Tokens (e.g., Smartcards Or Dongles, Etc.) Patents (Class 726/9)
  • Patent number: 11190824
    Abstract: An authenticating system and process for authenticating user devices to a access a service where access to certain portions of the service may be limited according to a access point or other device used by a user device to facilitate interfacing a user with the service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.
    Type: Grant
    Filed: April 6, 2020
    Date of Patent: November 30, 2021
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Seetharama R. Durbha, Oscar Marcia, Stuart Hoggan, Simon Krauss
  • Patent number: 11190937
    Abstract: There is provided an information processing device including a processing unit that authenticates a communication target device on a basis of predetermined information transmitted from the communication target device by broadcast in communication in a first communication scheme, the predetermined information being used in a process to be performed in communication in a second communication scheme that is different from the first communication scheme, and establishes the communication with the communication target device in the first communication scheme in a case in which authentication is completed.
    Type: Grant
    Filed: May 18, 2020
    Date of Patent: November 30, 2021
    Inventors: Masahiro Sueyoshi, Tomohiko Nagayama
  • Patent number: 11190509
    Abstract: Techniques are disclosed relating to user authentication. In some embodiments, a computing system maintains an exception handler of a software development platform. The exception handler is executable to process a particular type of exception that causes an authentication of users of applications running on the software development platform. The computing system may receive, at the exception handler, an indication of the particular type of exception thrown by a particular application. In response to receiving the indication of the particular type of exception, the exception handler issues to a web browser interacting with the application, a request that the web browser redirect to an authentication server configured to perform an authentication of a user of the particular application. The computing system receives, from the authentication server, a result of the performed authentication and returns the result to the particular application.
    Type: Grant
    Filed: April 23, 2018
    Date of Patent: November 30, 2021
    Assignee:, inc.
    Inventors: Matthew Wong, Alan Vangpat, Sean Tubbs, Sarah Lui, William C. Mortimore, Jr., Itzik Koren
  • Patent number: 11190531
    Abstract: A secure communication management (SCM) computer device for providing secure data connections in an aviation environment which, includes safety of flight information, is provided. The SCM computer device includes a processor in communication with a memory. The processor is programmed to receive, from a first user computer device, a first data message for a first aircraft. The first data message is in a standardized data format. The processor is also programmed to analyze the first data message for potential cybersecurity threats. If the determination is that the first data message does not contain a cybersecurity threat, the processor is further programmed to convert the first data message into a first data format associated with the first aircraft and transmit the converted first data message to the first aircraft using a first communication protocol associated with the first aircraft.
    Type: Grant
    Filed: August 28, 2019
    Date of Patent: November 30, 2021
    Inventors: Timothy Mitchell, Gordon Edward Letney, Kevin James Luschei, Timothy William Anstey, John Bush, Steve Magnuson
  • Patent number: 11188664
    Abstract: Systems and methods for facilitating editing of a confidential document by a non-privileged person by stripping away content and meaning from the document without human intervention such that only structural and/or grammatical information of the document are conveyed to the non-privileged person are disclosed. Exemplary implementations may: receive an electronic document including text conveying one or more confidential concepts; provide a content-stripped version of the electronic document to a human editor; receive an edited content-stripped version of the electronic document; and provide an edited electronic document based on the edited content-stripped version such that human-editor-provided changes were effectuated without the human editor ever being exposed to the content and meaning contained in the electronic document.
    Type: Grant
    Filed: March 10, 2020
    Date of Patent: November 30, 2021
    Assignee: Specifio, Inc.
    Inventors: Ian C. Schick, Kevin Knight, Jay Priyadarshi, Xing Shi
  • Patent number: 11184386
    Abstract: A system and method for evaluating and improving the security of a local area network including an application residing on an external server configured to conduct a penetration test of the local area network by interrogating each of the devices on the local area network to identify vulnerabilities and risks associated with those devices, receiving a report listing all such identified vulnerabilities and risks, calculating an IoT readiness score for the local area network, and undertaking and/or recommending specific actions for improving the security of the local area network.
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: November 23, 2021
    Assignee: United Services Automobile Association (USAA)
    Inventors: Eric David Schroeder, Daniel Christopher Bitsis, Jr., Manfred Amann, Donnette Moncrief Brown, Meredith Beveridge Lecocke, Michael J. Maciolek, Robert Wiseman Simpson, Michael P. Bueche, Jr.
  • Patent number: 11178115
    Abstract: Mechanisms for providing point to point encryption and tokenization enabling decryption, tokenization and storage of sensitive encrypted data on one system are discussed.
