ELECTRONIC SIGNATURE SECURITY ALGORITHMS

US 20130179350A1
Filed: 01/11/2012
Published: 07/11/2013
Est. Priority Date: 01/11/2012
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

employing a processor to facilitate execution of computer executable instructions stored in at least one memory to perform acts, comprising;

receiving a phone number submitted through a bank client;

confirming the phone number is associated with a client account;

verifying the client account contains no linked devices;

generating a first one time password and a second one time password;

sending the first one time password to the phone number;

sending the second one time password to the bank client;

receiving a submitted password and the second one time password from the bank client; and

verifying the second one time password and the submitted password;

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies are generally described for security algorithm methods in authorizing and linking devices associated with a customer. A first device can be linked to a customer account. Additional devices can be linked to the customer account. Those devices can be authenticated to perform banking operations using dual factor authentication wherein a customer'"'"'s login information is a first factor and the customer using a previously authenticated device is a second factor. By using additional methods of authentication, transactions can be done more reliably and securely.

20 Citations

View as Search Results

21 Claims

1. A method, comprising:
- employing a processor to facilitate execution of computer executable instructions stored in at least one memory to perform acts, comprising;
  
  receiving a phone number submitted through a bank client;
  
  confirming the phone number is associated with a client account;
  
  verifying the client account contains no linked devices;
  
  generating a first one time password and a second one time password;
  
  sending the first one time password to the phone number;
  
  sending the second one time password to the bank client;
  
  receiving a submitted password and the second one time password from the bank client; and
  
  verifying the second one time password and the submitted password;
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - establishing a secure session with the bank client.
  - 3. The method of claim 2, wherein establishing the secure session is based upon a random generated number.
  - 4. The method of claim 1, wherein verifying the submitted password is based upon comparing the submitted password to the first one time password.
  - 5. The method of claim 1, further comprising:
    - generating a subscriber identification number and a security key pair;
      
      registering the subscriber identification number with the client account;
      
      sending the subscriber identification number and the security key pair to the bank client; and
      
      sending a confirmation to the phone number.
  - 6. The method of claim 1, further comprising:
    - sending information for display on the bank client for entry of the submitted password.

7. A computer-readable storage medium comprising computer-executable instructions that, in response to execution, cause a computing system to perform operations, comprising:
- receiving login information from a client device associated with a customer;
  
  verifying the login information received from the client device is authentic with respect to a user;
  
  in response to the verifying, establishing a secure session with the client device;
  
  receiving an encrypted bank operation request;
  
  verifying encryption of the encrypted bank operation request;
  
  determining a banking operation request based on the encrypted bank operation request;
  
  receiving a banking operation result from a bank processing center in response to sending the banking operation request to the bank processing center;
  
  generating an encrypted banking operation result based on the banking operation result; and
  
  sending the encrypted banking operation result to the client device.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein the verifying the encryption of the encrypted bank operation request includes verifying at least one of a security key or a subscriber identification number associated with the client device.
  - 9. The method of claim 7, wherein the establishing the secure session includes establishing the secure session as a function of at least one of a random generated number or using hypertext transfer protocol secure.
  - 10. The method of claim 7, wherein the generating the encrypted banking operation result includes generating the encrypted banking operation result based on a symmetric key.
  - 11. The method of claim 10, further comprising:
    - decrypting the encrypted banking operation result based upon the symmetric key; and
      
      displaying the banking operation result to the customer using the client device.

12. A client device, comprising:
- at least one memory that stores computer executable components; and
  
  a processor that facilitates execution of one or more computer executable components stored within the memory, the computer executable components comprising;
  
  a display component that displays a user request wherein the display component further receives login information and a banking request from a user based on the user request;
  
  a user authentication that authenticates the user based upon sending the login information to a bank server using a communications network;
  
  a security component that stores in protected memory a security key associated with the client device wherein the security component further generates an encrypted banking request based on the security key and the banking request; and
  
  a bank operation component that sends the encrypted banking request to the bank server using the communications network.
- View Dependent Claims (13, 14, 15)
- - 13. The client device of claim 12, wherein the bank operation component further receives an encrypted banking operation result.
  - 14. The client device of claim 13, wherein the security component further generates a decrypted banking operation result based on encrypted banking operation result and the security key.
  - 15. The client device of claim 14, wherein the display component further displays the decrypted banking operation result.

16. A secure banking system comprising:
- at least one memory that stores computer executable components; and
  
  a processor that facilitates execution of one or more computer executable components stored within the memory, the computer executable components comprising;
  
  a communications component that at least one of sends or receives data packets with a client device and a bank processing center, wherein data packets received from the client device include a bank operation request, a login information, and device authentication information;
  
  an encryption component that encrypts the bank operation request;
  
  a decryption component configured to decrypt the login information; and
  
  an authentication component configured to authenticate the bank operation request and the client device,wherein, in response to the bank operation request, the login information, and the client device being authenticated by the authentication component, the bank operation request is sent to the bank processing center by the communications component.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The secure banking system of claim 16, wherein the communications component further receives a banking operation result from the bank processing center.
  - 18. The secure banking system of claim 17, wherein the decryption component further decrypts the banking operation result.
  - 19. The secure banking system of claim 18, wherein the encryption component further generates an encrypted banking operation result based upon the banking operation result.
  - 20. The secure banking system of claim 19, wherein the communications component further sends the encrypted banking operation result to the client device.

21. A system comprising:
- means for receiving login information from a client device associated with a customer;
  
  means for verifying the login information received from the client device is authentic with respect to a user;
  
  means for in response to the verifying, establishing a secure session with the client device;
  
  means for receiving an encrypted bank operation request;
  
  means for verifying encryption of the encrypted bank operation request;
  
  means for determining a banking operation request based on the encrypted bank operation request;
  
  means for receiving a banking operation result from a bank processing center in response to sending the banking operation request to the bank processing center;
  
  means for generating an encrypted banking operation result based on the banking operation result; and
  
  means for sending the encrypted banking operation result to the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
Rawllin International Inc.
Inventors
Kirillin, Viacheslav, Zemlyanskiy, Sergey

Granted Patent

US 8,799,165 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/64
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G06Q 20/3221   Access to banking informati...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 40/02   Banking, e.g. interest calc...

H04L 63/0876   based on the identity of th...

H04L 9/3228   One-time or temporary data,...

ELECTRONIC SIGNATURE SECURITY ALGORITHMS

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

ELECTRONIC SIGNATURE SECURITY ALGORITHMS

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links