Patent · US Active

Method of generating and using credentials to detect the source of account takeovers

US11316895B1 · kind B1 · utility

3Cited by

7References

19Claims

0Family size

Assignee

United Services Automobile Association (USAA) · US

Inventors

Jordan Wright · Ann Arbor, US
William Jennings Woodson · San Antonio, US
Justin Gray · San Antonio, US

Key dates

Filing date	Oct 20, 2017
Grant date	Apr 26, 2022
Priority date	—
Expiry date	Nov 3, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/146
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Disclosed herein are systems and methods that may generate so-called “honey credentials” that are transmitted to a “phishing” website, and are then stored into a honey credential database. The honey credentials appear to be valid credentials, but whenever a bad actor attempts to access an enterprise using the honey credentials, security appliances the enterprise may update the records of the honey credential database to include one or more unique identifiers for each bad actor device that attempts to access the enterprise network using the honey credentials. A server may automatically query the honey credential database to identify other accounts that have been accessed by devices that used the honey credentials to access the enterprise. The server may then flag the accounts and restrict their functionality.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.