Apparatus, system and method for secure payment
First Claim
1. A continuous authentication system for access control to resources on a protected first device with a mobile device, the system comprising:
- a first processor associated with the protected first device;
the mobile device comprising;
a wireless transmitter configured to wirelessly transmit a wireless signal including a first pseudo-random non-predictable value;
a user interface programmed to authenticate an identity of a user of the mobile device based at least on first information known to the user and programmed to receive second information to authorize the user to access the protected first device; and
a mobile device processor programmed to authenticate the user of the mobile device based on the first information and to generate the first pseudo-random non-predictable value by combining at least a portion of the second information and a pseudo-random value;
a wireless receiver, coupled to a secure registry component and the first processor, configured to receive the wireless signal; and
the secure registry component configured to receive the first pseudo-random non-predictable value and successfully authenticate the user of the mobile device to the first processor based on the first pseudo-random non-predictable value, where the first pseudo-random non-predictable value is matched to the mobile device by the secure registry component;
wherein the first processor is configured to authorize the user of the mobile device to access the protected first device following successful authentication of the user based on the matching of the pseudo-random value;
wherein the first processor is configured to continue to permit the user of the mobile device to continue to access the protected first device to access the resources so long as the protected first device receives subsequent authentication information to re-authenticate the mobile device and so long as re-authentication results in a continued successful authentication of the mobile device using at least a subsequent pseudo-random non-predictable value, andwherein the first processor is configured to deny access to the user of the mobile device responsive to the mobile device being outside of a minimum wireless signal proximity of the wireless receiver.
3 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention generally relate to apparatus, systems and methods for authentication, in particular, apparatus, systems and methods for authenticating an entity for computer and/or network security, secure authorization of a payment or for funds transfer and for selectively granting privileges and providing other services in response to such authentications. In addition, embodiments of the invention relate generally to apparatus, systems and methods for the communication of information between a mobile user-device and a point-of-sale device to securely provide authorization for a financial transaction.
189 Citations
29 Claims
-
1. A continuous authentication system for access control to resources on a protected first device with a mobile device, the system comprising:
-
a first processor associated with the protected first device; the mobile device comprising; a wireless transmitter configured to wirelessly transmit a wireless signal including a first pseudo-random non-predictable value; a user interface programmed to authenticate an identity of a user of the mobile device based at least on first information known to the user and programmed to receive second information to authorize the user to access the protected first device; and a mobile device processor programmed to authenticate the user of the mobile device based on the first information and to generate the first pseudo-random non-predictable value by combining at least a portion of the second information and a pseudo-random value; a wireless receiver, coupled to a secure registry component and the first processor, configured to receive the wireless signal; and the secure registry component configured to receive the first pseudo-random non-predictable value and successfully authenticate the user of the mobile device to the first processor based on the first pseudo-random non-predictable value, where the first pseudo-random non-predictable value is matched to the mobile device by the secure registry component; wherein the first processor is configured to authorize the user of the mobile device to access the protected first device following successful authentication of the user based on the matching of the pseudo-random value; wherein the first processor is configured to continue to permit the user of the mobile device to continue to access the protected first device to access the resources so long as the protected first device receives subsequent authentication information to re-authenticate the mobile device and so long as re-authentication results in a continued successful authentication of the mobile device using at least a subsequent pseudo-random non-predictable value, and wherein the first processor is configured to deny access to the user of the mobile device responsive to the mobile device being outside of a minimum wireless signal proximity of the wireless receiver. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for access control to a protected first device with a mobile device, the method comprising:
-
accepting, by the mobile device, first information known to a user of the mobile device to authenticate the user to the mobile device, and accepting second information to authorize the user to access the protected first device; generating, by the mobile device, a first pseudo-random non-predictable value based on combining at least a portion of the second information and a pseudo-random value; receiving, at a wireless receiver coupled to the protected first device, a first wireless signal including the first pseudo-random non-predictable value wirelessly transmitted from the mobile device to the protected first device; processing, by a secure registry component coupled to the protected first device, the first pseudo-random non-predictable value to authenticate the user in possession of the mobile device based on the first pseudo-random non-predictable value; allowing the user of the mobile device to access the protected first device following successful authentication; permitting, by the protected first device, the user to operate the protected first device so long as the protected first device receives subsequent authentication information to re-authorize the mobile device and so long as re-authentication results in a continued successful authentication of the user using at least a pseudo-random non-predictable value; and denying, by the protected first device, the user'"'"'s access to the protected first device responsive to the mobile device being outside of a minimum wireless signal proximity of the wireless receiver. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A continuous authentication system for controlling access to resources on at least one computer, the system comprising:
-
a protected computer having associated computer resources, the protected computer connected to a communication network; a portable device configured to communicate with the protected computer, the portable device including; a user interface programmed to authenticate a user to the portable device based on at least one of secret information known to the user of the portable device and information of the user of the portable device; a portable device processor programmed to generate a first pseudo-random non-predictable value following a successful authentication of the user on the portable device; and a wireless transceiver coupled to the portable device processor and configured to transmit a wireless signal including the first pseudo-random non-predictable value; and a secure registry component coupled to, and executing at least in part on, the protected computer, the secure registry component also coupled to a wireless receiver configured to receive the wireless signal including the first pseudo-random non-predictable value and successfully authenticate the user of the portable device where the first pseudo-random non-predictable value is matched to the user by the secure registry component, the secure registry component further configured to pass the successful authentication to the portable device, wherein the user of table device is permitted to operate the protected computer to access the associated resources through the protected computer so long as the protected computer receives subsequent authentication information to re-authenticate the portable device and so long as the re-authentication results in a continued successful authentication of the user using at least a subsequent pseudo-random non-predictable value, and wherein the user of the portable device is denied access to the protected computer responsive to the portable device being outside of a minimum wireless signal proximity of the wireless transmitter and receiver.
-
-
29. A continuous authentication system for access control to resources on a protected first device with a mobile device, the system comprising:
-
a mobile device comprising; a wireless transmitter configured to wirelessly transmit a wireless signal including a first pseudo-random non-predictable value; a user interface programmed to authenticate a user based at least on one of first information known to the user of the mobile device and information of the user to authenticate the user to the mobile device, and programmed to receive second information to authorize the user to access the protected first device; and a mobile device processor programmed to authenticate the user of the mobile device based on the first information and the information of the user, and to generate the first pseudo-random non-predictable value by combining at least a portion of the second information and a pseudo-random value; a wireless receiver, coupled to a secure registry component and configured to receive the wireless signal; and the secure registry component configured to receive the first pseudo-random non-predictable value and successfully authenticate the user of the mobile device to the protected first device where the first pseudo-random non-predictable value is matched to the mobile device by the secure registry component, wherein the authentication by the secure registry component triggers a first processor of the protected device to authorize the user of the mobile device to access the protected first device following successful authentication of the user based on the matching of the pseudo-random value, wherein the user of the mobile device is permitted to operate the protected first device to access the resources so long as the protected first device receives subsequent authentication information to re-authenticate the mobile device and so long as re-authentication results in a continued successful authentication of the mobile device using at least a subsequent pseudo-random non-predictable value, and wherein the user of the mobile device is denied permission to operate the protected first device to access the resources responsive to the mobile device being outside of a minimum wireless signal proximity of the wireless transmitter and receiver.
-
Specification