	US 12,081,975 B2
	Intelligent method for SIM-swap fraud detection and prevention
Udaya Kumar Raju Ratnakaram, Hyderabad (IN); and Praveena Maddamsetty, Hyderabad (IN)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Mar. 14, 2022, as Appl. No. 17/654,690.
Application 17/654,690 is a continuation of application No. 16/721,569, filed on Dec. 19, 2019, granted, now 11,317,282.
Prior Publication US 2022/0201478 A1, Jun. 23, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04W 8/20 (2009.01); H04W 12/06 (2021.01); H04W 12/122 (2021.01); H04L 101/654 (2022.01)

CPC H04W 12/06 (2013.01) [H04L 63/0861 (2013.01); H04W 8/20 (2013.01); H04W 12/122 (2021.01); H04L 2101/654 (2022.05)]

16 Claims

1. A system for intelligent authentication of a mobile device user, the system comprising:

a mobile device application (MDA) installed on a mobile device and configured to:

receive mobile device user information from the mobile device user requesting access to an account; and

retrieve a mobile device identification (ID) and an International Mobile Subscriber Identity (IMSI) from the mobile device;

a social intelligence interceptor configured to:

collect mobile device user application information from one or more third-party applications associated with the mobile device; and

generate a mobile device user profile based on the collected mobile device user application information;

a server communicatively coupled to the mobile device, the server comprising:

a memory storing account information including an account identification (ID), user information, a mobile device ID and an IMSI associated with the account ID;

a social intelligence module implemented by one or more hardware processors and configured to:

collect user application information from one or more in-house applications associated with the mobile device ID associated with the account ID; and

generate a user profile based on the user application information collected from the one or more in-house applications; and

an authentication module implemented by the one or more hardware processors and configured to:

receive the mobile device user information, the mobile device ID and the IMSI from the MDA;

compare the mobile device user information, the mobile device ID and the IMSI received from the MDA with the user information, the mobile device ID, and the IMSI stored with the account ID;

if one or more of the mobile device ID and the IMSI received from the MDA do not match the mobile device ID and the IMSI stored with the account ID:

calculate a profile match confidence between the mobile device user profile and the user profile based on the user application information collected from the one or more in-house applications;

if the profile match confidence is above a profile match confidence threshold, authenticate the mobile device to allow access to the account using the mobile device ID and the IMSI received from the MDA;

if the profile match confidence is below the profile match confidence threshold, deny access to the account by the mobile device or prompt the mobile device user to provide additional verification.