Mobile transaction device security system

US 8,195,576 B1
Filed: 01/31/2011
Issued: 06/05/2012
Est. Priority Date: 01/31/2011
Status: Active Grant

First Claim

Patent Images

1. A mobile transaction device security system comprising:

a memory device;

a communication device; and

a processing device coupled to the memory device, wherein the processing device is configured to;

receive a security protocol from a user, the security protocol comprising a permission module and an authentication module, wherein the permission module comprises instructions on when the user must authenticate an identity of the user to perform a transaction, wherein the instructions are provided by the user and stored in a database;

determine that the user is conducting the transaction;

compare at least one characteristic of the transaction with the instructions provided by the user; and

determine a process for authenticating the user by;

determining if the user must authenticate the user'"'"'s identity based on the comparison of the transaction with the instructions provided by the user,allowing the transaction if the user is not required to authenticate the user'"'"'s identity based on the comparison, andrequiring authentication of the user through the authentication module if the comparison of the transaction to the instructions provided by the user indicates that the transaction cannot proceed without authentication, wherein requiring authentication comprises requesting authentication of the user'"'"'s identity, receiving input from the user, comparing the input to the authentication module, and allowing the transaction if the user is authorized to perform the transaction based on the comparison of the input with the authentication module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention include apparatuses, methods, and computer-program products that provide for a unique financial transaction security system. In one embodiment, the financial transaction security system receives a security protocol from a user. The security protocol includes instructions for allowing transactions without authentication and security features for the user if authentication is necessary. The system then determines that the user is conducting a transaction, compares the transaction to the instructions, and determines whether the transaction can occur without authentication. If the user is required to authenticate his identity, the system requests input from the user, compares the input to the security feature, and determines if the user is authenticated. The user is able to customize both the instructions and the security features to provide greater control over financial transaction security.

228 Citations

30 Claims

1. A mobile transaction device security system comprising:
- a memory device;
  
  a communication device; and
  
  a processing device coupled to the memory device, wherein the processing device is configured to;
  
  receive a security protocol from a user, the security protocol comprising a permission module and an authentication module, wherein the permission module comprises instructions on when the user must authenticate an identity of the user to perform a transaction, wherein the instructions are provided by the user and stored in a database;
  
  determine that the user is conducting the transaction;
  
  compare at least one characteristic of the transaction with the instructions provided by the user; and
  
  determine a process for authenticating the user by;
  
  determining if the user must authenticate the user'"'"'s identity based on the comparison of the transaction with the instructions provided by the user,allowing the transaction if the user is not required to authenticate the user'"'"'s identity based on the comparison, andrequiring authentication of the user through the authentication module if the comparison of the transaction to the instructions provided by the user indicates that the transaction cannot proceed without authentication, wherein requiring authentication comprises requesting authentication of the user'"'"'s identity, receiving input from the user, comparing the input to the authentication module, and allowing the transaction if the user is authorized to perform the transaction based on the comparison of the input with the authentication module.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the authentication module comprises at least one security feature.
  - 3. The system of claim 2, wherein the at least one security feature is customizable by the user.
  - 4. The system of claim 2, wherein the security feature consists of at least one of a username, a password, a challenge question, a voice recognition test, a facial recognition test, a fingerprint identification test, and an iris scan.
  - 5. The system of claim 1, wherein the communication device consists of at least one of a keyboard, a scanner, a touchpad, a camera, a speaker, and a microphone.
  - 6. The system of claim 1, wherein the characteristic of the transaction consists of at least one of the dollar amount of the transaction, the identity of the merchant, the category of the expense, the time of the transaction, and the location of the transaction.

7. A computer-implemented method of providing financial transaction security, the method comprising:
- receiving a security protocol from a user, the security protocol comprising a permission module and an authentication module, wherein the permission module comprises instructions on when the user must authenticate an identity of the user to perform a transaction, wherein the instructions are provided by the user and stored in a database;
  
  determining that the user is conducting the transaction;
  
  comparing at least one characteristic of the transaction with the instructions provided by the user;
  
  determining if the user must authenticate the user'"'"'s identity based on the comparison of the transaction with the instructions provided by the user;
  
  allowing the transaction if the user does not need to authenticate the user'"'"'s identity based on the comparison; and
  
  requiring authentication of the user through the authentication module if the comparison of the transaction to the instructions provided by the user indicates that the transaction cannot proceed without authentication, wherein requiring authentication comprises;
  
