Determining access requirements for online accounts based on characteristics of user devices

US 9,942,237 B2
Filed: 08/28/2015
Issued: 04/10/2018
Est. Priority Date: 08/28/2015
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a memory comprising instructions;

an interface;

a processor communicatively coupled to the memory and the interface, the processor configured, when executing the instructions, to;

determine one or more device characteristics of a user device, wherein the one or more device characteristics of the user device comprise;

enabled security features of the user device;

hardware characteristics of the user device, and software characteristics of the user device;

determine, based on the one or more device characteristics of the user device, a security level associated with the user device;

determine credential requirements for accessing an online account based on the security level associated with the user device;

allow access to the online account in response to satisfying the determined credential requirements;

grant full access to information and functions of the online account and bypass user credential requirement when the determined security level associated with the user device is high;

apply partial access to information and functions of the online account and require minimal user credentials when the determined security level associated with the user device is medium; and

allow read-only access to information and functions of the online account and require strong user credentials when the determined security level associated with the user device is low.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment, a system comprises a memory comprising instructions, an interface, and a processor communicatively coupled to the memory and the interface. The processor is configured, when executing the instructions, to determine one or more characteristics of a user device, determine, based on the one or more characteristics of the user device, a risk level associated with the user device, and apply, to the user device, one or more access restrictions for an online account based on the determined risk level.

Citations

17 Claims

1. A system comprising:
- a memory comprising instructions;
  
  an interface;
  
  a processor communicatively coupled to the memory and the interface, the processor configured, when executing the instructions, to;
  
  determine one or more device characteristics of a user device, wherein the one or more device characteristics of the user device comprise;
  
  enabled security features of the user device;
  
  hardware characteristics of the user device, and software characteristics of the user device;
  
  determine, based on the one or more device characteristics of the user device, a security level associated with the user device;
  
  determine credential requirements for accessing an online account based on the security level associated with the user device;
  
  allow access to the online account in response to satisfying the determined credential requirements;
  
  grant full access to information and functions of the online account and bypass user credential requirement when the determined security level associated with the user device is high;
  
  apply partial access to information and functions of the online account and require minimal user credentials when the determined security level associated with the user device is medium; and
  
  allow read-only access to information and functions of the online account and require strong user credentials when the determined security level associated with the user device is low.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the determined credential requirements require at least one of:
    - a username and password combination, a personal identification number, and a biometric.
  - 3. The system of claim 1, wherein the device characteristics include whether the user device supports encryption.
  - 4. The system of claim 1, wherein the interface is configured to provide a notification indicating:
    - the determined risk level, andthe determined credential requirements for accessing the online account.
  - 5. The system of claim 1, wherein the device characteristics include whether the user device is running a current software version.
  - 6. The system of claim 1, wherein the device characteristics include whether the user device is password protected.

7. A method, comprising:
- determining, by a processor, one or more device characteristics of a user device, wherein the one or more device characteristics of the user device comprise;
  
  enabled security features of the user device;
  
  hardware characteristics of the user device, andsoftware characteristics of the user device;
  
  determining, by the processor, based on the one or more device characteristics of the user device, a security level associated with the user device;
  
  determining, by the processor, credential requirements for accessing an online account based on the security level associated with the user device;
  
  allowing, by the processor, access to the online account in response to satisfying the determined credential requirements;
  
  granting full access to information and functions of the online account and bypassing user credential requirement when the determined security level associated with the user device is high;
  
  applying partial access to information and functions of the online account and requiring minimal user credentials when the determined security level associated with the user device is medium; and
  
  allowing read-only access to information and functions of the online account and requiring strong user credentials when the determined security level associated with the user device is low.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the determined credential requirements require at least one of:
    - a username and password combination, a personal identification number, and a biometric.
  - 9. The method of claim 7, wherein the device characteristics include whether the user device supports encryption.
  - 10. The method of claim 7, further comprising providing a notification indicating:
    - the determined risk level, andthe determined credential requirements for accessing the online account.
  - 11. The method of claim 7, wherein the device characteristics include whether the user device is running a current software version.
  - 12. The method of claim 7, wherein the device characteristics include whether the user device is password protected.

13. A computer-readable medium comprising instructions that are configured, when executed by a processor, to:
- determine one or more device characteristics of a user device, wherein the one or more device characteristics of the user device comprises;
  
  enabled security features of the user devices;
  
  hardware characteristics of the user device, andsoftware characteristics of the user device;
  
  determine, based on the one or more device characteristics of the user device, a security level associated with the user device;
  
  determine credential requirements for accessing an online account based on the security level associated with the user device;
  
  allow access to the online account in response to satisfying the determine credential requirements;
  
  grant full access to information and functions of the online account and bypass user credential requirement when the determined security level associated with the user device is high;
  
  apply partial access to information and functions of the online account and require minimal user credentials when the determined security level associated with the user device is medium; and
  
  allow read-only access to information and functions of the online account and require strong user credentials when the determined security level associated with the user device is low.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer-readable medium of claim 13, wherein the determined credential requirements require at least one of:
    - a username and password combination, a personal identification number, and a biometric.
  - 15. The computer-readable medium of claim 13, wherein the device characteristics include whether the user device supports encryption.
  - 16. The computer-readable medium of claim 13, wherein the device characteristics include whether the user device is running a current software version.
  - 17. The computer-readable medium of claim 13, further comprising providing a notification indicating the determined credential requirements for accessing the online account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Belchee, William B., Votaw, Elizabeth S.
Primary Examiner(s)
LE, KHOI V

Application Number

US14/839,165
Publication Number

US 20170063865A1
Time in Patent Office

956 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/102 Entity profiles

Determining access requirements for online accounts based on characteristics of user devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Determining access requirements for online accounts based on characteristics of user devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links