SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR SECURE PEER-TO-PEER TRANSACTIONS

US 20150334097A1
Filed: 05/12/2015
Published: 11/19/2015
Est. Priority Date: 05/14/2014
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, at an application stored on a first mobile device, a first set of user data, the first set of user data including one or more of;

a user identification, a password, at least a portion of a social security number associated with the user, at least a portion of an account number associated with an issuing authority, and an activation code;

submitting the first set of user data to a server;

generating a public-private key pair for the application and the user;

preparing application credentials, the application credentials including at least one of;

a unique identifier associated with the application credentials, the public key generated for the application, a version of the application, and a hardware address for a network connection;

preparing user credentials, the user credentials including at least one of;

a first name of the user, a last name of the user, the public key generated for the user, a unique personal identification number (PIN) assigned to the to the user by an issuing authority, and a photograph of the user;

authenticating the user credentials and the application credentials;

storing the user credentials and the application credentials;

sending a copy of the application credentials and the user credentials to an issuing authority;

receiving the copy of the application credentials and the user credentials authenticated by the issuing authority; and

storing the copy of the application credentials and the user credentials signed by issuing authority on the first mobile device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer program product are provided for secure peer to peer transactions. In use, a peer to peer secured transaction is initiated between a first device and a second device. A request is prepared with signed keys at the first device, and the request may be received at the second device. Next, signed keys at the second device are validated and a response is prepared with signed keys at the second device and sent to the first device. Further, the response is cleared via issuer/broker/clearing house at the first device. Lastly, a receipt is prepared and signed at the first device, and the signed receipt is sent to the second device. Additional systems, methods, and computer program products are also presented.

Citations

20 Claims

1. A method, comprising:
- receiving, at an application stored on a first mobile device, a first set of user data, the first set of user data including one or more of;
  
  a user identification, a password, at least a portion of a social security number associated with the user, at least a portion of an account number associated with an issuing authority, and an activation code;
  
  submitting the first set of user data to a server;
  
  generating a public-private key pair for the application and the user;
  
  preparing application credentials, the application credentials including at least one of;
  
  a unique identifier associated with the application credentials, the public key generated for the application, a version of the application, and a hardware address for a network connection;
  
  preparing user credentials, the user credentials including at least one of;
  
  a first name of the user, a last name of the user, the public key generated for the user, a unique personal identification number (PIN) assigned to the to the user by an issuing authority, and a photograph of the user;
  
  authenticating the user credentials and the application credentials;
  
  storing the user credentials and the application credentials;
  
  sending a copy of the application credentials and the user credentials to an issuing authority;
  
  receiving the copy of the application credentials and the user credentials authenticated by the issuing authority; and
  
  storing the copy of the application credentials and the user credentials signed by issuing authority on the first mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, further comprising:
    - receiving, at the application stored on the first mobile device, information associated with a financial transaction, wherein the information associated with the financial transaction includes at least one of;
      
      an amount associated with a good or a service, a description associated with the good or the service, and a code associated with the good or the service.
  - 3. The method of claim 2, further comprising:
    - connecting, using a wireless connection, the first mobile device to a second application stored on a second mobile device, the second application being associated with user data of a second user;
      
      validating at least one of a hardware address and a certificate associated with the second mobile device, wherein the validating includes verifying the authorization of the certificate by an issuing authority;
      
      sending, using the public key associated therewith, the user credentials and application credentials associated with the first mobile device to the application of the second mobile device;
      
      receiving user credentials and application credentials associated with the second application of the second mobile device;
      
      validating the user credentials and application credentials associated with the second application of the second mobile device; and
      
      displaying, using the first application of the first mobile device, the user credentials associated with the second application of the second mobile device.
  - 4. The method of claim 1, wherein the user credentials and the application credentials are associated with an invoice.
  - 5. The method of claim 4, further comprising:
    - sending the user credentials and application credentials associated with the first mobile device to a second mobile device;
      
      in response to the sending, receiving a payment amount based on the invoice; and
      
      verifying whether the payment amount is approved of by a second issuing authority associated with the second mobile device, wherein if the payment amount is approved, a receipt is prepared by the first mobile device and sent to the second mobile device, and if the payment is not approved, then the payment amount is not finalized.
  - 6. The method of claim 4, wherein the invoice is sent to a second mobile device, and in response, a payment associated with the second mobile device is received at the first mobile device.
  - 7. The method of claim 5, wherein the payment is associated with a digital check, and the digital check is restricted by at least one of geo boundaries, a valid time period, a maximum permissible offline amount, a user, and a device.
  - 8. The method of claim 6, wherein the payment includes a user signed key and an application signed key.
  - 9. The method of claim 8, further comprising:
    - validating the user signed key and the application signed key;
      
