Electronic transaction systems utilizing a PEAD and a private key
First Claim
1. In a portable electronic authorization device, a method for approving a transaction request originated from an electronic transaction system, comprising:
- receiving at said portable electronic authorization device first digital data, said first digital data representing said transaction request; and
receiving from a user at said portable electronic authorization device a user input signal approving said transaction request;
in response to receiving said user input, encrypting and transmitting a second digital data to said electronic transaction system, said second digital data being encrypted by hardware within said portable electronic authorization device and signifying said user'"'"'s approval of said transaction request.
6 Assignments
0 Petitions
Accused Products
Abstract
The method includes the steps of receiving at the PEAD first digital data representing the transaction request. The PEAD provides information to the user regarding an ability to approve the transaction request. When the transaction request is approved by the user, the PEAD receives second digital data representing the electronic service authorization token. A remote agent server may provided a bridge between the electronic transaction system and the PEAD. In another embodiment, the private key is stored on the portable device, encrypted. The decryption key is stored outside of the device, at a trusted 3rd party location. When the user attempts to make a signature the software sends a request for the decryption key, along with the user'"'"'s password or pass phrase keyed in at the keyboard of the PDA, smart phone, or cell phone, to a server belonging to the trusted 3rd party.
203 Citations
36 Claims
-
1. In a portable electronic authorization device, a method for approving a transaction request originated from an electronic transaction system, comprising:
-
receiving at said portable electronic authorization device first digital data, said first digital data representing said transaction request; and receiving from a user at said portable electronic authorization device a user input signal approving said transaction request;
in response to receiving said user input, encrypting and transmitting a second digital data to said electronic transaction system, said second digital data being encrypted by hardware within said portable electronic authorization device and signifying said user'"'"'s approval of said transaction request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A portable electronic authorization device for approving a transaction request originated from an electronic transaction system, comprising:
-
first logic circuit configured to receive first digital data representative of said transaction request; second logic circuit configured to receive a user input signal from a user approving said transaction request; third logic circuit configured to form second digital data responsive to said transaction request received by said first logic circuit and in response to said user input signal, said second digital data representing encrypted data signifying an approval by said user of said transaction request; and a transmitter coupled to said second logic circuit, said transmitter being configured to transmit said second digital data from said portable electronic authorization apparatus to said electronic transaction system if said user approves said transaction request. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. In a portable electronic authorization device, a method for approving a transaction request originated from an electronic transaction system, comprising:
-
receiving at said portable electronic authorization device first digital data, said first digital data representing said transaction request; and in response to said transaction request being approved by a user of said portable electronic authorization device, encrypting and transmitting a second digital data to said electronic transaction system, said second digital data being encrypted by hardware within said portable electronic authorization device and signifying said user'"'"'s approval of said transaction request, wherein encrypting said second digital data includes encrypting said second digital data with a user'"'"'s private key using public key cryptography, said user'"'"'s private key being kept within said portable electronic authorization device, wherein said portable electronic authorization device is enclosed in a tamper-proof enclosure, said tamper-proof enclosure being configured to prevent said user'"'"'s private key from being extracted from said portable electronic authorization device.
-
-
32. In a portable electronic authorization device, a method for approving a transaction request originated from an electronic transaction system, comprising:
-
receiving at said portable electronic authorization device first digital data, said first digital data representing said transaction request; and in response to said transaction request being approved by a user of said portable electronic authorization device, encrypting and transmitting a second digital data to said electronic transaction system, said second digital data being encrypted by hardware within said portable electronic authorization device and signifying said user'"'"'s approval of said transaction request, wherein said encrypting and transmitting is performed by a single chip.
-
-
33. In a portable electronic authorization device, a method for approving a transaction request originated from an electronic transaction system, comprising:
-
receiving at said portable electronic authorization device first digital data, said first digital data representing said transaction request; and in response to said transaction request being approved by a user of said portable electronic authorization device, encrypting and transmitting a second digital data to said electronic transaction system, said second digital data being encrypted by hardware within said portable electronic authorization device and signifying said user'"'"'s approval of said transaction request, wherein said transmitting said second digital data is performed via a PC card of said portable electronic authorization device.
-
-
34. A portable electronic authorization device for approving a transaction request originated from an electronic transaction system, comprising:
-
first logic circuit configured to receive first digital data representative of said transaction request; second logic circuit configured to form second digital data responsive to said transaction request received by said first logic circuit in response to said transaction request being approved by a user of said portable electronic transaction device, said second digital data representing encrypted data signifying an approval by said user of said transaction request; a transmitter coupled to said second logic circuit, said transmitter being configured to transmit said second digital data from said portable electronic authorization apparatus to said electronic transaction system if said user approves said transaction request; and a tamper-proof enclosure enclosing said first logic circuit, said second logic circuit, and said transmitter therein, said tamper-proof enclosure being configured to prevent said user'"'"'s private key from being extracted from said portable electronic authorization device.
-
-
35. A portable electronic authorization device for approving a transaction request originated from an electronic transaction system, comprising:
-
first logic circuit configured to receive first digital data representative of said transaction request; second logic circuit configured to form second digital data responsive to said transaction request received by said first logic circuit in response to said transaction request being approved by a user of said portable electronic transaction device, said second digital data representing encrypted data signifying an approval by said user of said transaction request; and a transmitter coupled to said second logic circuit, said transmitter being configured to transmit said second digital data from said portable electronic authorization apparatus to said electronic transaction system if said user approves said transaction request, wherein said second logic circuit and said transmitter are implemented on a single integrated circuit.
-
-
36. A portable electronic authorization device for approving a transaction request originated from an electronic transaction system, comprising:
-
first logic circuit configured to receive first digital data representative of said transaction request; second logic circuit configured to form second digital data responsive to said transaction request received by said first logic circuit in response to said transaction request being approved by a user of said portable electronic transaction device, said second digital data representing encrypted data signifying an approval by said user of said transaction request; and a transmitter coupled to said second logic circuit, said transmitter being configured to transmit said second digital data from said portable electronic authorization apparatus to said electronic transaction system if said user approves said transaction request, wherein said transmitter comprises a PC card of said portable electronic authorization device.
-
Specification