ENHANCING TRANSACTION AUTHENTICATION WITH PRIVACY AND SECURITY ENHANCED INTERNET GEOLOCATION AND PROXIMITY
First Claim
Patent Images
1. A method, comprising:
- receiving from a web server a request for a transaction initiated at a user device;
transmitting to the user device a one-time password derived from a secret shared with the web server and details of the transactionreceiving from one or more slave servers one or more messages originating from the user device and passing respectively through the one or more slave servers, each of the messages indicating a time of travel of the respective message from the user device to the respective one of the slave servers; and
based on the times indicated in the one or more messages, estimating a location of the user device.
3 Assignments
0 Petitions
Accused Products
Abstract
Transaction authentication with techniques and geolocation are combined to provide privacy and security enhanced geolocation. In an example implementation, a user initiates a transaction at a web service which in turns triggers a security server. The security server uses its always on connection with the combined client on user security device to perform geolocation, proximity and transaction authentication. These results may be used by the web service to make a decision on whether to proceed with the transaction.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving from a web server a request for a transaction initiated at a user device; transmitting to the user device a one-time password derived from a secret shared with the web server and details of the transaction receiving from one or more slave servers one or more messages originating from the user device and passing respectively through the one or more slave servers, each of the messages indicating a time of travel of the respective message from the user device to the respective one of the slave servers; and based on the times indicated in the one or more messages, estimating a location of the user device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method, comprising:
-
receiving from a web server a request for a transaction initiated at a first user device; transmitting to a second user device a one-time password derived from a secret shared with the web server and details of the transaction; receiving from one or more slave servers a first set of one or more messages originating from the first user device and passing respectively through the one or more slave servers, each of the messages indicating a time of travel of the respective message from the first user device to the respective one of the slave servers; and based on the times indicated in the first set of one or more messages, estimating a location of the first user device. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computerized system, comprising:
-
a processor; and memory, the memory holding instructions that, when executed by the processor, cause the system to; receive from a web server a request for a transaction initiated at a user device; transmit to the user device or to a second user device a one-time password derived from a secret shared with the web server and details of the transaction; receive from one or more slave servers one or more messages originating from the user device and passing respectively through the one or more slave servers, each of the messages indicating a time of travel of the respective message from the user device to the respective one of the slave servers; and based on the times indicated in the one or more messages, estimate a location of the user device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification