Secure identity binding (SIB)

US 10,120,993 B2
Filed: 09/14/2015
Issued: 11/06/2018
Est. Priority Date: 05/29/2009
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, through a short range communication channel, an identifier from a tag associated with a device;

communicating the identifier from the tag to the device in response to the receiving;

responsive to the identifier from the tag matching an identifier stored in the device, receiving, from the device, a verification of the identifier from the tag; and

responsive to the identifier from the tag being different from the identifier stored in the device, receiving, from the device, a notification that the device is being placed in a hold state.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system includes a tag having a machine readable tag identifier (Tag ID) configured to be read by a reader; and a device to be identified by the tag, in which: the device is configured to communicate with the reader; the device has access to a secure Tag ID; and the device communicates a verification to the reader if the machine readable Tag ID communicated to the device from the reader matches the secure Tag ID. A method includes: reading a Tag ID from a tag attached to a device; communicating the Tag ID read from the tag to the device; comparing a secure Tag ID of the device to the Tag ID read from the tag; and responding with a “match” or “no-match” message from the device, according to which the device is either trusted or not trusted as being identified by the Tag ID. A method of verifying a trusted agent (TA) on a device includes: storing a digital signature of the TA in a secure vault of the device; and verifying the TA by verifying the digital signature of the TA each time the TA is used.

37 Citations

20 Claims

1. A method comprising:
- receiving, through a short range communication channel, an identifier from a tag associated with a device;
  
  communicating the identifier from the tag to the device in response to the receiving;
  
  responsive to the identifier from the tag matching an identifier stored in the device, receiving, from the device, a verification of the identifier from the tag; and
  
  responsive to the identifier from the tag being different from the identifier stored in the device, receiving, from the device, a notification that the device is being placed in a hold state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the device comprises a secure electronic storage, and wherein the identifier from the tag is a machine readable tag identifier which has been read and stored in the secure electronic storage of the device.
  - 3. The method of claim 1, wherein the identifier from the tag is a machine readable tag identifier which has been read and stored in a financial service provider (FSP) infrastructure, and wherein the method further comprises:
    - receiving, from the FSP, identification information for the device if the machine readable tag identifier communicated to the device matches the stored identifier.
  - 4. The method of claim 1, wherein the device comprises a secure electronic storage and a trusted agent (TA), wherein the TA is associated with a digital signature of the TA, and wherein the digital signature is stored in the secure electronic storage with a hash of a public key used to verify the digital signature.
  - 5. The method of claim 4, wherein a trusted entity includes the public key, wherein the trusted entity communicates the digital signature for the TA to the device, and wherein the digital signature of the TA is verifiable using the public key of the trusted entity.
  - 6. The method of claim 1, wherein the tag is incorporated into the device.
  - 7. The method of claim 6, wherein the tag comprises a physical component having a secure electronic storage, and wherein the secure electronic storage stores the identifier from the tag.
  - 8. The method of claim 6, wherein the tag comprises a digital tag, and wherein the digital tag is stored to a secure electronic storage in a memory of the device.
  - 9. The method of claim 1, wherein the verification is used for payment authentication of a payment using the device.

10. A mobile device system, comprising:
- a non-transitory memory storing an identifier; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform the steps of;
  
  receiving, through a short range communication channel, the identifier from a tag associated with a device;
  
  communicating the identifier from the tag to the device in response to the receiving;
  
  responsive to the identifier from the tag matching the identifier stored in the non-transitory memory, receiving, from the device, a verification of the identifier from the tag; and
  
  responsive to the identifier from the tag being different from the identifier stored in the non-transitory memory, receiving, from the device, a notification that the device is being placed in a hold state.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the device comprises a secure electronic storage, and wherein the identifier from the tag is a machine readable tag identifier which has been read and stored in the secure electronic storage of the device.
  - 12. The system of claim 10, wherein the identifier from the tag is a machine readable tag identifier which has been read and stored in a financial service provider (FSP) infrastructure, and wherein the one or more hardware processors are further configured to cause the system to perform the additional steps of:
    - receiving, from the FSP, identification information for the device if the machine readable tag identifier communicated to the device matches the stored identifier.
  - 13. The system of claim 10, wherein the device comprises a secure electronic storage and a trusted agent (TA), wherein the TA is associated with a digital signature of the TA, and wherein the digital signature is stored in the secure electronic storage with a hash of a public key used to verify the digital signature.
  - 14. The system of claim 13, wherein a trusted entity includes the public key, wherein the trusted entity communicates the digital signature for the TA to the device, and wherein the digital signature of the TA is verifiable using the public key of the trusted entity.
  - 15. The system of claim 10, wherein the tag is incorporated into the device.
  - 16. The system of claim 15, wherein the tag comprises a physical component having a secure electronic storage, and wherein the secure electronic storage stores the identifier from the tag.
  - 17. The system of claim 15, wherein the tag comprises a digital tag, and wherein the digital tag is stored to a secure electronic storage in a memory of the device.
  - 18. The system of claim 10, wherein the verification is used for payment authentication of a payment using the device.

19. A system comprising:
- a first device including;
  
  a communication application installed on the first device that accesses an identifier from a tag associated with a second device and stores a verification of the identifier from the tag associated with the second device, anda non-transitory memory comprising the identifier from the tag associated with the second device and the verification; and
  
  a communication interface, the communication interface configured to;
  
  receive, through a short range communication channel, the identifier from the tag associated with the second device;
  
  communicate the identifier from the tag to the second device in response to receiving the identifier from the tag;
  
  responsive to the identifier from the tag associated with the second device matching an identifier stored in a memory of the second device, receive, from the second device, the verification of the identifier from the tag associated with the second device; and
  
  responsive to the identifier from the tag associated with the second device being different from the identifier stored in the memory of the second device, receive, from the second device, a notification that the second device is being placed in a hold state.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the tag associated with the second device is incorporated in-into the second device, wherein the tag associated with the second device comprises a digital tag, and wherein the digital tag is stored to a secure electronic storage in a memory of the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Taveau, Sebastien, Nahari, Hadi
Primary Examiner(s)
Davis, Zachary A.

Application Number

US14/853,929
Publication Number

US 20160005039A1
Time in Patent Office

1,149 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/35   communicating wirelessly

G06Q 20/02   involving a neutral party, ...

G06Q 20/32   using wireless devices

G06Q 20/3552   Downloading or loading of p...

G06Q 20/382   insuring higher security of...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/405   Establishing or using trans...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3218   using proof of knowledge, e...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

Secure identity binding (SIB)

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure identity binding (SIB)

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links