公开(公告)号：US09595025B2

公开(公告)日：2017-03-14

申请号：US15016138

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F12/14 ,  G06Q20/10 ,  G06F21/30 ,  G06F21/31 ,  H04L29/06 ,  G06Q40/02 ,  G06F17/00

CPC classification number: G06Q20/108 ,  G06F21/30 ,  G06F21/31 ,  G06F2221/2113 ,  G06F2221/2149 ,  G06Q40/02 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/105 ,  H04L2463/102

Abstract: Embodiments are directed to systems, methods and computer program products for sorting mobile banking functions into authentication buckets. Embodiments determine, for each of a plurality of mobile banking functions, a corresponding authentication buckets, where each authentication bucket corresponds with a level of authentication. Some embodiments receive a request, from a user, to access a function; access the plurality of authentication buckets to determine which of the authentication buckets corresponds with the requested function; determine the level of authentication associated with the determined authentication bucket; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, enable access to the function requested by the user.

Abstract translation: 实施例涉及用于将移动银行功能分类到认证桶中的系统，方法和计算机程序产品。 对于多个移动银行业务中的每一个，实施例确定相应的验证桶，其中每个验证桶与认证级别相对应。 一些实施例从用户接收到访问功能的请求; 访问所述多个认证桶以确定所述认证桶中的哪一个对应于所请求的功能; 确定与确定的认证桶相关联的认证级别; 确定哪些认证类型与认证级别相关联; 请求与认证类型相对应的认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应于认证证书的成功验证，使得能够访问由用户请求的功能。

公开(公告)号：US09530124B2

公开(公告)日：2016-12-27

申请号：US15016132

申请日：2016-02-04

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Joseph Neil Johansen ,  Michael E. Toth ,  Daniel Lynn Carpenter ,  Hood Qaim-Maqami ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: G06F12/16 ,  G06Q20/10 ,  G06F21/30 ,  G06F21/31 ,  H04L29/06 ,  G06Q40/02 ,  G06F17/00

CPC classification number: G06Q20/108 ,  G06F21/30 ,  G06F21/31 ,  G06F2221/2113 ,  G06F2221/2149 ,  G06Q40/02 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/105 ,  H04L2463/102

Abstract: Embodiments are directed to systems, methods and computer program products for sorting mobile banking functions into authentication buckets. Embodiments determine, for each of a plurality of mobile banking functions, a corresponding authentication buckets, where each authentication bucket corresponds with a level of authentication. Some embodiments receive a request, from a user, to access a function; access the plurality of authentication buckets to determine which of the authentication buckets corresponds with the requested function; determine the level of authentication associated with the determined authentication bucket; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, enable access to the function requested by the user.

公开(公告)号：US09390242B2

公开(公告)日：2016-07-12

申请号：US14175646

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06F21/31

CPC classification number: G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/10 ,  H04W4/02 ,  H04W4/021 ,  H04W4/023

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to predetermined boundaries of location that have altered authentication requirements, in the form of, increased or decreased authentication requirements/credentials that differ from the standard authentication requirements.

Abstract translation: 提供系统，装置，方法和计算机程序产品，用于基于用户的当前位置与具有改变的认证要求的位置的预定边界相比较，以形式确定特定网络访问会话的用户认证要求/凭证 的，增加或减少的认证要求/凭证与标准认证要求不同。

公开(公告)号：US20160057144A1

公开(公告)日：2016-02-25

申请号：US14928312

申请日：2015-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: H04L29/06

CPC classification number: H04L63/0876 ,  G06F21/31 ,  G06F2221/2111 ,  G06F2221/2137

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for function requiring authentication based on determining a location along an authentication continuum. The location along the authentication continuum defines the degree of authentication/credentials required to access the function and is determined based on a current state of the user and/or function attributes. The more or less that is known about the current state of the user the more or less likely the user is the user that is attempting to access the function and, thus, the authentication requirements required to access the function can be adjusted according (increased or decreased).

Abstract translation: 提供了系统，装置，方法和计算机程序产品，用于基于确定沿认证连续体的位置来确定用户需要认证的功能的认证要求/凭证。 沿着认证连续体的位置定义了访问功能所需的认证/凭证的程度，并且基于用户的当前状态和/或功能属性来确定。 对于用户的当前状态或多或少已知的用户或多或少可能是用户正试图访问功能，因此访问该功能所需的认证要求可以根据（增加或 减少）。

公开(公告)号：US20160055487A1

公开(公告)日：2016-02-25

申请号：US14928360

申请日：2015-10-30

Applicant: BANK OF AMERICA CORPORATION

Inventor： Elizabeth S. Votaw ,  Alicia C. Jones-McFadden ,  David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson

IPC: G06Q20/40 ,  G06F21/31

CPC classification number: G06Q20/4014 ,  G06F21/316 ,  H04L63/08 ,  H04L2463/082

Abstract: Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a set of data comprising information related to user patterns associated with the apparatus of the user; determine a user pattern score associated with the user; determine a level of authentication; determine which authentication types are associated with the level of authentication; request authentication credentials corresponding to the authentication types; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and in response to the successful validation, execute the user action.

