System and method for secure transaction process via mobile device

US 8,346,672 B1
Filed: 04/10/2012
Issued: 01/01/2013
Est. Priority Date: 04/10/2012
Status: Active Grant

First Claim

Patent Images

1. A system providing enhanced security for device based transactions, the system comprising:

a server comprising a processor and a memory associated with a network address;

a first device comprising a first device processor and having an associated first device memory, said first device associated with a user, the first device memory storing instructions which when executed by the first device processor causes the first device processor to perform the steps of;

communicating with said server over a first communication channel, requesting a transaction via said server, andobtaining the server associated network address,wherein said first communication channel is established responsive to the obtained server associated network address;

a second device comprising a second device processor and having an associated second device memory, said second device associated with the user, the second device memory storing instructions which when executed by the second device processor causes the second device processor to perform the steps of communicating with said first device and receiving from said first device the obtained server associated network address; and

a mobile device server comprising a mobile device server processor and a mobile device server memory, the mobile device server memory storing instructions which when executed by the mobile device server processor causes the mobile device server processor to perform the steps of;

communicating with said second device over a second communication channel,communicating with said server over a third communication channel,inputting said received obtained server associated network address from said second device over said second communication channel,obtaining the server associated network address from a trusted source, andauthorizing a transaction only in the event that said input received obtained server associated network address is consonant with the server associated network address obtained from the trusted source.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system providing enhanced security for device based transactions, constituted of: a server associated with a network address; a first device associated with a user, the first device in communication with the server over a first communication channel responsive to an obtained server network address; a second device associated with the user arranged to obtain the server network address from the first device; and a mobile device server in communication with the second device over a second communication channel, the mobile device server in communication with the server via a third communication channel, the mobile device server arranged to: obtain the server network address from the second device over the second communication channel; obtain the server network address from a trusted source; and authorize to the server over third communication channel a transaction only in the event that the server network addresses are consonant.

145 Citations

26 Claims

1. A system providing enhanced security for device based transactions, the system comprising:
- a server comprising a processor and a memory associated with a network address;
  
  a first device comprising a first device processor and having an associated first device memory, said first device associated with a user, the first device memory storing instructions which when executed by the first device processor causes the first device processor to perform the steps of;
  
  communicating with said server over a first communication channel, requesting a transaction via said server, andobtaining the server associated network address,wherein said first communication channel is established responsive to the obtained server associated network address;
  
  a second device comprising a second device processor and having an associated second device memory, said second device associated with the user, the second device memory storing instructions which when executed by the second device processor causes the second device processor to perform the steps of communicating with said first device and receiving from said first device the obtained server associated network address; and
  
  a mobile device server comprising a mobile device server processor and a mobile device server memory, the mobile device server memory storing instructions which when executed by the mobile device server processor causes the mobile device server processor to perform the steps of;
  
  communicating with said second device over a second communication channel,communicating with said server over a third communication channel,inputting said received obtained server associated network address from said second device over said second communication channel,obtaining the server associated network address from a trusted source, andauthorizing a transaction only in the event that said input received obtained server associated network address is consonant with the server associated network address obtained from the trusted source.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The system of claim 1, wherein said trusted source is said server, wherein the server associated network address is obtained from the server over the third communication channel.
  - 3. The system of claim 1, wherein said trusted source is a database in communication with said mobile device server.
  - 4. The system of claim 1, wherein said first communication channel is different from said second communication channel.
  - 5. The system of claim 1, wherein said first device and said second device are a single device.
  - 6. The system of claim 1, wherein one of said first device and said second device is a user mobile device.
  - 7. The system of claim 1, wherein one of said first device and second device said user device is a computer.
  - 8. The system of claim 1, wherein said first device is a computer and said second device is a user mobile device.
  - 9. The system of claim 1, wherein said communicating of said second device with said first device is over a fourth communication channel, the fourth communication channel different from any of the first, second and third communication channels.
  - 10. The system of claim 9, wherein said fourth communication channel is one of radio frequency identification and near field communication.
  - 11. The system of claim 1, wherein said third communication channel is a secured communication channel different from any of the first and second communication channels.
  - 12. The system of claim 1, further comprising a secured element arranged to be in communication with said second device, said secured element arranged to provide an encrypted pass code to said second device responsive to a user gesture, the second device memory further storing instructions which when executed by the second device processor causes the second device process to transmit said provided encrypted pass code to said mobile device server over said second communication channel.
  - 13. The system of claim 12, further comprising a data entry device in communication with said secured element, said pass code provided to said secured element by said user gesture via said data entry device.
  - 14. The system of claim 13, wherein said data entry device is a dedicated data entry device.
  - 15. The system of claim 13, further comprising a contactless element, said secured element comprised within said contactless element, said communication between said secured element and said second device responsive to said contactless element.
  - 16. The system of claim 1, further comprising a notification server comprising a notification server processor and having an associated notification server memory, said notification server in communication with said mobile device server, the notification server memory storing instructions which when executed causes the notification server processor to perform the step of transmitting a message to said second device;
    - said second device memory storing application instructions which when executed by the second device processor responsive to the transmitted message from said notification server further causes the second device processor to perform the step of providing a network address of the first device and the received obtained server associated network address to said mobile device server thus enabling said inputting over said second communication channel of said received obtained server associated network address.
  - 17. The system of claim 1, further comprising an additional server comprising an additional server processor and having an associated additional server memory, the additional server memory storing instructions which when executed by the additional server processor causes the additional server processor to perform the steps of:
    - communicating with said mobile device server; and
      
