System and method for device registration and authentication

US 10,027,485 B1
Filed: 02/04/2015
Issued: 07/17/2018
Est. Priority Date: 01/10/2012
Status: Active Grant

First Claim

Patent Images

1. A method for authentication, comprising:

a server comprising at least one computer processor receiving, from a mobile device and over a network, a first credential;

the server verifying the first credential;

in response to the verification of the first credential, transmitting, over the network and to the mobile device, a first key and a first value;

receiving, from the mobile device, the first value signed with a device key;

the server validating the first value signed with the device key; and

in response to the validation of the signed first key, the server authenticating the mobile device and a user associated with the mobile device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for device registration and authentication are disclosed. In one embodiment, a method for authentication of a device may include (1) receiving, at a mobile device, a first credential; (2) transmitting, over a network, the first credential to a server; (3) receiving, from the server, a first key and a first value, the first value comprising a receipt for the first credential; (4) receiving, at the mobile device, a data entry for a second credential; (5) generating, by a processor, a second key from the data entry; (6) retrieving, by the mobile device, a third credential using the first key and the second key; (7) signing, by the mobile device, the first value with the third credential; and (8) transmitting, over the network, the signed third value to the server.

Citations

13 Claims

1. A method for authentication, comprising:
- a server comprising at least one computer processor receiving, from a mobile device and over a network, a first credential;
  
  the server verifying the first credential;
  
  in response to the verification of the first credential, transmitting, over the network and to the mobile device, a first key and a first value;
  
  receiving, from the mobile device, the first value signed with a device key;
  
  the server validating the first value signed with the device key; and
  
  in response to the validation of the signed first key, the server authenticating the mobile device and a user associated with the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the first credential comprises a biometric.
  - 3. The method of claim 2, wherein the biometric is a voice biometric.
  - 4. The method of claim 1, wherein the first credential comprises at least one of a value, a device footprint, and a geographic location for the device.
  - 5. The method of claim 1, wherein the step of verifying the first credential comprises verifying a predetermined number of elements comprising the first credential.
  - 6. The method of claim 1, wherein the step of verifying the first credential comprises verifying all elements comprising the first credential.
  - 7. The method of claim 1, wherein the first credential is signed using the device key.
  - 8. The method of claim 1, further comprising:
    - transmitting a replacement device key to the mobile device.
  - 9. The method of claim 1, wherein the step of validating the signed first value comprises:
    - using a computer processor, applying a server key corresponding to a key used to sign the first value to validate the first value.
  - 10. The method of claim 1, wherein the first value comprises a receipt for the first credential.
  - 11. The method of claim 1, wherein the first value comprises a receipt for the first credential and at least one of a message digest for a transaction and a random number.
  - 12. The method claim 1, wherein the first value comprises a string to invalidate a transaction signature.
  - 13. The method of claim 1, wherein the mobile electronic device is a mobile electronic communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Original Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Inventors
Benson, Glenn, Re, Salvatore Richard
Primary Examiner(s)
LE, CHAU D

Application Number

US14/614,054
Time in Patent Office

1,259 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/047   using payment protocols inv...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/40145   Biometric identity checks

H04L 2209/80   Wireless

H04L 2463/062   applying encryption of the ...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 9/3226   using a predetermined code,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/77   Graphical identity

System and method for device registration and authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for device registration and authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links