Establishing trust for conducting direct secure electronic transactions between a user and service providers

US 9,990,625 B2
Filed: 12/30/2015
Issued: 06/05/2018
Est. Priority Date: 10/06/2005
Status: Active Grant

First Claim

Patent Images

1. A method of establishing trust among a user, a device, and a service provider, comprising:

establishing trust between a transaction service provider and an electronic transaction facility deployed on a mobile phone operated by the user comprising registering the electronic transaction facility with the transaction service provider through a registration process that includes the transaction service provider certifying keys generated by the electronic transaction facility, wherein the keys comprise electronic transaction facility identification information;

establishing trust between the transaction service provider and the user via the trusted electronic transaction facility comprising receiving, decrypting and authenticating an encryption of a first one-time activation code (OTAC) known to the transaction service provider, the first OTAC received by the user from the transaction service provider, input by the user to the electronic transaction facility and encrypted by the electronic transaction facility;

establishing initial trust between the transaction service provider and a service provider comprising transmitting security certificates between the transaction service provider and the service provider and installing the security certificates as trusted SSL/HTTPS credentials; and

in response to the user opting to use a transaction service from the service provider, dynamically establishing direct secure transaction trust between the trusted electronic transaction facility and the trusted service provider by the transaction service provider transmitting a certificate representing the electronic transaction facility'"'"'s security credentials to the trusted service provider and providing a certificate representing the service provider'"'"'s security credentials to the electronic transaction facility;

authenticating, by the service provider, the electronic transaction facility by verifying a second OTAC received by the service provider directly from the handheld device after being encrypted by the handheld device using the credentials of the service provider, wherein prior to the authentication the second OTAC is sent from the service provider to the user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Ensuring security of electronic transactions between a user and a service provider involves establishing electronic trust among a user, device, transaction service provider, and service providers through OTAC processing, key generation and exchange, and verification.

358 Citations

7 Claims

1. A method of establishing trust among a user, a device, and a service provider, comprising:
- establishing trust between a transaction service provider and an electronic transaction facility deployed on a mobile phone operated by the user comprising registering the electronic transaction facility with the transaction service provider through a registration process that includes the transaction service provider certifying keys generated by the electronic transaction facility, wherein the keys comprise electronic transaction facility identification information;
  
  establishing trust between the transaction service provider and the user via the trusted electronic transaction facility comprising receiving, decrypting and authenticating an encryption of a first one-time activation code (OTAC) known to the transaction service provider, the first OTAC received by the user from the transaction service provider, input by the user to the electronic transaction facility and encrypted by the electronic transaction facility;
  
  establishing initial trust between the transaction service provider and a service provider comprising transmitting security certificates between the transaction service provider and the service provider and installing the security certificates as trusted SSL/HTTPS credentials; and
  
  in response to the user opting to use a transaction service from the service provider, dynamically establishing direct secure transaction trust between the trusted electronic transaction facility and the trusted service provider by the transaction service provider transmitting a certificate representing the electronic transaction facility'"'"'s security credentials to the trusted service provider and providing a certificate representing the service provider'"'"'s security credentials to the electronic transaction facility;
  
  authenticating, by the service provider, the electronic transaction facility by verifying a second OTAC received by the service provider directly from the handheld device after being encrypted by the handheld device using the credentials of the service provider, wherein prior to the authentication the second OTAC is sent from the service provider to the user.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the user opting to use a service of the service provider references a service provider.
  - 3. The method of claim 2, wherein transmitting the certificate includes transmitting the certificate to the service provider referenced when the user opts to use a service of the service provider.
  - 4. The method of claim 1, wherein the service that the user opts to use from the service provider is a person to person transaction service.

