Method and system for authorizing secure electronic transactions using a security device having a quick response code scanner
First Claim
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
- at the security device, having a global unique identifier (UID), a processor, a QR (Quick Response) code scanner, and a memory;
obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device, the UID uniquely identifying the security device and being permanently associated with the security device;
forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising encrypting the user-personalized credential code;
at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over a network, comprising decrypting the user-personalized credential code;
retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and
performing a transaction authorization of a transaction using the security device and the QR code scanner.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for authenticating a security device for providing a secure access and transaction authorization to a remote network location are provided. The security device is authenticated by installing private security software on the security device. In order to authorize a transaction, a transaction authorization is performed using the security device by display a QR (Quick Response) code from an authorization server on a user terminal and scanning the QR code into the security device. After scanning the QR code, an OTA (One-Time-Authorization) code is sent from the security device to the authorization server for verifying the transaction. Embodiments of the present invention provide increased security and privacy. A corresponding system for authenticating a security device and preforming secure and private transactions is also provided.
-
Citations
20 Claims
-
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
-
at the security device, having a global unique identifier (UID), a processor, a QR (Quick Response) code scanner, and a memory; obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device, the UID uniquely identifying the security device and being permanently associated with the security device; forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising encrypting the user-personalized credential code; at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over a network, comprising decrypting the user-personalized credential code; retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and performing a transaction authorization of a transaction using the security device and the QR code scanner. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for providing a secure access from a local network location to a remote network location, the system comprising:
-
a remote server computer at the remote network location; and a security device at the local network location, the security device having a global unique identifier (UID) uniquely identifying the security device and permanently associated with the security device, a processor, a QR (Quick Response) code scanner, and a memory having computer readable instructions stored thereon, causing the processor to;
obtain, from the remote server computer, a private security software;cause the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device;
the UID uniquely identifying the security device and being permanently associated with the security device; andforward the PIN, the UID and the private security software to the remote server computer; the remote server computer being configured to generate a user-personalized credential code using the PIN, the UID and the private security software, and to encrypt the user-personalized credential code; the computer readable instructions being further configured to cause the processor to; obtain the user-personalized credential code from the remote server computer; verify an authenticity of the user selectable PIN and the UID, using the user-personalized credential code, and without communicating over a network, comprising decrypting the user-personalized credential code; retrieve access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID; and perform a transaction authorization of a transaction using the security device and the QR code scanner. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification