Universal secure registry

US 7,809,651 B2
Filed: 06/08/2007
Issued: 10/05/2010
Est. Priority Date: 02/21/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method of authenticating an identity of a first entity, comprising the acts of:

wirelessly transmitting from a first device to a second device, first encrypted authentication information of the first entity, wherein authentication information of the first entity included in the first encrypted authentication information includes each of a PIN provided by the first entity, a first portion of biometric data of the first entity and a time-varying value generated by the first device;

transmitting, from the second device over a network, at least a portion of the authentication information of the first entity to a secure database;

receiving, with the second device, a second portion of the biometric data of the first entity from the secure database;

decrypting with the second device, the first encrypted authentication information to provide the authentication information of the first entity to the second device;

combining, with the second device, the first portion of the biometric data and the second portion of the biometric data;

authenticating with the second device the identity of the first entity based upon the authentication information and the combination of the first portion of the biometric data and the second portion of the biometric data of the first entity; and

allowing the first entity to proceed with a computer assisted transaction or preventing the first entity from proceeding with the computer assisted transaction, respectively, based upon the authentication information and the combination of the first portion of the biometric data and the second portion of the biometric data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for validating an identity of a user to enable or prevent an occurrence of an event is disclosed. In one embodiment, the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver configured to receive the validation information and to further transmit the validation information, and a secure system in communication with the second device. The secure system includes a database configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event.

100 Citations

View as Search Results

43 Claims

1. A method of authenticating an identity of a first entity, comprising the acts of:
- wirelessly transmitting from a first device to a second device, first encrypted authentication information of the first entity, wherein authentication information of the first entity included in the first encrypted authentication information includes each of a PIN provided by the first entity, a first portion of biometric data of the first entity and a time-varying value generated by the first device;
  
  transmitting, from the second device over a network, at least a portion of the authentication information of the first entity to a secure database;
  
  receiving, with the second device, a second portion of the biometric data of the first entity from the secure database;
  
  decrypting with the second device, the first encrypted authentication information to provide the authentication information of the first entity to the second device;
  
  combining, with the second device, the first portion of the biometric data and the second portion of the biometric data;
  
  authenticating with the second device the identity of the first entity based upon the authentication information and the combination of the first portion of the biometric data and the second portion of the biometric data of the first entity; and
  
  allowing the first entity to proceed with a computer assisted transaction or preventing the first entity from proceeding with the computer assisted transaction, respectively, based upon the authentication information and the combination of the first portion of the biometric data and the second portion of the biometric data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 2. The method of claim 1, wherein the first portion of the biometric data is stored biometric data, andwherein the method further comprises an act of receiving detected biometric information of the first entity with a biometric sensor included the first device.
  - 3. The method of claim 2, further comprising authenticating at least one of the PIN and the detected biometric information with the first device;
    - andallowing or not allowing operation of the first device based on the act of authenticating with the first device.
  - 4. The method of claim 2, further comprising deleting data stored in the first device when the detected biometric information does not match biometric information stored in the first device.
  - 5. The method of claim 3, wherein the act of authenticating with the first device comprises authenticating each of the PIN and the detected biometric information of the first entity with the first device.
  - 6. The method of claim 5, wherein the act of authenticating the detected biometric information with the first device comprises authenticating a voice signature of the first entity.
  - 7. The method of claim 5, wherein the act of authenticating the detected biometric information with the first device comprises authenticating a finger print of the first entity.
  - 8. The method of claim 3, wherein the act of authenticating with the first device comprises authenticating each of the PIN and the detected biometric data.
  - 9. The method of claim 1, further comprising acts of:
    - including a first portion of an image of the first entity in the first encrypted authentication information; and
      
