Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System

US 20130282588A1
Filed: 04/22/2012
Published: 10/24/2013
Est. Priority Date: 04/22/2012
Status: Abandoned Application

First Claim

Patent Images

1. A system on a computer based network for secure transfer of a customer'"'"'s funds to a merchant or financial institution, comprising:

a secure financial proxy account such as an online wallet, established for the purpose of holding unused dormant customer funds until activated and allocated by means of a pre-registered personal handheld device;

a personal handheld device of the customer;

a registration protocol for the personal handheld device;

a mobile application installed on the personal handheld device;

a unique device identification number for the personal handheld device;

a unique application identification number for the mobile application installed on that device;

a unique merchant identification number for the merchant or financial institution generated by the system upon their first registering on the system;

an activation and allocation protocol for identifying the account'"'"'s registered handheld device, its mobile application and its owner for requesting that the account and funds be active and allocated for a particular desired transaction with a specific merchant or financial institution using the unique merchant identification number in a specified amount for a specific configurable amount of time;

a transactional and authentication server which stores and authenticates data sent from the customer'"'"'s personal handheld device sent over a telecommunications network;

a session-specific log in code generated by the transactional and authentication server for the customer'"'"'s personal handheld device and the mobile application installed on the personal handheld device when the customer logs in to the system which is stored both on the mobile application and on the transactional and authentication server for the purpose of authentication of the customer'"'"'s subsequent log-in to the system under the customer'"'"'s account;

a unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token generated by the transactional and authentication server and sent to the handheld device, which is specific to the handheld device, it'"'"'s application and the specified merchant identifier information for consummating the particular transaction with the specific merchant or financial institution;

and a graphical image generated on the personal handheld device, which expresses the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token upon receipt from the transactional and authentication server, appended to the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application, the image to be scanned by the merchant or financial institution to consummate the transaction;

wherein the unique merchant identification number, the unique device identification number and the unique application identification number are all stored on the transactional and authentication server for customer account authentication and fund activation.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure system and method are disclosed to effectuate financial transactions over a secure internet backbone establishing and using a secure closed loop financial transactional system encompassing a proxy account and a pre-registered personal handheld mobile device to the account a preregistered merchant where all funds within the account remain in an “inactive” non-usable state until activated and allocated only by the consumer'"'"'s registered mobile handheld device using a unique, time sensitive, device specific and merchant specific transactional token initially developed on the system'"'"'s backend and subsequent token activation completion by the intended specific registered mobile device and by the intended merchant application.

415 Citations

16 Claims

1. A system on a computer based network for secure transfer of a customer'"'"'s funds to a merchant or financial institution, comprising:
- a secure financial proxy account such as an online wallet, established for the purpose of holding unused dormant customer funds until activated and allocated by means of a pre-registered personal handheld device;
  
  a personal handheld device of the customer;
  
  a registration protocol for the personal handheld device;
  
  a mobile application installed on the personal handheld device;
  
  a unique device identification number for the personal handheld device;
  
  a unique application identification number for the mobile application installed on that device;
  
  a unique merchant identification number for the merchant or financial institution generated by the system upon their first registering on the system;
  
  an activation and allocation protocol for identifying the account'"'"'s registered handheld device, its mobile application and its owner for requesting that the account and funds be active and allocated for a particular desired transaction with a specific merchant or financial institution using the unique merchant identification number in a specified amount for a specific configurable amount of time;
  
  a transactional and authentication server which stores and authenticates data sent from the customer'"'"'s personal handheld device sent over a telecommunications network;
  
  a session-specific log in code generated by the transactional and authentication server for the customer'"'"'s personal handheld device and the mobile application installed on the personal handheld device when the customer logs in to the system which is stored both on the mobile application and on the transactional and authentication server for the purpose of authentication of the customer'"'"'s subsequent log-in to the system under the customer'"'"'s account;
  
  a unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token generated by the transactional and authentication server and sent to the handheld device, which is specific to the handheld device, it'"'"'s application and the specified merchant identifier information for consummating the particular transaction with the specific merchant or financial institution;
  
  and a graphical image generated on the personal handheld device, which expresses the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token upon receipt from the transactional and authentication server, appended to the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application, the image to be scanned by the merchant or financial institution to consummate the transaction;
  
  wherein the unique merchant identification number, the unique device identification number and the unique application identification number are all stored on the transactional and authentication server for customer account authentication and fund activation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, further comprising:
    - a point of sale token scanner device to scan the graphically image expressing the unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token appended to the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application; and
      
      a linked proprietary merchant application used to parse out and validate the information from the unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token appended to the unique device identification number for the personal handheld device and the unique application identification number and append this parsed information with specific merchant or financial institution information using the system generated unique merchant identification number, for validation of the combined token and identifier information at the transactional and authentication server.
  - 3. The system of claim 1, where the personal handheld device is a telecommunication device with access to a telecommunication data network.
  - 4. The system of claim 3, where the personal handheld device is a smartphone.
  - 5. The system of claim 3, where the personal handheld device is a tablet device.
  - 6. The system of claim 1, further comprising:
    - a front facing camera on the personal handheld device to take various industry-standardized facial measurements; and
      
      a biometric validation application component which combines the facial measurements into the session-specific log in code for further security.
  - 7. The system of claim 1, wherein the specific handheld device of the customer, and another telecommunication handheld or stationary device of the merchant or financial institution are enabled to communicate the graphical image using a near-field communication, Bluetooth, infrared, light transmission protocols, audible frequency, sms, mms, wi-fi or other suitable synchronizing protocol over a telecommunications network.
  - 8. The system of claim 1, wherein:
    - the registration protocol for the personal handheld device comprises;
      
      generating on the transactional and authentication server public and private encryption keys specific to the customer and the mobile device application; and
      
      sending the public and private encryption keys to the personal handheld device and its mobile application; and
      
      the activation protocol further comprises;
      
      encryption by means of the mobile application the unique device identification number for the personal handheld device, the unique application identification number for the mobile application, as well as the session-specific log in code with the customer'"'"'s assigned public key;
      
      decryption of the unique device identification number for the personal handheld device, the unique application identification number for the mobile application, the session-specific log in code, as well as the desired transaction by the transactional and authentication server using the customer'"'"'s assigned private key;
      
      permanently hashing the results of the decryption by means of a one-way hash function;
      
      and comparison of these decrypted hashed results to the stored data on the transactional and authentication server for the specific customer'"'"'s account; and
      
      the unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token is encrypted by the transactional and authentication server using the customer'"'"'s assigned public key, is sent over a secure telecommunication network to the personal handheld device, and is decrypted at the device using the user and device specific private key located on the mobile application.

9. A method for secure transfer of customer'"'"'s funds, to a merchant or financial institution, comprising the steps of:
- establishing an online account for a customer to hold dormant, unused funds for the customer;
  
  linking the online account to a transactional and authentication server wherein an application resides to effectuate transfer of secure funds;
  
  registering the customer'"'"'s personal handheld device onto the server via an appropriate protocol;
  
  generating a unique device identification number for the customer'"'"'s personal handheld device and a unique application identification number for the mobile application installed on that device;
  
  generating a unique merchant identification number for the merchant or financial institution by the system upon their first registering on the system;
  
  logging in by the customer onto the system;
  
  generating a session-specific log in code by the transactional and authentication server for the customer'"'"'s personal handheld device and the mobile application installed on the personal handheld device after the customer logs in to the system;
  
  storing of the session-specific log in code both on the mobile application and on the transactional and authentication server under the customer'"'"'s account, for the purpose of authentication of the customer'"'"'s subsequent log-in to the system;
  
  verification of the consumer by means of the session-specific log in code generated by the transactional and authentication server for the consumer'"'"'s personal handheld device and the mobile application installed on the personal handheld device generated on the customer'"'"'s previous log in to the system which is;
  
  identifying the account'"'"'s registered personal handheld device and its associated customer for requesting the account and funds to be made active and allocated for a particular transaction with the specific merchant or financial institution;
  
  activating and allocating funds in the online account for the customer via an appropriate protocol for the particular transaction with the specific merchant or financial institution in a specified amount for a specific configurable amount of time;
  
  generating a unique user and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token by the transactional and authentication server using the unique device identification number for the customer'"'"'s personal handheld device, the unique application identification number for the mobile application installed on that device, and the unique merchant identification number for the merchant or financial institution, for the purpose of consummating the particular transaction with the specific merchant or financial institution;
  
  transmitting the unique user and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token by an ssl or tls or other secure protocol over a telecommunications network from the transactional and authentication server to the specific handheld device;
  
  appending on the handheld device the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token received from the transactional and authentication server, with the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application;
  
  generating on the personal handheld device a graphical image, to express the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token received from the transactional and authentication server, appended with the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application, the image to be scanned by the merchant or financial institution to consummate the transaction;
  
  verifying the unique user and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token, the unique device identification number for the customer'"'"'s personal handheld device, the unique application identification number for the mobile application installed on that device, and the unique merchant identification number for the merchant or financial institution, by means of an appropriate secure transactional encryption and decryption algorithm on the transactional and authentication server.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, further comprising the steps of:
    - scanning the graphical image expressing the unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token appended to the unique device identification number for the personal handheld device and the unique application identification number for its installed mobile application by means of a point of sale token scanner at the specific merchant or financial institution;
      
      parsing out and validating the unique customer and device specific, merchant specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token, the unique device identification number for the personal handheld device, and the unique application identification number, by means of a linked proprietary merchant application;
      
      combining the results generated in the parsing step information with specific merchant or financial institution information in the form of the system'"'"'s unique merchant identification number, for validation of the combined token and identifier information at the transactional and authentication server, also by means of the linked proprietary merchant application;
      
      transmitting the combined results of the unique user and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token appended to the unique device identification number for the personal handheld device, the unique application identification number of its mobile application, and the unique merchant identification number, from the merchant or financial institution via a telecommunications network to the transactional and authentication server; and
      
      identifying and validating the unique user and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token appended to the unique device identification number for the personal handheld device, the unique application identification number of its mobile application, and the unique merchant identification number by the transactional and authentication server to consummate the customer'"'"'s particular transaction with the merchant or financial institution.
  - 11. The method of claim 9, further comprising the steps of:
    - taking various industry-standardized facial measurements by means of a front facing camera of the smart phone;
      
      combining the facial measurements into the session-specific log in code for further security by means of a biometric validation application;
      
      storing the results of the combination step in the users account;
      
      passing the results of the combination step to the transactional and authentication server over the telecommunications network; and
      
      utilizing the results of the combination step to biometrically validate and authenticate the user for a desired transaction.
  - 12. The method of claim 9, wherein the personal handheld device is a telecommunication device with access to a telecommunication data network.
  - 13. The method of claim 12, wherein the personal handheld device is a smartphone.
  - 14. The method of claim 12, wherein the personal handheld device is a tablet device.
  - 15. The method of claim 9, wherein the specific handheld device of the user, and another handheld or stationary device of the merchant or financial institution are enabled to communicate the graphical image using a near-field communication, Bluetooth, infrared, light transmission protocols, sms, mms, wi-fi or other suitable synchronizing protocol over a telecommunications network.
  - 16. The method of claim 9, further comprising the steps of:
    - generating and assigning the customer with public and private encryption keys specific to the customer and the mobile device application;
      
      encrypting by means of the mobile application on the handheld device the unique device identification number for the personal handheld device, the unique application identification number for the mobile application, the session-specific log in code, as well as the desired transaction by the transactional and authentication server using the customer'"'"'s assigned private key prior to appending to the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token;
      
      encrypting the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token by the transactional and authentication server using the customer'"'"'s assigned public key prior to the transmission step;
      
      decrypting the unique device identification number for the personal handheld device, the unique application identification number for the mobile application, the session-specific log in code, as well as the desired transaction by the transactional and authentication server using the customer'"'"'s assigned private key prior to the verifying step on the transactional and authentication server;
      
      decrypting after the transmission step the unique customer and device specific, time-sensitive, single-use encrypted digital transactional alphanumeric inactive token by the mobile application at the device using the user and device specific private key;
      
      applying a one-way encryption hash function by the transactional and authentication server to the decryption results; and
      
      comparing this information to the stored data on the transactional and authentication server in order to authenticate the specific customer'"'"'s account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
John Hruska
Original Assignee
John Hruska
Inventors
Hruska, John

Application Number

US13/452,913
Publication Number

US 20130282588A1
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/3263   characterised by activation...

G06Q 20/3265   characterised by personalis...

G06Q 20/36   using electronic wallets or...

G06Q 20/367   involving electronic purses...

G06Q 20/40   Authorisation, e.g. identif...

Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

415 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

415 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links