Internal footprint repository

US 10,313,344 B2
Filed: 03/30/2017
Issued: 06/04/2019
Est. Priority Date: 03/30/2017
Status: Active Grant

First Claim

Patent Images

1. A computing platform, comprising:

at least one processor;

a communication interface communicatively coupled to the at least one processor; and

memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to;

receive, by the at least one processor, via the communication interface, and from a first user device, metadata comprising first user device identification information and accessed account information;

generate, based on the first user device identification information, one or more commands directing an internal device verification server to determine whether the first user device is one of a plurality of internal devices;

transmit, via the communication interface and to the internal device verification server, the one or more commands to determine whether the first user device is the one of the plurality of internal devices;

receive, via the communication interface and from the internal device verification server, internal device verification information indicating the first user device is the one of the plurality of internal devices;

in response to receiving the internal device verification information, identify, based on the accessed account information, an action indicating the first user device accessed an account;

generate, based on the action and the accessed account information, one or more commands directing an external account authorization server to determine whether the action is authorized;

transmit, via the communication interface and to the external account authorization server, the one or more commands directing the external account authorization server to determine whether the action is authorized;

receive, via the communication interface and from the external account authorization server, information indicating unauthorized use of the account by the first user device;

transmit, via the communication interface and to a case management server, the information indicating unauthorized use of the account by the first user device;

receive, via the communication interface and from the case management server, updated unauthorized use information; and

update unauthorized use criteria information based on the updated unauthorized use information received from the case management server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the disclosure relate to a system to monitor devices for unauthorized access of an external account. A computing platform may receive, via a communication interface, and from a first user device, metadata comprising first user device identification information and accessed account information. The computing platform may determine, based on the first user device identification information, whether the first user device is one of a plurality of internal user devices. The computing platform may identify, based on the accessed account information, an action indicating the first user device is accessing an account. The computing platform may determine, based on the action and the accessed account information, whether the action is authorized. The computing platform may receive information indicating unauthorized use of the account by the first user device. The computing platform may transmit the information indicating unauthorized use of the account by the first user device.

64 Citations

View as Search Results

20 Claims

1. A computing platform, comprising:
- at least one processor;
  
  a communication interface communicatively coupled to the at least one processor; and
  
  memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to;
  
  receive, by the at least one processor, via the communication interface, and from a first user device, metadata comprising first user device identification information and accessed account information;
  
  generate, based on the first user device identification information, one or more commands directing an internal device verification server to determine whether the first user device is one of a plurality of internal devices;
  
  transmit, via the communication interface and to the internal device verification server, the one or more commands to determine whether the first user device is the one of the plurality of internal devices;
  
  receive, via the communication interface and from the internal device verification server, internal device verification information indicating the first user device is the one of the plurality of internal devices;
  
  in response to receiving the internal device verification information, identify, based on the accessed account information, an action indicating the first user device accessed an account;
  
  generate, based on the action and the accessed account information, one or more commands directing an external account authorization server to determine whether the action is authorized;
  
  transmit, via the communication interface and to the external account authorization server, the one or more commands directing the external account authorization server to determine whether the action is authorized;
  
  receive, via the communication interface and from the external account authorization server, information indicating unauthorized use of the account by the first user device;
  
  transmit, via the communication interface and to a case management server, the information indicating unauthorized use of the account by the first user device;
  
  receive, via the communication interface and from the case management server, updated unauthorized use information; and
  
  update unauthorized use criteria information based on the updated unauthorized use information received from the case management server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
    - receive, by the at least one processor, via the communication interface, and from an authorization device, information corresponding to the plurality of internal devices; and
      
      transmit, via the communication interface and to the internal device verification server, the information corresponding to the plurality of internal devices and the first user device identification information.
  - 3. The computing platform of claim 2, wherein generating the one or more commands directing the internal device verification server to determine whether the first user device is the one of the plurality of internal devices comprises:
    - determining, based on a comparison of the first user device identification information with the information corresponding to the plurality of internal devices, the internal device verification information indicating the first user device is the one of the plurality of internal devices; and
      
      transmitting the internal device verification information.
  - 4. The computing platform of claim 3, wherein the first user device identification information comprises mobile cookie information indicating at least one mobile cookie corresponding to the first user device.
  - 5. The computing platform of claim 3, wherein the first user device identification information comprises geolocation information indicating a geolocation corresponding to the first user device.
  - 6. The computing platform of claim 3, wherein the first user device identification information comprises time zone information indicating a time zone corresponding to the first user device.
  - 7. The computing platform of claim 3, wherein the first user device identification information comprises device print information indicating a device print corresponding to the first user device.
  - 8. The computing platform of claim 3, wherein the first user device identification information comprises virtual private network information indicating a virtual private network corresponding to the first user device.
  - 9. The computing platform of claim 3, wherein the first user device identification information comprises internet protocol information indicating an internet protocol corresponding to the first user device.
  - 10. The computing platform of claim 3, wherein the determining, based on the comparison of the first user device identification information with the information corresponding to the plurality of internal devices, the internal device verification information indicating the first user device is the one of the plurality of internal devices comprises:
    - identifying, based on a comparison of the first user device identification information with the information corresponding to the plurality of internal devices, the first user device as a new internal device; and
      
      storing information indicating the first user device as a new internal device.
  - 11. The computing platform of claim 3, wherein the first user device identification information comprises first user identification information;
    - andwherein the information corresponding to the plurality of internal devices comprises information corresponding to associates of an organization.
  - 12. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
    - receive, by the at least one processor, via the communication interface, and from an authorization device, information corresponding to a plurality of external accounts; and
      
      transmit, via the communication interface and to the external account authorization server, the information corresponding to the plurality of external accounts and the accessed account information.
  - 13. The computing platform of claim 12, wherein generating the one or more commands directing the external account authorization server to determine whether the action is authorized comprises:
    - determining, based on the account the first user device is accessing and the information corresponding to the plurality of external accounts, the information indicating unauthorized use of the account by the first user device; and
      
      transmitting the information indicating unauthorized use of the account by the first user device.
  - 14. The computing platform of claim 13, wherein generating the one or more commands directing the external account authorization server to determine whether the action is authorized comprises:
    - determining, based on the account the first user device is accessing and the information corresponding to the plurality of external accounts, an amount of accounts accessed by the first user device over a period of time; and
      
      wherein the determining the information indicating unauthorized use of the account by the first user device is based on the amount of accounts accessed by the first user device over the period of time.
  - 15. The computing platform of claim 13, wherein generating the one or more commands directing the external account authorization server to determine whether the action is authorized comprises:
    - determining, based on the account the first user device is accessing and the information corresponding to the plurality of external accounts, an address corresponding to the first user device and an address corresponding to the account accessed by the first user device; and
      
      wherein the determining the information indicating unauthorized use of the account by the first user device is based on the address corresponding to the first user device and the address corresponding to the account accessed by the first user device.
  - 16. The computing platform of claim 13, wherein the determining the information indicating unauthorized use of the account by the first user device is based on the action indicating the first user device is accessing the account.
  - 17. The computing platform of claim 13, wherein the information corresponding to the plurality of external accounts comprises information corresponding to a plurality of event actions corresponding to the account accessed by the first user device;
    - andwherein the determining the information indicating unauthorized use of account by the first user device is based on the plurality of event actions.
  - 18. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
    - receive, by the at least one processor, via the communication interface, and from a second user device, second metadata comprising second user device identification information and second accessed account information;
      
      generate, based on the second user device identification information, one or more commands directing the internal device verification server to determine whether the second user device is the one of the plurality of internal devices;
      
      transmit, via the communication interface and to the internal device verification server, the one or more commands to determine whether the second user device is the one of the plurality of internal devices;
      
      receive, via the communication interface and from the internal device verification server, second internal device verification information indicating the second user device is the one of the plurality of internal devices;
      
      in response to receiving the second internal device verification information, identify, based on the second accessed account information, a second action indicating the second user device accessed a second account;
      
      generate, based on the second action and the second accessed account information, one or more commands directing the external account authorization server to determine whether the second action is authorized;
      
      transmit, via the communication interface and to the external account authorization server, the one or more commands directing the external account authorization server to determine whether the second action is authorized;
      
      receive, via the communication interface and from the external account authorization server, information indicating unauthorized use of the second account by the second user device; and
      
      transmit, via the communication interface and to the case management server, the information indicating unauthorized access of the second account by the second user device.

19. A method, comprising:
- at a computing platform comprising at least one processor, memory, and a communication interface;
  
  receiving, by the at least one processor, via the communication interface, and from a first user device, metadata comprising first user device identification information and accessed account information;
  
  generating, based on the first user device identification information, one or more commands directing an internal device verification server to determine whether the first user device is one of a plurality of internal devices;
  
  transmitting, via the communication interface and to the internal device verification server, the one or more commands to determine whether the first user device is the one of the plurality of internal devices;
  
  receiving, via the communication interface and from the internal device verification server, internal device verification information indicating the first user device is the one of the plurality of internal devices;
  
  in response to receiving the internal device verification information, identifying, based on the accessed account information, an action indicating the first user device accessed an account;
  
  generating, based on the action and the accessed account information, one or more commands directing an external account authorization server to determine whether the action is authorized;
  
  transmitting, via the communication interface and to the external account authorization server, the one or more commands directing the external account authorization server to determine whether the action is authorized;
  
  receiving, via the communication interface and from the external account authorization server, information indicating unauthorized use of the account by the first user device;
  
  transmitting, via the communication interface and to a case management server, the information indicating unauthorized access of the account by the first user device;
  
  receiving, via the communication interface and from the case management server, updated unauthorized use information; and
  
  updating unauthorized use criteria information based on the updated unauthorized use information received from the case management server.

20. One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising at least one processor, memory, and a communication interface, cause the computing platform to:
- receive, via the communication interface and from a first user device, metadata comprising first user device identification information and accessed account information;
  
  generate, based on the first user device identification information, one or more commands directing an internal device verification server to determine whether the first user device is one of a plurality of internal devices;
  
  transmit, via the communication interface and to the internal device verification server, the one or more commands to determine whether the first user device is the one of the plurality of internal devices;
  
  receive, via the communication interface and from the internal device verification server, internal device verification information indicating the first user device is the one of the plurality of internal devices;
  
  in response to receiving the internal device verification information, identify, based on the accessed account information, an action indicating the first user device accessed an account;
  
  generate, based on the action and the accessed account information, one or more commands directing an external account authorization server to determine whether the action is authorized;
  
  transmit, via the communication interface and to the external account authorization server, the one or more commands directing the external account authorization server to determine whether the action is authorized;
  
  receive, via the communication interface and from the external account authorization server, information indicating unauthorized use of the account by the first user device;
  
  transmit, via the communication interface and to a case management server, the information indicating unauthorized use of the account by the first user device;
  
  receive, via the communication interface and from the case management server, updated unauthorized use information; and
  
  update unauthorized use criteria information based on the updated unauthorized use information received from the case management server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Sims, Scott A., Stapleton, Alex, Kim, Andrew, Bell, Kolt, Scott, Youshika, Zusi, Jeff, Ryan, Nicole, Widmann, Craig, Corr, Brian, Sarran, Alvino
Primary Examiner(s)
Desrosiers, Evans

Application Number

US15/474,225
Publication Number

US 20180288043A1
Time in Patent Office

796 Days
Field of Search

726 7
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0876   based on the identity of th...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/1408   by monitoring network traff...

H04W 12/06   Authentication

Internal footprint repository

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Internal footprint repository

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others