Universal secure registry

US 10,636,023 B2
Filed: 07/27/2017
Issued: 04/28/2020
Est. Priority Date: 03/16/2001
Status: Expired due to Term

First Claim

Patent Images

1. An authentication system to authenticate a user involved in a transaction with a provider, the system comprising:

a communications interface configured to receive a time-varying code from the provider that was generated by an electronic device, wherein the time-varying code is generated by the electronic device responsive to successful verification of biometric information at the point of use of the electronic device, and wherein the time-varying code includes a time value representative of a time at which the time-varying code is generated; and

one or more processors configured to retrieve account information associated with a user of the electronic device, wherein the account information is retrieved in response to receiving the time-varying code, extracting the time value from the time-varying code, and mapping the time-varying code to the account information using the time value and the time-varying code, and to send the retrieved account information to a third party to enable or deny the transaction with the provider without providing the account information to the provider.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system and method of use thereof are provided to authenticate a user involved in a transaction. The system comprises a communications interface configured to receive a one-time code generated by an electronic device, wherein the one-time code is generated by an electronic device responsive to successful verification of biometric information at the point of use of the electronic device, and one or more processors configured to retrieve account information associated with a user of the electronic device, wherein the account information is retrieved in response to receiving the one-time code, and to use the retrieved account information to access account identifying information or identifying information associated with the user of the electronic device.

228 Citations

40 Claims

1. An authentication system to authenticate a user involved in a transaction with a provider, the system comprising:
- a communications interface configured to receive a time-varying code from the provider that was generated by an electronic device, wherein the time-varying code is generated by the electronic device responsive to successful verification of biometric information at the point of use of the electronic device, and wherein the time-varying code includes a time value representative of a time at which the time-varying code is generated; and
  
  one or more processors configured to retrieve account information associated with a user of the electronic device, wherein the account information is retrieved in response to receiving the time-varying code, extracting the time value from the time-varying code, and mapping the time-varying code to the account information using the time value and the time-varying code, and to send the retrieved account information to a third party to enable or deny the transaction with the provider without providing the account information to the provider.
- View Dependent Claims (2, 3, 4, 5, 6, 28, 29, 30, 31, 32)
- - 2. The system of claim 1 wherein the transaction is a purchase transaction and the account information is credit or bank card information.
  - 3. The system of claim 1 wherein the time-varying code is encrypted and the one or more processors are configured to decrypt the time-varying code after the time-varying code is received by the communications interface.
  - 4. The system of claim 1 wherein the time-varying code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is received by the third party to enable or deny the transaction, which is a credit or bank card issuer.
  - 5. The system of claim 1 further comprising a database including secure data for a plurality of users, wherein the one or more processors are configured to determine access privileges to at least a portion of the secure data based on the received time-varying code.
  - 6. The system of claim 1 wherein the biometric information comprises fingerprint information, voice print information, signature information, iris information, facial scan information, or DNA information.
  - 28. The system of claim 1, wherein the one or more processors are configured to retrieve the account information during a transaction process executed subsequent to a training process, and wherein during the training process the one or more processors are configured to receive access restriction information indicating one or more entities that are allowed to access the account information of the user.
  - 29. The system of claim 28, wherein the one or more processors are further configured to determine, during the transaction process, compliance with the access restriction information for an entity transacting with the user indicated by the time-varying code.
  - 30. The system of claim 1, wherein the one or more processors are configured to receive the time-varying code without sending communications to the electronic device.
  - 31. The system of claim 1, wherein the one or more processors are further configured to provide, to the electronic device, a validation code identifying the one or more processors to enable an identity of the one or more processors to be authenticated to the electronic device.
  - 32. The system of claim 1, wherein the one or more processors are configured to retrieve the account information during a transaction process executed subsequent to a training process during which the one or more processors are configured to receive a user specification of the account information, and wherein the one or more processors are configured to access the account information during the transaction process to enable the transaction on behalf of the user.

