US20200034849A1 - Universal secure registry - Google Patents
Universal secure registry Download PDFInfo
- Publication number
- US20200034849A1 US20200034849A1 US16/590,863 US201916590863A US2020034849A1 US 20200034849 A1 US20200034849 A1 US 20200034849A1 US 201916590863 A US201916590863 A US 201916590863A US 2020034849 A1 US2020034849 A1 US 2020034849A1
- Authority
- US
- United States
- Prior art keywords
- user
- information
- usr
- electronic
- secure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 230000006854 communication Effects 0.000 claims abstract description 146
- 238000004891 communication Methods 0.000 claims abstract description 142
- 230000004044 response Effects 0.000 claims description 28
- 238000005516 engineering process Methods 0.000 claims description 10
- 230000003213 activating effect Effects 0.000 claims description 2
- 238000000034 method Methods 0.000 description 122
- 230000008569 process Effects 0.000 description 65
- 238000010200 validation analysis Methods 0.000 description 31
- 230000005540 biological transmission Effects 0.000 description 18
- 230000008520 organization Effects 0.000 description 16
- 238000013459 approach Methods 0.000 description 13
- 230000001815 facial effect Effects 0.000 description 12
- 238000013475 authorization Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000003287 optical effect Effects 0.000 description 9
- 239000000758 substrate Substances 0.000 description 9
- 238000012384 transportation and delivery Methods 0.000 description 9
- 238000012795 verification Methods 0.000 description 8
- 230000009471 action Effects 0.000 description 7
- 230000000737 periodic effect Effects 0.000 description 7
- 238000012546 transfer Methods 0.000 description 7
- 239000003795 chemical substances by application Substances 0.000 description 5
- 238000004590 computer program Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000008054 signal transmission Effects 0.000 description 5
- JLQUFIHWVLZVTJ-UHFFFAOYSA-N carbosulfan Chemical compound CCCCN(CCCC)SN(C)C(=O)OC1=CC=CC2=C1OC(C)(C)C2 JLQUFIHWVLZVTJ-UHFFFAOYSA-N 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 230000001010 compromised effect Effects 0.000 description 4
- 229920001690 polydopamine Polymers 0.000 description 4
- 238000013474 audit trail Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 239000000284 extract Substances 0.000 description 3
- 210000004247 hand Anatomy 0.000 description 3
- 230000002123 temporal effect Effects 0.000 description 3
- 230000004913 activation Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 210000000707 wrist Anatomy 0.000 description 2
- 240000005020 Acaciella glauca Species 0.000 description 1
- LFQSCWFLJHTTHZ-UHFFFAOYSA-N Ethanol Chemical compound CCO LFQSCWFLJHTTHZ-UHFFFAOYSA-N 0.000 description 1
- WHXSMMKQMYFTQS-UHFFFAOYSA-N Lithium Chemical compound [Li] WHXSMMKQMYFTQS-UHFFFAOYSA-N 0.000 description 1
- 240000002853 Nelumbo nucifera Species 0.000 description 1
- 235000006508 Nelumbo nucifera Nutrition 0.000 description 1
- 235000006510 Nelumbo pentapetala Nutrition 0.000 description 1
- 230000003466 anti-cipated effect Effects 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 239000003086 colorant Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- -1 for example Substances 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 210000003128 head Anatomy 0.000 description 1
- 238000002329 infrared spectrum Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 229910052744 lithium Inorganic materials 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 229910052751 metal Inorganic materials 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000004033 plastic Substances 0.000 description 1
- 230000005855 radiation Effects 0.000 description 1
- 235000003499 redwood Nutrition 0.000 description 1
- 210000001525 retina Anatomy 0.000 description 1
- 230000004256 retinal image Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 238000010257 thawing Methods 0.000 description 1
- 230000036962 time dependent Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3672—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes initialising or reloading thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3676—Balancing accounts
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/22—Social work or social welfare, e.g. community support activities or counselling services
-
- G07C9/00087—
-
- G07C9/00103—
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/25—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
- G07C9/257—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- G07C2009/00095—
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/25—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
- G07C9/26—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition using a biometric sensor integrated in the pass
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Definitions
- U.S. patent application Ser. No. 13/237,184 is a continuation in part of and also claims priority under 35 U.S.C. ⁇ 120 to U.S. patent application Ser. No. 13/168,556, filed on Jun. 24, 2011, now U.S. Pat. No. 8,271,397.
- U.S. patent application Ser. No. 13/237,184 is also a continuation of and also claims priority under 35 U.S.C. ⁇ 120 to U.S. patent application Ser. No. 12/393,586 filed Feb. 26, 2009, now U.S. Pat. No. 8,234,220 entitled “UNIVERSAL SECURE REGISTRY”.
- U.S. patent application Ser. No. 12/393,586 is a continuation in part of each of U.S. patent application Ser. No. 11/760,732 filed Jun. 8, 2007, now U.S. Pat. No. 7,809,651, entitled “UNIVERSAL SECURE REGISTRY”; U.S. patent application Ser. No. 11/760,729 filed Jun. 8, 2007, now U.S. Pat. No. 7,805,372, entitled “UNIVERSAL SECURE REGISTRY”; and U.S. patent application Ser. No. 11/677,490 filed Feb. 21, 2007, now U.S. Pat. No. 8,001,055 entitled “METHOD, SYSTEM AND APPARATUS FOR SECURE ACCESS PAYMENT AND IDENTIFICATION”.
- U.S. application Ser. No. 11/760,732 is a continuation of U.S. application Ser. No. 11/677,490, now U.S. Pat. No. 8,001,055, and U.S. patent application Ser. No. 11/760,729 is a continuation of U.S. application Ser. No. 11/677,490, now U.S. Pat. No. 8,001,055.
- Embodiments of the invention generally relate to systems, methods, and apparatus for authenticating identity or verifying the identity of individuals and other entities seeking access to certain privileges and for selectively granting privileges and providing other services in response to such identifications/verifications.
- embodiments of the invention relate generally to systems and methods for obtaining information from and/or transmitting information to a user device and, in particular, to systems, methods, and apparatus that provide for contactless information transmission.
- Access control to secure computer networks presents a problem related to the identification of a person.
- An individual may be provided access to the secure system after their identity is authorized.
- access control to secure computer networks is presently provided by an authentication scheme implemented, at least partly, in software located on a device being employed to access the secure computer network and on a server within the secure computer network.
- a corporation may purchase authentication software that includes server-side software installed on a server in their computer system and corresponding client-side software that is installed on the devices that are used by employees to access the system.
- the devices may include desktop computers, laptop computers, and handheld computers (e.g., PDAs and the like).
- the preceding approach has a number of disadvantages including both the difficulty and cost of maintaining the authentication system and the difficulty and cost of maintaining the security of the authentication system.
- the software resides in the corporation's computers where it may be subject to tampering/unauthorized use by company employees. That is, the information technology team that manages the authentication system has access to the private keys associated with each of the authorized users. As a result, these individuals have an opportunity to compromise the security of the system.
- any modification and/or upgrade to the authentication system software is likely to require an update to at least the server-side software and may also require an update of the software located on each user/client device.
- software upgrades/updates may be required on a plurality of geographically distributed servers.
- an FBI agent or an air marshal may need to identify themselves to airport security or a gate agent, without compromising security.
- identification may comprise the air marshal or FBI agent showing identification indicia to appropriate personnel.
- flaws in this process that allow for security to be compromised, including falsification of identification information and failure of the airport security or other personnel to recognize the situation.
- this process could be automated, for example, by equipping airport personnel or security with access to a database and requiring the FBI agent or air marshal to appropriately identify themselves to the database, for example, by again providing identification which airport personnel can then enter into the database to verify the identity of the person seeking access to a secure area.
- this process also has the inherent flaws in it as described above.
- airport security or personnel may not be able to communicate with the database to check the identity of the person seeking access, for example, when they are not near a computer terminal with access to a database or are carrying a hand-held device that does not have an appropriate wireless signal to access the database.
- both commercial (e.g., banking networks) and non-commercial (e.g., security systems) information systems often rely on magnetic card readers to collect information specific to a user (e.g., a security code, a credit card number, etc.) from a user device (e.g., a transaction card).
- a user device e.g., a transaction card
- Credit card purchases made in person provide an example of the most common transaction-type that relies on a user device, the credit or debit card, which is read by a magnetic card reader.
- User devices that rely on magnetic-stripe based technology magnetically store information (e.g., binary information) in the magnetic stripe.
- the magnetic stripe reader provides an interface to a larger computerized network that receives the user's information to determine, for example, whether to authorize a transaction, to allow the user access to a secure area, etc.
- Such devices have seen technological advances that increase their capabilities and improve their security.
- such devices may now include embedded processors, integral biometric sensors that sense one or more biometric feature (e.g., a fingerprint) of the user, and magnetic stripe emulators.
- biometric feature e.g., a fingerprint
- magnetic stripe emulators e.g., a biometric feature of the user
- such devices may provide greater security by dynamically generating the necessary information, for example, generating the credit card number at the time of a transaction.
- Improved security can also be provided by such devices because more sophisticated authentication schemes can be implemented with the devices.
- user devices such as transaction cards may now also provide for one or more modes of information transmission other than transmission via a magnetic stripe/card reader combination.
- user devices that may transmit information optically or via radio frequency (“RF”) signal transmission to a compatible system interface are now available.
- RF radio frequency
- the architecture of a user device that includes a processor is generally compatible with both the improved security features described above and the contactless transmission modes such as optical and RF signal transmission.
- RF devices that transmit information wirelessly are expected to become much more prevalent and at some point, the predominant form of information transmission for user authentication based on a hand-held device, for example, credit card, debit card, drivers license, passport, social security card, personal identification, etc.
- a hand-held device for example, credit card, debit card, drivers license, passport, social security card, personal identification, etc.
- the bridge device requires that the smart card be inserted within it.
- the bridge device includes a slot for receiving the smart card, a key pad whereby the user may enter information (e.g., a PIN number), and a credit card sized extension member.
- Operation of the bridge device requires that the smart card be inserted within it and that an electrical contact surface of the smart card engage a similar surface within the bridge device before the bridge device (i.e., the extension member) can be used with a magnetic card reader.
- the contactless nature of more advanced information transmission systems is lost with the bridge device because it does not support wireless signal transmission.
- this invention relates, in one embodiment, to an information system that may be used as a universal identification system and/or used to selectively provide information about a person to authorized users.
- Transactions to and from a secure database may take place using a public key/private key security system to enable users of the system and the system itself to encrypt transaction information during the transactions.
- the private key/public key security system may be used to allow users to validate their identity.
- a smart card such as the SecurIDTM card from RSA Security, Inc. may be provided with the user's private key and the USR system's public key to enable the card to encrypt messages being sent to the USR system and to decrypt messages from the USR system 10 .
- the system or database of the invention may be used to identify the person in many situations, and thus may take the place of multiple conventional forms of identification. Additionally, the system may enable the user's identity to be confirmed or verified without providing any identifying information about the person to the entity requiring identification. This can be advantageous where the person suspects that providing identifying information may subject the identifying information to usurpation.
- Access to the system may be by smart card, such as a SecurIDTM card, or any other secure access device.
- the technology enabling the user to present their identity information may be physically embodied as a separate identification device such as a smart ID card, or may be incorporated into another electronic device, such as a cell phone, pager, wrist watch, computer, personal digital assistant such as a Palm PilotTM, key fob, or other commonly available electronic device.
- the identity of the user possessing the identifying device may be verified at the point of use via any combination of a memorized PIN number or code, biometric identification such as a fingerprint, voice print, signature, iris or facial scan, or DNA analysis, or any other method of identifying the person possessing the device.
- the identifying device may also be provided with a picture of the person authorized to use the device to enhance security.
- a method of controlling access to a plurality of secure computer networks using a secure registry system located remotely from the secure computer networks is disclosed.
- the secure registry system includes a database containing selected data of a plurality of users each authorized to access at least one of the plurality of secure computer networks.
- the method comprises acts of receiving authentication information from an entity at a secure computer network, communicating the authentication information to the secure registry system, and validating the authentication information at the secure registry system.
- the method also includes receiving from the secure registry system an indication of whether the entity is authorized to access the secure computer network, granting the entity access to the secure computer network when the authentication information of the entity corresponds to one of the plurality of users, and denying the entity access to the secure computer network when the authentication information of the user does not correspond to one of the plurality of users.
- Another embodiment of the invention comprises a method of controlling access to a secure computer network using a secure registry system.
- the secure registry system includes a database containing selected data of a plurality of users authorized to access the secure computer network and selected data identifying the secure computer network.
- the method comprises receiving an access request including authentication information and a computer network ID from an entity, determining whether the authentication information is valid for any of the plurality of users, accessing data when the authentication information of the entity is valid for one of the plurality of users to determine whether the entity is authorized to access the computer network identified by the computer network ID, and allowing the entity to access the secure computer network when the authentication information of the entity is valid for one of the plurality of users authorized to access the computer network identified by the computer network ID.
- Another embodiment of the invention comprises a method of authenticating an identity of a first entity.
- the method comprises the acts of wirelessly transmitting from a first device, first encrypted authentication information of the first entity, receiving with a second device the wirelessly transmitted first encrypted authentication information, decrypting with the second device, the first wirelessly encrypted authentication information to provide the first authentication information of the first entity to the second device; and authenticating the identity of the first entity based upon the first authentication information; and acting based on the assessed identity of the first entity.
- Another embodiment of the invention comprises a system for authenticating an identity of a first entity, comprising a first wireless device comprising a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted authentication information, a first processor configured to compare stored biometric data with detected biometric data of the first entity and configured to enable or disable use of the first device based on a result of the comparison, and configured to encrypt first authentication information with a first private key of the first entity into the first encrypted authentication information, a first biometric detector for detecting biometric data of the first entity, and a first memory for storing biometric data of the first entity, a private key of the first entity authorized to use the first device, and the first authentication information.
- the system further comprises a second wireless device comprising a second wireless transmitter and receiver configured to receive the first wireless signal and to process the first wireless signal, a second processor configured to compare detected biometric data of a second entity with stored biometric data and configured to enable or disable use of the second device based upon a result of the comparison, and configured to decrypt the first authentication information received in the first wireless signal, a biometric detector for detecting biometric data of a second entity, and a second memory storing biometric data of the second entity and a plurality of public keys of a plurality of first entities.
- a second wireless device comprising a second wireless transmitter and receiver configured to receive the first wireless signal and to process the first wireless signal
- a second processor configured to compare detected biometric data of a second entity with stored biometric data and configured to enable or disable use of the second device based upon a result of the comparison, and configured to decrypt the first authentication information received in the first wireless signal
- a biometric detector for detecting biometric data of a second entity
- a second memory storing
- a first wireless device comprising a processor configured to enable operation of the first wireless device if it receives an enablement signal validating first biometric information of a first entity and configured to generate a non-predictable signal from the biometric information, a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted biometric information of the first entity and to receive the enablement signal, and a first biometric detector for detecting the first biometric information of the first entity.
- a device converts a wireless transaction device to a magnetic-stripe emulator device.
- the device includes a wireless signal receiver that is configured to receive a wireless signal and provide information from the wireless signal.
- the device may include a magnetic-stripe emulator which is communicatively coupled to the wireless signal receiver and adapted to provide a time-varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader in response to receiving the information from the wireless signal.
- the device includes a processor communicatively coupled to the wireless signal receiver and to the magnetic-stripe emulator.
- the device may also include an LED.
- the processor is configured to control the LED to indicate that the device is properly aligned with the magnetic card reader.
- the device includes an output device that can provide information to a network or to a network device.
- the output device is a wireless transmitter device.
- the output device is a data port to which the device can provide data to a network or to a network device.
- the data port is also configured to receive data from the network or the network's device.
- the device is configured to communicate with the magnetic card reader via the data port.
- the wireless receiver and/or processors configure, decrypt and encrypt the wireless signal.
- the processor is configured to determine whether a user is authorized to provide the information contained within the wireless signal from data within the wireless signal.
- the data contained within the wireless signal includes user ID information.
- the data contained within the wireless signal includes biometric information of the user.
- the invention provides a system for validating an identity of a user to enable or prevent an occurrence of an event.
- the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver, where the second device is configured to receive the validation information and further transmit the validation information; and a secure system in communication with the second device.
- the secure system includes a database.
- the secure system is configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event.
- the event that is enabled or prevented may be a transaction (e.g., a financial transaction), access control (e.g., physical or electronic access) or other action that is either enabled or prevented.
- the invention provides a method employing a system to validate an identity of a user to enable or prevent an occurrence of an event.
- the system includes a first device, a second device and a secure system including a database.
- the method includes acts of receiving at the second device validation information wirelessly transmitted from the first device, communicating the validation information from the second device to the secure system, and receiving at the second device additional information from the secure system.
- the additional information assists the second device in either enabling or preventing the occurrence of the event.
- the event that is enabled or prevented may be a transaction (e.g., a financial transaction), access control (e.g., physical or electronic access) or other action that is either enabled or prevented.
- a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction.
- the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts.
- the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.
- the processor is configured to generate a non-predictable value and to generate encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and to communicate the encrypted authentication information via the communication link to the secure registry.
- a method of generating authentication information includes acts of authenticating an identity of a user to a device based on at least one of biometric data received by the device from the user and secret information known to the user and provided to the device.
- the method can also include the generation of a non-predictable value with the device.
- the method can further include acts of receiving identifying information from the user concerning a selected one of a plurality of user accounts and generating encrypted authentication information from the non-predictable value, the identifying information, and at least one of the biometric data and the secret information.
- the device can generate encrypted authentication information from each of the non-predictable value, the biometric data, the secret information, and the identifying information.
- a method of controlling access to a plurality of accounts includes acts of generating, with a device, encrypted authentication information from a non-predictable value generated by the device, identifying information concerning an account selected by a user of the device from among a plurality of accounts associated with the user, and at least one of a biometric of the user received by the device and secret information provided to the device by the user, communicating the encrypted authentication information from the device to a secure registry via a point-of-sale (POS) device to authenticate or not authenticate the device with the secure registry, authorizing the POS device to initiate a financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is successfully authenticated, and denying the POS device from initiation of the financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is not successfully authenticated.
- POS point-of-sale
- a mobile electronic device for authenticating a user involved in a transaction comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and wherein the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the one or more processors are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a method for authenticating a user involved in a transaction using a mobile electronic device comprising authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the method further comprises encrypting the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a computer readable medium or media containing instructions for authenticating a user involved in a transaction wherein execution of the instructions by one or more processors of a mobile electronic device causes the one or more processors to carry out the steps of authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information specific to the mobile electronic device and a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- execution of the instructions by the one or more processors further causes the one or more processors to carry out the step of encrypting the identification information and the one-time authentication code before the identification information and the one-time authentication code are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a system for authenticating a user involved in a transaction comprising a mobile electronic device, the mobile electronic device comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information specific to the mobile electronic device and a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, the computer system, comprising a communications interface configured to receive the identification information and the one-time authentication code, and one or more processors configured to retrieve account information associated with the mobile electronic device and the user account to be employed in the transaction, and to use the retrieved account information to validate the received identification information and one-time authentication code, where generating the one-time authentication code
- PIN personal identification
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the one or more processors of the mobile electronic device are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- an electronic ID device configured to allow a user to select an account associated with the user to employ in a transaction
- the electronic ID device comprising a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input, the user input including secret information known to the user, and selection information concerning an account selected by the user from one or more accounts associated with the user, a communication interface configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, wherein the processor is programmed to activate the electronic ID device in response to a successful authentication of a user's identity, wherein authentication of the user's identity is based on at least one of the biometric input and the secret information, generate a one-time non-predictable value, obtain a public identifier that corresponds to private account information of the selected user account, wherein the public identifier does not contain any private account information of the selected user account, generate authentication information using the one-time non-predictable value
- the communication interface is configured to communicate with the secure registry either directly or via an intermediate device.
- the public identifier does not contain any compromisable account information.
- the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via an induced signal generated by the communication interface.
- the communication interface includes a magnetic stripe emulator.
- the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a time-varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader, and the time varying signal is generated by the magnetic stripe emulator of the communication interface.
- the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a near field signal generated by the communication interface.
- the communication interface includes a near field communication (NFC) transceiver; and the authentication signal generated by the communication interface is an NFC signal.
- NFC signal is generated by the NFC transceiver of the communication interface, and the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via the NFC signal, the requesting or receiving device located within the same local area as the NFC transceiver such that the NFC signal is transmitted directly between the NFC transceiver and the requesting or receiving device.
- the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Wi-FiTM radio technology signal generated by the communication interface. In some examples, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a BluetoothTM wireless technology standard signal. In various examples, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a BluetoothTM Low Energy wireless technology standard signal.
- the processor in activating the electronic ID device, is further programmed to render stored data legible.
- the encrypted authentication information is one-time encrypted authentication information.
- the communication interface is configured to communicate the encrypted authentication information to the secure registry, where the secure registry comprises a secure token database storing one or more tokens associated with the authentication information.
- the processor is further programmed to deactivate the electronic ID device without generating the authentication information where authentication based on at least one of the biometric input and the secret information is unsuccessful.
- deactivating the electronic ID device initiates a lock-out period.
- deactivating the electronic ID device includes deleting information present in the electronic ID device that is used to generate the authentication information.
- FIG. 1 is a functional block diagram of a computer system configured to implement the universal secure registry (“USR”), including a USR database, according to one embodiment of the invention;
- USR universal secure registry
- FIG. 2 is a functional block diagram of a first embodiment of a networked environment including the computer system of FIG. 1 ;
- FIG. 3 is a functional block diagram of an entry of a database forming the USR database of FIG. 1 ;
- FIG. 4 is a functional block diagram of a second embodiment of a networked environment including the computer system of FIG. 1 ;
- FIG. 5 is a flow chart illustrating steps in a process of inputting data into the USR database
- FIG. 6 is a flow chart illustrating steps in a process of retrieving data from the USR database
- FIG. 7 is a flow chart illustrating a first protocol for purchasing goods from a merchant via the USR database without transmitting credit card information to the merchant;
- FIG. 8 is a flow chart illustrating a second protocol for purchasing goods from a merchant via the USR database without transmitting credit card information to the merchant;
- FIG. 9 is a flow chart illustrating a protocol for purchasing goods from a merchant via the USR database by validating the user's check
- FIG. 10 is a flow chart illustrating a protocol for purchasing goods from an on-line merchant via the USR database without transmitting credit card information to the on-line merchant, and enabling the on-line merchant to ship the goods to a virtual address;
- FIG. 11 is a flow chart illustrating a protocol for shipping goods to a virtual address via the USR database
- FIG. 12 is a flow chart illustrating a protocol for telephoning a virtual phone number via the USR database
- FIG. 13 is a flow chart illustrating a protocol for identifying a person via the USR database
- FIG. 14 is a flow chart illustrating a protocol for identifying a person to a policeman via the USR database
- FIG. 15 is a flow chart illustrating a protocol for providing information to an authorized recipient of the information via the USR database
- FIG. 16 is a flow chart illustrating a protocol for providing application information to an authorized recipient of the information via the USR database
- FIG. 17 is a functional block diagram of an embodiment configured to use information in the USR system to activate or keep active property secured through the USR system;
- FIG. 18A is a functional block diagram of an embodiment configured to use the USR system to control access to a secure computer network
- FIG. 18B is a functional block diagram of another embodiment configured to use the USR system to control access to a secure computer network
- FIG. 19 is a flow diagram of a process for controlling access to a secure computer network with the USR system in accordance with an embodiment of the invention.
- FIG. 20 is a flow diagram of a process for controlling access to a secure computer network with the USR system in accordance with another embodiment of the invention.
- FIG. 21 illustrates an embodiment of a system for validating the identity of an individual
- FIGS. 22A and 22B illustrate one embodiment of a process for validating the identity of an individual
- FIG. 23 illustrates one embodiment of various fields included within a first wireless signal and a second wireless signal as transmitted by the system of FIG. 21 ;
- FIG. 24 illustrates one embodiment of a process for verifying or authenticating the identity of a first user of a first wireless transmission device
- FIG. 25 illustrates another embodiment of a process for authenticating the identity of a first user of a wireless transmission device
- FIG. 26 illustrates still another embodiment of a process for authenticating the identity of a first user of a wireless transmission device
- FIG. 27 illustrates one embodiment of a data structure that can be used by any wireless device of the system of FIG. 21 ;
- FIG. 28 illustrates a system in accordance with one embodiment of the invention
- FIG. 29 illustrates a process in accordance with an embodiment of the invention
- FIGS. 30A-30D illustrate a converter device in accordance with one embodiment of the invention.
- FIG. 31 illustrates a further embodiment of a system that employs the USR system.
- an information system is formed as a computer program running on a computer or group of computers configured to provide a universal secure registry (USR) system.
- the computer in this instance, may be configured to run autonomously (without the intervention of a human operator), or may require intervention or approval for all, a selected subset, or particular classes of transactions.
- the invention is not limited to the disclosed embodiments, and may take on many different forms depending on the particular requirements of the information system, the type of information being exchanged, and the type of computer equipment employed.
- An information system according to this invention may optionally, but need not necessarily, perform functions additional to those described herein, and the invention is not limited to a computer system performing solely the described functions.
- a computer system 10 for implementing a USR system includes at least one main unit 12 connected to a wide area network, such as the Internet, via a communications port 14 .
- the main unit 12 may include one or more processors (CPU 16 ) running USR software 18 configured to implement the USR system functionality discussed in greater detail below.
- the CPU 16 may be connected to a memory system including one or more memory devices, such as a random access memory system RAM 20 , a read only memory system ROM 22 , and one or more databases 24 .
- the database 24 contains a universal secure registry database.
- the invention is not limited to this particular manner of storing the USR database. Rather, the USR database may be included in any aspect of the memory system, such as in RAM 20 , ROM 22 or disc, and may also be separately stored on one or more dedicated data servers.
- the computer system may be a general purpose computer system which is programmable using a computer programming language, such as C, C++, Java, or other language, such as a scripting language or even assembly language.
- the computer system may also be specially programmed, special purpose hardware, an application specific integrated circuit (ASIC) or a hybrid system including both special purpose components and programmed general purpose components.
- ASIC application specific integrated circuit
- the processor is typically a commercially available microprocessor, such as Pentium series processor available from Intel, or other similar commercially available device.
- a microprocessor executes a program called an operating system, such as UNIX, Linux, Windows NT, Windows 95, 98, or 2000, or any other commercially available operating system, which controls the execution of other computer programs and provides scheduling, debugging, input/output control, accounting, compilation, storage assignment, data management, memory management, communication control and related services, and many other functions.
- the processor and operating system defines a computer platform for which application programs in high-level programming languages are written.
- the database 24 may be any kind of database, including a relational database, object-oriented database, unstructured database, or other database.
- Example relational databases include Oracle 81 from Oracle Corporation of Redwood City, Calif.; Informix Dynamic Server from Informix Software, Inc. of Menlo Park, Calif.; DB2 from International Business Machines of Armonk, N.Y.; and Access from Microsoft Corporation of Redmond, Wash.
- An example object-oriented database is ObjectStore from Object Design of Burlington, Mass.
- An example of an unstructured database is Notes from the Lotus Corporation, of Cambridge, Mass.
- a database also may be constructed using a flat file system, for example by using files with character-delimited fields, such as in early versions of dBASE, now known as Visual dBASE from Inprise Corp. of Scotts Valley, Calif., formerly Borland International Corp.
- the main unit 12 may optionally include or be connected to an user interface 26 containing, for example, one or more input and output devices to enable an operator to interface with the USR system 10 .
- Illustrative input devices include a keyboard, keypad, track ball, mouse, pen and tablet, communication device, and data input devices such as voice and other audio and video capture devices.
- Illustrative output devices include cathode ray tube (CRT) displays, liquid crystal displays (LCD) and other video output devices, printers, communication devices such as modems, storage devices such as a disk or tape, and audio or video output devices.
- the user interface 26 may be omitted, in which case the operator may communicate with the USR system 10 in a networked fashion via the communication port 14 . It should be understood that the invention is not limited to any particular manner of interfacing an operator with the USR system.
- the invention is not limited to a particular computer platform, particular processor, or particular high-level programming language.
- the computer system may be a multiprocessor computer system or may include multiple computers connected over a computer network.
- each module or step shown in the accompanying figures and the substeps or subparts shown in the remaining figures may correspond to separate modules of a computer program, or may be separate computer programs. Such modules may be operable on separate computers.
- the data produced by these components may be stored in a memory system or transmitted between computer systems.
- Such a system may be implemented in software, hardware, or firmware, or any combination thereof.
- the various elements of the information system disclosed herein, either individually or in combination, may be implemented as a computer program product, such as USR software 18 , tangibly embodied in a machine-readable storage device for execution by the computer processor 16 .
- Various steps of the process may be performed by the computer processor 16 executing the program 18 tangibly embodied on a computer-readable medium to perform functions by operating on input and generating output.
- Computer programming languages suitable for implementing such a system include procedural programming languages, object-oriented programming languages, and combinations of the two.
- the computer system 10 may be connected to a plurality of interface centers 27 over a wide area network 28 .
- the wide area network 28 may be formed from a plurality of dedicated connections between the interface centers 27 and the computer system 10 , or may take place, in whole or in part, over a public network such as the Internet.
- Communication between the interface centers 27 and the computer system 10 may take place according to any protocol, such as TCP/IP, ftp, OFX, or XML, and may include any desired level of interaction between the interface centers 27 and the computer system 10 .
- communications facilitating or relating to transmission of data from/to the USR database 24 or the computer system 10 may be encrypted using an encryption algorithm, such as PGP, DES, or other conventional symmetric or asymmetric encryption algorithm.
- an encryption algorithm such as PGP, DES, or other conventional symmetric or asymmetric encryption algorithm.
- the USR system 10 or USR database 24 may be able to authenticate its identity to a user or other entity accessing the system by providing an appropriate code which may be displayed on the user's smart card, for example a SecurIDTM card or its equivalent, or other code generator, for example a single use code generator, being employed by the user.
- a comparison by the user or the code generator between the provided number and an expected number can validate, to the user (or other entity) or the code generator, that communication is with the database and not an imposter.
- a challenge-response protocol is employed to authenticate the identity of the USR system and/or the user to the other.
- the database 24 shown in FIG. 1 has a USR database containing entries related to persons 1 - n .
- the data in the USR database may also be segregated, as shown in FIG. 4 , according to data type to enable individual computer modules to handle discrete applications on discrete data types. Segregating the data, as illustrated in FIG. 4 , may make access to the database more robust by enabling portions of the data in the USR database 24 to be accessible even when it is necessary to perform maintenance on a portion of the database.
- storing the data in the USR database 24 according to the scheme illustrated in FIG. 1 may make it easier for a user of the database to make changes to multiple types of data simultaneously or in a single session.
- each entry 30 in the database 24 may contain multiple types of information.
- the entry contains validation information 32 , access information 34 , publicly available information 36 , address information 38 , credit card and other financial information 40 , medical information 42 , job application information 44 , and tax information 46 .
- the invention is not limited to a USR containing entries with all of this information or only this particular information, as any information on a person or other entity such as a company, institution, etc. may be stored in USR database 24 .
- each database will typically include at least the validation and access information to enable the USR software to correlate a validation attempt with a verified validation, and to enable the USR software to determine access privileges to the requested data.
- databases may be linked to permit information not in a main USR database to be retrieved, with validation/identification for all databases accessed being done at the USR system.
- the validation information is information about the user of the database to whom the data pertains and is to be used by the USR software 18 to validate that the person attempting to access the information is the person to whom the data pertains or is otherwise authorized to receive it.
- the validation information may be any type of information that will reliably authenticate the identity of the individual.
- the information may include any of a secret known by the user (e.g., a pin, a phrase, a password, etc.), a token possessed by the user that is difficult to counterfeit (e.g., a secure discrete microchip), and/or a measurement such as a biometric (e.g., a voiceprint, a fingerprint, DNA, a retinal image, a photograph, etc.).
- a secret known by the user e.g., a pin, a phrase, a password, etc.
- a token possessed by the user that is difficult to counterfeit e.g., a secure discrete microchip
- a measurement such as a biometric (e.g., a voiceprint, a fingerprint, DNA, a retinal image, a photograph, etc.).
- the user's identifying information may be manually entered or scanned at the interface center. However, a variety of types of communication may be employed to communicate the user's identifying information from the identification card or token to the computer system.
- near field signal may be employed to communicate information between the identification card or token and the computer system 10 .
- the user's identifying information is included in (or entered via) the user's cell phone where it is then communicated to the computer system 10 .
- the cell phone is also configured to receive information from the computer system 10 at the interface center 27 .
- the user of the database will carry a SecurID′ card available from RSA Security, formerly Security Dynamics Technologies, Inc., of Cambridge, Mass. Use of this card enables secure access to the USR database without requiring the user to transmit any personal information.
- the card retrieves a secret user code and/or time varying value from memory and obtains from the user a secret personal identification code.
- the card mathematically combines these three numbers using a predetermined algorithm to generate a one-time nonpredictable code which is transmitted to the computer system 10 .
- the computer system specifically USR software 18 , utilizes the received one-time nonpredictable code to determine if the user is authorized access to the USR database and grants access to the USR database if the user is determined to be authorized.
- the verification information 32 in the database entry in the embodiment of the invention illustrated in FIG. 3 contains information to enable the USR software 18 to validate the user using such a card in this manner
- Alternative types of identification cards or tokens may likewise be used.
- other smart cards may be used which generate non-predictable single use codes, which may or may not be time varying, or other access code generators may be used.
- An algorithm generating such non-predictable codes may also be programmed onto a processor on a smart card or other computing device, such as a cell phone, pager, ID badge, wrist watch, computer, personal digital assistant, key fob, or other commonly available electronic device.
- a smart card or other computing device such as a cell phone, pager, ID badge, wrist watch, computer, personal digital assistant, key fob, or other commonly available electronic device.
- electronic ID device will be used generically to refer to any type of electronic device that may be used to obtain access to the USR database.
- biometric information may be stored in the verification area of the database entry to enable the identity of the user possessing the identifying device to be verified at the point of use.
- biometric information examples include a personal identification number (PIN), fingerprint, voice print, signature, iris or facial scan, or DNA analysis.
- PIN personal identification number
- the verifying section of the database may contain a picture to be transmitted back to the person seeking to validate the device to ensure the person using the device is the correct person.
- the identifying device itself may also be provided with a picture of the person authorized to use the card to provide a facial confirmation of the person's right to use the card.
- a challenge-response protocol may be employed in combination with or as an alternative to the preceding to validate the person attempting to access the information.
- Various embodiments may employ a challenge-response protocol with or without an identification card.
- the Access information 34 is provided to enable different levels of security to attach to different types of information stored in the entry 30 in the USR database 14 .
- the person may desire that their address information be made available only to certain classes of people, for example colleagues, friends, family, Federal Express, U.P.S., and the U.S. mail service.
- the names or universal identifiers for those selected individuals, companies, organizations and/or agencies may be entered into appropriate fields in the Access information to specify to the USR software 18 those individuals to whom the address information may be released.
- access fields may be specified for the other types of information.
- the individual may specify that only particular individuals and/or companies have access to the credit card and other financial information 40 , medical information 42 , job application information 44 and tax information 46 . Additionally, the individual may specify that no one have access to that information unless the individual participates in the transaction (see FIG. 6 ).
- the USR software 18 contains algorithms for execution by the CPU 16 that enables the CPU 16 to perform the methods and functions of the USR software described below in connection with FIGS. 5-16 .
- the USR software 18 in this embodiment, performs all functions associated with validating an electronic ID card. If desired, a separate validation software module may be provided to validate electronic ID devices outside of a firewall segregating the validation information from other user information.
- This algorithm comprising the USR software 18 may be used to implement, in one exemplary embodiment, a USR system configured to enable selected information to be disseminated to selected individuals in a secure and dynamic fashion. This information may be used for numerous purposes, several of which are set forth below and discussed in greater detail in connection with FIGS. 5-16 .
- the USR system may be used to identify the person, enable the person to be contacted by telephone or mail anonymously, enable the person to be contacted by telephone or by mail without revealing the person's telephone number or present location, enable the person to purchase items over the Internet or in a store without revealing to the merchant any personal identification information or credit card information, enable the person to complete a job application without completing a job application form, enable the police to discern the person's identity and any outstanding warrants on the individual, and numerous other uses.
- the invention is not limited to these several enumerated uses, but rather extends to any use of the USR database. The methods of using the USR database 24 will now be discussed in connection with FIGS. 5-16 .
- FIG. 5 illustrates a method of training the USR database 24 .
- the USR software 18 first validates the person's identification ( 500 ).
- the initial validation of the person's identification ( 500 ) may take place at the point of sale of an electronic ID device (for example, a smart card). This may be done in any conventional manner, such as by requiring the person to show a government issued identification card, passport, birth certificate, etc.
- an electronic ID device for example, a smart card
- the USR software 18 determines if the person has rights to enter data into the system ( 502 ). This step enables the system to charge persons for maintaining information in the USR database 24 .
- the USR software 18 may poll a database of current accounts or a database of accounts that are currently in default to determine if the person has paid the access fee to enter data into the database.
- a similar account status inquiry process may be performed by the USR software 18 in connection with each of the other methods set forth in FIGS. 6-16 . If the person is not authorized to enter data into the USR database 24 , the person is notified of the status of their account and the process returns ( 512 ) to wait for further input from another person. Alternatively, a person may be permitted to enter some classes of data into the system and update such classes of data at no charge, with a fee possibly being required for other classes of data, for example medical records. This would facilitate a more robust database.
- the USR software 18 then enables the person to enter basic personal data into the USR database 24 ( 504 ).
- personal data may be one class of data the USR software 18 allows the person to enter into the USR database 18 regardless of account status, i.e., for free.
- the USR software 18 will then check to see if the person has additional rights to enter additional data ( 506 ), such as data to be entered into one of the other categories of data in FIG. 3 .
- additional data such as data to be entered into one of the other categories of data in FIG. 3 .
- this step of checking the person's rights to enter data ( 506 ) may be combined with the initial check ( 502 ). If the person does not have rights to enter any further data, the USR software 18 notifies the user and returns ( 512 ).
- the USR software 18 determines that the person has the right to enter additional data into the USR database 24 , the person is prompted through the use of appropriate prompts, provided with forms, and otherwise enabled to enter advanced personal data into the USR database 24 ( 508 ). For each type of data entered, the person is asked to specify the type of access restrictions and/or whom should be allowed to access the advanced personal data ( 510 ). When the person has completed entering data into the database, the process returns ( 512 ) and commits the data to the database.
- the database may perform an integrity check to ensure the absence of conflict in the data before committing the new data to the database.
- the database will generally allow anyone to access basic personal data on anyone without performing any authorization check ( 600 ).
- the USR software 18 queries whether the requestor has the right to access the type of requested data ( 602 ).
- the process of determining the requestor's rights ( 602 ) typically involves validating the requestor's identity and correlating the identity, the requested information and the access information 34 provided by the person to the USR database during the training process described above with respect to FIG. 5 .
- the USR software 18 determines that the requestor has rights to access the type of requested data ( 604 )
- the USR software 18 instructs the USR database 24 to enable access to the type of requested data ( 606 ).
- the actual step of enabling access to the type of requested data may involve multiple steps of formulating a database query, querying the USR database 24 , retrieving the results, assembling the results into a user friendly or user readable format, and transmitting the information to the user.
- the USR software 18 determines that the requestor does not have the appropriate rights to access the type of requested data ( 604 ). If the USR software 18 determines that the requestor does not have the appropriate rights to access the type of requested data ( 604 ), the USR software 18 checks to see if the person is participating in the transaction ( 608 ). Checking to see if the person is participating in the transaction enables the user to authorize access to the requested data in real time. For example, a person may wish to participate in a transaction to give a potential employer one-time access to job application information 44 (see FIG. 3 ). If the person is not participating in the transaction, the USR software 18 determines that the requestor is not authorized to have access to the requested data, notifies the requestor of this determination, and ends ( 610 ).
- the USR software 18 validates the person's identity ( 612 ) and enables the person to change access rights to the data ( 614 ). If the USR software 18 is not able to validate the person's identity, the USR software 18 refuses to allow the person to update the database, notifies the person and/or requestor of this determination, and returns ( 610 ).
- a person may be required to grant access to certain data, for example financial data such as account numbers, under duress.
- the system may provide the person with the ability to safely signal this when accessing the system by using a selected access code or by making a known modification to the access code provided by the electronic ID device. On receiving such code, the system would take appropriate steps to protect the person, including for example alerting the police, tracking the person's location to the extent possible, providing traceable data, and the like.
- step 616 may seem redundant, given the fact that the person is participating in the transaction and has just previously changed access rights to the database to enable the requestor to have access to the data, step 616 is actually useful at preventing a different type of fraud. Specifically, the requestor may not be forthright with the person regarding the type of information they are requesting. If step 616 were omitted, the USR software 18 may inadvertently allow access to an unauthorized type of information in the situation where the requestor has surreptitiously requested multiple types of data.
- the USR software 18 determines that the requestor has rights to the type of data requested ( 616 ), it causes the USR database to enable access to the type of requested data ( 606 ). Otherwise, it notifies the requestor of the decision to deny access to the requested data and returns ( 610 ).
- FIG. 7 illustrates one embodiment of a method of using the USR software 18 and USR database 24 to purchase goods or services from a merchant without revealing to the merchant account information relating to the person's bank or credit card.
- a user initiates a purchase ( 700 )
- the user enters a secret code in the user's electronic ID device ( 702 ) to cause the ID device to generate a onetime code or other appropriate code, and presents the electronic ID device with the code to the merchant or otherwise presents the code to the merchant.
- the merchant transmits to the credit card company (1) the code from the electronic ID device, (2) the store number, (3) the amount of the purchase ( 704 ), and the time of receipt of the code.
- the credit card company takes this information and passes the code from the electronic ID device to the USR software 18 ( 706 ).
- the USR software 18 determines if the code is valid, or was valid at the time offered, and if valid accesses the user's credit card information and transmits the appropriate credit card number to the credit card company ( 708 ). While the link between the USR system and the credit card system is a secure link, there is always a danger that the link may be penetrated and credit card numbers obtained. This may be avoided by instead transmitting, on approval, a multidigit public ID code for the credit card holder which the credit card company can map to the correct credit card number. Even if the link is violated, the public ID code is of no value and the secure link prevents this code from being improperly sent to the credit card company.
- the credit card company checks the credit worthiness of the user and declines the card or debits the user's account in accordance with its standard transaction processing system ( 710 ). The credit card company then notifies the merchant of the result of the transaction ( 712 ). In this embodiment, the user has been able to purchase goods or services from a merchant without ever providing to the merchant the credit card number. Since the electronic ID device generates a time variant code or otherwise generates a code that can for example only be used for a single transaction, the merchant retains no information from the transaction that may be fraudulently used in subsequent transactions.
- FIG. 8 Another embodiment of a system for facilitating purchase of goods or services without providing financial information to the merchant is set forth in FIG. 8 .
- the user initiates a purchase ( 800 ), enters a secret code in the electronic ID device ( 802 ) and presents the resultant code to the merchant.
- the merchant transmits to the USR software 18 , (1) the code from the electronic ID, (2) the store number, and (3) the amount of the purchase ( 804 ).
- the USR software 18 determines if the code is valid ( 806 ) and, if valid, accesses from the USR database 24 the user's credit card information ( 808 ).
- the USR software then transmits to the credit card company (1) the credit card number, (2) the store number, and (3) the amount of purchase ( 808 ).
- the information in this embodiment transmitted to the credit card company is intended to be in a format recognizable to the credit card company. Accordingly, the invention is not limited to transferring from the USR system 10 to the credit card company the enumerated information, but rather encompasses any transfer of information that will enable the use of the USR system 10 to appear transparent to the credit card company.
- the credit card company then processes the transaction in a standard fashion, such as by checking the credit worthiness of the person, declining the card or debiting the user's account and transferring money to the merchant's account ( 810 ).
- the credit card company then notifies the USR system 10 the result of the transaction ( 812 ) and the USR software 18 in turn notifies the merchant of the result of the transaction ( 814 ).
- the user can use the USR system 10 to purchase goods or services from a merchant without providing the merchant with the user's credit card number.
- the interposition of the USR system 10 between the merchant and the credit card company is transparent to the credit card company and thus requires no or minimal cooperation from the credit card company to implement.
- FIG. 9 illustrates one embodiment of a method of using the USR system 10 to verify funds when using a check to purchase goods or services from a merchant.
- the user initiates a purchase and writes a check to the merchant ( 900 ).
- the check may be a conventional check containing identifying information, or may be a check bearing a unique serial number and no identifying information to enable the check to be used anonymously.
- the user enters a secret code into the electronic ID card and presents the resulting code to the merchant along with the check ( 902 ).
- the merchant transmits to the USR software 18 (1) the code from the electronic ID card, (2) the store number, and (3) the amount of the purchase ( 904 ).
- the check is an anonymous check, the merchant also transmits to the USR software 18 the check number.
- the USR software 18 determines if the code from the electronic ID is valid ( 906 ), and if valid accesses the user's bank information and transmits to the bank: (1) the user's bank account number, (2) the store number, and (3) the amount of the purchase ( 908 ). Optionally, the USR software 18 may additionally inform the bank of the check number.
- the bank polls its own database to determine if there are sufficient funds in the user's account ( 910 ) and notifies the USR software 18 of the result ( 912 ).
- the USR software 18 then, in turn, notifies the merchant of the result of the verification ( 914 ).
- This check verification system may take place over an unsecured connection between the merchant and the USR system 10 since the user's bank account information is not sent over the connection between the merchant and the USR system 10 . Moreover, where an anonymous check is used, the merchant is not even provided with the person's name or account information in written form. This provides additional security against unauthorized persons writing subsequent checks.
- the check verification system may be conducted over a telephone network, such as by having the merchant call a toll free number or over a network connection such as over the Internet.
- FIG. 10 illustrates a method of conducting a transaction with a merchant without requiring the user to provide to the merchant the user's name, address, or other identifying information, while enabling the merchant to ship the goods to the user.
- This may be beneficially employed, for example, in connection with transactions that take place between remote parties in a networked environment, such as the Internet.
- the user initiates an anonymous purchase by entering a secret code into the electronic ID device and transmitting the result to the on-line merchant ( 1000 ).
- the merchant transmits this information to the USR software 18 , along with the store number and the amount of the purchase ( 1002 ).
- the merchant may provide the store number and purchase price to the user and the user may send this information directly to the USR software 18 along with the code from the electronic ID.
- the number from the electronic ID device is a time varying number
- the merchant may also need to input the time the number was received.
- the electronic ID device may encode or encrypt the time with the number, the USR software being able to extract time when receiving the number from the merchant. This may not be required where the time varying number varies slowly, for example changing every hour rather than every minute as with some devices.
- the USR software 18 determines if the code is valid ( 1004 ) and, if valid, accesses the user's credit card information from the USR database 24 ( 1006 ). The USR software 18 then contacts the user's credit card company, as described above in connection with FIG. 8 ( 1008 ) and notifies the USR software 18 of the result ( 1010 ).
- the USR software 18 If the user's credit is declined, the USR software 18 notifies the on-line merchant and the transaction is terminated ( 1012 ). If the user's credit is honored, the USR software 18 polls the USR database 24 for the user's address and/or address code ( 1014 ). Address codes are discussed below in greater detail with reference to FIG. 11 . The merchant then packages the goods into a parcel, labels the parcel with the appropriate address and/or address code and ships the parcel to the user ( 1016 ). Having the USR system 10 provide the address and/or address code to the on-line merchant enables the user to purchase items in a networked environment without requiring the user to input address information in connection with every sale.
- FIG. 11 illustrates a use of the USR database 24 to deliver mail to a user without requiring the user to provide address information to the sender.
- This may be useful in many contexts.
- the user may wish that the address information be known only by the post office.
- using the USR database 24 according to the method of the invention described below will enable the user to receive parcels without requiring the user to provide the merchant with the address information.
- the user's address may change, temporarily, permanently, or frequently. Enabling the sender to send mail by entering a code instead of an address enables the post office to effectively deliver the coded mail to the corresponding address regardless of the frequency with which the address changes or the duration in which the address will remain valid.
- the user provides an address code on a public area of the USR database 24 that is available to all persons to see ( 1100 ).
- This code may for example be six alpha characters, which should be adequate for currently anticipated system populations.
- the user may provide this code directly to a merchant or other person desirous of sending the person one or more parcels.
- the user also provides address information to the address information area 38 of the user's entry in the USR database 24 ( 1102 ). Access to the address information 38 is restricted by a rule or other appropriate entry in the access information 34 of the user's entry to only permit mail, parcel or other material delivery services, such as the US mail, UPS and Fed Ex to access the address information.
- the sender retrieves the user's address code from the USR database 24 or otherwise receives the address code from the user, and prints the address code on the parcel ( 1104 ).
- the delivery service accesses the USR software 18 , validates its identity, and queries the USR database 24 for address information corresponding to the address code ( 1106 ).
- the USR database 24 retrieves the appropriate address data and provides the address information to the delivery service.
- the delivery service then either prints out an address label, prints a machine readable bar code to be attached to the package, or correlates an entry in a delivery database between the address code and the user address ( 1110 ).
- the delivery service uses this retrieved information to deliver the package to the user while never supplying the merchant with the user's permanent or temporary address.
- a user may also assure that mail, parcels, etc. are delivered to a current location by providing only a single notice to the USR system, regardless of how frequently the person moves.
- the person can also automatically provide for address changes where the person moves according to a known schedule.
- deliveries to be made on a weekday could be directed to one address and deliveries on a weekend to another address; or deliveries during winter months to one address and during summer months to a different address.
- FIG. 12 illustrates a method of enabling a person to telephone a user of the USR system 10 without providing the user's telephone number to the person.
- the user provides a telephone code on the publicly available area of his entry on the USR database 24 ( 1200 ). This code may be assigned by the USR software 18 or made up by the user.
- the user also provides the USR database 24 with actual telephone information to enable the USR system 10 to connect callers with the user ( 1202 ).
- the person wishing to telephone the user of the USR system 10 calls a telephone number and enters the telephone code of the user ( 1204 ).
- the USR software 18 may require the person to identify themselves to see if they are authorized to call the user. Assuming that the person is authorized to call the person, or if no authorization check is performed, the USR connects the person to the telephone number in the USR database 24 without providing the person with the telephone number.
- Enabling the user to specify the telephone number may be advantageous for many reasons.
- the user may frequently be switching between telephone coverage areas and may wish to be reachable at all times.
- Simply by instructing the USR database 24 to connect incoming telephone calls to one of a myriad of numbers will facilitate connecting the incoming calls to, for example, the user's cell phone, work phone, pager, car phone or home phone, without necessitating the user to provide all these numbers to the caller.
- a similar system may be implemented for facsimile transmissions, e-mails or other communications.
- the user also may have predefined rules to enable telephone calls to follow a set pattern. For example, the user may desire to receive telephone calls only from family members during the night time at home, may wish to have all incoming calls routed to a car phone during commuting hours, and may wish to have all incoming calls routed to a cell phone during lunch.
- time dependent rules may and/or caller specific rules may be entered into the USR database to specify accessibility and connectivity of incoming telephone calls.
- the publicly available address code and telephone code and any other codes may be the same, or may be different, there being some advantages to having a single code usable for all such applications for each person on the system.
- the codes could be accessible through a variety of media including telephone and the Internet. Where two or more people on the system have the same name, which will frequently be the case, additional publicly available biographical data may be provided with the name to assure that the right code is selected.
- the system may similarly be used to provide public keys for use in a public key/private key encryption system, to provide other public codes for an individual or to provide other public information. Access to such information would typically be unrestricted.
- the public code used to obtain the key, or possibly the public key itself may be used as above to obtain the e-mail address, telephone number or the like for the person to whom the message is being sent, and the USR system may also be used to perform the encryption.
- the recipient receives the message, he deencrypts it using the recipient's private key in standard fashion, including deencrypting the name of the sender. However, this does not necessarily verify the sender and such verification may be desirable for important messages, particularly ones involving large financial transactions.
- the USR system may accomplish such verification by also storing private keys for people in the system.
- the sender first authenticates himself to the system, and the system then adds a second signature to the message which is encrypted with the sender's private key.
- the receiving party deencrypts this signature with the sender's public key. Since the system only sends such signatures for authenticated users, the message is thus verified.
- FIG. 13 illustrates a general method of using the USR database 24 to authenticate a user's identification. This may be used in connection with any of the other methods disclosed herein to ensure that the electronic ID device has not been stolen and/or hacked by an unauthorized holder.
- the user attempts to prove identification to a validator, such as to prove that the possessor of the electronic ID device is of sufficient age to purchase alcohol ( 1300 ).
- a validator such as to prove that the possessor of the electronic ID device is of sufficient age to purchase alcohol ( 1300 ).
- the user enters a secret code into the electronic ID ( 1302 ).
- the validator transmits to the USR software 18 the code from the electronic ID ( 1304 ). If the USR software 18 determines that the code is valid ( 1306 ), it accesses the user's photograph, age information, or any other desired information, and transmits that information to the validator ( 1308 ).
- the validator can ensure that the person using the electronic ID card is the proper person. Likewise, the validator can ensure, based on the information provided by the USR system 10 , that the person is as old as the person claims to be.
- FIG. 14 A specific embodiment of this identification validation procedure is illustrated in FIG. 14 .
- a policeman takes the place of the validator.
- the policeman may also receive additional information, such as the user's police records, records of any arrests, outstanding warrants, and other similar information that may be of use to the policeman when determining how to handle a particular individual.
- FIG. 15 illustrates a process for enabling the user to provide specific information to a party, such as medical staff in an emergency room.
- a party such as medical staff in an emergency room.
- the user if the user desires to provide information to a party ( 1500 ), the user enters a secret code in the electronic ID device and provides the electronic ID code to the party ( 1502 ).
- the party transmits to the USR software 18 the ID code and the party code ( 1504 ).
- the party code may be a code from for example an electronic device which identifies the party, may be a status code which identifies the class of users to which the party belongs, for example policeman, emergency room personnel, doctor, etc. or may be a combination of both, the status code for example being encrypted into the ID code.
- the USR software 18 determines if the code is valid ( 1506 ), accesses the user's information in the USR database 24 and transmits available information to the party ( 1508 ).
- the user may be provided with a plurality of different codes to enter into the electronic ID device depending on the type of information to be released to the party.
- the user's basic code may be 1234.
- Using multiple codes eliminates any ambiguity about the authority provided by the user to the party, but requires the user to remember additional information.
- the user may not be in a position to provide the ID code, but would still want medical records provided.
- the release authorization for certain portions of the user's database could therefore specify that the information be released to certain class or classes of individuals and the USR system would release such information to individuals or organizations based only on status code.
- the status code of an emergency room could alone trigger release of medical data.
- FIG. 16 illustrates one embodiment of a method of using the USR database 24 to complete a standard application, such as a job application or an application to rent an apartment.
- This embodiment is a specific example of the more generic method of enabling a party to retrieve information discussed above with respect to FIG. 15 .
- the party may be provided with the opportunity to provide a form to the USR software 18 , the fields of which may be automatically completed with information from the job application information section of the USR database 24 .
- a user may also authorize an organization for which a form has been completed using the USR system to receive updates, either in response to a request from the organization or at selected intervals, for example once a year, so as to maintain information in the forms current. Since the user will be providing information to the system on a regular basis, this is a relatively easy and painless way for the user to maintain current information with many organizations the user deals with.
- Another potential use of the system is to permit a person to be located where only limited biographical information on the person is known.
- Users of the USR system wishing to participate in this feature could be cued to provide non-confidential biographical data when they come on the system or at any time thereafter when they decide to participate. They can also indicate whether they wish their name given out in response to such an inquiry or to merely be alerted to an inquiry which might involve them and information on the requester.
- a person seeking to find another person or group of people can input appropriate biographical data, for example members of 1975 Harvard University hockey team, or information of a person's last known address plus school information, etc.
- the system will then provide a list of persons who meet the listed criteria from which the person making the inquiry can hopefully find the person they are looking for.
- the person when a person is located, the person may request that only the person's address code or general access code (i.e. a single code which is used to get current address, telephone, e-mail, etc. information) be provided when the person is located. This can further protect the individual from undesired contacts.
- the person's address code or general access code i.e. a single code which is used to get current address, telephone, e-mail, etc. information
- FIGS. 13-16 refer to the entry of a secret code for validation by the USR system
- the processes illustrated for each of FIGS. 13-16 may include a challenge-response protocol by which the user's identity is authenticated.
- FIG. 17 illustrates another embodiment of the invention.
- the USR system 10 may be used to secure expensive personal equipment, such as stereos, televisions, laptop computers, cellular telephones, cars, boats, and other items of value to a person.
- each item to be secured using the USR system is provided with a USR timer chip imbedded in the electronics. If the USR timer chip is not provided with a code within a predefined period of time, for example every 30 days, the equipment is deactivated.
- a television, mobile phone, laptop computer, automobile, heavy equipment, weapon or facility may be provided with a security chip having an internal timer that must be reset before expiration by provision of a particular code.
- the timer When reset does not occur, the timer will disable the electronic device or other device using any one of a number of known disablement methods.
- Exemplary codes may be transmitted in the same manner as beeper signals are conventionally transmitted or may be transmitted to wired devices over the Internet or other public network.
- the USR system 10 may be advantageously employed to automatically provide the secured property with the necessary codes at appropriate intervals, unless instructed by the user of the USR system 10 to cease doing so. Alternatively, the USR system 10 may require participation by the user prior to sending out the activation codes.
- the user may provide to the USR system 10 , information indicative of the codes to be transmitted, timing information, and automation information—i.e., whether the codes should be sent automatically or should require user intervention.
- the USR system 10 may notify the user of the upcoming deadline via e-mail or another method.
- This system may be useful to secure sensitive equipment other than personal equipment as well, such as military equipment, public equipment, school equipment and any other equipment that is subject to theft.
- FIG. 18A illustrates another embodiment of the invention that can provide a centralized system to control access to a plurality of secure networks.
- a system 1800 may employ the USR 10 to control access to a plurality of secure systems 1804 (e.g., a plurality of secure computer networks).
- the system 1800 may include one or more access devices 1802 that can be employed by a user to access a secure computer network included in the plurality of secure systems.
- the system 1800 may be employed to protect other secure systems such as secure communication networks and/or other resources that are accessed electronically.
- the system 1800 includes a first communication link 1801 that provides a communication path between the access device 1802 and the USR 10 , and a second communication link 1803 that provides a communication path between the USR 10 and the plurality of secure system 1804 .
- each of the first communication link 1801 and the second communication link 1803 are wide area networks, for example, the Internet.
- Each of the secure systems 1804 can be associated with an organization.
- An organization is any entity that employs a secure (e.g., restricted access) host system to provide resources to a plurality of users.
- a secure host system e.g., restricted access
- an organization may be a corporation (including a non-profit corporation), partnership, other business entity, an affiliation or individual that employs a secure host system to provide resources to a plurality of authorized users.
- an organization is not restricted to any particular size, for example, as measured by the number of members or employees.
- each of the secure systems No. 1, No. 2, No. 3, etc. may be associated with a different organization and the USR 10 may control access to each of the secure systems. That is, the USR 10 can provide access control for a plurality of secure computer networks each associated with a different and unrelated organization. Further, each of the secure computer networks may have a different plurality of users who are authorized to access the network.
- the access device may include any of a desktop computer, a laptop computer, and a handheld computer (e.g., a PDA, call phone and the like). Further, as shown in phantom, a plurality of access devices may communicate with the USR 10 . Where a web-based system is employed, for example, each of a plurality of computers connected to the Internet may be individually employed as a separate access device to communicate (e.g., independently communicate) with the USR 10 to gain access to one or more of the secure systems 1804 .
- the access device 1802 may be a computer employed with a client-server network.
- the user initiates an access request for a secure system 1804 selected by the user. That is, the user may supply authentication information and a computer network ID to the USR.
- the authentication information and the computer network ID are processed by the USR to authenticate the user and determine whether the user is authorized to access the secure system 1804 that is identified by the computer network ID.
- the USR then routes communications between the user and the secure system provided that the user authentication is successfully completed.
- the USR 10 connects the access device 1802 to one of the secure systems 1804 via a communication path that does not include the USR 10 .
