IMPLEMENTING SECURITY MEASURES FOR AUTHORIZED TOKENS USED IN MOBILE TRANSACTIONS

US 20140025958A1
Filed: 07/19/2012
Published: 01/23/2014
Est. Priority Date: 07/19/2012
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a memory operable to store security rules associated with a generated token;

a processor communicatively coupled to the memory, the processor operable to;

access the security rules associated with the generated token;

determine whether to encrypt the generated token by applying at least a portion of the security rules to the generated token; and

encrypt the generated token; and

an interface communicatively coupled to the processor, the interface operable to communicate the encrypted token to a mobile device associated with a user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Security measures for tokens comprise storing security rules associated with a generated token in a memory. A processor, communicatively coupled to the memory, accesses the security rules associated with the generated token and determines whether to encrypt the generated token by applying at least a portion of the security rules to the generated token. The processor encrypts the generated token. An interface, communicatively coupled to the processor, communicates the encrypted token to a mobile device associated with a user.

Citations

18 Claims

1. An apparatus, comprising:
- a memory operable to store security rules associated with a generated token;
  
  a processor communicatively coupled to the memory, the processor operable to;
  
  access the security rules associated with the generated token;
  
  determine whether to encrypt the generated token by applying at least a portion of the security rules to the generated token; and
  
  encrypt the generated token; and
  
  an interface communicatively coupled to the processor, the interface operable to communicate the encrypted token to a mobile device associated with a user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the processor is further operable to:
    - determine whether to apply restrictions to the generated token; and
      
      restrict the generated token according to the determined restrictions.
  - 3. The apparatus of claim 2, wherein the determined restrictions include at least one of the following:
    - a time limit in which to use the generated token; and
      
      a geographic limit in which to use the generated token.
  - 4. The apparatus of claim 1, wherein the processor is further operable to encrypt the generated token using at least one of the following:
    - a digital certificate;
      
      a mobile device identifier;
      
      a user identifier; and
      
      biometric information associated with a user.
  - 5. The apparatus of claim 1, wherein the processor is further operable to communicate decryption information to a merchant terminal.
  - 6. The apparatus of claim 1, wherein the processor is further operable to communicate decryption information to a transaction module.

7. A method, comprising:
- storing security rules associated with a generated token;
  
  accessing the security rules associated with the generated token;
  
  determining whether to encrypt the generated token by applying at least a portion of the security rules to the generated token;
  
  encrypting, by the processor, the generated token; and
  
  communicating the encrypted token to a mobile device associated with a user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising:
    - determining whether to apply restrictions to the generated token; and
      
      restricting the generated token according to the determined restrictions.
  - 9. The method of claim 8, wherein the determined restrictions include at least one of the following:
    - a time limit in which to use the generated token; and
      
      a geographic limit in which to use the generated token.
  - 10. The method of claim 7, wherein encrypting the generated token comprises encrypting the generated token using at least one of the following:
    - a digital certificate;
      
      a mobile device identifier;
      
      a user identifier; and
      
      biometric information associated with a user.
  - 11. The method of claim 7, further comprising communicating decryption information to a merchant terminal.
  - 12. The method of claim 7, further comprising communicating decryption information to a transaction module.

13. A non-transitory computer readable medium comprising logic, the logic, when executed by a processor, operable to:
- store security rules associated with a generated token;
  
  access the security rules associated with the generated token;
  
  determine whether to encrypt the generated token by applying at least a portion of the security rules to the generated token;
  
  encrypt the generated token; and
  
  communicate the encrypted token to a mobile device associated with a user.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory computer readable medium of claim 13, wherein the logic is further operable to:
    - determine whether to apply restrictions to the generated token; and
      
      restrict the generated token according to the determined restrictions.
  - 15. The non-transitory computer readable medium of claim 14, wherein the determined restrictions include at least one of the following:
    - a time limit in which to use the generated token; and
      
      a geographic limit in which to use the generated token.
  - 16. The non-transitory computer readable medium of claim 13, wherein the logic is further operable to encrypt the generated token using at least one of the following:
    - a digital certificate;
      
      a mobile device identifier;
      
      a user identifier; and
      
      biometric information associated with a user.
  - 17. The non-transitory computer readable medium of claim 13, wherein the logic is further operable to communicate decryption information to a merchant terminal.
  - 18. The non-transitory computer readable medium of claim 13, wherein the logic is further operable to communicate decryption information to a transaction module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Calman, Matthew A.

Granted Patent

US 9,043,609 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/33   using certificates

G06F 21/6218   to a system of files or obj...

G06F 2221/2139   Recurrent verification

G06Q 20/3224   Transactions dependent on l...

G06Q 20/367   involving electronic purses...

IMPLEMENTING SECURITY MEASURES FOR AUTHORIZED TOKENS USED IN MOBILE TRANSACTIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

IMPLEMENTING SECURITY MEASURES FOR AUTHORIZED TOKENS USED IN MOBILE TRANSACTIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links