    Type: Grant
    Filed: September 20, 2017
    Date of Patent: November 16, 2021
    Assignee: Walmart Apollo, LLC
    Inventors: Aaron Marcus Johnson, Christopher John Gerber, Gerald Duane Corson, III, Charles Alan Watts
  • Patent number: 11178132
    Abstract: Techniques are disclosed to provide VPN and identity based authentication to cloud-based services. In various embodiments, a request to authenticate a user to a service is received. A user identity associated with one or both of the user and the request is determined based at least in part on data comprising the request. An identity assertion is generated based at least in part on the user identity. The identity assertion is provided to a requesting node with which the request to authenticate is associated.
    Type: Grant
    Filed: December 19, 2019
    Date of Patent: November 16, 2021
    Assignee: MOBILEIRON, INC.
    Inventors: Vijay Pawar, Atul Vijay Tulshibagwale, Kumara Das Karunakaran, Jian Liu
  • Patent number: 11176459
    Abstract: A network traffic hub extracts encryption metadata from messages establishing an encrypted connection between a smart appliance and a remote server and determines whether malicious behavior is present in the messages. For example, the network traffic hub can extract an encryption cipher suite, identified encryption algorithms, or a public certificate. The network traffic hub detects malicious behavior or security threats based on the encryption metadata. These security threats may include a man-in-the-middle attacker or a Padding Oracle On Downgraded Legacy Encryption attack. Upon detecting malicious behavior or security threats, the network traffic hub blocks the encrypted traffic or notifies a user.
    Type: Grant
    Filed: September 12, 2019
    Date of Patent: November 16, 2021
    Assignee: Cujo LLC
    Inventors: Yuri Frayman, Robert Beatty, Leonid Kuperman, Gabor Takacs
  • Patent number: 11178148
    Abstract: Provided is a process that affords out-of-band authentication for confirmation of physical access or when a device utilized for out-of-band authentication lacks connectivity to a network. An asymmetric cryptographic key-pair is established, a first device obtaining a key operable to decrypt data. A remote server obtaining a key operable to encrypt data and associating that key with an identifier of an identity or account associated with a user. An access attempt from the second device is received in association with the identifier of the identity associated with the user. A notification including data encrypted by the encryption key is generated by the remote server and transmitted to the second device. The first device obtains the notification data from the second device and decrypts the data to determine a notification response which is returned to the remote server for verification to permit or deny the access attempt of the second device.
    Type: Grant
    Filed: April 19, 2021
    Date of Patent: November 16, 2021
    Assignee: HYPR Corp.
    Inventors: George Avetisov, Bojan Simic, Roman Kadinsky
  • Patent number: 11172350
    Abstract: This Application sets forth techniques for provisioning and activating electronic subscriber identity modules (eSIMs) for mobile wireless devices. An eSIM is reserved during a sales order process and later activated during device activation after receipt by a user. An option for eSIM installation in place of (or in addition to) physical SIM installation is provided when purchasing the mobile wireless device. The reserved eSIM can replace a previous SIM/eSIM or be a new eSIM. During device activation, installation and activation of the eSIM occurs. Activation of the eSIM can occur before or after deactivation of a transferred SIM/eSIM. The mobile wireless device accounts for propagation delay of eSIM activation through MNO servers by disabling and re-enabling the eSIM until initial attachment to an MNO cellular wireless network succeeds or a maximum number of retry attempts is reached.
    Type: Grant
    Filed: June 15, 2020
    Date of Patent: November 9, 2021
    Assignee: Apple Inc.
    Inventors: Raj S. Chaugule, Li Li, Vikram Bhaskara Yerrabommanahalli, Chandiramohan Vasudevan, Damien R. Holzapfel, Avinash Narasimhan, Ameya R. Kasbekar
  • Patent number: 11167723
    Abstract: A method for access management of the vehicle providing a vehicle and authenticating a user in relation to the vehicle by a proof of identity of the user. The method includes providing a cryptographically secured authorization file for the vehicle containing information relating to usage rights of the authenticated user to the vehicle to increase security in the entity-related enabling of vehicle functions.
    Type: Grant
    Filed: September 20, 2017
    Date of Patent: November 9, 2021
    Inventors: Hendrik Decke, André Oberschachtsiek
  • Patent number: 11172013
    Abstract: A system comprising a processor and a computer readable memory coupled to the processor, the computer readable memory configured with a page processable by page processing code. The page can be configured to generate a set of random connection data usable by a local server program instance to verify that a connection request is from the page, launch the local server program instance, provide the set of random connection data to the local server program instance, create a client socket instance, send a connection request to the local server program instance to establish a connection between the client socket instance and a server socket instance of the server program instance and based on an acceptance of the connection request by the server program instance, complete the connection. The connection may be usable for bi-directional communication between the page and local server program instance.
