Patent Issued for Systems and methods for detecting digital security breaches of connected assets based on location tracking and asset profiling (USPTO 11373245): Allstate Insurance Company

2022 JUL 14 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- According to news reporting originating from Alexandria, Virginia, by NewsRx journalists, a patent by the inventors Sankovsky, Jenny (Hawthorn Woods, IL, US), filed on March 4, 2016, was published online on June 28, 2022.

The assignee for this patent, patent number 11373245, is Allstate Insurance Company (Northbrook, Illinois, United States).

Reporters obtained the following quote from the background information supplied by the inventors: “Insurance providers value the safety of its customers, their assets, and the general public. Due to increased connectivity, many everyday assets are now configured for remote accessibility and are therefore exposed to risk of digital security breaches by unauthorized users and devices. Unauthorized manipulations may lead not only to the damage of the asset subjected to the digital security breach, but also other related or nearby assets. In conventional arrangements, it may be difficult or impossible to timely detect digital security breaches of an asset and thereby minimize the damage.”

In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “The following presents a simplified summary of various aspects described herein. This summary is not an extensive overview, and is not intended to identify key or critical elements or to delineate the scope of the claims. The following summary merely presents some concepts in a simplified form as an introductory prelude to the more detailed description provided below.

“Some aspects described herein provide a digital security breach detection system. The digital security breach detection system may include at least one processor. The digital security breach detection system may be configured to, in operation, receive a notification, from an asset, of a transaction from a requesting device requesting modification of the asset. Responsive to the notification, the digital security breach detection system may be configured to, in operation, determine whether the requesting device is a pre-authorized device, and whether a location of the requesting device is within a threshold radius of the location of the asset. Responsive to determining that the requesting device is not a pre-authorized device and/or is not within a threshold radius of the asset, the digital security breach detection system may be configured to, in operation, generate an asset profile for the asset based on sensor data. The digital security breach detection system may be configured to, in operation, use the asset profile to determine whether the modification requested by the transaction is consistent with the asset profile. Responsive to determining that it is not, the digital security breach detection system may notify the asset of an unauthorized manipulation and provide instructions to cancel the transaction. Further, the digital security breach detection system may be configured to, in operation, generate an insurance claim based on the unauthorized manipulation under an insurance policy for the asset.

“Additional aspects described herein are directed to an asset that may include one or more sensors, and at least one processor. The asset may be configured to, in operation, receive a transaction requesting a modification of the asset from a requesting device. The asset may issue a temporary hold on the transaction. Further, the asset may collect sensor data from the one or more sensors, and notify a digital security breach detection system of the transaction and of the sensor data. In response, the asset may be configured to, in operation, receive a notification of an unauthorized manipulation and instructions to cancel the transaction from the digital security breach detection system. Further, responsive to the instructions, the asset may be configured to, in operation, remove the temporary hold on the transaction and cancel the transaction.

“Still other aspects described herein provide a computer-assisted method of detecting digital security breaches. A special-purpose computing system may receive a notification, from an asset, of a transaction from a requesting device requesting modification of the asset. Responsive to the notification, the special-purpose computing system may determine whether the requesting device is a pre-authorized device, and whether a location of the requesting device is within a threshold radius of the location of the asset. Responsive to determining that the requesting device is not a pre-authorized device and is not within the threshold radius of the asset, the special-purpose computing device may generate an asset profile for the asset based on sensor data. The special-purpose computing system may then use the asset profile to determine whether the modification requested by the transaction is consistent with the asset profile. Responsive to determining that it is not, the special-purpose computing system may notify the asset of an unauthorized manipulation and provide instructions to cancel the transaction. Further, the special-purpose computing system may generate an insurance claim based on the unauthorized manipulation under an insurance policy for the asset.

“The details of these and other aspects of the disclosure are set forth in the accompanying drawings and description below. Other features and advantages of aspects of the disclosure will be apparent from the description and drawings.”

The claims supplied by the inventors are:

“1. A digital security breach detection system comprising: at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to: receive, from an asset, a notification of a transaction from a requesting device; determine a modification of one or more operating parameters of the asset requested in the notification, wherein the modification comprises a plurality of steps to modify the one or more operating parameters, wherein at least one step of the plurality of steps have been executed by the asset, and wherein the asset is covered by an insurance policy against digital security breaches; determine whether the requesting device is a pre-authorized device by comparing a list of pre-authorized devices, obtained by querying an asset security information database, against an identifier corresponding to the requesting device received from the requesting device; determine a first location of the requesting device and a second location of the asset, wherein: the first location is determined based on the transaction information or communication with the requesting device; and the second location is determined based on at least one of retrieving the first location from the asset directly, deriving the second location from operational data received from one or more sensors installed on the asset, deriving the second location from operational data received from a telematics device installed on the asset, or a Global Positioning System (GPS) sensor of a mobile computing device within the asset; responsive to determining that the requesting device is not a pre-authorized device, determine whether the first location of the requesting device is within a threshold radius of the second location of the asset; responsive to determining that the first location of the requesting device is not within the threshold radius of the second location of the asset, generate an asset profile for the asset based on historical trends identified in sensor data received from the one or more sensors installed on the asset, wherein the historical trends indicate a historical range of values of the sensor data over a period of time; determine, by comparing the modification of the one or more operating parameters of the asset requested in the notification with the historical range of values of the sensor data over the period of time, whether the modification requested by the transaction is inconsistent with the asset profile; responsive to determining that the modification of the one or more operating parameters of the asset requested in the notification is inconsistent with the asset profile: notify, the asset of an unauthorized manipulation; and send a rollback instruction for cancelling the at least one step of the plurality of steps to return at least one of the one or more operating parameters of a current state of the asset to a value corresponding to a prior state of the asset, the rollback instruction causing the asset to return the at least one of the one or more operating parameters of the current state of the asset to the value corresponding to the prior state of the asset; and send, from the digital security breach detection system and to an insurance system in signal communication with the digital security breach detection system, a request for an update to the insurance policy based on the unauthorized manipulation.

