Multi-factor authentication and certification system for electronic transactions

US 20090172402A1
Filed: 12/30/2008
Published: 07/02/2009
Est. Priority Date: 12/31/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for secure transmission of information, comprising:

composing, at a sender device, a message;

automatically generating a one-time passcode to be included in the message before sending, wherein the one-time passcode is generated from an embedded algorithm utilizing one or more features unique to the sender device;

sending, from the sender device to a receiver device, the message including the one-time passcode for securely authenticating the sender identity; and

receiving, from the receiver device, a confirmation of the message.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides computer-enable certification and authentication in, for example, e-commerce with wireless and mobile devices. The present authentication method offers ease of operation by automatically embedding a one-time passcode to the message without the sender input. A one-time key can also be used to encrypt the message, further providing transmission security. In addition, sensitive information and one-time passcode generator are pre-arranged and stored at both sender and receiver devices, avoiding information comprising in wireless environment transmission.

135 Citations

65 Claims

1. A method for secure transmission of information, comprising:
- composing, at a sender device, a message;
  
  automatically generating a one-time passcode to be included in the message before sending, wherein the one-time passcode is generated from an embedded algorithm utilizing one or more features unique to the sender device;
  
  sending, from the sender device to a receiver device, the message including the one-time passcode for securely authenticating the sender identity; and
  
  receiving, from the receiver device, a confirmation of the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method as in claim 1 wherein the one-time passcode is automatically generated and included in the message without requiring a sender input.
  - 3. A method as in claim 1 further comprisingidentifying, at the sender device, a sender identification before composing the transaction request.
  - 4. A method as in claim 1 further comprisingidentifying, at the sender device, a sender identification at the sending of the transaction request.
  - 5. A method as in claim 1 wherein the sender identification comprises the phone number of the sender device.
  - 6. A method as in claim 1 wherein the sender device comprises one of a mobile device, a cell phone, a personal device assistance (PDA), a pocket PC, a laptop, and a smart phone.
  - 7. A method as in claim 1 wherein the receiver device comprises one of a mobile device, a cell phone, a personal device assistance (PDA), a pocket PC, a laptop, a smart phone, a computer, and a server.
  - 8. A method as in claim 1 wherein the features unique to the sender device comprise at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device, the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 9. A method as in claim 1 wherein the algorithm further utilizes one or more features unique to the sender, the features comprising at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.
  - 10. A method as in claim 1 further comprisingentering, at the sender device, a password, before composing the transaction request.
  - 11. A method as in claim 1 wherein the password comprises a biometric password comprising one of a retina scan, a fingerprint, and a picture of the sender.
  - 12. A method as in claim 1 further comprisingentering, at the sender device, a password, before generating the one-time passcode.
  - 13. A method as in claim 1 wherein the password comprises a biometric password comprising one of a retina scan, a fingerprint, and a picture of the sender.
  - 14. A method as in claim 1 wherein the transaction comprises at least one of a remote payment, a mobile payment, an online payment, a contact-less payment, a contact-less transaction, a mobile commerce, an e-banking transaction, a mobile banking transaction, a mobile e-banking transaction, a mobile signature, a remote signature, an online stock trading transaction, a mobile stock trading transaction, a mobile phone authentication, a mobile betting, a mobile gambling, a mobile ticketing, a mobile wallet, a mobile financial transaction and a certified text message.
  - 15. A method as in claim 1 wherein the message is encrypted with a one-time encryption key.
  - 16. A method as in claim 1 wherein no private or confidential information is sent during the transmission of information.
  - 17. A method as in claim 1 wherein the algorithm further utilizes a unique security code sent from the receiving server during a previous confirmation message.

18. A system for secure transmission of information, comprising:
- means for composing a message;
  
  means for automatically generating a one-time passcode to be included in the message before sending, wherein the one-time passcode is generated from an embedded algorithm utilizing one or more features unique to the system;
  
  means for sending the message including the one-time passcode for securely authenticating the sender identity; and
  
  means for receiving a confirmation of the message.
- View Dependent Claims (19, 20, 21)
- - 19. A system as in claim 18 wherein the one-time passcode is automatically generated and included in the message without requiring a sender input.
  - 20. A system as in claim 18 further comprisingmeans for identifying a sender identification before composing the transaction request.
  - 21. A system as in claim 18 further comprisingmeans for entering a password before generating the one-time passcode.

