METHOD AND SYSTEM USING TWO OR MORE STORAGE DEVICES FOR AUTHENTICATING MULTIPLE USERS FOR A SINGLE TRANSACTION

US 20120066349A1
Filed: 08/09/2011
Published: 03/15/2012
Est. Priority Date: 08/16/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method for using multiple storage devices for authenticating multiple users in regard to a single transaction, said method comprising:

receiving data at a server, the data indicative of a first user attempting to access the server through a first interface operable with a first storage device;

receiving data at the server, the data indicative of a second user, having an association with the first user, attempting to access the server through a second interface operable with a second storage device;

producing, at the server, a hash value from a combination of the data indicative of the first user and the data indicative of the second user;

communicating, upon creation of the hash value, transaction counter values from each of the storage devices to the server;

initiating transaction based counters, at the server, based on the communicated counter values;

performing a transaction within the server based on data retrieved from at least the first storage device; and

iterating the transaction based counters upon completion of the transaction.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for using multiple storage devices for authenticating multiple users in regard to a single transaction is described. The method includes receiving data at a server, the data indicative of a first user attempting to access the server through a first interface operable with a first storage device, receiving data at the server, the data indicative of a second user, having an association with the first user, attempting to access the server through a second interface operable with a second storage device, producing, at the server, a hash value from a combination of the data indicative of the first user and the data indicative of the second user, communicating, upon creation of the hash value, transaction counter values from each of the storage devices to the server, initiating transaction based counters, at the server, based on the communicated counter values, performing a transaction within the server based on data retrieved from at least the first storage device, and iterating the transaction based counters upon completion of the transaction.

10 Citations

20 Claims

1. A method for using multiple storage devices for authenticating multiple users in regard to a single transaction, said method comprising:
- receiving data at a server, the data indicative of a first user attempting to access the server through a first interface operable with a first storage device;
  
  receiving data at the server, the data indicative of a second user, having an association with the first user, attempting to access the server through a second interface operable with a second storage device;
  
  producing, at the server, a hash value from a combination of the data indicative of the first user and the data indicative of the second user;
  
  communicating, upon creation of the hash value, transaction counter values from each of the storage devices to the server;
  
  initiating transaction based counters, at the server, based on the communicated counter values;
  
  performing a transaction within the server based on data retrieved from at least the first storage device; and
  
  iterating the transaction based counters upon completion of the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1 wherein receiving data at a server comprises receiving user information and an identifying number associated with the respective storage device.
  - 3. The method according to claim 1 wherein the first storage device and the second storage device are associated with different classes of user.
  - 4. The method according to claim 1 wherein producing a hash value comprises including at least one of location codes for the user devices and time stamps in the hash value.
  - 5. The method according to claim 1 wherein:
    - receiving the data indicative of a first user includes receiving data relating to the first user as a medical patient; and
      
      receiving the data indicative of a second user includes receiving data relating to the second user as a medical provider.
  - 6. The method according to claim 1 wherein receiving data comprises receiving at least one of data entered manually through the interface based on visual data printed on the storage device, answers to one or more questions entered into the user interface in response to a prompt from the server, a password entered into the user interface, a personal identification number entered into the user interface, a token sent from the storage device, and biometric data received via the user interface.
  - 7. The method according to claim 1 further comprising updating, based on completion of a transaction and via instructions generated by the server, the transaction counter value within each storage device.
  - 8. The method according to claim 1 wherein performing a transaction within the server based on data retrieved from at least the first storage device comprises verifying that the second storage device is communicatively coupled to the server.
  - 9. The method according to claim 1 wherein performing a transaction within the server based on data retrieved from at least the first storage device comprises producing hash values related to initiation of each transaction, completion of each transaction, and data retrieved from the second storage device.

10. A system for authenticating multiple users in regard to a single transaction, said method comprising:
- a first user device operable to interface with a first storage device associated with a first user;
  
  a second user device operable to interface with a second storage device associated with a second user; and
  
  a server communicatively coupled to said first user device and said second user device, said server programmed to;
  
  receive data from the first storage device via said first user device indicative of a first user attempting to access said server;
  
  receive data from the second storage device via said second user device indicative of a second user attempting to access said server;
  
  produce a hash value from a combination of the data received from the first storage device and the second storage device;
  
  receive transaction counter values from each of the storage devices via the respective said user devices;
  
  initiate transaction based counters based on the received counter values;
  
  perform a transaction based on further data retrieved from at least the first storage device; and
  
  iterate the transaction based counters upon completion of the transaction.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system according to claim 10 wherein:
    - the data received from the first storage device comprises information relating to the first user and an identifying number associated with the first storage device; and
      
      the data received from the second storage device comprises information relating to the second user and an identifying number associated with the second storage device.
  - 12. The system according to claim 10 wherein data received from the first storage device and data received from the second storage device are indicative that the first user and the second user are in different user classes.
  - 13. The system according to claim 10 wherein to produce a hash value from a combination of the data, said server is programmed to include at least one of location codes for the user devices and time stamps in the hash value.
  - 14. The system according to claim 10 wherein said user devices are operable for at least one of:
    - manual entry of data through a user interface based on visual data printed on the respective said storage device;
      
      manual entry of answers to one or more questions through a user interface based on a prompt from said server;
      
      manual entry of a password through a user interface based on a prompt from said server;
      
      manual entry of a personal identification number through a user interface based on a prompt from said server; and
      
      entry of biometric data through a user interface based on a prompt from said server.
  - 15. The system according to claim 10 wherein upon completion of a transaction, said server is programmed to update the transaction counter value within each of the first storage device and the second storage device.
  - 16. The system according to claim 10 wherein prior to performing a transaction based on further data retrieved from at least the first storage device, said server is programmed to verify that the second storage device is still communicatively coupled thereto.
  - 17. The system according to claim 10 wherein to perform a transaction based on further data retrieved from at least the first storage device, said server is programmed to produce hash values related to initiation of each transaction, completion of each transaction, and data retrieved from the second storage device.
  - 18. The system according to claim 10 wherein said user device comprises an interface related to the storage device, the interface comprising at least one of a magnetic strip reader, a data port, a scanner, a keyboard, a touch screen, a biometric device, and an optical reader.

19. A method for authenticating users to a restricted transaction, said method comprising:
- substantially simultaneously sending, via separate user interfaces, information from two separate storage devices to a server, the information sent from the first storage device associated with a first class of user, the information sent from the second storage device associated with a second class of user;
  
  producing, at the server, a combined hash value based on the information received from the storage devices; and
  
  based on the hash value, exchanging data between the server and the storage devices relating to a transaction initiated through one of the user interfaces.
- View Dependent Claims (20)
- - 20. The method according to claim 19 further comprising verifying that one of the users is associated with a class of user that has authority for initiating the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Secure Exchange Solutions LLC
Original Assignee
Secure Exchange Solutions LLC
Inventors
Trotter, Douglas H., Lacey, Darren

Application Number

US13/206,009
Publication Number

US 20120066349A1
Time in Patent Office

Days
Field of Search
US Class Current

709/219
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

G16H 10/65   stored on portable record c...

H04L 63/0853   using an additional device,...

METHOD AND SYSTEM USING TWO OR MORE STORAGE DEVICES FOR AUTHENTICATING MULTIPLE USERS FOR A SINGLE TRANSACTION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM USING TWO OR MORE STORAGE DEVICES FOR AUTHENTICATING MULTIPLE USERS FOR A SINGLE TRANSACTION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links