Multifactor Authentication

US 20110202466A1
Filed: 10/19/2009
Published: 08/18/2011
Est. Priority Date: 10/17/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method for use in authenticating transactions comprising:

receiving a request from a terminal to authenticate a transaction;

receiving information from the terminal identifying a token that is being used to initiate the transaction;

identifying a mobile device that is associated with the token;

determining the location of the mobile device;

comparing the location of the mobile device with the location of the transaction; and

authenticating the transaction if the location of the mobile device is within a predetermined area relative to the location of the transaction.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic device with radio and GNSS receiving capabilities is used to provide a second or further authentication factor to current and future transaction systems. The device'"'"'s embedded characteristics are combined with GNSS data into a unique identifiable device code. The device can be used initially to put a bank or credit card into a “transaction enabled” mode. The location of the electronic device can be compared to the location from which a request to use the enabled card originates.

304 Citations

36 Claims

1. A method for use in authenticating transactions comprising:
- receiving a request from a terminal to authenticate a transaction;
  
  receiving information from the terminal identifying a token that is being used to initiate the transaction;
  
  identifying a mobile device that is associated with the token;
  
  determining the location of the mobile device;
  
  comparing the location of the mobile device with the location of the transaction; and
  
  authenticating the transaction if the location of the mobile device is within a predetermined area relative to the location of the transaction.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 13, 14)
- - 3. A method according to claim 1, wherein the location of the transaction corresponds to a registered location associated with the terminal.
  - 4. A method according to claim 3, further comprising determining the current location of the terminal, the authenticating step further comprising:
    - comparing the location of the transaction with the current location of the terminal; and
      
      authenticating the transaction if the current location of the terminal is within a predetermined area relative to the location of the transaction.
  - 5. A method according to claim 1, wherein the location of the transaction corresponds to the current location of the terminal.
  - 6. A method according to claim 5, further comprising obtaining a registered location associated with the terminal;
    - the authenticating step further comprising;
      
      comparing the location of the transaction with the registered location of the terminal; and
      
      authenticating the transaction if the location of the transaction is within a predetermined area relative to the registered location of the terminal.
  - 7. A method according to claim 1 further comprising an initial step of:
    - receiving a signal from a mobile device identifying a token to be enabled for transactions;
      
      validating the identity of the mobile device using a unique identifier received from the mobile device; and
      
      recording that said token has been enabled for transactions wherein said authenticating includes determining if said token has been enabled for transactions.
  - 8. A method according to claim 1, wherein the location of the mobile device is determined remotely from the device using information received from the mobile device, the information being derived from information received by the mobile device from a Global Navigation Satellite System (GNSS).
  - 9. A method according to claim 1, wherein the identity of the mobile device is verified by receiving from the mobile device a unique identifier, the unique identifier comprising a code derived from information relating to the mobile device hardware and information received from a GNSS.
  - 13. A method according to claim 9, wherein the information received from the GNSS is unprocessed GNSS constellation and timing information.
  - 14. A method according to claim 1 wherein:
    - the token is a bank card.

2. A method for multi-factor transaction authentication in a system comprising a terminal, the method comprising:
- determining token identifying details for a token that is to be used to initiate a transaction;
  
  obtaining an authentication key;
  
  identifying a mobile device that is associated with the token;
  
  determining the location of the mobile device; and
  
  authenticating the transaction if the location of the mobile device is within a predetermined area relative to the location of the transaction and the authentication key is successfully validated with the token identifying details.

10. A method for use in authenticating a transaction comprising:
- determining token identifying details for a token that is to be used in the transaction;
  
  obtaining an authentication key;
  
  validating the authentication key with the token identifying details;
  
  transmitting information associated with the location of the transaction and the token identifying details to a remote security apparatus; and
  
  receiving authorisation information for indicating if the transaction can be processed.
- View Dependent Claims (11, 12)
- - 11. A method according to claim 10, wherein the information associated with the location of the transaction is derived from information received from a GNSS.
  - 12. A method according to claim 11, wherein the information associated with the transaction further comprises information identifying the terminal for enabling a registered location associated with the terminal to be obtained.

