System and methods for assignation and use of media content subscription service privileges

US 8,788,813 B2
Filed: 12/04/2012
Issued: 07/22/2014
Est. Priority Date: 05/30/2003
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, at a media device, a first certificate associated with a first user from a personal identification device after the first user is biometrically-authenticated at the personal identification device, the first certificate having a subscription privilege associated with the first user;

decrypting, at the media device, an encrypted string received from the personal identification device, the encrypted string being based on a string sent from the media device to the personal identification device and encrypted by the personal identification device using a private key uniquely associated with the first certificate;

verifying, at the media device, an authenticity of the first certificate when the decrypted string matches the string sent from the media device to the personal identification device;

receiving, at the media device, a second certificate from the personal identification device after the first user is biometrically-authenticated at the personal identification device, the second certificate being associated with a second user and having a plurality of subscription privileges including the subscription privilege, the first certificate being based on the second certificate; and

receiving, at the media device, media from a media provider based on the first certificate after the second certificate is received at the media device and the first certificate is verified, the media provider preventing the media associated with the first certificate from being sent to the media device until the second certificate is received at the media device and the first certificate is verified.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention describes a system and methods for media content subscription service distribution; typical services include cable television, premium content channels, pay-per-view, XM radio, and online mp3 services. Subscribers use portable electronic devices to store digital certificates certifying the subscriber'"'"'s privileges and an assigned public key. The devices can communicate with specially enabled televisions, radios, computers, or other media presentation apparatuses. These, in turn, can communicate with central databases owned by the provider, for verification purposes. Methods of the invention describe media content subscription service privilege issuing and use. The invention additionally describes methods for protecting media content transmitted to users with a variety of encryption schemes. The invention also comprises methods for subscribed users to bestow a subset of their privileges to a number of secondary users, with appropriate permission from the media content subscription service provider.

143 Citations

28 Claims

1. A method, comprising:
- receiving, at a media device, a first certificate associated with a first user from a personal identification device after the first user is biometrically-authenticated at the personal identification device, the first certificate having a subscription privilege associated with the first user;
  
  decrypting, at the media device, an encrypted string received from the personal identification device, the encrypted string being based on a string sent from the media device to the personal identification device and encrypted by the personal identification device using a private key uniquely associated with the first certificate;
  
  verifying, at the media device, an authenticity of the first certificate when the decrypted string matches the string sent from the media device to the personal identification device;
  
  receiving, at the media device, a second certificate from the personal identification device after the first user is biometrically-authenticated at the personal identification device, the second certificate being associated with a second user and having a plurality of subscription privileges including the subscription privilege, the first certificate being based on the second certificate; and
  
  receiving, at the media device, media from a media provider based on the first certificate after the second certificate is received at the media device and the first certificate is verified, the media provider preventing the media associated with the first certificate from being sent to the media device until the second certificate is received at the media device and the first certificate is verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the personal identification device is a first personal identification device associated with the first user, the method further comprising:
    - receiving, at the media device, the second certificate from a second personal identification device associated with the second user after the second user is biometrically-authenticated at the second personal identification device; and
      
      receiving, at the media device, media from the media provider based on the second certificate after the second certificate is received at the media device, the media provider preventing the media associated with the second certificate from being sent to the media device until the second certificate is received at the media device.
  - 3. The method of claim 1, further comprising:
    - allowing, at the media device, output of the media associated with the first certificate received from a media provider, the media device being pre-registered with a subscription service of the media provider.
  - 4. The method of claim 1, wherein the media device is associated with a third user, the media device being pre-registered with a subscription service of the media provider, the subscription service not including the subscription privilege of the first certificate.
  - 5. The method of claim 1, further comprising:
    - verifying, at the media device, an authenticity of the second certificate received from the personal identification device, the media associated with the first certificate from the media provider is received at the media device after the first certificate and the second certificate are verified.
  - 6. The method of claim 1, wherein the receiving the media includes receiving an encrypted media from the media provider, the media device storing a symmetric key uniquely associated with the first certificate and the media provider, the media device configured to use the symmetric key to decrypt the received encrypted media, the media device configured to output the decrypted media.
  - 7. The method of claim 1, wherein the second user is a primary user of a subscription service of the media provider and the first user is a secondary user of the subscription service.
  - 8. The method of claim 1, wherein the receiving the first certificate occurs concurrently with the receiving the second certificate.
  - 9. The method of claim 1, wherein the receiving the first certificate includes receiving the first certificate without receiving biometric information associated with the first user, the media device not storing any biometric information associated with the first user.
  - 10. The method of claim 1, wherein the subscription privilege of the first certificate is uniquely associated with a media channel.
  - 11. The method of claim 1, wherein the personal identification device is in a first housing at a first location and the media device is in a second housing different from the first housing at the first location, the media provider is at a second location different from the first location.

