Multi-stage authentication of an electronic communication
First Claim
Patent Images
1. A method for authenticating electronic communications, the method comprising:
- generating a whitelist database in association with at least one account of at least one recipient, the whitelist database including at least one identifying reference to a whitelist correspondent, the generating of the whitelist database including;
receiving from the whitelist correspondent registration data comprising;
identification of a first penalty;
an authorization to impose the first penalty; and
identifying information; and
in response to the receiving the registration data, cataloging into the whitelist database, and in association with the identifying reference, identification data associated with;
a whitelist correspondent device associated with the whitelist correspondent; and
a whitelist correspondent address associated with the whitelist correspondent;
generating a blacklist database in association with the account, the blacklist database including at least one blacklist correspondent address, the generating of the blacklist database including;
identifying a property of the blacklist correspondent address, the property indicating that a communication originating from the blacklist correspondent address is unsolicited and malicious; and
in response to the identifying, cataloging identification data associated with the blacklist correspondent address into the blacklist database;
receiving an electronic communication submitted by a sender for delivery to the recipient;
analyzing the content of the electronic communication for presence of identification data;
upon determination that the electronic communication includes a minimum threshold of the identification data cataloged in the whitelist database, delivering the communication to the recipient;
upon determination that the communication includes the identification data cataloged in the blacklist database, blocking delivery of the communication; and
upon determination that the communication lacks the identification data cataloged in the blacklist database, and further lacks the minimum threshold;
prompting the sender to submit supplementary data, the supplementary data comprising;
identification of a second penalty;
an authorization to impose the second penalty; and
additional identifying information; and
delivering the communication to the recipient only after;
receipt of the second penality; and
determining correspondence of the additional identifying information to the identification data associated with a whitelist correspondent;
wherein the second penalty is selected from a plural itv of second penalties based at least in part on frequency of electronic communications from the sender to the recipient.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods and apparatus for authenticating and verifying an electronic communication are provided. Systems, apparatus and methods determine which emails pose a threat and which are benign. Systems, apparatus and methods filter malicious emails from non-malicious emails. Systems, apparatus and methods prevent receipt of bulk unsolicited and/or otherwise undesirable communications. Systems, apparatus and methods authenticate an identity of a sender of an electronic communication. Systems, methods and apparatus may involve biometric authentication.
23 Citations
9 Claims
-
1. A method for authenticating electronic communications, the method comprising:
-
generating a whitelist database in association with at least one account of at least one recipient, the whitelist database including at least one identifying reference to a whitelist correspondent, the generating of the whitelist database including; receiving from the whitelist correspondent registration data comprising; identification of a first penalty; an authorization to impose the first penalty; and identifying information; and in response to the receiving the registration data, cataloging into the whitelist database, and in association with the identifying reference, identification data associated with; a whitelist correspondent device associated with the whitelist correspondent; and a whitelist correspondent address associated with the whitelist correspondent; generating a blacklist database in association with the account, the blacklist database including at least one blacklist correspondent address, the generating of the blacklist database including; identifying a property of the blacklist correspondent address, the property indicating that a communication originating from the blacklist correspondent address is unsolicited and malicious; and in response to the identifying, cataloging identification data associated with the blacklist correspondent address into the blacklist database; receiving an electronic communication submitted by a sender for delivery to the recipient; analyzing the content of the electronic communication for presence of identification data; upon determination that the electronic communication includes a minimum threshold of the identification data cataloged in the whitelist database, delivering the communication to the recipient; upon determination that the communication includes the identification data cataloged in the blacklist database, blocking delivery of the communication; and upon determination that the communication lacks the identification data cataloged in the blacklist database, and further lacks the minimum threshold; prompting the sender to submit supplementary data, the supplementary data comprising; identification of a second penalty; an authorization to impose the second penalty; and additional identifying information; and delivering the communication to the recipient only after; receipt of the second penality; and determining correspondence of the additional identifying information to the identification data associated with a whitelist correspondent; wherein the second penalty is selected from a plural itv of second penalties based at least in part on frequency of electronic communications from the sender to the recipient. - View Dependent Claims (2, 3, 6, 7, 8, 9)
-
-
4. A method for authenticating electronic communications, the method comprising:
-
associating a correspondent address with a first set of identity verification data; presenting a sender with a request for a username; presenting the sender with a request for a second set of identity verification data; upon determination of a pre-established association between the username and the second set of identity verification data, presenting the sender with access to an electronic communication account, the access including features for composing the communication, the electronic communication account configured to collect one or more personal behavioral signatures from the sender at a plurality of distributed time points during composition of the electronic communication; upon initiation of an attempt by the sender to transmit the communication to the recipient, presenting the sender with a request for the first set of identity verification data; and upon presentation by the sender of the first set of identity verification data and confirmation of the collected personal behavioral signatures, transmitting the communication to the recipient. - View Dependent Claims (5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBank of America Corp.
-
Original AssigneeBank of America Corp.
-
InventorsKurian, Manu, Castinado, Joseph
-
Primary Examiner(s)Wright, Bryan F
-
Application NumberUS15/822,460Publication NumberTime in Patent Office939 DaysField of Search726 18, 726 7US Class CurrentCPC Class CodesG06F 21/566 Dynamic detection, i.e. det...H04L 51/212 using filtering or selectiv...H04L 63/08 for authentication of entit...H04L 63/0838 using one-time-passwordsH04L 63/0853 using an additional device,...H04L 63/0861 using biometrical features,...H04L 63/101 Access control lists [ACL]H04L 63/12 Applying verification of th...H04L 63/145 the attack involving the pr...H04M 3/42068 where the identifier is use...
