Method and apparatus for making a decision on a card

US 10,437,980 B2
Filed: 09/06/2017
Issued: 10/08/2019
Est. Priority Date: 08/09/2006
Status: Active Grant

First Claim

Patent Images

1. A method of controlling physical access to a secure asset, comprising:

conducting a substantially real-time transaction with a mobile device comprising the steps of;

obtaining, with the mobile device, a unique identifier that uniquely identifies a locking mechanism and a reader coupled to a physical access point to the secure asset, the locking mechanism configured to transition between a locked state and an unlocked state, the reader configured to actuate a state transition of the locking mechanism, wherein the unique identifier is obtained absent communication between the mobile device and the reader;

in response to obtaining the unique identifier, executing, with the mobile device, an access control decision with respect to the secure asset based on the unique identifier and credential information stored in secure memory of the mobile device; and

in response to determining that access to the secure asset is granted, transmitting, with the mobile device, a control signal to the reader to transition the locking mechanism from the locked state to the unlocked state.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network.

134 Citations

19 Claims

1. A method of controlling physical access to a secure asset, comprising:
- conducting a substantially real-time transaction with a mobile device comprising the steps of;
  
  obtaining, with the mobile device, a unique identifier that uniquely identifies a locking mechanism and a reader coupled to a physical access point to the secure asset, the locking mechanism configured to transition between a locked state and an unlocked state, the reader configured to actuate a state transition of the locking mechanism, wherein the unique identifier is obtained absent communication between the mobile device and the reader;
  
  in response to obtaining the unique identifier, executing, with the mobile device, an access control decision with respect to the secure asset based on the unique identifier and credential information stored in secure memory of the mobile device; and
  
  in response to determining that access to the secure asset is granted, transmitting, with the mobile device, a control signal to the reader to transition the locking mechanism from the locked state to the unlocked state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein obtaining the unique identifier comprises extracting the unique identifier using optical communication protocols.
  - 3. The method of claim 1, wherein executing an access control decision comprises performing an algorithm with a processor of the mobile device based on an access decision application stored in secure memory of the mobile device.
  - 4. The method of claim 1, wherein executing an access control decision comprises comparing the obtained unique identifier to a set of identifiers stored on the mobile device.
  - 5. The method of claim 1, wherein executing an access control decision comprises receiving a positioning satellite signal, determining a location of the mobile device based on the positioning signal, and identifying the reader based on the determined location.
  - 6. The method of claim 1, wherein executing an access control decision comprises obtaining biometric information from a user of the mobile device and comparing the obtained biometric information to biometric information stored on the mobile device.
  - 7. The method of claim 1, wherein the mobile device comprises a mobile phone or a portable computer.
  - 8. The method of claim 1, wherein the reader comprises a non-networked, stand-alone reader.

9. A mobile device configured to conduct a substantially real-time transaction to gain access to a secure asset through a physical access point coupled to a locking mechanism and a reader, the locking mechanism configured to transition between a locked state and an unlocked state, the reader configured to actuate a state transition of the locking mechanism, the mobile device comprising:
- one or more processors configured to;
  
  instruct a communications interface of the mobile device to obtain, absent communication with the reader, a unique identifier that uniquely identifies the reader;
  
  in response to obtaining the unique identifier, execute, with the mobile device, an access control decision with respect to the secure asset based on the unique identifier and credential information stored in secure memory of the mobile device; and
  
  in response to determining that access to the secure asset is granted, instruct the communications interface to transmit a control signal to the reader to transition the locking mechanism from the locked state to the unlocked state.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The mobile device of claim 9, wherein the communications interface is configured to obtain the unique identifier by extracting the unique identifier using optical communication protocols.
  - 11. The mobile device of claim 9, wherein the one or more processors are configured to execute an access control decision by performing an algorithm based on an access decision application stored in secure memory of the mobile device.
  - 12. The mobile device of claim 9, wherein the one or more processors are configured to execute an access control decision by comparing the obtained unique identifier to a set of identifiers stored on the mobile device.
  - 13. The mobile device of claim 9, wherein the one or more processors are configured to execute an access control decision by receiving a positioning satellite signal, determining a location of the mobile device based on the positioning signal, and identifying the reader based on the determined location.
  - 14. The mobile device of claim 9, wherein the one or more processors are configured to execute an access control decision by obtaining biometric information from a user of the mobile device and comparing the obtained biometric information to biometric information stored on the mobile device.
  - 15. The mobile device of claim 9, wherein the mobile device comprises a mobile phone or a portable computer.

16. A mobile phone configured to conduct a substantially real-time transaction to gain access to a secure asset through a physical access point coupled to a locking mechanism and a reader, the locking mechanism configured to transition between a locked state and an unlocked state, the reader configured to actuate a state transition of the locking mechanism, the mobile phone comprising:
- one or more processors configured to;
  
  instruct a communications interface of the mobile phone to obtain, absent communication with the reader and via optical communication protocols, a unique identifier that uniquely identifies the reader;
  
  in response to obtaining the unique identifier, execute, with the mobile phone, an access control decision with respect to the secure asset based on the unique identifier and credential information stored in secure memory of the mobile phone, the access control decision comprising an algorithm defined by an access decision application stored in secure memory of the mobile phone; and
  
  in response to determining that access to the secure asset is granted, instruct the communications interface to transmit an RF control signal to the reader to transition the locking mechanism from the locked state to the unlocked state.
- View Dependent Claims (17, 18, 19)
- - 17. The mobile phone of claim 16, wherein the algorithm defined by the access decision application comprises comparing the obtained unique identifier to a set of identifiers stored on the mobile phone.
  - 18. The mobile phone of claim 16, wherein the algorithm defined by the access decision application comprises receiving a positioning satellite signal, determining a location of the mobile phone based on the positioning signal, and identifying the reader based on the determined location.
  - 19. The mobile phone of claim 16, wherein the algorithm defined by the access decision application comprises obtaining biometric information from a user of the mobile phone and comparing the obtained biometric information to biometric information stored on the mobile phone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Davis, Masha Leah, Wamsley, Robert, Hulusi, Tam
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US15/696,705
Publication Number

US 20180101671A1
Time in Patent Office

762 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G07C 2209/08   With time considerations, e...

G07C 9/23   by means of a password

G07C 9/257   electronically G07C9/26 tak...

G07C 9/29   the pass containing active ...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

Method and apparatus for making a decision on a card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

134 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for making a decision on a card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

134 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links