Patent Grant
11611629
Security brokers, such as cloud access security brokers, are on-premises or cloud-based security enforcement points disposed in a computer network between users, such as clients via user agents, and network service providers, which may include content servers that may combine and interject security policies as the services are being accessed. For example, an enterprise may employ a cloud access security broker to address cloud service risks, enforce security policies, and comply with regulations for the users of the enterprise to access cloud-based services including resources such as webpages, which can include web applications. The broker may apply a security policy or multiple types of security policy enforcement including authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, and malware detection or protection. For instance, the broker may monitor user activity, warn administrators about potentially hazardous actions, enforce security policy compliance, and automatically address malware.
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Security brokers, or security services in general, can offer proxy policy systems that monitor and protect users from certain content and export of sensitive information. Sites can attempt to bypass security services including proxies with inline frames to dispatch client-side activities in browsers. An example inline frame monitor is disclosed. In one example, the inline frame monitor allows for the detection and capture of activities dispatched within an inline frame, which includes activities generated in the browser that may not otherwise be detectable at the proxy. In one example, the inline frame monitor can detect content within an empty inline frame that is created in the client-side and dynamically injected with an HTML document from the parent frame. The inline frame monitor injects monitoring logic into a document object model to monitor an activity within a dynamically loaded inline frame of a web page. An activity can include an event or navigation and code execution to be monitored or tracked. Data regarding the activity within the dynamically loaded inline frame is received. A policy is applied to validate or invalidate the activity within the dynamically loaded inline frame. The inline frame monitor is generic, cross-platform, and multipurpose, and the inline frame monitor allows monitoring of activities generated on the client side.
The accompanying drawings are included to provide a further understanding of embodiments and are incorporated in and constitute a part of this disclosure. The drawings illustrate embodiments and together with the description serve to explain principles of embodiments. Other embodiments and many of the intended advantages of embodiments will be readily appreciated, as they become better understood by reference to the following description. The elements of the drawings are not necessarily to scale relative to each other. Like reference numerals designate corresponding similar parts.
In the following Description, reference is made to the accompanying drawings, which form a part hereof, and in which is shown by way of illustration specific embodiments in which the invention may be practiced. It is to be understood that other embodiments may be utilized and structural or logical changes may be made without departing from the scope of the present invention. The following description, therefore, is not to be taken in a limiting sense. It is to be understood that features of the various example embodiments described herein may be combined, in part or whole, with each other, unless specifically noted otherwise.
In a basic hardware configuration, computing device 100 typically includes a processor system having one or more processing units, i.e., processors 102, and memory 104. By way of example, the processing units may include two or more processing cores on a chip or two or more processor chips. In some examples, the computing device can also have one or more additional processing or specialized processors (not shown), such as a graphics processor for general-purpose computing on graphics processor units, to perform processing functions offloaded from the processor 102. The memory 104 may be arranged in a hierarchy and may include one or more levels of cache. Depending on the configuration and type of computing device, memory 104 may be volatile (such as random access memory (RAM)), nonvolatile (such as read only memory (ROM), flash memory, etc.), or some combination of the two.
Computing device 100 can also have additional features or functionality. For example, computing device 100 may also include additional storage. Such storage may be removable or non-removable and can include magnetic or optical disks, solid-state memory, or flash storage devices such as removable storage 108 and non-removable storage 110. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any suitable method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Memory 104, removable storage 108 and non-removable storage 110 are all examples of computer storage media. Computer storage media includes RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, universal serial bus (USB) flash drive, flash memory card, or other flash storage devices, or any other storage medium that can be used to store the desired information and that can be accessed by computing device 100. Accordingly, a propagating signal by itself does not qualify as storage media. Any such computer storage media may be part of computing device 100.
Computing device 100 often includes one or more input and/or output connections, such as USB connections, display ports, proprietary connections, and others to connect to various devices to provide inputs and outputs to the computing device. Input devices 112 may include devices such as keyboard, pointing device (e.g., mouse, track pad), stylus, voice input device, touch input device (e.g., touchscreen), or other. Output devices 111 may include devices such as a display, speakers, printer, or the like.
Computing device 100 often includes one or more communication connections 114 that allow computing device 100 to communicate with other computers/applications 115. Example communication connections can include an Ethernet interface, a wireless interface, a bus interface, a storage area network interface, and a proprietary interface. The communication connections can be used to couple the computing device 100 to a computer network, which can be classified according to a wide variety of characteristics such as topology, connection method, and scale. A network is a collection of computing devices and possibly other devices interconnected by communications channels that facilitate communications and allows sharing of resources and information among interconnected devices. Examples of computer networks include a local area network, a wide area network, the internet, or other network.
