Authentication using application authentication element

US 9,883,387 B2
Filed: 03/23/2012
Issued: 01/30/2018
Est. Priority Date: 03/24/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a processor, an application authentication request;

generating, by the processor, an application authentication element comprising a pre-selected authentication element;

providing, by the processor, the application authentication element to a mobile communication device, the pre-selected authentication element of the application authentication element validating the authenticity of an application operating on the mobile communication device to a user; and

receiving, by the processor, a user authentication request from the mobile communication device, the user authentication request indicating that the user has validated the authenticity of the application operating on the mobile communication device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element. The application authentication element may include a pre-selected authentication element and transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may be received by the mobile communication device from the user. The mobile communication device may generate a secret token that is derived from the user authentication token. If the secret token is correlated to a secret reference token, then a transaction may be conducted.

13 Citations

View as Search Results

18 Claims

1. A method comprising:
- receiving, by a processor, an application authentication request;
  
  generating, by the processor, an application authentication element comprising a pre-selected authentication element;
  
  providing, by the processor, the application authentication element to a mobile communication device, the pre-selected authentication element of the application authentication element validating the authenticity of an application operating on the mobile communication device to a user; and
  
  receiving, by the processor, a user authentication request from the mobile communication device, the user authentication request indicating that the user has validated the authenticity of the application operating on the mobile communication device.
- View Dependent Claims (2, 3, 4, 5, 11, 12, 13, 14, 16, 17, 18)
- - 2. The method of claim 1 wherein the application authentication request is an application authentication request message from the mobile communication device and wherein providing the application authentication element to the mobile communication device further comprises sending an application authentication response message comprising the application authentication element to the mobile communication device.
  - 3. The method of claim 1 wherein the user authentication request includes a secret token, the secret token being generated by the mobile communication device using a user authentication token entered by the user, and wherein the method further comprises:
    - comparing the secret token to a secret reference token;
      
      authenticating the user by determining whether the secret token and the secret reference token are correlated; and
      
      sending a user authentication message to the mobile communication device, the user authentication message indicating that the user is authenticated for a transaction.
  - 4. The method of claim 3 wherein the user authentication token is received by the mobile communication device in the form of a swipe input by the user.
  - 5. The method of claim 1 wherein the application authentication element further comprises transaction data associated with a transaction conducted by the mobile communication device.
  - 11. The method of claim 3 further comprising:
    - after authenticating the user, sending a transaction authorization request message to an issuer associated with the user.
  - 12. The method of claim 1 wherein after providing the application authentication element to the mobile communication device, the application authentication element is displayed to the user on the mobile communication device.
  - 13. The method of claim 3, wherein the secret token is generated by the mobile communication device without the user'"'"'s knowledge.
  - 14. The method of claim 3 wherein the mobile communication device transmits the authentication message to an access device to initiate the transaction.
  - 16. The method of claim 3, wherein the secret token is derived from the user authentication token entered by the user.
  - 17. The method of claim 3, wherein the user authentication token is received by the mobile communication device in the form of one of a signature input by the user, a picture of a familiar item, and a voice input by the user.
  - 18. The method of claim 1, wherein the pre-selected authentication element is selected by the user during registration of a payment account.

6. An apparatus comprising:
- a processor and a non-transitory computer-readable storage medium coupled to the processor, the computer-readable storage medium comprising code which when executed by the processor implements a method comprising;
  
  receiving an application authentication request;
  
  generating an application authentication element comprising a pre-selected authentication element; and
  
  providing the application authentication element to a mobile communication device, the pre-selected authentication element of the application authentication element validating the authenticity of an application operating on the mobile communication device to a user; and
  
  receiving a user authentication request from the mobile communication device, the user authentication request indicating that the user has validated the authenticity of the application operating on the mobile communication device.
- View Dependent Claims (7, 8, 9, 10, 15)
- - 7. The apparatus of claim 6 wherein the apparatus is a server computer, and wherein receiving the application authentication request further comprises receiving an application authentication request message from a mobile communication device;
    - and wherein providing the application authentication element further comprises sending an application authentication response message comprising the application authentication element to the mobile communication device.
  - 8. The apparatus of claim 6 wherein the user authentication request includes a secret token, the secret token being generated by the mobile communication device using a user authentication token entered by the user, and wherein the method further comprises:
    - comparing the secret token to a secret reference token;
      
      authenticating the user by determining whether the secret token and the secret reference token are correlated; and
      
      sending a user authentication message to the mobile communication device, the user authentication message indicating that the user is authenticated for a transaction.
  - 9. The apparatus of claim 8 wherein the user authentication token is received by the mobile communication device in the form of a swipe input by the user.
  - 10. The apparatus of claim 6 wherein the application authentication request includes transaction data associated with a transaction and the application authentication element further comprises some of the transaction data.
  - 15. The apparatus of claim 6, wherein the method further comprises:
    - after authenticating the user, sending a transaction authorization request message to an issuer associated with the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Wilson, Dave William, Bourdillon, John Francis Benedict, Aabye, Christian
Primary Examiner(s)
Hewitt, II, Calvin L
Assistant Examiner(s)
SHERR, CRISTINA O

Application Number

US13/428,431
Publication Number

US 20120246079A1
Time in Patent Office

2,139 Days
Field of Search

705 67
US Class Current
CPC Class Codes

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/325   using wireless networks

G06Q 20/326   Payment applications instal...

G06Q 20/3265   characterised by personalis...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/384   using social networks

G06Q 20/40145   Biometric identity checks

H04L 63/0807   using tickets, e.g. Kerbero...

H04W 12/062   Pre-authentication

Authentication using application authentication element

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication using application authentication element

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links