System And Method For Secure Transactions

US 20150237026A1
Filed: 08/13/2013
Published: 08/20/2015
Est. Priority Date: 08/16/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

wirelessly conveying first data, a user identifier, and an application identifier from a first device to a second device, wherein the first data is based on confidential data of a user and the user identifier is unique to the user;

transmitting, from the second device to an authentication server, the first data, the user identifier, the application identifier, a second device hardware identifier, a third party identifier, a second device firmware identifier, and a transaction type identifier corresponding to a requested transaction type;

at a computer processor of the authentication server, authenticating the second device hardware identifier and the second device firmware identifier based on the third party identifier;

verifying that a third party is authorized to perform the requested transaction type for the user, wherein said verifying is based on the third party identifier;

authenticating the first data and application identifier based on the user identifier; and

performing a transaction for the user corresponding to the requested transaction type.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes systems and methods directed towards a highly secure and intelligent, end to end provisioning, authentication, and transaction system which creates and/or consolidates user data for a unified profile for the user (e.g., a person, place, organization, object, etc.) to allow for the safe, secure, and verifiable exchange of information.

67 Citations

View as Search Results

28 Claims

1. A method comprising:
- wirelessly conveying first data, a user identifier, and an application identifier from a first device to a second device, wherein the first data is based on confidential data of a user and the user identifier is unique to the user;
  
  transmitting, from the second device to an authentication server, the first data, the user identifier, the application identifier, a second device hardware identifier, a third party identifier, a second device firmware identifier, and a transaction type identifier corresponding to a requested transaction type;
  
  at a computer processor of the authentication server, authenticating the second device hardware identifier and the second device firmware identifier based on the third party identifier;
  
  verifying that a third party is authorized to perform the requested transaction type for the user, wherein said verifying is based on the third party identifier;
  
  authenticating the first data and application identifier based on the user identifier; and
  
  performing a transaction for the user corresponding to the requested transaction type.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the application identifier is based on a unique identifier of the first device, a software identifier corresponding to software running on the first device, and an authentication identifier.
  - 3. The method of claim 1, wherein said authenticating the second device hardware identifier and the second device firmware identifier based on the third party identifier includes:
    - accessing a third party data table indexed by the third party identifier; and
      
      verifying that the second device hardware identifier and second device firmware identifier are stored in the third party data table.
  - 4. The method of claim 1, wherein said authenticating the first data and the application identifier based on the user identifier includes:
    - accessing a user data table indexed by the user identifier; and
      
      verifying that the application identifier is stored in the user data table.
  - 5. The method of claim 1, wherein said wirelessly conveying the first data, the user identifier, and the application identifier includes:
    - displaying a barcode on the first device, wherein the barcode includes an encoded representation of the first data, a user identifier, and an application identifier; and
      
      scanning the barcode with the second device.
  - 6. The method of claim 1, wherein said wirelessly conveying includes transmitting via near field communication (NFC).
  - 7. The method of claim 1, further comprising:
    - wirelessly transmitting an electronic message from the authentication server to the first device, wherein the message includes a request for user authorization of a release of user data associated with the transaction;
      
      receiving an indication of user authorization of the release of the user data associated with the transaction;
      
      wherein the transaction is performed for the user based on the received indication of user authorization of the release of the user data.
  - 8. The method of claim 1, further comprising:
    - transmitting an electronic message from the authentication server to an entity computer of an entity, wherein the electronic message includes a request for second data;
      
      at the authentication server, receiving the second data from the entity computer;
      
      wherein the transaction is performed for the user based on the second data.
  - 9. The method of claim 1, further comprising:
    - transmitting an electronic message from the authentication server to an entity computer of an entity, wherein the electronic message includes a request for authorization of the requested transaction;
      
      at the authentication server, receiving an electronic authorization from the entity computer;
      
      wherein the transaction is performed for the user responsive to the received authorization from the entity computer.
  - 10. The method of claim 1, further comprising:
    - transmitting an electronic message from the authentication server to an entity computer of an entity, wherein the electronic message includes updated transaction data for storage at the entity computer.
  - 11. The method of claim 1, further comprising:
    - transmitting a first electronic message from the authentication server to an entity computer of an entity, wherein the first electronic message includes a notification of the requested transaction;
      
      at the authentication server, receiving a second electronic message from the entity computer, wherein the second electronic message includes update data; and
      
      transmitting the update data to at least one of the first and second devices.
  - 12. The method of claim 1, wherein the first data is a result of processing the confidential data of the user and the user identifier with a hash function.
  - 13. The method of claim 1, wherein the first data is a result of processing the confidential data of the user with a hash function.
  - 14. The method of claim 1, further comprising:
    - receiving a PIN at the second device;
      
      transmitting the PIN from the second device to the authentication server; and
      
      authenticating the PIN based on the user identifier.
  - 15. The method of claim 14, wherein the PIN is received wirelessly from the mobile device.
  - 16. The method of claim 1, wherein the transaction is a payment transaction and the confidential data of the user includes account information.

17. A method comprising:
- wirelessly conveying first data, a user identifier, and a first device identifier from a first device to a second device, wherein the first data is based on confidential data of a user and the user identifier is unique to the user;
  
  transmitting, from the second device to an interchange payment processor, the first data, the user identifier, the first device identifier, a third party identifier, a second device firmware identifier, and a transaction type identifier corresponding to a requested transaction type;
  
  transmitting the first data, the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, and the transaction type identifier from the interchange payment processor to an authentication server;
  
  at a computer processor of the authentication server, authenticating the second device firmware identifier based on the third party identifier;
  
  verifying that a third party is authorized to perform the requested transaction type for the user, wherein said verifying is based on the third party identifier;
  
  authenticating the first data and the first device identifier based on the user identifier; and
  
  performing a transaction for the user corresponding to the requested transaction type.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, wherein the first data includes an authentication identifier, the method further comprising:
    - identifying the authentication identifier at the interchange payment processor;
      
      wherein the first data, the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, and the transaction type identifier are transmitted to the authentication server at a network address based on the authentication identifier.
  - 19. The method of claim 17, further comprising:
    - transmitting an authentication identifier from the second device to the interchange payment processor;
      
      wherein the first data, the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, and the transaction type identifier are transmitted to the authentication server at a network location based on the authentication identifier.
  - 20. The method of claim 19, further comprising transmitting the authentication identifier from the first device to the second device.

21. The method of claim 17, further comprising:
- transmitting a second device hardware identifier from the second device to the authentication server via the interchange payment processor; and
  
  authenticating the second device hardware identifier based on the third party identifier.

22. A method comprising:
- wirelessly conveying a first credit card number, a user identifier, and a first device identifier from a first device to a second device, wherein the user identifier is unique to a user;
  
  transmitting, from the second device to an interchange payment processor, the first credit card number, the user identifier, the first device identifier, a third party identifier, a second device firmware identifier, and a transaction type identifier corresponding to a requested transaction type;
  
  verifying the first credit card number at the interchange payment processor;
  
  transmitting the first credit card number, the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, and the transaction type identifier from the interchange payment processor to one of a credit card interchange and a bank interchange;
  
  at said one of a credit card interchange and a bank interchange, determining an authentication identifier from the first credit card number;
  
  transmitting the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, the transaction type identifier, and at least a portion of the first credit card number to an authentication server specified by the authentication identifier;
  
  at a computer processor of the authentication server, authenticating the second device firmware identifier based on the third party identifier;
  
  performing a transaction for the user corresponding to the requested transaction type.

23. The method of claim 22, further comprising:
- verifying that a third party is authorized to perform the requested transaction type for the user, wherein said verifying is based on the third party identifier; and
  
  authenticating the first device identifier based on the user identifier.

24. The method of claim 22, further comprising:
- based on the at least a portion of the first credit card number, identifying a predetermined substring of the first credit card number;
  
  based on the user identifier and the predetermined substring, retrieving a second credit card number associated with the user; and
  
  performing the transaction for the user using the second credit card number.

25. The method of claim 22, wherein said one of a credit card interchange and a bank interchange is a credit card interchange.

26. The method of claim 22, wherein said verifying the first credit card number includes determining an issuer identifier, and said one of a credit card interchange and a bank interchange is a bank interchange associated with an issuer bank identified by the issuer identifier.

27. A method comprising:
- wirelessly conveying a first credit card number, a user identifier, and a first device identifier from a first device to a second device, wherein the user identifier is unique to a user;
  
  transmitting, from the second device to an interchange payment processor, the first credit card number, the user identifier, the first device identifier, a third party identifier, a second device firmware identifier, and a transaction type identifier corresponding to a requested transaction type;
  
  verifying the first credit card number at the interchange payment processor;
  
  transmitting the first credit card number, the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, and the transaction type identifier from the interchange payment processor to a credit card interchange;
  
  at the credit card interchange, determining an issuer identifier from the first credit card number;
  
  transmitting the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, the transaction type identifier, and at least a portion of the first credit card number to a bank interchange associated with an issuer bank identified by the issuer identifier;
  
  at the bank interchange, determining an authentication identifier from the first credit card number;
  
  transmitting the user identifier, the first device identifier, the third party identifier, the second device firmware identifier, the transaction type identifier, and said at least a portion of the first credit card number to an authentication server specified by the authentication identifier.

28. The method of claim 27, further comprising:
- at a computer processor of the authentication server, authenticating the second device firmware identifier based on the third party identifier;
  
  verifying that a third party is authorized to perform the requested transaction type for the user, wherein said verifying is based on the third party identifier;
  
  authenticating the first device identifier based on the user identifier; and
  
  performing a transaction for the user corresponding to the requested transaction type.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cort Co.
Original Assignee
Tango Mobile LLC
Inventors
Kumar, Himalesh Cherukuvada

Granted Patent

US 9,386,003 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/44   Program or device authentic...

G06F 2221/2115   Third party

G06Q 20/12   specially adapted for elect...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3821   Electronic credentials

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0884   by delegation of authentica...

H04L 63/105   Multiple levels of security

H04L 9/3226   using a predetermined code,...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

System And Method For Secure Transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System And Method For Secure Transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links