    Type: Grant
    Filed: January 31, 2019
    Date of Patent: November 9, 2021
    Inventors: Russell George Teglas, Samir Yasin Vaidya
  • Patent number: 11164139
    Abstract: A trunk-sharing system that uses an interior space of a vehicle as a place in which a delivery object is delivered and received, the trunk-sharing system comprising a server configured to: i) acquire a vehicle information including information for identifying the vehicle when a predetermined service request has been issued; ii) acquire a predetermined authentication information for locking and unlocking a door of the vehicle based on the vehicle information; and iii) transmit at least the predetermined authentication information to a terminal which is used by a service provider.
    Type: Grant
    Filed: November 28, 2018
    Date of Patent: November 2, 2021
    Inventors: Shin Sakurada, Koichi Ando, Mutsumi Matsuura, Masato Endo, Koki Fujita
  • Patent number: 11159552
    Abstract: The present disclosure is related to systems and methods of monitoring data of a network application. An embedded browser of a client application on a client device may initiate a request to access a network application hosted on a server. The client application may, responsive to the request, establish a secure session to communicate data of the network application to the client application for rendering in a display region of the embedded browser. The client application may decrypt the data communicated via the established secure session to monitor the network application.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: October 26, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Christopher Fleck, Kenneth Bell
  • Patent number: 11151060
    Abstract: An electronic meeting tool for communicating arbitrary media content from users at a meeting includes a node configuration operating a display node of a communications network that is coupled to a display. The node configuration receives user selected arbitrary media content and controls display of the user selected arbitrary media content on the display. At least one peripheral device communicates the user selected arbitrary media content via the communications network. The peripheral device is a connection unit including a connector that couples to a port of a processing device having a second display, a memory and an operating system; and a transmitter communicating with the communications network. A program is provided to run on the operating system of the processing device and obtains user selected arbitrary media content, while leaving a zero footprint on termination.
    Type: Grant
    Filed: March 9, 2020
    Date of Patent: October 19, 2021
    Assignee: BARCO N.V.
    Inventors: Koen Simon Herman Beel, Yoav Nir, Filip Josephine Johan Louwet, Guy Coen
  • Patent number: 11151253
    Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of credentialing an application in a cloud environment. The application is determined to be a trusted application type. The application is provided with a certificate service process dedicated to request and receive a certificate from a source outside the cloud environment. An integration component retrieves the secret and provides it to the application that is inside the cloud environment. The secret is verified within the cloud environment and the application is deployed as a trusted application instance inside the cloud environment.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: October 19, 2021
    Assignee: WELLS FARGO BANK, N.A.
    Inventors: Brian J. Hanafee, Phillip John Crump
  • Patent number: 11146960
    Abstract: A method and apparatus for providing a communication service by installing an eSIM profile even in a terminal to which an iSSP is applied. The method comprises: detecting whether information is input information for eSIM profile download input information from a terminal to which an iSSP is applied, and determining whether the terminal supports the same. Collecting eSIM bundle information of the iSSP by the terminal; selecting an eSIM bundle to be used by referring to a condition designated by the terminal from among the collected eSIM bundles; if there is no bundle to be used or when it is determined that no eSIM bundle is used among existing eSIM bundles, generating an eSIM bundle by the terminal itself or providing an eSIM bundle via communication with the terminal and a server; and on the basis of eSIM bundle information, downloading and installing an eSIM profile package.
    Type: Grant
    Filed: January 8, 2020
    Date of Patent: October 12, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Sujung Kang, Duckey Lee, Jonghan Park, Kangjin Yoon, Jonghoe Koo, Hyewon Lee
  • Patent number: 11139984
    Abstract: A system for verifying information associated with a user can include at least three devices. The first device is configured to transmit, to the second device, user-associated information, a unique identifier associated with the user-associated information and an identity digital signature generated using an identity private key associated with the user and a message comprising a previously determined hash of a portion of the user-associated information combined with the unique identifier. The second device is configured to generate the hash of the portion of the user-associated information combined with the unique identifier and transmit the generated hash and the identity digital signature to the third device. The third device is configured to lookup the generated hash in a database, verify the identity digital signature using the identity public key related to the generated hash in the database, and upon successful verification, transmit a success response to the second device.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: October 5, 2021
    Inventor: Michael Cole
  • Patent number: 11140161
    Abstract: An IoT device has a public device identifier and a private device identifier, where the public device identifier is publicly available and the private device identifier is secret but kept in a secure device database as a correspondence. A registration request is sent from the IoT device to an association server in communication with the device database having an association between IoT public identifier and a corresponding IoT private identifier. The association server which receives the registration request responds with a registration acknowledgement containing, in encrypted form, the private device identifier of the original request and, optionally, the public device identifier associated with the registration request. The requesting IoT device receives the association acknowledgement, decrypts the private device identifier, compares it to its own device identifier, and if they match, sends one or more association requests.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: October 5, 2021
    Assignee: Silicon Laboratories Inc.
    Inventors: Venkat Mattela, Duen Jeng Wang
  • Patent number: 11132439
    Abstract: A method (10) performed in an initiating runtime (2a) is disclosed for migrating an actor instance (5a1) of an actor (4a) to a target runtime (2b). The method (10) comprises obtaining (11), from a blockchain entity (3), an ownership token associated with the actor instance (5a1) of the actor (4a), the ownership token being verifiable by a blockchain (7) of the blockchain entity (3), and using (12) the ownership token for migrating the actor instance (5a1). A method in a blockchain entity (3), a method in a target runtime (2b), entities, computer programs and computer program products are also disclosed.
    Type: Grant
    Filed: November 30, 2016
    Date of Patent: September 28, 2021
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Håkan Englund, Christoffer Jerkeby, Bernard Smeets
  • Patent number: 11128645
    Abstract: A method and system for detecting fraudulent access to a web resource is disclosed. The web resource is hosted by a server and the method being executable by the server. The method comprises: receiving, by the server, a first request to access the web resource by a first electronic device, the first request including a first cookie; converting, by the server, the first cookie into a second cookie; transmitting, by the server, the second cookie to the first electronic device for storing; receiving, by the server, a second request to access the web resource by a second electronic device, the second request including a third cookie; and determining, by the server, the second request to be a fraudulent request, the determining based on an analysis of the third cookie and the first cookie.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: September 21, 2021
    Assignee: YANDEX EUROPE AG
    Inventors: Danil Nikolaevich Valgushev, Georgy Eduardovich Pavlov, Artur Azamatovich Malikov, Vladimir Viktorovich Ashikhmin
  • Patent number: 11128468
    Abstract: A system and method enabling an entity to prove its identity and provide authentic documents/data/information therein at any time required based upon data retrieved from an independent cryptographically verifiable source (ICVS) through a secured channel is disclosed. The system enables a virtual and secure browser on a user computing device allowing a user to login and retrieve authentic information pertaining to the user from the ICVS in a verifiable and untamperable manner. The retrieved information is bounded with origination information of the ICVS and the bounded information is provided to relying entities as authentic information for verification. Also, cryptographic value of the authentic information can be stored in an immutable storage such as blockchain, so that the cryptographic value is used by the relying-party to validate integrity of the authentic information.
    Type: Grant
    Filed: May 13, 2021
    Date of Patent: September 21, 2021
    Inventor: Vishal Gupta
  • Patent number: 11128625
    Abstract: A principal database is described in which each entry includes one principal identity, and one or more alias identities that may each have an authorization scope. Principal identity attributes include a principal identifier and login credentials, and alias identity attributes include an authorization scope and login credentials. Responsive to successfully authenticating the user for a first application (a multiple-identity application), based on the alias identity login credentials, an access token containing both the alias identity attributes and the principal identity attributes is transmitted to the first application, causing the first application to grant a scope of access based on the authorization scope. Responsive to a request to authenticate the user for a second application (a single-identity application), the access token is transmitted to the second application without re-authenticating the user, causing the second application to grant a scope of access based on the principal identifier.
    Type: Grant
    Filed: August 26, 2019
    Date of Patent: September 21, 2021
    Assignee: Citrix Systems, Inc.
