Onetime Passwords For Mobile Wallets

US 20090104888A1
Filed: 10/17/2007
Published: 04/23/2009
Est. Priority Date: 10/17/2007
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a mobile device including a near field communications (NFC) transponder and a mobile wallet, wherein the mobile device is configured to maintain at least one set of information related to a financial account in the mobile wallet and communicate at least a subset of the information related to the financial account via the NFC transponder when performing a transaction; and

a mobile wallet server configured to communicate with a communication network and comprising a password generator that generates passwords at predetermined intervals and communicates passwords to the mobile device through a communication network.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile wallet and network system using onetime passwords for authentication is disclosed according to one embodiment of the invention. A onetime password may be generated at a mobile wallet server and transmitted to the mobile device. The onetime password may then be used to authenticate the user of the mobile wallet when completing a transaction. Authentication may require entry of the onetime password and confirmation that the onetime password entered matches the onetime password sent by the mobile wallet server. In other embodiments of the invention, a mobile wallet and a mobile wallet server are in sync and each generate the same onetime password at the same time. These onetime passwords may then be used to authenticate the user of the mobile wallet.

456 Citations

24 Claims

1. A system comprising:
- a mobile device including a near field communications (NFC) transponder and a mobile wallet, wherein the mobile device is configured to maintain at least one set of information related to a financial account in the mobile wallet and communicate at least a subset of the information related to the financial account via the NFC transponder when performing a transaction; and
  
  a mobile wallet server configured to communicate with a communication network and comprising a password generator that generates passwords at predetermined intervals and communicates passwords to the mobile device through a communication network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system according to claim 1, wherein the mobile wallet maintains information related to a plurality of financial accounts.
  - 3. The system according to claim 1, wherein the mobile device is configured to receive a password from the mobile wallet server and to communicate the password to a point of sale (POS) device.
  - 4. The system according to claim 1, wherein the password generator generates random passwords.
  - 5. The system according to claim 1, wherein mobile wallet server stores the passwords saved by the password generator.
  - 6. The system according to claim 1, further comprising:
    - a POS device comprising an NFC transponder, wherein the POS device receives an account number and a password from the mobile device through the NFC transponder; and
      
      an acquirer system communicably coupled with the POS device and the mobile wallet generator, wherein the acquirer system receive the account number and the password from the POS device and confirms the validity of the password.

7. A wireless telephone comprising:
- a near field communications (NFC) transponder;
  
  a mobile wallet, wherein the mobile wallet maintains information related to at least one financial account; and
  
  an antenna communicably coupled to a wireless network, wherein the wireless telephone receives at least one password from a service provider through the antenna,wherein the wireless telephone is configured to;
  
  receive at least one password from a service provider; and
  
  communicate at least a portion of the account information in the mobile wallet including the password to a POS device through the NFC transponder.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The wireless telephone according to claim 7, wherein the wireless telephone is configured to receive more than one password from a service provider at predetermined intervals.
  - 9. The wireless telephone according to claim 8, wherein each password is maintained by the mobile wallet.
  - 10. The wireless telephone according to claim 7, wherein the password is received in response to a request for a password from the wireless telephone through the antenna.
  - 11. The wireless telephone according to claim 10, wherein the request is initiated by the user of the wireless telephone.
  - 12. The wireless telephone according to claim 10, wherein the request is initiated in response to performing a transaction.

13. A wireless telephone comprising:
- a near field communications (NFC) transponder;
  
  a mobile wallet, wherein the mobile wallet maintains information related to at least one financial account; and
  
  a password generator that automatically generates a password for the at least on financial account at predetermined intervals,wherein the password is maintained by the mobile wallet and the mobile telephone is configured to communicate at least a portion of the account information in the mobile wallet including the password to a POS device through the NFC transponder; and
  
  display the onetime password to a user.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The wireless telephone according to claim 13, wherein the password generator comprises a random number generator.
  - 15. The wireless telephone according to claim 13, wherein the predetermined interval is between about 60 seconds and 7 days.
  - 16. The wireless telephone according to claim 13, wherein the password is communicated to an acquirer system.
  - 17. The wireless telephone according to claim 13, wherein the password is communicated to an acquirer system through a service provider.

18. A wireless telephone service provider system comprising:
- a mobile wallet network connection that is adapted to receives a password and a wireless telephone identifier from a mobile wallet server; and
  
  a wireless telephone network connection that is adapted to communicate the password to a wireless telephone associated with the wireless telephone identifier.
- View Dependent Claims (19, 20, 21)
- - 19. The wireless telephone service provider system according to claim 18, wherein the mobile wallet network connection is adapted to receive a unique password at predetermined intervals.
  - 20. The wireless telephone service provider system according to claim 19, wherein the predetermined interval is between about 60 seconds and 7 days.
  - 21. The wireless telephone service provider according to claim 18, wherein the wireless telephone service provider receives a password request from a wireless telephone through the wireless telephone network connection and forwards a password request to the mobile wallet server through the mobile wallet network connection.

22. A method for authenticating a onetime password, wherein the method comprises:
- generating a first onetime password;
  
  storing the first onetime password in association with a mobile device identifier and an account number;
  
  transmitting the first onetime password to a mobile device;
  
  receiving a second onetime password from a merchant, wherein the second onetime password is associated with an account number;
  
  retrieving the first onetime password using the account number;
  
  comparing the first onetime password and the second onetime password; and
  
  sending a positive authentication message to the merchant if the first onetime password matches the second onetime password.
- View Dependent Claims (23, 24)
- - 23. The method according to claim 22, wherein the merchant receives the second onetime password from a mobile device through a point of sale device.
  - 24. The method according to claim 22, the merchant receives the second onetime password from a user using the mobile device over the Internet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Cox, Christopher T.

Granted Patent

US 8,565,723 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/410
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2115   Third party

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/40   Authorisation, e.g. identif...

G07F 7/122   Online card verification

Onetime Passwords For Mobile Wallets

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

456 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Onetime Passwords For Mobile Wallets

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

456 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others