In one example, one or more of computing device 100 can be configured as a client device for a user in the network. The client device can be configured to establish a remote connection with a server on a network in a computing environment. The client device can be configured to run applications or software such as operating systems, web browsers, cloud access agents, terminal emulators, or utilities. In one example, the client device can also be configured to further include a server application.
In one example, one or more of computing device 100 can be configured as a server in the network such as a server device. The server can be configured to establish a remote connection with the client device in a computing network or computing environment. The server can be configured to run application or software such as operating systems.
In one example, one or more of computing devices 100 can be configured as servers in a datacenter to provide distributed computing services such as cloud computing services. A data center can provide pooled resources on which customers or tenants can dynamically provision and scale applications as needed without having to add servers or additional networking. The datacenter can be configured to communicate with local computing devices such used by cloud consumers including personal computers, mobile devices, embedded systems, or other computing devices. Within the data center, computing device 100 can be configured as servers, either as stand alone devices or individual blades in a rack of one or more other server devices. One or more host processors, such as processors 102, as well as other components including memory 104 and storage 110, on each server run a host operating system that can support multiple virtual machines. A tenant may initially use one virtual machine on a server to run an application. The datacenter may activate additional virtual machines on a server or other servers when demand increases, and the datacenter may deactivate virtual machines as demand drops.
Datacenter may be an on-premises, private system that provides services to a single enterprise user or may be a publicly (or semi-publicly) accessible distributed system that provides services to multiple, possibly unrelated customers and tenants, or may be a combination of both. Further, a datacenter may be a contained within a single geographic location or may be distributed to multiple locations across the globe and provide redundancy and disaster recovery capabilities. For example, the datacenter may designate one virtual machine on a server as the primary location for a tenant's application and may activate another virtual machine on the same or another server as the secondary or back-up in case the first virtual machine or server fails.
A cloud-computing environment is generally implemented in one or more recognized models to run in one or more network-connected datacenters. A private cloud deployment model includes an infrastructure operated solely for an organization whether it is managed internally or by a third-party and whether it is hosted on premises of the organization or some remote off-premises location. An example of a private cloud includes a self-run datacenter. A public cloud deployment model includes an infrastructure made available to the general public or a large section of the public such as an industry group and run by an organization offering cloud services. A community cloud is shared by several organizations and supports a particular community of organizations with common concerns such as jurisdiction, compliance, or security. Deployment models generally include similar cloud architectures, but may include specific features addressing specific considerations such as security in shared cloud models.
Cloud-computing providers generally offer services for the cloud-computing environment as a service model provided as one or more of an infrastructure as a service, platform as a service, and other services including software as a service. Cloud-computing providers can provide services via a subscription to tenants or consumers. For example, software as a service providers offer software applications as a subscription service that are generally accessible from web browsers or other thin-client interfaces, and consumers do not load the applications on the local computing devices. Infrastructure as a service providers offer consumers the capability to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run software, which can include operating systems and applications. The consumer generally does not manage the underlying cloud infrastructure, but generally retains control over the computing platform and applications that run on the platform. Platform as a service providers offer the capability for a consumer to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. In some examples, the consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment. In other examples, the provider can offer a combination of infrastructure and platform services to allow a consumer to manage or control the deployed applications as well as the underlying cloud infrastructure. Platform as a service providers can include infrastructure, such as servers, storage, and networking, and also middleware, development tools, business intelligence services, database management services, and more, and can be configured to support the features of the application lifecycle including one or more of building, testing, deploying, managing, and updating.
In one example, the web page can include a parent document, such as a HTML document, provided by resource device 206 and an inline frame, or iframe, which is another HTML document embedded into the parent document, provided by resource device 208. The parent document and the iframe can be rendered together in the user agent 210. In one example, the content within the iframe can be changed without reloading the parent document in the user agent 210. The iframe can be enabled via a programming language such as JavaScript or an element such as an HTML anchor. The HTML documents in the parent web page and the iframe can include dynamic web pages to create a live dynamic or interactive user experience as compared to static content. For example, the construction of the web page can be controlled by an application server processing server-sided scripts. Also, HTML document can apply HTML scripting running in the browser to dynamically update and change the DOM. In one example, a dynamic web page updated with AJAX (Asynchronous JavaScript and XML [extensible markup language]) to apply a combination of client-side scripting and server-side requests for data, in examples, will not create a page to back to and will not truncate the browser history forward of the displayed page.
The inline frame monitor 202 can be configured to operate with a security service 212. For example, the inline frame monitor 202 can be incorporated into a security service 212 as an element of the security service 212 or as a feature of a suite of security service 212 functionality. The security service 212 can provide services between the user device 204 and the resource devices 206, 208. In one example, the security service 212 may support multiple users of an enterprise. In some examples, security service 212 may be deployed on premises or accessed via a cloud service. For example, the security service 212 may support multiple enterprises in a multitenancy model. Security service 212 can monitor activity between the user device 204 and the resource devices 206, 208 and enforce security policies. For example, the security service 212 can be configured as a cloud access security broker that can monitor user activity, warn administrators about potentially hazardous actions, enforce security policy compliance, and automatically prevent or reduce the likelihood of malware in the enterprise. In one example, the security service 212 includes a distributed, cloud-based proxy that is an inline broker for activity on the network 200. For instance, the security service 212 can be configured to monitor static web pages as well as server-side dynamically loaded web pages.
In one example, the security service 212 provides mechanisms for enforcement of a policy regarding access to web pages including a mechanism to monitor data exported from web pages accessed via a proxy service. In order to affect the policy, the security service can monitor web pages requested from resource devices 206, 208 including resources being requested by the user device 204 and dynamically generated in the user agent 210. In one example, the inline frame monitor 202 includes a detection and reporting mechanism for browser-based client-side activities. The inline frame monitor 202 injects monitoring logic into the DOM to monitor dynamically loaded inline frames and provides for visibility from the security service of activity within the browser of client-only activities. For example, inline frames can include activities, which can include events, that are created in the client side and dynamically injected with HTML content from the parent document. An activity can include an event or navigation and code execution to be monitored or tracked. The inline frame monitor 202 can be used to capture the activities dispatched within the iframe context. Further, the inline frame monitor 202 or the security service 212 can validate the actions within the inline frames with respect to the security policy and log, report with an alert, or block the action in accordance with the security policy. In one example, the actions can be validated synchronously in the inline frame. The inline frame monitor 202 can prevent a website, such as a web page from resource device 208, to bypass the proxy service using an iframe to dispatch browser client events.
Monitoring logic injected into the DOM at 302 can include instructions to monitor content in the inline frames. Monitoring logic can be provided from the inline frame monitor 202, in one example, or from another feature of the security service 212. In one example, the monitoring logic is directed to monitor events in an iframe that is created at the client side and dynamically loaded with HTML content from the parent frame. The monitoring logic included at the DOM at 302 is able to detect the client-side created iframe and the contents loaded into the client-side created iframe. For example, the monitoring logic can detect an empty iframe, such as an iframe without a specified universal resource locator or web address, or URL. The empty iframe may pass through a typical security service, and the iframe may be loaded with content at the client side that is otherwise not detected with a typical security service. The monitoring logic can detect the client-side activity. In one example, the monitoring logic can be included as part of or generated from a program that is installed on the user device 204 or otherwise configured to operate with the user agent 210. In one example, the program can include or be part of inline frame monitor 202. The program injects, such as adds to or modifies, monitoring logic to the DOM to track or detect client-side activities of the web page.
Monitoring logic can generate data related to client-side activities such as creating dynamically loaded iframes at 304. Client-side activities can include events at the user agent 210 that provide content to or export data from within the iframe. Monitoring logic can provide the data regarding a client-side event to the inline frame monitor 202. The data received at the inline frame monitor can be used to determine whether the client-side activity is compliant with a policy, such as an enterprise policy established with security service 212. The policy is applied to the data to validate or invalidate the activity within the dynamically loaded inline frame at 306. For example, the inline frame monitor 202 can validate the event if the event is compliant with the policy, and the event can proceed within the user agent 210. The inline frame monitor 202 can invalidate the activity is the event is not compliant with the policy. The inline frame monitor can block the invalidated event such as prevent the loading of the content or the export of data, alert an administrator of the invalidated event, log the invalidated event, or take other action appropriate based on the enterprise policy.