    Inventors: Ricardo Fernando Feijoo, Thomas Michael Kludy
  • Patent number: 11122426
    Abstract: Provided is a method for the assignment of industrial field devices to a user account in a cloud environment, including logging in of a user; scanning of the public identifier; checking, of whether the field device is already linked to a user account; connecting of the field device to the Internet by the user, provided such a connection does not yet exist, in such a way that the cloud environment can be contacted by the field device; triggering a linking of the field device by the user by means of the mobile terminal of the user and the previously scanned public identifier of the field device; authenticating of the field device in the cloud environment by means of the private security key of the field device and assigning of the field device to the public identifier by means of the cloud environment.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: September 14, 2021
    Inventors: Bernhard Gatzhammer, Ludwig Andreas Mittermeier
  • Patent number: 11121874
    Abstract: A method for analyzing data using a blockchain, a data provider and a data customer therefor are disclosed. The method analyzing data using a blockchain is provided wherein a plurality of data sets is stored and processed in a data storage in a distributed manner using a cluster of nodes. The method comprises steps of deploying a smart contract to the blockchain according to a request from a data customer, receiving a request for executing code for data sets selected by a data customer, estimating an amount of token required for executing the code for the selected data sets in the data storage, and controlling, in said distributed manner using the cluster of nodes, execution of the code for the selected data sets based on the balance amount of token while the balance amount of token is greater than the estimated amount of token. The request for executing code includes code to be executed and a balance amount of token which the data customer currently has.
    Type: Grant
    Filed: October 22, 2019
    Date of Patent: September 14, 2021
    Assignee: The University of Stavanger
    Inventors: Dhanya Therese Jose, Antorweep Chakravorty, Chunming Rong
  • Patent number: 11121873
    Abstract: Methods for hardening security between web services using protected forwarded access tokens are implemented via systems and devices. User applications receive user tokens with user information from an identity provider and provide the user tokens to first services with data requests. Each first service extracts and transforms a portion of a user token to validate a user token signature, and determines a target service for the data request. The first services acquire actor tokens from the identity provider that uniquely identify the first services using public keys, and then generate authentication tokens, signed with corresponding private keys, that encapsulate the actor tokens and the transformed user tokens. The signed authentication tokens are provided to target services which validate the authentication tokens as well as the encapsulated tokens and their respective signatures. Upon validation, requested data is retrieved and provided back for the user applications from the target services.
    Type: Grant
    Filed: February 8, 2019
    Date of Patent: September 14, 2021
    Inventors: Douglas Brent Schmaltz, Maria Furman, Jean-Marc Prieur, Amit Kumar, Yordan I. Rouskov, Sriram Dhanasekaran
  • Patent number: 11108703
    Abstract: Techniques for consistent resource visibility during inter-cellular migrations using targeted pairwise scatter-gather techniques are described. For a paginated request to describe resources existing in cells of a provider network that match one or more criteria, a set of candidate cells having, or likely to have, resources of interest that match the one or more criteria are identified. Pairs of the candidate cells that are determined to be involved in a migration are jointly queried according to a scatter-gather type approach and aggregated via a union technique to remove duplicate resource entries. Other cells not involved in a resource migration are independently queried.
    Type: Grant
    Filed: March 5, 2020
    Date of Patent: August 31, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Sandeep Kumar, Sudheer Kumar Sanapati, Edwin Ma
  • Patent number: 11106806
    Abstract: A digital security system and method for unlocking digital content, comprising: receiving, from a user device, an activity data associated with assessing of at least a portion of digital content by a user, wherein the activity data is provided as at least one user input by at least one application operating on at least one user device associated with the user and, wherein the digital content is linked to predetermined location-based locking or unlocking parameters; response to the received user input, storing, by the processor, information about the user activity data and the electronic data correlated with the predetermined location-based locking or unlocking parameters in a profile associated with an account of the user; identifying, by the processor, whether the user device is in compliance with the predetermined location-based locking or unlocking parameters; determining, by the processor, if the electronic content related to the activity data linked to the user account is currently locked; and responsive
    Type: Grant
    Filed: January 5, 2021
    Date of Patent: August 31, 2021
    Assignee: Ticket Trust LLC
    Inventor: Michael Lyons
  • Patent number: 11100505
    Abstract: Disclosed are exemplary embodiments of systems and methods for facilitating services associated with transaction requests. In an exemplary embodiment, a method generally includes receiving, from a first entity, a transaction request for a payment account transaction. The transaction request includes a primary account number (PAN) for a payment account involved in the transaction. The exemplary method also includes overwriting the PAN in the transaction request with a non-PAN identifier (NPI), where a first segment of the PAN is identical to a first segment of the NPI and where the NPI is an invalid PAN. The exemplary method further includes routing the transaction request to a service, whereby the service is able to be implemented for the transaction request based, in part, on the first segment of the NPI while the PAN remains anonymous to the service.
