10599870
    Abstract: In various embodiments, a Data Model Adaptive Execution System may be configured to take one or more suitable actions to remediate an identified risk in view of one or more regulations (e.g., one or more legal regulations, one or more binding corporate rules, etc.). For example, in order to ensure compliance with one or more standards related to the collection and/or storage of personal data, an entity may be required to modify one or more aspects of a way in which the entity collects, stores, and/or otherwise processes personal data (e.g., in response to a change in a legal or other requirement). In order to identify whether a particular change or other risk trigger requires remediation, the system may be configured to assess a relevance of the risk posed by the risk and identify one or more processing activities or data assets that may be affected by the risk.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: March 24, 2020
    Assignee: OneTrust, LLC
    Inventors: Kabir A. Barday, Mihir S. Karanjkar, Steven W. Finch, Ken A. Browne, Nathan W. Heard, Aakash H. Patel, Jason L. Sabourin, Richard L. Daniel, Dylan D. Patton-Kuhl, Kevin Jones, Jonathan Blake Brannon
  • Patent number: 10602022
    Abstract: Equipment includes: a user authentication unit configured to perform a user authentication process based on authentication information stored in a storage medium; a usage registration unit configured to register a request for using the authentication information, the request being transmitted from an application; a storage controller configured to store the authentication information acquired from the storage medium in a storage unit; and a notifier configured to send the authentication information stored in the storage unit to the application, regarding which the request is registered.
    Type: Grant
    Filed: October 10, 2016
    Date of Patent: March 24, 2020
    Assignee: Ricoh Company, Ltd.
    Inventor: Saeko Takeda
  • Patent number: 10601871
    Abstract: Method and system are provided for reconfiguration of security requirements for deployed components of applications. The method includes referencing a deployed application wherein the application is divided into processing components, which can be deployed in different locations. The method adds one or more application resources for the deployed application to a central repository with references to the processing components of the deployed application utilizing the resources. The method further involves: receiving an update to an application resource to modify a security requirement for the resource; checking the deployment locations of the processing components of deployed applications referenced to the updated application resource to ensure the processing components conform to the modified security requirement; and taking an action for each referenced processing component of the deployed application that does not conform to the modified security requirement.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: March 24, 2020
    Assignee: International Business Machines Corporation
    Inventors: John Hosie, Martin A. Ross, Craig H. Stirling, Dominic J. Storey
  • Patent number: 10592648
    Abstract: A consent receipt management system may include one or more consent validity scoring systems. In various embodiments, a consent validity scoring system may be configured to detect a likelihood that a user is correctly consenting via a web form. The system may be configured to determine such a likelihood based at least in part on one or more data subject behaviors while the data subject is completing the web form in order to provide consent. In various embodiments, the system is configured to monitor the data subject behavior based on, for example: mouse speed; mouse hovering; mouse position; keyboard inputs; an amount of time spent completing the web form; etc. The system may be further configured to calculate a consent validity score for each generated consent receipt based at least in part on an analysis of the data subject's behavior.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: March 17, 2020
    Assignee: OneTrust, LLC
    Inventors: Kabir A. Barday, Jonathan Blake Brannon, Richard A. Beaumont, John Mannix
  • Patent number: 10587479
    Abstract: Some embodiments provide a method for an integrated network management and modification analysis system. At the integrated system, the method receives a proposed modification to configuration data for a logical network stored by the integrated system as a set of rules. Without implementing the proposed modification, the method analyzes changes to the rules that would occur based on the proposed modification. The method provides a graphical user interface (GUI) that indicates logical network entities affected by the proposed modification. In response to a command to implement the proposed modification, the method generates an updated set of rules at the integrated system and stores the updated set of rules for distribution to managed forwarding elements that implement the logical network.
    Type: Grant
    Filed: April 2, 2017
    Date of Patent: March 10, 2020
    Assignee: NICIRA, INC.
