US 12,113,830 B2
Frictionless supplementary multi-factor authentication for sensitive transactions within an application session
Thomas Szigeti, Vancouver (CA); David John Zacks, Vancouver (CA); Walter T. Hulick, Jr., Pearland, TX (US); and Tal Maoz, Jerusalem (IL)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Mar. 30, 2021, as Appl. No. 17/216,845.
Prior Publication US 2022/0321602 A1, Oct. 6, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 9/455 (2018.01); G06F 9/54 (2006.01)
CPC H04L 63/20 (2013.01) [G06F 9/4552 (2013.01); G06F 9/547 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for applying a security policy by an application security system to a transaction within an application that is monitored by the application security system, the method comprising:
monitoring transactions occurring between a client device and the application over a network;
identifying a first transaction from the transactions as a sensitive transaction at least in part by applying a supervised machine learning algorithm to identify a transaction name that is associated with the sensitive transaction, wherein the sensitive transaction is associated with an authentication policy requiring an authentication that is more trustworthy than an authentication for a non-sensitive transaction;
interrupting the application; and
prompting the client device for the authentication.