Systems for network risk assessment including processing of user access rights associated with a network of devices
US-2017078322-A1 · Mar 16, 2017 · US
Management of login information affected by a data breach
US11762979B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11762979-B2 |
| Application number | US-202117305459-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 8, 2021 |
| Priority date | Feb 21, 2019 |
| Publication date | Sep 19, 2023 |
| Grant date | Sep 19, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A device determines that a data breach of an application has been reported and determines that an individual has an account with the application based on identifying an association between an application identifier and a username the individual uses to access the application. The device receives, from a user device associated with the individual, password information used to access the application. The device uses the password information and usernames for a group of applications with which the individual has accounts to perform a login procedure for the group of applications to determine that login information for one or more of the applications includes the password information used to access the application affected by the data breach. The device provides, to the user device or another device, a recommendation to change the password information used to access the application and the one or more applications.
First claim
Opening claim text (preview).
What is claimed is: 1. A device, comprising: one or more memories; and one or more processors, coupled to the one or more memories, configured to: determine, using a semantic engine parser to analyze a plurality of emails associated with an email account of a user, a plurality of websites associated with one or more accounts of the user; determine, based on data breach reporting data received by the device, that a data breach associated with a first website, of the plurality of websites, occurred; determine that the user has a first account, of the one or more accounts, associated with the first web site; remove, based on determining that the data breach associated with the first website occurred and based on determining that the user has the first account associated with the first website, at least a portion of first login information associated with the first account from memory; and provide data associated with changing the at least a portion of the first login information. 2. The device of claim 1 , wherein the one or more processors are further configured to: verify the one or more accounts of the user associated with the plurality of websites, wherein the verifying comprises: requesting a login information reset to the plurality of websites; and determining whether a login information reset email is provided to the email account. 3. The device of claim 1 , wherein the one or more processors are further configured to: determine whether one or more second websites, of the plurality of websites, share the at least a portion of the first login information, wherein removing the at least a portion of the first login information from memory is based on determining that the one or more second websites share the at least a portion of the first login information. 4. The device of claim 1 , wherein the one or more processors are further configured to: compare at least one of a first set of properties and first password restrictions of the first website with at least one of a second set of properties and second password restrictions of the plurality of websites; and determine, based on the comparing, to forgo performing a login procedure on a subset of the plurality of websites, wherein the login procedure is used to determine whether one or more second websites share the at least a portion of the first login information. 5. The device of claim 1 , wherein the one or more processors, to determine the plurality of websites associated with the one or more accounts of the user, are configured to: use a data model to predict that the user has a second account, of the one or more accounts, with a third website, of the plurality of websites, wherein the data model is trained on historical data associated with the user. 6. The device of claim 5 , wherein the historical data includes historical transaction data indicating merchants the user has interacted with over a time period. 7. The device of claim 1 , wherein the one or more processors are further configured to: transmit an authorization request to an authorization server; receive, based on transmitting the authorization request, an access token from the authorization server; provide the access token to an email server; and receive, based on the access token, email content associated with the plurality of emails. 8. A method, comprising: determining, by a device and using a semantic engine parser to analyze a plurality of emails associated with an email account of a user, a plurality of websites associated with one or more accounts of the user; determining, by the device and based on data breach reporting data received by the device, that a data breach associated with a first website, of the plurality of websites, occurred; determining, by the device, that the user has a first account, of the one or more accounts, associated with the first website; removing, by the device, based on determining that the data breach associated with the first website occurred, and based on determining that the user has the first account associated with the first website, at least a portion of first login information associated with the first account from memory; and providing, by the device, data associated with changing the at least a portion of the first login information. 9. The method of claim 8 , further comprising: verifying the one or more accounts of the user associated with the plurality of websites, wherein the verifying comprises: requesting a login information reset to the plurality of websites; and determining whether a login information reset email is provided to the email account. 10. The method of claim 8 , further comprising: determining whether one or more second websites, of the plurality of websites, share the at least a portion of the first login information, wherein removing the at least a portion of the first login information from memory is based on determining that the one or more second websites share the at least a portion of the first login information. 11. The method of claim 8 , further comprising: comparing at least one of a first set of properties and first password restrictions of the first website with at least one of a second set of properties and second password restrictions of the plurality of websites; and determining, based on the comparing, to forgo performing a login procedure on a subset of the plurality of websites, wherein the login procedure is used to determine whether one or more second websites share the at least a portion of the first login information. 12. The method of claim 8 , wherein determining the plurality of websites associated with the one or more accounts of the user comprises: using a data model to predict that the user has a second account, of the one or more accounts, with a third website, of the plurality of websites, wherein the data model is trained on historical data associated with the user. 13. The method of claim 12 , wherein the historical data includes historical transaction data indicating merchants the user has interacted with over a time period. 14. The method of claim 8 , further comprising: transmitting an authorization request to an authorization server; receiving, based on transmitting the authorization request, an access token from the authorization server; providing the access token to an email server; and receiving, based on the access token, email content associated with the plurality of emails. 15. A non-transitory computer-readable medium storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: determine, using a semantic engine parser to analyze a plurality of emails associated with an email account of a user, a plurality of websites associated with one or more accounts of the user; determine, based on data breach reporting data received by the device, that a data breach associated with a first website, of the plurality of websites, occurred; determine that the user has a first account, of the one or more accounts, associated with the first web site; remove, based on determining that the data breach associated with the first website occurred and based on determining that the user has the first account associated with the first website, at least a portion of first login information associated with the first account from memory; and provide data associated with changing the at least a portion of the first login information. 16. The non-transitory computer-readable medium of claim 15 , wherein
Assignees
Inventors
Classifications
- G06F21/45Primary
Structures or tools for the administration of authentication · CPC title
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11762979B2 cover?
- A device determines that a data breach of an application has been reported and determines that an individual has an account with the application based on identifying an association between an application identifier and a username the individual uses to access the application. The device receives, from a user device associated with the individual, password information used to access the applicat…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/45. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 19 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).