22. A method for secure transmission of information, comprising:
- composing, at a sender device, a message;
  
  generating a one-time passcode, wherein the one-time passcode is generated from an embedded algorithm utilizing one or more features stored in the sender device, the one or more feature also stored in an account at a receiver, and the algorithm is pre-arranged with the receiver to generate the same one-time passcode utilizing the same one or more features;
  
  sending, from the sender device to a receiver device, the message including the one-time passcode for securely authenticating the sender identity; and
  
  receiving, from the receiver device, a confirmation of the message.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. A method as in claim 22 wherein the one-time passcode is automatically generated and included in the message without requiring a sender input.
  - 24. A method as in claim 22 further comprisingidentifying, at the sender device, a sender identification before composing the transaction request.
  - 25. A method as in claim 22 further comprisingentering, at the sender device, a password before generating the one-time passcode.
  - 26. A method as in claim. 22 wherein the message is encrypted with a one-time encryption key.
  - 27. A method as in claim 22 wherein no private or confidential information is sent during the transmission of information.

28. A method for secure transmission of information, comprising:
- receiving, from a sender device to a receiver device, a message including a one-time passcode and an identification of the sender;
  
  retrieving, at the receiver device, a matching passcode, wherein the matching passcode is generated from an algorithm utilizing one or more information stored in an account identified by the sender identification;
  
  if the matching passcode matched with the one-time passcode,sending, from the receiver device to the sender device, a confirmation of the message.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
- - 29. A method as in claim 28 further comprisingexecuting, at the receiver device, a request included in the message.
  - 30. A method as in claim 28 wherein retrieving a matching passcode comprises:
    - generating the matching passcode at the receiver device.
  - 31. A method as in claim 28 wherein retrieving a matching passcode comprises:
    - sending, from the receiver device to a server, a request for authentication including the sender information;
      
      receiving, at the receiver device from the server, the matching passcode.
  - 32. A method as in claim 28 wherein the sender identification comprises the phone number of the sender device.
  - 33. A method as in claim 28 wherein the receiver device comprises one of a mobile device, a cell phone, a personal device assistance (PDA), a pocket PC, a laptop, a smart phone, a computer, and a server.
  - 34. A method as in claim 28 wherein the information stored in the account identified by the sender identification comprises at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device, the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 35. A method as in claim 28 wherein the information stored in the account identified by the sender identification comprises at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.
  - 36. A method as in claim 28 wherein the transaction comprises at least one of a remote payment, a mobile payment, an online payment, a mobile commerce, an e-banking transaction, a mobile banking transaction, a mobile e-banking transaction, a mobile signature, a remote signature, an online stock trading transaction, a mobile stock trading transaction, a mobile phone authentication, a mobile betting, and a certified text message.
  - 37. A method as in claim 28 wherein the message is encrypted with a one-time encryption key.
  - 38. A method as in claim 28 wherein no private or confidential information is sent during the transmission of information.
  - 39. A method as in claim 28 further comprisingrecording the one-time passcode to certify the authentication of the message.

40. A method for secure transmission of information, comprising:
- receiving, from a sender device to a receiver device, a message including a one-time passcode and an identification of the sender;
  
  retrieving, at the receiver device, a matching passcode,wherein the matching passcode is generated from an algorithm utilizing one or more information stored in an account identified by the sender identification and in the sender device; and
  
  wherein the algorithm is pre-arranged between the sender device and the receiver device to generate the same one-time passcode for the same one or more features;
  
  if the matching passcode matched with the one-time passcode,sending, from the receiver device to the sender device, a confirmation of the message.
- View Dependent Claims (41, 42)
- - 41. A method as in claim 40 wherein the sender identification comprises the phone number of the sender device.
  - 42. A method as in claim 40 further comprisingrecording the one-time passcode to certify the authentication of the message.

