Method and system for securing transactions made through a mobile communication device

US 8,290,433 B2
Filed: 11/14/2007
Issued: 10/16/2012
Est. Priority Date: 11/14/2007
Status: Active Grant

First Claim

Patent Images

1. A method for transmitting data between a mobile communication device and a management server, the method comprising:

executing a mobile application at the mobile communication device, the mobile application hosted at the mobile communication device;

exchanging data associated with the mobile application between the mobile communication device and the management server wherein transmission of the data between the mobile communication device and the server is monitored through the server and wherein the mobile application permits a user to conduct a contactless payment transaction, comprising ofexecuting a payment application on a processor of a secure element that is coupled to the mobile communication device, the secure element including;

a memory storing the payment application and payment credentials, the execution of the payment application facilitating the transfer of the payment credentials with the remote Point-Of-Sale terminal,the processor of the secure element, wherein the processor is configured for near field communication, and further wherein the processor executes the payment application stored in the memory;

a wireless transceiver that sends transaction data including the payment credentials associated with the executed payment application through a second communication channel to the remote Point-Of Sale terminal, the second communication channel being different from a first communication channel through which the mobile communication device communicates voice data, the payment application executed in response to a near field communication induction-based trigger from the remote Point-Of-Sale terminal;

wirelessly transmitting transaction data associated with the executed payment application through the second communication channel to the remote Point-Of-Sale terminal using the wireless transceiver;

receiving manual user authentication at the remote Point-Of-Sale terminal if the remote Point-Of-Sale terminal determines authentication is required and prompts the user for authentication wherein authentication is performed by a remote server after the payment application has been triggered by the remote terminal and after payment credentials have been transferred to remote terminal, but prior to the payment being processed.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for transmitting data between a mobile communication device and a server. The method includes running a mobile application on the mobile communication device. The mobile application is hosted on the mobile communication device through the server as a Software as a Service (SaaS). The method further includes transmitting data associated with the mobile application between the mobile communication device and the server, in which transmission of the data between the mobile communication device and the server is monitored through the server.

117 Citations

42 Claims

1. A method for transmitting data between a mobile communication device and a management server, the method comprising:
- executing a mobile application at the mobile communication device, the mobile application hosted at the mobile communication device;
  
  exchanging data associated with the mobile application between the mobile communication device and the management server wherein transmission of the data between the mobile communication device and the server is monitored through the server and wherein the mobile application permits a user to conduct a contactless payment transaction, comprising ofexecuting a payment application on a processor of a secure element that is coupled to the mobile communication device, the secure element including;
  
  a memory storing the payment application and payment credentials, the execution of the payment application facilitating the transfer of the payment credentials with the remote Point-Of-Sale terminal,the processor of the secure element, wherein the processor is configured for near field communication, and further wherein the processor executes the payment application stored in the memory;
  
  a wireless transceiver that sends transaction data including the payment credentials associated with the executed payment application through a second communication channel to the remote Point-Of Sale terminal, the second communication channel being different from a first communication channel through which the mobile communication device communicates voice data, the payment application executed in response to a near field communication induction-based trigger from the remote Point-Of-Sale terminal;
  
  wirelessly transmitting transaction data associated with the executed payment application through the second communication channel to the remote Point-Of-Sale terminal using the wireless transceiver;
  
  receiving manual user authentication at the remote Point-Of-Sale terminal if the remote Point-Of-Sale terminal determines authentication is required and prompts the user for authentication wherein authentication is performed by a remote server after the payment application has been triggered by the remote terminal and after payment credentials have been transferred to remote terminal, but prior to the payment being processed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The method of claim 1, wherein transmitting data includes use of a session key that is only valid for a given communication session between the mobile communication device and the management server.
  - 3. The method of claim 2, further comprising disabling use of the mobile application executing at the mobile communication device as a result of the management server invalidating the session key.
  - 4. The method of claim 2, further comprising timing out a given communication session between the mobile communication device and the management server after a pre-determined amount of time to prevent access to data that is otherwise accessible through execution of the mobile application.
  - 5. The method of claim 4, wherein the timing out of the communication session results from server inactivity.
  - 6. The method of claim 4, wherein the timing out of the communication results from inactivity related to execution of the mobile application.
  - 7. The method of claim 2, wherein the session key is generated anew each time the mobile communication device commences a session with the management server.
  - 8. The method of claim 7, wherein the session key is validated during each server call of the session.
  - 9. The method of claim 8, wherein validation of the session key is required prior to permitting the user to conduct the transaction using the data.
  - 10. The method of claim 9, wherein a failure to validate the session key prevents subsequent NFC transactions.
  - 11. The method of claim 1, wherein transmitting data between the mobile communication device and the management server includes prompting a user to enter a payment limit PIN in response to a purchase exceeding a pre-determined amount.
  - 12. The method of claim 11, wherein the payment limit PIN is globally applied to all purchases.
  - 13. The method of claim 11, wherein the payment limit PIN is applied to purchases on a per-payment method basis.
  - 14. The method of claim 1, wherein the mobile application is executable to permit a user to further perform one or more of a transaction involving ticketing, Internet commerce, the storage of a digital artifact, the storage of payment information, the storage of banking information, or accessing a banking service.
  - 15. The method of claim 14, wherein the mobile application is executable to permit a user to separately subscribe to each of the services.
  - 16. The method of claim 1, wherein controlling access to the data includes the mobile application deleting cached data from the mobile communication device.
  - 17. The method of claim 16, wherein flushing cached data from the mobile communication device includes deleting all contents of the secure element.
  - 18. The method of claim 1, wherein controlling access to the data includes the mobile application temporarily or permanently disabling the secure element.
  - 19. The method of claim 18, wherein disabling the secure element prevents NFC payments.
  - 20. The method of claim 18, wherein disabling the secure element prevents NFC coupon redemption.
  - 21. The method of claim 18, where disabling the secure element prevents NFC ticket redemption.
  - 22. The method of claim 1, further comprising generating a request for a user PIN to utilize data stored at the secure element, the PIN request generated through execution of the mobile application.
  - 23. The method of claim 1, further comprising prompting a user for biometric data before permitting the user to conduct a transaction requiring data.
  - 24. The method of claim 1, further comprising prompting a user for multifactor authentication before permitting the user to conduct a transaction requiring data.
  - 25. The method of claim 1, wherein a transaction requiring data requires a security code associated with a payment method.
  - 26. The method of claim 25, further comprising storing the security code at the mobile device and decrypting the security code using an encryption key stored at the management server prior to conducting the transaction requiring data.
  - 27. The method of claim 25, further comprising storing the security code and encryption key at the mobile communication device.
  - 28. The method of claim 27, further comprising decrypting the security code prior to conducting the transaction requiring data.

29. A communication system comprising:
- a management server; and
  
  a mobile communication device that runs a mobile application permitting a user to;
  
  exchange data associated with the mobile application to the management server, the mobile application hosted at the mobile communication device, through a management server wherein transmission of the data between the mobile communication device and the server is monitored through the server and wherein the mobile application permits a user to conduct a contactless payment transaction comprising ofa payment application on a processor of a secure element that is coupled to the mobile communication device, the secure element including;
  
  a memory storing the payment application and payment credentials, the execution of the payment application facilitating the transfer of the payment credentials with the remote Point-Of-Sale terminal,the processor of the secure element, wherein the processor is configured for near field communication, and further wherein the processor executes the payment application stored in the memorya wireless transceiver that sends transaction data including the payment credentials associated with the executed payment application through a second communication channel to the remote Point-Of-Sale terminal, the second communication channel being different from a first communication channel through which the mobile communication device communicates voice data, the payment application executed in response to a near field communication induction-based trigger from the remote Point-Of-Sale terminal; and
  
  wirelessly transmitting transaction data associated with the executed payment application through the second communication channel to the remote Point-Of-Sale terminal using the transceiver;
  
  receiving manual user authentication at the remote Point-Of-Sale terminal if the remote Point-Of-Sale terminal determines authentication is required and prompts the user for authentication wherein authentication is performed by a remote server after the payment application has been triggered by the remote terminal and after payment credentials have been transferred to remote terminal, but prior to the payment being processed.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 30. The communication system of claim 29, wherein the management server generates a session key that is only valid for a given communication session between the mobile communication device and the management server.
  - 31. The communication system of claim 30, wherein the management server disables use of the mobile application running on the mobile communication device by invalidating the session key.
  - 32. The system of claim 30, wherein the session key is generated anew each time the mobile communication device commences a new session with the management server.
  - 33. The system of claim 32, wherein the session key is validated during each server call of the session.
  - 34. The system of claim 33, wherein validation of the session key is required prior to permitting the user to conduct the transaction using the data.
  - 35. The system of claim 34, wherein a failure to validate the session key prevents subsequent NFC transactions.
  - 36. The communication system of claim 29, wherein the management server times out a given communication session between the mobile communication device and the management server after a pre-determined amount of time to prevent access to data that is otherwise accessible through the mobile application.
  - 37. The communication system of claim 36, wherein the time-out results from inactivity at the management server.
  - 38. The communication system of claim 36, wherein the time-out results from inactivity related to the mobile application at the mobile communication device.
  - 39. The communication system of claim 29, wherein the mobile application is executable to permit a user to further perform one or more of the following services including ticketing, Internet commerce, the storage of a digital artifact, the storage of payment information, the storage of banking information, or accessing a banking service.
  - 40. The communication system of claim 29, wherein the mobile communication device is a cellular phone or a wireless personal digital assistant (PDA).
  - 41. The communication system of claim 29, wherein the mobile application data deletes cached data from the memory of the mobile communication device.
  - 42. The communication system of claim 29, wherein data the mobile application to temporarily or permanently disable the secure element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blaze Mobile, Inc. (iWin, Inc.)
Original Assignee
Blaze Mobile, Inc. (iWin, Inc.)
Inventors
Fisher, Michelle, Guha, Rathin
Primary Examiner(s)
Zewdu, Meless N
Assistant Examiner(s)
PLATA, EDD RIANNE L

Application Number

US11/939,821
Publication Number

US 20090124234A1
Time in Patent Office

1,798 Days
Field of Search

455/411, 455/556.2, 455/41.1, 455/1.2, 455/418, 455/420, 705/16, 705/17, 705/39, 705/40
US Class Current

455/41.1
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/102   Bill distribution or payments

G06Q 20/108   Remote banking, e.g. home b...

G06Q 20/3223   Realising banking transacti...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/326   Payment applications instal...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/401   Transaction verification

G06Q 30/0238   at point-of-sale [POS]

H04B 5/72   for local intradevice commu...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/102   Entity profiles

H04W 12/062   Pre-authentication

H04W 12/068   using credential vaults, e....

H04W 12/082 : using revocation of authori...

H04W 4/80 : Services using short range ...

H04W 88/06 : adapted for operation in mu...

View All

Method and system for securing transactions made through a mobile communication device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

117 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for securing transactions made through a mobile communication device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

117 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links