Secure multiple-party communication and data orchestration

US 10,387,641 B2
Filed: 06/12/2017
Issued: 08/20/2019
Est. Priority Date: 06/12/2017
Status: Active Grant

First Claim

Patent Images

1. A method of providing asynchronous and restricted access to confidential content transmitted from a secure storage location to an applicant device that accesses the confidential content over an unsecure computer network, the method comprising:

using a first applicant device, initiating a secure connection to a data orchestration system;

after establishing the secure connection, using the first applicant device, receiving and transmitting a first set of confidential content to the data orchestration system wherein, the first set of confidential content includes a destination address of a second applicant device;

based on the first set of confidential content received from the first applicant device, generating a first filtering scheme for the first applicant device and a second filtering scheme for the second applicant device;

using the data orchestration system, initiating unsecure communication over the unsecure network with the second applicant device at the destination address provided by the first applicant device;

coordinating secure and asynchronous access via the second applicant device to the data orchestration system;

based on coordinating secure and asynchronous access to the data orchestration system, receiving a second set of confidential content from the second applicant device;

deploying a third filtering scheme to coordinate asynchronous access, via the first applicant device, to a third set of confidential content that includes the first set of confidential content and a subset of the second set of confidential content; and

deploying a fourth filtering scheme to coordinate secure asynchronous access, via the second applicant device, to a fourth set of confidential content that includes the second set of confidential content and a subset of the first set of confidential content;

wherein;

the first applicant device is associated with a primary applicant;

the second applicant device is associated with a co-applicant; and

the primary applicant is not the co-applicant.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods may enable a primary to add a co-applicant via phone number to initiate a three-way communication. The primary applicant and the co-applicant can submit their confidential content along with other inputs from their own device after biometric authentication. Consent to submit a final application can be taken separately from each applicant through biometric capabilities on their own personal devices. A chat-bot may orchestrate and collect information for application fulfillment in parallel from both the applicants. Confidential content of one applicant, such as a social security number, may be kept hidden from disclosure to a co-applicant. Interaction among applicants may be across one or more communication channels.

11 Citations

16 Claims

1. A method of providing asynchronous and restricted access to confidential content transmitted from a secure storage location to an applicant device that accesses the confidential content over an unsecure computer network, the method comprising:
- using a first applicant device, initiating a secure connection to a data orchestration system;
  
  after establishing the secure connection, using the first applicant device, receiving and transmitting a first set of confidential content to the data orchestration system wherein, the first set of confidential content includes a destination address of a second applicant device;
  
  based on the first set of confidential content received from the first applicant device, generating a first filtering scheme for the first applicant device and a second filtering scheme for the second applicant device;
  
  using the data orchestration system, initiating unsecure communication over the unsecure network with the second applicant device at the destination address provided by the first applicant device;
  
  coordinating secure and asynchronous access via the second applicant device to the data orchestration system;
  
  based on coordinating secure and asynchronous access to the data orchestration system, receiving a second set of confidential content from the second applicant device;
  
  deploying a third filtering scheme to coordinate asynchronous access, via the first applicant device, to a third set of confidential content that includes the first set of confidential content and a subset of the second set of confidential content; and
  
  deploying a fourth filtering scheme to coordinate secure asynchronous access, via the second applicant device, to a fourth set of confidential content that includes the second set of confidential content and a subset of the first set of confidential content;
  
  wherein;
  
  the first applicant device is associated with a primary applicant;
  
  the second applicant device is associated with a co-applicant; and
  
  the primary applicant is not the co-applicant.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, the method further comprising:
    - authenticating the second applicant device during communication with the data orchestration system using the second filtering scheme; and
      
      using the fourth filtering scheme, the data orchestration system asynchronously securely communicates with the second applicant device.
  - 3. The method of claim 1 wherein application of the third filtering scheme provides the first applicant device:
    - access to all information associated with the first set of confidential content; and
      
      access to the subset of the second set of confidential content in parallel with the second applicant device.
  - 4. The method of claim 1 wherein application of the fourth filtering scheme provides the second applicant device:
    - access to all information associated with the second set of confidential content; and
      
      access to the subset of the first set of confidential content in parallel with the first applicant device.
  - 5. The method of claim 1 further comprising creating the fourth filtering scheme based on receiving authenticating biometric information from the second applicant device.
  - 6. The method of claim 1 further comprising:
    - using a first communication channel for secure and asynchronous communication between the data orchestration system and the first applicant device; and
      
      using a second communication channel for secure and asynchronous communication between the data orchestration system and the second applicant device.
  - 7. The method of claim 6 wherein the first communication channel is selected from among the group consisting of:
    - an interactive voice channel;
      
      a text-based channel; and
      
      a video chat channel.

