VIRTUALIZATION OF AUTHENTICATION TOKEN FOR SECURE APPLICATIONS

US 20110161232A1
Filed: 12/28/2009
Published: 06/30/2011
Est. Priority Date: 12/28/2009
Status: Abandoned Application

First Claim

Patent Images

1. A computer executable file to provide for the securing of application programs and file folders with a mobile electronics device, comprising:

a computer executable file module for execution by a mobile electronics device, and including;

an imaging program for collecting an image of an object having distinctive and characteristic features that are associative with a particular user;

an interactive graphical interface (GUI) for assisting said user in the collecting and qualification of said object as having enough distinctive and characteristic features to serve collectively as an authenticator for said user in a secure transaction;

an image processing program providing for the local selection and reduction of features identified in an image of said object into abstracts if not provided for by a remote server;

an encoding program providing for the secure encryption of said abstracts;

wherein, an abstract previously obtained and registered to said user can be compared to an abstract contemporaneously obtained during a secure transaction and used as an authenticator to control attempts at fraud.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data and financial transactions are secured on a mobile electronics device, with three downloadable modules. A first module provides for the mobile electronics device and a network server to interactively register a cryptographic abstract of an object usually carried by the user. These objects represent physical passwords from which processing can derive characterizing information. A second module is invoked by a transaction and signals the mobile electronics device to collect a new sample of the physical password. A cryptographic abstract of it is distilled and compared to preregistered cryptographic abstracts. A third module is a key recovery process for use when the preregistered physical password sound or object is no longer available to the user.

69 Citations

View as Search Results

14 Claims

1. A computer executable file to provide for the securing of application programs and file folders with a mobile electronics device, comprising:
- a computer executable file module for execution by a mobile electronics device, and including;
  
  an imaging program for collecting an image of an object having distinctive and characteristic features that are associative with a particular user;
  
  an interactive graphical interface (GUI) for assisting said user in the collecting and qualification of said object as having enough distinctive and characteristic features to serve collectively as an authenticator for said user in a secure transaction;
  
  an image processing program providing for the local selection and reduction of features identified in an image of said object into abstracts if not provided for by a remote server;
  
  an encoding program providing for the secure encryption of said abstracts;
  
  wherein, an abstract previously obtained and registered to said user can be compared to an abstract contemporaneously obtained during a secure transaction and used as an authenticator to control attempts at fraud.
- View Dependent Claims (2, 3, 4)
- - 2. The computer executable file of claim 1, further comprising:
    - a transmission program for forwarding said abstracts to a local or remote cryptogram database.
  - 3. The computer executable file of claim 2, wherein:
    - the transmission program relies on wireless communication through a network to interact with a remote server.
  - 4. The computer executable file of claim 1, further comprising:
    - a first computer executable file module for execution by said mobile electronics device and a remote server on a network to interactively register a cryptographic abstract of a sound or an image of an object available to a user, wherein data inputs representing said sounds and objects symbolize physical passwords from which audio and/or image processing can derive characterizing information for transactional authentication;
      
      a second computer executable file module for execution by said mobile electronics device during a user financial transaction and that causes input data from a camera and/or microphone included in said mobile electronics device to collect a new sample and process the data into a present physical password for which a cryptographic abstract of it is distilled and compared to preregistered cryptographic abstracts, either locally or by accessing a remote server on the Internet; and
      
      a third computer executable file module for a key recovery process, when a preregistered physical password sound or object is no longer available to the user, said user synchronizes the mobile electronics device on a vendor website and requests a key removal process, or that enables the user to contact a vendor to obtain a reset code, and wherein new physical passwords can then be registered with the first module.

5. A mobile electronics device, comprising:
- a handset including at least a camera, a display screen, and a wireless communications device for accessing a network with a remote server;
  
  a computer executable file module for execution by the handset, and including;
  
  an imaging program providing for said camera to collect an image of an object with distinctive and characteristic features that are associative with a particular user;
  
  an interactive graphical interface (GUI) providing for said display screen to assist said user in the collecting and qualification of said object as having enough distinctive and characteristic features to serve collectively as an authenticator for said user in a financial transaction;
  
  an image processing program providing for the selection and reduction of features identified in an image of said object into abstracts;
  
  an encoding program providing for the secure encryption of said abstracts;
  
  wherein, an abstract previously obtained and registered to said user can be compared to an abstract contemporaneously obtained during a financial transaction and used as an authenticator to control attempts at fraud.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The mobile electronics device of claim 5, further comprising:
    - a transmission program for forwarding said abstracts to a local or remote cryptogram database.
  - 7. The mobile electronics device of claim 6, wherein:
    - the transmission program relies on said wireless communications device for accessing said network and remote server.
  - 8. The mobile electronics device of claim 5, further comprising:
    - a first computer executable file module for execution by said mobile electronics device and said remote server on a network to interactively register a cryptographic abstract of a sound or an image of an object available to a user, wherein data inputs representing said sounds and objects symbolize physical passwords from which audio and/or image processing can derive characterizing information for transactional authentication; and
      
      a second computer executable file module for execution by said mobile electronics device during a user financial transaction and that causes input data from said camera included in said mobile electronics device to collect a new sample and process the data into a present physical password for which a cryptographic abstract of it is distilled and compared to preregistered cryptographic abstracts, either locally or by accessing a remote server on the Internet.
  - 9. The mobile electronics device of claim 8, further comprising:
    - a third computer executable file module for a key recovery process, when a preregistered physical password sound or object is no longer available to the user, such enables said user to synchronize said mobile electronics device on a vendor website and requests key removal, or that enables the user to contact a vendor to obtain a reset code after an authentication of the user, and wherein new physical passwords can then be registered with the first module.

10. A method for securing transactions, comprising:
- using a mobile electronics device to collect an image or audio recording of a physical token during a concomitant user transaction;
  
  abstracting said image into at least forty bits of characterizing information;
  
  authenticating said physical token, and in so doing said concomitant user transaction, by comparing an abstract of said physical token to one previously registered as legitimate; and
  
  authorizing said concomitant user transaction depending on the results of the step of authenticating.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein:
    - the step of using said mobile electronics device to collect an image of a physical token is such that said physical token includes at least one of a door key, car key, identification card, passport, drivers license, pendant, rings, bracelet, belt, handwritten signature or phrase, hand of said user, or other object not subject to unavailability or substantial changes in appearance over time.
  - 12. The method of claim 10, wherein:
    - the step of using said mobile electronics device to collect an audio recording of a physical token is such that said physical token includes at least one of a word or phrase spoken by said user, a series or tones, or other sounds not subject to unavailability or substantial changes in character over time.
  - 13. The method of claim 10, wherein:
    - providing a selection and registration process in which said user is allowed to select a particular physical token available to them.
  - 14. The method of claim 10, wherein:
    - providing a selection and registration process in which a particular physical token available to said user is suggested through said mobile electronics device for registration.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cryptite LLC
Original Assignee
Cryptite LLC
Inventors
Brown, Kerry D.

Application Number

US12/647,713
Publication Number

US 20110161232A1
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/35765   Access rights to memory zones

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G07F 7/082   Features insuring the integ...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0853   using an additional device,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

VIRTUALIZATION OF AUTHENTICATION TOKEN FOR SECURE APPLICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

69 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

VIRTUALIZATION OF AUTHENTICATION TOKEN FOR SECURE APPLICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links