      authorizing an additional transaction with said first device responsive to the authorization of the transaction between the first device and the server.

18. A system providing enhanced security for device based transactions, the system comprising:
- a server associated with a network address, said server comprising a server processor and an associated server memory;
  
  a first device comprising a first device processor and having an associated first device memory, said first device associated with a user, wherein the first device memory storing instructions which when executed by the first device processor causes the first device processor to perform the steps of;
  
  communicating with said server over a first communication channel,requesting a transaction via said server, andobtaining the server associated network address,wherein the communication over the first communication channel is established responsive to the obtained server associated network address;
  
  a second device comprising a second device processor and having an associated second device memory, said second device associated with the user, the second device memory storing instructions which when executed by the second device processor causes the second device processor to perform the steps of;
  
  communicating with said first device and receiving from said first device the obtained server associated network address; and
  
  a mobile device server comprising a mobile device server processor and a mobile device server memory, the mobile device server memory storing instructions which when executed by the mobile device server processor causes the mobile device server processor to perform the steps of;
  
  communicating with said second device over a second communication channel, and communicating with said server via a third communication channel,at least one of said server associated memory and said mobile device server associated memory storing instructions which when executed by the respective one of the server processor and the mobile device server processor causes the respective one of the server processor and the mobile device server processor to perform the steps of;
  
  obtaining the server associated network address from a trusted source;
  
  inputting said received obtained server associated network address from said second device over said second communication channel; and
  
  authorizing a transaction only in the event that the input received obtained server associated network address is consonant with the server associated network address obtained from the trusted source.

19. A method of providing enhanced security for device based transactions, the method comprising:
- providing a first user device;
  
  obtaining by the first user device a server associated network address;
  
  establishing communication between the first user device and the server responsive to the obtained server associated network address over a first communication channel;
  
  receiving by a mobile device server the obtained server associated network address from the first user device over a second communication channel,inputting by the mobile device server the obtained server associated network address over the second communication channel,obtaining by the mobile device server said server associated network address from a trusted source;
  
  comparing by the mobile device server the server associated network address obtained from the trusted source with the input obtained server associated network address;
  
  determining by the mobile device server that the server associated network address input over the said second communication channel is consonant with the server associated network address from the trusted source; and
  
  based on the determination, authorizing by the mobile device server a transaction associated with the server.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The method of claim 19, wherein the first communication channel is different from the second communication channel.
  - 21. The method of claim 19, where the trusted source comprises one of a third communication channel different from the first and second communication channels and a secure database.
  - 22. The method of claim 19, further comprising:
    - providing a second user device, said provided second user device received said obtained server associated network address from the first user device, wherein said input obtained server associated network address is communicated by said provided second user device over the second communication channel.
  - 23. The method of claim 22, wherein said provided second user device receives said obtained server associated network address from the first user device via a contactless element.
  - 24. The method of claim 19, further comprising:
    - encrypting a pass code; and
      
      transmitting said encrypted pass code over the second communication channel to said mobile device server.
  - 25. The method of claim 24, further comprising:
    - providing an entry device associated with said provided second user device, said pass code received responsive to a user gesture via said entry device.
  - 26. The method of claim 19, further comprising:
    - providing an additional server;
      
      authorizing an additional transaction associated with said provided additional server responsive to the authorization of the transaction associated with the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ping Identity Corporation
Original Assignee
Accells Technologies Ltd. (Ping Identity Corporation)
Inventors
Weiner, Avish Jacob, Ne'man, Ran
Primary Examiner(s)
Hewitt, II, Calvin L
Assistant Examiner(s)
Qayyum, Zeshan

Application Number

US13/442,861
Time in Patent Office

266 Days
Field of Search

705/75
US Class Current

705/75
CPC Class Codes

G06Q 20/3223   Realising banking transacti...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/425   using two different network...

H04L 63/083   using passwords cryptograph...

H04W 12/068   using credential vaults, e....

System and method for secure transaction process via mobile device

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

145 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

System and method for secure transaction process via mobile device

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

145 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others