15. A transaction authentication apparatus comprising:
- terminal communication means for communicating with a remote terminal, adapted to receive information identifying a token being used to initiate a transaction;
  
  identifying means for identifying a mobile device associated with said token;
  
  determining means for determining the location of said mobile device; and
  
  comparing means for comparing the location of said mobile device with the location of said transaction.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 26)
- - 17. An apparatus according to claim 15, wherein the location of the transaction corresponds to a registered location associated with the terminal.
  - 18. An apparatus according to claim 17, further comprising determining means for determining the current location of the terminal, the comparing means further being adapted for:
    - comparing the location of the transaction with the current location of the terminal.
  - 19. An apparatus according to claim 15, further comprising determining means for determining the location of the transaction by determining the current location of the terminal.
  - 20. An apparatus according to claim 19, further comprising means for obtaining a registered location associated with the terminal;
    - the comparing means further being adapted for;
      
      comparing the location of the transaction with the registered location of the terminal.
  - 21. An apparatus according to claim 15 further comprising:
    - storage means for recording receipt of a signal indicating that a token is enabled for transactions.
  - 22. An apparatus according to claim 15 further comprising:
    - mobile device communication means for receiving GNSS information from the mobile device; and
      
      processing means for calculating the location of said mobile device based on the received GNSS information.
  - 23. An apparatus according to claim 15 wherein the identifying means are adapted to identify the mobile device by receiving from the mobile device a unique identifier code comprising a code derived from information relating to the mobile device hardware and GNSS information.
  - 26. An apparatus according to claim 22, wherein the GNSS information is un-processed GNSS constellation and timing information.

16. An apparatus for use in multi-factor transaction authentication comprising a terminal, the terminal comprising:
- token reading means;
  
  authentication key input means; and
  
  validating means for validating an authentication key with token identifying information;
  
  the apparatus further comprising;
  
  identifying means for identifying a mobile device associated with said token;
  
  determining means for determining the location of said mobile device; and
  
  comparing means for comparing the location of said mobile device with the location of a transaction.

24. A terminal apparatus for use in authenticating a transaction comprising:
- token reading means for obtaining token identifying information;
  
  authentication key input means for receiving an authentication key;
  
  validating means for validating the authentication key with the token identifying information;
  
  communication means for transmitting information associated with the location of the terminal apparatus and the token identifying information to a remote security apparatus, and further adapted for receiving token authentication information; and
  
  authentication means for authenticating said transaction according to said token authentication information and the output from said validity means.
- View Dependent Claims (25, 27)
- - 25. A terminal apparatus according to claim 24, wherein the information associated with the location of the terminal apparatus is derived from information received from a GNSS.
  - 27. An apparatus according to claim 24, wherein the communication means is further adapted for transmitting information identifying the terminal, for indicating a registered location associated with the terminal.

28. A method for use in authenticating a transaction comprising:
- obtaining an instruction for a mobile device to enter a transaction enabled mode; and
  
  transmitting to a remote security apparatus mobile device location information and a unique identifier code.
- View Dependent Claims (29, 30, 31, 32)
- - 29. A method according to claim 28, further including:
    - obtaining token information for specifying a token to be enabled for transactions;
      
      transmitting token identification information relating to the specified token;
      
      receiving confirmation that the token is enabled for transactions; and
      
      indicating that the specified token is enabled for transactions.
  - 30. A method according to claim 28, further comprising:
    - receiving GNSS information for providing the location information that is transmitted.
  - 31. A method according to claim 30, wherein the unique identifier code comprises a code derived from information relating to the mobile device hardware and GNSS information.
  - 32. A method according to claim 30, wherein the GNSS information used is unprocessed GNSS constellation and timing information.

33. A mobile device for use in authenticating a transaction comprising:
- an interface for receiving instructions from a user and displaying information;
  
  means for selectively switching said mobile device to a transaction enabled mode;
  
  location determining means for determining location information relating to the location of the mobile apparatus;
  
  a unique identifier code for identifying the apparatus; and
  
  communication means for transmitting the location information and unique identifier code when in said transaction enabled mode.
- View Dependent Claims (34, 35, 36)
- - 34. A mobile device according to claim 33, wherein the location determining means comprises GNSS receiving means for obtaining GNSS information.
  - 35. A mobile device according to claim 34, wherein the unique identifier code comprises a code derived from information relating to the mobile device hardware and GNSS information.
  - 36. A mobile device according to claim 34, wherein the GNSS information used is unprocessed GNSS constellation and timing information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Robert A. Carter
Original Assignee
Robert A. Carter
Inventors
Carter, Robert A.

Application Number

US13/124,598
Publication Number

US 20110202466A1
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/325   using wireless networks

G06Q 20/3674   involving authentication

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/42   Confirmation, e.g. check or...

G06Q 20/425   using two different network...

G07F 19/20   Automatic teller machines [...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04W 12/062   Pre-authentication

H04W 4/023   using mutual or relative lo...

Multifactor Authentication

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

304 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Multifactor Authentication

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

304 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links