The example inline frame monitor 202 and method 300 can be implemented to include a combination of one or more hardware devices and computer programs for controlling a system, such as a computing system having a processor 102 and memory 104, to perform method 300. For instance, inline frame monitor 202 and method 300 can be implemented as a computer readable medium or computer readable storage device having set of executable instructions for controlling the processor 102 to perform the method 300. The inline frame monitor 202 and method 300 can be included as a service in a cloud environment, such as a security service 212 implementing a cloud access security broker to enforce security polices, and implemented on a computing device 100 in a datacenter.
Although specific embodiments have been illustrated and described herein, it will be appreciated by those of ordinary skill in the art that a variety of alternate and/or equivalent implementations may be substituted for the specific embodiments shown and described without departing from the scope of the present invention. This application is intended to cover any adaptations or variations of the specific embodiments discussed herein.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6473800 | Jerger | Oct 2002 | B1 |
| 7293034 | Paya | Nov 2007 | B2 |
| 7325188 | Covington | Jan 2008 | B1 |
| 7343625 | Zaidi | Mar 2008 | B1 |
| 7437660 | Mehta | Oct 2008 | B1 |
| 7970891 | Kontothanssis | Jun 2011 | B1 |
| 8370938 | Daswani | Feb 2013 | B1 |
| 8484561 | Lemonik | Jul 2013 | B1 |
| 8548917 | Sripracha | Oct 2013 | B1 |
| 8555391 | Demir | Oct 2013 | B1 |
| 8839350 | McNair | Sep 2014 | B1 |
| 8856869 | Brinskelle | Oct 2014 | B1 |
| 8997226 | Call | Mar 2015 | B1 |
| 9037914 | Au | May 2015 | B1 |
| 9112900 | Peacock | Aug 2015 | B1 |
| 9160756 | Pieczul | Oct 2015 | B2 |
| 9223961 | Sokolov | Dec 2015 | B1 |
| 9251372 | Lahoz | Feb 2016 | B1 |
| 9325734 | Peacock | Apr 2016 | B1 |
| 9392053 | Fausak | Jul 2016 | B2 |
| 9398017 | Nizametdinov | Jul 2016 | B1 |
| 9432383 | Johns | Aug 2016 | B2 |
| 9507651 | McDonald | Nov 2016 | B2 |
| 9813440 | Hoover | Nov 2017 | B1 |
| 9825984 | Hoover | Nov 2017 | B1 |
| 9858440 | Wang | Jan 2018 | B1 |
| 9912767 | Weald | Mar 2018 | B1 |
| 10097624 | Palladino | Oct 2018 | B1 |
| 10134070 | Wadley | Nov 2018 | B2 |
| 10203852 | Ellbogen | Feb 2019 | B2 |
| 10205749 | Sem Siev | Feb 2019 | B1 |
| 10225330 | Palladino | Mar 2019 | B2 |
| 10348756 | Oberheide | Jul 2019 | B2 |
| 10367774 | Li | Jul 2019 | B2 |
| 10397243 | Johns | Aug 2019 | B2 |
| 10404662 | Ben-Dor | Sep 2019 | B1 |
| 10412113 | Hanley | Sep 2019 | B2 |
| 10417588 | Kreisel | Sep 2019 | B1 |
| 10467408 | Siev | Nov 2019 | B1 |
| 10482239 | Liu | Nov 2019 | B1 |
| 10599834 | Stoletny | Mar 2020 | B1 |
| 10708281 | Modalavalasa | Jul 2020 | B1 |
| 10719332 | Dwivedi | Jul 2020 | B1 |
| 10719373 | Koponen | Jul 2020 | B1 |
| 10733638 | Jain | Aug 2020 | B1 |
| 10747881 | Luo | Aug 2020 | B1 |
| 10754638 | Dwivedi | Aug 2020 | B1 |
