Account-based digital signature (ABDS) system

US 20020129248A1
Filed: 03/11/2002
Published: 09/12/2002
Est. Priority Date: 11/09/1998
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating an entity by solely conducting message authentication by a receiving party with respect to an electronic communication that is received by the receiving party and that includes both a unique identifier associated with an account maintained by the receiving party and a digital signature for a message regarding the account, consisting of the steps of:

(a) before receipt of the electronic communication, first associating a public key of a public-private key pair with the unique identifier by the receiving party; and

thereafter (b) solely using the digital signature in the electronic communication and the public key associated with the account identifier to conduct message authentication, whereby the entity is authenticated solely by the message authentication.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating an entity by a receiving party with respect to an electronic communication that is received by the receiving party and that includes both a unique identifier associated with an account maintained by the receiving party and a digital signature for a message regarding the account, consists of the steps of, before receipt of the electronic communication, first associating by the receiving party a public key of a public-private key pair with the unique identifier and, thereafter, only conducting message authentication using the digital signature received by the receiving party in the electronic communication and the public key associated with the account identifier.

196 Citations

View as Search Results

87 Claims

1. A method of authenticating an entity by solely conducting message authentication by a receiving party with respect to an electronic communication that is received by the receiving party and that includes both a unique identifier associated with an account maintained by the receiving party and a digital signature for a message regarding the account, consisting of the steps of:
- (a) before receipt of the electronic communication, first associating a public key of a public-private key pair with the unique identifier by the receiving party; and
  
  thereafter (b) solely using the digital signature in the electronic communication and the public key associated with the account identifier to conduct message authentication, whereby the entity is authenticated solely by the message authentication.

2. A method of operating by a third party a database for accounts, information pertaining to each account being retrievable from the database based on a unique identifier for that account, comprising the steps of:
- (a) first associating by the third party a public key of a respective public-private key pair with each unique account identifier, and thereafter (b) performing entity authentication by the third party with respect to an electronic communication that is received by the third party and that includes both a unique account identifier and a digital signature for a message regarding the account associated with the unique account identifier, the entity authentication consisting of solely conducting message authentication only using the digital signature received in each electronic communication and the public key associated with the unique account identifier accompanying the digital signature.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87)
- - 3. The method of claim 2, wherein the third party is an account authority.
  - 4. The method of claim 2, wherein the third party is a financial institution.
  - 5. The method of claim 3, wherein one of the public keys associated with an account is obtained from an account holder for that account.
  - 6. The method of claim 3, wherein a public key associated with an account is obtained from a manufacturer of a device that generates digital signatures using the corresponding private key.
  - 7. The method of claim 3, wherein a public key associated with an account is obtained from a distributor of a device that generates digital signatures using the corresponding private key.
  - 8. The method of claim 2, wherein said step of associating a public key with a unique account identifier comprises recording the public key in a record of the account.
  - 9. The method of claim 2, wherein said step of associating a public key with a unique account identifier comprises indexing a record of the account in an account database by the public key.
  - 10. The method of claim 2, wherein the information includes an account number.
  - 11. The method of claim 2, wherein the information includes a current balance.
  - 12. The method of claim 2, wherein the information includes an available credit.
  - 13. The method of claim 2, wherein the information includes a list of associated accounts.
  - 14. The method of claim 2, wherein the information includes a name of an account holder.
  - 15. The method of claim 2, wherein the information includes an address of an account holder.
  - 16. The method of claim 2, wherein the information includes a social security number of an account holder.
  - 17. The method of claim 2, wherein the information includes a tax identification number of an account holder.
  - 18. The method of claim 2, wherein the information regards a device containing a private key corresponding to the public key.
  - 19. The method of claim 2, wherein the information includes security features of a device.
  - 20. The method of claim 2, wherein a digital signature is generated within a device.
  - 21. The method of claim 20, wherein the device comprises a personal computer.
  - 22. The method of claim 20, wherein the device comprises a cell phone.
  - 23. The method of claim 20, wherein the device comprises a PDA.
  - 24. The method of claim 20, wherein the device comprises an electronic key.
  - 25. The method of claim 20, wherein the device comprises a dongle.
  - 26. The method of claim 20, wherein the device comprises a subcutaneous device.
  - 27. The method of claim 20, wherein the device comprises a secure chip.
  - 28. The method of claim 20, wherein the device comprises jewelry.
  - 29. The method of claim 20, wherein the device comprises a smart card.
  - 30. The method of claim 20, wherein the device comprises a credit card.
  - 31. The method of claim 20, wherein the device comprises a debit card.
  - 32. The method of claim 20, wherein the device comprises a security card.
  - 33. The method of claim 20, wherein the device comprises an ID badge.
  - 34. The method of claim 20, wherein the device performs entity authentication based on what the entity using the device to generate the digital signature “
    - knows”
      