- the USR 10 connects the access device 1802 to one of the secure system 1804 via a communication path that does include the USR.
- a system 1810 employs a USR 10 to control access to a secure system (e.g., a secure computer network) according to another embodiment.
- the system 1810 includes the USR 10 , an access device 1802 , and a plurality of secure system 1804 .
- the user selects from the plurality of secure systems 1804 a secure system that the user would like to access.
- the access device 1802 With the access device 1802 , the user communicates authentication information directly to the selected secure system 1804 , e.g., without gaining access to the system.
- the secure system then communicates the authentication information and/or information corresponding to the authentication information to the USR 10 .
- the USR 10 processes the information received from the secure system and then communicates an indication of whether the authentication information corresponds to one of the plurality of users authorized to access the secure system.
- the secure system grants or denies access to the secure system (and the associated resources) based on the indication received from the USR 10 .
- the USR 10 can provide a centralized access control system (e.g., an authentication system) for a plurality of secure systems 1804 that are associated with independent organizations that may have no affiliation with one another.
- a first organization may be associated with (have resources located on and/or accessed by) the secure system no. 1
- a second organization may be associated with the secure system no. 2, and so on.
- a single organization may also be associated with a plurality of the secure systems 1804 .
- the USR 10 provides access control to a plurality of secure systems for a single organization.
- the systems 1800 and 1810 allow an organization to operate a secure system without hosting the authentication system software or at least without the need to host a substantial part of authentication system software.
- software upgrades/maintenance can be implemented at the USR 10 (e.g., centrally) for the plurality of secure systems 1804 and specialized authentication software is not required at the access device.
- specialized authentication software is also not required at the secure system.
- the USR 10 provides a web-based system in which the user employs a web-browser when communicating with the USR 10 and the secure system.
- the USR 10 can also provide centralized administration and management for the plurality of secure systems 1804 .
- the centralized administration can include routine tasks such as adding or removing authorized users for each of the plurality of secure systems 1804 , for example, based on the hiring or resignation, respectively, of an employee. Additional administrative functions such as maintaining a secure database of private keys associated with each user, generating time varying codes, maintaining encryption software, maintaining audit trails and other functions may also be accomplished in a centralized fashion with the USR 10 for a plurality of organizations.
- the USR 10 develops an audit trail by monitoring the communication path to capture information concerning the use of the secure system.
- the USR 10 may collect and store information concerning the length of time during which the access device remains connected to the secure system, the type of resources accessed by the user, the type of data transmitted (including the identification of specific documents) during a login period and the volume of data transmitted.
- the USR continuously monitors the communication between a plurality of access devices 1802 and a secure computer network and collects information to generate an audit trail for each device.
- the USR does not continuously monitor communications. Instead, the secure computer network intermittently (e.g., periodically) transmits audit information to the USR 10 where the audit information may concern one or a plurality of users connected to the network during a specific time period.
- the USR 10 may be located in an ultra-secure facility that employs heightened security relative to the security provided by the organizations that it serves.
- the physical facility where the USR is located may meet requirements generally associated with critical military installations.
- the USR 10 may be housed in a facility that is hardened against radiation, shielded against electromagnetic interference, and/or protected against earthquakes, hurricanes, etc. to allow operation of the USR during times of general emergency.
- the personnel and hiring policies of the facility operating the USR 10 may also be more secure relative to the security measures taken by the organizations associated with the secure systems 1804 . That is, the individuals operating the USR 10 may undergo more rigorous background checks that include a detailed investigation of their personal and employment histories.
- the centralized approach described above can provide increased security because the administration of the access control system (e.g., authentication software) is in the hands of a highly trusted third party who has taken heightened security measures regarding the hiring of the administrative personnel, in particular, the personnel who have access to authentication data (e.g., private encryption keys, etc.).
- the access control system e.g., authentication software
- the USR 10 may be geographically remote from the secure systems.
- a user employs the access device 1802 to connect to more than one of the plurality of secure systems 1804 .
- the user is independently authorized to access separate secure systems 1804 associated with independent organizations.
- the user is authorized to access separate secure systems 1804 each associated with the same organization. In either situation, the user may employ one or more of the authentication procedures described herein before being allowed access to any one of the secure systems 1804 .
- an entity initiates an access request.
- the access request will be initiated when the user or entity inputs information into an access device such as a computer.
- the entity supplies authentication information and a computer network ID to the USR (e.g., the information is electronically transmitted from the access device to the USR).
- the information is transmitted via the Internet from the access device to the USR.
- the USR receives the access request which includes the authentication information and the computer network ID.
- the USR determines whether the authentication information is valid for a user.
- the USR includes a database containing selected data of a plurality of users authorized to access a secure computer network, and may compare the authentication information supplied by the entity with authentication information included in the database to determine whether the authentication information corresponds or is valid for a user. If the authentication information is valid, the process 1900 moves to stage 1910 where the USR determines whether the entity is authorized to access the computer network identified by the computer network ID. If the entity is authorized to access the computer network then the USR may allow communication between the entity and the secure computer network at stage 1912 . As previously indicated, the USR may route communications between the entity and the secure computer network and remain in the communication path employed by the access device to communicate with the secure computer network. Alternatively, the USR may simply provide a connection between the access device and the secure computer network where the communication path provided by the connection does not involve the USR.
- stage 1908 if the authentication information supplied by the entity is not valid for any of the plurality of users then the process 1900 moves to stage 1914 where an indication is provided to the entity that access is denied. Similarly, if at stage 1910 the entity is not authorized to access the computer network identified by the computer network ID, an indication is provided that the entity is denied access at stage 1914 . In various embodiments, the entity may be allowed additional opportunities to successfully access the system.
- FIG. 20 a process 2000 for controlling access to a secure computer network is illustrated in accordance with one embodiment.
- the process 2000 is employed with the system 1810 illustrated in FIG. 18B .
- the entity initiates an access request at stage 2002 .
- the access request can be initiated using an access device and each secure computer network may communicate with a plurality of access devices.
- the entity supplies authentication information to the secure computer network, for example, by entering the information in a web browser and transmitting the authentication information over the Internet to the secure computer network.
- the secure computer network receives the authentication information.
- the secure computer network communicates authentication information to the USR (or information corresponding to the authentication information) to allow the USR to authenticate the access request.
- the USR validates the authentication information to determine whether the entity is authorized to access the secure system, and at stage 2014 , the secure system receives an indication from the USR concerning whether the entity is authorized to access the system. In one embodiment, the indication is transmitted from the USR to the secure system via the Internet. At stage 2016 , the secure system grants or denies the entity access to the secure system based on the indication received from the USR.
- the processes 1900 and 2000 can be accomplished in a variety of stages that may include any of the stages described above in various combinations and sequences including one or more of the stages described above in combination with one or more additional stages.
- an electronic device e.g., a keypad, a card reader, a biometric scanner, etc.
- a secure area e.g., a door, a gate, etc.
- the entity initiates the request using the electronic device.
- the physical facility includes all or a portion of the secure computer network.
- the secure system receives an indication of whether an entity is authorized to access a physical facility.
- the secure system communicates authentication information to the USR.
- the USR validates the authentication information and communicates an indication of whether the entity is authorized to access the physical facility.
- the secure system receives the indication and grants or denies the entity access to the physical facility.
- Each of the embodiments described with reference to any FIGS. 18-20 may include a challenge-response protocol, for example, to authenticate the identity of the entity and/or the USR system to the other.
- FIG. 21 illustrates an embodiment of a system 2100 for validating the identity of an individual or an entity.
- the system includes a first wireless device 2110 and a second wireless device 2112 .
- the first wireless device 2110 comprises a first wireless transmitter and receiver 2114 , a first processor 2116 and a first memory 2118 .
- the second wireless device 2112 comprises a second wireless transmitter and receiver 2120 , a second processor 2122 and a second memory 2124 .
- the first wireless device and the second wireless device are configured to wirelessly communicate with each other so that the entity associated with the first wireless device can communicate his identity to the entity associated with the second wireless device.
- first wireless transmitter and the second wireless transmitter can be configured to communicate by any form of a wireless signal such as low power Bluetooth signal, infrared signals, RF signals and electromagnetic signals in general.
- a wireless signal such as low power Bluetooth signal, infrared signals, RF signals and electromagnetic signals in general.
- the first wireless device and the second wireless device communicate via near field signal.
- the first wireless device can also comprise user interface 2126 that allows the first entity to interact with the first wireless device and can also comprise a display, such as a LCD display, 2118 that allows the first entity to further interact with the first wireless device.
- the first wireless device can be configured so that the first entity must enter a PIN identification number, for example, via the user interface to gain access to the wireless device.
- the first wireless device may comprise a biometric sensor or detector 2130 that enable the first entity to present biometric data to the first wireless device to gain access to the first wireless device.
- the biometric sensor can be configured to detect a fingerprint of the first entity.
- the memory 2128 also comprises stored biometric data of the first entity, which is compared, for example, by the processor 2116 with the detected biometric data to determine whether the first entity is enabled or should be disabled from using the first wireless device.
- biometric data need not be fingerprint data and can be any biometric data known to those of skill in the art
- biometric sensor need not be a fingerprint sensor and can be any biometric sensor known to those of skill in the art.
- the second wireless device 2112 can also be configured as discussed above with respect to the first wireless device, namely with any or all of a user interface 2132 , a display 2134 and a biometric sensor 2136 and can be configured to require any and/or all of a second entity to provide a PIN number, or the second wireless device to match biometric information of the second entity with stored biometric information to enable or disable the second entity to gain access to the second wireless device.
- Each of the first wireless device 2110 and the second wireless device 2112 comprise a power source or a power source interface 2138 , 2140 that can be coupled to a power source that provides power to respective devices.
- the power source can be any power source, such as, alkaline batteries, rechargeable batteries, proprietary power sources, and interfaces to power sources such as standard 120 VAC, or an AC to DC conversion device, as well as any other type of power source known to those of skilled in the art.
- each of the first wireless device 2110 and the second wireless device 2112 can also comprise an additional wireless transmitter and receiver device 2142 , 2144 , respectively, which enable each of these devices to communicate wirelessly via other wireless communication systems such as, via any cell phone standard, via satellite communications, over wireless area networks, local area networks, wide area networks, as well as any other wireless communication standard know to those of skill in the art.
- either or both of the first wireless device 2110 and the second wireless device 2112 can be configured to communicate with a secure database 2146 , as will be discussed in further detail herein.
- either of the first or second wireless devices may communicate with the secure database on a periodic basis to update its corresponding data, or to stay alive as will be discussed herein, or to retrieve information in the secure database that is used in the communication protocol between the first and second wireless devices to verify the identity of at least the first entity.
- communication with a secure database can be, for example, via the additional respective wireless transmitters and receivers 2142 , 2144 of the first and second wireless devices, or can be via a network interface 2152 , 2154 of the respective devices, that communicate with a network 2148 and to the secure database 2146 .
- FIG. 22 there is illustrated one embodiment of an overall communication process that occurs with the system 2100 of FIG. 21 .
- the process is effected by the system of FIG. 1 so as to identify and authenticate the identity of the first user associated with the first wireless device 2110 to the second user associated with the second wireless device 2112 .
- the communication protocol 200 illustrated in FIG. 22 is one embodiment of a protocol that enables secure authentication of the first user of the wireless device 2110 .
- the first user of the first wireless device 2110 first authenticates his or herself to the wireless device 2110 , for example as has been discussed above, by either entering a PIN via the user interface 2126 of the first wireless device or by interacting with the biometric sensor of the first wireless device at step 202 .
- a challenge-response protocol is employed in which the first user supplies information (a biometric, a PIN or other information) to authenticate his or herself to the wireless device 2110 . If the user of the device does not enter the correct PIN number or does not match the biometric data stored in memory 2118 of the first authorized user of the device, then the device at a minimum shuts down at step 204 .
- the device 2110 can also be configured to automatically delete any portion of or all of the data stored in memory 2118 at step 206 .
- the first wireless device can be configured to periodically communicate with the secure database 2146 to remain alive, for example, after the first user of the first device authenticates itself to the first device. If the first device does not communicate with the secure database at such periodic intervals at step 208 , then the first device can be configured to delete any or a portion of the data stored in memory at step 206 .
- the communication protocol also comprises a second user of the second device to authenticate his or herself to the second device at step 210 .
- the authentication by the second device of the second user by any of the mechanisms discussed herein and above with respect to the first wireless device, including entering a PIN number to the user interface 2132 of the second wireless device or by interacting with the biometric sensor 2136 of the second wireless device.
- the second wireless device will at a minimum shut itself down at step 212 .
- the second wireless device can be configured to automatically delete a portion of or all of the data stored in the memory 2124 of the second wireless device, should such authentication not be successful at step 214 .
- the second wireless device can also be configured at step 216 to communicate with the secure database 2146 within defined periods of time, or even a periodic interval once the second user authenticates himself to the second wireless device, and to delete a portion of or all of the data in memory 2124 should such periodic communication not occur.
- a communication protocol is initiated between the first wireless device 2110 and the second wireless device 2112 at step 218 . If the communication protocol is not a valid communication protocol between the devices, the devices wait until there is a valid communication protocol. If the communication protocol is a valid protocol ( 218 yes), then the first wireless device transmits a first wireless signal containing encrypted authentication information of the first user to the second wireless device 2112 at step 220 . The details of the communication protocol and the encrypted authentication information will be discussed further herein.
- the second wireless device 2112 receives the first wireless signal and processes the wireless signal to determine the identity of the first user.
- the authentication of the first user includes displaying a picture of the first user to the second user on the display 2134 of the second wireless device as a result of the communication from the first wireless device to the second wireless device.
- the user of the second wireless device can view the picture on the display and ascertain whether the first user of the first wireless device is who he or she purports to be.
- the second wireless device need not be a device that requires a user to interact with it and can be, for example, an unmanned detection system that receives the first encrypted authentication information and determines from the first authenticated encrypted information whether the first user is authorized to gain access to a secured place, a secure network, or a secure computer, to do whatever the first person is seeking to do. If the first user is not who they purport to be, the communication process goes back to look for a valid communication protocol. In addition, the process allows the second user or the system associated with the second wireless device to take an appropriate action such as denying access to the secure site at step 224 .
- the communication process allows for the second wireless device to transmit a second wireless signal comprising encrypted authentication information of the second user to the first wireless device at step 226 .
- the communication protocol and the first wireless device are configured to authenticate the identity of the second user to the first user at step 228 . It is to be appreciated that the authentication of the second user to the first user can be in any of the manners discussed above with respect to the authentication of the first user of the first device, such as by viewing a picture of the second user as provided on the display 2128 of the first wireless device, by matching one-time information contained in the encrypted authentication information or via a challenge-response protocol.
- either or both of the first wireless device 2110 and the second wireless device 2112 may communicate with the secure database 2146 to retrieve additional information at step 230 .
- additional information can include for example, a portion of the biographic data of the first user of the first wireless device or of the second user of the second wireless device, or full biometric information of the first user or the second user, which can be communicated back to the respective device and used by the respective device to authenticate the user.
- the information can be periodic updates as provided the secure database to the respective device, such as will be described herein, including periodic updates of public keys of a plurality of first users as stored in memory on the second wireless device, or updates to public keys of a plurality of second users as stored in memory on the first wireless device.
- such information may include periodic updates of the biometric information of a plurality of first users as stored on the second wireless device or a plurality of second users as stored on the first wireless device, which can comprise for example a portion of the biometric information or all of the biometric information.
- the signal comprises a header field 302 .
- the header field can be any header field known to those of skill in the art.
- the signal comprises a public ID field 304 , which can comprise, for example, any of name information, a badge number, an employee number, an e-mail address, a social security number, and the like, of the first user.
- the first wireless signal may also include a digital signature field 306 containing a digital signature of the first user. For example, the digital signature may be generated with the user's private PM key.
- the first wireless signal may comprise a one-time time varying code field 308 that includes a random code as generated by the first wireless device.
- the digital signature field and the one-time code field can be used, for example by the second wireless device, to allow access to a secure place without the need for a user of the second wireless device to interact with the second wireless device to authenticate the first user.
- the digital signature and one time code can be encrypted with the private key of the first user and transmitted to the second wireless device.
- the second wireless device can decrypt the digital signature and one time code with the public key of the first user at steps 402 - 404 to authenticate or not the first user at step 406 .
- the first wireless signal also comprises a PKI encrypted one-time DES key field 310 comprising a PM encrypted one-time DES key.
- the first wireless signal comprises a DES key encrypted biometric data field 312 , which includes at least a portion of biometric data of the first user encrypted with the DES key.
- the public key of a first user for example, stored in memory 24 of the second wireless device can be used to decrypt the DES key, and the DES key can be used to decrypt at least a portion of the biometric data of the first user to use in the authentication of the identity of the first user.
- the first wireless signal can also comprise another ID data field 314 , which can contain other information such as name, height, weight, eye color or anything else.
- the embodiment of the wireless signal discussed in FIG. 23 has been discussed with reference to the first wireless signal transmitted from the first wireless device 2110 of FIG. 21 to the second wireless 2112 , that the same protocol can be used when transmitting a second wireless signal from the second wireless device 2112 to the first wireless device 2110 to authenticate the identity of the user of the second wireless device to the user of the first wireless device. It is to be further appreciated that various fields of the signal can be used and not all of the fields of the wireless signal are needed to authenticate identity of the user.
- the second wireless device can verify the identity of the respondent without necessarily interacting with a second user by decrypting the first user's digital signature from the digital signature field 306 at step 402 and verifying that it is the digital signature of the first user, decrypting the one-time code from the one-time code field 308 at step 404 , and using this information at step 406 to authenticate the first user. If the first user is authenticated at 406 , an appropriate action such as allowing access to the secure site, or computer, or network can be granted.
- the second wireless device at step 522 receives the first wireless signal and extracts the PM encrypted DES key from field 310 .
- the wireless device looks up the public key of the first user from memory 2124 [See FIG. 21 ] or from a secure server based on the information provided in the public ID field 304 at step 524 .
- the second wireless device uses the first public key to decrypt the PKI encrypted DES key at step 526 .
- the second wireless device acts on the DES key encrypted biometric information from the field 312 and uses the decrypted DES key to decrypt the at least a portion of the biometric information of the first user as included in the first wireless signal at step 528 .
- the biometric information included in the first wireless signal is a portion of the biometric information of the first user and the second wireless device is configured to store a remainder of the biometric information of the first user in memory.
- the process 520 also comprises looking up the remainder of the biometric information stored in the memory at step 530 and combining the remainder of the biometric information with the decrypted and extracted biometric information to provide complete biometric information of the first user at step 532 .
- the biometric information can comprise a digital image of the first user and for such aspects, the digital image can be displayed on display 2134 of the second wireless device so that the second user can ascertain whether the first user associated with the first device is who he or she purports to be.
- the biometric information can be fingerprint information, a voiceprint, DNA codes of the first user, or any other biometric information known and used by those of skill in the art.
- the processor 2122 of device 2112 can also be configured to process the combined biometric information to authenticate the first user at step 536 .
- FIG. 26 there is illustrated another embodiment of a process 620 that can be used to authenticate the identity of the first user at step 222 of the process 200 of FIG. 22 .
- some of the steps are similar to the steps of the process 520 illustrated in FIG. 25 and accordingly a full description of these steps will not be herein duplicated.
- this embodiment can be used for example, where the biometric information of the plurality of first users is not stored on the second wireless device 2112 but is instead stored at the secure database 2146 as illustrated in FIG. 21 .
- the second wireless device can be configured to interact with the secure database to obtain at least a portion of the biometric information of the first user, rather than storing at least a portion of the biometric information of the first user in memory on the second wireless device.
- the second wireless device can receive the first wireless signal including the fields discussed above in respect to FIG. 23 , in particular, the public ID field 304 and optionally the PM encrypted DES key.
- the PKI encrypted DES key may be used by this process.
- the second wireless device accesses public key information of the first user from the public keys stored in memory on the second wireless device.
- the public keys may not be stored on the second wireless device.
- the second wireless device will communicate with the secure database to obtain the public key of the first user also at step 624 .
- the second wireless device transmits a signal to the secure database comprising public identification number to identify the second device to the secure database, presumably after the second user of the second device has authenticated his or herself to the second device.
- the secure database determines whether the second device is authorized to access the secure database at step 628 . It is to be appreciated that according to some embodiments, this communication between the second wireless device and the secure database can be accomplished with encrypted signals and in some embodiments the encrypted signals can include using time varying one time codes to further secure the communication.
- the process also comprises transmitting the first public ID from the second wireless device 2112 to the secure database at step 630 , and with this information, the secure database accesses the biometric or identification information of the first user at step 632 .
- the biometric or the at least a portion of the biometric information can then be transmitted by the secure database to the second wireless device at step 634 . Again, this transmission can be encrypted and further include time varying or one time codes to further secure the communication.
- the second wireless device can use the received portion of the first biometric information and combine it with portion of the first biometric information provided in the first wireless signal, or can receive all of the first biometric information as provided by the secure database and, for example, display it on the display 2134 of the second wireless device 2112 at step 636 , or can process the biometric or identification information at step 638 to determine whether the first user is authenticated.
- a data structure 720 that can comprise memory 2124 of the second wireless device 2112 . It is to be appreciated that any or all of the various portions of this data structure can be present in the memory 2124 .
- the memory will include the private key of the second user at field 722 .
- the private key can be used, for example, when communicating by the second wireless device to the first wireless device to provide a digital signature of the second entity encrypted with the second user's private PM key to the first user.
- the memory can also comprise a plurality of public keys of a plurality of first users at area 724 .
- Such public keys of a plurality of first users can be used as has been discussed herein in combination with the private key of the first user to decrypt information of the first user.
- the public and private key can be used to decrypt the DES key of the first user.
- the memory can also comprise at least a portion of biometric data of a plurality of first users, at area 726 .
- the at least a portion of the biometric data of the plurality of first users can be combined with the portion of the biometric data provided in the first wireless signal or from the secure database, to create the complete biometric data of the first user for ascertaining or authenticating the identity of the first user as has been described herein.
- the memory can also comprise biometric data of the second user at field 728 .
- the biometric information of the second user can be used, for example, as has been discussed herein to compare the biometric data detected by the biometric sensor 2136 of the second wireless device to determine whether the second user is authorized to have access to the second wireless device.
- the data structure 720 of FIG. 27 can also comprise the memory 2118 of the first wireless device 2110 , and that any or all of the fields of the data structure 720 can exist in the memory 2118 in the first wireless device.
- the first wireless device can access the data structure 720 and the various fields for the same purposes as discussed above with respect to the second wireless device, namely, to provide the first digital signature of the first entity encrypted with the first private key in the first wireless signal, to access the public keys of a plurality of second users for the purpose of decrypting information provided in the second wireless signal, to access at least a portion of biometric information of the second user stored in the field 726 , as well as to compare biometric information of the first user with sensed biometric data provided by the biometric sensor 2130 of the first wireless device.
- the method comprises acts of receiving first authentication information about the first entity with the first device, transmitting the authentication information about the first entity to a secure database, determining whether or not the first entity is allowed to access the first device based on the first authentication information, and transmitting an enablement signal to the first device indicating to enable nor not enable the first entity to access the first device.
- the method also includes an act of allowing or not allowing operation of the first device based on the enablement signal.
- the act of receiving the first authentication information of the first entity comprises receiving biometric information of the first entity by detecting the biometric information with the first device.
- the act of transmitting the first authentication information about the first entity to a secure database comprises generating a non-predictable signal from the biometric information.
- the act of generating the non-predictable signal from the biometric information comprises generating a time varying non-predictable signal from the biometric information.
- the act of receiving biometric information of the first entity comprises receiving a voice signature of the first entity with the first device and the act of generating the non-predictable signal from the biometric information comprises mixing the voice signature of the first entity with a random code to generate the non-predictable signal.
- the act of transmitting the enablement signal to the first device comprises sending the random code to the first device.
- the act of receiving biometric information of the first entity comprises receiving fingerprint data of the first entity with the first device and the act of generating the non-predictable signal from the biometric information comprises mixing the fingerprint data of the first entity with a random code to generate the non-predictable signal.
- the act of transmitting the enablement signal to the first device comprises sending the random code to the first device.
- the act of authenticating the biometric of the first entity comprises authenticating a voice signature of the first entity.
- the act of authenticating the biometric information of the first entity comprises authenticating a finger print of the first entity.
- a first wireless device includes a biometric detector comprising a fingerprint detector that detects a fingerprint of the first entity.
- the biometric detector comprises a voice signature that detects a voice signature of the first entity.
- the system comprises a first wireless device including a processor configured to enable operation of the first wireless device if it receives an enablement signal validating first biometric information of a first entity and configured to generate a non-predictable signal from the biometric information, a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted biometric information of the first entity and to receive the enablement signal, a first biometric detector for detecting the first biometric information of the first entity and a secure database configured receive the first wireless signal, to authenticate or not authenticate the first biometric information of the first entity, and to provide the enablement signal validating or not validating the first biometric data of the first entity.
- the secure database further comprises biometric data of a plurality of first entities.
- the processor is configured to generate the non-predictable signal from the biometric information by generating a time varying non-predictable signal from the biometric information.
- the processor is configured to generate the non-predictable signal from the biometric information by mixing the biometric information of the first entity with a random code to generate the non-predictable signal.
- the secure database is configured to transmit the enablement signal to the first device including the random code so as to authenticate the secure database to the first device.
- the system includes a memory for storing a private key of the first entity authorized to use the first device.
- FIG. 28 illustrates an embodiment of a system 100 that employs a converter device 102 to provide an interface between a user device 104 (e.g., a transaction card, a cell phone, etc.) and a system interface 106 where, for example, the system interface 106 employs a magnetic card reader and the user device 104 is not equipped with a magnetic stripe. That is, in one embodiment, the converter device 102 provides a mode of information transmission between the user device 102 and the system interface 106 which would otherwise be unavailable to the user device 102 .
- the converter device 102 provides a modified system 100 that provides compatibility with a greater variety of user devices, for example, user devices such as transaction cards, cell phones or PDAs that are not equipped with a magnetic stripe.
- the converter device 102 includes a magnetic stripe emulator 137 communicatively coupled to a wireless signal receiver 140 and adapted to provide a time-varying signal emulating data provided by a magnetic stripe card to a magnetic card reader 152 .
- the user device need not be a “card” and may, for example, take the form of a fob used as a key ring, a cell phone, a watch, a personal digital assistant or any device that can include a wireless transmitter, or a magnetic stripe emulator.
- the user device 104 employs near field signal to communicate with the converter device 102 .
- the near field communication is bi-directional such that the user device 104 may both send and receive wireless communication.
- the user device includes a transceiver.
- the system interface 106 provides an interface to a larger information system (e.g., a financial system, an access control system, a medical records system, and the like) that in one embodiment includes a system processor or controller 110 , a database 112 , a network 114 , other systems 116 , such as a universal secure registry 118 as will be described further herein.
- a system processor or controller 110 e.g., a central processing unit (CPU), or the like.
- a database 112 may be connected to the network 114 via the communication link 120 A and to the system processor 110 via the communication link 120 B instead of being connected as shown in FIG. 28 .
- the communication link may be a wireless communication link, a hardwired communication link, a fiber optic communication link, any communication link used in the art, as well as a combination of any of the preceding or any other any communication link capable of transmitting signals between the elements of the system 100 .
- the system processor 110 allows information transfer of both data and instructions, for example, between the interface 106 and one or more databases which may be connected to the system or other network elements.
- the operation of the converter device 102 allows a user in possession of the user device 104 to wirelessly communicate information to the device so that the device can be employed to interface with a network system.
- the network system may provide a magnetic card reader interface and the converter device 102 provides a magnetic stripe emulator that can interface with the system.
- the overall operation of the system 100 includes the communication of information between the user device 104 and the converter device 102 , for example, RF communication. In one embodiment, the communication is bi-directional such that information can be communicated both to and from the user device 104 .
- the converter device 102 provides an interface by which information derived from the information being transmitted to or from the user device 104 is transmitted between the converter device and the system interface 106 .
- the system interface 106 provides the communication interface between it and the remainder of the system 100 (e.g., processor 110 , database 112 , network 114 , etc.).
- the user device 104 includes a processor 122 , a user interface 124 , a wireless transmitter 126 and device indicia 128 .
- the user device 104 includes a biometric sensor 130 .
- the processor 122 is communicatively coupled to each of the wireless transmitter 126 , the user interface 124 and the biometric sensor 130 .
- the processor 122 may include a chip such as a general purpose processor, an application specific integrated circuit (“ASIC”), or a field programmable gate array (“FPGA”) and the like that may execute various programs and/or provide logic inputs and outputs.
- the processor 122 may process biometric information received from the biometric sensor 130 to verify the identity of the user before the user can employ the user device 104 .
- Exemplary details of a processor and biometric sensor which are configured to authenticate a fingerprint of a user are disclosed in U.S. published application 2004/0133787, published on Jul. 8, 2004, which is herein incorporated by reference in its entirety.
- the processor 122 may also include or be coupled to driver circuitry to drive a display included in the user interface 124 and can be configured to process user input data entered via the user interface 124 .
- the user interface 124 includes one or more control inputs (for example, control buttons).
- the wireless transmitter 126 can process information provided by the processor and convert the information to an RF signal and can also include an RF antenna that transmits the RF information wirelessly.
- the user device may also include an RF receiver that receives a wireless RF signal from the RF antenna and converts the RF signal to an information signal provided to the processor.
- the wireless transmitter and/or receiver need not be an RF device; it can also be any of an IR device, an optical device, a Bluetooth signal or any other wireless signal transmitter or receiver used in the art.
- the user device may also include a power source such as a battery that fits within the device.
- a power source such as a battery that fits within the device.
- the user device remains in a sleep mode until it is placed in the vicinity of an RF transmitter at which time the user device 104 converts received RF energy into electrical energy used to provide power to the processor 122 and the other components included in the user device 104 .
- the user device 104 can be a smart card configured for wireless signal transmission using RF signals.
- the wireless transmitter 126 may be an RF transmitter device or any other wireless transmitter device configured to transmit the smart card information of the card.
- the card can be many cards such as a debit card, a plurality of credit cards such as VISA, MasterCard, American Express, or any other card with the card indicia and relevant information being stored in card memory 129 and read out by processor 122 and provided to the wireless transmitter 126 .
- the user device 104 need not be in the form of a card and may instead include a cell phone or PDA.
- the converter device 102 includes a substrate 132 which may include a stripe 134 and a magnetic field generator 136 which together comprise the magnetic stripe emulator 137 , a processor 138 , a wireless receiver 140 , a user interface 142 , a memory 144 , and a power source 146 .
- the converter device 102 includes an indicating light 148 (e.g., an LED) and an output device 150 .
- the system interface 106 with which the converter device 132 is employed includes any of or all of a magnetic card reader 152 , a wireless transceiver 154 and a data port 156 .
- the converter device 102 receives a wireless signal from the user device 104 , processes the information that is received and provides an output in the form of a time-varying signal provided to the stripe 134 (e.g., a magnetic stripe).
- the signal provided to the stripe 134 can then be provided to the system processor 110 by inserting the stripe and the associated substrate 132 or portion thereof in the magnetic card reader of the system interface 106 . That is, in one embodiment, the stripe 134 and at least a portion of the substrate 132 can be either slid by the magnetic card reader 152 or inserted to sit statically in front of the read head of the card reader.
- the processor 138 may be a general purpose processor, an application specific integrated circuit (“ASIC”), or a field programmable gate array (“FPGA”) and may be implemented in hardware, software, firmware or any combination of the preceding.
- the processor 138 may be communicatively coupled with any of the magnetic field generator 136 the wireless receiver 140 , the memory 144 , the user interface 142 , the light source 148 , the power source 146 and the output device 150 .
- the processor can be configured to receive inputs from one or more of the preceding elements and may provide outputs to each of the elements included in converter device 138 .
- the magnetic stripe 134 is a programmable magnetic stripe and the magnetic field generator 136 generates a magnetic signal that controls the information provided by the magnetic stripe 134 .
- the U.S. patent application Ser. No. 10/680,050 filed Oct. 7, 2003, entitled “System Method and Apparatus for Enabling Transactions Using a Biometrically Enabled Programmable Magnetic Stripe which was published on Jul. 8, 2004 as US2004/0133787 (the '050 application), provides further details concerning embodiments of the user device that emulates a magnetic stripe and may also include, for example, a biometric sensor.
- the '050 application is incorporated herein by reference in its entirety.
- the processor 138 may control the operation of the magnetic field generator 136 to provide the desired information to the stripe 134 .
- the processor 138 may provide an output to the stripe 134 in response to receiving information from the wireless receiver 140 , where the information from the wireless receiver is information transmitted from the user device 104 .
- the processor 138 may be configured to provide signals to drive a display included in the user interface 142 and process user input data entered with the user interface 142 .
- the user interface 142 includes a display screen that can be used to display an image of the user to whom the user device 104 belongs, for security purposes.
- the image to be displayed by the UI can either be part of the information transmitted by the user device 104 , for example, where the user device 104 also requires some authentication by the user before transmitting the device information and image, or can be provided, for example, by the USR system 118 through the system interface 106 as part of the user authentication process, as will be described in more detail herein.
- the user interface 142 may include a plurality of control elements that allow the user and/or the transaction processor (e.g., store clerk, security guard, medical service provider, etc.) to enter information into the converter device 102 .
- the user interface 142 includes an LCD display.
- the processor 138 may also be configured to provide signals to operate the indicating light 148 .
- the indicating light 148 may provide an indication of the operational status of the converter device 102 , for example, the indicating light 148 may indicate any of the following: that the converter device 102 is receiving a transmission from a user device 104 ; that the converter device 102 has generated output data to the stripe 134 ; the status of the power source 146 is normal or conversely that the power source has a low power level; that the converter device 102 is transmitting information via the output device 150 ; that the converter device 102 is properly aligned with the magnetic card reader 152 ; that the converter device 102 has received authorization for a transaction; and the like.
- the indicating light may be a single lamp or a plurality of lamps and that the lamp or lamps may be a single color including white or may include a plurality of colors. Further, it should also be apparent that the lights may provide a plurality of status indications based on their color, intensity, rate of change of the preceding characteristics or any combination of these and other features.
- the power source 146 may include a battery power source or other energy sources suitable for the form factor of the converter device 102 .
- the power source 146 may be any one of a standard size battery (e.g., a AA battery).
- the power source is a lithium battery.
- the power source can be any of an AC power source, an AC to DC converter device, or any other DC power source known to those skilled in the art.
- the converter device 102 includes a power bus 158 that provides a path for the transmission of power to the various components included in the converter device 102 .
- the converter device 102 includes the output device 150 .
- the output device can be any standard interface device to be coupled to a data bus such as a USB device, or the output device can be configured for contactless communication with the system interface 106 .
- the output device is an optical transmitter device.
- the communication between the converter device 102 and the system interface 106 is bi-directional such that information (e.g., information associated with the user's identity) may be transmitted to the system interface 106 , the system processor 110 may generate a response (e.g., a transaction approval), and the response may transmitted to the converter device 102 via the system interface 106 .
- the processor 138 is configured in combination with the output device 150 to provide an encrypted output signal. In a further embodiment, the processor 138 is configured in combination with the output device 150 to provide a time-varying encrypted output signal. In yet another embodiment, the processor 138 is configured in combination with the output device 150 to provide a time-varying encrypted (or not) public and private key output signal. In addition, the processor can also be configured in combination with the wireless receiver to receive and decrypt any and all of an encrypted signal, a time-varying encrypted signal and a signal encrypted with a private key as provided by the user device 104 . A challenge-response protocol may also be employed alternatively or in addition to any of the preceding.
- an information exchange between the user device 104 and the converter device 102 includes a first piece of information transmitted from the user device 104 to the converter device 102 and a subsequent challenge (e.g., an encrypted challenge) generated by the converter device and transmitted from the converter device to the user device 104 .
- the user employs the user device to respond to the challenge.
- the user's response is at least in part based on information included in the challenge. An identity of a user who responds accurately to the challenge can be successfully validated.
- a challenge-response protocol includes an information exchange whereby the identity of the converter 102 is also authenticated by the user with the user device 104 .
- the above-described challenge-response protocol may not require any further action by the user than is required under current approaches that require synchronized clocks in disparate devices.
- the output device 150 need not transmit any personal information associated with the user.
- commonly owned U.S. patent application Ser. No. 09/810,703, filed Mar. 16, 2001, entitled “Universal Secure Registry” (“the '703 application”) describes an approach that can improve security and reduce the need for multiple forms of identification.
- the '703 application is incorporated herein by reference in its entirety.
- the universal secure registry 118 included in the system 100 provides one example of the integration of such a registry into a system that employs a converter device 102 .
- the user device 104 can provide some information, e.g., such as a public code of the user, which can be authenticated by the user, for example by providing an ID through the user interface 124 or through biometric sensor 130 .
- the public code can be provided to the USR via the converter 102 , system interface 104 , and network 114 .
- the USR can then provide back to any of the system interface and the converter device any or all of device information (e.g., transaction card information), authorization for a transaction, e.g., where the network or the USR also communicates with the relevant authority, and indicia about the holder of the user device.
- device information e.g., transaction card information
- authorization for a transaction e.g., where the network or the USR also communicates with the relevant authority, and indicia about the holder of the user device.
- the system 100 may include a variety of system interfaces 106 of different types such as the wireless transceiver 154 and the data port 156 in addition to the magnetic card reader 152 .
- system interfaces such as an optical interface, a smart card reader interface or any other system interface known to those of skill in the art can also be included.
- the system interfaces may be either commonly located or may be geographically distributed such that some locations include a wireless transceiver 154 , some locations include a data port 156 , some locations include a magnetic card reader 152 , and some locations include a plurality of types of system interfaces.
- the output device 150 of the converter device 102 may include a data port via which the converter device 102 can provide data to a network or a networked device.
- the data port is also configured to receive data from the network or a networked device.
- Embodiments of the converter device 102 can be configured to provide communication to the system interface 106 via any of the preceding approaches including wireless signal transmission.
- the converter device 102 may receive wireless signals from the user device and transmit wireless signals to the system interface 106 .
- the converter device may include a transmitter that allows it to transmit information back to the user device.
- a process 260 employing the converter device 102 is illustrated in accordance with one embodiment.
- the process begins at Stage 262 START.
- the converter device 102 is in a steady state in which it awaits receipt of a signal from a user device 104 .
- the converter device 102 receives data, for example, a wireless signal transmitted from the user device 104 .
- the converter device 266 extracts information from the wireless signal for processing.
- the converter device 102 may extract information corresponding to the user's identity and/or the identity of the individual to whom the user device was issued. The extracted information is then provided to the system interface, for example, it is simulated as magnetic striped data to the magnetic card reader.
- the system 100 authenticates the user. In one embodiment, if the authentication is successful, the process continues at Stage 270 . In this embodiment, if the authentication is unsuccessful, the process returns to Stage 262 where, for example, the user may be prompted to attempt to authenticate again.
- the authentication may be performed locally, that is, without the need for communication between the converter device 102 and the system interface 106 and system processor 110 .
- the authentication process employs the universal secure registry 118 .
- the authentication process employs one or more authentication protocols such as public-key cryptography, key exchange protocols, protocols employing one-way functions, and the like that are well known by those of ordinary skill in the art.
- the authentication may require an exchange of information between the converter device 102 and any of the system interface 106 , the network 114 , the USR 118 and another database 112 .
- a challenge-response protocol may also be employed alternatively or in combination with any of the preceding authentication approaches.
- the completion of the transaction may be involve any of a wide variety of acts including: authorizing a withdrawal of money from a user's account, permitting the user access to a secure area, permitting a user to view medical information concerning themselves or a third party, or permitting the user to access other confidential information.
- the process 260 includes Stage 274 where following authentication the converter device 102 receives information associated with the user.
- the information may, for example, be necessary for the completion of the transaction.
- the converter device 102 may receive an indication that the user has sufficient funds to cover the amount of the check that is presented at a point of sale.
- the information may include indicia related to the authorized holder of the user device 104 , such as a picture ID.
- the process 260 is completed at Stage 272 —END.
- FIGS. 30A through 30D An embodiment, of the converter device 302 is illustrated in FIGS. 30A through 30D .
- the converter device 302 includes a housing 380 , a substrate 332 , and a magnetic stripe 334 .
- the housing 380 is manufactured from a rigid material, for example, metal or plastic and the converter device 302 is designed to be a hand-held device.
- FIG. 30B illustrates a side view perspective of an embodiment of the converter device 302 , showing an indicating light 348 (e.g., an LED).
- the indicating light 348 can include a single indicating light or a plurality of indicating lights.
- FIGS. 30A-30D illustrate an embodiment where the substrate extends substantially perpendicular from a side of the housing 380 , however, the specific angle at which the substrate extends from the housing may vary so long as the housing does not interfere with the insertion of the substrate into, for example, the magnetic card reader 152 .
- FIG. 30D illustrates a top view of an embodiment of the converter device 302 which includes a display screen (e.g., an LCD display screen) that may provide the user interface 342 or a portion of the user interface of the converter device 302 .
- the user interface 342 includes a display screen that displays either a black and white or a color image of the individual to whom the user device 104 was issued. It should be recognized that the display screen may provide a wide range of functionality, for example, the display screen may display a variety of data received by the converter device 302 including data represented in alpha numeric format.
- the magnetic stripe 334 may be a programmable magnetic stripe such that the converter device 302 provides a magnetic stripe emulator.
- the converter device 302 receives a wireless signal from a user device 104 and provides a time varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader in response to receiving the information from the wireless signal.
- the information is provided to the magnetic card reader by inserting the magnetic stripe 334 into the magnetic card reader.
- the various embodiments of a system and method for converting a wireless transaction device to a magnetic stripe emulator device may include any of the following or any combination of the following: a converter device with a processor communicatively coupled to a wireless signal receiver and to a magnetic stripe emulator.
- the converter device may optionally include an LED.
- the processor may be configured for any combination of the following: control of the LED to indicate that the device is properly aligned with the magnetic card reader, control of the LED to indicate that the device has received authorization for a transaction, and where the converter device includes a power supply, a processor configured to control the LED to indicate that the device has power.
- the information received from the wireless signal by the converter device may include any of a name, a card number, user identification, a device code, amount of credit available, and an expiration date of the card for a transaction.
- the converter device may include an output device that can provide information to a network or to a networked device.
- the output device can be configured as a wireless transmitter device, such as an optical transmitter device.
- the wireless transmitter device where the wireless transmitter may generally be configured as an RF transmitter device, and in particular, as a Bluetooth transmitter device.
- the processor can be configured in combination with the output device to provide any of an encrypted output signal, a time-varying encrypted output signal, and in particular, a time-varying public and private key output signal.
- the converter device may include an output device configured as a data port via which the converter device can provide data to a network or a networked device and to receive data from the network or a networked device.
- the converter device may also include an LCD screen for displaying at least some of the data received by the converter device, and a processor configured in combination with the LCD device to display indicia corresponding to the authorization of a transaction, and in particular, indicia that includes picture information of the cardholder.
- the various embodiments of a system and method for converting a wireless transaction device to a magnetic stripe emulator device may include any combination of the following or any combination of the following and the above listed features: the converter device can be configured to communicate with the magnetic card reader via the data port; the wireless receiver and/or processor is configured to decrypt an encrypted wireless signal; the converter device is configured to decrypt a time-varying encrypted wireless signal; the converter device configured to decrypt time-varying public and private key information contained within the wireless signal; the converter device includes a user interface communicatively coupled to the processor; the converter device processor is configured to determine whether the user is authorized to provide the information contained within the wireless signal from data provided through the user interface.
- the data contained within the wireless signal received by the converter device may include any combination of the following: user I.D. information, biometric information of the user, secret information, (for example, a PIN, a password, or a passcode of the user), or information about an uncounterfeitable token of the user.
- the converter device may include a substrate housing the magnetic stripe emulator, and the substrate may include a programmable magnetic stripe.
- the system employed with the converter device may also include a system interface coupled to a network where the system interface includes a magnetic stripe reading device configured to read a time-varying signal.
- the system interface may be configured to transmit data received from the wireless transaction device to a networked credit card authentication entity also coupled to the network.
- the system may also include any of a keyboard, a printer, an (LCD) display, and an audio signal transducer.
- the converter device 102 may be employed to convert information coded on the magnetic stripe for transmission via another mode of information transmission.
- various embodiments allow a user to employ a mobile phone or other device as a token to assist the user in securely accomplishing a variety of operations. Some embodiments also allow the user to employ the token in combination with a USR system to increase the utility of the token and the functionality and security of the various operations. That is, the token may be employed to assist the user in conducting operations that access data concerning commercial transactions (for example, retail purchases), finance and banking operations, medical records and medical information systems, physical security and access control, and identification and authentication of the parties involved in any of the preceding, etc.
- the term “financial transaction” can include any of sales transactions including transactions conducted on-line or at a point of sale using credit or debit accounts, banking transactions, purchases or sales of investments and financial instruments or generally the transfer of funds from a first account to a second account.
- the system includes a user device 352 , a point-of-sale (“POS”) device 354 and a universal secure registry 356 which can communicate with one another wirelessly, and/or over a network 357 .
- POS point-of-sale
- the user device 352 includes a display 362 , a user interface 364 , a communication link 366 and a biometric sensor 367 .
- the user device 352 may be any of a mobile phone, a personnel digital assistant or other handheld device.
- the communication link 366 may include any of a receiver and a transmitter suitable for wireless communication such as via RF and/or optical signals. Accordingly, in some embodiments, the communication link 366 includes an antenna and/or an optical signal source such as a LED alone or in combination with an optical receiver. In accordance with one embodiment, the user device 352 can employ an optical signal in the infrared spectrum. In various embodiments, the user device 352 can be configured to communicate by any form of a wireless signal such as a Bluetooth signal, WiFi, near field communication, ultra-wideband communication, RF signals and electromagnetic signals in general.
- a wireless signal such as a Bluetooth signal, WiFi, near field communication, ultra-wideband communication, RF signals and electromagnetic signals in general.
- the biometric sensor 367 may be employed to receive and process biometric inputs such as any of or any combination of a fingerprint, a speech/voice input, an iris scan, a retina scan, a facial scan, a written input, the user's fingerprint and DNA.
- biometric sensor can be employed to process a written input that includes a signature.
- the user device 352 may be in the form of a smart card or other type of credit card as described previously. Further, in some embodiments, the user device 352 may include an embodiment of the first wireless device 2110 illustrated in FIG. 21 . Accordingly, in various embodiments, the user device 352 can include all or some of the features and functionality found in the first wireless device 2110 . That is, the user device 352 can include features that may not be illustrated in FIG. 31 , for example, a microprocessor, memory, a power source, etc. In yet another embodiment, the first wireless device 2110 can be employed to conduct transactions in accordance with the embodiment illustrated in FIG. 31 and described below.
- the POS device 354 may be any type of POS device as known to those of ordinary skill in the art.
- the POS device 354 includes a display 368 , a user interface 370 and a communication link 372 .
- the user device may include an embodiment of the second wireless device 2112 illustrated in FIG. 21 .
- the POS device 354 can include all or some of the features and functionality found in the second wireless device 2112 . That is, the POS device 354 can include features that may not be illustrated in FIG. 31 , for example, a microprocessor, memory, a power source, a biometric sensor, etc.
- the second wireless device 2112 can be employed to conduct transactions in accordance with the embodiment illustrated in FIG. 31 and described below.
- the POS device may be a handheld device or a larger “countertop” device. It should also be apparent to those of skill in the art that the POS device may communicate wirelessly with the network or may be coupled to the network 357 via a hardwired connection.
- the network 357 includes a plurality of networks that may allow communication between any of the user device 352 , the POS device 354 and the USR 356 over any communication medium including wired networks (including fiber optic networks) or wireless networks. Further, the network may include one or more of either or both of local area networks and wide area networks including the Internet. In general, the network 357 can be employed for communication between the user device 352 and the USR 356 , communication between the user device 352 and the POS device 354 , communication between the POS device 354 and the USR 356 , and communication between the user device 352 and the USR 356 via the POS device 354 .
- the system 350 may also include a network 374 that allows communication between the user device 352 and the POS device 354 but does not provide communication with the USR.
- a wireless personal area network such as Bluetooth provides one example, while a local WiFi network, near field communication and ultra-wideband communication provide further examples of various embodiments of the network 374 .
- the network 357 may include any of the preceding in accordance with some embodiments.
- the user device 352 may wirelessly communicate with a converter device, for example, the converter device 102 described with reference to FIG. 28 .
- the converter device is used to communicate with the POS device 354 , for example, where the POS includes a mag-stripe reader.
- the USR 356 includes a secure database that stores account information for a plurality of users 358 .
- the USR 356 retains records concerning one or more accounts 360 for each of the plurality users so that in effect the USR 356 in the system creates a secure wallet that allows a user of the device 352 to select a particular account from among a plurality of accounts associated with the user for use in a selected transaction.
- the type of account can vary in accordance with various embodiments.
- the accounts 360 are credit card accounts, for example, any of those serviced by VISA, MasterCard, Discover and American Express. Alternatively or in combination with the preceding, the accounts 360 may be debit accounts associated with the various bank accounts held by the user 358 .
- the user device 352 includes software that allows the user device 352 to operate in combination with the USR 356 .
- the user device 352 can initially be provided with the software or it can be retrofitted by downloading software for operation with the USR via the network 357 .
- the software is loaded via a cellular network.
- the software is loaded via any wireless network such as a WiFi network.
- the software is included in a Subscriber Identity Module (“SIM”) that can be removably installed in the user device 352 .
- SIM Subscriber Identity Module
- the software is loaded over a hardwired communication link between the user device 352 and an access point to the network 357 . Accordingly, various embodiments can allow a user to download the software for operation with the USR (including the initial receipt of the software, later updates, security patches, etc.).
- the system 350 allows each user to employ their respective user device 352 to purchase goods or services at a wide variety of points-of-sale, and further, to make such purchases from one or more accounts selected from a plurality of accounts 360 .
- the system 350 allows users to employ a mobile phone as an “electronic wallet” to select, at the point-of-sale, a particular account from among a plurality of available accounts, for example, a plurality of credit card accounts.
- the system 350 allows users to employ the approach for purchases that are made using the Internet.
- the system 350 can also be employed in other forms of financial transactions including banking transactions and investment transactions.
- the user device 352 is activated for a transaction when the user satisfactorily completes an authentication process with the device.
- the entry of a PIN number known to the user is employed to activate the device.
- the software included in the user device 352 and employed in conducting transactions using the system 350 remains inoperative until the entry of the correct PIN.
- the data (for example, contact lists and associated information) stored in the user device 352 is unavailable or unintelligible until the entry of the correct PIN.
- the data in the user device 352 is stored following a mathematical operation that acts to modify the data such that it is unintelligible.
- the user device 352 employs the PIN supplied by the user to reverse the mathematical operation, for example, by performing an exclusive or operation (“XOR”) on the data using the PIN to render the data legible.
- XOR exclusive or operation
- this embodiment provides a secure embodiment of the user device that is useless in the hands of a user without knowledge of the PIN information, as without the entry of the PIN, the data stored on the device is useless.
- the above approach is used to disable the software employed by the user device 352 . That is, a mathematical operation is performed on software stored in the user device 352 with the PIN. Once the mathematical operation is performed the modified software is unusable and the software remains inoperative until the PIN is supplied by the user.
- an XOR operation may be employed to recover the software, which allows the software to operate.
- the preceding approaches provide an increased level of security because the theft of the user device 352 (for example, the mobile phone) is not enough for the thief to employ the user device 352 . Instead, a third party in possession of the user device 352 cannot employ the device to conduct a transaction without knowledge of the PIN.
- the user device 352 for example, the mobile phone
- Some embodiments can employ a multi-factor authentication process before allowing a user to employ the user device 352 to conduct a transaction. That is, the system 350 can authenticate a user based on something the user knows, something the user is, and something that the user has. According to one embodiment, the user device 352 is included in the last element of the three factors. For example, many electronic devices, including mobile phones, include an electronic serial number. Thus, in one embodiment, the user is authenticated and allowed to conduct a transaction with the USR 356 by providing something the user knows (for example, a PIN), something the user is (for example, a biometric measurement as detected by the biometric sensor 367 ) and something the user possesses (for example, the mobile phone as evidenced by the correct electronic serial number).
- something the user knows for example, a PIN
- something the user is for example, a biometric measurement as detected by the biometric sensor 367
- something the user possesses for example, the mobile phone as evidenced by the correct electronic serial number.
- the PIN, the biometric information and the electronic serial number are communicated to the USR 356 where the user is authenticated.
- the multiple pieces of data can be combined (for example, cryptographically combined through known encryption techniques) before being communicated.
- the transaction and/or access to the user's account info are permitted when an authentication is successful.
- a transaction can be denied/refused where the authentication is unsuccessful, for example, where one or more of the PIN, the biometric information and the electronic serial number are incorrect.
- the multi-factor authentication process can also employ the identification of the account selected by the user for the current transaction. That is, the system 350 can authenticate the user based on a combination of two or more of something the user knows, something the user is, something that the user has and an account selected by the user for the current transaction (i.e., the transaction for which the authentication is being completed).
- encrypted authentication information is generated from a non-predictable value generated by the user device 352 , identifying information for the selected user account 360 , and at least one of the biometric information and secret information the user knows (for example, a PIN).
- the authentication information (for example, encrypted authentication information) is communicated to the secure registry for authentication and approval of the requested account access and/or financial transaction.
- one or more aspects of the authentication and approval are completed at the POS, for example, using the POS device 354 , while in another embodiment, the POS provides a conduit or communication path from the user device 352 to the secure registry 356 .
- the user device 352 is secured such that authentication information cannot be generated by the user device 352 prior to an authentication of the user based on the biometric input provided to the user device 352 .
- the user device 352 performs the authentication.
- the POS device 354 authenticates the biometric information provided by the user.
- the biometric information is authenticated by the secure registry 356 .
- any two of the PIN, the biometric information, the electronic serial number, a discrete code associated with the device and the identifying information concerning the selected account are employed to generate a seed from which further authentication information is generated, for example, to generate a seed from which a non-predictable value can be generated by the user device 352 .
- the seed is employed in an algorithm that also employs a temporal value to generate the authentication information.
- the seed and the further authentication information are generated at the user device 352 and are provided to either or both of the second device 354 and the USR 356 .
- Either or both of the second device and the USR can use the authentication information to authenticate or validate the identity of the user of the device 352 , as has been described herein.
- all four of the PIN, the biometric information, the electronic serial number and the identifying information concerning the selected account are employed to generate the seed.
- the discrete code that is associated with the device is also used in combination with each of the preceding to generate the seed.
- the discrete code that is associated with the device is provided in lieu of the electronic serial number while in other embodiments the unique code is employed with the electronic serial number to generate the seed.
- the discrete code is unique to the user device 352 .
- the discrete code is inaccessible to an individual in possession of the device.
- the discrete code may be maintained by the user device 352 such that any indication that the security of the device is compromised results in the discrete code being set to a default value (for example, zero) which effectively prevents valid authentication information from being generated by the user device 352 .
- the preceding security measure can be taken when the device receive an indication that it is being used under duress.
- a challenge/response protocol is employed, for example, where the USR 356 communicates a challenge to the user device 352 and access to the USR is only granted where the user's response is correct.
- a correct response is generated using any of the PIN, the biometric information and the electronic serial number in combination with the information provided as the challenge.
- the challenge/response protocol can be invisible and seamless to the user of the device 352 , since other than the user providing any of PIN and/or biometric information, the communication protocol of the challenge/response protocol can be done in the background without active participation from the user.
- the validation of the biometric information provided by the user can be performed on a character by character basis.
- the biometric information includes a spoken word or phrase
- each spoken character can be individually evaluated to determine whether it was provided by a user authorized to employ the user device 352 .
- the authentication of the biometric occurs at the user device 352 , at the POS device 354 , at the USR 356 or at a combination of the preceding.
- the security of the system may be further increased where the system 350 allows for one or more approaches to limit the use of the user device 352 .
- the system allows a user to establish limitations on the use of the user device 352 .
- a user may establish an active period or periods as the only period(s) that the user device 352 can be used in combination with the USR 356 .
- the active period may include a temporal element.
- the active period may be so many consecutive hours or days beginning from the start of the activation period, a fixed period of time during every day, certain days of the week, etc.
- operation of the user device 352 may be completely disabled outside of the designated active period(s).
- the user may limit the use of the user device 352 to conduct such transactions to a maximum amount of a single transaction, a maximum cumulative amount of all transactions, a maximum quantity of transactions and/or a predetermined monetary amount.
- each of the preceding can be employed alone or in combination with a temporal element such that, for example, the maximums are determined for an active period of time having a known length.
- the values may be set by the user, or for example, by an issuer of the user device 352 .
- the maximum values may be provided by an issuer of one or more of the plurality of user accounts 360 .
- the user device 352 can be configured to cease operating when an unauthorized use of the device is detected.
- the unauthorized use may be detected where the user 352 provides an indication that the device is being used under duress as described above.
- a transaction in which a user signals the use under duress proceeds but the user device 352 becomes inoperative for one or more subsequent transactions.
- the system 350 communicates information concerning the situation to local law enforcement, for example, the location of the user device and the identity and/or appearance of the user.
- a constant is added to the value of the PIN when the user device 352 is being used under duress. For example, the user can enter a value which corresponds to the PIN plus one.
- the USR 356 provides consolidated security for the plurality of user accounts associated with a plurality of individual service companies (i.e., VISA MasterCard, etc.) who employ USR. In some embodiments, this avoids the need for the individual service companies to separately monitor the security of transactions for each of their respective accounts even where the service companies are not be affiliated with one another.
- the user device 352 may destroy data/information present in the user device based on the occurrence of an event or multiple events. In one embodiment, this action is the result of evidence of tampering with the user device 352 , for example, the repeated entry of an incorrect PIN. In another embodiment, the user device 352 destroys sensitive information (or a subset of information included in the user device 352 ) following the passage of a predetermined period of time of, for example, inactivity. It is also to be appreciated that, in an embodiment, the underlying data and/or software need not be destroyed in the above events, but instead there may be a lockout period as a result of the above events for which the device is rendered unusable. This lockout period may be extended and/or increased for repeated events discussed above.
- biometric information of a user of the first device or authentication of biometric information of the user of the first device can be provided to the second device 354 for any of the purposes described herein in any of the following ways: at least in part from the first device 352 , at least in part from the USR 356 , and at least in part from reading the biometric data stored on the second device.
- the POS device may receive signals from a plurality of user devices 352 in the vicinity of the POS device 354 . Accordingly, the POS device 354 may be employed to select from a plurality of users to conduct a transaction. For example, where an image of each of the users in the vicinity is displayed at the POS device 354 , the individual operating the POS device 354 may select the user (and associated accounts) by selecting the photo of the user who is employing the user device 352 for the current transaction.
- the system 350 including the USR 356 is used to provide authorization for an occurrence of an event, such as a credit or debit transaction, without providing secure information such as the credit or debit card number.
- the USR either by itself or in combination with credit or banking authority, authenticates the user of the first device and the selected account information and either provides a one time code for authorizing the transaction or a denial to the second device, which can be displayed on the second device to indicate the approval or denial of the transaction to the POS operator.
- the system can also be employed, for example, for internet purchase through a web site where the USR can alone or in combination approves or denies the transaction and provides the approval or denial to the operator of the web site, for example, where the user of the first device 352 either manually logs into a web site and provides account information, or where the user of the first device communicates via the first device 352 and the token provided by the first device with the web site.
- the code or information displayed at the second device 354 can enable many forms of a transaction not just limited to a credit or debit transaction. It can include approval for enablement of any of the events that have been described herein.
- the code or information can, for example, provide authorization or security that funds exist in the account to cover a check written by the user of the first device, in effect providing a code that turns the personal check into a certified check, without the need for the user of the first device having to obtain a bank check.
- the system 350 can be employed as a peer to peer network.
- the first device and the second device are configured as peer to peer devices, in combination with the USR 356 or in some embodiments without the needs for information in the USR 356 , as has been discussed herein, to authenticate and/or validate an identity of a user of the first device to the second device and in addition to authenticate and/or validate an identity of a user of the second device to the first device, to allow an occurrence of an event, such as a credit or debit transaction, access to a secure location, passport identification information and the like.
