	US 12,332,981 B2
	Validation of a network operation related to use of a token via token-request-triggered storage of snapshot URL data
Amanda Sneider, New York, NY (US); Allison Fenichel, Brooklyn, NY (US); and Varun Gupta, Brooklyn, NY (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Jul. 5, 2022, as Appl. No. 17/810,774.
Prior Publication US 2024/0012885 A1, Jan. 11, 2024
Int. Cl. G06F 21/31 (2013.01); G06F 16/953 (2019.01); G06F 16/955 (2019.01)

CPC G06F 21/316 (2013.01) [G06F 16/953 (2019.01); G06F 16/955 (2019.01)]

20 Claims

1. A system for using screenshot-derived uniform resource locator (URL) data to perform validation of network operations, the system comprising:

one or more processors and non-transitory, computer-readable media storing instructions that, when executed by the one or more processors, cause operations comprising:

detecting a token request from a user device of a user, wherein the user device is configured to collect user interface screenshots in a buffer at the user device, wherein the buffer is configured to discard collected user interface screenshots after a threshold amount of time, wherein the token request comprises a request for a first entity-restricted token associated with (i) a first entity and (ii) the user;

storing, based on the detection of the token request, first screenshot-derived data in a database in association with the first entity-restricted token, the first screenshot-derived data comprising first screenshot-derived uniform resource locators (URLs) and first timestamps associated with the first screenshot-derived URLs, the first screenshot-derived URLs being extracted from a set of user interface screenshots that was in the buffer at a time of the token request;

after the storage of the first screenshot-derived data, obtaining a description of a temporary authorization for a network operation involving use of the first entity-restricted token; and

in response to a first validation pass using the description of the temporary authorization indicating that the network operation is invalid, performing a second validation pass by:

querying the database for screenshot-derived data that matches (i) the first entity-restricted token and (ii) a time of the temporary authorization;

providing a first indication that the network operation is valid in response to a determination that (i) the query returned the first screenshot-derived data and (ii) at least one URL portion of the first screenshot-derived data matches the first entity associated with the first entity-restricted token; and

providing a second indication that the network operation is invalid in response to the query failing to return matching screenshot-derived data.