Use of a biometric image for authorization
First Claim
Patent Images
1. A method for a first user to complete a purchase on an online store, the method comprising:
- receiving, from the online store over a network, by a secure processing system of an electronic device, an online account token associated with an account of the first user on the online store;
storing the online account token in a non-persistent memory of the secure processing system;
receiving, from the online store over the network, by the secure processing system of the electronic device, user identifier data associated with the first user;
storing the user identifier data in a persistent memory of the secure processing system;
prohibiting a processing device of the electronic device, wherein the processing device is outside the secure processing system, from accessing data stored in the non-persistent memory and data stored in the persistent memory;
prohibiting the online account token from being stored in the persistent memory;
determining, by the processing device of the electronic device, that the purchase requires authorization from a second user;
receiving, in response to a biometric authentication of the second user, authorization to complete the purchase on the online store;
in response to receiving the authorization to complete the purchase on the online store, countersigning, by a secure processing device of the secure processing system, the online account token with the user identifier data associated with the first user, wherein the countersigned online account token indicates the purchase on the online store is complete; and
transmitting the countersigned online account token to the online store.
0 Assignments
0 Petitions
Accused Products
Abstract
A second user can authorize a first user to take or complete an online action by submitting one or more biometric images. For example, the second user can authorize a purchase by the first user on an online store. The second user can submit the one or more biometric images on the electronic device being used by the first user, or the second user can submit the biometric image or images remotely using another electronic device.
-
Citations
26 Claims
-
1. A method for a first user to complete a purchase on an online store, the method comprising:
-
receiving, from the online store over a network, by a secure processing system of an electronic device, an online account token associated with an account of the first user on the online store; storing the online account token in a non-persistent memory of the secure processing system; receiving, from the online store over the network, by the secure processing system of the electronic device, user identifier data associated with the first user; storing the user identifier data in a persistent memory of the secure processing system; prohibiting a processing device of the electronic device, wherein the processing device is outside the secure processing system, from accessing data stored in the non-persistent memory and data stored in the persistent memory; prohibiting the online account token from being stored in the persistent memory; determining, by the processing device of the electronic device, that the purchase requires authorization from a second user; receiving, in response to a biometric authentication of the second user, authorization to complete the purchase on the online store; in response to receiving the authorization to complete the purchase on the online store, countersigning, by a secure processing device of the secure processing system, the online account token with the user identifier data associated with the first user, wherein the countersigned online account token indicates the purchase on the online store is complete; and transmitting the countersigned online account token to the online store. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system, comprising:
-
a processing device; and a secure processing system comprising a secure memory that is inaccessible to the processing device, the secure memory including a persistent memory and a non-persistent memory and configured to; receive, from an online store over a network, an online account token associated with an account of a first user on the online store; store the online account token only in the non-persistent memory, such that the online account token is inaccessible to the processing device and is automatically cleared when the non-persistent memory loses power; prohibit the online account token from being stored in the persistent memory; receive, from the online store over the network, user identifier data associated with the first user; and store the user identifier data in the persistent memory, wherein; the processing device is configured to determine if a purchase on the online store by the first user requires authorization of a second user; in response to the processing device determining that the purchase on the online store by the first user requires authorization of the second user, the secure processing system is configured to; receive, in response to a biometric authentication of the second user, authorization to complete the purchase on the online store by the first user; and in response to receiving the authorization, countersign the online account token with the user identifier data associated with the first user; and the countersigned online account token indicates the purchase on the online store is complete. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for a first user to complete a purchase on an online store, the method comprising:
-
receiving, from the online store over a network, by a first secure processing system of a first electronic device, an online account token associated with an account of the first user on the online store; storing the online account token in a non-persistent memory of the first secure processing system; receiving, from the online store over the network, by the first secure processing system of the first electronic device, user identifier data associated with the first user; storing the user identifier data in a persistent memory of the first secure processing system; prohibiting a first processing unit of the first electronic device, wherein the first processing unit is outside the first secure processing system, from accessing data stored in the non-persistent memory and data stored in the persistent memory; prohibiting the online account token from being stored in the persistent memory; receiving, at the first secure processing system, a first biometric image associated with the first user; determining, by the first secure processing system, that the first biometric image matches a reference biometric image stored in the persistent memory; determining, by the first processing unit of the first electronic device, that the purchase by the first user requires authorization from a second user; transmitting, by the first processing unit, a notification requesting the second user to authorize the purchase; receiving an authorization by the second user to complete the purchase in response to a second secure processing system of a second electronic device determining that a second biometric image associated with the second user captured based on the notification matches a second reference fingerprint; and in response to receiving the authorization to complete the purchase, countersigning, by the first secure processing system, the online account token with the user identifier data associated with the first user, wherein the countersigned online account token indicates the purchase on the online store is complete. - View Dependent Claims (24, 25, 26)
-
Specification