Search

US-12621156-B2 - Preventing unauthorized resource access related to a compromised token

US12621156B2US 12621156 B2US12621156 B2US 12621156B2US-12621156-B2

Abstract

A system can be used to prevent unauthorized resource access related to a compromised token. The system can generate a cancel request indicating that the compromised token has been compromised. The cancel request can include a time at which the compromised token was compromised. Additionally, the system can transmit the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token. The related token can be generated subsequent to the time at which the compromised token was compromised. The system can determine that an unauthorized transfer operation was initiated using the compromised token or the related token. The system then can deny access to one or more protected resources by preventing an execution of the unauthorized transfer operation.

Inventors

  • Jason B. Cohoon

Assignees

  • TRUIST BANK

Dates

Publication Date
20260505
Application Date
20240416

Claims (20)

  1. 1 . A system comprising: a processor; and a memory including instructions that are executable by the processor for causing the processor to perform operations comprising: generating a cancel request indicating that a token has been compromised, the cancel request including a time at which the compromised token was compromised; transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token, the related token being generated subsequent to the time at which the compromised token was compromised; determining that an unauthorized transfer operation was initiated using the compromised token or the related token; and denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation.
  2. 2 . The system of claim 1 , wherein the token management service is configured to remove the related token by adjusting, based on the cancel request, a token status corresponding to the related token.
  3. 3 . The system of claim 1 , wherein preventing the execution of the unauthorized transfer operation comprises: determining that the unauthorized transfer operation is unauthorized based on the unauthorized transfer operation being initiated using the compromised token or the related token; and subsequent to determining that the unauthorized transfer operation was initiated using the compromised token or the related token, removing the unauthorized transfer operation from a processing queue to prevent the unauthorized transfer operation from being executed.
  4. 4 . The system of claim 1 , wherein the operations further comprise, prior to transmitting the cancel request to the token management service: detecting that the unauthorized transfer operation was initiated using the compromised token; in response to detecting that the unauthorized transfer operation has been initiated, identifying a timestamp of the unauthorized transfer operation; and generating the cancel request, wherein the cancel request includes the timestamp of the unauthorized transfer operation as the time at which the compromised token was compromised.
  5. 5 . The system of claim 1 , wherein the operations further comprise: outputting a user interface for display to an entity, wherein the user interface is configured to receive user input from the entity that indicates the time at which the token was compromised; and in response to receiving the user input at the user interface, generating the cancel request to remove the related token generated subsequent to the time included in the cancel request.
  6. 6 . The system of claim 1 , wherein the time at which the token was compromised is provided to the token management service as a time range based on an estimated value.
  7. 7 . The system of claim 1 , wherein the compromised token is a virtual token associated with a software application installed on a mobile device to initiate one or more transfer operations using the mobile device.
  8. 8 . A computer-implemented method comprising: generating a cancel request indicating that a token has been compromised, the cancel request including a time at which the compromised token was compromised; transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token, the related token being generated subsequent to the time at which the compromised token was compromised; determining that an unauthorized transfer operation was initiated using the compromised token or the related token; and denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation.
  9. 9 . The computer-implemented method of claim 8 , wherein the token management service is configured to remove the related token by adjusting, based on the cancel request, a token status corresponding to the related token.
  10. 10 . The computer-implemented method of claim 8 , wherein denying the execution of the unauthorized transfer operation comprises: determining that the unauthorized transfer operation is unauthorized based on the unauthorized transfer operation being initiated using the compromised token or the related token; and subsequent to determining that the unauthorized transfer operation was initiated using the compromised token or the related token, removing the unauthorized transfer operation from a processing queue to prevent the unauthorized transfer operation from being executed.
  11. 11 . The computer-implemented method of claim 8 , further comprising, prior to transmitting the cancel request to the token management service: detecting that the unauthorized transfer operation was initiated using the compromised token; in response to detecting that the unauthorized transfer operation has been initiated, identifying a timestamp of the unauthorized transfer operation; and generating the cancel request, wherein the cancel request includes the timestamp of the unauthorized transfer operation as the time at which the compromised token was compromised.
  12. 12 . The computer-implemented method of claim 8 , further comprising: outputting a user interface for display to an entity, wherein the user interface is configured to receive user input from the entity that indicates the time at which the token was compromised; and in response to receiving the user input at the user interface, generating the cancel request to remove the related token generated subsequent to the time included in the cancel request.
  13. 13 . The computer-implemented method of claim 8 , wherein the time at which the token was compromised is provided to the token management service as a time range based on an estimated value.
  14. 14 . The computer-implemented method of claim 8 , wherein the compromised token is a virtual token associated with a software application installed on a mobile device to initiate one or more transfer operations using the mobile device.
  15. 15 . A non-transitory computer-readable medium comprising program code executable by a processor for causing the processor to perform operations comprising: generating a cancel request indicating that a token has been compromised, the cancel request including a time at which the compromised token was compromised; transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token, the related token being generated subsequent to the time at which the compromised token was compromised; determining that an unauthorized transfer operation was initiated using the compromised token or the related token; and denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation.
  16. 16 . The non-transitory computer-readable medium of claim 15 , wherein the token management service is configured to remove the related token by adjusting, based on the cancel request, a token status corresponding to the related token.
  17. 17 . The non-transitory computer-readable medium of claim 15 , wherein denying the execution of the unauthorized transfer operation comprises: determining that the unauthorized transfer operation is unauthorized based on the unauthorized transfer operation being initiated using the compromised token or the related token; and subsequent to determining that the unauthorized transfer operation was initiated using the compromised token or the related token, removing the unauthorized transfer operation from a processing queue to prevent the unauthorized transfer operation from being executed.
  18. 18 . The non-transitory computer-readable medium of claim 15 , wherein the operations further comprise, prior to transmitting the cancel request to the token management service: detecting that the unauthorized transfer operation was initiated using the compromised token; in response to detecting that the unauthorized transfer operation has been initiated, identifying a timestamp of the unauthorized transfer operation; and generating the cancel request, wherein the cancel request includes the timestamp of the unauthorized transfer operation as the time at which the compromised token was compromised.
  19. 19 . The non-transitory computer-readable medium of claim 15 , wherein the operations further comprise: outputting a user interface for display to an entity, wherein the user interface is configured to receive user input from the entity that indicates the time at which the token was compromised; and in response to receiving the user input at the user interface, generating the cancel request to remove the related token generated subsequent to the time included in the cancel request.
  20. 20 . The non-transitory computer-readable medium of claim 15 , wherein the time at which the token was compromised is provided to the token management service as a time range based on an estimated value.