  requesting authentication of the user'"'"'s identity,receiving input from the user,comparing the input to the authentication module, andallowing the transaction if the user is authorized to perform the transaction based on the comparison of the input with the authentication module.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The method of claim 7, wherein receiving the security protocol from the user comprises receiving security features for authenticating the user'"'"'s identity.
  - 9. The method of claim 7, wherein determining that the user is conducting a transaction comprises receiving a signal from a point-of-sale device indicating that the user is attempting to conduct a transaction.
  - 10. The method of claim 7, wherein comparing the transaction with the instructions provided by the user comprises comparing at least one of a transaction amount, a transaction time, a transaction location, a transaction merchant, and a transaction category with predetermined instructions in the permission module.
  - 11. The method of claim 7, wherein allowing the transaction comprises transferring account information of the user to a point-of-sale device.
  - 12. The method of claim 11, wherein the transferring the user'"'"'s account information to the point-of-sale device comprises wirelessly transferring the account information.
  - 13. The method of claim 7, wherein requesting authentication of the user'"'"'s identity comprises receiving input of at least one of a username, a password, an answer to a challenge question, a voice recognition scan, a facial scan, a fingerprint scan, and an iris scan.
  - 14. The method of claim 13, wherein comparing the input from the user with the authentication module comprises comparing the input from the user with a security feature.
  - 15. The method of claim 14, wherein the security feature is stored in memory associated with a mobile device.
  - 16. The method of claim 15, wherein the memory is capable of receiving power from a point-of-sale device.

17. A computer program product for providing a financial transaction security product, the computer program product comprising:
- a non-transitory computer-readable medium comprising;
  
  an executable portion for causing a computer to receive a security protocol from a user, the security protocol comprising a permission module and an authentication module, wherein the permission module comprises instructions on when the user must authenticate an identity of the user to perform a transaction, wherein the instructions are provided by the user and stored in a database;
  
  an executable portion for causing a computer to determine that the user is conducting the transaction;
  
  an executable portion for causing a computer to compare at least one characteristic of the transaction with the instructions provided by the user;
  
  an executable portion for causing a computer to determine if the user must authenticate the user'"'"'s identity based on the comparison of the transaction with the instructions provided by the user;
  
  an executable portion for causing a computer to allow the transaction if the user does not need to authenticate the user'"'"'s identity based on the comparison; and
  
  an executable portion for requiring authentication of the user through the authentication module if the comparison of the transaction to the instructions provided by the user indicates that the transaction cannot proceed without authentication, wherein requiring authentication comprises;
  
  requesting authentication of the user'"'"'s identity,receiving input from the user,comparing the input to the authentication module, andallowing the transaction if the user is authorized to perform the transaction based on the comparison of the input with the authentication module.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 18. The computer program product of claim 17, further comprising an executable portion for causing a computer to determine a location of the user when the user is conducting the transaction.
  - 19. The computer program product of claim 17, further comprising memory coupled to the non-transitory computer readable medium.
  - 20. The computer program product of claim 19, wherein the memory stores at least one of financial account information for the user, instructions associated with the permission module for the user, and security features associated with the authentication module for the user.
  - 21. The computer program product of claim 20, wherein the user'"'"'s financial account information consists of information associated with at least one of a checking account, a savings account, a money market account, a credit account, an investment account, and a rewards points account.
  - 22. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if a transaction amount is over a predetermined dollar amount.
  - 23. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if the transaction is occurring at a non-approved merchant.
  - 24. The computer program product of claim 23, wherein the non-approved merchant is a merchant that the user has not purchased from previously.
  - 25. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if the user has not authenticated the identity within a predetermined time period.
  - 26. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if the user is outside of predetermined geographical areas.
  - 27. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if a transaction amount would lower a balance in the user'"'"'s account below a predetermined level.
  - 28. The computer program product of claim 17, wherein the permission module requires the user to authenticate the user'"'"'s identity if the user has already conducted a predetermined number of transactions within a predetermined time period.
  - 29. The computer program product of claim 17, wherein allowing the transaction comprises determining an account from which a payment for the transaction is made.
  - 30. The computer program product of claim 29, wherein determining the account comprises comparing the transaction to instructions received from the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Jones, Alicia C., Keller, Marc B., Grigg, David M., Kelly, Patrick B.
Primary Examiner(s)
Reagan, James A

Application Number

US13/017,823
Time in Patent Office

491 Days
Field of Search

705/67
US Class Current

705/67
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/325   using wireless networks

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

Mobile transaction device security system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

228 Citations

30 Claims

Specification

Use Cases

Quick Links

Others

Mobile transaction device security system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

228 Citations

30 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others