Abstract translation: 实施例涉及用于基于历史用户模式提供用户认证的系统，方法和计算机程序产品。 实施例从用户接收执行与应用相关联的用户动作的请求，其中用户动作的执行需要认证证书的验证; 收集包括与用户的装置相关联的用户模式的信息的一组数据; 确定与用户相关联的用户模式得分; 确定认证级别; 确定哪些认证类型与认证级别相关联; 请求与认证类型相对应的认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应成功验证，执行用户操作。

公开(公告)号：US09223951B2

公开(公告)日：2015-12-29

申请号：US14175863

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth ,  Elizabeth S. Votaw

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06 ,  G06F21/31

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F21/41 ,  H04L63/04 ,  H04L63/08 ,  H04L63/10

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

Abstract translation: 本发明包括用于基于第一动作认证第二动作的系统，其中所述系统被配置为：接收执行与第一应用相关联的第一动作的第一请求; 确定第一个操作的执行需要用户认证; 从用户请求一个或多个认证凭证; 接收与第一动作相关联的第一认证证书; 验证第一认证证书，从而导致对所接收的第一认证凭证的成功验证; 响应成功验证，执行第一个动作; 接收执行与第二应用相关联的第二动作的第二请求; 确定第二个动作的执行需要用户认证; 使用第一认证证书的成功验证来验证第二认证证书，以便可以执行第二动作。

公开(公告)号：US09208301B2

公开(公告)日：2015-12-08

申请号：US14175643

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06F21/31

CPC classification number: H04L63/0876 ,  G06F21/31 ,  G06F2221/2111 ,  G06F2221/2137

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to known boundaries of location associated with the user, such as the user's residence, place of business or the like. As such, the present invention serves to expedite the process for authenticating a user who desires to gain access to a network service, such as a banking application or the like.

Abstract translation: 提供系统，装置，方法和计算机程序产品，用于基于与用户相关联的位置的已知边界（例如，用户的身份）相对于用户的当前位置确定特定网络访问会话的用户认证要求/凭证 居住地，营业地等。 因此，本发明用于加速用于验证希望访问诸如银行应用程序等网络服务的用户的过程。

公开(公告)号：US20150229623A1

公开(公告)日：2015-08-13

申请号：US14175701

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Michael E. Toth ,  Carrie Anne Hanson ,  Elizabeth S. Votaw

IPC: H04L29/06

CPC classification number: G06Q20/405 ,  G06F17/3053 ,  G06Q20/3224 ,  G06Q20/327 ,  G06Q20/34 ,  G06Q20/4016 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/04

Abstract: Embodiments are directed to systems, methods and computer program products for providing user authentication based on transaction data. Embodiments receive from a user, a request to execute a user action associated with an application, wherein execution of the user action requires validation of authentication credentials; collect a transaction set of data comprising information related to transactions conducted by the user; collect a location set of data comprising information related to a physical location of the user; determine a transaction proximity score associated with the user and the transactions; determine a level of authentication associated with the determined transaction proximity score; determine which authentication types are associated with the level of authentication; request authentication credentials; receive authentication credentials from the user; validate the authentication credentials, thereby resulting in a successful validation of the authentication credentials; and, in response to the successful validation of the authentication credentials, execute the user action.

Abstract translation: 实施例涉及用于基于交易数据提供用户认证的系统，方法和计算机程序产品。 实施例从用户接收执行与应用相关联的用户动作的请求，其中用户动作的执行需要认证证书的验证; 收集包含由用户进行的交易相关信息的数据交易集合; 收集包括与用户的物理位置有关的信息的位置数据集; 确定与用户和交易相关联的交易接近评分; 确定与确定的交易接近评分相关联的认证级别; 确定哪些认证类型与认证级别相关联; 请求认证凭证; 从用户接收认证凭证; 验证身份验证凭证，从而导致验证凭证成功验证; 并且响应于认证证书的成功验证，执行用户动作。

公开(公告)号：US20150227926A1

公开(公告)日：2015-08-13

申请号：US14175639

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06Q20/38 ,  G06Q20/32

CPC classification number: G06Q20/32 ,  G06Q20/40

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific mobile network access session based on the current location of the user in comparison to a known typical travel route of the user. In this regard, if the user is located within the boundaries of the travel route during the time period when the user is typically travelling on the route, less, or in some instances no, authentication requirements are needed. Moreover, as the user deviates from the travel route in terms of distance and/or time the greater the authentication requirements/credentials may be required. Once the deviation is considered to significant in terms of distance and/or time full authentication requirements may be required.

Abstract translation: 提供系统，装置，方法和计算机程序产品，用于与用户的已知典型行进路线相比，基于用户的当前位置确定特定移动网络接入会话的用户认证要求/凭证。 在这方面，如果在用户通常在路线上行进的时间段内较少的或在某些情况下不需要认证要求的情况下，如果用户位于行进路线的边界内。 此外，由于用户在距离和/或时间方面偏离行进路线，所以需要认证要求/凭证越多。 一旦偏差被认为在距离和/或时间方面是显着的，可能需要完整的认证要求。

公开(公告)号：US20150227728A1

公开(公告)日：2015-08-13

申请号：US14175646

申请日：2014-02-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： David M. Grigg ,  Peter John Bertanzetti ,  Charles Jason Burrell ,  Carrie Anne Hanson ,  Joseph Neil Johansen ,  Michael E. Toth

IPC: G06F21/31

CPC classification number: G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/10 ,  H04W4/02 ,  H04W4/021 ,  H04W4/023

Abstract: Systems, apparatus, methods, and computer program products are provided for determining a user's authentication requirements/credentials for a specific network access session based on the current location of the user in comparison to predetermined boundaries of location that have altered authentication requirements, in the form of, increased or decreased authentication requirements/credentials that differ from the standard authentication requirements.

Abstract translation: 提供系统，装置，方法和计算机程序产品，用于基于用户的当前位置与具有改变的认证要求的位置的预定边界相比较，以形式确定特定网络访问会话的用户认证要求/凭证 的，增加或减少的认证要求/凭证与标准认证要求不同。