Authorizing radio frequency transactions using a keystroke scan

US 7,578,448 B2
Filed: 09/07/2007
Issued: 08/25/2009
Est. Priority Date: 07/10/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving a customer payment device transaction request, an encrypted customer payment device authentication code, and a unique customer payment device identification code from a radio frequency (RF) customer payment device, wherein the encrypted customer payment device authentication code is associated with a customer payment device authentication code;

decrypting the encrypted customer payment device authentication code using a unique customer payment device decryption key corresponding to the unique customer payment device identification code, to create a decrypted customer payment device authentication code;

authenticating the RF customer payment device in response to the decrypted customer payment device authentication code matching the customer payment device authentication code; and

authorizing the customer payment device transaction request in response to transaction keystroke scan sample data matching registered keystroke scan sample data, wherein the registered keystroke scan sample data is associated with the RF customer payment device and the registered keystroke scan sample data is created in response to verification of proffered keystroke scan sample data, and wherein the RF customer payment device is activated in response to the verification of the proffered keystroke scan sample data.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for registering biometric information for use in a transponder-reader system is disclosed. The method includes steps of detecting, verifying and storing a proffered biometric sample. During detecting, a sensor detects a proffered biometric to obtain a biometric sample. During the verifying step, the biometric sample is compared with other stored samples and/or other information. During the storing step, the biometric sample is stored on a database, for use by the transponder-reader system in authorizing transactions.

1447 Citations

21 Claims

1. A method comprising:
- receiving a customer payment device transaction request, an encrypted customer payment device authentication code, and a unique customer payment device identification code from a radio frequency (RF) customer payment device, wherein the encrypted customer payment device authentication code is associated with a customer payment device authentication code;
  
  decrypting the encrypted customer payment device authentication code using a unique customer payment device decryption key corresponding to the unique customer payment device identification code, to create a decrypted customer payment device authentication code;
  
  authenticating the RF customer payment device in response to the decrypted customer payment device authentication code matching the customer payment device authentication code; and
  
  authorizing the customer payment device transaction request in response to transaction keystroke scan sample data matching registered keystroke scan sample data, wherein the registered keystroke scan sample data is associated with the RF customer payment device and the registered keystroke scan sample data is created in response to verification of proffered keystroke scan sample data, and wherein the RF customer payment device is activated in response to the verification of the proffered keystroke scan sample data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the verification of the proffered keystroke scan sample data comprises comparing the proffered keystroke scan sample data with stored keystroke scan sample data.
  - 3. The method of claim 2, wherein the comparing the proffered keystroke scan sample data with the stored keystroke scan sample data comprises comparing the proffered keystroke scan sample data with at least one of authorized or unauthorized keystroke scan sample data.
  - 4. The method of claim 1, wherein the verification of the proffered keystroke scan sample data includes verification of the proffered keystroke scan sample data using at least one of a protocol/sequence controller or a third-party security vendor.
  - 5. The method of claim 1, wherein the verification of the proffered keystroke scan sample data comprises comparing the proffered keystroke scan sample data with verification keystroke scan sample data received from the RF customer payment device.
  - 6. The method of claim 1, wherein the RF customer payment device is associated with a user identifier comprising at least one of:
    - personal information, financial information, loyalty point information, employee information, employer information, medical information, or family information.
  - 7. The method of claim 1, further comprising:
    - receiving an encrypted customer payment device account code from the RF customer payment device;
      
      decrypting the encrypted customer payment device account codes using the unique customer payment device decryption key, to create a decrypted customer payment device account code; and
      
      transmitting the decrypted customer payment device account code for processing.
  - 8. The method of claim 7, further comprising:
    - receiving a reader authentication code from the RF customer payment device;
      
      encrypting the reader authentication code using a reader encryption key corresponding to a reader, to create an encrypted reader authentication code; and
      
      transmitting the encrypted reader authentication code to the RF customer payment device for authentication of the reader.

9. An authorized sample receiver (ASR) comprising:
- an RF Identification (RFID) reader configured to receive a customer payment device transaction request from an RF customer payment device; and
  
  means for authorizing the customer payment device transaction request in response to transaction keystroke scan sample data matching registered keystroke scan sample data, wherein the registered keystroke scan sample data is associated with the RF customer payment device and the registered keystroke scan sample data is created in response to verification of proffered keystroke scan sample data, and wherein the RF customer payment device is activated in response to the verification of the proffered keystroke scan sample data;
  
  wherein the ASR is configured to transmit a customer payment device authentication code to the RF customer payment device, receive an encrypted customer payment device authentication code from the RF customer payment device, and decrypt the encrypted customer payment device authentication code using a unique customer payment device decryption key to facilitate authentication of the RF customer payment device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. The ASR of claim 9, further comprising:
    - a plurality of customer payment device-specific decryption keys;
      
      means for selecting the unique customer payment device decryption key from the plurality of customer payment device-specific decryption keys by associating a unique customer payment device identification code with the unique customer payment device decryption key, wherein the RFID reader is configured to receive an encrypted customer payment device account code and the unique customer payment device identification code from the RF customer payment device; and
      
      means for decrypting the encrypted customer payment device account code using the unique customer payment device decryption key, to create a decrypted customer payment device account code.
  - 11. The ASR of claim 9, further comprising a USB interface configured to communicate with the RF customer payment device.
  - 12. The ASR of claim 11, wherein the USB interface is further configured to personalize the RF customer payment device.
  - 13. The ASR of claim 10, wherein the decrypted customer payment device account code comprises a customer payment device account number in a magnetic stripe format configured to be transmitted to a Point of Sale (POS) device and processed under a business as usual standard of a merchant.
  - 14. The ASR of claim 9, further comprising an RFID reader PIN interface configured to receive a secondary verification.
  - 15. The ASR of claim 9, further configured to receive an ASR authentication code from the RF customer payment device, encrypt the ASR authentication code to create an encrypted ASR authentication code, and transmit the encrypted ASR authentication code to the RF customer payment device to facilitate authentication of the ASR.
  - 16. The ASR of claim 9, further comprising a communications device configured to receive second keystroke scan sample data associated with the RF customer payment device, wherein the proffered keystroke scan sample data is verified in response to the proffered keystroke scan sample data matching the second keystroke scan sample data.
  - 17. The ASR of claim 9, further comprising a keystroke scan sensor configured with at least one of:
    - an electronic sensor, an optical sensor, or a keyboard.
  - 18. The ASR of claim 9, further comprising a keystroke scan sensor configured to detect and verify keystroke scan characteristics including at least one of:
    - behavioral, temporal, or physical characteristics.
  - 19. The ASR of claim 9, further comprising a keystroke scan sensor associated with at least one of:
    - a local database, a remote database, a portable storage device, a host system, an issuer system, a merchant system, a fob issuer system, an employer, a financial institution, a non-financial institution, a loyalty point provider, a company, a military entity, a government entity, a school, a travel entity, a transportation authority, or a security company.

20. A radio frequency (RF) customer transaction device comprising:
- means for activating in response to verification of proffered keystroke scan sample data;
  
  means for transmitting a customer transaction device transaction request and transaction keystroke scan sample data to an RF Identification (RFID) reader, wherein registered keystroke scan sample data is created in response to the verification of the proffered keystroke scan sample data; and
  
  means for receiving an authorization of the customer transaction device transaction request in response to the transaction keystroke scan sample data matching the registered keystroke scan sample data associated with the RF customer transaction device;
  
  wherein the customer transaction device transaction request comprises a unique customer transaction device identification code and an encrypted customer transaction device account code, and wherein the encrypted customer transaction device account code is decrypted using one of a plurality of unique customer transaction device decryption keys from a database of the RFID reader.

21. A computer-readable medium having stored thereon a plurality of instructions configured to cause an authorized sample receiver to perform a method, the plurality of instructions comprising:
- instructions to receive a customer payment device transaction request, an encrypted customer payment device authentication code, and a unique customer payment device identification code from an RF customer payment device, wherein the encrypted customer payment device authentication code is associated with a customer payment device authentication code;
  
  instructions to decrypt the encrypted customer payment device authentication code using a unique customer payment device decryption key corresponding to the unique customer payment device identification code, to create a decrypted customer payment device authentication code;
  
  instructions to authenticate the RF customer payment device in response to the decrypted customer payment device authentication code matching the customer payment device authentication code; and
  
  instructions to authorize the customer payment device transaction request in response to transaction keystroke scan sample data matching registered keystroke scan sample data, wherein the registered keystroke scan sample data is associated with the RF customer payment device and the registered keystroke scan sample data is created in response to verification of proffered keystroke scan sample data, and wherein the RF customer payment device is activated in response to the verification of the proffered keystroke scan sample data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Xatra Fund MX LLC (Intellectual Ventures LLC)
Inventors
Gray, William J, Fields, Seth W, Bonalle, David S, Beenau, Blayn W, Saunders, Peter D, Montgomery, Joshua L, Larkin, Carl
Primary Examiner(s)
WALSH, DANIEL I

Application Number

US11/851,623
Publication Number

US 20080015941A1
Time in Patent Office

718 Days
Field of Search

235/487, 235/492, 235/493, 235/435, 235/449, 235/451, 340/572.1, 340/10.1, 340/5.52
US Class Current

235/487
CPC Class Codes

G06F 18/00   Pattern recognition

G06Q 20/00   Payment architectures, sche...

G06Q 20/04   Payment circuits

G06Q 20/105   involving programming of a ...

G06Q 20/14   specially adapted for billi...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/28   Pre-payment schemes, e.g. "...

G06Q 20/326   Payment applications instal...

G06Q 20/327   Short range or proximity pa...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/342   Cards defining paid or bill...

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/388   using mutual authentication...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 30/0225 : Avoiding frauds

G06V 40/10 : Human or animal bodies, e.g...

G06V 40/14 : Vascular patterns

G06V 40/40 : Spoof detection, e.g. liven...

G07C 9/257 : electronically G07C9/26 tak...

G07C 9/26 : using a biometric sensor in...

G07C 9/28 : the pass enabling tracking ...

G07C 9/29 : the pass containing active ...

G07F 7/025 : by means, e.g. cards, provi...

G07F 7/1008 : Active credit-cards provide...

G07G 1/14 : Systems including one or mo...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/805 : Lightweight hardware, e.g. ...

H04L 9/321 : involving a third party or ...

H04L 9/3231 : Biological data, e.g. finge...

View All

Authorizing radio frequency transactions using a keystroke scan

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

1447 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Authorizing radio frequency transactions using a keystroke scan

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1447 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others