SECURE AUTHENTICATION OF USER AND MOBILE DEVICE

US 20160241402A1
Filed: 02/17/2016
Published: 08/18/2016
Est. Priority Date: 02/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method for authentication, comprising:

.receiving, by a mobile device, a user request to access a service provider application;

in response to the user request to access the service provider application, requesting, by the mobile device, identification and verification from the user via an identification and verification application residing within the mobile device;

receiving, by the mobile device, a positive identification and verification response;

generating, by the mobile device, a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, and a service provider application ID; and

transmitting, by the mobile device, the generated cryptogram, the user ID, the timestamp, the device ID, and the service provider application ID, to a service provider computer associated with the service provider application,wherein the service provider computer verifies the cryptogram.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.

84 Citations

View as Search Results

20 Claims

1. A method for authentication, comprising:
- .receiving, by a mobile device, a user request to access a service provider application;
  
  in response to the user request to access the service provider application, requesting, by the mobile device, identification and verification from the user via an identification and verification application residing within the mobile device;
  
  receiving, by the mobile device, a positive identification and verification response;
  
  generating, by the mobile device, a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, and a service provider application ID; and
  
  transmitting, by the mobile device, the generated cryptogram, the user ID, the timestamp, the device ID, and the service provider application ID, to a service provider computer associated with the service provider application,wherein the service provider computer verifies the cryptogram.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the cryptogram is generated within a secure element (SE) of the mobile device.
  - 3. The method of claim 1, wherein the server computer verifies the cryptogram by determining a plurality of data elements encoded within the cryptogram, and then comparing the determined plurality of data elements to the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID received by the service provider computer.
  - 4. The method of claim 3, wherein the user and the mobile device are authenticated based on the comparing.
  - 5. The method of claim 1, wherein the cryptogram is also generated using the positive identification and verification response.
  - 6. The method of claim 1, wherein the identification and verification services comprises at least one of fingerprint identification and verification, iris identification and verification, or voice identification and verification.
  - 7. The method of claim 1, wherein the cryptogram is transmitted to the service provider computer over the Internet.
  - 8. The method of claim 1, wherein the cryptogram is matched to a transaction ID by the service provider computer.

9. A mobile device, comprising:
- a processor; and
  
  a non-transitory computer readable medium, the non-transitory computer readable medium comprising code, executable by the processor, for implementing a method;
  
  receiving a user request to access a service provider application;
  
  in response to the user request to access the service provider application, requesting identification and verification from the user via an identification and verification application residing within the mobile device;
  
  receiving a positive identification and verification response;
  
  generating a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, and a service provider application ID; and
  
  transmitting the generated cryptogram, the user ID, the timestamp, the device ID, and the service provider application ID, to a service provider computer associated with the service provider application,wherein the service provider computer verifies the cryptogram.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The mobile device of claim 9, wherein the cryptogram is generated within a secure element (SE) of the mobile device.
  - 11. The mobile device of claim 9, wherein the server computer verifies the cryptogram by determining a plurality of data elements encoded within the cryptogram, and then comparing the determined plurality of data elements to the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID received by the service provider computer.
  - 12. The mobile device of claim 9, wherein the user and the mobile device are authenticated based on the comparing.
  - 13. The mobile device of claim 9, wherein the cryptogram is also generated using the positive identification and verification response.
  - 14. The mobile device of claim 9, wherein the identification and verification services comprises at least one of fingerprint identification and verification, iris identification and verification, or voice identification and verification.
  - 15. The mobile device of claim 9, wherein the cryptogram is transmitted to the service provider computer over the Internet.
  - 16. The mobile device of claim 9, wherein the cryptogram is matched to a transaction ID by the service provider computer.

17. A method for authentication, comprising:
- receiving, by a service provider computer associated with a service provider application, a generated cryptogram, a user ID, a timestamp, a device ID, and a service provider application ID, wherein the generated cryptogram was generated by a mobile device and encrypts the user ID, the timestamp, the device ID, and the service provider application ID;
  
  decrypting, by the service provider, the received generated cryptogram; and
  
  verifying, by the service provider computer, the cryptogram by determining a plurality of data elements encoded within the cryptogram, and then comparing the determined plurality of data elements to the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID received by the service provider computer.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising authenticating a user of the mobile device based on the verifying.
  - 19. The method of claim 17, wherein the cryptogram was generated by the mobile device in response to receiving a positive identification and verification response, the positive identification and verification response received in response to an identification and verification request, to a user of the mobile device, initiated by an identification and verification service on the mobile device.
  - 20. The method of claim 17, wherein the identification and verification service comprises at least one of fingerprint identification and verification, iris identification and verification, or voice identification and verification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Gordon, James, Joshi, Roopesh, Horton, David

Granted Patent

US 10,116,447 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/0861   using biometrical features,...

H04L 9/321   involving a third party or ...

H04L 9/3228   One-time or temporary data,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

H04L 9/3297   involving time stamps, e.g....

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

SECURE AUTHENTICATION OF USER AND MOBILE DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

84 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE AUTHENTICATION OF USER AND MOBILE DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links