      determining whether the first mobile device is offline;
      
      if the first mobile device is offline, determining whether the payment allows for an offline transaction;
      
      if the payment allows for offline transaction, accepting the payment; and
      
      if the payment does not allow for offline transaction, not accepting the payment.
  - 10. The method of claim 8, wherein the payment further includes a check identifier.
  - 11. The method of claim 6, wherein the second mobile device validates the user signed key and application key and further verifies the hardware address.
  - 12. The method of claim 8, wherein the user signed key and application signed key are encrypted.
  - 13. The method of claim 1, wherein the user credentials and the application credentials are encrypted.
  - 14. The method of claim 13, wherein the encrypted user credentials and the encrypted application credentials are sent to a second mobile device, wherein the second mobile device decrypts and validates the user credentials and the application credentials.
  - 15. The method of claim 8, wherein a mobile application is used on the second mobile device to validate the user credentials and the application credentials, as well as to create the user signed key and the application signed key.
  - 16. The method of claim 15, wherein the mobile application receives a manually inputted signature on the second device, the signature being displayed with the payment.
  - 17. The method of claim 1, wherein a transaction occurs between the first mobile device and at least one other mobile device.
  - 18. The method of claim 1, wherein the first mobile device and at least one other mobile device connect via at least one of WiFi, bluetooth, and NFC.

19. A computing apparatus including a processor and a memory storing instructions that, when executed by the processor, configure the apparatus to perform a method comprising:
- receiving, at an application stored on a first mobile device, a first set of user data, the first set of user data including one or more of;
  
  a user identification, a password, at least a portion of a social security number associated with the user, at least a portion of an account number associated with an issuing authority, and an activation code;
  
  storing the first set of user data;
  
  generating a public-private key pair for the application and the user;
  
  preparing application credentials, the application credentials including at least one of;
  
  a unique identifier associated with the application credentials, the public key generated for the application, a version of the application, a hardware address for a network connection;
  
  preparing user credentials, the user credentials including at least one of;
  
  a first name of the user, a last name of the user, the public key generated for the user, a unique personal identification number (PIN) assigned to the to the user by an issuing authority, and a photograph of the user;
  
  authenticating the user credentials and the application credentials;
  
  storing the user credentials and the application credentials;
  
  sending a copy of the application credentials and the user credentials to an issuing authority;
  
  receiving the copy of the application credentials and the user credentials authenticated by the issuing authority; and
  
  storing the copy of the application credentials and the user credentials signed by issuing authority on the first mobile device.

20. A non-transitory computer-readable storage medium having stored thereon instructions including instructions that, when executed by a processor, configure the processor to perform a method comprising:
- receiving, at an application stored on a first mobile device, a first set of user data, the first set of user data including one or more of;
  
  a user identification, a password, at least a portion of a social security number associated with the user, at least a portion of an account number associated with an issuing authority, and an activation code;
  
  storing the first set of user data;
  
  generating a public-private key pair for the application and the user;
  
  preparing application credentials, the application credentials including at least one of;
  
  a unique identifier associated with the application credentials, the public key generated for the application, a version of the application, a hardware address for a network connection;
  
  preparing user credentials, the user credentials including at least one of;
  
  a first name of the user, a last name of the user, the public key generated for the user, a unique personal identification number (PIN) assigned to the to the user by an issuing authority, and a photograph of the user;
  
  authenticating the user credentials and the application credentials;
  
  storing the user credentials and the application credentials;
  
  sending a copy of the application credentials and the user credentials to an issuing authority;
  
  receiving the copy of the application credentials and the user credentials authenticated by the issuing authority; and
  
  storing the copy of the application credentials and the user credentials signed by issuing authority on the first mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Geeta Mundhra, Vivek Mundhra
Original Assignee
Geeta Mundhra, Vivek Mundhra
Inventors
Mundhra, Vivek, Mundhra, Geeta

Granted Patent

US 9,602,328 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/223   based on the use of peer-to...

G06Q 20/3829   involving key management

G06Q 20/4012   Verifying personal identifi...

H04L 63/0492   by using a location-limited...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/1074   for supporting data block t...

H04L 9/40   Network security protocols

SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR SECURE PEER-TO-PEER TRANSACTIONS

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR SECURE PEER-TO-PEER TRANSACTIONS

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links