8. A system architecture for providing asynchronous and restricted access to confidential content transmitted from a secure storage location to an applicant device that requests the confidential content over an unsecure computer network, the system architecture comprising:
- a data orchestration system;
  
  a first applicant device that initiates a secure connection to the data orchestration system; and
  
  a second applicant device that is invited to access the data orchestration system by the first applicant device;
  
  wherein, in operation;
  
  after establishing the secure connection, the first applicant device receives and transmits a first set of confidential content to the data orchestration system and the first set of confidential content includes a destination address of the second applicant device;
  
  based on the first set of confidential content received from the first applicant device, the data orchestration system associates a first filtering scheme with the first applicant device, the first filtering scheme, when applied to the first applicant device by the data orchestration system, coordinates asynchronous access to the first set of confidential content;
  
  the data orchestration system initiates an unsecure communication over the unsecure network with the second applicant device, the unsecure communication comprising transmitting to the second device computer executable instructions for initiating a secure connection from the second device to the data orchestration system;
  
  in response to receiving a request, from the second applicant device to initiate the secure connection, the data orchestration system applies a second filtering scheme to the second applicant device, the second filtering scheme, when applied to the second applicant device by the data orchestration system, accepts a second set of confidential content from the second applicant device and coordinates asynchronous access to the second set of confidential content; and
  
  based on applying the first and second filtering schemes, the data orchestration system receives the first and second sets of confidential content in parallel from each of the first applicant and second applicant devices;
  
  wherein;
  
  the first applicant device is associated with a primary applicant;
  
  the second applicant device is associated with a co-applicant; and
  
  the primary applicant is not the co-applicant.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The system architecture of claim 8 wherein receiving confidential information in parallel via asynchronous access prevents the data orchestration system from timing out while communicating with the first applicant and second applicant devices.
  - 10. The system architecture of claim 8 wherein the second filtering scheme filters the first set of confidential content received from the first applicant device and provides the second applicant device asynchronous access to a subset of the first set of confidential content.
  - 11. The system architecture of claim 8 wherein the first filtering scheme filters the second set of confidential content received from the second applicant device and provides the first applicant device asynchronous access to a subset of the second set of confidential content.
  - 12. The system architecture of claim 8, wherein the second filtering scheme denies the second applicant device access to the first set of confidential content received from the first applicant device.
  - 13. The system architecture of claim 8, wherein:
    - the first applicant device communicates with the data orchestration system using a first communication channel; and
      
      the second applicant device communicates with the data orchestration system using a second communication channel.
  - 14. The system architecture of claim 13 wherein:
    - the first communication channel is a text based input channel; and
      
      the second communication is a voice based input channel.
  - 15. The system architecture of claim 10, wherein the subset of the confidential content received from the first applicant device is a first subset:
    - the data orchestration system, when applying the second filtering scheme, authenticates the second applicant device; and
      
      in response to authenticating the second applicant device, the data orchestration system applies a third filtering scheme to the second applicant device, the third filtering scheme provides access to a second subset of the confidential content received from the first applicant device;
16. The system architecture of claim 8, wherein the second filtering scheme terminates access of the second applicant device to the data orchestration system when the destination address provided by the first applicant device does not match corresponding data stored on the second applicant device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Chandrasekaran, Vignesh, Mishra, Amit, Lamba, Anupreet Kaur, Malviya, Yugal
Primary Examiner(s)
Alunkal, Thomas D

Application Number

US15/619,712
Publication Number

US 20180357410A1
Time in Patent Office

799 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/445   by mutual authentication, e...

G06F 21/6245   Protecting personal data, e...

H04L 63/0861   using biometrical features,...

H04L 63/0869   for achieving mutual authen...

H04L 63/104   Grouping of entities

Secure multiple-party communication and data orchestration

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

11 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Secure multiple-party communication and data orchestration

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links