    Inventors: Amre Shakimov, Xuan Kelvin Zou, Pankaj Thakkar, Igor Ganichev
  • Patent number: 10587423
    Abstract: A cognitive psychology authentication in a multi-factor authentication system. A request is received to access a secure resource associated with a user. A set of cognitive psychology questions are selected from a plurality of cognitive psychology questions for transmission to a client device associated with the request. A set of responses corresponding to the set of cognitive psychology questions are received and cognitive psychology data is generated based on the set of responses. A cognitive psychology profile associated with the user is retrieved from a database. An authentication score is calculated based on comparing the cognitive psychology data to the cognitive psychology profile. An authentication success notification is transmitted when the authentication score compares favorably to an authentication threshold. An authentication failure notification is transmitted when the authentication score compares unfavorably to the authentication threshold.
    Type: Grant
    Filed: November 22, 2017
    Date of Patent: March 10, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Nataraj Nagaratnam, Pamela A. Nesbitt, Sandeep Ramesh Patil, Sasikanth Eda
  • Patent number: 10587596
    Abstract: Techniques of authenticating a new user involve classifying a new user as a member of a group based on the new user's current activity. Along these lines, when a new user enrolls in an authentication system, the authentication system places the new user in a group of new users that have not made any requests and are assumed to be high risks of making fraudulent requests. Once the new user makes a request to access a resource, the authentication system classifies the new user as a member of another group according to authentication factors describing activities surrounding the request.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: March 10, 2020
    Assignee: EMC IP Holding Company LLC
    Inventors: Carmit Sahar, Eyal Kolman, Alon Kaufman
  • Patent number: 10587612
    Abstract: A system for automating login can determine if a web artifact, such as a web page, includes a login form, by identifying a password field, a user ID field, and a submit button or another element providing the functionality to submit credentials for authorization. Submission of user credentials may be emulated, and access to password protected areas can be ascertained, e.g., by identifying any element that permits signing out from the password protected area.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: March 10, 2020
    Assignee: Veracode, Inc.
    Inventor: Daniel Linszner
  • Patent number: 10572653
    Abstract: A method executed by a processor may include storing account activity data in a database which identifies prior account activities performed by customers in their respective accounts associated with a financial institution. The database may be accessible only by computing systems of the financial institution. A set of challenge questions may be received for authenticating customers to perform high-risk activities in their respective accounts that are based on prior account activities. A machine learning model may be used to determine an authentication score used for ranking each challenge question in the set of challenge questions. An electronic request may be received from an unverified customer who desires to perform high-risk activities in an account. Challenge questions may be selected based on the ranking. The unverified customer may be verified when correctly answering the selected challenge questions. The verified customer may be allowed to perform high-risk activities in the account.
    Type: Grant
    Filed: September 9, 2019
    Date of Patent: February 25, 2020
    Assignee: Capital One Services, LLC
    Inventors: Sergey E. Semichev, Lele Liang
  • Patent number: 10574469
    Abstract: A physically unclonable function (PUF) is implemented using a PUF array of single-transistor cells organized as a plurality of word lines and intersecting bit lines. A single-transistor cell is connected to a word line and bit line at each of the intersections. A current source is coupled to each of the bit lines and provides a current when a PUF cell connected to the bit line is conductive. The bit lines are organized in pairs. A PUF evaluation engine is coupled to the PUF array and provides an address for selecting a word line of the PUF array in response to a challenge. A comparator is coupled to each pair of bit lines of the PUF array for detecting a current. The comparator provides a voltage signal in response to detecting a difference current between the first and second bit line. The PUF evaluation engine receives the voltage signal and generates a logic bit.
    Type: Grant
    Filed: April 10, 2019
    Date of Patent: February 25, 2020
    Assignee: NXP USA, INC.
    Inventors: Brad John Garni, Nihaar N. Mahatme, Alexander Hoefler
  • Patent number: 10574467
    Abstract: The present disclosure relates to implementations of physically unclonable functions (PUFs) for cryptographic and authentication purposes. Specifically, the disclosure describes implementations of machine learning engines (MLEs) in conjunction with PUFs generating outputs having multiple states.
    Type: Grant
    Filed: November 10, 2016
    Date of Patent: February 25, 2020
    Assignee: Arizona Board of Regents on Behalf of Northern Arizona University
    Inventors: Fatemeh Afghah, Bertrand Francis Cambou
  • Patent number: 10574729
    Abstract: This invention discloses a novel system and method for automatically managing the movement of document files from a first document storage sub-system to a second document storage sub-system, tracking such movement and applying security policies before the movement is completed.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: February 25, 2020
    Assignee: Workshare Ltd.
    Inventors: Barrie Hadfield, Richard Preen, Tim Tanner, Robin Glover
  • Patent number: 10565810
    Abstract: A networked radio frequency identification system includes a plurality of radio frequency identification (RFID) tag readers, a computer in signal communication with the RFID tag readers over a network, and a software module for storage on and operable by the computer that localizes RFID tags based on information received from the RFID tag readers using a network model having endpoints and oriented links. In an additional example, at least one of the RFID tag readers includes an adjustable configuration setting selected from RF signal strength, antenna gain, antenna polarization, and antenna orientation. In a further aspect, the system localizes RFID tags based on hierarchical threshold limit calculations. In an additional aspect, the system controls a locking device associated with an access point based on localization of an authorized RFID tag at the access point and reception of additional authorizing information from an input device.
    Type: Grant
    Filed: January 16, 2015
    Date of Patent: February 18, 2020
    Assignee: LUCOMM TECHNOLOGIES, INC.
    Inventor: Lucian Cristache
  • Patent number: 10558979
    Abstract: Unauthorized products are prevented from being sold on online websites. Product identifier keys and private authentication keys are stored in a database of an authentication server. Each identifier key serves as an address for its corresponding authentication key in the database. A product and a security seal are displayed on a webpage served by a website. An identifier key and an authentication key for the displayed product are encoded into the security seal. In response to selecting the security seal, the website extracts the encoded identifier key and authentication keys, and sends them to the database. The authentication server determines whether the displayed product is genuine and authorized when a match is made between the extracted keys and the stored keys.
    Type: Grant
    Filed: January 20, 2016
    Date of Patent: February 11, 2020
    Assignee: Zortag, Inc.
    Inventors: Satya Prakash Sharma, Joseph Marino
  • Patent number: 10560804
    Abstract: A computer-implemented method of enabling device use is provided. The method includes receiving from a first user an indication of at least one geographic area. Location information of a second user corresponding to a mobile device is received. The location information of the second user and the at least one geographic area are compared, and at least one of an application on the mobile device and a functional component of the mobile device are enabled based on the comparison of the location information of the second user and the at least one geographic area. A computing system for enabling device use is also provided.
    Type: Grant
    Filed: March 6, 2017
    Date of Patent: February 11, 2020
    Assignee: Location Labs, Inc.
    Inventors: Daniel Hodges, Tasos Roumeliotis, Scott Hotes
  • Patent number: 10560428
    Abstract: A flexible hybrid firewall architecture that allows a mix of firewalls at end points in front of a target and at the initiator points. Groups of Priv-IDs may be created where each group is isolated from other worlds, with all firewalls controlled by a device management and security module.
    Type: Grant
    Filed: August 17, 2017
    Date of Patent: February 11, 2020
    Assignee: TEXAS INSTRUMENTS INCORPORATED
    Inventors: Amritpal Singh Mundra, Brian J. Karguth, Timothy Anderson, Kai Chirca, Charles Fuoco
  • Patent number: 10554683
    Abstract: Systems and methods are provided to implement moving target defense techniques for transportation systems. The moving target defense techniques can randomly change the IP addresses of the nodes associated with both the vehicles and the corresponding control centers. The nodes for the vehicles and the control centers can be “mobile” nodes that use a “care-of” IP address for communications. The care-of address used by the nodes can be updated through a binding update process. During the binding update process, the one node sends the binding update notice (with a new care-of address) to the care-of address of the other node while maintaining its prior care-of address. The node that receives the binding update notice can send a binding acknowledgement back to the node that sent the binding update. Once the binding acknowledgement is received, the prior care-of address can be removed by the node that sent the binding update.
    Type: Grant
    Filed: March 16, 2017
    Date of Patent: February 4, 2020
    Assignee: Board of Trustees of the University of Alabama, for and on behalf of the University of Alabama in Huntsville
    Inventor: Vahid Heydari
  • Patent number: 10542380
    Abstract: Techniques and system configurations for providing content to a mobile device based on activity in a physical commercial environment such as a retail store are described herein. Mobile devices that are operated by an associated customer may be tracked with the use of beacons to determine customer activities in the retail store, including particular areas visited in the store, activities conducted by the customer in the store, and like tracking information. The customer activity and data for the activities and locations in the physical environment may be correlated to an identifier, profile, or other tracking information. This tracking information may be subsequently used by the mobile device to identify the user to an advertising network, or other information service, and obtain customized media content and information.
    Type: Grant
    Filed: January 30, 2015
    Date of Patent: January 21, 2020
    Assignee: BBY SOLUTIONS, INC.
    Inventors: Matthew Hurewitz, William Don Wortley
  • Patent number: 10530573
    Abstract: Wireless network specific (WN-specific) key can be used to provide access protection over the radio access link. A WN-specific key may be associated with (or assigned to) a wireless network, and distributed to access points of the wireless network, as well as to user equipments (UEs) following UE authentication. The WN-specific key is then used to encrypt/decrypt data transported over the radio access link. The WN-specific key can be used in conjunction with the UE-specific keys to provide multi-level access protection. In some embodiments, WN-specific keys are shared between neighboring wireless networks to reduce the frequency of key exchanges during handovers. Service-specific keys may be used to provide access protection to machine to machine (M2M) services. Group-specific keys may be used to provide access protection to traffic communicated between members of a private social network.
    Type: Grant
    Filed: January 16, 2019
    Date of Patent: January 7, 2020
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Hang Zhang
  • Patent number: 10530765
    Abstract: A computer program product having a computer readable non-transitory storage medium. The storage medium having encoded thereon a computer code for instructing at least one hardware processor to automatically: (a) intercept a plurality of data packets transported over a computer network; (b) analyze said plurality of data packets to identify at least one secure connection request to an unsecure domain hosted on at least one web server; (c) retrieve a digital security certificate for the unsecure domain from a trusted certification authority; (d) associate the digital security certificate with the unsecure domain, thereby converting the unsecure domain to a secure domain; (e) send the digital security certificate to at least one second client terminal. Thereby the computer program product facilitates a secure connection between the at least one second client terminal and the secure domain.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: January 7, 2020
    Assignee: Team Internet AG
    Inventors: Robert Schmalholz, Mario Witte, Benjamin Schwenk
  • Patent number: 10528836
    Abstract: Systems and methods to improve performance, reliability and learning to enhance autonomy of vehicles. Sensors capture human eye movements, hearing, hand grip and contact area on steering wheel, the positions of accelerator and brake pedals from the wall behind them as well as from the foot. Outside event signatures corresponding to human reactions and actions are then extracted form these sensors and correlated to events, status and situations acquired using vehicle and outside environment sensors. These outside event signatures are then used to train vehicles to improve their autonomous capabilities.
    Type: Grant
    Filed: September 22, 2019
    Date of Patent: January 7, 2020
    Inventor: Ashok Krishnan
  • Patent number: 10528976
    Abstract: Online advertisers may demand compliance with certain standards for the content of emails and other digital content with which its advertisements may be associated. Emails may contain control objects directing users to a web page showing content related to oil change coupons. However, in some systems, methods, and processes, a small variable proportion of users may instead be directed to a different sequence of pages to conduct a compliance check on the contents of the email received by the user. The compliance check sequence of pages may offer the user an incentive to forward the email to a specified email address for subsequent compliance review. Delivery of an incentive may be conditioned on successful receipt of the forwarded email.
    Type: Grant
    Filed: February 22, 2016
    Date of Patent: January 7, 2020
    Assignee: OpenMail LLC
    Inventors: John Andrew Fries, Erik Ahern Price, Sanjeev M. Rao
  • Patent number: 10516668
    Abstract: A security module and method within an information handling system are disclosed. In a particular form, a processing module can include a local processor configurable to initiate access to resources of a host processing system. The processing module can also include a security module configured to enable use of the resources of the host processing system using a security metric. According to an aspect, the security module can be further configured to detect the security metric, and enable access to a resource of the host processing system in response to the security metric. The security module can further be configured to disable access to another resource of the host processing system in response to the security metric.
    Type: Grant
    Filed: October 13, 2014
    Date of Patent: December 24, 2019
    Assignee: DELL PRODUCTS, LP
    Inventors: Roy W. Stedman, Andrew T. Sultenfuss, David Loadman