A Method, Device and System for Secure Transactions

US 20130081122A1
Filed: 04/11/2012
Published: 03/28/2013
Est. Priority Date: 09/23/2011
Status: Active Grant

First Claim

Patent Images

1. A method for operating a security device comprising the steps of:

receiving a request for a transaction from an application programmable device executing an application obtained from an application controlling institute, in which the transaction between the application and the application controlling institute has been initialized;

verifying a validity of the transaction;

alerting a user of receiving a valid request, in which the user indicates an acceptance of the request by signaling the security device;

generating a first one-time identifier, the first one-time identifier at least comprising a security device identification, a transaction number, a date and a time; and

communicating to the application programmable device the first one-time identifier, in which the application verifies a validity of the security device identification and, upon verification of the validity, instructs the application programmable device to communicate the first one-time identifier and transaction to the application controlling institute for processing, in which the application controlling institute verifies a validity of the first one-time identifier and, upon verification of the validity, processes the transaction, wherein said security device, application programmable device and application controlling institute securely processes the transaction.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for operating a security device comprises receiving a request for a transaction from a programmable device executing an application obtained from an application controlling institute, and verifying a validity of the transaction. A user is alerted, in which the user indicates an acceptance of the request. A one-time identifier is generated. The one-time identifier comprises a security device identification, a transaction number, a date and a time. The one-time identifier is communicated to the programmable device, in which the application verifies a validity of the security device identification and instructs the programmable device to communicate the one-time identifier and transaction to the application controlling institute for processing. The application controlling institute verifies validity of the one-time identifier and processes the transaction, wherein said security device, application programmable device and application controlling institute securely processes the transaction.

244 Citations

20 Claims

1. A method for operating a security device comprising the steps of:
- receiving a request for a transaction from an application programmable device executing an application obtained from an application controlling institute, in which the transaction between the application and the application controlling institute has been initialized;
  
  verifying a validity of the transaction;
  
  alerting a user of receiving a valid request, in which the user indicates an acceptance of the request by signaling the security device;
  
  generating a first one-time identifier, the first one-time identifier at least comprising a security device identification, a transaction number, a date and a time; and
  
  communicating to the application programmable device the first one-time identifier, in which the application verifies a validity of the security device identification and, upon verification of the validity, instructs the application programmable device to communicate the first one-time identifier and transaction to the application controlling institute for processing, in which the application controlling institute verifies a validity of the first one-time identifier and, upon verification of the validity, processes the transaction, wherein said security device, application programmable device and application controlling institute securely processes the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as recited in claim 1, further comprising the steps of:
    - receiving a second one-time identification from the application programmable device, in which the second one-time identification was received from the application controlling institute in response to processing the transaction and was validated by the application;
      
      verifying a validity of the processed transaction; and
      
      communicating to the application programmable device an acceptance of the transaction, upon the second one-time identifier being validated.
  - 3. The method as recited in claim 1, further comprising the step of alerting the user of receiving an invalid request indicating incorrect identifier or transaction number.
  - 4. The method as recited in claim 1, in which the request at least comprises an application controlling institute identification.
  - 5. The method as recited in claim 4, further comprising the step of storing the request and transaction number to form an audit trail, to protect application controlling institute queries, changes or controlled application distribution.
  - 6. The method as recited in claim 5, further comprising the step of generating a new transaction number for each subsequent transaction.
  - 7. The method as recited in claim 1, in which the user signals the security device by depressing at least one button on the security device or biometrically actuated.
  - 8. The method as recited in claim 1, in which the security device alerts the user by illumination of an indicator for the valid request or flashes the indicator for an invalid request.
  - 9. The method as recited in claim 1, in which the security device and the application programmable device communicate using a wireless connection.
  - 10. The method as recited in claim 9, in which the wireless connection uses technology to limit a separable distance for operation

