System for assessing network authentication requirements based on situational instance

US 10,015,156 B2
Filed: 08/11/2017
Issued: 07/03/2018
Est. Priority Date: 01/04/2016
Status: Active Grant

First Claim

Patent Images

1. A system for assessing network authentication requirements based on situational instance, wherein the system provides a dynamic platform for determining authentication requirements in real-time, the system comprising:

at least one memory device;

at least one communication device connected to a distributed network;

at least one processing device communicatively coupled to the at least one memory device; and

a module stored in the at least one memory device comprising executable instructions that when executed by the at least one processing device, cause the at least one processing device to;

establish a communication link with a mobile device associated with a user;

receive, from the mobile device, a request to execute a user activity, wherein the user activity requires validation of one or more authentication credentials;

monitor user network connections, user location, and user applications associated with the mobile device;

retrieve, via the communication link, application information from the mobile device;

determine one or more applications associated with the mobile device, wherein the one or more applications comprise applications stored on the mobile device, applications that are currently active and/or applications that are not currently active;

extract activity data regarding historical exposure events, wherein the activity data is received from a plurality of users associated with the historical exposure events;

compare the user network connections, the user location and the user applications with the activity data;

escalate, in real-time, a level of authentication required for the user to execute the user activity based on determining that at least one of the one or more applications is associated with the historical exposure event;

present the escalated authentication requirement to the user via the mobile device;

lock a display of the mobile device until (i) the user network connections, the user location and the user applications are not associated with the historical exposure event or (ii) a positive authentication response is received; and

enable the user to execute the user activity based on receiving the positive authentication response.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to a system, method, or computer program product for assessing network authentication requirements based on situational instance. In this regard, the invention dynamically determines specific user authentication requirements for accessing a service or executing an activity based on the determining the user'"'"'s network connections, geographic location, and applications, in real-time. The invention provides a novel method for employing activity data provided by a plurality of users associated with historical activity information to vary the authentication requirements dynamically. Another aspect of the invention is directed to constructing geographic maps with predefined physical areas and overlaying graphical representations of activity data on the maps, in real-time.

66 Citations

View as Search Results

20 Claims

1. A system for assessing network authentication requirements based on situational instance, wherein the system provides a dynamic platform for determining authentication requirements in real-time, the system comprising:
- at least one memory device;
  
  at least one communication device connected to a distributed network;
  
  at least one processing device communicatively coupled to the at least one memory device; and
  
  a module stored in the at least one memory device comprising executable instructions that when executed by the at least one processing device, cause the at least one processing device to;
  
  establish a communication link with a mobile device associated with a user;
  
  receive, from the mobile device, a request to execute a user activity, wherein the user activity requires validation of one or more authentication credentials;
  
  monitor user network connections, user location, and user applications associated with the mobile device;
  
  retrieve, via the communication link, application information from the mobile device;
  
  determine one or more applications associated with the mobile device, wherein the one or more applications comprise applications stored on the mobile device, applications that are currently active and/or applications that are not currently active;
  
  extract activity data regarding historical exposure events, wherein the activity data is received from a plurality of users associated with the historical exposure events;
  
  compare the user network connections, the user location and the user applications with the activity data;
  
  escalate, in real-time, a level of authentication required for the user to execute the user activity based on determining that at least one of the one or more applications is associated with the historical exposure event;
  
  present the escalated authentication requirement to the user via the mobile device;
  
  lock a display of the mobile device until (i) the user network connections, the user location and the user applications are not associated with the historical exposure event or (ii) a positive authentication response is received; and
  
  enable the user to execute the user activity based on receiving the positive authentication response.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the module further comprises instructions that cause the at least one processing device to:
    - determine whether current user security features meet the escalated authentication requirement for the user activity;
      
      determine one or more types of new security features that meet the escalated authentication requirement; and
      
      enable the user to modify the current user security features based on the determined new security features.
  - 3. The system of claim 1, wherein the module further comprises instructions that cause the at least one processing device to:
    - establish communication links with a plurality of secondary user devices associated with a plurality of secondary users;
      
      receive, via the communication links with the plurality of secondary user devices, activity data associated with a plurality of historical exposure events;
      