5. A method comprising:
- registering an electronic transaction facility deployed on a mobile device operated by a user with a transaction service provider by certifying electronic transaction facility identifying keys generated by the electronic transaction facility;
  
  receiving, decrypting and authenticating an encryption of a first one-time activation code (OTAC) known to the transaction service provider from the mobile device, the first OTAC received by the user from the transaction service provider, provided to the electronic transaction facility by the user and encrypted by the electronic transaction facility;
  
  installing security certificates communicated between the transaction service provider and a service provider as trusted SSL/HTTPS credentials; and
  
  providing, in response to the user opting to use a transaction service from the service provider, a certificate representing the electronic transaction facility'"'"'s security credentials to the service provider and providing a certificate representing the service provider'"'"'s security credentials to the electronic transaction facility;
  
  authenticating, by the service provider, the electronic transaction facility by verifying a second OTAC received by the service provider directly from the handheld device after being encrypted by the handheld device using the credentials of the service provider, wherein prior to the authentication the second OTAC is sent from the service provider to the user.

6. A method of establishing trust among a user, a device, and a service provider, comprising:
- establishing trust between a transaction service provider and an electronic transaction facility deployed on a mobile phone operated by the user comprising registering the electronic transaction facility with the transaction service provider through a registration process that includes the transaction service provider certifying keys generated by the electronic transaction facility, wherein the keys comprise electronic transaction facility identification information;
  
  establishing initial trust of a service provider comprising transmitting security certificates between the transaction service provider and the service provider and installing the security certificates as trusted SSL/HTTPS credentials; and
  
  establishing trust between the trusted service provider and the user via the trusted electronic transaction facility comprising the transaction service provider forwarding a key-exchange request and response between the trusted electronic transaction facility and the trusted service provider, wherein the key-exchange request is encrypted by the trusted electronic transaction facility using a first one-time activation code (OTAC) known to the user and to the trusted service provider, the first OTAC input by the user to the electronic transaction facility;
  
  in response to the user opting to use a transaction service from the service provider, dynamically establishing direct secure transaction trust between the trusted electronic transaction facility and the trusted service provider by the transaction service provider transmitting a certificate representing the electronic transaction facility'"'"'s security credentials to the trusted service provider and providing a certificate representing the service provider'"'"'s security credentials to the electronic transaction facility;
  
  authenticating, by the service provider, the electronic transaction facility by verifying a second OTAC received by the service provider directly from the handheld device after being encrypted by the handheld device using the credentials of the service provider, wherein prior to the authentication the second OTAC is sent from the service provider to the user.
- View Dependent Claims (7)
- - 7. The method of claim 6, wherein the first OTAC known to the user is received by the user in a communication other than via the transaction service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard Mobile Transactions Solutions, Inc. (MasterCard Incorporated)
Original Assignee
Mastercard Mobile Transactions Solutions, Inc. (MasterCard Incorporated)
Inventors
Pitroda, Satyan G., Desai, Mehul
Primary Examiner(s)
Coppola, Jacob C

Application Number

US14/983,877
Publication Number

US 20160117668A1
Time in Patent Office

888 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06Q 20/02   involving a neutral party, ...

G06Q 20/045   using payment protocols inv...

G06Q 20/047   using payment protocols inv...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/145   Payments according to the d...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3223   Realising banking transacti...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/325   using wireless networks

G06Q 20/327   Short range or proximity pa...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40 : Authorisation, e.g. identif...

G06Q 20/4014 : Identity check for transact...

G06Q 20/42 : Confirmation, e.g. check or...

G06Q 2220/00 : Business processing using c...

G06Q 30/06 : Buying, selling or leasing ...

G16H 10/60 : for patient-specific data, ...

G16Z 99/00 : Subject matter not provided...

H04L 63/0428 : wherein the data content is...

H04L 63/06 : for supporting key manageme...

H04L 63/08 : for authentication of entit...

H04L 63/0838 : using one-time-passwords

View All

Establishing trust for conducting direct secure electronic transactions between a user and service providers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

358 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Establishing trust for conducting direct secure electronic transactions between a user and service providers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

358 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links