Reputation system and method

US 10,867,326 B2
Filed: 12/09/2013
Issued: 12/15/2020
Est. Priority Date: 12/17/2012
Status: Active Grant

First Claim

Patent Images

1. A method for securing a transaction system using a reputation system, an end device having a security module, and a portable data carrier, the method comprising the steps of:

receiving, by the security module, data from the portable data carrier that proofs a digital identity stored in the security module;

storing, by the security module, authentication data and the digital identity, wherein the digital identity is associated with one or more digital pseudonyms;

accessing, by the security module, at least one digital pseudonym using the authentication data;

sending, by the security module, the digital identity or at least one digital pseudonym to the reputation system;

mutually authenticating with the portable data carrier by the security module and based on the mutual authentication creating a channel between the portable data carrier and the end device;

authenticating, by the security module, a user of the end device through the channel using the authentication data;

based on the authenticating of the user, sending, by the security module, the authentication data to the reputation system;

identifying, by the reputation system, a transaction associated with the user;

based on the identified transaction, updating, by the reputation system, a reputation value; and

sending, by the reputation system, the reputation value to the security module, wherein the reputation value is a rating of the user or of the reputation system, andwherein the reputation value is stored in the security module.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for securing a transaction in a reputation system includes the following steps: authenticating a user vis-à-vis an end device by means of an electronic proof of identity for releasing authentication data for the digital identity that are stored on the end device, and authenticating the digital pseudonym assigned to the user vis-à-vis the reputation system by means of the end device while employing the stored authentication data pertaining to the digital pseudonym. The electronic proof of identity can be present as an electronic identity card in the form of a portable data carrier.

Citations

8 Claims

1. A method for securing a transaction system using a reputation system, an end device having a security module, and a portable data carrier, the method comprising the steps of:
- receiving, by the security module, data from the portable data carrier that proofs a digital identity stored in the security module;
  
  storing, by the security module, authentication data and the digital identity, wherein the digital identity is associated with one or more digital pseudonyms;
  
  accessing, by the security module, at least one digital pseudonym using the authentication data;
  
  sending, by the security module, the digital identity or at least one digital pseudonym to the reputation system;
  
  mutually authenticating with the portable data carrier by the security module and based on the mutual authentication creating a channel between the portable data carrier and the end device;
  
  authenticating, by the security module, a user of the end device through the channel using the authentication data;
  
  based on the authenticating of the user, sending, by the security module, the authentication data to the reputation system;
  
  identifying, by the reputation system, a transaction associated with the user;
  
  based on the identified transaction, updating, by the reputation system, a reputation value; and
  
  sending, by the reputation system, the reputation value to the security module, wherein the reputation value is a rating of the user or of the reputation system, andwherein the reputation value is stored in the security module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein for authentication of the digital pseudonym with respect to the reputation system the following steps are carried out:
    - establishing the digital identity assigned to the digital pseudonym and, checking the digital identity.
  - 3. The method according to claim 2, wherein within the context of the authentication with respect to the reputation system the following further steps are carried out:
    - establishing the reputation value assigned to the digital identity, andassigning the reputation value to the digital pseudonym.
  - 4. The method according to claim 1, wherein the authentication data pertaining to the digital pseudonym are stored on the end device and/or on the portable data carrier, and checking the digital identity and assigning the reputation value are carried out by the reputation system.
  - 5. The method according to claim 1, wherein authenticating with respect to the reputation system is effected by a central entity of the reputation system when the reputation system comprises such a central entity, and a further security module of an arbitrary participant of the reputation system when the reputation system comprises no central entity.
  - 6. The method according to claim 1, wherein the end device and/or security module of the user derives a user-individual key from an electronic proof of identity stored in the portable data carrier within the context of authenticating the user, and within the context of authentication the following further steps are carried out:
    - transferring the user-individual key to the reputation system together with the authentication data pertaining to the digital identity by the end device, andchecking the assignment of the digital identity to the user-individual key by the reputation system.
  - 7. The method according to claim 1, further comprising:
    - forming a reputation profile of the user while taking into account different reputation values pertaining to digital identities of the user and respectively relating to different reputation systems.
  - 8. The method according to claim 1, wherein the reputation value is supplied by the security module of the user, a further security module and/or the central entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Inventors
Meister, Gisela, Wacker, Dirk, Wallhausser, Katharina
Primary Examiner(s)
Agwumezie, Chinedu C

Application Number

US14/652,737
Publication Number

US 20150332361A1
Time in Patent Office

2,563 Days
Field of Search

713202, 705 67
US Class Current
CPC Class Codes

G06Q 10/02   Reservations, e.g. for tick...

G06Q 20/384   using social networks

G06Q 20/385   using an alias or single-us...

G06Q 20/386   using messaging services or...

G06Q 20/4014   Identity check for transact...

G06Q 30/0609   Buyer or seller confidence ...

H04L 67/10   in which an application is ...

Reputation system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Reputation system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links