      as a function of verification data input into the device and data prestored within the device, and communicating a verifications status of the entity authentication to the third party without revealing the verification data or the prestored data.
  - 35. The method of claim 20, wherein the device performs entity authentication based on what the entity using the device to generate the digital signature “
    - knows”
      
      as a function of verification data input into the device and data prestored within the device, and communicating to the third party a verifications status out of a plurality of predefined verification statuses regarding entity authentication, at least one of the verification statuses representing a match between the verification data and the prestored data, and at least another of the verification statuses representing no match between the verification data and the prestored data.
  - 36. The method of claim 20, wherein the device performs entity authentication based on what the entity using the device to generate the digital signature “
    - is”
      
      as a function of verification data input into the device and data prestored within the device, and communicating a verifications status of the entity authentication to the third party without revealing the verification data or the prestored data.
  - 37. The method of claim 2, wherein a public-private key pair is generated on behalf of the third party.
  - 38. The method of claim 2, wherein the public-private key pair is generated on behalf of an account holder, and the public key is communicated to the third party for association with the account.
  - 39. The method of claim 38, wherein ownership of the account by the account holder is verified by the third party before associating the public key with the account.
  - 40. The method of claim 2, wherein the third party maintains one of the accounts for a sender of a particular one of the electronic communications.
  - 41. The method of claim 40, wherein the particular electronic communication is transmitted to the third party directly from the sender.
  - 42. The method of claim 40, wherein the particular electronic communication is transmitted to the third party from an intermediate party.
  - 43. The method of claim 40, wherein a message of a particular one of the electronic communications represents an instruction from the sender.
  - 44. The method of claim 43, further comprising executing the instruction upon successful authentication of the message associated with the particular electronic communication.
  - 45. The method of claim 44, wherein said step of executing the instruction is performed by the third party.
  - 46. The method of claim 43, wherein the instruction is an instruction on the account of the sender.
  - 47. The method of claim 46, wherein the account instruction is executed upon successful authentication of the message.
  - 48. The method of claim 47, wherein execution of the instruction is performed based solely on the successful authentication of the electronic message.
  - 49. The method of claim 47, wherein execution of the instruction comprises communicating a balance of the account.
  - 50. The method of claim 47, wherein execution of the instruction comprises debiting the account by a specified amount.
  - 51. The method of claim 47, wherein execution of the instruction comprises crediting the account by a specified amount.
  - 52. The method of claim 47, wherein execution of the instruction comprises transferring funds to another account.
  - 53. The method of claim 47, wherein execution of the instruction comprises granting access to a database.
  - 54. The method of claim 47, wherein execution of the instruction comprises granting access to a physical location such as a room, building, parking deck, and web site.
  - 55. The method of claim 47, wherein execution of the instruction comprises granting access to a data transmission such as pay per view, music download, and web broadcast.
  - 56. The method of claim 47, wherein execution of the instruction comprises providing a product.
  - 57. The method of claim 47, wherein execution of the instruction comprises providing a service.
  - 58. The method of claim 47, wherein execution of the instruction comprises making a monetary payment from the account.
  - 59. The method of claim 47, wherein execution of the instruction comprises transferring something of monetary value from the account.
  - 60. The method of claim 47, wherein execution of the instruction comprises transferring a security from the account.
  - 61. The method of claim 47, wherein execution of the instruction comprises authorizing a charge to the account.
  - 62. The method of claim 47, wherein execution of the instruction comprises transferring information from the account.
  - 63. The method of claim 2, wherein an electronic communication is transmitted over an open and insecure communications medium.
  - 64. The method of claim 63, wherein the communications medium comprises the Internet.
  - 65. The method of claim 63, wherein the electronic communication is not encrypted.
  - 66. The method of claim 63, wherein the electronic communication includes no personal information regarding an entity for which the account is maintained.
  - 67. The method of claim 63, wherein the electronic communication includes no account-identifying information other than the unique identifier of the account.
  - 69. The method of claim 68, wherein the first and second electronic communications each includes the unique account identifier of the first party, and wherein the third party utilizes the unique account identifier received in the second electronic communication to retrieve the public key of the first party for authenticating the message of the second electronic communication.
  - 70. The method of claim 68, wherein the unique account identifier of the first party comprises the public key of the first party.
  - 71. The method of claim 68, wherein the public key of the first party is included in the first electronic communication.
  - 72. The method of claim 71, wherein the public key of the first party is included in the second electronic communication.
  - 73. The method of claim 72, wherein the second electronic communication includes a digital signature of the second party for a message of the second party.
  - 74. The method of claim 73, wherein the message of the second party comprises instructions for making payment to the second party from the account of the first party maintained by the third party.
  - 75. The method of claim 73, wherein the second electronic communication includes a public key of the second party that may be used to decrypt the digital signature.
  - 76. The method of claim 68, wherein the third party makes payment to the second party on the account of the first party upon successful message authentication.
  - 77. The method of claim 68, wherein the third party communicates an electronic communication to the second party authorizing the instructed payment to the second party on the account of the first party.
  - 78. The method of claim 68, wherein the second party provides a service for the first party upon the learning of a successful authentication of the message by the third party.
  - 79. The method of claim 68, wherein the second party provides a product to the first party upon the learning of a successful authentication of the message by the third party.
  - 80. The method of claim 68, wherein the message includes an additional instruction.
  - 81. The method of claim 80, wherein the second party executes the additional instruction upon successful execution by the third party of the instruction.
  - 82. The method of claim 81, wherein the instruction executed by the third party comprises payment to an account of the intermediate party.
  - 83. The method of claim 82, wherein the additional instruction is sent in another electronic communication from the first party to the second party.
  - 84. The method of claim 82, wherein the additional instruction is included in the electronic communication sent from the first party to the second party.
  - 85. The method of claim 84, wherein the additional instruction is removed by the second party from the electronic communication and wherein the electronic communication is then forwarded by the second party to the third party.
  - 86. The method of claim 68, wherein the third party is a financial institution.
  - 87. The method of claim 68, wherein the second party is a merchant.

