	US 12,413,585 B2
	System and method for electronic authentication of electronic distributed network traffic via enriched data
Barry Gregory Jude Walsh, Greystones (IE); Tomas M. Castrejon, III, Fort Mill, SC (US); Christopher Stephen Littrell, Dallas, TX (US); and Edward Lee Traywick, Bellbrook, OH (US)
Assigned to BANK OF AMERICA CORPORATION, Charlotte, NC (US)
Filed by BANK OF AMERICA CORPORATION, Charlotte, NC (US)
Filed on Jan. 17, 2023, as Appl. No. 18/097,930.
Prior Publication US 2024/0244050 A1, Jul. 18, 2024
Int. Cl. H04L 41/16 (2022.01); H04L 9/40 (2022.01)

CPC H04L 63/0876 (2013.01) [H04L 41/16 (2013.01); H04L 63/1425 (2013.01)]

15 Claims

1. A system for electronic authentication of electronic distributed network traffic via enriched data, the system comprising:

at least one non-transitory storage device; and

at least one processing device coupled to the at least one non-transitory storage device,

wherein the at least one processing device is configured to:

receive an authorization request from a user of a first endpoint device to send or receive data with a second endpoint device;

transmit a request for a first authentication credential to the first endpoint device;

receive, via an authentication transmission, the first authentication credential from the user on a user interface of the first endpoint device;

initialize an enhanced authentication engine by transmitting attributes of the authentication transmission to the enhanced authentication engine, wherein the enhanced authentication engine comprises a machine learning model and a middleware component, the middleware component for assembling multiple data sources in real-time, and wherein the enhanced authentication engine is configured to:

collect, by the middleware component, a second data flow to the enhanced authentication engine, the second data flow relating to network traffic passing to the enhanced authentication engine and comprising at least one geolocation as a known threat indicator;

combine into a combined data, by the middleware component, a metadata source with the second data flow;

initiate the machine learning model, wherein the machine learning model is configured to at least one of: (i) receive threat indicators as training data, and (ii) recognize patterns in the combined data;

determine, via the machine learning model, anomalies in the combined data;

transmit the combined data to an alert engine, wherein the alert engine is configured to transmit an alert to an authorization device if there is an anomaly in the combined data as determined by the machine learning model;

authorize the authorization request if there is no anomaly in the combined data;

transmit a request for a second authentication credential to an auxiliary endpoint device if there is an anomaly in the combined data determined by the machine learning model;

receive, via a second authentication transmission, the second authentication credential from the user on the user interface of the auxiliary endpoint device; and

authorize the authorization request if the second authentication credential is accepted.