Electronic commerce with cryptographic authentication
First Claim
Patent Images
1. A method of implementing a cryptographic transaction related to an electronic transaction between a vendor device and a user device, the method comprising:
- storing, by a secure server, one or more private keys of a user from a plurality of private cryptographic keys, first one or more authentication data of the user, and a first user identifier of the user, wherein the one or more private keys of the user is unknown to the user;
receiving, by the vendor device, a transaction request and a second user identifier from the user device;
generating, by the vendor device, a unique transaction identifier (TID) of the current transaction, wherein the TID uniquely identifies the current transaction between the vendor and the user;
sending from the vendor device a cryptographic transaction request, the TID, and a current authentication data request to the user device;
sending from the vendor device the TID and the second user identifier to the secure server;
querying the user for second one or more authentication data based on the current authentication data request using the user device;
receiving from the user the second one or more authentication data; and
sending from the user device the TID sent from the vendor device and the second one or more authentication data to the secure server;
retrieving, by the secure server, the first one or more authentication data using the first user identifier and the second user identifier;
comparing, by the secure server, the first one or more authentication data and the second one or more authentication data; and
retrieving, by the secure server, the one or more private keys of the user and performing, by the secure server, one or more cryptographic functions employing the one or more private keys based on the comparison.
8 Assignments
0 Petitions
Accused Products
Abstract
A method for facilitating an authentication related to an electronic transaction between a first and a second user is provided. Authentication data is received from the first user along with transaction data defining the first user and the electronic transaction to be authenticated. This authentication data is compared to enrollment authentication data associated with the first user in order to verify the identity of the first user. When the user is properly verified, access to at least one private cryptographic key stored on a secure server is available for use in securing the electronic transaction. The particular private cryptographic key need not be released from the secure server. Data indicating the status of the authentication may then be sent to one of either the first or second user.
-
Citations
9 Claims
-
1. A method of implementing a cryptographic transaction related to an electronic transaction between a vendor device and a user device, the method comprising:
-
storing, by a secure server, one or more private keys of a user from a plurality of private cryptographic keys, first one or more authentication data of the user, and a first user identifier of the user, wherein the one or more private keys of the user is unknown to the user; receiving, by the vendor device, a transaction request and a second user identifier from the user device; generating, by the vendor device, a unique transaction identifier (TID) of the current transaction, wherein the TID uniquely identifies the current transaction between the vendor and the user; sending from the vendor device a cryptographic transaction request, the TID, and a current authentication data request to the user device; sending from the vendor device the TID and the second user identifier to the secure server; querying the user for second one or more authentication data based on the current authentication data request using the user device; receiving from the user the second one or more authentication data; and sending from the user device the TID sent from the vendor device and the second one or more authentication data to the secure server; retrieving, by the secure server, the first one or more authentication data using the first user identifier and the second user identifier; comparing, by the secure server, the first one or more authentication data and the second one or more authentication data; and retrieving, by the secure server, the one or more private keys of the user and performing, by the secure server, one or more cryptographic functions employing the one or more private keys based on the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeSecurity First Innovations, LLC
-
Original AssigneeSecurity First Corp
-
InventorsDickinson, Alexander G., Ohare, Mark S., Rohrbach, Mark D., Zoccoli, James G., Orsini, Rick L., Brooks, Aaron A., Davenport, Roger S., Clough, Philip W., Clayton, Richard F., Stark, Gregory H., Ferrante, Michelle, Berger, Brian, Dobson, Robert T. Jr.
-
Primary Examiner(s)Kim, Steven
-
Application NumberUS09/666,378Time in Patent Office5,536 DaysField of Search705/51, 705/64, 705/44, 705/67, 705/50, 705/78, 606/44, 606/67US Class Current1/1CPC Class CodesG06F 21/31 User authenticationG06F 21/32 using biometric data, e.g. ...G06F 21/33 using certificatesG06F 21/40 by quorum, i.e. whereby two...G06F 21/41 where a single sign-on prov...G06F 21/64 Protecting data integrity, ...G06F 2221/2113 Multi-level security, e.g. ...G06F 2221/2115 Third partyG06F 2221/2117 User registrationG06Q 20/02 involving a neutral party, ...G06Q 20/04 Payment circuitsG06Q 20/12 specially adapted for elect...G06Q 20/382 insuring higher security of...G06Q 20/3821 Electronic credentialsG06Q 20/38215 Use of certificates or encr...G06Q 20/3823 combining multiple encrypti...G06Q 20/3825 Use of electronic signaturesG06Q 20/3829 involving key managementG07F 7/1016 Devices or methods for secu...H04L 2209/56 Financial cryptography, e.g...View All
