Method and system using a cyber ID to provide secure transactions
First Claim
1. A method for securing a transaction by a user comprising:
- providing a subscriber unit having a processor, a memory, and a display,wherein said subscriber unit is configured to accept user input,providing a credential information manager having a processor and a memory,storing a cyber identifier associated with the user in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information;
storing a subscriber identifier associated with the user in said credential information manager memory;
storing said subscriber information associated with the user in said credential information manager memory;
providing a transaction service provider having a processor and a memory,transmitting a request for a transaction from said subscriber unit to said transaction service provider;
transmitting a transaction identifier, created by said transaction service provider based on said transaction request, from said transaction service provider to said subscriber unit;
storing said transaction identifier in said transaction service provider memory;
transmitting a request for authentication from said subscriber unit to said credential information manager;
transmitting said transaction identifier from said subscriber unit to said credential information manager;
transmitting a subscriber identifier from said subscriber unit to said credential information manager;
authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory;
transmitting a request for verification from said credential information manager to said transaction service provider;
transmitting, from said credential information manager to said transaction service provider, said transaction identifier received from said subscriber unit;
verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory;
transmitting, from said transaction service provider to said credential information manager, a verification request result message;
transmitting, from said credential information manager to said transaction service provider, said cyber identifier stored in said credential information manager memory;
transmitting, from said credential information manager to said transaction service provider, said subscriber information stored in said credential information manager memory;
transmitting a transaction authorization from said credential information manager to said transaction service provider; and
transmitting a password from said subscriber unit to said transaction service provider;
wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and
wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for securing a user transaction involving a subscriber unit (“SU”) (having a processor, memory, and a display configured to accept user input), a credential information manager (“CIM”) (having a processor and memory), and a transaction service provider (“TSP”) (having a processor and memory). A cyber identifier (“CyberID”), a subscriber identifier (“SubscriberID”), and subscriber information, each associated with the user, is stored in the CIM. A transaction request is sent from the SU to the TSP, which creates a transaction identifier (“TID”), stores it in the TSP memory and transmits it to the SU. The SU transmits an authentication request, the TID, and SubscriberID to the CIM, which authenticates the SubscriberID and verifies the TID to the TSP. The TSP verifies the TID and reports it to the CIM, which transmits the CyberID and subscriber information to the TSP, and transmits a transaction authorization to the SU.
12 Citations
35 Claims
-
1. A method for securing a transaction by a user comprising:
-
providing a subscriber unit having a processor, a memory, and a display, wherein said subscriber unit is configured to accept user input, providing a credential information manager having a processor and a memory, storing a cyber identifier associated with the user in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information; storing a subscriber identifier associated with the user in said credential information manager memory; storing said subscriber information associated with the user in said credential information manager memory; providing a transaction service provider having a processor and a memory, transmitting a request for a transaction from said subscriber unit to said transaction service provider; transmitting a transaction identifier, created by said transaction service provider based on said transaction request, from said transaction service provider to said subscriber unit; storing said transaction identifier in said transaction service provider memory; transmitting a request for authentication from said subscriber unit to said credential information manager; transmitting said transaction identifier from said subscriber unit to said credential information manager; transmitting a subscriber identifier from said subscriber unit to said credential information manager; authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory; transmitting a request for verification from said credential information manager to said transaction service provider; transmitting, from said credential information manager to said transaction service provider, said transaction identifier received from said subscriber unit; verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory; transmitting, from said transaction service provider to said credential information manager, a verification request result message; transmitting, from said credential information manager to said transaction service provider, said cyber identifier stored in said credential information manager memory; transmitting, from said credential information manager to said transaction service provider, said subscriber information stored in said credential information manager memory; transmitting a transaction authorization from said credential information manager to said transaction service provider; and transmitting a password from said subscriber unit to said transaction service provider; wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for securing a transaction by a user comprising:
-
a subscriber unit having a processor, a memory, and a display, wherein said subscriber unit is configured to accept user input, a credential information manager having a processor and a memory, a cyber identifier associated with the user stored in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information; a subscriber identifier associated with the user stored in said credential information manager memory; said subscriber information associated with the user stored in said credential information manager memory; a transaction service provider having a processor and a memory, a transaction request configured to be transmitted by a communication path from said subscriber unit to said transaction service provider; a computer program stored in said memory of said transaction service provider for creating, based on said transaction request, a transaction identifier; said transaction identifier configured to be transmitted by a communication path from said transaction service provider to said subscriber unit; said transaction identifier stored in said transaction service provider memory; a request for authentication configured to be transmitted by a communication path from said subscriber unit to said credential information manager; said transaction identifier configured to be transmitted by a communication path from said subscriber unit to said credential information manager; a subscriber identifier configured to be transmitted by a communication path from said subscriber unit to said credential information manager; a computer program stored in said memory of said credential information manager for authenticating, by said credential information manager, said subscriber identifier received by said credential information manager from said subscriber unit with said subscriber identifier stored in said credential information manager memory; a request for verification configured to be transmitted by a communication path from said credential information manager to said transaction service provider; said transaction identifier, received from said subscriber unit, configured to be transmitted by a communication path from said credential information manager to said transaction service provider; a computer program stored in said memory of said transaction service provider for verifying, by transaction service provider, said transaction identifier received by transaction service provider from said credential information manager with said transaction identifier stored in said transaction service provider memory; a verification request result message configured to be transmitted by a communication path from said transaction service provider to said credential information manager; said cyber identifier, stored in said credential information manager memory, configured to be transmitted by a communication path from said credential information manager to said transaction service provider; said subscriber information, stored in said credential information manager memory, configured to be transmitted by a communication path from said credential information manager to said transaction service provider; a transaction authorization configured to be transmitted by a communication path from said credential information manager to said transaction service provider; and a password configured to be transmitted by a communication path from said subscriber unit to said transaction service provider; wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said subscriber unit; and wherein said subscriber information is never transmitted to said transaction service provider by said subscriber unit. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification