Method for veryifying authorized signer for mobile device based document escrow service

US 9,596,236 B2
Filed: 04/09/2014
Issued: 03/14/2017
Est. Priority Date: 04/09/2014
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user to a document escrow service, the method comprising the steps of:

(a) logging a mobile device onto a mobile network, said mobile device being one of a mobile phone and a tablet computer and having a biometric sensor, a display, an input apparatus, and a non-transient memory in communication with a processor in said mobile device;

(b) opening on the mobile device a signature application which allows a document to be signed;

(c) reading the biometric sensor;

(d) sending, via the mobile network, biometric data of the user collected from the reading of the biometric sensor via the mobile network to at least one member of an authentication group selected from the group consisting of a document execution server, a third party data base and a manufacturer application server;

(e) receiving, at the mobile device, from said at least one member of the authentication group, a permission signal for indicating a match or a non-match between the biometric data collected from reading the biometric sensor on the mobile device and biometric data on the at least one member; and

(f) depending upon the permission signal received, the signature application allowing the document to be signed and sent to the document execution server if there is a match or not allowing the document to be signed if there is no match,wherein the method further comprises, in response to the user opening a signature application on a second device while the signature application is open on the mobile device,reading a second-device biometric sensor in the second device;

sending second-device biometric data of the user collected from reading the second-device biometric sensor in the second device to the at least one member; and

receiving, by the mobile device, a rejection notification message generated in response to a detection of suspected coercion of the user and requesting that the user log out of and log back in on at least one of the signature application on the mobile device and the signature application on the second device,wherein the suspected coercion is inferred from a presence of two currently valid authentications being held at the document execution server.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a user to a document escrow service includes steps of logging a mobile phone onto a mobile network, wherein the mobile phone has a biometric sensor, a display, an input apparatus, and a non-transient memory in communication with a processor, and opening a signature application on the mobile device. The method further includes reading the biometric sensor and sending, via the mobile network, biometric data collected from the reading of the biometric sensor to a document execution server or a manufacturer application server. The method further includes receiving, at the mobile phone a permission signal and, dependent upon the permission signal received, using the mobile device to either allow or not allow a web ready document to be signed and returned to the document execution server.

27 Citations

View as Search Results

24 Claims

1. A method for authenticating a user to a document escrow service, the method comprising the steps of:
- (a) logging a mobile device onto a mobile network, said mobile device being one of a mobile phone and a tablet computer and having a biometric sensor, a display, an input apparatus, and a non-transient memory in communication with a processor in said mobile device;
  
  (b) opening on the mobile device a signature application which allows a document to be signed;
  
  (c) reading the biometric sensor;
  
  (d) sending, via the mobile network, biometric data of the user collected from the reading of the biometric sensor via the mobile network to at least one member of an authentication group selected from the group consisting of a document execution server, a third party data base and a manufacturer application server;
  
  (e) receiving, at the mobile device, from said at least one member of the authentication group, a permission signal for indicating a match or a non-match between the biometric data collected from reading the biometric sensor on the mobile device and biometric data on the at least one member; and
  
  (f) depending upon the permission signal received, the signature application allowing the document to be signed and sent to the document execution server if there is a match or not allowing the document to be signed if there is no match,wherein the method further comprises, in response to the user opening a signature application on a second device while the signature application is open on the mobile device,reading a second-device biometric sensor in the second device;
  
  sending second-device biometric data of the user collected from reading the second-device biometric sensor in the second device to the at least one member; and
  
