公开(公告)号：US20220116388A1

公开(公告)日：2022-04-14

申请号：US17070755

申请日：2020-10-14

申请人： PAYPAL, INC.

发明人： Raoul Johnson ,  Meethil Vijay Yadav ,  Michael Weideman ,  Eric Nunes

IPC分类号： H04L29/06 ,  G10L17/08 ,  G10L17/26 ,  G06N20/00 ,  G10L25/72

摘要： There are provided systems and methods for a voice vector framework that authenticates user interactions. A service provider server receives user interaction data having audio data that is associated with an interaction between a user device and the service provider server. The server extracts user attributes from the audio data and obtains user account information associated with the user device. The server selects a classifier that corresponds to a select combination of features based on the user account information and applies the classifier to the user attributes. The server generates a voice vector that includes multiple scores indicating likelihoods that a respective user attribute corresponds to an attribute of the select combination of features. The server compares the voice vector to a baseline vector corresponding to a predetermined combination of features and sends a notification to an agent device with an indication of whether the user device is verified.

公开(公告)号：US20210203690A1

公开(公告)日：2021-07-01

申请号：US16729210

申请日：2019-12-27

申请人： PayPal, Inc.

发明人： Eric Nunes ,  Kevin Tyers ,  Meethil Vijay Yadav ,  Nicholas Bailey ,  Todd Clausen ,  Nathan Pratt ,  Bradley Wardman

IPC分类号： H04L29/06 ,  G06N20/00

摘要： A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.

公开(公告)号：US20230336589A1

公开(公告)日：2023-10-19

申请号：US18138115

申请日：2023-04-23

申请人： PayPal, Inc.

发明人： Meethil Vijay Yadav ,  Eric Nunes

IPC分类号： H04L9/40 ,  G06F16/955 ,  G06N20/00

CPC分类号： H04L63/1483 ,  G06F16/955 ,  H04L63/1416 ,  G06N20/00

摘要： Techniques are disclosed relating to generating trained machine learning modules to identify whether user interfaces accessed by a computing device match user interfaces associated with a set of Internet domain names. A server computer system receives a set of Internet domain names and generates screenshots for user interfaces associated with the set of Internet domain names. The server computer system then trains machine learning modules that are customized for the set of Internet domain names using the screenshots. The server then transmits the machine learning modules to the computing device, where the machine learning modules are usable by an application executing on the computing device to identify whether a user interface accessed by the device matches a user interface associated with the set of Internet domain names. Such techniques may advantageously allow servers to identify whether user interfaces are suspicious without introducing latency and increased page load times.

公开(公告)号：US11700250B2

公开(公告)日：2023-07-11

申请号：US17070755

申请日：2020-10-14

申请人： PAYPAL, INC.

发明人： Raoul Johnson ,  Meethil Vijay Yadav ,  Michael Weideman ,  Eric Nunes

IPC分类号： H04L9/40 ,  G10L17/08 ,  G10L25/72 ,  G10L17/26 ,  G06N20/00

CPC分类号： H04L63/0861 ,  G06N20/00 ,  G10L17/08 ,  G10L17/26 ,  G10L25/72 ,  H04L63/18

摘要： There are provided systems and methods for a voice vector framework that authenticates user interactions. A service provider server receives user interaction data having audio data that is associated with an interaction between a user device and the service provider server. The server extracts user attributes from the audio data and obtains user account information associated with the user device. The server selects a classifier that corresponds to a select combination of features based on the user account information and applies the classifier to the user attributes. The server generates a voice vector that includes multiple scores indicating likelihoods that a respective user attribute corresponds to an attribute of the select combination of features. The server compares the voice vector to a baseline vector corresponding to a predetermined combination of features and sends a notification to an agent device with an indication of whether the user device is verified.

公开(公告)号：US20210203691A1

公开(公告)日：2021-07-01

申请号：US16729252

申请日：2019-12-27

申请人： PayPal, Inc.

发明人： Nathan Pratt ,  Bradley Wardman ,  Kevin Tyers ,  Eric Nunes ,  Meethil Vijay Yadav ,  Todd Clausen ,  Nicholas Bailey

IPC分类号： H04L29/06

摘要： A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.

公开(公告)号：US12021894B2

公开(公告)日：2024-06-25

申请号：US16729295

申请日：2019-12-27

申请人： PayPal, Inc.

发明人： Todd Clausen ,  Kevin Tyers ,  Nicholas Bailey ,  Eric Nunes ,  Meethil Vijay Yadav ,  Bradley Wardman ,  Nathan Pratt

IPC分类号： H04L9/40

CPC分类号： H04L63/1483 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/168

摘要： A method for phishing detection based on modeling of web page content is discussed. The method includes accessing suspect web page content of a suspect Uniform Resource Locator (URL). The method includes generating an exemplary model based on an exemplary configuration for an indicated domain associated with the suspect URL, where the exemplary model indicates structure and characteristics of an example web page of the indicated domain. The method includes generating a suspect web page model that indicates structure and characteristics of the suspect web page content. The method includes performing scoring functions for the potential phishing web page content based on the suspect web page model, where some of the scoring functions use the exemplary model to perform analysis to generate respective results. The method includes generating a web page content phishing score based on results from the scoring functions.

公开(公告)号：US11637863B2

公开(公告)日：2023-04-25

申请号：US16839553

申请日：2020-04-03

申请人： PayPal, Inc.

发明人： Meethil Vijay Yadav ,  Eric Nunes

IPC分类号： H04L9/40 ,  G06F16/955 ,  G06N20/00

摘要： Techniques are disclosed relating to generating trained machine learning modules to identify whether user interfaces accessed by a computing device match user interfaces associated with a set of Internet domain names. A server computer system receives a set of Internet domain names and generates screenshots for user interfaces associated with the set of Internet domain names. The server computer system then trains machine learning modules that are customized for the set of Internet domain names using the screenshots. The server then transmits the machine learning modules to the computing device, where the machine learning modules are usable by an application executing on the computing device to identify whether a user interface accessed by the device matches a user interface associated with the set of Internet domain names. Such techniques may advantageously allow servers to identify whether user interfaces are suspicious without introducing latency and increased page load times.

公开(公告)号：US11381598B2

公开(公告)日：2022-07-05

申请号：US16729210

申请日：2019-12-27

申请人： PayPal, Inc.

发明人： Eric Nunes ,  Kevin Tyers ,  Meethil Vijay Yadav ,  Nicholas Bailey ,  Todd Clausen ,  Nathan Pratt ,  Bradley Wardman

IPC分类号： H04L9/40 ,  G06N20/00

摘要： A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.

公开(公告)号：US11070554B2

公开(公告)日：2021-07-20

申请号：US15966911

申请日：2018-04-30

申请人： PayPal, Inc.

发明人： Nathan Robert Pratt ,  Bradley Wardman ,  Meethil Vijay Yadav ,  Nicole Harris

IPC分类号： H04L29/06 ,  G06F16/955

摘要： A computer system determines that authentication information has been requested from a user device by a requesting device. In response to determining that authentication information has been requested by the requesting device, the computer system identifies information corresponding to the requesting device and determines if one or more risk indications correspond to the identified information corresponding to the requesting device. In response to determining that one or more risk indications correspond to the identified information corresponding to the requesting device, the computer system implements one or more security measures.

公开(公告)号：US20210203693A1

公开(公告)日：2021-07-01

申请号：US16729295

申请日：2019-12-27

申请人： PayPal, Inc.

发明人： Todd Clausen ,  Kevin Tyers ,  Nicholas Bailey ,  Eric Nunes ,  Meethil Vijay Yadav ,  Bradley Wardman ,  Nathan Pratt

IPC分类号： H04L29/06

摘要： A method for phishing detection based on modeling of web page content is discussed. The method includes accessing suspect web page content of a suspect Uniform Resource Locator (URL). The method includes generating an exemplary model based on an exemplary configuration for an indicated domain associated with the suspect URL, where the exemplary model indicates structure and characteristics of an example web page of the indicated domain. The method includes generating a suspect web page model that indicates structure and characteristics of the suspect web page content. The method includes performing scoring functions for the potential phishing web page content based on the suspect web page model, where some of the scoring functions use the exemplary model to perform analysis to generate respective results. The method includes generating a web page content phishing score based on results from the scoring functions.