      determine, for each historical exposure event of the plurality of historical exposure events, an event geographic area;
      
      construct a dynamic exposure map for display on the mobile device, the map comprising geographic areas associated with the historical exposure events;
      
      overlay, for each historical exposure event, a physical graphical element on the dynamic exposure map proximate to the event geographic area;
      
      modify, in real-time, one or more display attributes associated with the physical graphical element based on the activity data; and
      
      initiate a presentation of the dynamic exposure map on a display associated with the mobile device.
  - 4. The system of claim 3, wherein modifying the one or more display attributes further comprises, for each physical graphical element, modifying the physical graphical element based on a frequency of historical exposure events at the event geographic area associated with the physical graphical element, based on a type of exposure event at the event geographic area associated with the physical graphical element and/or based on a number of exposure events in a predetermined period of time preceding the current time at the event geographic area associated with the physical graphical element.
  - 5. The system of claim 3, wherein the module further comprises instructions that cause the at least one processing device to:
    - determine that the user is currently proximate to the event geographic area associated with the historical exposure event;
      
      initiate a presentation of the dynamic exposure map on the mobile device, wherein the dynamic exposure map comprises an overlay of the physical graphical element associated with the historical exposure event; and
      
      modify one or more display attributes associated with the physical graphical element.

6. A method for assessing network authentication requirements based on situational instance, whereby the system provides a dynamic platform for determining authentication requirements in real-time, comprising:
- establishing, by a computing device, a communication link with a mobile device associated with a user;
  
  receiving, by a computing device, from the mobile device, a request to execute a user activity, wherein the user activity requires validation of one or more authentication credentials;
  
  monitoring, by a computing device, user network connections, user location, and user applications associated with the mobile device during the user activity;
  
  retrieving, by a computing device, via the communication link, application information from the mobile device;
  
  determining by a computing device, one or more applications associated with the mobile device, wherein the one or more applications comprise applications stored on the mobile device, applications that are currently active and/or applications that are not currently active;
  
  extracting, by a computing device, activity data regarding historical exposure events, wherein the activity data is received from a plurality of users associated with the historical exposure events;
  
  comparing, by a computing device, the user network connections, the user location and the user applications with the activity data;
  
  escalating, by a computing device, in real-time, a level of authentication required for the user to execute the user activity based on determining that at least one of the one or more applications is associated with the historical exposure event;
  
  presenting by a computing device, the escalated authentication requirement to the user via the mobile device;
  
  locking a display of the mobile device, by a computing device, until (i) the user network connections, the user location and the user applications are not associated with the historical exposure event or (ii) a positive authentication response is received; and
  
  enabling, by a computing device, the user to execute the user activity based on receiving the positive authentication response.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the method further comprises:
    - determining, by a computing device, whether current user security features meet the escalated authentication requirement for the user activity;
      
      determining, by a computing device, one or more types of new security features that meet the escalated authentication requirement; and
      
      enabling, by a computing device, the user to modify the current user security features based on the determined new security features.
  - 8. The method of claim 6, wherein the method further comprises:
    - establishing, by a computing device, communication links with a plurality of secondary user devices associated with a plurality of secondary users;
      
      receiving, by a computing device, via the communication links, activity data associated with a plurality of historical exposure events;
      
      determining, by a computing device, for each historical exposure event of the plurality of historical exposure events, an event geographic area;
      
      constructing, by a computing device, a dynamic exposure map for display on the mobile device, the map comprising geographic areas associated with the historical exposure events;
      
      overlaying, by a computing device, for each historical exposure event, a physical graphical element on the dynamic exposure map proximate to the event geographic area;
      
      modifying, by a computing device, in real-time, one or more display attributes associated with the physical graphical element based on the activity data; and
      
      initiating, by a computing device, a presentation of the dynamic exposure map on a display associated with the mobile device.
  - 9. The method of claim 8, wherein modifying the one or more display attributes further comprises, for each physical graphical element, modifying the physical graphical element based on a frequency of historical exposure events at the event geographic area associated with the physical graphical element, based on a type of exposure event at the event geographic area associated with the physical graphical element and/or based on a number of exposure events in a predetermined period of time preceding the current time at the event geographic area associated with the physical graphical element.
  - 10. The method of claim 8, wherein the method further comprises:
    - determining, by a computing device, that the user is currently proximate to the event geographic area associated with the historical exposure event;
      
      initiating, by a computing device, a presentation of the dynamic exposure map on the mobile device, wherein the dynamic exposure map comprises an overlay of the physical graphical element associated with the historical exposure event; and
      
      modifying, by a computing device, one or more display attributes associated with the physical graphical element.

11. A system for assessing network authentication requirements based on situational instance, wherein the system provides a dynamic platform for determining authentication requirements in real-time, the system comprising:
- at least one memory device;
  
  at least one communication device connected to a distributed network;
  
  at least one processing device communicatively coupled to the at least one memory device; and
  
  a module stored in the at least one memory device comprising executable instructions that when executed by the at least one processing device, cause the at least one processing device to;
  
  establish a communication link with a mobile device associated with a user;
  
  receive, from the mobile device, a request to execute a user activity, wherein the user activity requires validation of one or more authentication credentials;
  
  monitor user network connections, user location, and user applications associated with the mobile device;
  
  extract activity data regarding historical exposure events, wherein the activity data is received from a plurality of users associated with the historical exposure events, wherein extracting activity data regarding historical exposure events further comprises;
  
  establishing communication links with a plurality of secondary user devices associated with a plurality of secondary users;
  
  receiving, via the communication links with the plurality of secondary user devices, activity data associated with a plurality of historical exposure events;
  
  determining, for each historical exposure event of the plurality of historical exposure events, an event geographic area;
  
  constructing a dynamic exposure map for display on the mobile device, the map comprising geographic areas associated with the historical exposure events;
  
  overlaying, for each historical exposure event, a physical graphical element on the dynamic exposure map proximate to the event geographic area;
  
  modifying, in real-time, for each physical graphical element, one or more display attributes associated with the physical graphical element (i) based on a frequency of historical exposure events at the event geographic area associated with the physical graphical element, (ii) based on a type of exposure event at the event geographic area associated with the physical graphical element and/or (iii) based on a number of exposure events in a predetermined period of time preceding the current time at the event geographic area associated with the physical graphical element; and
  
  initiating a presentation of the dynamic exposure map on a display associated with the mobile device;
  
  compare the user network connections, the user location and the user applications with the activity data;
  
  escalate, in real-time, a level of authentication required for the user to execute the user activity based on determining that (i) the user network connections, (ii) the user location, and/or (iii) the user applications are associated with a historical exposure event;
  
  present the escalated authentication requirement to the user via the mobile device; and
  
  enable the user to execute the user activity based on receiving a positive authentication response.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system of claim 11, wherein the module further comprises instructions that cause the at least one processing device to:
    - determine device information associated with the mobile device;
      
      identify at least one local network associated with the mobile device based on the device information, wherein the mobile device is in communication with the at least one local network during the user activity;
      
      determine one or more local devices in communication with the at least one local network; and
      
      escalate the level of authentication required for the user activity based on determining that the at least one local network and/or the one or more local devices are associated with the historical exposure event.
  - 13. The system of claim 11, wherein the module further comprises instructions that cause the at least one processing device to:
    - retrieve, via the communication link with the mobile device, application information from the mobile device;
      
      determine one or more applications associated with the mobile device, wherein the one or more applications comprise applications stored on the mobile device, applications that are currently active and/or applications that are not currently active; and
      
      escalate the level of authentication required for the user activity based on determining that at least one of the one or more applications is associated with the historical exposure event.
  - 14. The system of claim 11, wherein the module further comprises instructions that cause the at least one processing device to lock a display of the mobile device until (i) the user network connections, the user location and the user applications are not associated with the historical exposure event or (ii) the positive authentication response is received.
  - 15. The system of claim 11, wherein the module further comprises instructions that cause the at least one processing device to:
    - determine whether current user security features meet the escalated authentication requirement for the user activity;
      
      determine one or more types of new security features that meet the escalated authentication requirement; and
      
      enable the user to modify the current user security features based on the determined new security features.
  - 16. The system of claim 11, wherein the module further comprises instructions that cause the at least one processing device to:
    - determine that the user is currently proximate to the event geographic area associated with the historical exposure event;
      
      initiate a presentation of the dynamic exposure map on the mobile device, wherein the dynamic exposure map comprises an overlay of the physical graphical element associated with the historical exposure event; and
      
      modify one or more display attributes associated with the physical graphical element.

17. A method for assessing network authentication requirements based on situational instance, whereby the system provides a dynamic platform for determining authentication requirements in real-time, comprising:
- establishing, by a computing device, a communication link with a mobile device associated with a user;
  
  receiving, by a computing device, from the mobile device, a request to execute a user activity, wherein the user activity requires validation of one or more authentication credentials;
  
  monitoring, by a computing device, user network connections, user location, and user applications associated with the mobile device during the user activity;
  
  extracting, by a computing device, activity data regarding historical exposure events, wherein the activity data is received from a plurality of users associated with the historical exposure events, wherein extracting activity data regarding historical exposure events further comprises;
  
  establishing, by a computing device, communication links with a plurality of secondary user devices associated with a plurality of secondary users;
  
  receiving, by a computing device, via the communication links with the plurality of secondary user devices, activity data associated with a plurality of historical exposure events;
  
  determining, by a computing device, for each historical exposure event of the plurality of historical exposure events, an event geographic area;
  
  constructing, by a computing device, a dynamic exposure map for display on the mobile device, the map comprising geographic areas associated with the historical exposure events;
  
  overlaying, by a computing device, for each historical exposure event, a physical graphical element on the dynamic exposure map proximate to the event geographic area;
  
  modifying, by a computing device, in real-time, for each physical graphical element, one or more display attributes associated with the physical graphical element (i) based on a frequency of historical exposure events at the event geographic area associated with the physical graphical element, (ii) based on a type of exposure event at the event geographic area associated with the physical graphical element and/or (iii) based on a number of exposure events in a predetermined period of time preceding the current time at the event geographic area associated with the physical graphical element; and
  
  initiating, by a computing device, a presentation of the dynamic exposure map on a display associated with the mobile device;
  
  comparing, by a computing device, the user network connections, the user location and the user applications with the activity data;
  
  escalating, by a computing device, in real-time, a level of authentication required for the user to execute the user activity based on determining that (i) the user network connections, (ii) the user location, and/or (iii) the user applications are associated with a historical exposure event;
  
  presenting by a computing device, the escalated authentication requirement to the user via the mobile device; and
  
  enabling by a computing device, the user to execute the user activity based on receiving a positive authentication response.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising:
    - determining, by a computing device, device information associated with the mobile device;
      
      identifying, by a computing device, at least one local network associated with the mobile device based on the device information, wherein the mobile device is in communication with the at least one local network during the user activity;
      
      determining, by a computing device, one or more local devices in communication with the at least one local network; and
      
      escalating, by a computing device, the level of authentication required for the user activity based on determining that the at least one local network and/or the one or more local devices are associated with the historical exposure event.
  - 19. The method of claim 17, further comprising:
    - retrieving, by a computing device, via the communication link with the mobile device, application information from the mobile device;
      
      determining, by a computing device, one or more applications associated with the mobile device, wherein the one or more applications comprise applications stored on the mobile device, applications that are currently active and/or applications that are not currently active; and
      
      escalating, by a computing device, the level of authentication required for the user activity based on determining that at least one of the one or more applications is associated with the historical exposure event.
  - 20. The method of claim 17, wherein the method further comprises locking a display of the mobile device until (i) the user network connections, the user location and the user applications are not associated with the historical exposure event or (ii) the positive authentication response is received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Jones-McFadden, Alicia C., Johansen, Joseph Neil
Primary Examiner(s)
Holder, Bradley

Application Number

US15/675,146
Publication Number

US 20170359328A1
Time in Patent Office

326 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04W 12/06   Authentication

H04W 12/61   Time-dependent

H04W 12/67   Risk-dependent, e.g. select...

System for assessing network authentication requirements based on situational instance

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System for assessing network authentication requirements based on situational instance

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links