Authentication methods for use in financial transactions and information banking

US 8,028,896 B2
Filed: 07/15/2008
Issued: 10/04/2011
Est. Priority Date: 12/14/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initiating a financial transaction involving a person, using a mobile device;

determining, based on a characteristic of the transaction, a necessary authentication level for the transaction within a hierarchy of authentication levels, wherein each authentication level requires a different authentication method, and wherein each authentication level in the hierarchy of authentication levels requires an authentication method comprising the cumulative authentication methods of all lower authentication levels in the hierarchy and an additional authentication method;

receiving, at the mobile device, authentication information related to the person based on the necessary authentication level; and

authenticating the person by verification of the authentication information, using the mobile device, using the authentication method required by the necessary authentication level,wherein if the person is authenticated, the transaction is completed, and if the person is not authenticated, the transaction is prevented.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for conducting a financial transaction can be used by a person using a mobile device to conduct the transaction. The mobile device receives information related to the person that can be used for authentication purposes, such as a PIN or biometric data. The mobile device then authenticates the person by verifying the information received. If the person is authenticated, the transaction is completed using the mobile device, and if the person is not authenticated, the transaction is prevented.

169 Citations

16 Claims

1. A method comprising:
- initiating a financial transaction involving a person, using a mobile device;
  
  determining, based on a characteristic of the transaction, a necessary authentication level for the transaction within a hierarchy of authentication levels, wherein each authentication level requires a different authentication method, and wherein each authentication level in the hierarchy of authentication levels requires an authentication method comprising the cumulative authentication methods of all lower authentication levels in the hierarchy and an additional authentication method;
  
  receiving, at the mobile device, authentication information related to the person based on the necessary authentication level; and
  
  authenticating the person by verification of the authentication information, using the mobile device, using the authentication method required by the necessary authentication level,wherein if the person is authenticated, the transaction is completed, and if the person is not authenticated, the transaction is prevented.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the authentication method is selected from the group consisting of:
    - fingerprint validation, voice validation, facial recognition validation, iris scan validation, PIN validation, and GPS location validation.
  - 3. The method of claim 1, wherein the characteristic of the transaction used in determining the necessary authentication level comprises a monetary value of the transaction.
  - 4. The method of claim 1, wherein the characteristic of the transaction used in determining the necessary authentication level comprises a type of the transaction.
  - 5. The method of claim 1, wherein the necessary authentication level for the transaction is determined based on preferences previously indicated by the person.

6. A mobile device comprising a processor configured for use in conducting a plurality of financial transactions related to the person using the mobile device, wherein, in performing each transaction, the processor is configured to cause the mobile device to perform:
- initiating a financial transaction involving a person;
  
  determining, based on a characteristic of the transaction, a necessary authentication level for the transaction within a hierarchy of authentication levels, wherein each authentication level requires a different authentication method, and wherein each authentication level in the hierarchy of authentication levels requires an authentication method comprising the cumulative authentication methods of all lower authentication levels in the hierarchy and an additional authentication method;
  
  receiving authentication information related to the person based on the necessary authentication level; and
  
  authenticating the person by verification of the authentication information, using the authentication method required by the necessary authentication level,wherein if the person is authenticated, the transaction is completed, and if the person is not authenticated, the transaction is prevented.

7. A computer-readable medium containing computer-executable instructions configured to cause a mobile device to perform:
- initiating a financial transaction involving a person;
  
  determining, based on a characteristic of the transaction, a necessary authentication level for the transaction within a hierarchy of authentication levels, wherein each authentication level requires a different authentication method, and wherein each authentication level in the hierarchy of authentication levels requires an authentication method comprising the cumulative authentication methods of all lower authentication levels in the hierarchy and an additional authentication method;
  
  receiving authentication information related to the person based on the necessary authentication level; and
  
  authenticating the person by verification of the authentication information, using the authentication method required by the necessary authentication level,wherein if the person is authenticated, the transaction is completed, and if the person is not authenticated, the transaction is prevented.

8. A mobile device comprising:
- a biometric sensor configured to read biometric information of a person;
  
  a processor configured to cause the mobile device to perform;
  
  receiving, at a point-of-sale, information regarding a financial transaction occurring at the point-of-sale;
  
  receiving, at the point-of-sale, biometric information of a person to the financial transaction;
  
  verifying, at the point-of-sale, the biometric information by comparing the biometric information with stored biometric information accessible to the processor; and
  
  transmitting a signal confirming the verification of the biometric information, wherein the transaction is prevented unless the biometric information is verified;
  
  automatically periodically gathering additional biometric information related to the person; and
  
  re-authenticating the person by verification of the additional biometric information.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The mobile device of claim 8, wherein the biometric information is selected from the group consisting of:
    - fingerprint information, voice validation information, facial recognition information, and iris scan information.
  - 10. The mobile device of claim 8, wherein the processor is further configured to cause the mobile device to perform:
    - determining, based on a characteristic of the transaction, one or more types of biometric information which are necessary for authenticating the transaction.
  - 11. The mobile device of claim 8, wherein the mobile device is a mobile phone.
  - 12. The mobile device of claim 8, further comprising:
    - a recognition feature configured to recognize a payment card, wherein the mobile device is configured to be used in connection with the payment card to complete the financial transaction, wherein the recognition feature recognizes the payment card.
  - 13. The mobile device of claim 12, wherein the recognition feature is configured to recognize at least one feature from the group consisting of:
    - physical orientation features, optical storage, smart card features, contacted communication features, machine decodable images, barcodes, and magstripes.

14. A system comprising:
- a mobile device comprising a biometric sensor configured to read biometric information of a person and a processor configured to cause the mobile device to perform;
  
  receiving, at a point-of-sale, information regarding a financial transaction occurring at the point-of-sale;
  
  determining, based on a characteristic of the transaction, one or more types of biometric information which are necessary for authenticating the transaction;
  
  receiving, at the point-of-sale, biometric information of a person to the financial transaction, the received biometric information corresponding to the one or more types of biometric information that are determined to be necessary;
  
  verifying, at the point-of-sale, the biometric information by comparing the biometric information with stored biometric information accessible to the processor; and
  
  transmitting a signal confirming the verification of the biometric information, wherein the transaction is prevented unless the biometric information is verified;
  
  automatically periodically gathering additional biometric information related to the person; and
  
  re-authenticating the person by verification of the additional biometric information; and
  
  a payment card, wherein the payment card cannot be used to complete a financial transaction without verification and recognition of the payment card by the mobile device.

15. A method comprising:
- receiving, by a mobile device having a processor and a biometric sensor, at a point-of-sale, information regarding a financial transaction occurring at the point-of-sale;
  
  receiving, by the mobile device at the point-of-sale, biometric information of a person to the financial transaction;
  
  verifying, by the mobile device at the point-of-sale, the biometric information by comparing the biometric information with stored biometric information accessible to the processor;
  
  transmitting a signal from the mobile device, confirming the verification of the biometric information, wherein the transaction is prevented unless the biometric information is verified;
  
  automatically periodically gathering additional biometric information related to the person, by the mobile device; and
  
  re-authenticating the person by verification of the additional biometric information, by the mobile device.

16. A computer-readable medium containing computer-executable instructions configured to cause a mobile device having a biometric sensor to perform:
- receiving, at a point-of-sale, information regarding a financial transaction occurring at the point-of-sale;
  
  receiving, at the point-of-sale, biometric information of a person to the financial transaction;
  
  verifying, at the point-of-sale, the biometric information by comparing the biometric information with stored biometric information accessible to the processor;
  
  transmitting a signal confirming the verification of the biometric information, wherein the transaction is prevented unless the biometric information is verified;
  
  automatically periodically gathering additional biometric information related to the person; and
  
  re-authenticating the person by verification of the additional biometric information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Joa, David, Joffe, David, Obradovic, Zoran, Schumacher, Hans, Mertz, John, Carter, Samuel Jeff, Garcia, Ray
Primary Examiner(s)
TRAIL, ALLYSON NEEL

Application Number

US12/173,720
Publication Number

US 20090152343A1
Time in Patent Office

1,176 Days
Field of Search

235/379, 235/380, 705/14, 705/17, 705/21, 705/67, 705/71
US Class Current

235/379
CPC Class Codes

G06Q 10/0633   Workflow analysis

G06Q 10/0637   Strategic management or ana...

G06Q 20/02   involving a neutral party, ...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/202   Interconnection or interact...

G06Q 20/204   comprising interface for re...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3674   involving authentication

G06Q 20/3829   involving key management

G06Q 20/384   using social networks

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/42   Confirmation, e.g. check or...

G06Q 20/425   using two different network...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/08   Auctions

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 50/188   Electronic negotiation

G06Q 99/00   Subject matter not provided...

Authentication methods for use in financial transactions and information banking

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

169 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication methods for use in financial transactions and information banking

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

169 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links