BIOMETRIC AUTHENTICATION OF MOBILE FINANCIAL TRANSACTIONS BY TRUSTED SERVICE MANAGERS

US 20090307139A1
Filed: 03/30/2009
Published: 12/10/2009
Est. Priority Date: 06/06/2008
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a financial transaction at a point of sale (POS), the method comprising:

storing an application program in a first secure element (SE) of a mobile phone equipped with a user biometric trait input device, the application program being configured to generate instruction codes to effect the financial transaction upon verification of a user'"'"'s identity; and

,storing credentials of the user in a second SE of the phone, the second SE being operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user'"'"'s identity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a financial transaction at a point of sale (POS) includes storing an application program in a first secure element of a mobile phone. The application is configured to generate instruction codes to effect the financial transaction upon verification of a user'"'"'s identity. The user'"'"'s credentials are stored in a second SE of the phone, which is operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user'"'"'s identity. At the POS, the user invokes the application and then inputs a biometric trait to the phone. The second SE verifies the user'"'"'s identity, and upon verification, generates data authenticating the transaction. The financial transaction data, including the instruction codes and the authenticating data, are then transmitted from the phone to the POS.

481 Citations

19 Claims

1. A method for authenticating a financial transaction at a point of sale (POS), the method comprising:
- storing an application program in a first secure element (SE) of a mobile phone equipped with a user biometric trait input device, the application program being configured to generate instruction codes to effect the financial transaction upon verification of a user'"'"'s identity; and
  
  ,storing credentials of the user in a second SE of the phone, the second SE being operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user'"'"'s identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - activating the phone at the POS;
      
      invoking the application program on the phone from the first SE;
      
      inputting a biometric trait of the user to the phone;
      
      verifying the user'"'"'s identity from the biometric trait input to the phone with the second SE;
      
      generating data authenticating the transaction in response to the verification of the user'"'"'s identity with the second SE; and
      
      ,transmitting data of the financial transaction, including the transaction instruction codes and the data authenticating the financial transaction, from the phone to a data communication device at the POS.
  - 3. The method of claim 2, wherein the transmitting of the transaction data from the phone to the POS communication device is effected through a near field communication (NFC) link between the phone and the POS device.
  - 4. The method of claim 3, wherein the transmitting of the transaction data from the phone to the POS data communication device comprises tapping the POS device with the phone.
  - 5. The method of claim 2, wherein the inputting of a biometric trait of the user to the phone comprises reading a fingerprint of the user.
  - 6. The method of claim 2, wherein at least one of the first and second SEs comprises a Sub-scriber Identity Module (SIM) card.
  - 7. The method of claim 2, wherein the inputting of a biometric trait of the user to the phone is operable to unlock the phone for use.
  - 8. The method of claim 2, wherein the inputting of a biometric trait of the user to the phone comprises transmitting data corresponding to the biometric trait directly from the biometric trait input device to the second SE via a data encryption tunnel circuit.
  - 9. The method of claim 2, wherein the data authenticating the transaction comprises at least one of a Card Verification Value (CVV) code, a Contactless Card and Chip Verification Value (iCVV) code, a Stored-Value Card (SVC) code and a bank identification number (BIN) code.
  - 10. The method of claim 2, wherein at least one of the storing of the application program in the first SE, the storing of the user'"'"'s credentials in the second SE and the generating of the data authenticating the transaction in response to the verification of the user'"'"'s identity comprises a value added service performed by a trusted service manager (TSM) on behalf of a third party credit or a payment service provider.
  - 11. The method of claim 2, wherein the POS comprises an automated teller machine (ATM), and further comprising depositing cash in or vending cash from the ATM to the user.

12. An apparatus for making an authenticated financial transaction at a point of sale (POS), the apparatus comprising a mobile phone that includes:
- a user biometric trait input device;
  
  a near field communication (NFC) module;
  
  an Application security element (SE) storing an application program configured to generate instruction codes to effect the financial transaction upon verification of the user'"'"'s identity; and
  
  ,a Payment/Wallet SE storing credentials of the user and operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user'"'"'s identity.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The apparatus of claim 12, wherein the user biometric trait input device comprises a fingerprint reader.
  - 14. The apparatus of claim 12, wherein the biometric trait input device is coupled to the Payment/Wallet via a data encryption tunnel circuit.
  - 15. The apparatus of claim 14, wherein the data encryption tunnel circuit complies with the Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS 140-2) Level 3 standard.
  - 16. The apparatus of claim 12, wherein the credentials of the user comprise at least one of the group consisting of a user payment instrument, a user certificate, a user account key, a user account and user biometric trait authentication data.

17. A method for making a purchase at a point of sale (POS), the method comprising:
- registering a user with a service provider engaged in the business of authenticating financial transactions;
  
  storing an application program in an Application secure element (SE) of a mobile phone of the user, the application program being configured to generate instruction codes to effecting the purchase upon a verification of the user'"'"'s identity;
  
  storing credentials of the user in a Payment/Wallet SE of the user'"'"'s phone, the second SE being operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the purchase in response to the verification of the user'"'"'s identity;
  
  activating the user'"'"'s phone at the POS;
  
  invoking the application program on the phone from the Application SE;
  
  inputting a biometric trait of the user to the phone;
  
  verifying the user'"'"'s identity from the biometric trait input to the phone with the Payment/Wallet SE;
  
  generating data authenticating the transaction in response to the verification of the user'"'"'s identity with the Payment/Wallet SE; and
  
  ,transmitting data of the financial transaction, including the transaction instruction codes and the data authenticating the financial transaction, from the phone to a data communication device at the POS.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, whereinthe credentials of the user comprise at least one of the group consisting of a user payment instrument, a user certificate, a user account key, a user account and user biometric trait authentication data;
    - and,the data authenticating the transaction comprises at least one of a Card Verification Value (CVV) code, a Contactless Card and Chip Verification Value (iCVV) code, a Stored-Value Card (SVC) code and a bank identification number (BIN) code.
  - 19. The method of claim 17, wherein the data of the financial transaction is transmitted from the phone to the data communication device at the POS in an encrypted form.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
eBay Inc.
Inventors
Duprat, Eric, Mardikar, Upendra

Granted Patent

US 8,150,772 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/1085   involving automatic teller ...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/204   comprising interface for re...

G06Q 20/3223   Realising banking transacti...

G06Q 20/3227   using secure elements embed...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/40145   Biometric identity checks

G06Q 40/00   Finance; Insurance; Tax str...

G07C 9/257   electronically G07C9/26 tak...

G07F 7/0826   Embedded security module

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/0861 : using biometrical features,...

H04L 9/3231 : Biological data, e.g. finge...

H04W 12/069 : using certificates or pre-s...

H04W 4/80 : Services using short range ...

View All

BIOMETRIC AUTHENTICATION OF MOBILE FINANCIAL TRANSACTIONS BY TRUSTED SERVICE MANAGERS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

481 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

BIOMETRIC AUTHENTICATION OF MOBILE FINANCIAL TRANSACTIONS BY TRUSTED SERVICE MANAGERS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

481 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links