TRANSACTION AUTHENTICATION BASED ON CONTEXTUAL DATA PRESENTATION

US 20180109386A1
Filed: 10/14/2016
Published: 04/19/2018
Est. Priority Date: 10/14/2016
Status: Active Grant

First Claim

Patent Images

1. A method of producing a message in connection with a detected transaction, the method comprising:

receiving transaction information that describes details of the detected transaction;

receiving user-provided contextual information that describes a context of the detected transaction;

producing at least one digital signature based on a combination of the transaction information and the user-provided contextual information; and

transmitting the digital signature in a message to a server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, devices, and systems are provided for approving a transaction through an exchange of presented user contextual approval information and approval decryption. The user contextual approval information is generated by a user during a transaction, cryptographically signed, and provided to a transaction server. The user contextual data uniquely describes the transaction to the user and can be employed to aid a user in approving or validating the transaction in a subsequent approval action. In particular, a transaction may present the contextual approval information to a user in the form of an approval challenge message. The approval challenge message may be sent to a known user device via the transaction server in the form of a text or multi-media message. The user may respond to the message with an approval or denial response.

22 Citations

View as Search Results

21 Claims

1. A method of producing a message in connection with a detected transaction, the method comprising:
- receiving transaction information that describes details of the detected transaction;
  
  receiving user-provided contextual information that describes a context of the detected transaction;
  
  producing at least one digital signature based on a combination of the transaction information and the user-provided contextual information; and
  
  transmitting the digital signature in a message to a server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the at least one digital signature comprises a first cryptographic signature of the transaction information and a second cryptographic signature of the user-provided contextual information.
  - 3. The method of claim 1, wherein the at least one digital signature comprises a cryptographic signature of the transaction information as well as the user-provided contextual information.
  - 4. The method of claim 1, wherein the user-provided contextual information comprises a description of the transaction generated by a person that initiated the detected transaction.
  - 5. The method of claim 1, wherein the server forwards at least a portion of the message to a user of a user device, wherein the at least a portion of the message forwarded includes a request for the user to verify the detected transaction and further provides a description of the user-provided contextual information.
  - 6. The method of claim 5, wherein the at least a portion of the message forwarded includes a rule violation trigger.
  - 7. The method of claim 6, wherein the user approval or disapproval includes an approval/disapproval for the rule violation.
  - 8. The method of claim 1, wherein the message is formatted for delivery to a social media profile associated with a person that initiated the detected transaction such that the social media profile associated with the person that initiated the detected transaction displays the transaction information and/or the user-provided contextual information.
  - 9. The method of claim 1, wherein the message is transmitted in one or more communication packets over a packet-based communication network.
  - 10. The method of claim 1, further comprising:
    - generating a template that includes automatically generated text based on the detected transaction;
      
      allowing a person that initiated the transaction to edit the template with additional custom information; and
      
      including the edited template as part of the user-provided contextual information.

11. A server, comprising:
- a processor; and
  
  a computer-readable storage medium having instructions stored thereon that, when executed by the processor, cause the processor to;
  
  receive transaction information describing details of a detected transaction;
  
  receive contextual information describing a custom user-provided context for the detected transaction; and
  
  transmit a cryptographically signed and/or encrypted challenge message including the custom user-provided context to a user device.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The server of claim 11, wherein the processor is further caused to:
    - receive a signed and encrypted response to the challenge message, wherein the response includes an approval or denial of the detected transaction based on the custom user-provided context.
  - 13. The server of claim 11, wherein the processor is further caused to:
    - receive a signed and encrypted response to the challenge message; and
      
      decrypt and verify the received signed and encrypted response.
  - 14. The server of claim 11, wherein the cryptographically signed and/or encrypted challenge message including the custom user-provided context is configured for presentation to a display of the user device.
  - 15. The server of claim 11, wherein the cryptographically signed and/or encrypted challenge message excludes information about the transaction other than the custom user-provided context.
  - 16. The server of claim 15, wherein the processor is further caused to:
    - receive a response to the challenge message, wherein the response includes an inquiry requesting more information regarding the transaction detected before approval of the transaction is allowed.
  - 17. The server of claim 16, wherein in response to receiving the inquiry requesting more information regarding the transaction detected, the processor is further caused to:
    - transmit transaction information previously excluded from the cryptographically signed and/or encrypted challenge message in a subsequent cryptographically signed and encrypted challenge message.

18. A method, comprising:
- detecting, at a transaction server, a transaction initiated by a first user device communicatively connected to the transaction server;
  
  determining, by the transaction server, a user-provided context describing the transaction detected;
  
  determining, by the transaction server, a second user device associated with the transaction detected;
  
  signing, by the transaction server, the user-provided context data describing the transaction; and
  
  transmitting, by the transaction server, a message to the second user device, the message including the signed user-provided context data describing the transaction.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, wherein the transaction is initiated by a first user via the first user device and the second user device is associated with a second user, and wherein the second user is different from the first user.
  - 20. The method of claim 18, wherein the user-provided context describing the transaction is provided by a first user and the user-provided context identifies the transaction only to the first user.
  - 21. The method of claim 18, wherein transmitting the user-provided context describing the transaction includes posting the user-provided context to a social networking web site, and wherein the user-provided context is included as part of a template configured to present the user-provided context with at least one preceding template text or following template text.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Khan, Milan, Guyomarc'h, Franois-Eric Michel, Holland, James William

Granted Patent

US 10,560,273 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/3223   Realising banking transacti...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/3825   Use of electronic signatures

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/405   Establishing or using trans...

G06Q 2220/00   Business processing using c...

G06Q 50/01   Social networking

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/68   Special signature format, e...

H04L 63/123   received data contents, e.g...

H04L 9/3247   involving digital signatures

H04L 9/3271   using challenge-response

TRANSACTION AUTHENTICATION BASED ON CONTEXTUAL DATA PRESENTATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

TRANSACTION AUTHENTICATION BASED ON CONTEXTUAL DATA PRESENTATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links