BIOMETRIC AUTHENTICATION SYSTEM
1 Assignment
0 Petitions
Accused Products
Abstract
In a system and method of completing a transaction over a network, a personal electronic device (PED) receives transaction information; captures biometric information from the PED user; and uses such information to identify if the user is an authorized user of the PED. If the captured biometric information identifies an authorized user of the PED, the PED: enables a first one of a pair of cryptographic keys stored on the PED corresponding to the identified authorized user; generates a digital signature for the transaction using the enabled first key; generates an authenticated transaction request using the received transaction information; and transmits the authenticated transaction request to a transaction approval center via the network. The transaction approval center uses the authenticated transaction request to complete the transaction; and the PED receives confirmation regarding the transaction from the transaction approval center.
52 Citations
49 Claims
-
1-29. -29. (canceled)
-
30. A method for completing a transaction over a network, said method comprising:
-
receiving transaction information by a personal electronic device (PED); capturing biometric information from a user by the PED; using the captured biometric information, by the PED, to identify if the user is an authorized user of the PED; and if the captured biometric information identifies an authorized user of the PED, the PED performing the steps of; enabling a first one of a pair of cryptographic keys stored on the PED, said pair of cryptographic keys corresponding to the identified authorized user and said first key otherwise being disabled; generating a digital signature for the transaction using the enabled first key; generating an authenticated transaction request using the received transaction information, the authenticated transaction request comprising at least the received transaction information, the digital signature and information identifying the authorized user such as the second key of the pair of cryptographic keys; transmitting the authenticated transaction request to a transaction approval center via the network, the transaction approval center using the authenticated transaction request to complete the transaction; and receiving confirmation regarding the transaction from the transaction approval center. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A system to complete a transaction over a network, said system comprising:
a transaction approval center; and a personal electronic device (PED), the PED being configured to; receive transaction information; capture biometric information from a user of the PED; use the captured biometric information to identify if the user is an authorized user of the PED; and if the captured biometric information identifies an authorized user of the PED, perform the steps of; enabling a first one of a pair of cryptographic keys stored on the PED, said pair of cryptographic keys corresponding to the identified authorized user and said first key otherwise being disabled; generating a digital signature for the transaction using the enabled first key; generating an authenticated transaction request using the received transaction information, the authenticated transaction request comprising at least the received transaction information, the digital signature and information identifying the authorized user such as the second key of the pair of cryptographic keys; transmitting the authenticated transaction request to the transaction approval center via the network; and receive confirmation regarding the transaction from the transaction approval center;
whereinthe transaction approval center uses the authenticated transaction request to complete the transaction. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49)
Specification