Method and system for authorizing secure electronic transactions using a security device
First Claim
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
- at the security device, having a global unique identifier (UID), a processor and a memory;
obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device, the UID uniquely identifying the security device;
forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising encrypting the user-personalized credential code;
at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over a network, comprising decrypting the user-personalized credential code;
retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and
performing a transaction authorization of a transaction using the security device.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for authenticating a security device for providing a secure access and transaction authorization to a remote network location are provided. The security device is authenticated by installing private security software on the security device. A Two-Channel authorization method includes a transaction notification/authorization channel and a transaction channel. A Three-Channel authorization method includes a transaction notification channel, a transaction authorization channel, and the transaction channel. Embodiments of the present invention provide increased security and privacy. A corresponding system for authenticating a security device and preforming secure private transactions is also provided.
58 Citations
21 Claims
-
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
-
at the security device, having a global unique identifier (UID), a processor and a memory; obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device, the UID uniquely identifying the security device; forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising encrypting the user-personalized credential code; at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over a network, comprising decrypting the user-personalized credential code; retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and performing a transaction authorization of a transaction using the security device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for providing a secure access from a local network location to a remote network A system for providing a secure access from a local network location to a remote network location, the system comprising:
-
a remote server computer at the remote network location; and a security device at the local network location, the security device having a global unique identifier (UID) uniquely identifying the security device and permanently associated with the security device, a processor and a memory having computer readable instructions stored thereon, causing the processor to; obtain, from the remote server computer, a private security software; cause the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device;
the UID uniquely identifying the security device and being permanently associated with the security device; andforward the PIN, the UID and the private security software to the remote server computer; the remote server computer being configured to generate a user-personalized credential code using the PIN, the UID and the private security software, and to encrypt the user-personalized credential code; the computer readable instructions being further configured to cause the processor to; obtain the user-personalized credential code from the remote server computer; verify an authenticity of the user selectable PIN and the UID, using the user-personalized credential code, and without communicating over a network, comprising decrypting the user-personalized credential code; and retrieve access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and perform a transaction authorization of a transaction using the security device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification