Method and system using a cyber ID to provide secure transactions

US 8,732,807 B2
Filed: 04/09/2012
Issued: 05/20/2014
Est. Priority Date: 04/09/2012
Status: Active Grant

First Claim

Patent Images

1. A method for securing a transaction by a user comprising:

providing a subscriber unit having a processor, a memory, and a display,wherein said subscriber unit is configured to accept user input,providing a credential information manager having a processor and a memory,storing a cyber identifier associated with the user in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information;

storing a subscriber identifier associated with the user in said credential information manager memory;

storing said subscriber information associated with the user in said credential information manager memory;

providing a transaction service provider having a processor and a memory,transmitting a request for a transaction from said subscriber unit to said transaction service provider;

transmitting a transaction identifier, created by said transaction service provider based on said transaction request, from said transaction service provider to said subscriber unit;

storing said transaction identifier in said transaction service provider memory;

transmitting a request for authentication from said subscriber unit to said credential information manager;

transmitting said transaction identifier from said subscriber unit to said credential information manager;

transmitting a subscriber identifier from said subscriber unit to said credential information manager;

authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory;

transmitting a request for verification from said credential information manager to said transaction service provider;

transmitting, from said credential information manager to said transaction service provider, said transaction identifier received from said subscriber unit;

verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory;

transmitting, from said transaction service provider to said credential information manager, a verification request result message;

transmitting, from said credential information manager to said transaction service provider, said cyber identifier stored in said credential information manager memory;

transmitting, from said credential information manager to said transaction service provider, said subscriber information stored in said credential information manager memory;

transmitting a transaction authorization from said credential information manager to said transaction service provider; and

transmitting a password from said subscriber unit to said transaction service provider;

wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and

wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for securing a user transaction involving a subscriber unit (“SU”) (having a processor, memory, and a display configured to accept user input), a credential information manager (“CIM”) (having a processor and memory), and a transaction service provider (“TSP”) (having a processor and memory). A cyber identifier (“CyberID”), a subscriber identifier (“SubscriberID”), and subscriber information, each associated with the user, is stored in the CIM. A transaction request is sent from the SU to the TSP, which creates a transaction identifier (“TID”), stores it in the TSP memory and transmits it to the SU. The SU transmits an authentication request, the TID, and SubscriberID to the CIM, which authenticates the SubscriberID and verifies the TID to the TSP. The TSP verifies the TID and reports it to the CIM, which transmits the CyberID and subscriber information to the TSP, and transmits a transaction authorization to the SU.

12 Citations

View as Search Results

35 Claims

1. A method for securing a transaction by a user comprising:
- providing a subscriber unit having a processor, a memory, and a display,wherein said subscriber unit is configured to accept user input,providing a credential information manager having a processor and a memory,storing a cyber identifier associated with the user in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information;
  
  storing a subscriber identifier associated with the user in said credential information manager memory;
  
  storing said subscriber information associated with the user in said credential information manager memory;
  
  providing a transaction service provider having a processor and a memory,transmitting a request for a transaction from said subscriber unit to said transaction service provider;
  
  transmitting a transaction identifier, created by said transaction service provider based on said transaction request, from said transaction service provider to said subscriber unit;
  
  storing said transaction identifier in said transaction service provider memory;
  
  transmitting a request for authentication from said subscriber unit to said credential information manager;
  
  transmitting said transaction identifier from said subscriber unit to said credential information manager;
  
  transmitting a subscriber identifier from said subscriber unit to said credential information manager;
  
  authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory;
  
  transmitting a request for verification from said credential information manager to said transaction service provider;
  
  transmitting, from said credential information manager to said transaction service provider, said transaction identifier received from said subscriber unit;
  
  verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory;
  
  transmitting, from said transaction service provider to said credential information manager, a verification request result message;
  
  transmitting, from said credential information manager to said transaction service provider, said cyber identifier stored in said credential information manager memory;
  
  transmitting, from said credential information manager to said transaction service provider, said subscriber information stored in said credential information manager memory;
  