      receiving, with the second device, a second portion of the image of the first entity from the secure database.
  - 10. The method of claim 1, wherein the first portion of the biometric data differs from the second portion of the biometric data.
  - 11. The method of claim 10, wherein the act of decrypting the first encrypted authentication information includes an act of receiving, with the second device a public key of the first entity from the secure database.
  - 12. The method of claim 11, further comprising an act of transmitting, from the second device over the network, identification information about the second entity to the secure database, wherein the identification information identifies the second entity as being authorized to receive at least one of the public key of the first entity and the second portion of the biometric.
  - 13. The method of claim 12, further comprising an act of transmitting a public identification of the first entity, from the second device over the network, to the secure database.
  - 14. The method of claim 13, wherein the act of receiving the second portion of the biometric data includes receiving the second portion of the biometric data of the first entity in a signal including a time-varying one time code.
  - 15. The method of claim 1, further comprising an act of displaying together, with the second device, the combination of the first portion of the biometric data and the second portion of biometric data.
  - 16. The method of claim 15, wherein the biometric data comprises an image of the first entity, andwherein the act of displaying together includes an act of displaying the image.
  - 17. The method of claim 1, further comprising an act of using the at least a portion of authentication information, by the secure database, to access the second portion of the biometric data of the first entity.
  - 18. The method of claim 17, further comprising an act of generating a non-predictable code at the second device from the at least a portion of the authentication information.
  - 19. The method of claim 18, wherein the non-predictable code includes a time-varying code.
  - 20. The method of claim 17, further comprising communicating between the second device and the secure database over at least one of a wide area network, Internet, and a wireless network.
  - 21. The method of claim 1, wherein the act of wirelessly transmitting includes transmitting an electromagnetic wireless signal including at least one of a Bluetooth wireless signal, an infrared wireless signal, an RF wireless signal and near-field communication.
  - 22. The method of claim 1, further comprising storing public keys of a plurality of first entities on the second device.
  - 23. The method of claim 22, wherein the act of wirelessly transmitting comprises transmitting the first encrypted authentication information encrypted with a private key of the first entity,wherein the act of decrypting of the first encrypted authentication information by the second device is performed using a public key of the first entity, andwherein the method further comprises looking up the public key of the first entity on the second device.
  - 24. The method of claim 23, wherein the first encrypted authentication information includes at least one of a name, an identification number, an e-mail address, and at least a portion of a picture of the first entity.
  - 25. The method of claim 22, further comprising storing a private key of the second entity on the second device.
  - 26. The method of claim 22, further comprising the act of periodically updating the second device with the public keys of the plurality of first entities.
  - 27. The method of claim 1, further comprising communicating periodically between the second device and the secure database to maintain the second device in an operational state.
  - 28. The method of claim 27, further comprising deleting data stored on the second device if a periodic communication is not performed.
  - 29. The method of claim 1, further comprising communicating periodically between the first device and the secure database to maintain the first device in an operational state.
  - 30. The method of claim 27, further comprising deleting data stored on the first device if a periodic communication is not performed.
  - 31. The method of claim 1, further comprising receiving, with the second device, a delete command from the secure database;
    - anddeleting data stored on the second device in response to a receipt of the delete command.
  - 32. The method of claim 1, further comprising requesting, with the second device, the first encrypted authentication information from the first device.
  - 33. The method of claim 1, further comprising receiving with the first device, a delete command from the secure database;
    - anddeleting data stored on the first device in response to a receipt of the delete command.
  - 34. The method of claim 1, further comprising including a digital signature of the first entity in the first encrypted authentication information.
  - 35. The method of claim 1, further comprising including a public ID of the first entity including any of a name, an identification number and an e-mail address in the first encrypted authentication information.
  - 36. The method of claim 1, further comprising including an encrypted DES key of the first entity in the first encrypted authentication information.
  - 37. The method of claim 36, further comprising an act of encrypting, with the first device, the first portion of the biometric data of the first entity with the DES key.
  - 38. The method of claim 37, further comprising including a first portion of an image of the first entity in the first encrypted authentication information.
  - 39. The method of claim 37, further comprising encrypting, with the first device, the DES key with a private key of the first entity;
    - anddecrypting, with the second device, the DES key with a public key of the first entity.
  - 40. The method of claim 1, wherein the network is a first network, and wherein the act of wirelessly transmitting further comprises wirelessly transmitting over a second network that is different than the first network.
  - 41. The method of claim 40, further comprising an act of wirelessly transmitting over the second network by any one of a Bluetooth signal, an optical signal, and a near-field signal.
  - 42. The method of claim 40, wherein the first network includes a wide area network, andwherein the second network includes a local area network.
  - 43. The method of claim 1, wherein the first device and second device can each include at least one of a cell phone, a PDA, a PC, a credit card sized device, an ID badge, a key FOB, a passport, and a wrist watch.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Universal Secure Registry LLC
Original Assignee
Kenneth P. Weiss
Inventors
Weiss, Kenneth P.
Primary Examiner(s)
Augustin; Evens J
Assistant Examiner(s)
Cheung; Calvin K

Application Number

US11/760,732
Publication Number

US 20070288758A1
Time in Patent Office

1,215 Days
Field of Search

705/68
US Class Current

705/68
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G06F 21/6245   Protecting personal data, e...

G06F 2221/2115   Third party

G06Q 10/10   Office automation; Time man...

G06Q 20/3676   Balancing accounts

G06Q 20/3821   Electronic credentials

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/40145   Biometric identity checks

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

G07C 9/257   electronically G07C9/26 tak...

G07C 9/26   using a biometric sensor in...

G07C 9/27   with central registration

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0442   wherein the sending and rec...

H04L 63/068   using time-dependent keys, ...

H04L 63/08 : for authentication of entit...

H04L 63/083 : using passwords cryptograph...

H04L 63/0853 : using an additional device,...

H04L 63/0861 : using biometrical features,...

H04L 63/10 : for controlling access to d...

H04L 9/0891 : Revocation or update of sec...

H04L 9/3231 : Biological data, e.g. finge...

H04L 9/3247 : involving digital signatures

H04L 9/3271 : using challenge-response

H04W 12/03 : Protecting confidentiality,...

H04W 12/06 : Authentication

View All

Universal secure registry

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

100 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Universal secure registry

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links