| 10802950 | Kastyshyn | Oct 2020 | B2 |
| 10902522 | Kreisel | Jan 2021 | B1 |
| 11068584 | Burriesci | Jul 2021 | B2 |
| 11128644 | Siev | Sep 2021 | B2 |
| 11379550 | Brain | Jul 2022 | B2 |
| 11429951 | Bu | Aug 2022 | B1 |
| 20050086344 | Suesserman | Apr 2005 | A1 |
| 20060168221 | Juhls | Jul 2006 | A1 |
| 20070016954 | Choi | Jan 2007 | A1 |
| 20070136337 | Sah | Jun 2007 | A1 |
| 20070136443 | Sah | Jun 2007 | A1 |
| 20080127338 | Cho | May 2008 | A1 |
| 20080228911 | Mackey | Sep 2008 | A1 |
| 20080263566 | Buerge | Oct 2008 | A1 |
| 20080276183 | Siegrist | Nov 2008 | A1 |
| 20080313648 | Wang | Dec 2008 | A1 |
| 20090063613 | Chijiiwa | Mar 2009 | A1 |
| 20090070190 | Gorty | Mar 2009 | A1 |
| 20090187918 | Chen | Jul 2009 | A1 |
| 20090217158 | Bailey | Aug 2009 | A1 |
| 20090271806 | McDonald | Oct 2009 | A1 |
| 20090288012 | Hertel | Nov 2009 | A1 |
| 20100058293 | Dunagan | Mar 2010 | A1 |
| 20110030060 | Kejriwal | Feb 2011 | A1 |
| 20110154130 | Helander | Jun 2011 | A1 |
| 20110179472 | Ganesan | Jul 2011 | A1 |
| 20110225506 | Casalaina | Sep 2011 | A1 |
| 20110289546 | Pieczul | Nov 2011 | A1 |
| 20110289582 | Kejriwal | Nov 2011 | A1 |
| 20110302653 | Frantz | Dec 2011 | A1 |
| 20120030556 | Cohen | Feb 2012 | A1 |
| 20120089481 | Iozzia | Apr 2012 | A1 |
| 20120090030 | Rapaport | Apr 2012 | A1 |
| 20120204093 | Habarakada | Aug 2012 | A1 |
| 20120222117 | Wong | Aug 2012 | A1 |
| 20120246017 | Kleber | Sep 2012 | A1 |
| 20120266060 | Roberts | Oct 2012 | A1 |
| 20130031600 | Luna | Jan 2013 | A1 |
| 20130055289 | Maltese | Feb 2013 | A1 |
| 20130111560 | Arenas | May 2013 | A1 |
| 20130132833 | White | May 2013 | A1 |
| 20130173720 | Vasudev | Jul 2013 | A1 |
| 20130191880 | Conlan | Jul 2013 | A1 |
| 20140101136 | Mizuno | Apr 2014 | A1 |
| 20140109115 | Low | Apr 2014 | A1 |
| 20140129920 | Sheretov | May 2014 | A1 |
| 20140173730 | Bejerasco | Jun 2014 | A1 |
| 20140229821 | Abrahami | Aug 2014 | A1 |
| 20140258262 | Balz | Sep 2014 | A1 |
| 20140280515 | Wei | Sep 2014 | A1 |
| 20140281918 | Wei | Sep 2014 | A1 |
| 20140303934 | Mylarappa | Oct 2014 | A1 |
| 20150046789 | Wei | Feb 2015 | A1 |
| 20150067031 | Acharya | Mar 2015 | A1 |
| 20150088968 | Wei | Mar 2015 | A1 |
| 20150089354 | Abrahami | Mar 2015 | A1 |
| 20150135302 | Cohen | May 2015 | A1 |
| 20150156084 | Kaminsky | Jun 2015 | A1 |
| 20150172399 | Liu | Jun 2015 | A1 |
| 20150180875 | Kay | Jun 2015 | A1 |
| 20150193406 | Lemonik | Jul 2015 | A1 |
| 20150195311 | Lemonik | Jul 2015 | A1 |
| 20150199317 | Lemonik | Jul 2015 | A1 |
| 20150199318 | Lemonik | Jul 2015 | A1 |
| 20150256556 | Kaminsky | Sep 2015 | A1 |
| 20150339479 | Wang | Nov 2015 | A1 |
| 20160028742 | Johns | Jan 2016 | A1 |
| 20160028743 | Johns | Jan 2016 | A1 |
| 20160088015 | Sivan | Mar 2016 | A1 |
| 20160094575 | Shekyan | Mar 2016 | A1 |
| 20160124742 | Rangasamy | May 2016 | A1 |
| 20160179766 | Kim | Jun 2016 | A1 |
| 20160191554 | Kaminsky | Jun 2016 | A1 |
| 20160283460 | Weald | Sep 2016 | A1 |
