Patent Issued for Consumer threat intelligence service (USPTO 11677763): Allstate Insurance Company

2023 JUN 30 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- Allstate Insurance Company (Northbrook, Illinois, United States) has been issued patent number 11677763, according to news reporting originating out of Alexandria, Virginia, by NewsRx editors.

The patent’s inventors are Park, Jason D. (Lake Forest, IL, US), Parkinson, John S. (Chicago, IL, US).

This patent was filed on January 14, 2021 and was published online on June 13, 2023.

From the background information supplied by the inventors, news correspondents obtained the following quote: “Protecting a consumer’s confidential information in today’s online environment is difficult due to the increased connectivity and the increasing portion of their daily lives on the internet, evidenced by the number of consumer accounts accessible via internet enabled computing devices. But the internet is vaster than many consumers appreciate, meaning consumers have much more exposure than they are aware. Most consumers only interact with the internet via the World Wide Web, which they often conflate with the full internet. However, the internet is just a network of various computers and computing devices, whereas the World Wide Web is a specific way of exchanging information over the internet. Generally, the World Wide Web allows consumers to access information formatted as webpages and identified by Uniform Resource Locators (URLs) that is connected through a network of hypertext links.

“The World Wide Web is often referred to as having at least three different parts: the Surface Web, the Deep Web, and the Dark Web. Although these designations blur, there are some generally accepted definitions. The Surface Web is the part of the World Wide Web that consumers are most familiar. It consists of webpages that search engines (such as Google, Bing, or Yahoo) can find and index. Search engines depend on links to navigate. Therefore, the Surface Web includes all webpages hyperlinked to other webpages.

“The Deep Web consists of anything a search engine cannot find and index. This includes any webpage that does not have a specific link. Examples are websites with search boxes that require a text input, websites that require logins to enter, and websites set up at home that can only be accessed through its IP address. The Deep Web therefore consists of information that a consumer could access but a search engine could not.

“The Dark Web is a part of the Deep Web where the users remain anonymous. The Dark Web is inaccessible through the standard web browser and requires searching different networks, such as TOR, Freenet, or I2P. Because users of the Dark Web are anonymous, the Dark Web lends itself to hackers or others with criminal interests. Despite most consumers never directly interacting with the Dark Web, their information can still be hacked and traded or sold over the Dark Web.

“Therefore, as consumers continue to gain an ever-increasing presence in online environments, they will also be exposed to a growing landscape of cyber-security threats. In addition, as these threats increase, it is in the best interest of the consumer to be proactive in detecting cyber-threats and/or cyber-attacks.”

Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “In light of the foregoing background, the following presents a simplified summary of the present disclosure in order to provide a basic understanding of some aspects of the invention. This summary is not an extensive overview of the invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of the invention. The following summary merely presents some concepts of the invention in a simplified form as a prelude to the more detailed description provided below.

“Aspects of the disclosure address one or more of the issues mentioned above by disclosing methods, computer readable storage media, software, systems, and apparatuses for detection of a cyber-attack by monitoring the Surface Web, Deep Web, and Dark Web. If a cyber-attack is detected, the described cyber security system may then determine the criteria used to target victims of the cyber-attack. The described cyber-security system will then compare the criteria used to target victims with consumer profiles.

“In some aspects, the cyber-security system will create consumer profiles from information provided by the consumer and/or collected from monitoring the consumer’s online activity. The cyber-security system may periodically update these consumer profiles based on additional information provided by the consumer or collected from monitoring the consumer’s online activity.

“In other aspects, the cyber-security system may generally notify consumers that a cyber-attack has occurred. Alternatively, the cyber-security system may also notify specific consumers that although their data may not be compromised, their profile fits that of potential victims of the cyber-attack. The cyber-security system may also determine which specific consumers were victims of the cyber-attack and notify those consumers whether their information was compromised. The cyber-security system may additionally make recommendations of actions a consumer may take to protect themselves from the cyber-attack. Further, the cyber-security system may also, in operation, assist in or automate the closing of accounts based on the cyber-attack.

“In some aspects, the cyber-security system may include a cyber-security account analysis system and a cyber-security data processing system. The cyber-security system may include at least one processor and a memory unit storing computer-executable instructions. The cyber-security system may be configured to, in operation, generate a consumer profile based on consumer information, scan a consumer device to determine potential security threat, and associate the consumer device and the results of the scan with the generated consumer profile. The cyber-security system may also be configured to scan the Surface Web, Deep Web, and Dark Web for potential cyber-attacks. If a cyber-attack is detected, the cyber-security system may then determine the criteria used to find targets of the cyber-attack. Then, the cyber-security system may then compare consumer profiles to the criteria to find targets of the cyber-attack. If a consumer profile matches the criteria used to find targets, the cyber-security system may also notify the consumer with the matching profile.”

The claims supplied by the inventors are:

“1. A cyber-security system comprising: a processor; a memory unit storing computer-executable instructions, which when executed by the processor, cause the system to: monitor at least one of the Surface Web, Deep Web, or Dark Web; determine whether a cyber-attack is occurring; determine, based on comparing a criteria being used to determine targets of the cyber-attack to a consumer profile, that a consumer, associated with the consumer profile, is a potential target of an upcoming cyber-attack; and proactively notify the consumer of the upcoming cyber-attack.

“2. The cyber-security system of claim 1, wherein to determine that the consumer is the potential target of the upcoming cyber-attack, the system is further configured to: compare the criteria used to determine targets of the cyber-attack with the consumer profile; and if the criteria used to determine the targets of the cyber-attack matches the consumer profile, notify the consumer of the profile match with the criteria for the cyber-attack.

“3. The cyber-security system of claim 2, wherein the system is further configured to: determine whether the consumer’s data was compromised during the cyber-attack; and notify the consumer whether consumer’s data was compromised during the cyber-attack.

“4. The cyber-security system of claim 3, wherein the system is further configured to: monitor at least one of the Surface Web, Deep Web, or Dark Web, using the consumer profile, for unauthorized use of the consumer’s data; and notify consumer of unauthorized use of the consumer’s data.

“5. The cyber-security system of claim 4, wherein the system is further configured to: recommend closing consumer accounts based on the criteria used to determine targets of the cyber-attack.

“6. The cyber-security system of claim 1, wherein the system is further configured to: receive additional consumer information; and update, based on the additional consumer information, the consumer profile.

“7. The cyber-security system of claim 1, wherein the system is further configured to: determine an amount of confidential information of the consumer available electronically on social media networks and the Internet.

“8. The cyber-security system of claim 1, wherein the consumer profile comprises at least of one of: type of operating system installed on a consumer device, type of the consumer device, geographical region of where the consumer device is located, model number of the consumer device, software version of the consumer device, application installed on the consumer device, or network capabilities of the consumer device.

“9. The cyber-security system of claim 1, wherein the system is further configured to: identify an enterprise whose assets are being used for the occurring cyber-attack; and notify the enterprise of the occurring cyber-attack.

“10. The cyber-security system of claim 1, wherein the system is further configured to: prompt a confirmation of an information in the consumer profile; and update the consumer profile based on the confirmation of the information by the consumer.

“11. The cyber-security system of claim 1, wherein the system is further configured to: determine a channel to proactively notify the consumer of the upcoming potential cyber-attack against the consumer.

“12. The cyber-security system of claim 1, wherein the system is further configured to: learn to identify false positives based on feedback received from a plurality of consumers.

“13. A method comprising: monitoring at least one of the Surface Web, Deep Web, or Dark Web; determining whether a cyber-attack is occurring; determining a criteria being used to determine targets of the cyber-attack; comparing the criteria used to determine the targets of the cyber-attack with a consumer profile associated with a consumer; and if the criteria used to determine targets of the cyber-attack matches the consumer profile, proactively notify the consumer of an upcoming potential cyber-attack against the consumer.

“14. The method of claim 13, further comprising: recommending closing consumer accounts based on the criteria used to determine targets of the cyber-attack.

“15. The method of claim 13, further comprising: receiving additional consumer information; and updating, based on the additional consumer information, the consumer profile.

“16. The method of claim 13, further comprising: monitoring at least one of the Surface Web, Deep Web, or Dark Web for signs of a specific consumer profile being used in a cyber-attack.

“17. A cyber-security system comprising: a processor; a memory unit storing computer-executable instructions, which when executed by the processor, cause the system to: monitor at least one of the Surface Web, Deep Web, or Dark Web; determine whether a cyber-attack is occurring; determine a criteria being used to determine targets of the cyber-attack; compare the criteria used to determine the targets of the cyber-attack with a consumer profile associated with a consumer; if the criteria used to determine targets of the cyber-attack matches the consumer profile, proactively notify the consumer of an upcoming potential cyber-attack against the consumer; and recommend closing consumer accounts based on the criteria used to determine the targets of the cyber-attack.

“18. The cyber-security system of claim 17, wherein the system is further configured to: receive additional consumer information; and update, based on the additional consumer information, the consumer profile.

“19. The cyber-security system of claim 17, wherein the system is further configured to: monitor at least one of the Surface Web, Deep Web, or Dark Web for signs of a specific consumer profile being used in a cyber-attack.

“20. The cyber-security system of claim 17, wherein system is further configured to: display a hyperlink for each listed account to enable the consumer to close an account upon hyperlink activation.”

For the URL and additional information on this patent, see: Park, Jason D. Consumer threat intelligence service. U.S. Patent Number 11677763, filed January 14, 2021, and published online on June 13, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11677763)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)