7. A method for authenticating a user involved in a transaction with a provider using a computer system, the method comprising:
- receiving a one-time code from the provider that was generated by an electronic device, wherein the one-time code is generated by the electronic device responsive to successful verification of biometric information at a point of use of the electronic device, and wherein the one-time code is received without communicating with the electronic device;
  
  accessing account identifying information or user identifying information associated with the user of the electronic device in response to;
  
  receiving the one-time code;
  
  mapping the one-time code to the account identifying information or the user identifying information using the one-time code; and
  
  executing a restriction mechanism to determine compliance with any access restrictions for a party transacting with the user based on an identity of the party transacting with the user, andsending the accessed account identifying information or user identifying information to a third party to enable or deny the transaction with the provider without providing the accessed account identifying information or user identifying information to the provider.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 33, 34, 35)
- - 8. The method of claim 7 wherein the one-time code comprises a code associated with credit or bank card information of the user.
  - 9. The method of claim 8 wherein the code associated with credit or bank card information does not contain the credit or bank card information.
  - 10. The method of claim 7 wherein the one-time code is selected from the group consisting of a one-time nonpredictable code, a time variant code, and a transaction-specific code, and the method further comprising decrypting the received one-time code.
  - 11. The method of claim 7 wherein the one-time code is associated with a public identification code for a credit or bank card account, and the method further comprising receiving the public identification code for the credit or bank card account by a credit or bank card issuer to enable the transaction.
  - 12. The method of claim 7 further comprising storing secure data for a plurality of users, and determining access privileges to at least a portion of the secure data based on the received one-time code.
  - 13. The method of claim 7 wherein the biometric information comprises fingerprint information, voice print information, signature information, iris information, facial scan information, or DNA information.
  - 33. The method of claim 7, wherein receiving the one-time code is performed during a transaction process executed subsequent to a training process, and wherein the training process includes receiving and storing the account identifying information or the user identifying.
  - 34. The method of claim 7, wherein the one-time code includes a time value representative of a time at which the one-time code is generated.
  - 35. The method of claim 34, further comprising:
    - extracting the time value from the one-time code; and
      
      mapping the one-time code to the account identifying information or the user identifying information using the time value and the one-time code.

14. A computer readable medium or media containing instructions for authenticating a user involved in a transaction with a provider, wherein execution of the instructions by one or more processors of a computer system causes the one or more processors to carry out the steps of:
- receiving a time-varying code from the provider that was generated by an electronic device, wherein the time-varying code is generated by the electronic device responsive to successful verification of biometric information at a point of use of the electronic device;
  
  accessing account identifying information or user identifying information associated with the user of the electronic device in response to;
  
  receiving the time-varying code without communicating with the electronic device;
  
  extracting the time value from the time-varying code;
  
  mapping the time-varying code to the account identifying information or the user identifying information using the time value and the time-varying code; and
  
  executing a restriction mechanism to determine compliance with any access restrictions for a party transacting with the user based on an identity of the party transacting with the user; and
  
  sending the accessed account identifying information or user identifying information to a third party to enable or deny the transaction with the provider without providing the accessed account identifying information or user identifying information to the provider.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 36, 37, 38, 39)
- - 15. The computer readable medium or media of claim 14, wherein the time-varying code comprises a code associated with credit or bank card information of the user.
  - 16. The computer readable medium or media of claim 15, wherein the code associated with credit or bank card information does not contain the credit or bank card information.
  - 17. The computer readable medium or media of claim 14, wherein the time-varying code is selected from the group consisting of a one-time nonpredictable code, a time variant code, and a transaction-specific code, and wherein execution of the instructions by the one or more processors of the computer system causes the one or more processors to carry out the step of decrypting the received time-varying code.
  - 18. The computer readable medium or media of claim 14, wherein the time-varying code is associated with a public identification code for a credit or bank card account, and wherein execution of the instructions by the one or more processors of the computer system causes the one or more processors to carry out the step of receiving the public identification code for the credit or bank card account by a credit or bank card issuer to enable the transaction.
  - 19. The computer readable medium or media of claim 14, wherein execution of the instructions by the one or more processors of the computer system causes the one or more processors to carry out the step of:
    - storing secure data for a plurality of users and determining access privileges to at least a portion of the secure data based on the received time-varying code.
  - 20. The computer readable medium or media of claim 14, wherein the biometric information comprises fingerprint information, voice print information, signature information, iris information, facial scan information, or DNA information.
  - 36. The computer readable medium of claim 14, wherein executing the restriction mechanism further enables the computer system to allow the transaction based on the determined compliance with any access restrictions.
  - 37. The computer readable medium of claim 14, wherein receiving the time-varying code is executed during a transaction process subsequent to a training process during which the account identifying information or the user identifying information is received and stored at a database associated with the computer system.
  - 38. The computer readable medium of claim 14, wherein the instructions further cause the one or more processors to carry out the steps of providing, to the electronic device, a validation code identifying the computer system to enable the electronic device to authenticate an identity of the computer system based on the validation code.
  - 39. The computer readable medium of claim 14, wherein the time-varying code includes a time value representative of a time at which the time-varying code is generated.

21. A method for enabling a transaction involving a first party and a user, the method comprising:
- receiving authentication information of the user, wherein the authentication information comprises one or more of (a) biometric information and (b) a PIN or code;
  
  authenticating an identity of the user based on the received authentication information;
  
  generating a one-time code in response to authenticating the user, wherein at least a portion of the one-time code is used to access account identifying information or user identifying information, and wherein the one-time code includes a time value representative of when the one-time code is generated;
  
  communicating a signal comprising the one-time code to the first party in order to enable a transaction on behalf of the user;
  
  receiving, at the first party, the one-time code; and
  
  accessing the account identifying information or the user identifying information in response to;
  
  receiving the one-time code;
  
  extracting the time value from the one-time code;
  
  mapping the one-time code to the account identifying information or the user identifying information using the time value and the one-time code; and
  
  executing a restriction mechanism to determine compliance with any access restrictions for the first party based on an identity of the first party.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 40)
- - 22. The method of claim 21 wherein communicating the signal comprising the one-time code to the first party comprises communicating a signal comprising the one-time code to a merchant or a credit card company.
  - 23. The method of claim 21 wherein generating the one-time code comprises generating a code that is associated with credit or bank card information of the user.
  - 24. The method of claim 23 wherein generating the code associated with credit or bank card information comprises generating a code that does not contain the credit or bank card information.
  - 25. The method of claim 21 wherein generating the one-time code comprises generating a one-time code selected from the group consisting of a one-time nonpredictable code, a time variant code, and a transaction-specific code, and the method further comprising encrypting the one-time code before communicating the signal to the first party.
  - 26. The method of claim 21 wherein generating the one-time code comprises generating a one-time code associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
  - 27. The method of claim 21 further comprising receiving fingerprint information, voice print information, signature information, iris information, facial scan information, or DNA information from a biometric sensor and authenticating the identity of the user based on the received information from the biometric sensor and the PIN or code.
  - 40. The method of claim 21, further comprising:
    - receiving the one-time code during a transaction process executed subsequent to a training process; and
      
      receiving at least one indication of the access restrictions during the training process.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Universal Secure Registry LLC
Original Assignee
Universal Secure Registry LLC
Inventors
Weiss, Kenneth P.
Primary Examiner(s)
Crawley, Talia F

Application Number

US15/661,482
Publication Number

US 20170337538A1
Time in Patent Office

1,006 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 20/204   comprising interface for re...

G06Q 20/34   using cards, e.g. integrate...

G06Q 20/382   insuring higher security of...

G06Q 20/3829   involving key management

G06Q 20/383   Anonymous user system

G06Q 20/40145   Biometric identity checks

G06Q 20/409   Device specific authenticat...

G06Q 2220/00   Business processing using c...

H04L 2463/102   applying security measure f...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

Y10S 707/99931   Database or file accessing

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99939   Privileged access

Universal secure registry

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

228 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Universal secure registry

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

228 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links