Biometric authentication of mobile financial transactions by trusted service managers
First Claim
1. A method for authenticating a financial transaction, the method comprising:
- storing credentials of a user in a first secure element (SE) of a data communication device of the user, the credentials including user biometric authentication data and data for authenticating financial transactions of the user by a trusted service manager (TSM); and
storing an application program in a second SE of device separate from the first SE, wherein the first SE is operable in response to a request from the application program to verify the user'"'"'s identity from a biometric trait of the user input to the device,generate data authenticating the financial transaction by the TSM upon verifying the user'"'"'s identity, andtransmit the authenticating data to the second SE; and
the application program is operable when invoked by the user to prompt the user to input the biometric trait into the device,request verification of the biometric trait and authentication of the financial transaction by the TSM from the first SE, andgenerate transaction instruction codes to effect and authenticate the financial transaction by the TSM upon receipt of the authenticating data from the first SE.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating a financial transaction at a point of sale (POS) includes storing an application program in a first secure element of a mobile phone. The application is configured to generate instruction codes to effect the financial transaction upon verification of a user'"'"'s identity. The user'"'"'s credentials are stored in a second SE of the phone, which is operable to verify the user'"'"'s identity from a biometric trait of the user input to the phone and to generate data authenticating the financial transaction in response to the verification of the user'"'"'s identity. At the POS, the user invokes the application and then inputs a biometric trait to the phone. The second SE verifies the user'"'"'s identity, and upon verification, generates data authenticating the transaction. The financial transaction data, including the instruction codes and the authenticating data, are then transmitted from the phone to the POS.
33 Citations
20 Claims
-
1. A method for authenticating a financial transaction, the method comprising:
-
storing credentials of a user in a first secure element (SE) of a data communication device of the user, the credentials including user biometric authentication data and data for authenticating financial transactions of the user by a trusted service manager (TSM); and storing an application program in a second SE of device separate from the first SE, wherein the first SE is operable in response to a request from the application program to verify the user'"'"'s identity from a biometric trait of the user input to the device, generate data authenticating the financial transaction by the TSM upon verifying the user'"'"'s identity, and transmit the authenticating data to the second SE; and the application program is operable when invoked by the user to prompt the user to input the biometric trait into the device, request verification of the biometric trait and authentication of the financial transaction by the TSM from the first SE, and generate transaction instruction codes to effect and authenticate the financial transaction by the TSM upon receipt of the authenticating data from the first SE. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for authenticating a financial transaction, the apparatus comprising:
-
a data communication device of a user, the device having separate first and second secure elements (SEs), the first SE storing credentials of the user, including data for authenticating financial transactions of the user by a third party trusted service manager (TSM), the second SE storing an application program, the first SE being operable in response to a request from the application program to verify the user'"'"'s identity from a biometric trait of the user input to the device, generate data authenticating the financial transaction upon verifying of the user'"'"'s identity, and transmit the authenticating data to the second SE; and the application program being operable when invoked by the user to prompt the user to input the biometric trait into the device, request verification of the biometric trait and authentication of the financial transaction from the first SE, and generate transaction instruction codes to effect and authenticate the financial transaction upon receipt of the authenticating data from the first SE. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A non-transitory machine-readable medium comprising a plurality of machine-readable instructions which, when executed by one or more processors of a data communication device of a user, are adapted to cause the one or more processors to perform a method, comprising:
-
running an application program that prompts the user to input a biometric trait of the user into the device; verifying the user'"'"'s identity from the biometric trait input to the device; generating data authenticating a financial transaction of the user by a third party trusted service manager (TSM) from data previously stored in the device by the TSM in response to the verifying of the user'"'"'s identity; and generating transaction instruction codes operable to effect and authenticate the financial transaction, wherein the verifying and the generating of the authenticating data are effected by a Payment/Wallet secure element (SE) of the device storing credentials of the user, and the prompting and the generating of the transaction instructions codes are effected by an Application SE of the device in which the application program is stored. - View Dependent Claims (18, 19, 20)
-
Specification