Internet business security system

US 20080289022A1
Filed: 05/14/2008
Published: 11/20/2008
Est. Priority Date: 05/14/2007
Status: Abandoned Application

First Claim

Patent Images

1. An Internet business security system, wherein the business security system couples with a certificate issuer, the system comprises:

a reading apparatus for reading a smart card and generating a one-time password, wherein the smart card is issued by the certificate issuer to a user based on a user data of the user;

a front process apparatus for transmitting an await check data for proving the one-time password and receiving a process data for the one-time password, and when the one-time password is correct, a service is provided to the user, wherein the await check data cannot link to the user data, or the await check data is not the data necessary to verify the one-time password; and

a rear process apparatus coupling with the front process apparatus to receive the await check data, wherein the rear process apparatus comprises;

a pre-proof module to process the await check data to generate a necessary data for verifying the one-time password; and

an authorization module authorized by the certificate issuer to determine whether or not the one-time password is correct.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An Internet business security system is disclosed. The business security system couples with a certificate issuer. The certificate issuer issues a smart card to a user. The system includes a reading apparatus for reading the smart card and generating a one-time password based on a PIN number of the user, a front process apparatus to receive the one-time password and providing service to the user when the one-time password is correct, and a rear process apparatus coupling with the front process apparatus. The rear process apparatus includes a pre-proof module to process the matter of proving the identification of the user and an authorization module to determine whether or not the one-time password is correct and then to authorize the user private data stored in the certificate issuer to a web site when the one-time password is correct.

Citations

16 Claims

1. An Internet business security system, wherein the business security system couples with a certificate issuer, the system comprises:
- a reading apparatus for reading a smart card and generating a one-time password, wherein the smart card is issued by the certificate issuer to a user based on a user data of the user;
  
  a front process apparatus for transmitting an await check data for proving the one-time password and receiving a process data for the one-time password, and when the one-time password is correct, a service is provided to the user, wherein the await check data cannot link to the user data, or the await check data is not the data necessary to verify the one-time password; and
  
  a rear process apparatus coupling with the front process apparatus to receive the await check data, wherein the rear process apparatus comprises;
  
  a pre-proof module to process the await check data to generate a necessary data for verifying the one-time password; and
  
  an authorization module authorized by the certificate issuer to determine whether or not the one-time password is correct.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the smart card is a payment certification.
  - 3. The system of claim 1, wherein the authorization module further comprises:
    - an identification proof module to determine whether or not the one-time password is correct and to requires the certificate issuer or a party authorized by the certificate issuer to authorize the use of the user data when the one-time password is correct;
      
      ora trade proof module to determine whether or not the one-time password is correct and to require the certificate issuer or a party authorized by the certificate issuer to authorize to perform a trade process based on the user data when the one-time password is correct;
      
      ora payment proof module to determine whether or not the one-time password is correct and to require the certificate issuer or a party authorized by the certificate issuer to authorize to perform a payment process based on the user data when the one-time password is correct.
  - 4. The system of claim 1, wherein the front apparatus further comprises:
    - a login server to process a login of using the one-time password and to transmit the await check data for proving the one-time password to the rear process apparatus;
      
      ora process server to provide a service.
  - 5. The system of claim 1, wherein the rear process apparatus further comprises:
    - an account database for storing a data of login, trading or payment;
      
      ora member database for storing a data of member.
  - 6. The system of claim 1, wherein the rear process apparatus further comprises a message process module to communicate messages between the front process apparatus and the rear process apparatus.

7. An Internet business security system, wherein the business security system couples with a certificate issuer, the system comprises:
- a reading apparatus for reading a smart card and generating a one-time password, wherein the smart card is issued by the certificate issuer to a user based on a user data of the user;
  
  a front process apparatus for transmitting an await check data for proving the one-time password and receiving a process data for the one-time password, and when the one-time password is correct, a service is provided to the user, wherein the await check data cannot link to the user data, or the await check data is not the data necessary to verify the one-time password; and
  
  a rear process apparatus coupling with the front process apparatus to receive the await check data, wherein the rear process apparatus comprises;
  
  a pre-proof module to generate a necessary data for verifying the one-time password; and
  
  at least one authorization gateway to transmit the necessary data to the certificate issuer or a party authorized by the certificate issuer to determine whether or not the one-time password is correct, and when the one-time password is correct, the authorization gateway requires the certificate issuer or the party authorized by the certificate issuer to authorize the use of the user data stored in the certificate issuer, or to authorize to perform a trade process based on the user data, or to authorize to perform a payment process based on the user data.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The system of claim 7, wherein the smart card is a payment certification.
  - 9. The system of claim 7, wherein the front apparatus further comprises:
    - a login server to process a login of using the one-time password and to transmit the await check data for proving the one-time password to the rear process apparatus;
      
      ora process server to provide a service.
  - 10. The system of claim 7, wherein the rear process apparatus further comprises:
    - an account database for storing a data of login, trading or payment;
      
      ora member database for storing a data of member.
  - 11. The system of claim 7, wherein the rear process apparatus further comprises a message process module to communicate messages between the front process apparatus and the rear process apparatus.

12. An Internet business security system, the system comprises:
- a certificate issuer to issue a smart card to a user based on a user data of the user;
  
  a reading apparatus for reading the smart card and generating a one-time password;
  
  a web-site for transmitting an await check data for proving the one-time password and receiving a process data for the one-time password, and when the one-time password is correct, a service is provided to the user, wherein the await check data cannot link to the user data, or the await check data is not the data necessary to verify the one-time password;
  
  a pre-proof module coupling with the web-site to process the await check data to generate a necessary data for verifying the one-time password; and
  
  at least one authorization module coupling with the certificate issuer or a party authorized by the certificate issuer to determine whether or not the one-time password is correct.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, wherein the smart card is a payment certification.
  - 14. The system of claim 12, wherein the authorization module further comprises:
    - an identification proof module to determine whether or not the one-time password is correct and to require the certificate issuer or a party authorized by the certificate issuer to authorize the use of the user data when the one-time password is correct;
      
      ora trade proof module to determine whether or not the one-time password is correct and to require the certificate issuer or a party authorized by the certificate issuer to authorize to perform a trade process based on the user data when the one-time password is correct;
      
      ora payment proof module to determine whether or not the one-time password is correct and to require the certificate issuer or a party authorized by the certificate issuer to authorize to perform a payment process based on the user data when the one-time password is correct.

15. An Internet business security system, the system comprises:
- a certificate issuer to issue a smart card to a user based on a user data of the user;
  
  a reading apparatus for reading the smart card and generating a one-time password;
  
  a web-site for transmitting an await check data for proving the one-time password and receiving a process data for the one-time password, and when the one-time password is correct, a service is provided to the user, wherein the await check data cannot link to the user data, or the await check data is not the data necessary to verify the one-time password;
  
  a pre-proof module coupling with the web-site to process the await check data to generate a necessary data for verifying the one-time password; and
  
  at least one authorization gateway coupling with the certificate issuer or a party authorized by the certificate issuer to transmit the necessary data to the certificate issuer or a party authorized by the certificate issuer to determine whether or not the one-time password is correct, and when the one-time password is correct, the authorization gateway requires the certificate issuer or the party authorized by the certificate issuer to authorize the use of the user data stored in the certificate issuer, or to authorize to perform a trade process based on the user data, or to authorize to perform a payment process based on the user data.
- View Dependent Claims (16)
- - 16. The system of claim 15, wherein the smart card is a payment certification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yeong-How Chiu
Original Assignee
Yeong-How Chiu
Inventors
CHIU, Yeong-How

Application Number

US12/153,143
Publication Number

US 20080289022A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/385   using an alias or single-us...

G06Q 20/40975   using encryption therefor

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

Internet business security system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Internet business security system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links