  transmitting a transaction authorization from said credential information manager to said transaction service provider; and
  
  transmitting a password from said subscriber unit to said transaction service provider;
  
  wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and
  
  wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The method of claim 1 wherein said authentication further includes comparing, by said credential information manager processor, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory.
  - 3. The method of claim 2 wherein said verification request is sent as a result of said comparison indicating that said subscriber identifier received by said credential information manager from said subscriber unit matches said subscriber identifier stored in said credential information manager memory.
  - 4. The method of claim 2 further including transmitting an authentication failure message from said credential information manager to said subscriber unit, wherein said authentication failure message is sent as a result of said comparison indicating that said subscriber identifier received by said credential information manager from said subscriber unit does not match said subscriber identifier stored in said credential information manager memory.
  - 5. The method of claim 4 further including displaying a visual authentication failure message on said subscriber unit display based on said authentication failure message transmitted from said credential information manager to said subscriber unit.
  - 6. The method of claim 1 wherein said verification further includes comparing, by said transaction service provider processor, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory, wherein said verification result request message includes a result of said comparison.
  - 7. The method of claim 6 wherein said transmission of said cyber identifier is sent as a result of said verification result request message indicating that said transaction identifier received by said transaction service provider from said credential information manager matches with said transaction identifier stored in said transaction service provider memory.
  - 8. The method of claim 6 further including transmitting a verification failure message from said credential information manager to said subscriber unit, wherein said verification failure message is sent as a result of said verification result request message indicating that said transaction identifier received by said transaction service provider from said credential information manager does not match with said transaction identifier stored in said transaction service provider memory.
  - 9. The method of claim 8 further including displaying a visual verification failure message on said subscriber unit display based on said verification failure message transmitted from said credential information manager to said subscriber unit.
  - 10. The method of claim 1 wherein said subscriber unit is made up of one or more mobile phones, smart phones, PDAs, computers, or POS terminals, modems, fax machines, or display/input terminals.
  - 11. The method of claim 10 wherein said subscriber unit is made of a phone in wireless communication with a POS terminal.
  - 12. The method of claim 1 where one or more of the transmissions are made via a secure telecommunications link.
  - 13. The method of claim 1 where one or more of the transmissions are made via a wireless telecommunications link.
  - 14. The method of claim 1 where one or more of the transmissions are made via the internet.
  - 15. The method of claim 12 wherein said secure telecommunications link includes one or more of a VPN, audio or visual signaling, secure tunneling, or an encrypted communication infrastructure.
  - 16. The method of claim 1 wherein, before said subscriber identifier is transmitted from said subscriber unit to said credential information manager, said subscriber identifier is received as input to the subscriber unit and stored in said subscriber unit memory.
  - 17. The method of claim 1 wherein said subscriber unit memory includes a removable memory, and before said subscriber identifier is transmitted from said subscriber unit to said credential information manager, said subscriber identifier is stored in said subscriber unit memory.
  - 18. The method of claim 17 wherein said removable memory includes a SIM card.
  - 19. The method of claim 17 wherein said removable memory includes an electronic card.
  - 20. The method of claim 1 further including storing said subscriber information, transmitted from said credential information manager to said transaction service provider, in said transaction service provider memory.
  - 21. The method of claim 1 further including transmitting said subscriber information, transmitted from said credential information manager to said transaction service provider, from said transaction service provider to said subscriber unit.
  - 22. The method of claim 21 further including displaying visual subscriber information on said subscriber unit display based on said subscriber information transmitted from said transaction service provider to said subscriber unit.
  - 23. The method of claim 1, further comprising verifying, by said transaction service provider, said password transmitted from said subscriber unit.

