SYSTEM AND METHOD FOR SECURE TRANSACTION PROCESS VIA MOBILE DEVICE
11 Assignments
0 Petitions
Accused Products
Abstract
A system providing enhanced security for device based transactions, constituted of:
- a server associated with a network address; a first device associated with a user, the first device in communication with the server over a first communication channel responsive to an obtained server network address; a second device associated with the user arranged to obtain the server network address from the first device; and a mobile device server in communication with the second device over a second communication channel, the mobile device server in communication with the server via a third communication channel, the mobile device server arranged to: obtain the server network address from the second device over the second communication channel; obtain the server network address from a trusted source; and authorize to the server over third communication channel a transaction only in the event that the server network addresses are consonant.
57 Citations
62 Claims
-
1-32. -32. (canceled)
-
33. An apparatus, comprising:
-
a mobile device server implemented in at least one of a memory or a processor device, the mobile device server configured to be operably coupled to a provider server via a network and configured to receive, from the provider server, a signal representing a request from a user for access via a compute device to a resource associated with the provider server, the mobile device server configured to send, via a network and to a mobile compute device separate from the compute device and associated with the user, a signal representing a challenge associated with the request from the user, the mobile device server configured to receive, from the mobile compute device, a signal representing a response to the challenge, the mobile device server configured to identify (1) a location of the compute device, and (2) a location of the mobile compute device, the mobile device server configured to compare the location of the compute device with the location of the mobile compute device to produce a location relationship identifier, the mobile device server configured to send, to the provider server and based on the response to the challenge, a signal representing positive approval of the user when the location relationship identifier meets a first predefined criterion and the response to the challenge meets a second predefined criterion. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
-
receive, from a provider server and via a network, a signal representing a request from a user for access via a compute device to a resource of the provider server, the request having a transaction type from a plurality of predefined transaction types and defined at least in part by the provider server; identify, based on the transaction type, a predefined policy criterion from a plurality of predefined policy criteria, each transaction type from the plurality of predefined transaction types being associated with a predefined policy criterion from the plurality of predefined policy criteria; send, via a network and to a mobile compute device separate from the compute device and associated with the user, a signal representing a challenge associated with the request from the user when the transaction type of the request meets a first predefined policy criterion from the plurality of predefined policy criteria; and send, to the provider server, a signal representing positive approval of the user without sending the signal representing the challenge when the transaction type of the request meets a second predefined policy criterion from the plurality of predefined policy criteria, the second predefined policy criterion being different than the first predefined policy criterion. - View Dependent Claims (46, 47, 48, 49, 50, 51)
-
-
52. A non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to:
-
receive, from a provider server and via a network, a signal representing a request from a user for access via a first compute device to a resource of the provider server; send, via a network and to a mobile compute device separate from the first compute device and associated with the user, a signal representing a challenge associated with the request from the user; receive, from the mobile compute device, a signal representing a response to the challenge, the response including a representation of a first passcode generated at a second compute device different from the first compute device and the mobile compute device; compare the first passcode received from the mobile compute device with a representation of a second passcode generated at the second compute device and received from the first compute device; and send, to the provider server, a signal representing positive approval of the user when the representation of the first passcode matches the representation of the second passcode. - View Dependent Claims (53, 54, 55, 56)
-
-
57. An apparatus, comprising:
-
a mobile device server implemented in at least one of a memory or a processor device, the mobile device server configured to be operably coupled to a provider server via a network and configured to receive, from a mobile compute device and via a first communication channel and the provider server, a signal representing a request from a user for access via the mobile compute device to a resource associated with the provider server, the mobile device server configured to send to the mobile compute device a signal representing a challenge associated with the request from the user, the mobile device server configured to receive, from the mobile compute device and via a second communication channel, a signal representing a response to the challenge, the mobile device server configured to identify (1) an indication representing a first attribute and received via the first communication channel, and (2) an indication representing a second attribute and received via the second communication channel, the mobile device server configured to compare the indication representing the first attribute with the indication representing the second attribute to produce a channel match identifier, the mobile device server configured to send to the provider server a signal representing a positive approval of the user when the channel match identifier meets a predefined criterion. - View Dependent Claims (58, 59, 60, 61, 62)
-
Specification