Validation method and system for use in securing nomadic electronic transactions

US 9,635,002 B2
Filed: 12/31/2015
Issued: 04/25/2017
Est. Priority Date: 12/18/2008
Status: Active Grant

First Claim

Patent Images

1. A method involving a communication device, the method implemented at a server communicatively coupled to the communication device by a network comprising:

sending a request to the communication device from the server;

receiving at the server a response from the communication device over a local communication path;

deriving at the server a received data set from said response;

determining at the server at least one data set that had been previously transmitted to the communication device over a second communication path different from the local communication path; and

validating at the server the response based on the received data set and the at least one previously transmitted data set,wherein determining the at least one previously transmitted data set comprises determining at least one particular signature expected to be absent from the response if the response is valid, wherein validating the response comprises considering the response to be valid if the received data set does not match any of the at least one particular signature,wherein the response is a particular response and wherein each of the at least one particular signature is one of the at least one previously transmitted data set that has been included in a valid response already received from the communication device prior to receipt of the particular response,wherein validating the response further comprises considering the response to be invalid when the received data set matches one of the at least one particular signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method involving a communication device, which comprises sending a request to a communication device; receiving a response from the communication device over a local communication path; deriving a received data set from said response; determining at least one data set that had been previously transmitted to the communication device over a wireless portion of a second communication path different from the local communication path; and validating the response based on the received data set and the at least one previously transmitted data set.

13 Citations

14 Claims

1. A method involving a communication device, the method implemented at a server communicatively coupled to the communication device by a network comprising:
- sending a request to the communication device from the server;
  
  receiving at the server a response from the communication device over a local communication path;
  
  deriving at the server a received data set from said response;
  
  determining at the server at least one data set that had been previously transmitted to the communication device over a second communication path different from the local communication path; and
  
  validating at the server the response based on the received data set and the at least one previously transmitted data set,wherein determining the at least one previously transmitted data set comprises determining at least one particular signature expected to be absent from the response if the response is valid, wherein validating the response comprises considering the response to be valid if the received data set does not match any of the at least one particular signature,wherein the response is a particular response and wherein each of the at least one particular signature is one of the at least one previously transmitted data set that has been included in a valid response already received from the communication device prior to receipt of the particular response,wherein validating the response further comprises considering the response to be invalid when the received data set matches one of the at least one particular signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method defined in claim 1, wherein deriving the received data set from the response comprises decrypting the received data set and an identifier of the communication device using a decryption key.
  - 3. The method defined in claim 1, further comprising sending the at least one previously transmitted data set to the communication device.
  - 4. The method defined in claim 3, wherein said sending the at least one previously transmitted data set is carried out autonomously by a control server.
  - 5. The method defined in claim 3, wherein said sending the at least one previously transmitted data set is carried out by a control server in response to receipt of a message indicating a detected presence of the communication device.
  - 6. The method defined in claim 1 , wherein the response is received during a transaction attempt carried out using the communication device.
  - 7. The method defined in claim 6, wherein if the response is considered valid, the received data set is indicative of a transaction identifier generated by a control server in anticipation of the transaction attempt.
  - 8. The method defined in claim 6, wherein if the response is considered valid, the received data set is indicative of a transaction identifier generated by a control server after being informed of the transaction attempt.
  - 9. The method defined in claim 1, further comprising granting access to a resource upon considering the response to be valid and denying access to the resource upon considering the response to be invalid.
  - 10. The method defined in claim 9, wherein the resource includes a financial resource.
  - 11. The method defined in claim 9, further comprising rendering the granting and denying conditional upon an outcome of a further validation step.
  - 12. The method defined in claim 1, wherein the request is sent over the local communication path.
  - 13. The method defined in claim 1, wherein the local communication path includes a wireless portion that is shared with the second communication path.
  - 14. The method defined in claim 1, wherein the received data set is included within encrypted data included in the response, the method further comprising decrypting the received data from the encrypted data using a decryption key complementary to an encryption key used to encrypt the received data set within the encrypted data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BCE Incorporated
Original Assignee
BCE Incorporated
Inventors
O'Brien, William G, Yeap, Tet Hin, Murray, Sean MacLean
Primary Examiner(s)
HOLDER, BRADLEY W

Application Number

US14/985,676
Publication Number

US 20160110720A1
Time in Patent Office

481 Days
Field of Search
US Class Current
CPC Class Codes

G06K 7/10366   the interrogation device be...

G06Q 20/02   involving a neutral party, ...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/425   using two different network...

G06Q 2220/00   Business processing using c...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0492   by using a location-limited...

H04L 63/0869   for achieving mutual authen...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

H04L 9/3247   involving digital signatures

H04L 9/3271   using challenge-response

Validation method and system for use in securing nomadic electronic transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Validation method and system for use in securing nomadic electronic transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others