24. A system for securing a transaction by a user comprising:
- a subscriber unit having a processor, a memory, and a display,wherein said subscriber unit is configured to accept user input,a credential information manager having a processor and a memory,a cyber identifier associated with the user stored in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information;
  
  a subscriber identifier associated with the user stored in said credential information manager memory;
  
  said subscriber information associated with the user stored in said credential information manager memory;
  
  a transaction service provider having a processor and a memory,a transaction request configured to be transmitted by a communication path from said subscriber unit to said transaction service provider;
  
  a computer program stored in said memory of said transaction service provider for creating, based on said transaction request, a transaction identifier;
  
  said transaction identifier configured to be transmitted by a communication path from said transaction service provider to said subscriber unit;
  
  said transaction identifier stored in said transaction service provider memory;
  
  a request for authentication configured to be transmitted by a communication path from said subscriber unit to said credential information manager;
  
  said transaction identifier configured to be transmitted by a communication path from said subscriber unit to said credential information manager;
  
  a subscriber identifier configured to be transmitted by a communication path from said subscriber unit to said credential information manager;
  
  a computer program stored in said memory of said credential information manager for authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory;
  
  a request for verification configured to be transmitted by a communication path from said credential information manager to said transaction service provider;
  
  said transaction identifier, received from said subscriber unit, configured to be transmitted by a communication path from said credential information manager to said transaction service provider;
  
  a computer program stored in said memory of said transaction service provider for verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory;
  
  a verification request result message configured to be transmitted by a communication path from said transaction service provider to said credential information manager;
  
  said cyber identifier, stored in said credential information manager memory, configured to be transmitted by a communication path from said credential information manager to said transaction service provider;
  
  said subscriber information, stored in said credential information manager memory, configured to be transmitted by a communication path from said credential information manager to said transaction service provider;
  
  a transaction authorization configured to be transmitted by a communication path from said credential information manager to said transaction service provider; and
  
  a password configured to be transmitted by a communication path from said subscriber unit to said transaction service provider;
  
  wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and
  
  wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 25. The system of claim 24 wherein said subscriber unit is made up of one or more mobile phones, smart phones, PDAs, computers, or POS terminals, modems, fax machines, or display/input terminals.
  - 26. The system of claim 25 wherein said subscriber unit is made of a phone in wireless communication with a POS terminal.
  - 27. The system of claim 24 where one or more of the communication paths include a secure telecommunications link.
  - 28. The system of claim 24 where one or more of the communication paths include a wireless telecommunications link.
  - 29. The system of claim 24 where one or more of the communication paths include the internet.
  - 30. The system of claim 27 wherein said secure telecommunications link includes one or more of a VPN, audio or visual signaling, secure tunneling, or an encrypted communication infrastructure.
  - 31. The system of claim 24 wherein said subscriber unit memory includes a removable memory, and before said subscriber identifier is transmitted from said subscriber unit to said credential information manager, said subscriber identifier is stored in said subscriber unit memory.
  - 32. The system of claim 31 wherein said removable memory includes a SIM card.
  - 33. The system of claim 31 wherein said removable memory includes an electronic card.
  - 34. The system of claim 24 wherein said credential information manager further includes:
    - a certified credential information manager having a processor and a memory,an authentication/secure link service provider having a processor and a memory,said authentication request, received from said subscriber unit by said credential information manager, configured to be transmitted by a communication path from said certified credential information manager to said authentication/secure link service provider,said subscriber identifier, received from said subscriber unit by said credential information manager, configured to be transmitted by a communication path from said certified credential information manager to said authentication/secure link service provider,wherein said authentication computer program is stored in said authentication/secure link service provider memory, andwherein said subscriber identifier stored in said credential information manager memory is stored in said authentication/secure link service provider memory.
  - 35. The system of claim 24, wherein said transaction service provider is configured to verify said password transmitted from said subscriber unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Medium Access Systems Private Limited
Original Assignee
Medium Access Systems Private Limited
Inventors
Fang, Yang Lit, Trinidad, Ryan Nacion
Primary Examiner(s)
Yalew, Fikremariam A
Assistant Examiner(s)
DOLLY, KENDALL LYNN

Application Number

US13/442,019
Publication Number

US 20130269009A1
Time in Patent Office

771 Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 2221/2115   Third party

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

Method and system using a cyber ID to provide secure transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system using a cyber ID to provide secure transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links