11. A security device comprising:
- a housing;
  
  means for communicating with an application programmable device executing an application obtained from an application controlling institute;
  
  a processing unit being configured to be operable for;
  
  verifying a validity of a request for a transaction from the application;
  
  issuing an alert of receiving a valid request;
  
  acknowledging a user'"'"'s indication of an acceptance of the request;
  
  generating, upon the acknowledgment, a first one-time identifier, the first one-time identifier at least comprising a security device identification, a transaction number, a date and a time; and
  
  instructing said communicating means to communicate the first one-time identifier, in which the application verifies a validity of the security device identification and, upon verification of the validity, instructs the application programmable device to communicate the first one-time identifier and transaction to the application controlling institute for processing, in which the application controlling institute verifies a validity of the first one-time identifier and, upon verification of the validity, processes the transaction;
  
  an indicator being configured to be operable for receiving the alert from said processor unit to alert the user; and
  
  a sensor unit being configured to be operable for receiving the user'"'"'s indication of an acceptance and transmitting the indication to said processor unit, wherein said security device, application programmable device and application controlling institute securely processes the transaction.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The security device as recited in claim 11, in which said processing unit is further configured to be operable for:
    - processing a second one-time identification received from the application programmable device, in which the second one-time identification was received from the application controlling institute in response to processing the transaction and was validated by the application;
      
      verifying a validity of the processed transaction; and
      
      instructing said communicating means to communicate to the application programmable device an acceptance of the transaction upon the second one-time identifier being validated.
  - 13. The security device as recited in claim 11, further comprising means, joined to said housing for attaching the security device to an article for transportation.
  - 14. The security device as recited in claim 11, in which the request further comprises an application controlling institute identification.
  - 15. The security device as recited in claim 14, in which said processing unit is configured to be operable for storing the request and transaction number to form an audit trail.
  - 16. The security device as recited in claim 11, in which said sensor unit further comprises a biometric sensor.
  - 17. The security device as recited in claim 11, in which said communicating means communicates using a wireless connection.
  - 18. The security device as recited in claim 17, in which the wireless connection uses Near Field Communications to limit a separable distance for operation.

19. A system comprising:
- a security device unit comprising;
  
  a housing;
  
  means for communicating wirelessly using technology to limit a separable distance for operation;
  
  a processing unit being configured to be operable for;
  
  verifying a validity of a request for a transaction;
  
  issuing an alert of receiving a valid request;
  
  acknowledging a user'"'"'s indication of an acceptance of the request;
  
  generating a first one-time identifier, upon the acknowledgment, the first one-time identifier at least comprising a security device identification, a transaction number, a date and a time;
  
  storing the request and transaction number to form an audit trail;
  
  incrementing the transaction number for each subsequent transaction;
  
  instructing said communicating means to communicate the first one-time identifier;
  
  verifying a validity of a second one-time identifier for a processed transaction; and
  
  instructing said communicating means to communicate an acceptance of the transaction upon the second one-time identifier being validated;
  
  an indicator being configured to be operable for receiving the alert from said processor unit to alert the user; and
  
  a sensor unit being configured to be operable for receiving the user'"'"'s indication of an acceptance and transmitting the indication to said processor unit;
  
  an application programmable device executing an application, said application programmable device being configured to be operable for;
  
  communicating with said communicating means;
  
  communicating the request for the transaction to said communicating means;
  
  receiving the first one-time identifier from said communicating means;
  
  verifying a validity of the security device identification;
  
  sending, the first one-time identifier and transaction for processing, upon verification of the validity;
  
  receiving a second one-time identifier indicating the transaction processed; and
  
  communicating the second on-time identifier to said security device; and
  
  an application controlling institute being configured to be operable for;
  
  communicating with said application programmable device;
  
  supplying the application to said application programmable device;
  
  receiving the first one-time identifier and transaction for processing;
  
  verifying a validity of the first one-time identifier;
  
  processing the transaction using the security device identification to determine account information, upon verification of the validity;
  
  generating the second one-time identifier; and
  
  sending the second one-time identifier to said application programmable device, wherein said security device, application programmable device and application controlling institute securely processes the transaction.
- View Dependent Claims (20)
- - 20. The system as recited in claim 19, in which said security device further comprises means, joined to said housing for attaching said security device to an article for transportation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Geoff Ingalls, Howard M. Svigals, Jerome Svigals
Original Assignee
Geoff Ingalls, Howard M. Svigals, Jerome Svigals
Inventors
Svigals, Jerome, Svigals, Howard M., Ingalls, Geoff

Granted Patent

US 8,453,223 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/31   User authentication

H04L 9/3228   One-time or temporary data,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

A Method, Device and System for Secure Transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

244 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

A Method, Device and System for Secure Transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

244 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links