  receiving, by the mobile device, a rejection notification message generated in response to a detection of suspected coercion of the user and requesting that the user log out of and log back in on at least one of the signature application on the mobile device and the signature application on the second device,wherein the suspected coercion is inferred from a presence of two currently valid authentications being held at the document execution server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method in accordance with claim 1 wherein the biometric data is fingerprint data and the biometric sensor is a fingerprint sensor.
  - 3. A method in accordance with claim 2 wherein said sending, via the mobile network, biometric data collected from said reading the biometric sensor to at least one member of the authentication group consisting of the document execution server, the third party data base and the manufacturer application server further comprises sending, via the mobile network, the fingerprint data to the manufacturer application server.
  - 4. A method in accordance with claim 3 further comprising the signature application on the mobile device downloading a read-only version of the document even when the permission signal received indicates that the user of the mobile device is not authorized to sign and send the document to the document execution server.
  - 5. A method in accordance with claim 1 wherein the at least one member is the manufacturer application server.
  - 6. A method in accordance with claim 1 further comprising the signature application on the mobile device downloading a read-only version of the document even when the permission signal received indicates that the user of the mobile device is not authorized to sign and send the document to the document execution server.
  - 7. The method of claim 1 wherein the at least one member of the authentication group is the document execution server.
  - 8. The method of claim 1 wherein the at least one member of the authentication group is the third party data base.
  - 9. The method of claim 1 further comprising:
    - enabling the document execution server to reject the document after the signature application on the mobile device allows the document to be signed and sent to the document execution server.
  - 10. A method in accordance with claim 1 wherein the biometric data is photographic data and the biometric sensor is a camera.
  - 11. The method of claim 1 which further comprises:
    - collecting a time stamp audit during at least one of steps (a) through (f), and attaching the at least one time stamp audit to the document.
  - 12. The method of claim 1, further comprising, prior to reading the biometric sensor, performing an initial reading of the biometric sensor to authenticate the user of the mobile device, wherein logging the mobile device onto the mobile network is performed in response to a successful authentication of the user based on the initial reading of the biometric sensor.
  - 13. The method of claim 1, further comprising, after receiving the rejection notification message, forcing a logout of at least one of the mobile device and the second device.
  - 14. The method of claim 13, further comprising, after receiving the rejection notification message, receiving rejection notification messages in response to future login attempts until the document execution server has been reset.
  - 15. The method of claim 14, wherein the biometric sensor includes a camera and wherein the biometric data of the user collected by reading the biometric sensor includes a photograph of one of (i) a back of a hand of the user and (ii) a palm of the hand of the user.
  - 16. The method of claim 15, wherein the signature application on the mobile device includes a web browser, and wherein the method further includes providing to the at least one member of the authentication group, information that identifies what types of biometric identification are available for accessing on the mobile device.
  - 17. The method of claim 1, further comprising, after receiving the rejection notification message, receiving rejection notification messages in response to future login attempts until the document execution server has been reset.

18. A method for authenticating a user to a document escrow service, the method comprising the steps of:
- (a) logging a mobile device onto a mobile network, said mobile device being one of a mobile phone and a tablet computer and having a biometric sensor, a display, an input apparatus, and a non-transient memory in communication with a processor in said mobile device;
  
  (b) opening a signature application on the mobile device;
  
  (c) reading the biometric sensor;
  
  (d) comparing biometric data of the user collected by reading the biometric sensor to biometric data previously stored in the mobile device to produce a permission signal, the permission signal configured to indicate one of (i) a successful comparison reflecting a match between the biometric data collected from the biometric sensor and the biometric data previously stored in the mobile device and (ii) an unsuccessful comparison reflecting no match between the biometric data collected from the biometric sensor and the biometric data previously stored in the mobile device;
  
  (e) signaling the successful comparison to the signature application on the mobile device, and(f) dependent upon the successful comparison, the signature application on the mobile device allowing a document to be signed and sent to a document execution server via the mobile network,wherein the method further comprises, in response to the user opening a signature application on a second device while the signature application is open on the mobile device,reading a second-device biometric sensor in the second device;
  
  sending second-device biometric data of the user collected from reading the second-device biometric sensor in the second device to the document execution server; and
  
  receiving, by the mobile device, a rejection notification message generated in response to a detection of suspected coercion of the user and requesting that the user log out of and log back in on at least one of the signature application on the mobile device and the signature application on the second device,wherein the suspected coercion is inferred from a presence of two currently valid authentications being held at the document execution server.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. A method in accordance with claim 18 wherein the biometric data is fingerprint data and the biometric sensor is a fingerprint sensor.
  - 20. A method in accordance with claim 19 further comprising downloading a read-only version of the document to the signature application on the mobile device even when the permission signal indicates the unsuccessful comparison.
  - 21. A method in accordance with claim 20 further comprising the signature application on the mobile device downloading a read-only version of the document even when the permission signal received indicates the unsuccessful comparison.
  - 22. The method of claim 18 wherein the stored biometric data is an encrypted fingerprint.
  - 23. The method of claim 18 further comprising:
    - enabling the document execution server to reject the document after allowing the document to be signed and sent to the document execution server via the mobile network.
  - 24. The method of claim 18 which further comprises:
    - collecting a time stamp audit during at least one of steps (a) through (f), and attaching the at least one time stamp audit to the document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Dunn, Cary, Bernstein, Daryl
Primary Examiner(s)
Truong, Thanhnga B
Assistant Examiner(s)
PLECHA, THADDEUS J

Application Number

US14/248,832
Publication Number

US 20150295922A1
Time in Patent Office

1,070 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/93   Document management systems

G06F 21/32   using biometric data, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/0861   using biometrical features,...

H04L 63/126   the source of the received ...

H04L 9/3247   involving digital signatures

H04W 12/06   Authentication

H04W 12/10   Integrity

H04W 12/61   Time-dependent

Method for veryifying authorized signer for mobile device based document escrow service

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method for veryifying authorized signer for mobile device based document escrow service

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links