Passive based security escalation to shut off of application based on rules event triggering

US 9,641,539 B1
Filed: 10/30/2015
Issued: 05/02/2017
Est. Priority Date: 10/30/2015
Status: Active Grant

First Claim

Patent Images

1. A system for passive based security escalation implementation on a mobile device, the system comprising:

a memory device with computer-readable program code stored thereon;

a communication device;

a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to;

extract historical user data associated with a user from one or more external sources;

identify from the historical user data, one or more indications of offline periods of time for the mobile device associated with the user, wherein the identified indications include one or more events that the user is attending at a future time;

generate a security escalation plan for the event;

access and integrate into the mobile device an increase to security requirements for authorizing one or more applications on the mobile device based on a triggering of a time period leading up to the event;

integrate into the mobile device a shutdown of the one or more applications on the mobile device during the offline period of time for the mobile device during the event;

restore functionality of the one or more applications after the offline period of time for the mobile device with an increase to the security requirements for authorizing the one or more applications on the mobile device based on a triggering of a time period after the offline time period associated with the event; and

restore standard security requirements of the one or more applications.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to a system, method, or computer program product for a passive based security escalation to shut off of applications on a mobile device based on rules. As such, the system may identify, via extraction of data, time periods correlating to events that the user may be offline or inactive with respect to his/her mobile device. Once the time periods are identified, rules are created for the level of security escalation required based on the event. Subsequently, a trigger is identified at a time leading up to the event, where the system integrates with the mobile device and requires additional authentication to access one or more applications. Once the offline event starts, the system initiates a shutdown of the functions of one or more applications on the user'"'"'s mobile device. The system then reinstates the application functionality after the offline event has ended.

186 Citations

20 Claims

1. A system for passive based security escalation implementation on a mobile device, the system comprising:
- a memory device with computer-readable program code stored thereon;
  
  a communication device;
  
  a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to;
  
  extract historical user data associated with a user from one or more external sources;
  
  identify from the historical user data, one or more indications of offline periods of time for the mobile device associated with the user, wherein the identified indications include one or more events that the user is attending at a future time;
  
  generate a security escalation plan for the event;
  
  access and integrate into the mobile device an increase to security requirements for authorizing one or more applications on the mobile device based on a triggering of a time period leading up to the event;
  
  integrate into the mobile device a shutdown of the one or more applications on the mobile device during the offline period of time for the mobile device during the event;
  
  restore functionality of the one or more applications after the offline period of time for the mobile device with an increase to the security requirements for authorizing the one or more applications on the mobile device based on a triggering of a time period after the offline time period associated with the event; and
  
  restore standard security requirements of the one or more applications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein integrating into the mobile device the shutdown of the one or more applications on the mobile device further comprises shutting down the functionality of the one or more applications such that external devices cannot activate the one or more applications during the offline period of time.
  - 3. The system of claim 1, wherein the increase security requirements for authorizing one or more applications on the mobile device, further comprises increasing the security requirements to one or more applications that contain financial data and personal data of the user, wherein the increased security requirements include requiring additional authentication to allow access to the one or more applications via the mobile device.
  - 4. The system of claim 1, wherein generating a security escalation plan for the event further comprises generating rules for security level requirements for each event and security level requirements for a time period prior to and after a duration of the event.
  - 5. The system of claim 1, wherein indications of offline periods of time for the mobile device associated with the user further comprise an indication of a purchase of a ticket or pass to the event.
  - 6. The system of claim 5, wherein the event comprises an airplane flight.
  - 7. The system of claim 1, further comprising identifying a duration of the offline period based on a request for the duration from a venue of the event.
  - 8. The system of claim 1, wherein historical user data comprises user transaction data extracted from a financial institution, user social network data extracted from a social networking website, and user account data extracted from one or more merchants.

9. A computer program product for passive based security escalation implementation on a mobile device, the computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code portions embodied therein, the computer-readable program code portions comprising:
- an executable portion configured for extracting historical user data associated with a user from one or more external sources;
  
  an executable portion configured for identifying from the historical user data, one or more indications of offline periods of time for the mobile device associated with the user, wherein the identified indications include one or more events that the user is attending at a future time;
  
  an executable portion configured for generating a security escalation plan for the event;
  
  an executable portion configured for accessing and integrating into the mobile device an increase to security requirements for authorizing one or more applications on the mobile device based on a triggering of a time period leading up to the event;
  
  an executable portion configured for integrating into the mobile device a shutdown of the one or more applications on the mobile device during the offline period of time for the mobile device during the event;
  
  an executable portion configured for restoring functionality of the one or more applications after the offline period of time for the mobile device with an increase to the security requirements for authorizing the one or more applications on the mobile device based on a triggering of a time period after the offline time period associated with the event;
  
  an executable portion configured for restoring standard security requirements of the one or more applications.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer program product of claim 9, wherein integrating into the mobile device the shutdown of the one or more applications on the mobile device further comprises shutting down the functionality of the one or more applications such that external devices cannot activate the one or more applications during the offline period of time.
  - 11. The computer program product of claim 9, wherein the increase security requirements for authorizing one or more applications on the mobile device, further comprises increasing the security requirements to one or more applications that contain financial data and personal data of the user, wherein the increased security requirements include requiring additional authentication to allow access to the one or more applications via the mobile device.
  - 12. The computer program product of claim 9, wherein generating a security escalation plan for the event further comprises generating rules for security level requirements for each event and security level requirements for a time period prior to and after a duration of the event.
  - 13. The computer program product of claim 9, wherein indications of offline periods of time for the mobile device associated with the user further comprise an indication of a purchase of a ticket or pass to the event.
  - 14. The computer program product of claim 13, wherein the event comprises an airplane flight.
  - 15. The computer program product of claim 9, further comprising an executable portion configured for identifying a duration of the offline period based on a request for the duration from a venue of the event.
  - 16. The computer program product of claim 9, wherein historical user data comprises user transaction data extracted from a financial institution, user social network data extracted from a social networking website, and user account data extracted from one or more merchants.

17. A computer-implemented method for passive based security escalation implementation on a mobile device, the method comprising:
- providing a computing system comprising a computer processing device and a non-transitory computer readable medium, where the computer readable medium comprises configured computer program instruction code, such that when said instruction code is operated by said computer processing device, said computer processing device performs the following operations;
  
  extracting historical user data associated with a user from one or more external sources;
  
  identifying from the historical user data, one or more indications of offline periods of time for the mobile device associated with the user, wherein the identified indications include one or more events that the user is attending at a future time;
  
  generating a security escalation plan for the event;
  
  accessing and integrating into the mobile device an increase to security requirements for authorizing one or more applications on the mobile device based on a triggering of a time period leading up to the event;
  
  integrating into the mobile device a shutdown of the one or more applications on the mobile device during the offline period of time for the mobile device during the event;
  
  restoring functionality of the one or more applications after the offline period of time for the mobile device with an increase to the security requirements for authorizing the one or more applications on the mobile device based on a triggering of a time period after the offline time period associated with the event; and
  
  restoring standard security requirements of the one or more applications.
- View Dependent Claims (18, 19, 20)
- - 18. The computer-implemented method of claim 17, wherein integrating into the mobile device the shutdown of the one or more applications on the mobile device further comprises shutting down the functionality of the one or more applications such that external devices cannot activate the one or more applications during the offline period of time.
  - 19. The computer-implemented method of claim 17, wherein the increase security requirements for authorizing one or more applications on the mobile device, further comprises increasing the security requirements to one or more applications that contain financial data and personal data of the user, wherein the increased security requirements include requiring additional authentication to allow access to the one or more applications via the mobile device.
  - 20. The computer-implemented method of claim 17, wherein generating a security escalation plan for the event further comprises generating rules for security level requirements for each event and security level requirements for a time period prior to and after a duration of the event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Votaw, Elizabeth S., Jones-McFadden, Alicia C.
Primary Examiner(s)
Dada, Beemnet

Application Number

US14/928,154
Publication Number

US 20170126693A1
Time in Patent Office

550 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/629   to features or functions of...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

H04W 12/06   Authentication

H04W 12/082   using revocation of authori...

H04W 12/37   Managing security policies ...

H04W 12/61   Time-dependent

H04W 12/67   Risk-dependent, e.g. select...

Passive based security escalation to shut off of application based on rules event triggering

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

186 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Passive based security escalation to shut off of application based on rules event triggering

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

186 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links