Secure distributed single action payment authorization system

US 9,779,393 B2
Filed: 04/29/2011
Issued: 10/03/2017
Est. Priority Date: 12/02/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method of paying for an item, the method comprising:

receiving user credentials at a first application installed on a mobile device;

transmitting the user credentials and a device identifier from the first application of the mobile device to a payment management server;

receiving, from the payment management server, an encryption key at the mobile device;

obtaining data at the mobile device to be included in personal payment information;

encrypting the data using the encryption key received from the payment management server to form encrypted personal payment information at the mobile device;

storing the encrypted personal payment information on the mobile device, the encrypted personal payment information associated with the first application and not associated with a second application installed on the mobile device;

discarding, from the mobile device, the encryption key andafter discarding the encryption keyreceiving, at the mobile device, a request to make a payment using the second application;

responsive to determining that there is not personal payment information associated with the second application, transmitting a request for authorization from the mobile device to the payment management server, the request for authorization including the user credentials and the device identifier;

responsive to receiving an indication from the payment management server at the mobile device, accessing, the encrypted personal payment information associated with the first application;

receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;

decrypting, at the mobile device, the encrypted personal payment information using the decryption key associated with the device identifier to expose the personal payment information; and

transmitting the exposed personal payment information from the mobile device to a payment authority associated with the request to make the payment using the second application via a secure connection to the payment authority.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for enabling and performing secured, single action payments from a mobile device are disclosed. One method includes transmitting user credentials from an application installed on a mobile device to a server alongside a device identifier. The method includes receiving data at least partially defining encrypted personal payment information and saving the encrypted personal payment information in a memory of the mobile device in association with the application. At least prior to receiving a user request to make a payment via the application, the mobile device lacks a decryption key capable of decrypting the encrypted personal payment information.

Citations

17 Claims

1. A method of paying for an item, the method comprising:
- receiving user credentials at a first application installed on a mobile device;
  
  transmitting the user credentials and a device identifier from the first application of the mobile device to a payment management server;
  
  receiving, from the payment management server, an encryption key at the mobile device;
  
  obtaining data at the mobile device to be included in personal payment information;
  
  encrypting the data using the encryption key received from the payment management server to form encrypted personal payment information at the mobile device;
  
  storing the encrypted personal payment information on the mobile device, the encrypted personal payment information associated with the first application and not associated with a second application installed on the mobile device;
  
  discarding, from the mobile device, the encryption key andafter discarding the encryption keyreceiving, at the mobile device, a request to make a payment using the second application;
  
  responsive to determining that there is not personal payment information associated with the second application, transmitting a request for authorization from the mobile device to the payment management server, the request for authorization including the user credentials and the device identifier;
  
  responsive to receiving an indication from the payment management server at the mobile device, accessing, the encrypted personal payment information associated with the first application;
  
  receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;
  
  decrypting, at the mobile device, the encrypted personal payment information using the decryption key associated with the device identifier to expose the personal payment information; and
  
  transmitting the exposed personal payment information from the mobile device to a payment authority associated with the request to make the payment using the second application via a secure connection to the payment authority.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the encrypted personal payment information includes information selected from a list consisting of:
    - credit card information;
      
      checking account information;
      
      online payment account information; and
      
      carrier billing information.
  - 3. The method of claim 1, wherein the further comprising transmitting transaction information that includes a payee and a payment amount.
  - 4. The method of claim 1, wherein obtaining data at the mobile device to be included in encrypted personal payment information includes obtaining the data from a second device separate from the mobile device.
  - 5. The method of claim 1, wherein the payment authority comprises a carrier provider with which the user has authorized a carrier billing arrangement.
  - 6. The method of claim 1, wherein obtaining data at the mobile device to be included in encrypted personal payment information includes obtaining carrier provider information.
  - 7. The method of claim 1, wherein the request to make the payment using the second application includes a single action representing a user selection indicating a desire to make a payment through one or more of a plurality of payment options, the plurality of payment options associated with different billing entity types;
    - andwherein the plurality of different billing entity types includes a payment authority and a carrier.
  - 8. The method of claim 1, further comprising, subsequent to discarding the encryption keyreceiving a request to make payment for an item, the request comprising a single action representing a user selection indicating a desire to make a payment;
    - receiving user credentials at the second application;
      
      transmitting the user credentials and device identifier from the second application to the payment management server;
      
      receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;
      
      decrypting the encrypted personal payment information using the decryption key to expose personal payment information;
      
      in response to the selection, initiating authorization of payment for the item by transmitting the personal payment information to a payment authority via a secure connection to the payment authority; and
      