“2. The system of claim 1, wherein the computer-readable instructions, when executed by the at least one processor, further cause the system to: notify pre-authorized devices in the list of pre-authorized devices of the unauthorized manipulation; receive, within a threshold time period, a second notification from at least one of the pre-authorized devices providing override instructions to allow the transaction; and provide the override instructions to the asset to execute the transaction.

“3. The system of claim 1, wherein the computer-readable instructions, when executed by the at least one processor, further cause the system to send the instructions by causing the system to: send, to a mobile computing device associated with the list of pre-authorized devices, the instructions for rolling back the at least one of the one or more steps.

“4. The system of claim 1, wherein: the asset is a vehicle; and the instructions, when executed by the at least one processor, further cause the system to: generate the asset profile for the asset further based on vehicle telematics data received from the vehicle telematics device installed on the asset.

“5. The system of claim 1, wherein determining whether the modification requested by the transaction is inconsistent with the asset profile comprises: determining a first time period associated with the transaction, and selecting, from the historical range of values, values corresponding to the first time period, wherein comparing the modification requested by the transaction with the historical range of values of the sensor data over the period of time comprises comparing the modification requested by the transaction with the values corresponding to the first time period.

“6. The system of claim 1, wherein the computer-readable instructions, when executed by the at least one processor, cause the system to determine the first location of the requesting device by submitting an Internet Protocol (IP) address of the requesting device to an IP geolocation service.

“7. The system of claim 1, wherein the asset is a vehicle, and wherein the second location of the asset is provided by the GPS sensor of the mobile device within the vehicle.

“8. A computer-assisted method of detecting digital security breaches comprising: receiving, by a digital security breach detection system from an asset, a notification of a transaction from a requesting device; determining, by a digital security breach detection system, a modification of one or more operating parameters of the asset requested in the notification, wherein the modification comprises a plurality of steps to modify the one or more operating parameters, wherein at least one step of the plurality of steps have been executed by the asset, and wherein the asset is covered by an insurance policy against digital security breaches; determining, by a digital security breach detection system, whether the requesting device is a pre-authorized device by comparing a list of pre-authorized devices, obtained by querying an asset security information database, against an identifier corresponding to the requesting device received from the requesting device; determining, by the digital security breach detection system, a first location of the requesting device and a second location of the asset, wherein: the first location is determined based on the transaction information or communication with the requesting device; and the second location is determined based on at least one of retrieving the first location from the asset directly, deriving the second location from operational data received from one or more sensors installed on the asset, deriving the second location from operational data received from a telematics device installed on the asset, or a Global Positioning System (GPS) sensor of a mobile computing device within the asset; responsive to determining that the requesting device is not a pre-authorized device, determining, by the digital security breach detection system, whether the first location of the requesting device is within a threshold radius of the second location of the asset at a time associated with the transaction; responsive to determining that the first location of the requesting device is not within the threshold radius of the second location of the asset, generating, by the digital security breach detection system, an asset profile based on historical trends identified in sensor data received from the one or more sensors installed on the asset, wherein the historical trends indicate a historical range of values of the sensor data over a period of time; determining, by the digital security breach detection system, by comparing the modification of the one or more operating para meters of the asset requested in the notification with the historical range of values of the sensor data over the period of time, whether the modification requested by the transaction is inconsistent with the asset profile; responsive to determining that the modification requested by the transaction is inconsistent with the asset profile: notifying, by the digital security breach detection system, the asset of an unauthorized manipulation; sending; by a digital security breach detection system, a rollback instruction for cancelling the at least one step of the plurality of steps to return at least one of the one or more operating parameter’s of a current state of the asset to a value corresponding to a prior state of the asset, the rollback instruction causing the asset to return the at least one of the one or more operating parameters of the current state of the asset to the value corresponding to the prior state of the asset; and sending, by the digital security breach detection system, to an insurance system in signal communication with the digital security breach detection system, a request for an update to the insurance policy based on the unauthorized manipulation.

“9. The computer-assisted method of claim 8 further comprising: notifying the pre-authorized devices of the unauthorized manipulation; receiving, within a threshold time period, a second notification from at least one of the pre-authorized devices providing instructions to allow the transaction; and providing instructions to the asset to execute the transaction.”

There are additional claims. Please visit full patent to read further.

For more information, see this patent: Sankovsky, Jenny. Systems and methods for detecting digital security breaches of connected assets based on location tracking and asset profiling. U.S. Patent Number 11373245, filed March 4, 2016, and published online on June 28, 2022. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=11373245.PN.&OS=PN/11373245RS=PN/11373245

(Our reports deliver fact-based news of research and discoveries from around the world.)