System and method for secure transaction process via mobile device
First Claim
Patent Images
1. An apparatus, comprising:
- a mobile device server (MDS) including a processor and associated with a memory, the MDS configured to;
be operably coupled to a provider server that communicates with a registered user device (RUD) on a first band during a time period, the RUD being registered with the MDS prior to the time period;
receive, from the provider server, a transaction authorization request including user identification and to authorize a user access from the RUD to a resource associated with the provider server;
based on the user identification, retrieve, from the memory, a registered user device identifier associated with the user identification and identifying the RUD;
generate a notification for the RUD including (1) a generated session identifier (SID) and (2) a prompt to connect to the MDS via a second band;
send, via a notification server, the notification to the RUD such that the RUD, in response to receiving the notification, sends to the MDS a response;
receive, from the RUD, the response including a received SID;
complete an out of band (OOB) supervision approval and authenticate the RUD by determining that the received SID matches the generated SID;
send, to the RUD and via the second band, an information query;
receive, in response to the information query and via the second band, information generated by the RUD;
complete the transaction authorization request based on (1) the completing the OOB supervision approval and the authenticating the RUD, and (2) verifying at least one factor based on the information generated by the RUD and predefined stored information; and
based on the completing the transaction authorization request, send, to the provider server, a signal representing an approval of the transaction authorization request to authorize access to the resource from the RUD.
11 Assignments
0 Petitions
Accused Products
Abstract
A system providing enhanced security for device based transactions, constituted of:
- a server associated with a network address; a first device associated with a user, the first device in communication with the server over a first communication channel responsive to an obtained server network address; a second device associated with the user arranged to obtain the server network address from the first device; and a mobile device server in communication with the second device over a second communication channel, the mobile device server in communication with the server via a third communication channel, the mobile device server arranged to: obtain the server network address from the second device over the second communication channel; obtain the server network address from a trusted source; and authorize to the server over third communication channel a transaction only in the event that the server network addresses are consonant.
-
Citations
28 Claims
-
1. An apparatus, comprising:
a mobile device server (MDS) including a processor and associated with a memory, the MDS configured to; be operably coupled to a provider server that communicates with a registered user device (RUD) on a first band during a time period, the RUD being registered with the MDS prior to the time period; receive, from the provider server, a transaction authorization request including user identification and to authorize a user access from the RUD to a resource associated with the provider server; based on the user identification, retrieve, from the memory, a registered user device identifier associated with the user identification and identifying the RUD; generate a notification for the RUD including (1) a generated session identifier (SID) and (2) a prompt to connect to the MDS via a second band; send, via a notification server, the notification to the RUD such that the RUD, in response to receiving the notification, sends to the MDS a response; receive, from the RUD, the response including a received SID; complete an out of band (OOB) supervision approval and authenticate the RUD by determining that the received SID matches the generated SID; send, to the RUD and via the second band, an information query; receive, in response to the information query and via the second band, information generated by the RUD; complete the transaction authorization request based on (1) the completing the OOB supervision approval and the authenticating the RUD, and (2) verifying at least one factor based on the information generated by the RUD and predefined stored information; and based on the completing the transaction authorization request, send, to the provider server, a signal representing an approval of the transaction authorization request to authorize access to the resource from the RUD. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. A method, comprising:
-
receiving, from a provider server and at a mobile device server (MDS) operatively coupled to the provider server that communicates with a registered user device (RUD) on a first band during a time period, a transaction authorization request (1) including user identification and (2) to authorize a user access from the RUD to a resource associated with the provider server, the RUD being registered with the MDS prior to the time period; based on the user identification, retrieving, at the MDS and from a memory associated with the MDS, a registered user device identifier associated with the user identification and identifying the RUD; generating, at the MDS, a notification for the RUD including (1) a generated session identifier (SID) and (2) a prompt to connect to the MDS via a second band; sending, from the MDS via a notification server, the notification to the RUD such that the RUD, in response to receiving the notification, sends to the MDS a response; receiving, at the MDS and from the RUD, the response including a received SID; completing, at the MDS, an out of band (OOB) supervision approval and authenticating the RUD by determining that the received SID matches the generated SID; sending, to the RUD and via the second band, an information query; receiving, in response to the information query and at the MDS via the second band, information generated by the RUD; completing, at the MDS, the transaction authorization request based on (1) the completing the OOB supervision approval and the authenticating the RUD, and (2) verifying at least one factor based on the information generated by the RUD and predefined stored information; and based on the completing the transaction authorization request, sending, from the MDS to the provider server, a signal representing an approval of the transaction authorization request to authorize access to the resource from the RUD. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification