Electronic signature security algorithms

US 8,799,165 B2
Filed: 01/11/2012
Issued: 08/05/2014
Est. Priority Date: 01/11/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

receiving, by a device comprising a processor, a phone number from a bank client device associated with a user identity;

confirming, by the device, the phone number is associated with a client account;

verifying, by the device, the client account contains no linked devices;

generating, by the device, a first one time password and a second one time password;

sending, by the device, the first one time password to the phone number;

sending, by the device, the second one time password to the bank client device;

receiving, by the device, a password and the second one time password from the bank client device;

verifying, by the device, the second one time password and the password; and

in response to the verifying, creating, by the device, a new client account in association with the user identity.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies are generally described for security algorithm methods in authorizing and linking devices associated with a customer. A first device can be linked to a customer account. Additional devices can be linked to the customer account. Those devices can be authenticated to perform banking operations using dual factor authentication wherein a customer'"'"'s login information is a first factor and the customer using a previously authenticated device is a second factor. By using additional methods of authentication, transactions can be done more reliably and securely.

Citations

18 Claims

1. A method, comprising:
- receiving, by a device comprising a processor, a phone number from a bank client device associated with a user identity;
  
  confirming, by the device, the phone number is associated with a client account;
  
  verifying, by the device, the client account contains no linked devices;
  
  generating, by the device, a first one time password and a second one time password;
  
  sending, by the device, the first one time password to the phone number;
  
  sending, by the device, the second one time password to the bank client device;
  
  receiving, by the device, a password and the second one time password from the bank client device;
  
  verifying, by the device, the second one time password and the password; and
  
  in response to the verifying, creating, by the device, a new client account in association with the user identity.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - establishing, by the device, a secure session with the bank client device.
  - 3. The method of claim 2, wherein the establishing the secure session is based upon a random generated number.
  - 4. The method of claim 1, wherein the verifying the submitted password is based upon comparing the password to the first one time password.
  - 5. The method of claim 1, further comprising:
    - generating, by the device, a subscriber identification number and a security key pair;
      
      registering, by the device, the subscriber identification number with the client account;
      
      sending, by the device, the subscriber identification number and the security key pair to the bank client device; and
      
      sending, by the device, a confirmation to the phone number.
  - 6. The method of claim 1, further comprising:
    - sending, by the device, information for display on the bank client device for entry of the password.

7. A non-transitory computer readable storage device comprising executable instructions that, in response to execution, cause a device comprising a processor to perform operations, comprising:
- receiving a phone number from a bank client device associated with a user identity;
  
  confirming whether the phone number is associated with a client account;
  
  verifying the client account contains no linked devices;
  
  generating a first one time password and a second one time password;
  
  sending the first one time password to the phone number;
  
  sending the second one time password to the bank client device;
  
  receiving a password and the second one time password from the bank client device;
  
  verifying the second one time password and the password; and
  
  in response to the verifying, creating a new client account in association with the user identity.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The non-transitory computer readable storage device of claim 7, wherein the operations further comprise establishing a secure session with the bank client device.
  - 9. The non-transitory computer readable storage device of claim 8, wherein the establishing the secure session is based upon a random generated number.
  - 10. The non-transitory computer readable storage device of claim 7, wherein the verifying the password is based upon comparing the password to the first one time password.
  - 11. The non-transitory computer readable storage device of claim 7, wherein the operations further comprise:
    - generating a subscriber identification number and a security key pair;
      
      registering the subscriber identification number with the first client account;
      
      sending the subscriber identification number and the security key pair to the bank client device; and
      
      sending a confirmation to the phone number.
  - 12. The non-transitory computer readable storage device of claim 7, wherein the operations further comprise sending information for display on the bank client device for entry of the password.

13. A system, comprisinga processor;
- anda memory coupled to the processor and storing executable instructions that, in response to execution by the processor, perform operations, comprising;
  
  receiving a phone number associated with a user identity from a bank client device;
  
  determining whether the phone number is associated with a client account;
  
  verifying the client account contains no linked devices;
  
  generating a first one time password and a second one time password;
  
  sending the first one time password to the phone number;
  
  sending the second one time password to the bank client device;
  
  receiving a password and the second one time password from the bank client device;
  
  verifying the second one time password and the password; and
  
  in response to the verifying, creating a new client account associated with the user identity.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system of claim 13, wherein the operations further comprise:
    - establishing a secure session with the bank client device.
  - 15. The system of claim 14, wherein the establishing the secure session is based upon a random generated number.
  - 16. The system of claim 13, wherein the verifying the password is based upon comparing the password to the first one time password.
  - 17. The system of claim 13, wherein the operations further comprise:
    - generating a subscriber identification number and a security key pair;
      
      registering the subscriber identification number with the other client account;
      
      sending the subscriber identification number and the security key pair to the bank client device; and
      
      sending a confirmation to the phone number.
  - 18. The system of claim 13, wherein the operations further comprise:
    - sending information for display on the bank client device for entry of the password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
Rawllin International Inc.
Inventors
Kirillin, Viacheslav, Zemlyanskiy, Sergey
Primary Examiner(s)
Hewitt, II, Calvin L
Assistant Examiner(s)
LE, NANCY LOAN T

Application Number

US13/348,191
Publication Number

US 20130179350A1
Time in Patent Office

937 Days
Field of Search

705/44
US Class Current

705/50
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G06Q 20/3221   Access to banking informati...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 40/02   Banking, e.g. interest calc...

H04L 63/0876   based on the identity of th...

H04L 9/3228   One-time or temporary data,...

Electronic signature security algorithms

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic signature security algorithms

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links