- an event such as a credit or debit transaction
- the above-described system 350 employs the USR 356 to facilitate the preceding operations, the above approach may be employed with alternative systems that include a secure database with the user's account information. Further, although the preceding description concerning FIG. 31 primarily discusses sales transactions, the system 350 may be employed in a variety of fields to allow only authorized access by authenticated users to secure data, for example, as illustrated in FIG. 4 , and the like as has been described herein. Further, the user device can in some embodiments be used to authenticate identity in a variety of applications. That is, an authentication code can be generated by the user device 352 as described above where the authentication code is used to determine whether the user is authorized to take one or more actions.
- the authentication code is provided to a security system to determine whether the user is permitted to access a physical facility, for example, to determine whether the user is permitted to access a residence or a place of business.
- the user device 352 wirelessly communicates an authentication code to a home security system as part of an access request.
- the authentication code generated by the user device 352 can be used in a similar manner to determine whether an individual can access a computer network, for example, log in.
- such an authentication code can also be used to provide positive identification of an individual in possession of the user device 352 in the manner of a passport, driver's license or other form of identification issued by the government or another third party such as an employer.
- a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction.
- the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts.
- the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link.
- the processor is configured to generate a non-predictable value and to generate encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and to communicate the encrypted authentication information via the communication link to the secure registry.
- the secret information includes the identifying information.
- the communication link wirelessly transmits the encrypted authentication information to a point-of-sale (POS) device, and the POS device is configured to transmit at least a portion of the encrypted authentication information to the secure registry.
- the POS device can include a magnetic stripe reader.
- the communication link wirelessly transmits the encrypted authentication information to a converter device configured to generate an emulated magnetic stripe output for use with the POS device.
- the user device includes a memory coupled to the processor where the memory stores information employed by the device to authenticate the biometric received by the biometric sensor. In one embodiment, the device does not permit the entry of the user input if the biometric input received by the biometric sensor is determined to not belong to an authorized user of the device.
- the secret information known to the user includes a PIN
- the authentication of the secret information and the biometric input activate the device for the financial transaction.
- the user device includes a memory coupled to the processor and the data stored in the memory is unavailable to an individual in possession of the device until the device is activated.
- the data can be subject to a mathematical operation that acts to modify the data such that it is unintelligible until the device is activated.
- a method of generating authentication information includes acts of authenticating an identity of a user to a device based on at least one of biometric data received by the device from the user and secret information known to the user and provided to the device.
- the method can also include the generation of a non-predictable value with the device.
- the method can further include acts of receiving identifying information from the user concerning a selected one of a plurality of user accounts and generating encrypted authentication information from the non-predictable value, the identifying information, and at least one of the biometric data and the secret information.
- the device can generate encrypted authentication information from each of the non-predictable value, the biometric data, the secret information, and the identifying information.
- the method includes an act of de-activating the device without generating the encrypted authentication information if the identity of the user is not successfully authenticated to the device.
- Embodiments may also include an act of generating encrypted authentication information in a manner that allows the identification of the user and the selected one of the plurality of user accounts by a secure registry.
- a method of controlling access to a plurality of accounts includes acts of generating, with a device, encrypted authentication information from a non-predictable value generated by the device, identifying information concerning an account selected by a user of the device from among a plurality of accounts associated with the user, and at least one of a biometric of the user received by the device and secret information provided to the device by the user, communicating the encrypted authentication information from the device to a secure registry via a point-of-sale (POS) device to authenticate or not authenticate the device with the secure registry, authorizing the POS device to initiate a financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is successfully authenticated, and denying the POS device from initiation of the financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is not successfully authenticated.
- POS point-of-sale
- the method includes an act of authenticating an identity of the user by validating the biometric with one of the device and the secure registry.
- the biometric can be validated on a character-by-character basis.
- the method includes an act of transmitting image data from the secure registry to the POS device along with an authorization authorizing the POS device to initiate the financial transaction provided that the image data when processed at the POS device authenticates an identity of the user.
- the method also includes an act of authenticating the identity of the user at the POS device by any of displaying an image of the user at the POS device for visual confirmation by an operator of the POS device and processing biometric data provided by the image data.
- the operator may be a store clerk, bank clerk, security personnel or an individual in any other capacity in which they are tasked with a responsibility to verify an identity of an individual in possession of the user device.
- the secure registry includes a database containing information concerning a plurality of accounts associated with a different one of a plurality of users, respectively. Further, the plurality of accounts can include accounts associated with a plurality of different financial service providers. According to some embodiments, the method can include an act of transmitting information including at least a portion of the encrypted authentication information to the secure registry from the POS device.
- a mobile electronic device for authenticating a user involved in a transaction comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and wherein the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the one or more processors are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a method for authenticating a user involved in a transaction using a mobile electronic device comprising authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the method further comprises encrypting the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a computer readable medium or media containing instructions for authenticating a user involved in a transaction wherein execution of the instructions by one or more processors of a mobile electronic device causes the one or more processors to carry out the steps of authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information specific to the mobile electronic device and a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by
- PIN personal identification number
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- execution of the instructions by the one or more processors further causes the one or more processors to carry out the step of encrypting the identification information and the one-time authentication code before the identification information and the one-time authentication code are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
- a system for authenticating a user involved in a transaction comprising a mobile electronic device, the mobile electronic device comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information specific to the mobile electronic device and a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, the computer system, comprising a communications interface configured to receive the identification information and the one-time authentication code, and one or more processors configured to retrieve account information associated with the mobile electronic device and the user account to be employed in the transaction, and to use the retrieved account information to validate the received identification information and one-time authentication code, where generating the one-time authentication code
- PIN personal identification
- the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
- the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
- the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- the one or more processors of the mobile electronic device are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system.
- the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
- the computer system comprises one or more servers associated with a credit card company or bank.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Economics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Software Systems (AREA)
- Human Resources & Organizations (AREA)
- Tourism & Hospitality (AREA)
- Biomedical Technology (AREA)
- Entrepreneurship & Innovation (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Human Computer Interaction (AREA)
- Primary Health Care (AREA)
- Game Theory and Decision Science (AREA)
- Educational Administration (AREA)
- Operations Research (AREA)
- Databases & Information Systems (AREA)
- Technology Law (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Quality & Reliability (AREA)
- Epidemiology (AREA)
- Public Health (AREA)
- Child & Adolescent Psychology (AREA)
Abstract
According to one aspect, an electronic ID device is provided. The electronic ID device is configured to allow a user to select an account associated with the user to employ in a transaction, and includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input, a communication interface configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input.
Description
- This application is a continuation of and also claims priority under 35 U.S.C. § 120 to co-pending U.S. patent application Ser. No. 14/071,126 filed Nov. 4, 2013, entitled “UNIVERSAL SECURE REGISTRY”. U.S. patent application Ser. No. 14/071,126 is a continuation of and also claims priority under 35 U.S.C. § 120 to U.S. patent application Ser. No. 13/237,184 filed Sep. 20, 2011, now U.S. Pat. No. 8,577,813, entitled “UNIVERSAL SECURE REGISTRY.”
- U.S. patent application Ser. No. 13/237,184 is a continuation in part of and also claims priority under 35 U.S.C. § 120 to U.S. patent application Ser. No. 13/168,556, filed on Jun. 24, 2011, now U.S. Pat. No. 8,271,397. U.S. patent application Ser. No. 13/237,184 is also a continuation of and also claims priority under 35 U.S.C. § 120 to U.S. patent application Ser. No. 12/393,586 filed Feb. 26, 2009, now U.S. Pat. No. 8,234,220 entitled “UNIVERSAL SECURE REGISTRY”.
- U.S. patent application Ser. No. 12/393,586 is a continuation in part of each of U.S. patent application Ser. No. 11/760,732 filed Jun. 8, 2007, now U.S. Pat. No. 7,809,651, entitled “UNIVERSAL SECURE REGISTRY”; U.S. patent application Ser. No. 11/760,729 filed Jun. 8, 2007, now U.S. Pat. No. 7,805,372, entitled “UNIVERSAL SECURE REGISTRY”; and U.S. patent application Ser. No. 11/677,490 filed Feb. 21, 2007, now U.S. Pat. No. 8,001,055 entitled “METHOD, SYSTEM AND APPARATUS FOR SECURE ACCESS PAYMENT AND IDENTIFICATION”.
- U.S. patent application Ser. No. 13/168,556 filed on Jun. 24, 2011, is a continuation of U.S. patent application Ser. No. 11/677,490 filed Feb. 21, 2007, now U.S. Pat. No. 8,001,055.
- U.S. application Ser. No. 11/760,732 is a continuation of U.S. application Ser. No. 11/677,490, now U.S. Pat. No. 8,001,055, and U.S. patent application Ser. No. 11/760,729 is a continuation of U.S. application Ser. No. 11/677,490, now U.S. Pat. No. 8,001,055.
- Each of U.S. application Ser. Nos. 11/760,732, 11/760,729, and 11/677,490 claims priority under 35 U.S.C. § 119 (e) to U.S. Provisional Application Nos. 60/812,279 filed on Jun. 9, 2006 entitled “UNIVERSAL SECURE REGISTRY,” and 60/859,235 filed on Nov. 15, 2006 entitled “UNIVERSAL SECURE REGISTRY”.
- U.S. application Ser. No. 11/677,490 filed Feb. 21, 2007, also claims priority under 35 U.S.C. § 119 (e) to U.S. Provisional Application No. 60/775,046 filed on Feb. 21, 2006 entitled “METHOD AND APPARATUS FOR EMULATING A MAGNETIC STRIPE READABLE CARD”.
- U.S. patent application Ser. No. 12/393,586 filed Feb. 26, 2009, entitled “UNIVERSAL SECURE REGISTRY,” claims priority under 35 U.S.C. § 119(e) to U.S. Provisional Application Ser. No. 61/031,529, entitled “UNIVERSAL SECURE REGISTRY,” filed on Feb. 26, 2008.
- Each of the above-identified applications is hereby incorporated herein by reference in its entirety.
- Embodiments of the invention generally relate to systems, methods, and apparatus for authenticating identity or verifying the identity of individuals and other entities seeking access to certain privileges and for selectively granting privileges and providing other services in response to such identifications/verifications. In addition, embodiments of the invention relate generally to systems and methods for obtaining information from and/or transmitting information to a user device and, in particular, to systems, methods, and apparatus that provide for contactless information transmission.
- Control of access to secure systems presents a problem related to the identification of a person. An individual may be provided access to the secure system after their identity is authorized. Generally, access control to secure computer networks is presently provided by an authentication scheme implemented, at least partly, in software located on a device being employed to access the secure computer network and on a server within the secure computer network. For example, if a corporation chooses to provide access control for their computer network, they may purchase authentication software that includes server-side software installed on a server in their computer system and corresponding client-side software that is installed on the devices that are used by employees to access the system. The devices may include desktop computers, laptop computers, and handheld computers (e.g., PDAs and the like).
- In practice, the preceding approach has a number of disadvantages including both the difficulty and cost of maintaining the authentication system and the difficulty and cost of maintaining the security of the authentication system. More specifically, the software resides in the corporation's computers where it may be subject to tampering/unauthorized use by company employees. That is, the information technology team that manages the authentication system has access to the private keys associated with each of the authorized users. As a result, these individuals have an opportunity to compromise the security of the system. Further, any modification and/or upgrade to the authentication system software is likely to require an update to at least the server-side software and may also require an update of the software located on each user/client device. In addition, where the company's computer systems are geographically distributed, software upgrades/updates may be required on a plurality of geographically distributed servers.
- There is also a need, especially in this post September 11 environment, for secure and valid identification of an individual before allowing the individual access to highly secure areas. For example, an FBI agent or an air marshal may need to identify themselves to airport security or a gate agent, without compromising security. Typically such identification may comprise the air marshal or FBI agent showing identification indicia to appropriate personnel. However, there are inherent flaws in this process that allow for security to be compromised, including falsification of identification information and failure of the airport security or other personnel to recognize the situation. Of course this process could be automated, for example, by equipping airport personnel or security with access to a database and requiring the FBI agent or air marshal to appropriately identify themselves to the database, for example, by again providing identification which airport personnel can then enter into the database to verify the identity of the person seeking access to a secure area. However, this process also has the inherent flaws in it as described above. In addition, there may be times when airport security or personnel may not be able to communicate with the database to check the identity of the person seeking access, for example, when they are not near a computer terminal with access to a database or are carrying a hand-held device that does not have an appropriate wireless signal to access the database. In addition, there is a need to ensure that if such a hand-held device ends up the wrong hands, that security is not compromised.
- Further, both commercial (e.g., banking networks) and non-commercial (e.g., security systems) information systems often rely on magnetic card readers to collect information specific to a user (e.g., a security code, a credit card number, etc.) from a user device (e.g., a transaction card). Credit card purchases made in person provide an example of the most common transaction-type that relies on a user device, the credit or debit card, which is read by a magnetic card reader. User devices that rely on magnetic-stripe based technology magnetically store information (e.g., binary information) in the magnetic stripe. The magnetic stripe reader provides an interface to a larger computerized network that receives the user's information to determine, for example, whether to authorize a transaction, to allow the user access to a secure area, etc.
- Recently, such devices have seen technological advances that increase their capabilities and improve their security. For example, such devices may now include embedded processors, integral biometric sensors that sense one or more biometric feature (e.g., a fingerprint) of the user, and magnetic stripe emulators. As one result, such devices may provide greater security by dynamically generating the necessary information, for example, generating the credit card number at the time of a transaction. Improved security can also be provided by such devices because more sophisticated authentication schemes can be implemented with the devices.
- In addition, user devices such as transaction cards may now also provide for one or more modes of information transmission other than transmission via a magnetic stripe/card reader combination. For example, user devices that may transmit information optically or via radio frequency (“RF”) signal transmission to a compatible system interface are now available. Further, the architecture of a user device that includes a processor is generally compatible with both the improved security features described above and the contactless transmission modes such as optical and RF signal transmission. As a result of the improved security and greater functionality of some current user devices, there is a desire to replace magnetic-stripe based user devices with devices that include forms of information transmission other than the reading of a magnetic-stripe.
- There is, however, a substantial installed base of interfaces (for example, at points of sale, at automatic teller machines (“ATM”), and the like) that include magnetic card readers which are not equipped to receive information from a user device in any other format other than from a magnetic stripe. As a result of the cost to replace or retrofit the installed base, efforts to more-widely introduce user devices that do not employ magnetic stripe devices have not been developed. Because of the potential to substantially reduce fraud, however, the further implementation of such devices is of great interest to financial institutions among others. RF devices that transmit information wirelessly are expected to become much more prevalent and at some point, the predominant form of information transmission for user authentication based on a hand-held device, for example, credit card, debit card, drivers license, passport, social security card, personal identification, etc. Thus, new and improved methods for transitioning from a purely magnetic based form of communication to a wireless form of communication are desired.
- One current approach that is intended to “transform” a smart card for use with a magnetic stripe card reader employs a “bridge” device. The bridge device requires that the smart card be inserted within it. The bridge device includes a slot for receiving the smart card, a key pad whereby the user may enter information (e.g., a PIN number), and a credit card sized extension member. Operation of the bridge device requires that the smart card be inserted within it and that an electrical contact surface of the smart card engage a similar surface within the bridge device before the bridge device (i.e., the extension member) can be used with a magnetic card reader. Thus, the contactless nature of more advanced information transmission systems is lost with the bridge device because it does not support wireless signal transmission.
- Accordingly, there is a desire for one or more devices, systems and methods for accomplishing any of the herein mentioned objectives.
- There is thus a need for an identification system that will enable a person to be accurately identified (“identification” sometimes being used hereinafter to mean either identified or verified) and/or authenticated without compromising security, to gain access to secure systems and/or areas. Likewise, there is a need for an identification system that will enable a person to be identified universally without requiring the person to carry multiple forms of identification.
- Accordingly, this invention relates, in one embodiment, to an information system that may be used as a universal identification system and/or used to selectively provide information about a person to authorized users. Transactions to and from a secure database may take place using a public key/private key security system to enable users of the system and the system itself to encrypt transaction information during the transactions. Additionally, the private key/public key security system may be used to allow users to validate their identity. For example, in one embodiment, a smart card such as the SecurID™ card from RSA Security, Inc. may be provided with the user's private key and the USR system's public key to enable the card to encrypt messages being sent to the USR system and to decrypt messages from the
USR system 10. - The system or database of the invention may be used to identify the person in many situations, and thus may take the place of multiple conventional forms of identification. Additionally, the system may enable the user's identity to be confirmed or verified without providing any identifying information about the person to the entity requiring identification. This can be advantageous where the person suspects that providing identifying information may subject the identifying information to usurpation.
- Access to the system may be by smart card, such as a SecurID™ card, or any other secure access device. The technology enabling the user to present their identity information may be physically embodied as a separate identification device such as a smart ID card, or may be incorporated into another electronic device, such as a cell phone, pager, wrist watch, computer, personal digital assistant such as a Palm Pilot™, key fob, or other commonly available electronic device. The identity of the user possessing the identifying device may be verified at the point of use via any combination of a memorized PIN number or code, biometric identification such as a fingerprint, voice print, signature, iris or facial scan, or DNA analysis, or any other method of identifying the person possessing the device. If desired, the identifying device may also be provided with a picture of the person authorized to use the device to enhance security.
- According to one embodiment of the invention, a method of controlling access to a plurality of secure computer networks using a secure registry system located remotely from the secure computer networks is disclosed. The secure registry system includes a database containing selected data of a plurality of users each authorized to access at least one of the plurality of secure computer networks. The method comprises acts of receiving authentication information from an entity at a secure computer network, communicating the authentication information to the secure registry system, and validating the authentication information at the secure registry system. The method also includes receiving from the secure registry system an indication of whether the entity is authorized to access the secure computer network, granting the entity access to the secure computer network when the authentication information of the entity corresponds to one of the plurality of users, and denying the entity access to the secure computer network when the authentication information of the user does not correspond to one of the plurality of users.
- Another embodiment of the invention comprises a method of controlling access to a secure computer network using a secure registry system. The secure registry system includes a database containing selected data of a plurality of users authorized to access the secure computer network and selected data identifying the secure computer network. The method comprises receiving an access request including authentication information and a computer network ID from an entity, determining whether the authentication information is valid for any of the plurality of users, accessing data when the authentication information of the entity is valid for one of the plurality of users to determine whether the entity is authorized to access the computer network identified by the computer network ID, and allowing the entity to access the secure computer network when the authentication information of the entity is valid for one of the plurality of users authorized to access the computer network identified by the computer network ID.
- Another embodiment of the invention comprises a method of authenticating an identity of a first entity. The method comprises the acts of wirelessly transmitting from a first device, first encrypted authentication information of the first entity, receiving with a second device the wirelessly transmitted first encrypted authentication information, decrypting with the second device, the first wirelessly encrypted authentication information to provide the first authentication information of the first entity to the second device; and authenticating the identity of the first entity based upon the first authentication information; and acting based on the assessed identity of the first entity.
- Another embodiment of the invention comprises a system for authenticating an identity of a first entity, comprising a first wireless device comprising a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted authentication information, a first processor configured to compare stored biometric data with detected biometric data of the first entity and configured to enable or disable use of the first device based on a result of the comparison, and configured to encrypt first authentication information with a first private key of the first entity into the first encrypted authentication information, a first biometric detector for detecting biometric data of the first entity, and a first memory for storing biometric data of the first entity, a private key of the first entity authorized to use the first device, and the first authentication information.
- According to some embodiments, the system further comprises a second wireless device comprising a second wireless transmitter and receiver configured to receive the first wireless signal and to process the first wireless signal, a second processor configured to compare detected biometric data of a second entity with stored biometric data and configured to enable or disable use of the second device based upon a result of the comparison, and configured to decrypt the first authentication information received in the first wireless signal, a biometric detector for detecting biometric data of a second entity, and a second memory storing biometric data of the second entity and a plurality of public keys of a plurality of first entities.
- Another embodiment of the invention provides a first wireless device comprising a processor configured to enable operation of the first wireless device if it receives an enablement signal validating first biometric information of a first entity and configured to generate a non-predictable signal from the biometric information, a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted biometric information of the first entity and to receive the enablement signal, and a first biometric detector for detecting the first biometric information of the first entity.
- In one aspect of the invention, a device converts a wireless transaction device to a magnetic-stripe emulator device. In one embodiment, the device includes a wireless signal receiver that is configured to receive a wireless signal and provide information from the wireless signal. In addition, the device may include a magnetic-stripe emulator which is communicatively coupled to the wireless signal receiver and adapted to provide a time-varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader in response to receiving the information from the wireless signal. In one embodiment, the device includes a processor communicatively coupled to the wireless signal receiver and to the magnetic-stripe emulator. The device may also include an LED. In a version of this embodiment, the processor is configured to control the LED to indicate that the device is properly aligned with the magnetic card reader. In another embodiment, the device includes an output device that can provide information to a network or to a network device. In a version of this embodiment, the output device is a wireless transmitter device.
- Further embodiments of the invention may include additional features, for example, in one embodiment the output device is a data port to which the device can provide data to a network or to a network device. In a version of this embodiment, the data port is also configured to receive data from the network or the network's device. In a further embodiment, the device is configured to communicate with the magnetic card reader via the data port.
- In a further embodiment, the wireless receiver and/or processors configure, decrypt and encrypt the wireless signal. In a further embodiment, the processor is configured to determine whether a user is authorized to provide the information contained within the wireless signal from data within the wireless signal. In a version of this embodiment, the data contained within the wireless signal includes user ID information. In yet another embodiment, the data contained within the wireless signal includes biometric information of the user.
- According to another aspect, the invention provides a system for validating an identity of a user to enable or prevent an occurrence of an event. In one embodiment, the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver, where the second device is configured to receive the validation information and further transmit the validation information; and a secure system in communication with the second device. According to one embodiment, the secure system includes a database. In a further embodiment, the secure system is configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event. In various embodiments, the event that is enabled or prevented may be a transaction (e.g., a financial transaction), access control (e.g., physical or electronic access) or other action that is either enabled or prevented.
- According to a further aspect, the invention provides a method employing a system to validate an identity of a user to enable or prevent an occurrence of an event. In one embodiment, the system includes a first device, a second device and a secure system including a database. According to one embodiment, the method includes acts of receiving at the second device validation information wirelessly transmitted from the first device, communicating the validation information from the second device to the secure system, and receiving at the second device additional information from the secure system. In a further embodiment, the additional information assists the second device in either enabling or preventing the occurrence of the event. In various embodiments, the event that is enabled or prevented may be a transaction (e.g., a financial transaction), access control (e.g., physical or electronic access) or other action that is either enabled or prevented.
- In still another aspect, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link. According to one embodiment, the processor is configured to generate a non-predictable value and to generate encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and to communicate the encrypted authentication information via the communication link to the secure registry.
- In accordance with another aspect, a method of generating authentication information includes acts of authenticating an identity of a user to a device based on at least one of biometric data received by the device from the user and secret information known to the user and provided to the device. The method can also include the generation of a non-predictable value with the device. The method can further include acts of receiving identifying information from the user concerning a selected one of a plurality of user accounts and generating encrypted authentication information from the non-predictable value, the identifying information, and at least one of the biometric data and the secret information. In a further embodiment, the device can generate encrypted authentication information from each of the non-predictable value, the biometric data, the secret information, and the identifying information.
- According to a still further aspect, a method of controlling access to a plurality of accounts is provided where the method includes acts of generating, with a device, encrypted authentication information from a non-predictable value generated by the device, identifying information concerning an account selected by a user of the device from among a plurality of accounts associated with the user, and at least one of a biometric of the user received by the device and secret information provided to the device by the user, communicating the encrypted authentication information from the device to a secure registry via a point-of-sale (POS) device to authenticate or not authenticate the device with the secure registry, authorizing the POS device to initiate a financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is successfully authenticated, and denying the POS device from initiation of the financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is not successfully authenticated.
- According to one embodiment, a mobile electronic device for authenticating a user involved in a transaction is provide comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and wherein the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the one or more processors are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a method for authenticating a user involved in a transaction using a mobile electronic device is provided comprising authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the method further comprises encrypting the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a computer readable medium or media containing instructions for authenticating a user involved in a transaction is provided, wherein execution of the instructions by one or more processors of a mobile electronic device causes the one or more processors to carry out the steps of authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information specific to the mobile electronic device and a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, execution of the instructions by the one or more processors further causes the one or more processors to carry out the step of encrypting the identification information and the one-time authentication code before the identification information and the one-time authentication code are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a system for authenticating a user involved in a transaction is provided comprising a mobile electronic device, the mobile electronic device comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information specific to the mobile electronic device and a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, the computer system, comprising a communications interface configured to receive the identification information and the one-time authentication code, and one or more processors configured to retrieve account information associated with the mobile electronic device and the user account to be employed in the transaction, and to use the retrieved account information to validate the received identification information and one-time authentication code, where generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and where the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the one or more processors of the mobile electronic device are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to an aspect of the disclosure, an electronic ID device configured to allow a user to select an account associated with the user to employ in a transaction is provided, the electronic ID device comprising a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input, the user input including secret information known to the user, and selection information concerning an account selected by the user from one or more accounts associated with the user, a communication interface configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, wherein the processor is programmed to activate the electronic ID device in response to a successful authentication of a user's identity, wherein authentication of the user's identity is based on at least one of the biometric input and the secret information, generate a one-time non-predictable value, obtain a public identifier that corresponds to private account information of the selected user account, wherein the public identifier does not contain any private account information of the selected user account, generate authentication information using the one-time non-predictable value and the public identifier, encrypt the authentication information, and wirelessly communicate the encrypted authentication information to a requesting or receiving device via an authentication signal generated by the communication interface, such that the secure registry receives a transaction request and at least a portion of the encrypted authentication information from the requesting or receiving device, wherein the transaction request involves the selected user account, verifies the encrypted authentication information, uses the public identifier from the encrypted authentication information to acquire the private account information of the selected user account, and generates an enablement signal to enable the transaction request without transmitting the private account information.
- In various examples, the communication interface is configured to communicate with the secure registry either directly or via an intermediate device. In some examples, the public identifier does not contain any compromisable account information. In at least one example, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via an induced signal generated by the communication interface. In various examples, the communication interface includes a magnetic stripe emulator.
- In some examples, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a time-varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader, and the time varying signal is generated by the magnetic stripe emulator of the communication interface. In at least one example, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a near field signal generated by the communication interface.
- In various examples, the communication interface includes a near field communication (NFC) transceiver; and the authentication signal generated by the communication interface is an NFC signal. In at least one example, the NFC signal is generated by the NFC transceiver of the communication interface, and the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via the NFC signal, the requesting or receiving device located within the same local area as the NFC transceiver such that the NFC signal is transmitted directly between the NFC transceiver and the requesting or receiving device.
- In at least one example, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Wi-Fi™ radio technology signal generated by the communication interface. In some examples, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Bluetooth™ wireless technology standard signal. In various examples, the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Bluetooth™ Low Energy wireless technology standard signal.
- In various examples, in activating the electronic ID device, the processor is further programmed to render stored data legible. In at least one example, the encrypted authentication information is one-time encrypted authentication information. In some examples, the communication interface is configured to communicate the encrypted authentication information to the secure registry, where the secure registry comprises a secure token database storing one or more tokens associated with the authentication information.
- In some examples, the processor is further programmed to deactivate the electronic ID device without generating the authentication information where authentication based on at least one of the biometric input and the secret information is unsuccessful. In at least one example, deactivating the electronic ID device initiates a lock-out period. In various examples, deactivating the electronic ID device includes deleting information present in the electronic ID device that is used to generate the authentication information.
- This invention is pointed out with particularity in the appended claims. The above and further advantages of this invention may be better understood by referring to the following description when taken in conjunction with the accompanying drawings. The accompanying drawings are not intended to be drawn to scale. In the drawings, each identical or nearly identical component that is illustrated in various figures is represented by a like numeral. For purposes of clarity, not every component may be labeled in every thawing. In the drawings:
-
FIG. 1 is a functional block diagram of a computer system configured to implement the universal secure registry (“USR”), including a USR database, according to one embodiment of the invention; -
FIG. 2 is a functional block diagram of a first embodiment of a networked environment including the computer system ofFIG. 1 ; -
FIG. 3 is a functional block diagram of an entry of a database forming the USR database ofFIG. 1 ; -
FIG. 4 is a functional block diagram of a second embodiment of a networked environment including the computer system ofFIG. 1 ; -
FIG. 5 is a flow chart illustrating steps in a process of inputting data into the USR database; -
FIG. 6 is a flow chart illustrating steps in a process of retrieving data from the USR database; -
FIG. 7 is a flow chart illustrating a first protocol for purchasing goods from a merchant via the USR database without transmitting credit card information to the merchant; -
FIG. 8 is a flow chart illustrating a second protocol for purchasing goods from a merchant via the USR database without transmitting credit card information to the merchant; -
FIG. 9 is a flow chart illustrating a protocol for purchasing goods from a merchant via the USR database by validating the user's check; -
FIG. 10 is a flow chart illustrating a protocol for purchasing goods from an on-line merchant via the USR database without transmitting credit card information to the on-line merchant, and enabling the on-line merchant to ship the goods to a virtual address; -
FIG. 11 is a flow chart illustrating a protocol for shipping goods to a virtual address via the USR database; -
FIG. 12 is a flow chart illustrating a protocol for telephoning a virtual phone number via the USR database; -
FIG. 13 is a flow chart illustrating a protocol for identifying a person via the USR database; -
FIG. 14 is a flow chart illustrating a protocol for identifying a person to a policeman via the USR database; -
FIG. 15 is a flow chart illustrating a protocol for providing information to an authorized recipient of the information via the USR database; -
FIG. 16 is a flow chart illustrating a protocol for providing application information to an authorized recipient of the information via the USR database; -
FIG. 17 is a functional block diagram of an embodiment configured to use information in the USR system to activate or keep active property secured through the USR system; and -
FIG. 18A is a functional block diagram of an embodiment configured to use the USR system to control access to a secure computer network; -
FIG. 18B is a functional block diagram of another embodiment configured to use the USR system to control access to a secure computer network; -
FIG. 19 is a flow diagram of a process for controlling access to a secure computer network with the USR system in accordance with an embodiment of the invention; -
FIG. 20 is a flow diagram of a process for controlling access to a secure computer network with the USR system in accordance with another embodiment of the invention; -
FIG. 21 illustrates an embodiment of a system for validating the identity of an individual; -
FIGS. 22A and 22B illustrate one embodiment of a process for validating the identity of an individual; -
FIG. 23 illustrates one embodiment of various fields included within a first wireless signal and a second wireless signal as transmitted by the system ofFIG. 21 ; -
FIG. 24 illustrates one embodiment of a process for verifying or authenticating the identity of a first user of a first wireless transmission device; -
FIG. 25 illustrates another embodiment of a process for authenticating the identity of a first user of a wireless transmission device; -
FIG. 26 illustrates still another embodiment of a process for authenticating the identity of a first user of a wireless transmission device; and -
FIG. 27 illustrates one embodiment of a data structure that can be used by any wireless device of the system ofFIG. 21 ; -
FIG. 28 illustrates a system in accordance with one embodiment of the invention; -
FIG. 29 illustrates a process in accordance with an embodiment of the invention; -
FIGS. 30A-30D illustrate a converter device in accordance with one embodiment of the invention; and -
FIG. 31 illustrates a further embodiment of a system that employs the USR system. - This invention is not limited in its application to the details of construction and the arrangement of components set forth in the following description or illustrated in the drawings. The invention is capable of other embodiments and of being practiced or of being carried out in various ways. Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. The use of “including,” “comprising,” or “having,” “containing”, “involving”, and variations thereof herein, is meant to encompass the items listed thereafter and equivalents thereof as well as additional items.
- In one embodiment, an information system is formed as a computer program running on a computer or group of computers configured to provide a universal secure registry (USR) system. The computer, in this instance, may be configured to run autonomously (without the intervention of a human operator), or may require intervention or approval for all, a selected subset, or particular classes of transactions. The invention is not limited to the disclosed embodiments, and may take on many different forms depending on the particular requirements of the information system, the type of information being exchanged, and the type of computer equipment employed. An information system according to this invention, may optionally, but need not necessarily, perform functions additional to those described herein, and the invention is not limited to a computer system performing solely the described functions.
- In the embodiment shown in
FIG. 1 , acomputer system 10 for implementing a USR system according to the invention includes at least onemain unit 12 connected to a wide area network, such as the Internet, via acommunications port 14. Themain unit 12 may include one or more processors (CPU 16) runningUSR software 18 configured to implement the USR system functionality discussed in greater detail below. TheCPU 16 may be connected to a memory system including one or more memory devices, such as a random accessmemory system RAM 20, a read onlymemory system ROM 22, and one ormore databases 24. In the illustrated embodiment, thedatabase 24 contains a universal secure registry database. The invention is not limited to this particular manner of storing the USR database. Rather, the USR database may be included in any aspect of the memory system, such as inRAM 20,ROM 22 or disc, and may also be separately stored on one or more dedicated data servers. - The computer system may be a general purpose computer system which is programmable using a computer programming language, such as C, C++, Java, or other language, such as a scripting language or even assembly language. The computer system may also be specially programmed, special purpose hardware, an application specific integrated circuit (ASIC) or a hybrid system including both special purpose components and programmed general purpose components.
- In a general purpose computer system, the processor is typically a commercially available microprocessor, such as Pentium series processor available from Intel, or other similar commercially available device. Such a microprocessor executes a program called an operating system, such as UNIX, Linux, Windows NT,
Windows 95, 98, or 2000, or any other commercially available operating system, which controls the execution of other computer programs and provides scheduling, debugging, input/output control, accounting, compilation, storage assignment, data management, memory management, communication control and related services, and many other functions. The processor and operating system defines a computer platform for which application programs in high-level programming languages are written. - The
database 24 may be any kind of database, including a relational database, object-oriented database, unstructured database, or other database. Example relational databases include Oracle 81 from Oracle Corporation of Redwood City, Calif.; Informix Dynamic Server from Informix Software, Inc. of Menlo Park, Calif.; DB2 from International Business Machines of Armonk, N.Y.; and Access from Microsoft Corporation of Redmond, Wash. An example object-oriented database is ObjectStore from Object Design of Burlington, Mass. An example of an unstructured database is Notes from the Lotus Corporation, of Cambridge, Mass. A database also may be constructed using a flat file system, for example by using files with character-delimited fields, such as in early versions of dBASE, now known as Visual dBASE from Inprise Corp. of Scotts Valley, Calif., formerly Borland International Corp. - The
main unit 12 may optionally include or be connected to anuser interface 26 containing, for example, one or more input and output devices to enable an operator to interface with theUSR system 10. Illustrative input devices include a keyboard, keypad, track ball, mouse, pen and tablet, communication device, and data input devices such as voice and other audio and video capture devices. Illustrative output devices include cathode ray tube (CRT) displays, liquid crystal displays (LCD) and other video output devices, printers, communication devices such as modems, storage devices such as a disk or tape, and audio or video output devices. Optionally, theuser interface 26 may be omitted, in which case the operator may communicate with theUSR system 10 in a networked fashion via thecommunication port 14. It should be understood that the invention is not limited to any particular manner of interfacing an operator with the USR system. - It also should be understood that the invention is not limited to a particular computer platform, particular processor, or particular high-level programming language. Additionally, the computer system may be a multiprocessor computer system or may include multiple computers connected over a computer network. It further should be understood that each module or step shown in the accompanying figures and the substeps or subparts shown in the remaining figures may correspond to separate modules of a computer program, or may be separate computer programs. Such modules may be operable on separate computers. The data produced by these components may be stored in a memory system or transmitted between computer systems.
- Such a system may be implemented in software, hardware, or firmware, or any combination thereof. The various elements of the information system disclosed herein, either individually or in combination, may be implemented as a computer program product, such as
USR software 18, tangibly embodied in a machine-readable storage device for execution by thecomputer processor 16. Various steps of the process may be performed by thecomputer processor 16 executing theprogram 18 tangibly embodied on a computer-readable medium to perform functions by operating on input and generating output. Computer programming languages suitable for implementing such a system include procedural programming languages, object-oriented programming languages, and combinations of the two. - As shown in
FIG. 2 , thecomputer system 10 may be connected to a plurality of interface centers 27 over awide area network 28. Thewide area network 28 may be formed from a plurality of dedicated connections between the interface centers 27 and thecomputer system 10, or may take place, in whole or in part, over a public network such as the Internet. Communication between the interface centers 27 and thecomputer system 10 may take place according to any protocol, such as TCP/IP, ftp, OFX, or XML, and may include any desired level of interaction between the interface centers 27 and thecomputer system 10. To enhance security, especially where communication takes place over a publicly accessible network such as the Internet, communications facilitating or relating to transmission of data from/to theUSR database 24 or thecomputer system 10 may be encrypted using an encryption algorithm, such as PGP, DES, or other conventional symmetric or asymmetric encryption algorithm. - In one embodiment, the
USR system 10 orUSR database 24 may be able to authenticate its identity to a user or other entity accessing the system by providing an appropriate code which may be displayed on the user's smart card, for example a SecurID™ card or its equivalent, or other code generator, for example a single use code generator, being employed by the user. A comparison by the user or the code generator between the provided number and an expected number can validate, to the user (or other entity) or the code generator, that communication is with the database and not an imposter. In another embodiment, a challenge-response protocol is employed to authenticate the identity of the USR system and/or the user to the other. - The
database 24 shown inFIG. 1 has a USR database containing entries related to persons 1-n. The data in the USR database may also be segregated, as shown inFIG. 4 , according to data type to enable individual computer modules to handle discrete applications on discrete data types. Segregating the data, as illustrated inFIG. 4 , may make access to the database more robust by enabling portions of the data in theUSR database 24 to be accessible even when it is necessary to perform maintenance on a portion of the database. However, storing the data in theUSR database 24 according to the scheme illustrated inFIG. 1 may make it easier for a user of the database to make changes to multiple types of data simultaneously or in a single session. There are advantages and disadvantages to each data structure, and the invention is not limited to a particular manner of organizing the data within thedatabase 24, data structures other than the two shown also being possible. - As shown in
FIG. 3 , eachentry 30 in thedatabase 24 may contain multiple types of information. For example, in the embodiment shown inFIG. 3 , the entry containsvalidation information 32,access information 34, publiclyavailable information 36, addressinformation 38, credit card and otherfinancial information 40,medical information 42,job application information 44, andtax information 46. The invention is not limited to a USR containing entries with all of this information or only this particular information, as any information on a person or other entity such as a company, institution, etc. may be stored inUSR database 24. - If the database information is split between multiple databases, each database will typically include at least the validation and access information to enable the USR software to correlate a validation attempt with a verified validation, and to enable the USR software to determine access privileges to the requested data. Alternatively, databases may be linked to permit information not in a main USR database to be retrieved, with validation/identification for all databases accessed being done at the USR system.
- In
FIG. 3 , the validation information is information about the user of the database to whom the data pertains and is to be used by theUSR software 18 to validate that the person attempting to access the information is the person to whom the data pertains or is otherwise authorized to receive it. The validation information may be any type of information that will reliably authenticate the identity of the individual. For example, in some embodiments, the information may include any of a secret known by the user (e.g., a pin, a phrase, a password, etc.), a token possessed by the user that is difficult to counterfeit (e.g., a secure discrete microchip), and/or a measurement such as a biometric (e.g., a voiceprint, a fingerprint, DNA, a retinal image, a photograph, etc.). - The user's identifying information may be manually entered or scanned at the interface center. However, a variety of types of communication may be employed to communicate the user's identifying information from the identification card or token to the computer system.
- For example, near field signal may be employed to communicate information between the identification card or token and the
computer system 10. According to one embodiment, the user's identifying information is included in (or entered via) the user's cell phone where it is then communicated to thecomputer system 10. In one embodiment, the cell phone is also configured to receive information from thecomputer system 10 at theinterface center 27. - In one embodiment, the user of the database will carry a SecurID′ card available from RSA Security, formerly Security Dynamics Technologies, Inc., of Cambridge, Mass. Use of this card enables secure access to the USR database without requiring the user to transmit any personal information. Specifically, to access the USR database, the card retrieves a secret user code and/or time varying value from memory and obtains from the user a secret personal identification code. The card mathematically combines these three numbers using a predetermined algorithm to generate a one-time nonpredictable code which is transmitted to the
computer system 10. The computer system, specificallyUSR software 18, utilizes the received one-time nonpredictable code to determine if the user is authorized access to the USR database and grants access to the USR database if the user is determined to be authorized. Theverification information 32 in the database entry in the embodiment of the invention illustrated inFIG. 3 contains information to enable theUSR software 18 to validate the user using such a card in this manner Alternative types of identification cards or tokens may likewise be used. For example, other smart cards may be used which generate non-predictable single use codes, which may or may not be time varying, or other access code generators may be used. An algorithm generating such non-predictable codes may also be programmed onto a processor on a smart card or other computing device, such as a cell phone, pager, ID badge, wrist watch, computer, personal digital assistant, key fob, or other commonly available electronic device. For convenience, the term “electronic ID device” will be used generically to refer to any type of electronic device that may be used to obtain access to the USR database. - Likewise, various types of biometric information may be stored in the verification area of the database entry to enable the identity of the user possessing the identifying device to be verified at the point of use. Examples of the type of biometric information that may be used in this situation includes a personal identification number (PIN), fingerprint, voice print, signature, iris or facial scan, or DNA analysis. If desired, the verifying section of the database may contain a picture to be transmitted back to the person seeking to validate the device to ensure the person using the device is the correct person. Optionally, the identifying device itself may also be provided with a picture of the person authorized to use the card to provide a facial confirmation of the person's right to use the card.
- Further, a challenge-response protocol may be employed in combination with or as an alternative to the preceding to validate the person attempting to access the information. Various embodiments may employ a challenge-response protocol with or without an identification card. In
FIG. 3 , theAccess information 34 is provided to enable different levels of security to attach to different types of information stored in theentry 30 in theUSR database 14. For example, the person may desire that their address information be made available only to certain classes of people, for example colleagues, friends, family, Federal Express, U.P.S., and the U.S. mail service. The names or universal identifiers for those selected individuals, companies, organizations and/or agencies may be entered into appropriate fields in the Access information to specify to theUSR software 18 those individuals to whom the address information may be released. Likewise, access fields may be specified for the other types of information. For example, the individual may specify that only particular individuals and/or companies have access to the credit card and otherfinancial information 40,medical information 42,job application information 44 andtax information 46. Additionally, the individual may specify that no one have access to that information unless the individual participates in the transaction (seeFIG. 6 ). - As shown in
FIG. 1 , theUSR software 18 contains algorithms for execution by theCPU 16 that enables theCPU 16 to perform the methods and functions of the USR software described below in connection withFIGS. 5-16 . TheUSR software 18, in this embodiment, performs all functions associated with validating an electronic ID card. If desired, a separate validation software module may be provided to validate electronic ID devices outside of a firewall segregating the validation information from other user information. - This algorithm comprising the
USR software 18 may be used to implement, in one exemplary embodiment, a USR system configured to enable selected information to be disseminated to selected individuals in a secure and dynamic fashion. This information may be used for numerous purposes, several of which are set forth below and discussed in greater detail in connection withFIGS. 5-16 . - For example, the USR system may be used to identify the person, enable the person to be contacted by telephone or mail anonymously, enable the person to be contacted by telephone or by mail without revealing the person's telephone number or present location, enable the person to purchase items over the Internet or in a store without revealing to the merchant any personal identification information or credit card information, enable the person to complete a job application without completing a job application form, enable the police to discern the person's identity and any outstanding warrants on the individual, and numerous other uses. The invention is not limited to these several enumerated uses, but rather extends to any use of the USR database. The methods of using the
USR database 24 will now be discussed in connection withFIGS. 5-16 . -
FIG. 5 illustrates a method of training theUSR database 24. As shown inFIG. 5 , theUSR software 18 first validates the person's identification (500). The initial validation of the person's identification (500) may take place at the point of sale of an electronic ID device (for example, a smart card). This may be done in any conventional manner, such as by requiring the person to show a government issued identification card, passport, birth certificate, etc. Once the person's electronic ID device has been issued and initially validated, the validation process proceeds as discussed above. - After the validation process (500), the
USR software 18 determines if the person has rights to enter data into the system (502). This step enables the system to charge persons for maintaining information in theUSR database 24. For example, theUSR software 18 may poll a database of current accounts or a database of accounts that are currently in default to determine if the person has paid the access fee to enter data into the database. A similar account status inquiry process may be performed by theUSR software 18 in connection with each of the other methods set forth inFIGS. 6-16 . If the person is not authorized to enter data into theUSR database 24, the person is notified of the status of their account and the process returns (512) to wait for further input from another person. Alternatively, a person may be permitted to enter some classes of data into the system and update such classes of data at no charge, with a fee possibly being required for other classes of data, for example medical records. This would facilitate a more robust database. - If the person is authorized, the
USR software 18 then enables the person to enter basic personal data into the USR database 24 (504). Optionally, personal data may be one class of data theUSR software 18 allows the person to enter into theUSR database 18 regardless of account status, i.e., for free. - The
USR software 18 will then check to see if the person has additional rights to enter additional data (506), such as data to be entered into one of the other categories of data inFIG. 3 . Optionally, this step of checking the person's rights to enter data (506) may be combined with the initial check (502). If the person does not have rights to enter any further data, theUSR software 18 notifies the user and returns (512). - If the
USR software 18 determines that the person has the right to enter additional data into theUSR database 24, the person is prompted through the use of appropriate prompts, provided with forms, and otherwise enabled to enter advanced personal data into the USR database 24 (508). For each type of data entered, the person is asked to specify the type of access restrictions and/or whom should be allowed to access the advanced personal data (510). When the person has completed entering data into the database, the process returns (512) and commits the data to the database. - In the situation where only one person has access to enter and/or modify data for a given person in the database, there should be no conflict with committing data to the database. If, however, multiple people have access to a given account to modify data, the database may perform an integrity check to ensure the absence of conflict in the data before committing the new data to the database.
- Enabling access to the information in the database will be explained in greater detail in connection with
FIG. 6 . As shown inFIG. 6 , the database will generally allow anyone to access basic personal data on anyone without performing any authorization check (600). - If information beyond that specified in the basic personal information area is requested, the
USR software 18 queries whether the requestor has the right to access the type of requested data (602). The process of determining the requestor's rights (602) typically involves validating the requestor's identity and correlating the identity, the requested information and theaccess information 34 provided by the person to the USR database during the training process described above with respect toFIG. 5 . - If the
USR software 18 determines that the requestor has rights to access the type of requested data (604), theUSR software 18 instructs theUSR database 24 to enable access to the type of requested data (606). The actual step of enabling access to the type of requested data may involve multiple steps of formulating a database query, querying theUSR database 24, retrieving the results, assembling the results into a user friendly or user readable format, and transmitting the information to the user. - If the
USR software 18 determines that the requestor does not have the appropriate rights to access the type of requested data (604), theUSR software 18 checks to see if the person is participating in the transaction (608). Checking to see if the person is participating in the transaction enables the user to authorize access to the requested data in real time. For example, a person may wish to participate in a transaction to give a potential employer one-time access to job application information 44 (seeFIG. 3 ). If the person is not participating in the transaction, theUSR software 18 determines that the requestor is not authorized to have access to the requested data, notifies the requestor of this determination, and ends (610). - If the person is participating in the transaction (608), however, the
USR software 18 validates the person's identity (612) and enables the person to change access rights to the data (614). If theUSR software 18 is not able to validate the person's identity, theUSR software 18 refuses to allow the person to update the database, notifies the person and/or requestor of this determination, and returns (610). - It is also possible that a person may be required to grant access to certain data, for example financial data such as account numbers, under duress. The system may provide the person with the ability to safely signal this when accessing the system by using a selected access code or by making a known modification to the access code provided by the electronic ID device. On receiving such code, the system would take appropriate steps to protect the person, including for example alerting the police, tracking the person's location to the extent possible, providing traceable data, and the like.
- Once the person has had the opportunity to change access rights to the data (614), the
USR software 18 again checks to see if the requestor has rights to access the type of requested data (616). Althoughstep 616 may seem redundant, given the fact that the person is participating in the transaction and has just previously changed access rights to the database to enable the requestor to have access to the data,step 616 is actually useful at preventing a different type of fraud. Specifically, the requestor may not be forthright with the person regarding the type of information they are requesting. Ifstep 616 were omitted, theUSR software 18 may inadvertently allow access to an unauthorized type of information in the situation where the requestor has surreptitiously requested multiple types of data. - If the
USR software 18 determines that the requestor has rights to the type of data requested (616), it causes the USR database to enable access to the type of requested data (606). Otherwise, it notifies the requestor of the decision to deny access to the requested data and returns (610). - Various applications of the
USR database 24 andUSR software 18 will now be discussed in connection withFIGS. 7-16 . These applications are merely exemplary of the types of applications enabled by theUSR software 18 andUSR database 24, and the invention is not limited to these particular applications. -
FIG. 7 illustrates one embodiment of a method of using theUSR software 18 andUSR database 24 to purchase goods or services from a merchant without revealing to the merchant account information relating to the person's bank or credit card. - As shown in
FIG. 7 , when a user initiates a purchase (700), the user enters a secret code in the user's electronic ID device (702) to cause the ID device to generate a onetime code or other appropriate code, and presents the electronic ID device with the code to the merchant or otherwise presents the code to the merchant. The merchant transmits to the credit card company (1) the code from the electronic ID device, (2) the store number, (3) the amount of the purchase (704), and the time of receipt of the code. The credit card company takes this information and passes the code from the electronic ID device to the USR software 18 (706). TheUSR software 18 determines if the code is valid, or was valid at the time offered, and if valid accesses the user's credit card information and transmits the appropriate credit card number to the credit card company (708). While the link between the USR system and the credit card system is a secure link, there is always a danger that the link may be penetrated and credit card numbers obtained. This may be avoided by instead transmitting, on approval, a multidigit public ID code for the credit card holder which the credit card company can map to the correct credit card number. Even if the link is violated, the public ID code is of no value and the secure link prevents this code from being improperly sent to the credit card company. The credit card company checks the credit worthiness of the user and declines the card or debits the user's account in accordance with its standard transaction processing system (710). The credit card company then notifies the merchant of the result of the transaction (712). In this embodiment, the user has been able to purchase goods or services from a merchant without ever providing to the merchant the credit card number. Since the electronic ID device generates a time variant code or otherwise generates a code that can for example only be used for a single transaction, the merchant retains no information from the transaction that may be fraudulently used in subsequent transactions. - Another embodiment of a system for facilitating purchase of goods or services without providing financial information to the merchant is set forth in
FIG. 8 . InFIG. 8 , likeFIG. 7 , the user initiates a purchase (800), enters a secret code in the electronic ID device (802) and presents the resultant code to the merchant. The merchant, in this embodiment, transmits to theUSR software 18, (1) the code from the electronic ID, (2) the store number, and (3) the amount of the purchase (804). TheUSR software 18 determines if the code is valid (806) and, if valid, accesses from theUSR database 24 the user's credit card information (808). The USR software then transmits to the credit card company (1) the credit card number, (2) the store number, and (3) the amount of purchase (808). The information in this embodiment transmitted to the credit card company is intended to be in a format recognizable to the credit card company. Accordingly, the invention is not limited to transferring from theUSR system 10 to the credit card company the enumerated information, but rather encompasses any transfer of information that will enable the use of theUSR system 10 to appear transparent to the credit card company. - The credit card company then processes the transaction in a standard fashion, such as by checking the credit worthiness of the person, declining the card or debiting the user's account and transferring money to the merchant's account (810). The credit card company then notifies the
USR system 10 the result of the transaction (812) and theUSR software 18 in turn notifies the merchant of the result of the transaction (814). - In this embodiment, like the embodiment of
FIG. 7 , the user can use theUSR system 10 to purchase goods or services from a merchant without providing the merchant with the user's credit card number. In the embodiment ofFIG. 8 , the interposition of theUSR system 10 between the merchant and the credit card company is transparent to the credit card company and thus requires no or minimal cooperation from the credit card company to implement. -
FIG. 9 illustrates one embodiment of a method of using theUSR system 10 to verify funds when using a check to purchase goods or services from a merchant. In the embodiment ofFIG. 9 , the user initiates a purchase and writes a check to the merchant (900). The check may be a conventional check containing identifying information, or may be a check bearing a unique serial number and no identifying information to enable the check to be used anonymously. - In either situation, the user enters a secret code into the electronic ID card and presents the resulting code to the merchant along with the check (902). The merchant transmits to the USR software 18 (1) the code from the electronic ID card, (2) the store number, and (3) the amount of the purchase (904). Where the check is an anonymous check, the merchant also transmits to the
USR software 18 the check number. - The
USR software 18 then determines if the code from the electronic ID is valid (906), and if valid accesses the user's bank information and transmits to the bank: (1) the user's bank account number, (2) the store number, and (3) the amount of the purchase (908). Optionally, theUSR software 18 may additionally inform the bank of the check number. - The bank polls its own database to determine if there are sufficient funds in the user's account (910) and notifies the
USR software 18 of the result (912). TheUSR software 18 then, in turn, notifies the merchant of the result of the verification (914). - This check verification system may take place over an unsecured connection between the merchant and the
USR system 10 since the user's bank account information is not sent over the connection between the merchant and theUSR system 10. Moreover, where an anonymous check is used, the merchant is not even provided with the person's name or account information in written form. This provides additional security against unauthorized persons writing subsequent checks. - The check verification system may be conducted over a telephone network, such as by having the merchant call a toll free number or over a network connection such as over the Internet.
-
FIG. 10 illustrates a method of conducting a transaction with a merchant without requiring the user to provide to the merchant the user's name, address, or other identifying information, while enabling the merchant to ship the goods to the user. This may be beneficially employed, for example, in connection with transactions that take place between remote parties in a networked environment, such as the Internet. - As shown in
FIG. 10 , the user initiates an anonymous purchase by entering a secret code into the electronic ID device and transmitting the result to the on-line merchant (1000). The merchant transmits this information to theUSR software 18, along with the store number and the amount of the purchase (1002). Optionally, the merchant may provide the store number and purchase price to the user and the user may send this information directly to theUSR software 18 along with the code from the electronic ID. Where the number from the electronic ID device is a time varying number, the merchant may also need to input the time the number was received. Alternatively, the electronic ID device may encode or encrypt the time with the number, the USR software being able to extract time when receiving the number from the merchant. This may not be required where the time varying number varies slowly, for example changing every hour rather than every minute as with some devices. - In either event, the
USR software 18 determines if the code is valid (1004) and, if valid, accesses the user's credit card information from the USR database 24 (1006). TheUSR software 18 then contacts the user's credit card company, as described above in connection withFIG. 8 (1008) and notifies theUSR software 18 of the result (1010). - If the user's credit is declined, the
USR software 18 notifies the on-line merchant and the transaction is terminated (1012). If the user's credit is honored, theUSR software 18 polls theUSR database 24 for the user's address and/or address code (1014). Address codes are discussed below in greater detail with reference toFIG. 11 . The merchant then packages the goods into a parcel, labels the parcel with the appropriate address and/or address code and ships the parcel to the user (1016). Having theUSR system 10 provide the address and/or address code to the on-line merchant enables the user to purchase items in a networked environment without requiring the user to input address information in connection with every sale. -
FIG. 11 illustrates a use of theUSR database 24 to deliver mail to a user without requiring the user to provide address information to the sender. This may be useful in many contexts. For example, the user may wish that the address information be known only by the post office. In this instance, using theUSR database 24 according to the method of the invention described below will enable the user to receive parcels without requiring the user to provide the merchant with the address information. Additionally, the user's address may change, temporarily, permanently, or frequently. Enabling the sender to send mail by entering a code instead of an address enables the post office to effectively deliver the coded mail to the corresponding address regardless of the frequency with which the address changes or the duration in which the address will remain valid. - In
FIG. 11 , the user provides an address code on a public area of theUSR database 24 that is available to all persons to see (1100). This code may for example be six alpha characters, which should be adequate for currently anticipated system populations. Optionally, the user may provide this code directly to a merchant or other person desirous of sending the person one or more parcels. - The user also provides address information to the
address information area 38 of the user's entry in the USR database 24 (1102). Access to theaddress information 38 is restricted by a rule or other appropriate entry in theaccess information 34 of the user's entry to only permit mail, parcel or other material delivery services, such as the US mail, UPS and Fed Ex to access the address information. - When someone wishes to have a parcel or other items delivered to the user, the sender retrieves the user's address code from the
USR database 24 or otherwise receives the address code from the user, and prints the address code on the parcel (1104). - The delivery service accesses the
USR software 18, validates its identity, and queries theUSR database 24 for address information corresponding to the address code (1106). TheUSR database 24 retrieves the appropriate address data and provides the address information to the delivery service. The delivery service then either prints out an address label, prints a machine readable bar code to be attached to the package, or correlates an entry in a delivery database between the address code and the user address (1110). The delivery service then uses this retrieved information to deliver the package to the user while never supplying the merchant with the user's permanent or temporary address. A user may also assure that mail, parcels, etc. are delivered to a current location by providing only a single notice to the USR system, regardless of how frequently the person moves. The person can also automatically provide for address changes where the person moves according to a known schedule. Thus, deliveries to be made on a weekday could be directed to one address and deliveries on a weekend to another address; or deliveries during winter months to one address and during summer months to a different address. -
FIG. 12 illustrates a method of enabling a person to telephone a user of theUSR system 10 without providing the user's telephone number to the person. In the embodiment illustrated inFIG. 12 , the user provides a telephone code on the publicly available area of his entry on the USR database 24 (1200). This code may be assigned by theUSR software 18 or made up by the user. The user also provides theUSR database 24 with actual telephone information to enable theUSR system 10 to connect callers with the user (1202). - The person wishing to telephone the user of the
USR system 10 calls a telephone number and enters the telephone code of the user (1204). TheUSR software 18, optionally, may require the person to identify themselves to see if they are authorized to call the user. Assuming that the person is authorized to call the person, or if no authorization check is performed, the USR connects the person to the telephone number in theUSR database 24 without providing the person with the telephone number. - Enabling the user to specify the telephone number may be advantageous for many reasons. First, the user may frequently be switching between telephone coverage areas and may wish to be reachable at all times. Simply by instructing the
USR database 24 to connect incoming telephone calls to one of a myriad of numbers will facilitate connecting the incoming calls to, for example, the user's cell phone, work phone, pager, car phone or home phone, without necessitating the user to provide all these numbers to the caller. A similar system may be implemented for facsimile transmissions, e-mails or other communications. - The user also may have predefined rules to enable telephone calls to follow a set pattern. For example, the user may desire to receive telephone calls only from family members during the night time at home, may wish to have all incoming calls routed to a car phone during commuting hours, and may wish to have all incoming calls routed to a cell phone during lunch. These time dependent rules may and/or caller specific rules may be entered into the USR database to specify accessibility and connectivity of incoming telephone calls.
- The publicly available address code and telephone code and any other codes may be the same, or may be different, there being some advantages to having a single code usable for all such applications for each person on the system. The codes could be accessible through a variety of media including telephone and the Internet. Where two or more people on the system have the same name, which will frequently be the case, additional publicly available biographical data may be provided with the name to assure that the right code is selected. The system may similarly be used to provide public keys for use in a public key/private key encryption system, to provide other public codes for an individual or to provide other public information. Access to such information would typically be unrestricted.
- Where the system is used to provide public keys, the public code used to obtain the key, or possibly the public key itself, may be used as above to obtain the e-mail address, telephone number or the like for the person to whom the message is being sent, and the USR system may also be used to perform the encryption. When the recipient receives the message, he deencrypts it using the recipient's private key in standard fashion, including deencrypting the name of the sender. However, this does not necessarily verify the sender and such verification may be desirable for important messages, particularly ones involving large financial transactions. The USR system may accomplish such verification by also storing private keys for people in the system. The sender first authenticates himself to the system, and the system then adds a second signature to the message which is encrypted with the sender's private key. The receiving party deencrypts this signature with the sender's public key. Since the system only sends such signatures for authenticated users, the message is thus verified.
-
FIG. 13 illustrates a general method of using theUSR database 24 to authenticate a user's identification. This may be used in connection with any of the other methods disclosed herein to ensure that the electronic ID device has not been stolen and/or hacked by an unauthorized holder. - Specifically, in the embodiment illustrated in
FIG. 13 , the user attempts to prove identification to a validator, such as to prove that the possessor of the electronic ID device is of sufficient age to purchase alcohol (1300). In connection with this attempt, the user enters a secret code into the electronic ID (1302). The validator transmits to theUSR software 18 the code from the electronic ID (1304). If theUSR software 18 determines that the code is valid (1306), it accesses the user's photograph, age information, or any other desired information, and transmits that information to the validator (1308). By transmitting back to the validator a picture of the person to whom the electronic ID card was issued, the validator can ensure that the person using the electronic ID card is the proper person. Likewise, the validator can ensure, based on the information provided by theUSR system 10, that the person is as old as the person claims to be. - A specific embodiment of this identification validation procedure is illustrated in
FIG. 14 . InFIG. 14 , a policeman takes the place of the validator. In this scenario, however, instead of simply transmitting to the policeman a validation of the user's identity, such as their picture, the policeman may also receive additional information, such as the user's police records, records of any arrests, outstanding warrants, and other similar information that may be of use to the policeman when determining how to handle a particular individual. -
FIG. 15 illustrates a process for enabling the user to provide specific information to a party, such as medical staff in an emergency room. As shown inFIG. 15 , if the user desires to provide information to a party (1500), the user enters a secret code in the electronic ID device and provides the electronic ID code to the party (1502). The party transmits to theUSR software 18 the ID code and the party code (1504). The party code may be a code from for example an electronic device which identifies the party, may be a status code which identifies the class of users to which the party belongs, for example policeman, emergency room personnel, doctor, etc. or may be a combination of both, the status code for example being encrypted into the ID code. TheUSR software 18 determines if the code is valid (1506), accesses the user's information in theUSR database 24 and transmits available information to the party (1508). In this scenario, the user may be provided with a plurality of different codes to enter into the electronic ID device depending on the type of information to be released to the party. For example, the user's basic code may be 1234. The fifth digit of the electronic code may specify the type of information to be provided, i.e., 1=address information, 2=medical information; 3=telephone information, 4=job application information, etc. Using multiple codes eliminates any ambiguity about the authority provided by the user to the party, but requires the user to remember additional information. - The above assumes the user is able to provide an ID code when the information is required. However, in for example an emergency room situation, the user may not be in a position to provide the ID code, but would still want medical records provided. The release authorization for certain portions of the user's database could therefore specify that the information be released to certain class or classes of individuals and the USR system would release such information to individuals or organizations based only on status code. Thus, the status code of an emergency room could alone trigger release of medical data.
-
FIG. 16 illustrates one embodiment of a method of using theUSR database 24 to complete a standard application, such as a job application or an application to rent an apartment. This embodiment is a specific example of the more generic method of enabling a party to retrieve information discussed above with respect toFIG. 15 . InFIG. 16 , however, the party may be provided with the opportunity to provide a form to theUSR software 18, the fields of which may be automatically completed with information from the job application information section of theUSR database 24. - As can be seen from the above, many of the users of the USR system are organizations or agencies such as carriers (post office, UPS, FedEx), communication companies, law enforcement organizations, hospitals and other medical facilities and the like. Each of these organizations can be provided with specialized software either on a disc or other suitable media or electronically, for example over the Internet, which performs a number of functions, for example automatically generating status codes for data access requests, controlling information received, and formatting data received in response to a request in a desired way. This can result in an access request from such organization for a given user causing all data on the user required to complete the form being retrieved and presented to the organization in the format of their form. A user may also authorize an organization for which a form has been completed using the USR system to receive updates, either in response to a request from the organization or at selected intervals, for example once a year, so as to maintain information in the forms current. Since the user will be providing information to the system on a regular basis, this is a relatively easy and painless way for the user to maintain current information with many organizations the user deals with.
- Another potential use of the system is to permit a person to be located where only limited biographical information on the person is known. Users of the USR system wishing to participate in this feature could be cued to provide non-confidential biographical data when they come on the system or at any time thereafter when they decide to participate. They can also indicate whether they wish their name given out in response to such an inquiry or to merely be alerted to an inquiry which might involve them and information on the requester. A person seeking to find another person or group of people can input appropriate biographical data, for example members of 1975 Harvard University hockey team, or information of a person's last known address plus school information, etc. The system will then provide a list of persons who meet the listed criteria from which the person making the inquiry can hopefully find the person they are looking for.
- In the above application and others, when a person is located, the person may request that only the person's address code or general access code (i.e. a single code which is used to get current address, telephone, e-mail, etc. information) be provided when the person is located. This can further protect the individual from undesired contacts.
- Further, although each of
FIGS. 13-16 refer to the entry of a secret code for validation by the USR system, the processes illustrated for each ofFIGS. 13-16 may include a challenge-response protocol by which the user's identity is authenticated. -
FIG. 17 illustrates another embodiment of the invention. As shown inFIG. 17 , theUSR system 10 may be used to secure expensive personal equipment, such as stereos, televisions, laptop computers, cellular telephones, cars, boats, and other items of value to a person. In this embodiment, each item to be secured using the USR system is provided with a USR timer chip imbedded in the electronics. If the USR timer chip is not provided with a code within a predefined period of time, for example every 30 days, the equipment is deactivated. Thus, for example, a television, mobile phone, laptop computer, automobile, heavy equipment, weapon or facility may be provided with a security chip having an internal timer that must be reset before expiration by provision of a particular code. When reset does not occur, the timer will disable the electronic device or other device using any one of a number of known disablement methods. Exemplary codes may be transmitted in the same manner as beeper signals are conventionally transmitted or may be transmitted to wired devices over the Internet or other public network. - The
USR system 10 may be advantageously employed to automatically provide the secured property with the necessary codes at appropriate intervals, unless instructed by the user of theUSR system 10 to cease doing so. Alternatively, theUSR system 10 may require participation by the user prior to sending out the activation codes. - In this embodiment, the user may provide to the
USR system 10, information indicative of the codes to be transmitted, timing information, and automation information—i.e., whether the codes should be sent automatically or should require user intervention. Optionally, where the user opts to require user intervention, theUSR system 10 may notify the user of the upcoming deadline via e-mail or another method. - This system may be useful to secure sensitive equipment other than personal equipment as well, such as military equipment, public equipment, school equipment and any other equipment that is subject to theft.
-
FIG. 18A illustrates another embodiment of the invention that can provide a centralized system to control access to a plurality of secure networks. As shown inFIG. 18A , for example, asystem 1800 may employ theUSR 10 to control access to a plurality of secure systems 1804 (e.g., a plurality of secure computer networks). Thesystem 1800 may include one ormore access devices 1802 that can be employed by a user to access a secure computer network included in the plurality of secure systems. In addition, thesystem 1800 may be employed to protect other secure systems such as secure communication networks and/or other resources that are accessed electronically. According to one embodiment, thesystem 1800 includes afirst communication link 1801 that provides a communication path between theaccess device 1802 and theUSR 10, and asecond communication link 1803 that provides a communication path between theUSR 10 and the plurality ofsecure system 1804. In one embodiment, each of thefirst communication link 1801 and thesecond communication link 1803 are wide area networks, for example, the Internet. - Each of the
secure systems 1804 can be associated with an organization. An organization is any entity that employs a secure (e.g., restricted access) host system to provide resources to a plurality of users. For example, an organization may be a corporation (including a non-profit corporation), partnership, other business entity, an affiliation or individual that employs a secure host system to provide resources to a plurality of authorized users. As should be apparent to those of ordinary skill in the art, an organization is not restricted to any particular size, for example, as measured by the number of members or employees. - More specifically, each of the secure systems No. 1, No. 2, No. 3, etc. may be associated with a different organization and the
USR 10 may control access to each of the secure systems. That is, theUSR 10 can provide access control for a plurality of secure computer networks each associated with a different and unrelated organization. Further, each of the secure computer networks may have a different plurality of users who are authorized to access the network. - The access device may include any of a desktop computer, a laptop computer, and a handheld computer (e.g., a PDA, call phone and the like). Further, as shown in phantom, a plurality of access devices may communicate with the
USR 10. Where a web-based system is employed, for example, each of a plurality of computers connected to the Internet may be individually employed as a separate access device to communicate (e.g., independently communicate) with theUSR 10 to gain access to one or more of thesecure systems 1804. - For example, the
access device 1802 may be a computer employed with a client-server network. In this example, to access resources provided by one of thesecure system 1804, the user initiates an access request for asecure system 1804 selected by the user. That is, the user may supply authentication information and a computer network ID to the USR. As is described in further detail below, the authentication information and the computer network ID are processed by the USR to authenticate the user and determine whether the user is authorized to access thesecure system 1804 that is identified by the computer network ID. The USR then routes communications between the user and the secure system provided that the user authentication is successfully completed. - According to one embodiment, the
USR 10 connects theaccess device 1802 to one of thesecure systems 1804 via a communication path that does not include theUSR 10. In an alternate embodiment, theUSR 10 connects theaccess device 1802 to one of thesecure system 1804 via a communication path that does include the USR. - Referring now to
FIG. 18B , asystem 1810 employs aUSR 10 to control access to a secure system (e.g., a secure computer network) according to another embodiment. In one embodiment, thesystem 1810 includes theUSR 10, anaccess device 1802, and a plurality ofsecure system 1804. According to this embodiment, the user selects from the plurality of secure systems 1804 a secure system that the user would like to access. With theaccess device 1802, the user communicates authentication information directly to the selectedsecure system 1804, e.g., without gaining access to the system. The secure system then communicates the authentication information and/or information corresponding to the authentication information to theUSR 10. TheUSR 10 processes the information received from the secure system and then communicates an indication of whether the authentication information corresponds to one of the plurality of users authorized to access the secure system. The secure system grants or denies access to the secure system (and the associated resources) based on the indication received from theUSR 10. - As illustrated in
FIGS. 18A and 18B , theUSR 10 can provide a centralized access control system (e.g., an authentication system) for a plurality ofsecure systems 1804 that are associated with independent organizations that may have no affiliation with one another. Referring toFIGS. 18A and 18B , a first organization may be associated with (have resources located on and/or accessed by) the secure system no. 1, a second organization may be associated with the secure system no. 2, and so on. In addition, a single organization may also be associated with a plurality of thesecure systems 1804. Thus, in one embodiment, theUSR 10 provides access control to a plurality of secure systems for a single organization. - The
systems secure systems 1804 and specialized authentication software is not required at the access device. In a further embodiment, specialized authentication software is also not required at the secure system. In versions of these embodiments, theUSR 10 provides a web-based system in which the user employs a web-browser when communicating with theUSR 10 and the secure system. - The
USR 10 can also provide centralized administration and management for the plurality ofsecure systems 1804. The centralized administration can include routine tasks such as adding or removing authorized users for each of the plurality ofsecure systems 1804, for example, based on the hiring or resignation, respectively, of an employee. Additional administrative functions such as maintaining a secure database of private keys associated with each user, generating time varying codes, maintaining encryption software, maintaining audit trails and other functions may also be accomplished in a centralized fashion with theUSR 10 for a plurality of organizations. - In one embodiment, following the connection of the
access device 1802 to thesecure system 1804, theUSR 10 develops an audit trail by monitoring the communication path to capture information concerning the use of the secure system. For example, theUSR 10 may collect and store information concerning the length of time during which the access device remains connected to the secure system, the type of resources accessed by the user, the type of data transmitted (including the identification of specific documents) during a login period and the volume of data transmitted. - According to one embodiment, the USR continuously monitors the communication between a plurality of
access devices 1802 and a secure computer network and collects information to generate an audit trail for each device. According to another embodiment, the USR does not continuously monitor communications. Instead, the secure computer network intermittently (e.g., periodically) transmits audit information to theUSR 10 where the audit information may concern one or a plurality of users connected to the network during a specific time period. - In each of the embodiments, described with reference to
FIGS. 18A and 18B , theUSR 10 may be located in an ultra-secure facility that employs heightened security relative to the security provided by the organizations that it serves. The physical facility where the USR is located may meet requirements generally associated with critical military installations. For example, theUSR 10 may be housed in a facility that is hardened against radiation, shielded against electromagnetic interference, and/or protected against earthquakes, hurricanes, etc. to allow operation of the USR during times of general emergency. Further, the personnel and hiring policies of the facility operating theUSR 10 may also be more secure relative to the security measures taken by the organizations associated with thesecure systems 1804. That is, the individuals operating theUSR 10 may undergo more rigorous background checks that include a detailed investigation of their personal and employment histories. - The centralized approach described above can provide increased security because the administration of the access control system (e.g., authentication software) is in the hands of a highly trusted third party who has taken heightened security measures regarding the hiring of the administrative personnel, in particular, the personnel who have access to authentication data (e.g., private encryption keys, etc.).
- In any of the preceding embodiments, the
USR 10 may be geographically remote from the secure systems. - Further, in any of the preceding embodiments, there may be situations where a user employs the
access device 1802 to connect to more than one of the plurality ofsecure systems 1804. In one embodiment, the user is independently authorized to access separatesecure systems 1804 associated with independent organizations. In another embodiment, the user is authorized to access separatesecure systems 1804 each associated with the same organization. In either situation, the user may employ one or more of the authentication procedures described herein before being allowed access to any one of thesecure systems 1804. - Referring now to
FIG. 19 , aprocess 1900 that employs a USR to control access to a secure computer network is illustrated. In one embodiment, theprocess 1900 is employed with thesystem 1800 illustrated inFIG. 18A . Atstep 1902 an entity initiates an access request. In general, the access request will be initiated when the user or entity inputs information into an access device such as a computer. Atstage 1904, the entity supplies authentication information and a computer network ID to the USR (e.g., the information is electronically transmitted from the access device to the USR). According to one embodiment, the information is transmitted via the Internet from the access device to the USR. Atstage 1906, the USR receives the access request which includes the authentication information and the computer network ID. Atstage 1908, the USR determines whether the authentication information is valid for a user. According to one embodiment, the USR includes a database containing selected data of a plurality of users authorized to access a secure computer network, and may compare the authentication information supplied by the entity with authentication information included in the database to determine whether the authentication information corresponds or is valid for a user. If the authentication information is valid, theprocess 1900 moves to stage 1910 where the USR determines whether the entity is authorized to access the computer network identified by the computer network ID. If the entity is authorized to access the computer network then the USR may allow communication between the entity and the secure computer network atstage 1912. As previously indicated, the USR may route communications between the entity and the secure computer network and remain in the communication path employed by the access device to communicate with the secure computer network. Alternatively, the USR may simply provide a connection between the access device and the secure computer network where the communication path provided by the connection does not involve the USR. - Returning to stage 1908 if the authentication information supplied by the entity is not valid for any of the plurality of users then the
process 1900 moves to stage 1914 where an indication is provided to the entity that access is denied. Similarly, if atstage 1910 the entity is not authorized to access the computer network identified by the computer network ID, an indication is provided that the entity is denied access atstage 1914. In various embodiments, the entity may be allowed additional opportunities to successfully access the system. - Referring now to
FIG. 20 , aprocess 2000 for controlling access to a secure computer network is illustrated in accordance with one embodiment. In one embodiment, theprocess 2000 is employed with thesystem 1810 illustrated inFIG. 18B . - In one embodiment the entity initiates an access request at
stage 2002. As described above, the access request can be initiated using an access device and each secure computer network may communicate with a plurality of access devices. Atstage 2004, the entity supplies authentication information to the secure computer network, for example, by entering the information in a web browser and transmitting the authentication information over the Internet to the secure computer network. Atstage 2006, the secure computer network receives the authentication information. Atstage 2008, the secure computer network communicates authentication information to the USR (or information corresponding to the authentication information) to allow the USR to authenticate the access request. Atstage 2010, the USR validates the authentication information to determine whether the entity is authorized to access the secure system, and atstage 2014, the secure system receives an indication from the USR concerning whether the entity is authorized to access the system. In one embodiment, the indication is transmitted from the USR to the secure system via the Internet. Atstage 2016, the secure system grants or denies the entity access to the secure system based on the indication received from the USR. - As should be recognized by those of ordinary skill, the
processes - Various embodiments can be employed to control access to a physical facility. That is, an electronic device (e.g., a keypad, a card reader, a biometric scanner, etc.) or combination of electronic devices can be located at an access point to a secure area (e.g., a door, a gate, etc.). The entity initiates the request using the electronic device. In one embodiment, the physical facility includes all or a portion of the secure computer network. Thus, in one embodiment, the secure system receives an indication of whether an entity is authorized to access a physical facility. The secure system communicates authentication information to the USR. The USR validates the authentication information and communicates an indication of whether the entity is authorized to access the physical facility. The secure system receives the indication and grants or denies the entity access to the physical facility.
- Each of the embodiments described with reference to any
FIGS. 18-20 , may include a challenge-response protocol, for example, to authenticate the identity of the entity and/or the USR system to the other. -
FIG. 21 illustrates an embodiment of asystem 2100 for validating the identity of an individual or an entity. The system includes afirst wireless device 2110 and asecond wireless device 2112. Thefirst wireless device 2110 comprises a first wireless transmitter andreceiver 2114, afirst processor 2116 and afirst memory 2118. Similarly, thesecond wireless device 2112 comprises a second wireless transmitter andreceiver 2120, asecond processor 2122 and asecond memory 2124. According to aspects of the invention, the first wireless device and the second wireless device are configured to wirelessly communicate with each other so that the entity associated with the first wireless device can communicate his identity to the entity associated with the second wireless device. It is to be appreciated that the first wireless transmitter and the second wireless transmitter can be configured to communicate by any form of a wireless signal such as low power Bluetooth signal, infrared signals, RF signals and electromagnetic signals in general. In accordance with one embodiment, the first wireless device and the second wireless device communicate via near field signal. - The first wireless device can also comprise
user interface 2126 that allows the first entity to interact with the first wireless device and can also comprise a display, such as a LCD display, 2118 that allows the first entity to further interact with the first wireless device. In accordance with some embodiments the invention, the first wireless device can be configured so that the first entity must enter a PIN identification number, for example, via the user interface to gain access to the wireless device. Alternatively, or in addition, the first wireless device may comprise a biometric sensor ordetector 2130 that enable the first entity to present biometric data to the first wireless device to gain access to the first wireless device. For example, the biometric sensor can be configured to detect a fingerprint of the first entity. For such embodiment, thememory 2128 also comprises stored biometric data of the first entity, which is compared, for example, by theprocessor 2116 with the detected biometric data to determine whether the first entity is enabled or should be disabled from using the first wireless device. It is also to be appreciated that the biometric data need not be fingerprint data and can be any biometric data known to those of skill in the art, and that the biometric sensor need not be a fingerprint sensor and can be any biometric sensor known to those of skill in the art. - Similarly, the
second wireless device 2112 can also be configured as discussed above with respect to the first wireless device, namely with any or all of auser interface 2132, adisplay 2134 and abiometric sensor 2136 and can be configured to require any and/or all of a second entity to provide a PIN number, or the second wireless device to match biometric information of the second entity with stored biometric information to enable or disable the second entity to gain access to the second wireless device. Each of thefirst wireless device 2110 and thesecond wireless device 2112 comprise a power source or apower source interface first wireless device 2110 and thesecond wireless device 2112 can also comprise an additional wireless transmitter andreceiver device - According to some embodiments of the
system 2100 ofFIG. 21 , either or both of thefirst wireless device 2110 and thesecond wireless device 2112 can be configured to communicate with asecure database 2146, as will be discussed in further detail herein. According to some embodiments, either of the first or second wireless devices may communicate with the secure database on a periodic basis to update its corresponding data, or to stay alive as will be discussed herein, or to retrieve information in the secure database that is used in the communication protocol between the first and second wireless devices to verify the identity of at least the first entity. Accordingly, it is to be appreciated that communication with a secure database can be, for example, via the additional respective wireless transmitters andreceivers network interface network 2148 and to thesecure database 2146. - Referring now to
FIG. 22 , there is illustrated one embodiment of an overall communication process that occurs with thesystem 2100 ofFIG. 21 . In particular, the process is effected by the system ofFIG. 1 so as to identify and authenticate the identity of the first user associated with thefirst wireless device 2110 to the second user associated with thesecond wireless device 2112. For example, consider the situation where an air marshal or an FBI agent is carrying thefirst wireless device 2110 and airport security or security personnel generally want to ensure the identity of the user of thedevice 2110. Thecommunication protocol 200 illustrated inFIG. 22 is one embodiment of a protocol that enables secure authentication of the first user of thewireless device 2110. - According to one embodiment of the process, the first user of the
first wireless device 2110 first authenticates his or herself to thewireless device 2110, for example as has been discussed above, by either entering a PIN via theuser interface 2126 of the first wireless device or by interacting with the biometric sensor of the first wireless device atstep 202. In various embodiments, a challenge-response protocol is employed in which the first user supplies information (a biometric, a PIN or other information) to authenticate his or herself to thewireless device 2110. If the user of the device does not enter the correct PIN number or does not match the biometric data stored inmemory 2118 of the first authorized user of the device, then the device at a minimum shuts down atstep 204. However, according to some embodiments, thedevice 2110 can also be configured to automatically delete any portion of or all of the data stored inmemory 2118 atstep 206. In addition, as will be discussed in further detail herein, according to some aspects of the invention, the first wireless device can be configured to periodically communicate with thesecure database 2146 to remain alive, for example, after the first user of the first device authenticates itself to the first device. If the first device does not communicate with the secure database at such periodic intervals atstep 208, then the first device can be configured to delete any or a portion of the data stored in memory atstep 206. - The communication protocol also comprises a second user of the second device to authenticate his or herself to the second device at
step 210. It is to be appreciated that the authentication by the second device of the second user by any of the mechanisms discussed herein and above with respect to the first wireless device, including entering a PIN number to theuser interface 2132 of the second wireless device or by interacting with thebiometric sensor 2136 of the second wireless device. In addition, it is to be appreciated that as discussed above with respect to the first wireless device, if such identification is not successful, the second wireless device will at a minimum shut itself down atstep 212. However, it is also to be appreciated that the second wireless device can be configured to automatically delete a portion of or all of the data stored in thememory 2124 of the second wireless device, should such authentication not be successful atstep 214. In addition, it is to be appreciated that the second wireless device can also be configured atstep 216 to communicate with thesecure database 2146 within defined periods of time, or even a periodic interval once the second user authenticates himself to the second wireless device, and to delete a portion of or all of the data inmemory 2124 should such periodic communication not occur. - If both the first user and the second user are successful in authenticating themselves to the first and second wireless devices respectively, then a communication protocol is initiated between the
first wireless device 2110 and thesecond wireless device 2112 atstep 218. If the communication protocol is not a valid communication protocol between the devices, the devices wait until there is a valid communication protocol. If the communication protocol is a valid protocol (218 yes), then the first wireless device transmits a first wireless signal containing encrypted authentication information of the first user to thesecond wireless device 2112 atstep 220. The details of the communication protocol and the encrypted authentication information will be discussed further herein. - The
second wireless device 2112 receives the first wireless signal and processes the wireless signal to determine the identity of the first user. In particular, as will be discussed herein, according to some aspects of the invention, the authentication of the first user includes displaying a picture of the first user to the second user on thedisplay 2134 of the second wireless device as a result of the communication from the first wireless device to the second wireless device. The user of the second wireless device can view the picture on the display and ascertain whether the first user of the first wireless device is who he or she purports to be. However, as will also be discussed herein, it is to be appreciated that the second wireless device need not be a device that requires a user to interact with it and can be, for example, an unmanned detection system that receives the first encrypted authentication information and determines from the first authenticated encrypted information whether the first user is authorized to gain access to a secured place, a secure network, or a secure computer, to do whatever the first person is seeking to do. If the first user is not who they purport to be, the communication process goes back to look for a valid communication protocol. In addition, the process allows the second user or the system associated with the second wireless device to take an appropriate action such as denying access to the secure site atstep 224. - If the user of the first wireless device is authenticated (at
step 222 yes), then according to some aspects of the invention, the communication process allows for the second wireless device to transmit a second wireless signal comprising encrypted authentication information of the second user to the first wireless device atstep 226. In addition, according to such aspects, the communication protocol and the first wireless device are configured to authenticate the identity of the second user to the first user atstep 228. It is to be appreciated that the authentication of the second user to the first user can be in any of the manners discussed above with respect to the authentication of the first user of the first device, such as by viewing a picture of the second user as provided on thedisplay 2128 of the first wireless device, by matching one-time information contained in the encrypted authentication information or via a challenge-response protocol. - In addition, according to some embodiments of the protocol, either or both of the
first wireless device 2110 and thesecond wireless device 2112 may communicate with thesecure database 2146 to retrieve additional information atstep 230. Such information, as will be discussed herein, can include for example, a portion of the biographic data of the first user of the first wireless device or of the second user of the second wireless device, or full biometric information of the first user or the second user, which can be communicated back to the respective device and used by the respective device to authenticate the user. In addition, the information can be periodic updates as provided the secure database to the respective device, such as will be described herein, including periodic updates of public keys of a plurality of first users as stored in memory on the second wireless device, or updates to public keys of a plurality of second users as stored in memory on the first wireless device. In addition, such information may include periodic updates of the biometric information of a plurality of first users as stored on the second wireless device or a plurality of second users as stored on the first wireless device, which can comprise for example a portion of the biometric information or all of the biometric information. - Referring now to
FIG. 23 , there is illustrated one embodiment of various fields included within the first wireless signal and the second wireless signal as transmitted between the first wireless device and the second wireless device. According to some embodiments, the signal comprises aheader field 302. The header field can be any header field known to those of skill in the art. In addition, the signal comprises apublic ID field 304, which can comprise, for example, any of name information, a badge number, an employee number, an e-mail address, a social security number, and the like, of the first user. In addition, the first wireless signal may also include adigital signature field 306 containing a digital signature of the first user. For example, the digital signature may be generated with the user's private PM key. Further, the first wireless signal may comprise a one-time time varyingcode field 308 that includes a random code as generated by the first wireless device. According to some embodiments, the digital signature field and the one-time code field can be used, for example by the second wireless device, to allow access to a secure place without the need for a user of the second wireless device to interact with the second wireless device to authenticate the first user. As an example, referring toFIG. 24 , the digital signature and one time code can be encrypted with the private key of the first user and transmitted to the second wireless device. The second wireless device can decrypt the digital signature and one time code with the public key of the first user at steps 402-404 to authenticate or not the first user atstep 406. - In addition, referring back to
FIG. 23 , the first wireless signal also comprises a PKI encrypted one-time DESkey field 310 comprising a PM encrypted one-time DES key. Further, the first wireless signal comprises a DES key encryptedbiometric data field 312, which includes at least a portion of biometric data of the first user encrypted with the DES key. As will be discussed in further detail herein, according to some aspects of the invention, the public key of a first user, for example, stored inmemory 24 of the second wireless device can be used to decrypt the DES key, and the DES key can be used to decrypt at least a portion of the biometric data of the first user to use in the authentication of the identity of the first user. According to some embodiments, the first wireless signal can also comprise anotherID data field 314, which can contain other information such as name, height, weight, eye color or anything else. - It is to be appreciated that although the embodiment of the wireless signal discussed in
FIG. 23 has been discussed with reference to the first wireless signal transmitted from thefirst wireless device 2110 ofFIG. 21 to thesecond wireless 2112, that the same protocol can be used when transmitting a second wireless signal from thesecond wireless device 2112 to thefirst wireless device 2110 to authenticate the identity of the user of the second wireless device to the user of the first wireless device. It is to be further appreciated that various fields of the signal can be used and not all of the fields of the wireless signal are needed to authenticate identity of the user. - Referring now to
FIG. 24 , there is illustrated one embodiment of aprocess 400 as identified byact 222 inFIG. 22 for verifying or authenticating the identity of the first user of the first device. According to this embodiment, which has been briefly discussed herein with respect toFIG. 23 , the second wireless device can verify the identity of the respondent without necessarily interacting with a second user by decrypting the first user's digital signature from thedigital signature field 306 atstep 402 and verifying that it is the digital signature of the first user, decrypting the one-time code from the one-time code field 308 atstep 404, and using this information atstep 406 to authenticate the first user. If the first user is authenticated at 406, an appropriate action such as allowing access to the secure site, or computer, or network can be granted. - Referring now to
FIG. 25 there is illustrated another embodiment of aprocess 520 for authenticating the identity of the first user atstep 222 of the communication process ofFIG. 22 . According to aspects of the invention, the second wireless device atstep 522 receives the first wireless signal and extracts the PM encrypted DES key fromfield 310. The wireless device looks up the public key of the first user from memory 2124 [SeeFIG. 21 ] or from a secure server based on the information provided in thepublic ID field 304 atstep 524. The second wireless device uses the first public key to decrypt the PKI encrypted DES key atstep 526. The second wireless device acts on the DES key encrypted biometric information from thefield 312 and uses the decrypted DES key to decrypt the at least a portion of the biometric information of the first user as included in the first wireless signal atstep 528. - According to some embodiments, the biometric information included in the first wireless signal is a portion of the biometric information of the first user and the second wireless device is configured to store a remainder of the biometric information of the first user in memory. According to such embodiments, the
process 520 also comprises looking up the remainder of the biometric information stored in the memory atstep 530 and combining the remainder of the biometric information with the decrypted and extracted biometric information to provide complete biometric information of the first user atstep 532. According to some aspects of the invention, the biometric information can comprise a digital image of the first user and for such aspects, the digital image can be displayed ondisplay 2134 of the second wireless device so that the second user can ascertain whether the first user associated with the first device is who he or she purports to be. However, it is to also be appreciated that the biometric information can be fingerprint information, a voiceprint, DNA codes of the first user, or any other biometric information known and used by those of skill in the art. Accordingly, theprocessor 2122 ofdevice 2112 can also be configured to process the combined biometric information to authenticate the first user atstep 536. - Referring now to
FIG. 26 , there is illustrated another embodiment of aprocess 620 that can be used to authenticate the identity of the first user atstep 222 of theprocess 200 ofFIG. 22 . According to this embodiment, some of the steps are similar to the steps of theprocess 520 illustrated inFIG. 25 and accordingly a full description of these steps will not be herein duplicated. It is to be appreciated that this embodiment can be used for example, where the biometric information of the plurality of first users is not stored on thesecond wireless device 2112 but is instead stored at thesecure database 2146 as illustrated inFIG. 21 . In particular, for highly secure applications, where there is a worry that the second wireless device can be compromised (even with the necessity to authenticate the second user to the second wireless device), the second wireless device can be configured to interact with the secure database to obtain at least a portion of the biometric information of the first user, rather than storing at least a portion of the biometric information of the first user in memory on the second wireless device. - According to such embodiments, the second wireless device can receive the first wireless signal including the fields discussed above in respect to
FIG. 23 , in particular, thepublic ID field 304 and optionally the PM encrypted DES key. According to some embodiments, the PKI encrypted DES key may be used by this process. Atstep 624, the second wireless device accesses public key information of the first user from the public keys stored in memory on the second wireless device. However, it is to be appreciated that in some embodiments, the public keys may not be stored on the second wireless device. For such embodiments, the second wireless device will communicate with the secure database to obtain the public key of the first user also atstep 624. According to some embodiments, atstep 626 the second wireless device transmits a signal to the secure database comprising public identification number to identify the second device to the secure database, presumably after the second user of the second device has authenticated his or herself to the second device. For such embodiments, atstep 628, the secure database determines whether the second device is authorized to access the secure database atstep 628. It is to be appreciated that according to some embodiments, this communication between the second wireless device and the secure database can be accomplished with encrypted signals and in some embodiments the encrypted signals can include using time varying one time codes to further secure the communication. If the second device is authorized to interact with the secure database, the process also comprises transmitting the first public ID from thesecond wireless device 2112 to the secure database atstep 630, and with this information, the secure database accesses the biometric or identification information of the first user atstep 632. The biometric or the at least a portion of the biometric information can then be transmitted by the secure database to the second wireless device atstep 634. Again, this transmission can be encrypted and further include time varying or one time codes to further secure the communication. The second wireless device can use the received portion of the first biometric information and combine it with portion of the first biometric information provided in the first wireless signal, or can receive all of the first biometric information as provided by the secure database and, for example, display it on thedisplay 2134 of thesecond wireless device 2112 atstep 636, or can process the biometric or identification information atstep 638 to determine whether the first user is authenticated. - Referring now to
FIG. 27 there is illustrated one embodiment of adata structure 720 that can comprisememory 2124 of thesecond wireless device 2112. It is to be appreciated that any or all of the various portions of this data structure can be present in thememory 2124. According to some aspects of the invention, the memory will include the private key of the second user atfield 722. The private key can be used, for example, when communicating by the second wireless device to the first wireless device to provide a digital signature of the second entity encrypted with the second user's private PM key to the first user. In addition, the memory can also comprise a plurality of public keys of a plurality of first users atarea 724. Such public keys of a plurality of first users can be used as has been discussed herein in combination with the private key of the first user to decrypt information of the first user. For example, the public and private key can be used to decrypt the DES key of the first user. In addition, the memory can also comprise at least a portion of biometric data of a plurality of first users, atarea 726. As been discussed herein, the at least a portion of the biometric data of the plurality of first users can be combined with the portion of the biometric data provided in the first wireless signal or from the secure database, to create the complete biometric data of the first user for ascertaining or authenticating the identity of the first user as has been described herein. In addition, the memory can also comprise biometric data of the second user atfield 728. The biometric information of the second user can be used, for example, as has been discussed herein to compare the biometric data detected by thebiometric sensor 2136 of the second wireless device to determine whether the second user is authorized to have access to the second wireless device. It is to be appreciated that thedata structure 720 ofFIG. 27 can also comprise thememory 2118 of thefirst wireless device 2110, and that any or all of the fields of thedata structure 720 can exist in thememory 2118 in the first wireless device. It is also to be appreciated that the first wireless device can access thedata structure 720 and the various fields for the same purposes as discussed above with respect to the second wireless device, namely, to provide the first digital signature of the first entity encrypted with the first private key in the first wireless signal, to access the public keys of a plurality of second users for the purpose of decrypting information provided in the second wireless signal, to access at least a portion of biometric information of the second user stored in thefield 726, as well as to compare biometric information of the first user with sensed biometric data provided by thebiometric sensor 2130 of the first wireless device. - In one embodiment, the method comprises acts of receiving first authentication information about the first entity with the first device, transmitting the authentication information about the first entity to a secure database, determining whether or not the first entity is allowed to access the first device based on the first authentication information, and transmitting an enablement signal to the first device indicating to enable nor not enable the first entity to access the first device. According to a further embodiment, the method also includes an act of allowing or not allowing operation of the first device based on the enablement signal. In another embodiment, the act of receiving the first authentication information of the first entity comprises receiving biometric information of the first entity by detecting the biometric information with the first device.