    Type: Grant
    Filed: August 12, 2016
    Date of Patent: August 24, 2021
    Inventor: Bryan Niehaus
  • Patent number: 11102211
    Abstract: A computer network (1) adapted to provide secured access to online applications hosted on application servers (10) to a requesting user (U). The network (1) comprises a login security server (20) configured for deciding access for the user based on data contained in a central generic access control file (32) and in the access request. The network (1) further comprises a centralized user identification component (40) configured for receiving identification data from user through a central login panel (42) and for sending an access grant or denial command to the application servers (10).
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: August 24, 2021
    Assignee: AMADEUS S.A.S.
    Inventors: Ayoub Choukouk, Alexandre Barras, Mathieu Morino Baquetto, Maria Assunta Domanico, Virginie Amar, Jeremie Barlet
  • Patent number: 11095637
    Abstract: Systems and methods of providing third-party applications with access to functionalities of a proprietary communication network via a network as a service (NaaS) software development kit (SDK) are disclosed. The NaaS SDK includes a web authentication broker and a WebSocket handler, and may include additional modules to facilitate network access. The NaaS SDK authenticates the user account and establishes a communication connection with the proprietary communication network, which is then used to further access functionalities of the proprietary communication network. The communication connection may be used to establish media connections for specific communication sessions over the proprietary communication network, such as making or receiving voice calls.
    Type: Grant
    Filed: August 16, 2019
    Date of Patent: August 17, 2021
    Assignee: T-MOBILE USA, INC.
    Inventors: Svnn Mahesh Duriseati, Prakasa Bellam, Husain Mahmood, Mikhail Fridman
  • Patent number: 11093383
    Abstract: Methods that can facilitate more optimized relocation of data associated with a memory are presented. In addition to a memory controller component, a memory manager component can be employed to increase available processing resources to facilitate more optimal execution of higher level functions. Higher level functions can be delegated to the memory manager component to allow execution of these higher level operations with reduced or no load on the memory controller component resources. A uni-bus or multi-bus architecture can be employed to further optimize data relocation operations. A first bus can be utilized for data access operations including read, write, erase, refresh, or combinations thereof, among others, while a second bus can be designated for higher level operations including data compaction, error code correction, wear leveling, or combinations thereof, among others.
    Type: Grant
    Filed: February 11, 2019
    Date of Patent: August 17, 2021
    Inventors: Walter Allen, Robert France
  • Patent number: 11095658
    Abstract: A system for and method of reconciling access data from a plurality of organizational systems with that of data comprising access rights of members of that organization. The system and method provide a means for identifying inconsistencies between the data representing actual access and that of data representing granted access rights which should be in place for various past and present users. Identified inconsistencies are reported to parties responsible for compliance with organizational and regulatory rules so that those parties can investigate and correct errors before they result in failure to meet service level or regulatory requirements.
    Type: Grant
    Filed: January 3, 2019
    Date of Patent: August 17, 2021
    Inventors: Dimitry Berestovetsky, Thomas Musella, Felix Glazer, Chris Sookchand
  • Patent number: 11080713
    Abstract: Provided are a system and method for authenticating a transaction. The authentication method may be performed by a user computing device, and may include providing, to a merchant device, account information for payment of a transaction, receiving, from the merchant device, a request to authenticate the transaction using payment software of the user device, and executing the payment software in a virtual environment. The executed payment software may authenticate, with an external server, that the account is paired with the payment software of the user device, and transmit a result of the authenticating to a payment network.
    Type: Grant
    Filed: January 29, 2020
    Date of Patent: August 3, 2021
    Inventor: Manoneet Kohli
  • Patent number: 11075941
    Abstract: A risk control method includes: acquiring risk information of a current user operation; calculating, for an identity verification mode corresponding to historical identity verification, a security coefficient according to the risk information and security information corresponding to the identity verification mode, and calculating an estimated operation risk according to the security coefficient and an amount corresponding to the user operation; and performing prescribed risk control processing on the user operation when the estimated operation risk satisfies a preset condition, and waiving performing prescribed risk control processing on the user operation when the estimated operation risk does not satisfy the preset condition.
    Type: Grant
    Filed: October 29, 2020
    Date of Patent: July 27, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Fanfan Ye
  • Patent number: 11075952
    Abstract: In an example, a method of managing access to resources managed by heterogeneous resource servers having different policy document formats in a cloud services environment includes obtaining, at an identity and access management (IAM) service, a policy document describing privileges of an end user with respect to accessing at least one resource of the resources managed by a resource server of the heterogeneous resource servers; sending the policy document from the IAM service to an resource server endpoint designated by the resource server for validation; storing, by the IAM service, the policy document in a datastore in response to a determination by the resource server endpoint that the policy document is valid; and generating, by the IAM service, an indication that the policy document is invalid in response to a determination by the resource server endpoint that the policy document is invalid.
    Type: Grant
    Filed: July 23, 2018
    Date of Patent: July 27, 2021
    Assignee: VMware, Inc.
    Inventors: Viswanathan Ramachandran, Jonathan Cook
  • Patent number: 11074371
    Abstract: A computer processor and a security enhancing chip may be provided. In one aspect, the computer processor may comprise a storage for storing an encryption key, a central processing unit (CPU) configured to execute one or more software programs, and a circuit configured to calculate a hash function to generate a hash value for data loaded into the computer processor and generate an authentication token for a request initiated by a software program running on the CPU. In another aspect, the security enhancing chip may comprise a first storage for storing an encryption key, a second storage for storing a certificate, a hash storage and circuit components configured to validate, using the first certificate, command(s) adding the encryption key to the first storage and storing a first hash to the hash storage, and to process a request if a second hash in the request is equal to the first hash.
    Type: Grant
    Filed: December 17, 2019
    Date of Patent: July 27, 2021
    Assignee: OLogN Technologies AG
    Inventors: Sergey Ignatchenko, Dmytro Ivanchykhin
  • Patent number: 11070941
    Abstract: Provided is a heterogeneous network of independently provided system components for detecting and verifying time and location of endpoints. In one aspect, a method includes receiving, at a first network component and from a second network component, a set of instructions for generating tokens in association with an application service; generating, at the first network component, the tokens based on the set of instructions; transmitting, by the first network component and according to the set of instructions, one or more of the tokens to one or more proximity emitter devices; receiving, from a user device, a message including a token received by the user device from at least one of the one or more proximity emitter devices; and validating the token to confirm that the token is from among the tokens generated by the first network component, the validation allowing the user device access to the application service.
    Type: Grant
    Filed: July 12, 2019
    Date of Patent: July 20, 2021
    Inventor: Michael A. Ramalho
  • Patent number: 11068862
    Abstract: A method for authentication includes receiving consumer information associated with a consumer transmitted over a first data network in a processor operated by an account issuer; determining available account authentication options based on the received consumer information and a database of potential authentication options stored in a memory in the processor; selecting a set of available authentication options from the available account authentication options based on a database of attributes for the potential authentication options stored in the memory in the processor; transmitting consumer information to an authentication provider associated with a selected authentication option over a second data network; receiving an authentication confirmation over the second data network in the processor; and updating the database of attributes for the potential authentication options to include information regarding a successful authentication and the authentication provider associated with the selected authenticatio
    Type: Grant
    Filed: January 11, 2018
    Date of Patent: July 20, 2021
    Inventors: Aydin A. Kadaster, Adam Frisch
  • Patent number: 11068577
    Abstract: A method for connecting a mobile device with a vehicle-based system is described. The vehicle based-system comprises a first device and a second device that are both in possession of a system key. For an initial connection request between the first device and the mobile device, a token pair comprising a plaintext token and an encrypted token has been provided. The encrypted token is obtainable by applying the system key to at least the plaintext token. The mobile device is connected with the vehicle-based system by receiving, for a subsequent connection request with the second device and from the mobile device, the token pair comprising the plaintext token and the encrypted token. The token pair is verified using at least the system key. The subsequent connection is accepted upon successful verification of the token pair.
    Type: Grant
    Filed: April 19, 2017
    Date of Patent: July 20, 2021
    Assignee: E.SOLUTIONS GMBH
    Inventors: Martin Clement, Lukasz Gut, Micha Mutschler, Andreas Seuss
  • Patent number: 11070546
    Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to receive from a first device a digital key, receive from a second device an encrypted data item, decrypt the encrypted data item using the digital key to obtain a decrypted data item, and verify the decrypted data item matches a reference data item, and responsive to the decrypted data item matching the reference data item, grant access to at least one of the first device and the second device.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: July 20, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Teemu Ilmari Savolainen, Jyri Hämäläinen, Markus Isomäki, István Beszteri
  • Patent number: 11069164
    Abstract: A mobile device verification method for a facility includes the mobile device requesting authorization to permit entry to and/or exit from the facility, validating the mobile device request, and verifying, as a mobile device enters and exits the facility, that the mobile device is the mobile device whose authorization request was validated.
    Type: Grant
    Filed: March 19, 2019
    Date of Patent: July 20, 2021
    Assignee: VIZpin, Inc.