Description

TECHNICAL FIELD The present disclosure relates generally to data security and, more particularly (although not necessarily exclusively), to preventing unauthorized resource access related to a compromised token. BACKGROUND A transfer operation can be initiated to transfer resources between entities. A physical token can provide identifying information corresponding to a particular entity to initiate and authorize the transfer operation. A virtual token can be generated and stored in a computing device to replace the physical token. The virtual token can substitute the identifying information of the physical token with a non-sensitive equivalent that can be used to initiate and authorize the transfer operation. The virtual token can be device-specific or application-specific such that a respective virtual token may be used to replace the physical token in different use cases. SUMMARY In some examples, a system includes a processor and a memory that includes instructions executable by the processor for causing the processor to perform operations. The operations can include generating a cancel request indicating that a token has been compromised. The cancel request can include a time at which the compromised token was compromised. The operations can include transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token. The related token can be generated subsequent to the time at which the compromised token was compromised. Additionally, the operations can include determining that an unauthorized transfer operation was initiated using the compromised token or the related token. Further, the operations can include denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation. In some examples, a computer-implemented method can involve generating a cancel request indicating that a token has been compromised. The cancel request can include a time at which the compromised token was compromised. The computer-implemented method can involve transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token. The related token can be generated subsequent to the time at which the compromised token was compromised. Additionally, the computer-implemented method can involve determining that an unauthorized transfer operation was initiated using the compromised token or the related token. Further, the computer-implemented method can involve denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation. In some examples, a non-transitory computer-readable medium can include program code executable by a processor for causing the processor to perform operations. The operations can include generating a cancel request indicating that a token has been compromised. The cancel request can include a time at which the compromised token was compromised. The operations can include transmitting the cancel request to a token management service to remove a related token associated with sensitive data corresponding to the compromised token. The related token can be generated subsequent to the time at which the compromised token was compromised. Additionally, the operations can include determining that an unauthorized transfer operation was initiated using the compromised token or the related token. Further, the operations can include denying access to one or more protected resources by preventing an execution of the unauthorized transfer operation. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a block diagram of an example of a computing environment to prevent unauthorized resource access related to a compromised token, according to some aspects of the present disclosure. FIG. 2 is a block diagram of an example computing device to prevent unauthorized resource access related to a compromised token, according to some aspects of the present disclosure. FIG. 3 is a flowchart of an example of a process to prevent unauthorized resource access related to a compromised token, according to some aspects of the present disclosure. DETAILED DESCRIPTION Certain aspects and examples of the present disclosure relate to preventing unauthorized resource access related to a compromised token. An entity can initiate a transfer operation to provide or obtain access to one or more protected resources. Sensitive information associated with the entity that is used to initiate the transfer operation can be replaced with a non-sensitive equivalent to ensure data privacy or information security. The non-sensitive equivalent of the sensitive information can be referred to as a token. The token can function as a reference that can be used to map back to a sensitive data element through detokenization (e.g., a process of returning the token back into the original sensitive data el