      after initiating authorization of payment for the item, discarding the exposed personal payment information and the decryption key by the second application.
  - 9. The method of claim 1, further comprising, subsequent to discarding the encryption keyreceiving a request to make payment for an item, the request comprising a single action representing a user selection indicating a desire to make a payment;
    - based at least in part on the personal payment information, providing to a user a plurality of options for payment, the plurality of options for payment associated with different billing entity types;
      
      receiving user credentials at the second application;
      
      transmitting the user credentials and device identifier from the second application to the payment management server;
      
      receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;
      
      decrypting the encrypted personal payment information using the decryption key to expose personal payment information;
      
      in response to the selection, initiating authorization of payment for the item by transmitting the personal payment information to a payment authority via a secure connection to the payment authority; and
      
      after initiating authorization of payment for the item, discarding the exposed personal payment information and the decryption key by the second application.
  - 10. The method of claim 5, wherein the carrier provider is an entity selected from the group of entities consisting of:
    - a wireless service provider; and
      
      a utility service provider.
  - 11. The method of claim 5, further comprising, prior to receiving a request to make payment for an item, transmitting a validation message from the mobile device to a carrier provider, thereby authorizing carrier billing associated with the user.
  - 12. The method of claim 7, wherein the carrier is an entity selected from the group consisting of:
    - a wireless service provider and a utility service provider.

13. A secure distributed single-action payment system comprising:
- a mobile device comprising;
  
  a programmable circuit configured to execute program instructions stored in memory which, when executed, cause the mobile device to;
  
  receive user credentials at a first application installed on the mobile device;
  
  transmit the user credentials from the first application of the mobile device to a payment management server alongside a device identifier;
  
  receive, from the payment management server, an encryption key;
  
  obtain data at the mobile device to be included in personal payment information;
  
  encrypt the data using the encryption key received from the payment management server to form encrypted personal payment information;
  
  save the encrypted personal payment information in the memory in association with the first application, the encrypted personal payment information including a user identifier and a carrier identifier, wherein the encrypted personal payment information in the memory is not associated with a second application installed on the mobile device;
  
  discard the encryption key; and
  
  after discarding the encryption key;
  
  receive a request to make payment for an item using the second application, the request comprising a single action representing a user selection indicating a desire to make a payment through one or more of a plurality of payment options, the plurality of payment options associated with different billing entity types;
  
  receive user credentials at the second application;
  
  responsive to receiving the request to make payment for the item using the second application and responsive to determining that there is not personal payment information associated with the second application in memory, transmit a request for authorization to the payment management server, the request for authorization including the user credentials and device identifier;
  
  responsive to receiving an indication from the payment management server, access the encrypted personal payment information associated with the first application;
  
  receive a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;
  
  decrypt the encrypted personal payment information using the decryption key associated with the device identifier to expose personal payment information;
  
  in response to the user selection, transmit the personal payment information to a payment authority via a secure connection to the payment authority, wherein the payment authority is associated with the request to make the payment using the second application; and
  
  after initiating authorization of payment for the item, discard the exposed personal payment information and the decryption key by the application.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The system of claim 13, wherein the user identifier includes an account number associated with the user by a carrier provider.
  - 15. The system of claim 13, further comprising, at the mobile device, after receiving the action at the mobile device, transmitting information authorizing a payment to a carrier associated with the user as defined in the personal payment information, thereby authorizing the carrier to transact the payment.
  - 16. The system of claim 13, further comprising a server communicatively connected to the mobile device, the server configured to execute program instructions which, when executed, cause the server to authorize payment for the item by a carrier provider based on information received from the mobile device.
  - 17. The system of claim 13, wherein the plurality of different billing entity types includes a payment authority and a carrier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AppMobi IPLC, Inc.
Original Assignee
AppMobi IPLC, Inc.
Inventors
Abadir, Essam Ernest, Schock, Rosco, Maffett, Ian Dane
Primary Examiner(s)
Agwumezie, Charles C

Application Number

US13/098,053
Publication Number

US 20120143772A1
Time in Patent Office

2,349 Days
Field of Search

705 75
US Class Current
CPC Class Codes

G06Q 20/085   involving remote charge det...

G06Q 20/10   specially adapted for elect...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

G06Q 30/0601   Electronic shopping [e-shop...

G06Q 30/0613   Third-party assisted

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 9/321   involving a third party or ...

H04L 9/3234   involving additional secure...

H04W 12/06   Authentication

Secure distributed single action payment authorization system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Secure distributed single action payment authorization system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links