43. A mobile device for secure transmission of information, comprising:
- a communication module for transmitting and receiving messages;
  
  a keypad module for composing a message, the keypad interface comprising a send feature for transmitting the message;
  
  a one-time passcode generator employing an algorithm utilizing one or more features unique to the mobile device;
  
  a processor for automatically generating and including the one-time passcode to the message before transmission, wherein the one-time passcode is included in the message for securely authenticate the message.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50)
- - 44. A device as in claim 43 wherein the one-time passcode is automatically generated and included in the message without requiring a sender input.
  - 45. A device as in claim 43 further comprisingan identification module for identifying a sender identification before composing the transaction request.
  - 46. A device as in claim 43 wherein the features unique to the sender device comprise at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 47. A device as in claim 43 wherein the algorithm further utilizes one or more features unique to the sender, the features comprising at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.
  - 48. A device as in claim 43 further comprisinga password module for entering a password before generating the one-time passcode.
  - 49. A device as in claim 43 further comprisinga one-time encryption module for encrypting the message with a one-time encryption key.
  - 50. A device as in claim 43 further comprisinga security device module for receiving a, security code from a receiving server to use in the generation of the one-time passcode.

51. A server for secure transmission of information, comprising:
- a communication module for transmitting and receiving messages;
  
  a module for extracting a sender identification and a one-time passcode from the message;
  
  a one-time passcode generator employing an algorithm utilizing one or more information stored in an account identified by the sender identification;
  
  a processor for comparing the received one-time passcode and the generated one-time passcode,wherein an acknowledgement is sent if the received one-time passcode matches the generated one-time passcode.
- View Dependent Claims (52, 53, 54)
- - 52. A server as in claim 51 wherein the sender identification comprises the phone number of the sender device.
  - 53. A server as in claim 51 wherein the information stored in the account identified by the sender identification comprises at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device, the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 54. A server as in claim 51 wherein the information stored in the account identified by the sender identification comprises at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.

55. A system for secure transmission of information, comprising:
- a plurality of mobile devices;
  
  a server;
  
  wherein at least one mobile device is configured to composing a message;
  
  automatically generating a one-time passcode to be included in the message before sending, wherein the one-time passcode is generated from an embedded algorithm utilizing one or more features unique to the mobile device;
  
  sending, to the server, the message including the one-time passcode for securely authenticating the sender identity; and
  
  receiving, from the server, a confirmation of the message; and
  
  wherein the server is configured toreceiving, from a mobile device, a message including a one-time passcode and an identification of the sender;
  
  retrieving a matching passcode, wherein the matching passcode is generated from an algorithm utilizing one or more information stored in an account identified by the sender identification;
  
  if the matching passcode matched with the one-time passcode, sending, to the mobile device, a confirmation of the message.
- View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65)
- - 56. A system as in claim 55 wherein the one-time passcode is automatically generated and included in the message without requiring a sender input.
  - 57. A system as in claim 55 wherein the mobile device is further configured to identifying a sender identification before composing the transaction request.
  - 58. A system as in claim 55 wherein the features unique to the sender device comprise at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device, the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 59. A system as in claim 55 wherein the algorithm further utilizes one or more features unique to the sender, the features comprising at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.
  - 60. A system as in claim 55 wherein the mobile device is further configured to entering a password before generating the one-time passcode.
  - 61. A system as in claim 55 wherein the algorithm further utilizes a unique security code sent from the receiving server during a previous confirmation message.
  - 62. A system as in claim 55 wherein the information stored in the account identified by the sender identification comprises at least one of the International Mobile Equipment Identity (IMEI), the unique industrial ID number for the mobile device, the Electronic Serial Number of the mobile device, and the version of the algorithm.
  - 63. A system as in claim 55 wherein the information stored in the account identified by the sender identification comprises at least one of a security key for the sender, a password chosen by the sender, and a personal information of the sender.
  - 64. A system as in claim 55 wherein the mobile device is further configured to one-time encrypting the message with a one-time encryption key.
  - 65. A system as in claim 55 wherein the server is further configured to recording the one-time passcode to certify the authentication of the message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nguyen Tho Tran
Original Assignee
Nguyen Tho Tran
Inventors
Tran, Nguyen Tho

Application Number

US12/346,822
Publication Number

US 20090172402A1
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/102   Bill distribution or payments

G06Q 20/326   Payment applications instal...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/388   using mutual authentication...

G06Q 20/40   Authorisation, e.g. identif...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 2463/082   applying multi-factor authe...

H04L 2463/102   applying security measure f...

H04L 63/0838   using one-time-passwords

H04L 9/3228   One-time or temporary data,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3273   for mutual authentication n...

Multi-factor authentication and certification system for electronic transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

135 Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-factor authentication and certification system for electronic transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

135 Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links