12. A method, comprising:
- authenticating, at a first personal identification device, a first biometric input of a first user based on a biometric template of the first user stored at the first personal identification device;
  
  sending a subscription privilege associated with the first user from the first personal identification device of the first user to a first media device at a first location when the first biometric input is authentic such that the first media device ceases to inhibit output of media transmitted from a media provider based on the subscription privilege associated with the first user, the subscription privilege associated with the first user being configured to permit access to the media from the media provider associated with the subscription privilege associated with the first user;
  
  authenticating, at the first personal identification device, a second biometric input of the first user based on the biometric template of the first user stored at the first personal identification device;
  
  sending the subscription privilege associated with the first user from the first personal identification device to a second media device at a second location when the second biometric input is authentic such that the second media device ceases to inhibit output of the media transmitted from the media provider based on the subscription privilege associated with the first user, the second media device being different from the first media device, the second location being different from the first location;
  
  producing, at the first personal identification device, a subscription privilege associated with a second user different from the first user, the subscription privilege associated with the second user being configured to permit access to the media from the media provider associated with the subscription privilege associated with the first user; and
  
  sending from the first personal identification device to a second personal identification device the subscription privilege associated with the first user and the subscription privilege associated with the second user, the second personal identification device being associated with the second user.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12, wherein the subscription privilege associated with the first user is uniquely associated with a media channel.
  - 14. The method of claim 12, wherein the subscription privilege associated with the first user is uniquely associated with a first media channel, the method further comprising:
    - sending a second subscription privilege associated with the first user uniquely associated with a second media channel different from the first media channel.
  - 15. The method of claim 12, wherein the first media device is located within a residence different from a residence within which the second media device is located.
  - 16. The method of claim 12, wherein the first media device is associated with a subscription of the first user, the second media device is associated with a subscription of a third user, the subscription of the third user is different from the subscription of the first user.
  - 17. The method of claim 12, wherein the first media device has been pre-registered with a subscription service of the media provider, the second media device has been pre-registered with the subscription service of the media provider.
  - 18. The method of claim 12, wherein the subscription privilege associated with the first user excludes biometric information of the first user.
  - 19. The method of claim 12, wherein the media provider is a television or radio broadcast media provider, the sending the subscription privilege associated with the first user to the first media device when the first biometric input is authentic is such that the first media device decrypts encrypted media transmitted from the television or radio broadcast media provider, the sending the subscription privilege to the second media device when the second biometric input is authentic is such that the second media device decrypts encrypted media transmitted from the television or radio broadcast media provider.
  - 20. The method of claim 12, wherein the subscription privilege associated with the first user is a first subscription privilege associated with the first user, the first subscription privilege being associated with a first media channel having a frequency, the media transmitted from the media provider is associated with the first media channel, the method further comprising:
    - sending a second subscription privilege associated with the first user from the first personal identification device of the first user to the first media device at the first location when a third biometric input is authentic such that the first media device ceases to inhibit output of media associated with a second media channel transmitted from the media provider based on the second subscription privilege associated with the first user, the second subscription privilege being associated with the second media channel having a frequency different than the frequency of the first media channel.
  - 21. The method of claim 12, further comprising:
    - verifying that the subscription privilege associated with the second user is a subset of the subscription privilege associated with the first user before the sending from the first personal identification device to the second personal identification device.
  - 22. The method of claim 12, wherein the subscription privilege associated with the second user includes a restriction determined by the first user, the restriction being associated with media output based on the subscription privilege associated with the second user.

23. A method, comprising:
- authenticating, at a personal identification device at a first location, a biometric input of a first user based on a biometric template of the first user stored at the personal identification device;
  
  sending a first subscription privilege associated with the first user from the personal identification device to a first media device at the first location when the biometric input of the first user is authentic such that the first media device outputs media associated with the first subscription privilege from a media provider only after receiving the first subscription privilege from the personal identification device;
  
  authenticating, at the personal identification device at a second location, a biometric input of a second user based on a biometric template of the second user stored at the personal identification device; and
  
  sending a second subscription privilege associated with the second user from the personal identification device to a second media device at the second location when the biometric input of the second user is authentic such that the second media device outputs media associated with the second subscription privilege from the media provider only after receiving the second subscription privilege from the personal identification device.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The method of claim 23, further comprising:
    - sending the first subscription privilege from the personal identification device to the second media device at the second location when the biometric input of the second user is authentic such that the second media device outputs media associated with the second subscription privilege from the media provider only after receiving the first subscription privilege and the second subscription privilege from the personal identification device.
  - 25. The method of claim 23, wherein the first media device is associated with a subscription of the first user and the second media device is associated with a subscription of a third user.
  - 26. The method of claim 23, wherein the first user is a primary user of a subscription service of the media provider and the second user is a secondary user of the subscription service.
  - 27. The method of claim 23, wherein the first subscription privilege is configured to permit full access to the media from the media provider associated with the first subscription privilege.
  - 28. The method of claim 23, wherein the second subscription privilege is configured to permit limited access to the media associated with the first subscription privilege from the media provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Privaris, Inc.
Inventors
Russell, David C., Johnson, Barry W., Olvera, Kristen R.
Primary Examiner(s)
Parthasarathy, Pramila

Application Number

US13/693,607
Publication Number

US 20130111575A1
Time in Patent Office

595 Days
Field of Search

None
US Class Current

713/156
CPC Class Codes

G06F 16/51   Indexing; Data structures t...

G06F 18/22   Matching criteria, e.g. pro...

G06F 21/1076   Revocation

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/6209   to a single file or object,...

G06F 21/72   in cryptographic circuits

G06F 21/85   interconnection devices, e....

G06V 40/13   Sensors therefor

G06V 40/1365   Matching; Classification

H04L 63/06   for supporting key manageme...

H04L 63/0861   using biometrical features,...

H04L 63/102   Entity profiles

H04L 9/3231   Biological data, e.g. finge...

H04N 21/25875   involving end-user authenti...

H04N 21/4415   using biometric characteris...

System and methods for assignation and use of media content subscription service privileges

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

143 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System and methods for assignation and use of media content subscription service privileges

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

143 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links