SYSTEM AND METHOD FOR PERMISSION CONFIRMATION BY TRANSMITTING A SECURE REQUEST THROUGH A CENTRAL SERVER TO A MOBILE BIOMETRIC DEVICE

US 20100042835A1
Filed: 08/18/2008
Published: 02/18/2010
Est. Priority Date: 08/18/2008
Status: Abandoned Application

First Claim

Patent Images

1. A system for permission confirmation comprising:

a terminal device for transmitting an authorization request on a network, said terminal device includingmeans for encryption of the request, andmeans for decryption of a response;

a request arbitrating server (RAS) connected to the network for receiving the authorization request from the terminal device, said RAS incorporatingmeans for decryption of the request from the terminal display,means for determining an authorizing party responsive to the request,means for encryption of a request to an authorizing party for transmission on the network, and,means for decryption of a response and biometric data from the authorizing party,means for confirmation of the biometric data, and,means for encryption of the response to the terminal device.a user biometric device (UBD) connected to the network havingmeans for receiving an authorization request from the RAS,means for decryption of the request from the RAS,means for display of the request to a user responsive to the decryption means,means for entry of biometric data,means for entry of a response to the request,means for encryption of the biometric data and response, and,means for transmission of the encrypted biometric data and response to the network for receipt by the RAS.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for permission confirmation incorporates a terminal device for transmitting an authorization request on a network. The terminal device includes capability for encryption of the request and for decryption of a response. A request arbitrating server (RAS) is connected to the network for receiving the authorization request from the terminal device. The RAS incorporates capability for decryption of the request from the terminal display and determines an authorizing party responsive to the request. The RAS then has capability for encryption of a request to an authorizing party for transmission on the network, and, for decryption of a response and biometric data from the authorizing party. The RAS has capability to confirm biometric data received and encrypt a response to the terminal device. A user biometric device (UBD) is connected to the network having capability for receiving an authorization request from the RAS and decrypting the request. A display for the decrypted request and a sensor for entry of biometric data along with an input device for entry of a response to the request is incorporated in the UBD. The UBD provides capability for encrypting the biometric data and response and transmission of the encrypted biometric data and response to the network for receipt by the RAS.

Citations

17 Claims

1. A system for permission confirmation comprising:
- a terminal device for transmitting an authorization request on a network, said terminal device includingmeans for encryption of the request, andmeans for decryption of a response;
  
  a request arbitrating server (RAS) connected to the network for receiving the authorization request from the terminal device, said RAS incorporatingmeans for decryption of the request from the terminal display,means for determining an authorizing party responsive to the request,means for encryption of a request to an authorizing party for transmission on the network, and,means for decryption of a response and biometric data from the authorizing party,means for confirmation of the biometric data, and,means for encryption of the response to the terminal device.a user biometric device (UBD) connected to the network havingmeans for receiving an authorization request from the RAS,means for decryption of the request from the RAS,means for display of the request to a user responsive to the decryption means,means for entry of biometric data,means for entry of a response to the request,means for encryption of the biometric data and response, and,means for transmission of the encrypted biometric data and response to the network for receipt by the RAS.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system defined in claim 1 wherein the means for entry of biometric data is a sensor responsive to biometric data selected from the set of fingerprints, voice recognition, retinal scanning, iris measurement, scent, vein patterns, facial recognition, bone structure, DNA, electrocardiogram, hand geometry, behavioral recognition and gait.
  - 3. The system defined in claim 1 further comprising a personal digital assistant (MCP), said MCP incorporatingmeans for interconnection to the UBD,means for connection to the network providing the means for receiving an authorization request from the RAS and means for transmission to the network for receipt by the RAS.
  - 4. The system defined in claim 2 wherein the MCP further incorporates a Graphical User Interface and input for providing the means for display of the request and the means for entry of the response.
  - 5. The system defined in claim 1 wherein the UBD further incorporates means for unique identification and the means for determining an authorizing party is responsive to the means for unique identification.
  - 6. The system as defined in claim 5 where in the means for unique identification includes means for wireless transmission of indicia of said unique identification and the terminal device further includes means for receiving the wireless transmission of the indicia.
  - 7. The system of claim 6 wherein the means for wireless transmission comprises an RFID chip and the means for receiving comprises an RFID scanner.

8. A method for permission confirmation comprising the steps of:
- using a terminal device for transmitting an authorization request on a network, said terminal deviceencrypting the request, anddecrypting a response;
  
  providing a request arbitrating server (RAS) connected to the network for receiving the authorization request from the terminal device,decrypting the request from the terminal display,determining an authorizing party responsive to the request,encrypting a request to an authorizing party for transmission on the network, and,decrypting a response and biometric data from the authorizing party,confirming the biometric data, and,encrypting the response to the terminal device.providing a user biometric device (UBD) connected to the network andreceiving an authorization request from the RAS,decrypting the request from the RAS,displaying the request to a user,accepting entry of biometric data,accepting entry of a response to the request,encrypting the biometric data and response, and,transmitting the encrypted biometric data and response to the network for receipt by the RAS.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The method defined in claim 8 wherein the step of accepting entry of biometric data includes the steps ofproviding a fingerprint sensor on the UBD, andapplying a fingerprint to the sensor.
  - 10. The method as defined in claim 8 further comprising the initial steps in providing a UBD of:
    - initializing the UBD when powered to connect to the RAS through the internet;
      
      providing the biometric input through the sensor in the UBD;
      
      and wherein the step of providing a RAS further comprises the initial steps of;
      
      identifying a new UBD for the network;
      
      querying the UBD for an initial transmission of the biometric data;
      
      receiving the encrypted biometric data;
      
      creating a template in the RAS and storing the template;
      
      associating the template with the UBD for subsequent transaction purposes.
  - 11. The method of claim 8 wherein the step of using a terminal device further includes the preliminary steps of:
    - downloading system software with initial encryption keys;
      
      sending an encrypted request to the RAS for terminal activation;
      
      re-encrypting and relaying the request in the RAS to a merchant UBD;
      
      displaying the terminal activation request on the merchant UBD;
      
      inputting biometric data and a response on the merchant UBD;
      
      encrypting and sending the biometric data and response to the RAS; and
      
      ,sending a new encryption key to the terminal completing activation upon an affirmative response.
  - 12. The method of claim 8 wherein the step of encrypting the request by the terminal device employs a public key system is used for establishing symmetric encryption keys.
  - 13. The method of claim 8 wherein the steps of decrypting the request and encrypting the biometric data and response by the UBD employs a public key system for establishing symmetric encryption keys and the UBD is supplied with a predetermined encryption key.
  - 14. The method of claim 8 wherein the step of using a terminal device for transmitting an authorization request further includes the step of entering a device specific identification number for the UBD.
  - 15. The method of claim 14 wherein the step of entering a device specific identification number for the UBD comprises entering the identification number on an input device in the terminal.
  - 16. The method of claim 14 wherein the step of entering a device specific identification number for the UBD comprises wirelessly transmitting the identification number from the UBD to the terminal device.
  - 17. The method of claim 16 wherein the step of wirelessly transmitting the device specific identification number for the UBD comprises reading an RFID chip on the UBD containing the identification number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
James Tamplin, Lee Andrew
Original Assignee
Keep Security Inc.
Inventors
Lee, Andrew, Tamplin, James

Application Number

US12/193,595
Publication Number

US 20100042835A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2115   Third party

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04W 12/065   Continuous authentication

SYSTEM AND METHOD FOR PERMISSION CONFIRMATION BY TRANSMITTING A SECURE REQUEST THROUGH A CENTRAL SERVER TO A MOBILE BIOMETRIC DEVICE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR PERMISSION CONFIRMATION BY TRANSMITTING A SECURE REQUEST THROUGH A CENTRAL SERVER TO A MOBILE BIOMETRIC DEVICE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links