68. A method of making a financial payment by a first party to a second party on an account of the first party maintained by a third party, information pertaining to the account of the first party being retrievable from a database of the third party based on a unique identifier for that account, the method comprising the steps of:
- (a) associating by the third party a public key of a public-private key pair with the unique account identifier;
  
  (b) digitally signing by the first party a message including an instruction to make payment to the second party on the account of the first party, the digital signature being generated with a public key of the public-private key pair;
  
  (c) communicating by the first party the message and digital signature in a first electronic communication to the second party;
  
  (d) communicating by the second party the message and digital signature in a second electronic communication to the third party; and
  
  (e) upon receipt of the second electronic communication from the second party, performing by the third party entity authentication with respect to the first party, the entity authentication consisting of solely conducting message authentication using only said generated digital signature and the public key associated with the unique account identifier of the first party.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Wheeler, Lynn Henry, Wheeler, Anne M.

Granted Patent

US 7,127,606 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/388   using mutual authentication...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 20/403   Solvency checks

G06Q 20/40975   using encryption therefor

G06Q 40/02   Banking, e.g. interest calc...

G06Q 40/08   Insurance

G07F 7/1008   Active credit-cards provide...

G07F 7/1016 : Devices or methods for secu...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/88 : Medical equipments

H04L 63/0823 : using certificates cryptogr...

H04L 63/0861 : using biometrical features,...

H04L 63/12 : Applying verification of th...

H04L 63/126 : the source of the received ...

H04L 9/321 : involving a third party or ...

H04L 9/3247 : involving digital signatures

View All

Account-based digital signature (ABDS) system

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

196 Citations

87 Claims

Specification

Solutions

Use Cases

Quick Links

Account-based digital signature (ABDS) system

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

196 Citations

87 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links