    Inventors: Paul Bodell, Rosco Schock, Peter Dikeman
  • Patent number: 11063926
    Abstract: Devices and methods for single sign-on and regulatory compliance involve a processor of a communication device executing a first entity application that stores user authentication data on a secure vault element of the communication device. Thereafter, the stored user authentication data is retrieved from the secure vault element by the processor executing a second entity application, and the processor executing the second entity application logs the user into the second entity application based on the user authentication data retrieved from the secure vault element without requiring entry of further user authentication data.
    Type: Grant
    Filed: May 19, 2016
    Date of Patent: July 13, 2021
    Assignee: CITIBANK, N.A.
    Inventors: Giridhar Narayanan, Saket Gupta
  • Patent number: 11062302
    Abstract: A method for provisioning a payment account to a mobile wallet includes receiving a request to provision a payment token configured to facilitate a mobile wallet transaction. The method includes receiving a payment account configured for provision to a mobile wallet, generating the payment token responsive to the request to provision the payment token, associating the payment token with the payment account, receiving account information for the payment account, receiving address information from a mobile device associated with the mobile wallet, the address information uniquely identifying the mobile wallet, and provisioning the payment token associated with the payment account to the mobile wallet responsive to receiving the address information and the account information.
    Type: Grant
    Filed: December 6, 2016
    Date of Patent: July 13, 2021
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Peter Ho, Ashish B. Kurani, Brian M. Pearce, Steven E. Puffer
  • Patent number: 11057357
    Abstract: The disclosure includes novel encryption and/or decryption methods and systems that provide various security benefits. More specifically, the disclosure includes a description of a file encryption process and its ability to dynamically control permissions on who is allowed to decrypt the file. Moreover, the disclosed process permits an encrypted file to be freely distributed without losing the ability to govern/regulate decryption.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: July 6, 2021
    Assignee: Bank of America Corporation
    Inventors: Shankar Ramasubramanian Iyer, Navanith R. Keerthi, Maria Auxilia Dominique
  • Patent number: 11057386
    Abstract: A computing system architecture includes a token generator communicable with a client token agent. The client token agent is communicable with a client database access agent. A database management system is communicable with the token agent. The database management system is communicable with the client database access agent. A client authorization management system is communicable with the database management system. The client authorization management system stores a list of authorized operations for a client. The list of authorized operations is configured to be changeable during a client login session.
    Type: Grant
    Filed: August 24, 2018
    Date of Patent: July 6, 2021
    Assignee: Unisys Corporation
    Inventors: Shrinivas Alawani, Gurwinder Singh, Kumararaja Panneer Selvam
  • Patent number: 11055420
    Abstract: An access control method for controlling access to data requested from an electronic information system. The method comprises receiving a request for the data, determining a user identity associated with the request; gathering the requested data from one or more data sources by an orchestrator for input to a cognitive engine; analyzing the requested data; based on results of analyzing the requested data, deciding on whether the user identity can be allowed to access the requested data; providing feedback by the user identity; and updating a learning module based on the feedback.
    Type: Grant
    Filed: February 5, 2018
    Date of Patent: July 6, 2021
    Assignee: International Business Machines Corporation
    Inventors: Rossella De Gaetano, Paolo Ottaviano, Gianluca Perreca, Antonio Bagarolo
  • Patent number: 11055683
    Abstract: Transaction cards, systems and methods configured with card validation and fingerprint or other activation features. In one embodiment, an exemplary transaction card may comprise transaction circuitry configured to conduct purchase transactions, at least one fingerprint sensor, data storage configured to store fingerprint reference data, communication circuitry, card control circuitry configured to activate or otherwise control the card based on fingerprint verification, and computer readable media storing instructions for transmitting fingerprint verification information when a purchase transaction is attempted to POS device and/or an online entity.
    Type: Grant
    Filed: April 2, 2020
    Date of Patent: July 6, 2021
    Assignee: Capital One Services, LLC
    Inventors: Cara L. Bartholomew, Erin S. Smith
  • Patent number: 11048566
    Abstract: A method includes detecting, by a computing device, activation of a link to content served by a remote server, and in response to detecting activation of the link, attempting to load a passive mixed content item from the computing device. The method also includes determining whether the passive mixed content item successfully loaded. The method further includes, in response to determining the passive mixed content item successfully loaded, accessing, using an application on the computing device, the content from the remote server. In addition, the method includes, in response to determining the passive mixed content item did not successfully load, accessing, using a web browser, the content from the remote server.
    Type: Grant
    Filed: January 28, 2020
    Date of Patent: June 29, 2021
    Inventors: Samuel Attard, Clifton Hensley, Issac Gerges