Two device authentication
First Claim
1. A method of performing on-line transactions, comprising:
- generating, by a processor of a payment provider, a transaction identifier (ID) based on information received from a first user device for a transaction that is initiated by a user without the user entering authentication information of the user, the authentication information including a password, wherein the transaction ID is generated without the authentication information of the user;
transmitting the transaction ID to the first user device;
receiving the transaction ID from a second user device that is electronically coupled to the first user device via one of the following protocols;
Bluetooth, Radio Frequency (RF), Infrared (IR), microwave, Near Field Communication (NFC), RF identification (RFID), or Ultra Wideband, wherein the transaction ID is automatically communicated electronically from the first user device to the second user device, in response to an electronic discovery or electronic pairing process between the first user device and the second user device;
receiving, from the second user device, user identification information that identifies an account of the user with the payment provider;
after the receiving of the transaction ID and the user identification information, initially authenticating, by the processor of the payment provider and without manually-entered user authentication information, the user for the transaction, wherein the initially authenticating comprises;
locating the account of the user by matching the received user identification information with stored user identification information of a plurality of users;
locating the transaction based on the received transaction ID; and
granting, to the first user device or the second user device, access to the account of the user in response to the locating of the account of the user and the locating of the transaction; and
processing the transaction in response to the initially authenticating.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a transaction is authenticated by a payment provider, as opposed to a merchant, using two user devices without the user having to enter information, such as an email or password. When the user is ready to make a purchase from a merchant site, a unique transaction ID is created by the payment provider. That transaction ID, along with data about the transaction, such as specific items and cost, is automatically sent to the payment provider through a second device linked to the purchasing device. The payment provider compares the identifier from the sending device, such as the phone number, and the transaction ID with information stored in its database. If there is a match, the transaction/user may be approved or authenticated.
33 Citations
18 Claims
-
1. A method of performing on-line transactions, comprising:
-
generating, by a processor of a payment provider, a transaction identifier (ID) based on information received from a first user device for a transaction that is initiated by a user without the user entering authentication information of the user, the authentication information including a password, wherein the transaction ID is generated without the authentication information of the user; transmitting the transaction ID to the first user device; receiving the transaction ID from a second user device that is electronically coupled to the first user device via one of the following protocols;
Bluetooth, Radio Frequency (RF), Infrared (IR), microwave, Near Field Communication (NFC), RF identification (RFID), or Ultra Wideband, wherein the transaction ID is automatically communicated electronically from the first user device to the second user device, in response to an electronic discovery or electronic pairing process between the first user device and the second user device;receiving, from the second user device, user identification information that identifies an account of the user with the payment provider; after the receiving of the transaction ID and the user identification information, initially authenticating, by the processor of the payment provider and without manually-entered user authentication information, the user for the transaction, wherein the initially authenticating comprises; locating the account of the user by matching the received user identification information with stored user identification information of a plurality of users; locating the transaction based on the received transaction ID; and granting, to the first user device or the second user device, access to the account of the user in response to the locating of the account of the user and the locating of the transaction; and processing the transaction in response to the initially authenticating. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
-
generating a transaction identifier (ID) based on information received from a first user device for a transaction that is initiated by a user without the user entering authentication information of the user, the authentication information including a password, wherein the transaction ID is generated without the authentication information of the user; transmitting the transaction ID to the first user device; receiving the transaction ID from a second user device that is electronically coupled to the first user device via one of the following protocols;
Bluetooth, Radio Frequency (RF), Infrared (IR), microwave, Near Field Communication (NFC), RF identification (RFID), or Ultra Wideband, wherein the transaction ID is automatically communicated electronically from the first user device to the second user device, in response to an electronic discovery or electronic pairing process between the first user device and the second user device;receiving, from the second user device, user identification information that identifies an account of the user with a payment provider; performing, after the transaction ID and the user identification information have been received, an initial authentication of the user for the transaction without manually-entered user authentication information, wherein the performing the initial authentication comprises; locating the account of the user by matching the received user identification information with stored user identification information of a plurality of users; locating the transaction based on the received transaction ID; and granting, to the first user device or the second user device, access to the account of the user in response to the locating of the account of the user and the locating of the transaction; and processing the transaction in response to the initial authentication. - View Dependent Claims (10, 11, 12, 13)
-
-
14. An on-line payment processing system comprising:
-
a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the on-line payment processing system to perform operations comprising; generating a transaction identifier (ID) based on information received from a first user device for a transaction that is initiated by a user without the user entering personal information or authentication information of the user, the authentication information including a password, wherein the transaction ID is generated without the personal information or authentication information of the user; transmitting the transaction ID to the first user device; receiving the transaction ID from a second user device that is electronically coupled to the first user device via one of the following protocols;
Bluetooth, Radio Frequency (RF), Infrared (IR), microwave, Near Field Communication (NFC), RF identification (RFID), or Ultra Wideband, wherein the transaction ID is automatically communicated electronically from the first user device to the second user device, in response to an electronic discovery or electronic pairing process between the first user device and the second user device;receiving, from the second user device, user identification information that identifies an account of the user with the on-line payment processing system; after the transaction ID and the user identification information have been received, initially authenticating the user without manually-entered user authentication information, wherein the initially authenticating comprises; locating the account of the user by matching the received user identification information with stored user identification information of a plurality of users; locating the transaction based on the received transaction ID; and granting, to the first user device or the second user device, access to the account of the user in response to the locating of the account of the user and the locating of the transaction; and processing the transaction in response to the initially authenticating. - View Dependent Claims (15, 16, 17, 18)
-
Specification