公开(公告)号：US09305149B2

公开(公告)日：2016-04-05

申请号：US14175956

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F12/14 ,  H04L29/06 ,  G06F21/30 ,  G06F21/31

CPC classification number: G06Q20/108 ,  G06F21/30 ,  G06F21/31 ,  G06F2221/2113 ,  G06F2221/2149 ,  G06Q40/02 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/105 ,  H04L2463/102

Abstract: Embodiments are directed to systems, methods and computer program products for sorting mobile banking functions into authentication buckets. Embodiments determine, for each of a plurality of mobile banking functions, a corresponding authentication buckets, where each authentication bucket corresponds with a level of authentication. Some embodiments receive a request, from a user, to access a function; access the plurality of authentication buckets to determine which of the authentication buckets corresponds with the requested function; determine the level of authentication associated with the determined authentication bucket; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, enable access to the function requested by the user.

Abstract translation: 实施例涉及用于将移动银行功能分类到认证桶中的系统，方法和计算机程序产品。 对于多个移动银行业务中的每一个，实施例确定相应的验证桶，其中每个验证桶与认证级别相对应。 一些实施例从用户接收到访问功能的请求; 访问所述多个认证桶以确定所述认证桶中的哪一个对应于所请求的功能; 确定与确定的认证桶相关联的认证级别; 确定哪些认证类型与认证级别相关联; 请求与认证类型相对应的认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应于认证证书的成功验证，使得能够访问由用户请求的功能。

公开(公告)号：US20160026779A1

公开(公告)日：2016-01-28

申请号：US14876651

申请日：2015-10-06

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06F21/31

CPC classification number: H04L63/0876 ,  G06F21/31 ,  G06F2221/2111 ,  G06F2221/2137

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to known boundaries of location associated with the user, such as patterns of movement or the like. As such, the present invention serves to expedite the process for authenticating a user who desires to gain access to a network service, such as a banking application or the like.

Abstract translation: 提供系统，装置，方法和计算机程序产品，用于基于与用户相关联的位置的已知边界比较，基于用户的当前位置确定特定网络访问会话的用户认证要求/凭证，诸如 运动等。 因此，本发明用于加速用于验证希望访问诸如银行应用程序等网络服务的用户的过程。

公开(公告)号：US20150227731A1

公开(公告)日：2015-08-13

申请号：US14175863

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: G06F21/31

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F21/41 ,  H04L63/04 ,  H04L63/08 ,  H04L63/10

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

Abstract translation: 本发明包括用于基于第一动作认证第二动作的系统，其中所述系统被配置为：接收执行与第一应用相关联的第一动作的第一请求; 确定第一个操作的执行需要用户认证; 从用户请求一个或多个认证凭证; 接收与第一动作相关联的第一认证证书; 验证第一认证证书，从而导致对所接收的第一认证凭证的成功验证; 响应成功验证，执行第一个动作; 接收执行与第二应用相关联的第二动作的第二请求; 确定第二个动作的执行需要用户认证; 使用第一认证证书的成功验证来验证第二认证证书，以便可以执行第二动作。

公开(公告)号：US20150026351A1

公开(公告)日：2015-01-22

申请号：US13946425

申请日：2013-07-19

Applicant: Bank of America Corporation

Inventor： Matthew A. Calman ,  Dipika Jain ,  William E. Kelley ,  Michael E. Toth ,  Chris Purvis

IPC: H04L29/06

CPC classification number: H04L65/1083

Abstract: Embodiments for transferring online account sessions are included in systems that enable a user to transfer control of an account session from a first mobile device to a second mobile device and determine whether or not the second mobile device has control of the account session based on transmission data received from the first mobile device or second mobile device. The systems receive transaction data, user input, or device tracking data from the first device or second device, and use the data to process online activities.

Abstract translation: 用于传送在线帐户会话的实施例包括在使得用户能够将帐户会话的控制从第一移动设备传送到第二移动设备的系统中，并且基于传输数据来确定第二移动设备是否具有对帐户会话的控制 从第一移动设备或第二移动设备接收。 系统从第一设备或第二设备接收交易数据，用户输入或设备跟踪数据，并使用数据来处理在线活动。

公开(公告)号：US20150026054A1

公开(公告)日：2015-01-22

申请号：US13946511

申请日：2013-07-19

Applicant: Bank of America Corporation

Inventor： Matthew A. Calman ,  William E. Kelley ,  Chris Purvis ,  Dipika Jain ,  Michael E. Toth

IPC: G06F21/62 ,  G06Q20/10

CPC classification number: G06F21/6245 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06Q20/108 ,  G06Q20/3224

Abstract: Disclosed is a system and associated method for restricting access to a customer's online banking account based on customer-defined online-banking access restrictions. The system typically includes a processor, a memory, and an online banking module stored in the memory. The module is typically configured for initially associating a mobile device with the customer's online banking account. In addition, the module is typically configured for subsequently receiving a restricted transaction definition from the mobile device, the restricted transaction definition defining a first restricted transaction associated with the customer's online banking account; searching a database of records to determine if the mobile device is associated with the customer's online banking account; and creating a restricted transaction record based on determining that the first mobile device is associated with the customer's online banking account, the restricted transaction record including the first restricted transaction definition.

Abstract translation: 公开了一种系统和相关方法，用于根据客户定义的网上银行访问限制来限制对客户的网上银行帐户的访问。 该系统通常包括存储在存储器中的处理器，存储器和网上银行模块。 该模块通常被配置为初始地将移动设备与客户的在线银行账户相关联。 另外，模块通常被配置为随后从移动设备接收限制的交易定义，该限制交易定义定义与客户的在线银行账户相关联的第一受限交易; 搜索记录数据库以确定移动设备是否与客户的在线银行帐户相关联; 以及基于确定所述第一移动设备与所述客户的在线银行帐户相关联来创建受限制的交易记录，所述受限交易记录包括所述第一受限交易定义。

公开(公告)号：US20150026026A1

公开(公告)日：2015-01-22

申请号：US13946658

申请日：2013-07-19

Applicant: BANK OF AMERICA CORPORATION

Inventor： Matthew A. Calman ,  William E. Kelley ,  Chris Purvis ,  Dipika Jain ,  Michael E. Toth

IPC: G06Q40/02

CPC classification number: G06Q40/02 ,  G06Q20/108 ,  G06Q20/32 ,  G06Q20/322 ,  G06Q20/3221 ,  G06Q20/3224 ,  G06Q20/325 ,  G06Q20/40 ,  G06Q20/4014 ,  G06Q20/4016 ,  G06Q20/403 ,  G06Q20/4037 ,  G06Q20/405 ,  G06Q20/425 ,  G06Q30/00 ,  G06Q30/06 ,  G06Q30/0601 ,  G06Q30/0633 ,  G06Q40/00

Abstract: Disclosed is a system and associated method for restricting access to a customer's online banking account. The system typically includes a processor, a memory, and an online banking module stored in the memory. The module is typically configured for determining that a computing device has initiated a first online banking transaction associated with the customer's online banking account. If the first online banking transaction is within a first restricted transaction definition and if the computing device is not enrolled with the customer's online banking account, geographic location information associated with the computing device and geographic location information associated with a first mobile device enrolled with the customer's account are received. The module determines whether the location of the computing device is proximate to a predefined location and/or whether the location of the computing device is proximate to the location of the first mobile device.

Abstract translation: 公开了一种用于限制访问客户的在线银行账户的系统和相关联的方法。 该系统通常包括存储在存储器中的处理器，存储器和网上银行模块。 该模块通常被配置用于确定计算设备已经启动与客户的在线银行帐户相关联的第一网上银行交易。 如果第一网上银行交易是在第一受限制的交易定义内，并且如果计算设备未被注册到客户的在线银行帐户，则与计算设备相关联的地理位置信息和与登记有客户端的第一移动设备相关联的地理位置信息 收到帐号。 该模块确定计算设备的位置是否靠近预定义的位置和/或计算设备的位置是否接近第一移动设备的位置。

公开(公告)号：US20150026024A1

公开(公告)日：2015-01-22

申请号：US13946068

申请日：2013-07-19

Applicant: Bank of America Corporation

Inventor： Matthew A. Calman ,  Dipika Jain ,  Chris Purvis ,  William Kelley ,  Michael E. Toth

IPC: G06Q40/02

CPC classification number: G06Q40/02

Abstract: Embodiments of the invention are directed to apparatus, methods, and computer program products for determining and notifying a user, herein a financial institution customer, as to which account aggregators currently have been granted permission to access accounts held by the customer at the financial institution. In addition to notifying the customer of the current status of account aggregator access, the present invention provides the customer, through an online or mobile banking application or the like, a comprehensive tool for managing the access granted to all of the account aggregators that are determined to currently have permission to access the customer's accounts.

Abstract translation: 本发明的实施例涉及用于确定和通知用户（在此为金融机构客户）的装置，方法和计算机程序产品，关于当前已被授权访问由该客户在金融机构持有的帐户的帐户的哪些帐户聚合者。 除了向客户通知帐户聚合者访问的当前状态之外，本发明还通过在线或移动银行应用程序等向客户提供用于管理授予所有被确定的帐户聚合器的访问的综合工具 目前有权访问客户的帐户。

公开(公告)号：US11176230B2

公开(公告)日：2021-11-16

申请号：US16210010

申请日：2018-12-05

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah ,  Xianhong Zhang

IPC: G06F21/31 ,  G06F21/62 ,  H04L29/08 ,  G06N20/00

Abstract: Aspects of the disclosure relate to processing authentication requests to secured information systems based on machine-learned user behavior profiles. A computing platform may receive an authentication request corresponding to a request for a user of a client computing device to access one or more secured information resources associated with a user account. The computing platform may capture behavioral parameters associated with the client computing device and may evaluate the behavioral parameters using a behavioral profile associated with the user account to determine a behavioral deviation score. Based on the behavioral deviation score, the computing platform may select an authentication action from a plurality of pre-defined authentication actions. Subsequently, the computing platform may generate commands directing an account portal computing platform to allow access, conditionally allow access, or prevent access based on the selected authentication action. Then, the computing platform may send the commands to the account portal computing platform.

公开(公告)号：US20210286872A1

公开(公告)日：2021-09-16

申请号：US17332557

申请日：2021-05-27

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Hitesh Shah

IPC: G06F21/45 ,  G06N20/00 ,  G06F21/31

Abstract: Aspects of the disclosure relate to dynamically generating activity prompts to build and refine machine learning authentication models. A computing platform may process a first set of login events associated with a first user account and may build a first user-specific authentication model for the first user account. Then, the computing platform may process a second set of login events associated with a second user account and may build a second user-specific authentication model for the second user account. The computing platform also may build a population-level authentication model for a plurality of user accounts. Thereafter, the computing platform may identify one or more activity parameters associated with at least one authentication model for refinement. Subsequently, the computing platform may generate and send one or more activity prompts to one or more client computing devices to request at least one user response.

公开(公告)号：US11113370B2

公开(公告)日：2021-09-07

申请号：US16210042

申请日：2018-12-05

Applicant: Bank of America Corporation

Inventor： Michael E. Toth ,  Xianhong Zhang ,  Hitesh Shah ,  Srinivasa Rao Goriparthi

IPC: G06F21/31 ,  G06F21/41 ,  H04L29/06 ,  G06N20/00

Abstract: Aspects of the disclosure relate to processing authentication requests to secured information systems using machine-learned user-account behavior profiles. A computing platform may receive an authentication request corresponding to a request for a user of a client computing device to access one or more secured information resources associated with a user account. The computing platform may capture one or more behavioral parameters and may authenticate the user of the client computing device to the user account based on the one or more behavioral parameters and one or more authentication credentials. The computing platform then may generate and send one or more authentication commands directing an account portal computing platform to allow access to the one or more secured information resources. Subsequently, the computing platform may capture activity data associated with one or more interactions in a client portal session and may update a behavioral profile associated with the user account.