| 20160323249 | Duncker | Nov 2016 | A1 |
| 20160350539 | Oberheide | Dec 2016 | A1 |
| 20170011010 | Eom | Jan 2017 | A1 |
| 20170053139 | Schenk | Feb 2017 | A1 |
| 20170063923 | Yang | Mar 2017 | A1 |
| 20170083486 | van der Horst | Mar 2017 | A1 |
| 20170118241 | Call | Apr 2017 | A1 |
| 20170126719 | Mason | May 2017 | A1 |
| 20170195353 | Taylor | Jul 2017 | A1 |
| 20170213032 | Zhang | Jul 2017 | A1 |
| 20170228263 | Seitz | Aug 2017 | A1 |
| 20170264712 | Magnusson, Jr. | Sep 2017 | A1 |
| 20170277625 | Shtuchkin | Sep 2017 | A1 |
| 20170315974 | Kong | Nov 2017 | A1 |
| 20170318045 | Johns | Nov 2017 | A1 |
| 20170344384 | Wadley | Nov 2017 | A1 |
| 20180007046 | Oberheide | Jan 2018 | A1 |
| 20180041567 | Kidambi | Feb 2018 | A1 |
| 20180041812 | Brown | Feb 2018 | A1 |
| 20180103055 | Keohane | Apr 2018 | A1 |
| 20180137544 | Thomas | May 2018 | A1 |
| 20180139180 | Napchi | May 2018 | A1 |
| 20180152410 | Jackson | May 2018 | A1 |
| 20180198807 | Johns | Jul 2018 | A1 |
| 20180288094 | Ahuja | Oct 2018 | A1 |
| 20180324064 | Tola | Nov 2018 | A1 |
| 20180349602 | Johns | Dec 2018 | A1 |
| 20180349891 | Putre | Dec 2018 | A1 |
| 20180351986 | Johns | Dec 2018 | A1 |
| 20180367572 | Frisbie | Dec 2018 | A1 |
| 20180373849 | Gidley | Dec 2018 | A1 |
| 20190012390 | Nishant | Jan 2019 | A1 |
| 20190020673 | Weinstein | Jan 2019 | A1 |
| 20190065616 | Brain | Feb 2019 | A1 |
| 20190065978 | Martine | Feb 2019 | A1 |
| 20190068723 | Drasin | Feb 2019 | A1 |
| 20190179884 | Wooldridge | Jun 2019 | A1 |
| 20190199699 | Smith | Jun 2019 | A1 |
| 20190213326 | Dykes | Jul 2019 | A1 |
| 20190220591 | Burriesci | Jul 2019 | A1 |
| 20190238598 | Mohamad Abdul | Aug 2019 | A1 |
| 20190273746 | Coffing | Sep 2019 | A1 |
| 20190303584 | Yang | Oct 2019 | A1 |
| 20190318122 | Hockey | Oct 2019 | A1 |
| 20190324881 | Buffone | Oct 2019 | A1 |
| 20190327324 | Buffone | Oct 2019 | A1 |
| 20190332760 | Liu | Oct 2019 | A1 |
| 20190332805 | Tola | Oct 2019 | A1 |
| 20190347689 | Bullock | Nov 2019 | A1 |
| 20200028848 | Gupta | Jan 2020 | A1 |
| 20200053111 | Jakobsson | Feb 2020 | A1 |
| 20200074084 | Dorrans | Mar 2020 | A1 |
| 20200076813 | Felice-Steele | Mar 2020 | A1 |
| 20200089597 | Kastyshyn | Mar 2020 | A1 |
| 20200097346 | Nguyen | Mar 2020 | A1 |
| 20200104488 | Li | Apr 2020 | A1 |
| 20200128020 | Abduljaber | Apr 2020 | A1 |
| 20200159960 | Jakobsson | May 2020 | A1 |
| 20200167446 | Azulay | May 2020 | A1 |
| 20200183761 | Roy | Jun 2020 | A1 |
| 20200236102 | Azulay | Jul 2020 | A1 |
| 20200250342 | Miller | Aug 2020 | A1 |
| 20200272670 | Vaishnavi | Aug 2020 | A1 |
| 20200275266 | Jakobsson | Aug 2020 | A1 |
| 20200301939 | Hollander | Sep 2020 | A1 |
| 20200301940 | Hollander | Sep 2020 | A1 |
| 20200326927 | Lopyrev | Oct 2020 | A1 |
| 20200356661 | Stoletny | Nov 2020 | A1 |
| 20200358818 | Stoletny | Nov 2020 | A1 |
| 20210342439 | Burriesci | Nov 2021 | A1 |
| Number | Date | Country | |
|---|---|---|---|
| 20210360080 A1 | Nov 2021 | US |