- In yet another embodiment, the act of transmitting the first authentication information about the first entity to a secure database comprises generating a non-predictable signal from the biometric information. In a further embodiment, the act of generating the non-predictable signal from the biometric information comprises generating a time varying non-predictable signal from the biometric information. In a still further embodiment, the act of receiving biometric information of the first entity comprises receiving a voice signature of the first entity with the first device and the act of generating the non-predictable signal from the biometric information comprises mixing the voice signature of the first entity with a random code to generate the non-predictable signal. In yet a further embodiment, the act of transmitting the enablement signal to the first device comprises sending the random code to the first device. In a still further embodiment, the act of receiving biometric information of the first entity comprises receiving fingerprint data of the first entity with the first device and the act of generating the non-predictable signal from the biometric information comprises mixing the fingerprint data of the first entity with a random code to generate the non-predictable signal. In another embodiment, the act of transmitting the enablement signal to the first device comprises sending the random code to the first device.
- In a further embodiment, the act of authenticating the biometric of the first entity comprises authenticating a voice signature of the first entity. In another embodiment, the act of authenticating the biometric information of the first entity comprises authenticating a finger print of the first entity.
- In one embodiment, a first wireless device includes a biometric detector comprising a fingerprint detector that detects a fingerprint of the first entity. In an alternate embodiment, the biometric detector comprises a voice signature that detects a voice signature of the first entity. According to one embodiment, the system comprises a first wireless device including a processor configured to enable operation of the first wireless device if it receives an enablement signal validating first biometric information of a first entity and configured to generate a non-predictable signal from the biometric information, a first wireless transmitter and receiver configured to transmit a first wireless signal including first encrypted biometric information of the first entity and to receive the enablement signal, a first biometric detector for detecting the first biometric information of the first entity and a secure database configured receive the first wireless signal, to authenticate or not authenticate the first biometric information of the first entity, and to provide the enablement signal validating or not validating the first biometric data of the first entity.
- In a further embodiment, the secure database further comprises biometric data of a plurality of first entities. In another embodiment, the processor is configured to generate the non-predictable signal from the biometric information by generating a time varying non-predictable signal from the biometric information. In a still further embodiment, the processor is configured to generate the non-predictable signal from the biometric information by mixing the biometric information of the first entity with a random code to generate the non-predictable signal. In yet another embodiment, the secure database is configured to transmit the enablement signal to the first device including the random code so as to authenticate the secure database to the first device. In still another embodiment, the system includes a memory for storing a private key of the first entity authorized to use the first device.
- It should be understood that various changes and modifications of the embodiments shown in the drawings and described in the specification may be made within the spirit and scope of the present invention. Accordingly, it is intended that all matter contained in the above description and shown in the accompanying drawings be interpreted in an illustrative and not in a limiting sense. The invention is limited only as defined in the following claims and the equivalents thereto.
-
FIG. 28 illustrates an embodiment of asystem 100 that employs aconverter device 102 to provide an interface between a user device 104 (e.g., a transaction card, a cell phone, etc.) and asystem interface 106 where, for example, thesystem interface 106 employs a magnetic card reader and theuser device 104 is not equipped with a magnetic stripe. That is, in one embodiment, theconverter device 102 provides a mode of information transmission between theuser device 102 and thesystem interface 106 which would otherwise be unavailable to theuser device 102. Theconverter device 102 provides a modifiedsystem 100 that provides compatibility with a greater variety of user devices, for example, user devices such as transaction cards, cell phones or PDAs that are not equipped with a magnetic stripe. For example, in one embodiment, theconverter device 102 includes amagnetic stripe emulator 137 communicatively coupled to awireless signal receiver 140 and adapted to provide a time-varying signal emulating data provided by a magnetic stripe card to amagnetic card reader 152. - The user device need not be a “card” and may, for example, take the form of a fob used as a key ring, a cell phone, a watch, a personal digital assistant or any device that can include a wireless transmitter, or a magnetic stripe emulator.
- In various embodiments, the
user device 104 employs near field signal to communicate with theconverter device 102. In one embodiment, the near field communication is bi-directional such that theuser device 104 may both send and receive wireless communication. - That is, the user device includes a transceiver.
- In general, the
system interface 106 provides an interface to a larger information system (e.g., a financial system, an access control system, a medical records system, and the like) that in one embodiment includes a system processor orcontroller 110, adatabase 112, anetwork 114,other systems 116, such as a universalsecure registry 118 as will be described further herein. Each of the preceding system elements may be placed in communication with any one or any combination of the system elements, for example, overcommunication links FIG. 28 and that other communication paths may be employed. For example, thedatabase 112 may be connected to thenetwork 114 via thecommunication link 120A and to thesystem processor 110 via thecommunication link 120B instead of being connected as shown inFIG. 28 . - The communication link may be a wireless communication link, a hardwired communication link, a fiber optic communication link, any communication link used in the art, as well as a combination of any of the preceding or any other any communication link capable of transmitting signals between the elements of the
system 100. Thesystem processor 110 allows information transfer of both data and instructions, for example, between theinterface 106 and one or more databases which may be connected to the system or other network elements. - In general, the operation of the
converter device 102 allows a user in possession of theuser device 104 to wirelessly communicate information to the device so that the device can be employed to interface with a network system. For example, in one embodiment, the network system may provide a magnetic card reader interface and theconverter device 102 provides a magnetic stripe emulator that can interface with the system. In general, the overall operation of thesystem 100 includes the communication of information between theuser device 104 and theconverter device 102, for example, RF communication. In one embodiment, the communication is bi-directional such that information can be communicated both to and from theuser device 104. Theconverter device 102 provides an interface by which information derived from the information being transmitted to or from theuser device 104 is transmitted between the converter device and thesystem interface 106. Thesystem interface 106 provides the communication interface between it and the remainder of the system 100 (e.g.,processor 110,database 112,network 114, etc.). - According to one embodiment, the
user device 104 includes aprocessor 122, auser interface 124, awireless transmitter 126 anddevice indicia 128. In another embodiment, theuser device 104 includes abiometric sensor 130. In various embodiments, theprocessor 122 is communicatively coupled to each of thewireless transmitter 126, theuser interface 124 and thebiometric sensor 130. - The
processor 122 may include a chip such as a general purpose processor, an application specific integrated circuit (“ASIC”), or a field programmable gate array (“FPGA”) and the like that may execute various programs and/or provide logic inputs and outputs. For example, theprocessor 122 may process biometric information received from thebiometric sensor 130 to verify the identity of the user before the user can employ theuser device 104. Exemplary details of a processor and biometric sensor which are configured to authenticate a fingerprint of a user are disclosed in U.S. publishedapplication 2004/0133787, published on Jul. 8, 2004, which is herein incorporated by reference in its entirety. Theprocessor 122 may also include or be coupled to driver circuitry to drive a display included in theuser interface 124 and can be configured to process user input data entered via theuser interface 124. In one embodiment, theuser interface 124 includes one or more control inputs (for example, control buttons). - The
wireless transmitter 126 can process information provided by the processor and convert the information to an RF signal and can also include an RF antenna that transmits the RF information wirelessly. In another embodiment, the user device may also include an RF receiver that receives a wireless RF signal from the RF antenna and converts the RF signal to an information signal provided to the processor. It is to be appreciated that the wireless transmitter and/or receiver need not be an RF device; it can also be any of an IR device, an optical device, a Bluetooth signal or any other wireless signal transmitter or receiver used in the art. - The user device may also include a power source such as a battery that fits within the device. In one alternative embodiment, the user device remains in a sleep mode until it is placed in the vicinity of an RF transmitter at which time the
user device 104 converts received RF energy into electrical energy used to provide power to theprocessor 122 and the other components included in theuser device 104. - According to one embodiment, the
user device 104 can be a smart card configured for wireless signal transmission using RF signals. For example, thewireless transmitter 126 may be an RF transmitter device or any other wireless transmitter device configured to transmit the smart card information of the card. Alternatively, it is to be appreciated that the card can be many cards such as a debit card, a plurality of credit cards such as VISA, MasterCard, American Express, or any other card with the card indicia and relevant information being stored incard memory 129 and read out byprocessor 122 and provided to thewireless transmitter 126. However, theuser device 104 need not be in the form of a card and may instead include a cell phone or PDA. - In the embodiment illustrated in
FIG. 28 , theconverter device 102 includes asubstrate 132 which may include astripe 134 and amagnetic field generator 136 which together comprise themagnetic stripe emulator 137, aprocessor 138, awireless receiver 140, auser interface 142, amemory 144, and apower source 146. In a further embodiment, theconverter device 102 includes an indicating light 148 (e.g., an LED) and anoutput device 150. - According to one embodiment, the
system interface 106 with which theconverter device 132 is employed includes any of or all of amagnetic card reader 152, awireless transceiver 154 and adata port 156. - In general, according to one embodiment, the
converter device 102 receives a wireless signal from theuser device 104, processes the information that is received and provides an output in the form of a time-varying signal provided to the stripe 134 (e.g., a magnetic stripe). The signal provided to thestripe 134 can then be provided to thesystem processor 110 by inserting the stripe and the associatedsubstrate 132 or portion thereof in the magnetic card reader of thesystem interface 106. That is, in one embodiment, thestripe 134 and at least a portion of thesubstrate 132 can be either slid by themagnetic card reader 152 or inserted to sit statically in front of the read head of the card reader. - The
processor 138 may be a general purpose processor, an application specific integrated circuit (“ASIC”), or a field programmable gate array (“FPGA”) and may be implemented in hardware, software, firmware or any combination of the preceding. Theprocessor 138 may be communicatively coupled with any of themagnetic field generator 136 thewireless receiver 140, thememory 144, theuser interface 142, thelight source 148, thepower source 146 and theoutput device 150. In general, the processor can be configured to receive inputs from one or more of the preceding elements and may provide outputs to each of the elements included inconverter device 138. - For example, according to one embodiment, the
magnetic stripe 134 is a programmable magnetic stripe and themagnetic field generator 136 generates a magnetic signal that controls the information provided by themagnetic stripe 134. The U.S. patent application Ser. No. 10/680,050, filed Oct. 7, 2003, entitled “System Method and Apparatus for Enabling Transactions Using a Biometrically Enabled Programmable Magnetic Stripe which was published on Jul. 8, 2004 as US2004/0133787 (the '050 application), provides further details concerning embodiments of the user device that emulates a magnetic stripe and may also include, for example, a biometric sensor. The '050 application is incorporated herein by reference in its entirety. In this embodiment, theprocessor 138 may control the operation of themagnetic field generator 136 to provide the desired information to thestripe 134. For example, theprocessor 138 may provide an output to thestripe 134 in response to receiving information from thewireless receiver 140, where the information from the wireless receiver is information transmitted from theuser device 104. - Further, the
processor 138 may be configured to provide signals to drive a display included in theuser interface 142 and process user input data entered with theuser interface 142. In one embodiment, theuser interface 142 includes a display screen that can be used to display an image of the user to whom theuser device 104 belongs, for security purposes. The image to be displayed by the UI can either be part of the information transmitted by theuser device 104, for example, where theuser device 104 also requires some authentication by the user before transmitting the device information and image, or can be provided, for example, by theUSR system 118 through thesystem interface 106 as part of the user authentication process, as will be described in more detail herein. In further embodiments, theuser interface 142 may include a plurality of control elements that allow the user and/or the transaction processor (e.g., store clerk, security guard, medical service provider, etc.) to enter information into theconverter device 102. According to one embodiment, theuser interface 142 includes an LCD display. - The
processor 138 may also be configured to provide signals to operate the indicatinglight 148. The indicating light 148 may provide an indication of the operational status of theconverter device 102, for example, the indicating light 148 may indicate any of the following: that theconverter device 102 is receiving a transmission from auser device 104; that theconverter device 102 has generated output data to thestripe 134; the status of thepower source 146 is normal or conversely that the power source has a low power level; that theconverter device 102 is transmitting information via theoutput device 150; that theconverter device 102 is properly aligned with themagnetic card reader 152; that theconverter device 102 has received authorization for a transaction; and the like. It should be apparent to one of skill in the art that the indicating light may be a single lamp or a plurality of lamps and that the lamp or lamps may be a single color including white or may include a plurality of colors. Further, it should also be apparent that the lights may provide a plurality of status indications based on their color, intensity, rate of change of the preceding characteristics or any combination of these and other features. - The
power source 146 may include a battery power source or other energy sources suitable for the form factor of theconverter device 102. For example, in a form factor where theconverter device 102 is a hand-held device thepower source 146 may be any one of a standard size battery (e.g., a AA battery). In a further embodiment, the power source is a lithium battery. Alternatively, the power source can be any of an AC power source, an AC to DC converter device, or any other DC power source known to those skilled in the art. - According to one embodiment, the
converter device 102 includes apower bus 158 that provides a path for the transmission of power to the various components included in theconverter device 102. - In accordance with one embodiment, the
converter device 102 includes theoutput device 150. It is to be appreciated that the output device can be any standard interface device to be coupled to a data bus such as a USB device, or the output device can be configured for contactless communication with thesystem interface 106. For example, in one embodiment, the output device is an optical transmitter device. In general, the communication between theconverter device 102 and thesystem interface 106 is bi-directional such that information (e.g., information associated with the user's identity) may be transmitted to thesystem interface 106, thesystem processor 110 may generate a response (e.g., a transaction approval), and the response may transmitted to theconverter device 102 via thesystem interface 106. - In one embodiment, the
processor 138 is configured in combination with theoutput device 150 to provide an encrypted output signal. In a further embodiment, theprocessor 138 is configured in combination with theoutput device 150 to provide a time-varying encrypted output signal. In yet another embodiment, theprocessor 138 is configured in combination with theoutput device 150 to provide a time-varying encrypted (or not) public and private key output signal. In addition, the processor can also be configured in combination with the wireless receiver to receive and decrypt any and all of an encrypted signal, a time-varying encrypted signal and a signal encrypted with a private key as provided by theuser device 104. A challenge-response protocol may also be employed alternatively or in addition to any of the preceding. - For example, embodiments of the invention may employ a protocol that does not require synchronized clocks in each of the
user device 104 and the converter device and/or elsewhere in thesystem 100 to complete a validation and/or authentication process. That is, according to one embodiment, an information exchange between theuser device 104 and theconverter device 102 includes a first piece of information transmitted from theuser device 104 to theconverter device 102 and a subsequent challenge (e.g., an encrypted challenge) generated by the converter device and transmitted from the converter device to theuser device 104. According to one embodiment, the user employs the user device to respond to the challenge. In one embodiment, the user's response is at least in part based on information included in the challenge. An identity of a user who responds accurately to the challenge can be successfully validated. In various embodiments, a challenge-response protocol includes an information exchange whereby the identity of theconverter 102 is also authenticated by the user with theuser device 104. - In various embodiments, the above-described challenge-response protocol may not require any further action by the user than is required under current approaches that require synchronized clocks in disparate devices.
- In some embodiments, the
output device 150 need not transmit any personal information associated with the user. For example, commonly owned U.S. patent application Ser. No. 09/810,703, filed Mar. 16, 2001, entitled “Universal Secure Registry” (“the '703 application”) describes an approach that can improve security and reduce the need for multiple forms of identification. The '703 application is incorporated herein by reference in its entirety. The universalsecure registry 118 included in thesystem 100 provides one example of the integration of such a registry into a system that employs aconverter device 102. With the USR system, for example, theuser device 104 can provide some information, e.g., such as a public code of the user, which can be authenticated by the user, for example by providing an ID through theuser interface 124 or throughbiometric sensor 130. The public code can be provided to the USR via theconverter 102,system interface 104, andnetwork 114. The USR can then provide back to any of the system interface and the converter device any or all of device information (e.g., transaction card information), authorization for a transaction, e.g., where the network or the USR also communicates with the relevant authority, and indicia about the holder of the user device. - The
system 100 may include a variety of system interfaces 106 of different types such as thewireless transceiver 154 and thedata port 156 in addition to themagnetic card reader 152. Although not illustrated, other system interfaces such as an optical interface, a smart card reader interface or any other system interface known to those of skill in the art can also be included. Further, the system interfaces may be either commonly located or may be geographically distributed such that some locations include awireless transceiver 154, some locations include adata port 156, some locations include amagnetic card reader 152, and some locations include a plurality of types of system interfaces. - Thus, in some embodiments the
output device 150 of theconverter device 102 may include a data port via which theconverter device 102 can provide data to a network or a networked device. In one embodiment, the data port is also configured to receive data from the network or a networked device. - Embodiments of the
converter device 102 can be configured to provide communication to thesystem interface 106 via any of the preceding approaches including wireless signal transmission. In a version of this embodiment, theconverter device 102 may receive wireless signals from the user device and transmit wireless signals to thesystem interface 106. Further, the converter device may include a transmitter that allows it to transmit information back to the user device. - Referring now to
FIG. 29 , aprocess 260 employing theconverter device 102 is illustrated in accordance with one embodiment. The process begins atStage 262 START. Here, theconverter device 102 is in a steady state in which it awaits receipt of a signal from auser device 104. AtStage 264, theconverter device 102 receives data, for example, a wireless signal transmitted from theuser device 104. AtStage 266, theconverter device 266 extracts information from the wireless signal for processing. As one example, theconverter device 102 may extract information corresponding to the user's identity and/or the identity of the individual to whom the user device was issued. The extracted information is then provided to the system interface, for example, it is simulated as magnetic striped data to the magnetic card reader. AtStage 268, thesystem 100 authenticates the user. In one embodiment, if the authentication is successful, the process continues atStage 270. In this embodiment, if the authentication is unsuccessful, the process returns to Stage 262 where, for example, the user may be prompted to attempt to authenticate again. - Various user authentication approaches may be implemented using the
converter device 102. For example, the authentication may be performed locally, that is, without the need for communication between theconverter device 102 and thesystem interface 106 andsystem processor 110. In one embodiment, the authentication process employs the universalsecure registry 118. In further embodiments, the authentication process employs one or more authentication protocols such as public-key cryptography, key exchange protocols, protocols employing one-way functions, and the like that are well known by those of ordinary skill in the art. In other embodiments, however, the authentication may require an exchange of information between theconverter device 102 and any of thesystem interface 106, thenetwork 114, theUSR 118 and anotherdatabase 112. A challenge-response protocol may also be employed alternatively or in combination with any of the preceding authentication approaches. AtStage 270, the completion of the transaction may be involve any of a wide variety of acts including: authorizing a withdrawal of money from a user's account, permitting the user access to a secure area, permitting a user to view medical information concerning themselves or a third party, or permitting the user to access other confidential information. - In addition, in some embodiments, the
process 260 includesStage 274 where following authentication theconverter device 102 receives information associated with the user. The information may, for example, be necessary for the completion of the transaction. For example, where thesystem 100 is employed in conjunction with a check-authorization process, theconverter device 102 may receive an indication that the user has sufficient funds to cover the amount of the check that is presented at a point of sale. Alternatively, or in addition, the information may include indicia related to the authorized holder of theuser device 104, such as a picture ID. Theprocess 260 is completed atStage 272—END. - An embodiment, of the
converter device 302 is illustrated inFIGS. 30A through 30D . As illustrated in the front view ofFIG. 30A , in one embodiment, theconverter device 302 includes ahousing 380, asubstrate 332, and amagnetic stripe 334. In one embodiment, thehousing 380 is manufactured from a rigid material, for example, metal or plastic and theconverter device 302 is designed to be a hand-held device.FIG. 30B illustrates a side view perspective of an embodiment of theconverter device 302, showing an indicating light 348 (e.g., an LED). As described in greater detail above, the indicating light 348 can include a single indicating light or a plurality of indicating lights. -
FIGS. 30A-30D illustrate an embodiment where the substrate extends substantially perpendicular from a side of thehousing 380, however, the specific angle at which the substrate extends from the housing may vary so long as the housing does not interfere with the insertion of the substrate into, for example, themagnetic card reader 152. -
FIG. 30D illustrates a top view of an embodiment of theconverter device 302 which includes a display screen (e.g., an LCD display screen) that may provide theuser interface 342 or a portion of the user interface of theconverter device 302. In one embodiment, theuser interface 342 includes a display screen that displays either a black and white or a color image of the individual to whom theuser device 104 was issued. It should be recognized that the display screen may provide a wide range of functionality, for example, the display screen may display a variety of data received by theconverter device 302 including data represented in alpha numeric format. - The
magnetic stripe 334 may be a programmable magnetic stripe such that theconverter device 302 provides a magnetic stripe emulator. In one embodiment, as has been described herein, theconverter device 302 receives a wireless signal from auser device 104 and provides a time varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader in response to receiving the information from the wireless signal. In a further embodiment, the information is provided to the magnetic card reader by inserting themagnetic stripe 334 into the magnetic card reader. - The various embodiments of a system and method for converting a wireless transaction device to a magnetic stripe emulator device may include any of the following or any combination of the following: a converter device with a processor communicatively coupled to a wireless signal receiver and to a magnetic stripe emulator. The converter device may optionally include an LED. Further the processor may be configured for any combination of the following: control of the LED to indicate that the device is properly aligned with the magnetic card reader, control of the LED to indicate that the device has received authorization for a transaction, and where the converter device includes a power supply, a processor configured to control the LED to indicate that the device has power.
- In one embodiment, the information received from the wireless signal by the converter device may include any of a name, a card number, user identification, a device code, amount of credit available, and an expiration date of the card for a transaction.
- Further, in various embodiments, the converter device may include an output device that can provide information to a network or to a networked device. In various embodiments, the output device can be configured as a wireless transmitter device, such as an optical transmitter device.
- In various embodiments the wireless transmitter device where the wireless transmitter may generally be configured as an RF transmitter device, and in particular, as a Bluetooth transmitter device.
- In addition, in various embodiments, the processor can be configured in combination with the output device to provide any of an encrypted output signal, a time-varying encrypted output signal, and in particular, a time-varying public and private key output signal.
- In further embodiments, the converter device may include an output device configured as a data port via which the converter device can provide data to a network or a networked device and to receive data from the network or a networked device.
- In one embodiment, the converter device may also include an LCD screen for displaying at least some of the data received by the converter device, and a processor configured in combination with the LCD device to display indicia corresponding to the authorization of a transaction, and in particular, indicia that includes picture information of the cardholder.
- In addition to the above described features, the various embodiments of a system and method for converting a wireless transaction device to a magnetic stripe emulator device may include any combination of the following or any combination of the following and the above listed features: the converter device can be configured to communicate with the magnetic card reader via the data port; the wireless receiver and/or processor is configured to decrypt an encrypted wireless signal; the converter device is configured to decrypt a time-varying encrypted wireless signal; the converter device configured to decrypt time-varying public and private key information contained within the wireless signal; the converter device includes a user interface communicatively coupled to the processor; the converter device processor is configured to determine whether the user is authorized to provide the information contained within the wireless signal from data provided through the user interface.
- In addition, the following further additional features may be combined alone or in combination with the preceding: the data contained within the wireless signal received by the converter device may include any combination of the following: user I.D. information, biometric information of the user, secret information, (for example, a PIN, a password, or a passcode of the user), or information about an uncounterfeitable token of the user.
- In various embodiments, the converter device may include a substrate housing the magnetic stripe emulator, and the substrate may include a programmable magnetic stripe.
- In various embodiments, the system employed with the converter device may also include a system interface coupled to a network where the system interface includes a magnetic stripe reading device configured to read a time-varying signal. In a further embodiments, the system interface may be configured to transmit data received from the wireless transaction device to a networked credit card authentication entity also coupled to the network. The system may also include any of a keyboard, a printer, an (LCD) display, and an audio signal transducer.
- Although the preceding description is primarily directed to an embodiment of the
user device 104 that does not include a magnetic stripe, it should be recognized that some embodiments of theuser device 104 may include a magnetic stripe. In these various embodiments, theconverter device 102 may be employed to convert information coded on the magnetic stripe for transmission via another mode of information transmission. - As described above, various embodiments allow a user to employ a mobile phone or other device as a token to assist the user in securely accomplishing a variety of operations. Some embodiments also allow the user to employ the token in combination with a USR system to increase the utility of the token and the functionality and security of the various operations. That is, the token may be employed to assist the user in conducting operations that access data concerning commercial transactions (for example, retail purchases), finance and banking operations, medical records and medical information systems, physical security and access control, and identification and authentication of the parties involved in any of the preceding, etc.
- Referring now to
FIG. 31 , asystem 350 is illustrated for use in facilitating financial transactions in accordance with some embodiments. As used herein with reference toFIG. 31 , the term “financial transaction” can include any of sales transactions including transactions conducted on-line or at a point of sale using credit or debit accounts, banking transactions, purchases or sales of investments and financial instruments or generally the transfer of funds from a first account to a second account. The system includes auser device 352, a point-of-sale (“POS”)device 354 and a universalsecure registry 356 which can communicate with one another wirelessly, and/or over anetwork 357. - According to one embodiment, the
user device 352 includes adisplay 362, auser interface 364, acommunication link 366 and abiometric sensor 367. In various embodiments, theuser device 352 may be any of a mobile phone, a personnel digital assistant or other handheld device. - In various embodiments, the
communication link 366 may include any of a receiver and a transmitter suitable for wireless communication such as via RF and/or optical signals. Accordingly, in some embodiments, thecommunication link 366 includes an antenna and/or an optical signal source such as a LED alone or in combination with an optical receiver. In accordance with one embodiment, theuser device 352 can employ an optical signal in the infrared spectrum. In various embodiments, theuser device 352 can be configured to communicate by any form of a wireless signal such as a Bluetooth signal, WiFi, near field communication, ultra-wideband communication, RF signals and electromagnetic signals in general. - In some embodiments, the
biometric sensor 367 may be employed to receive and process biometric inputs such as any of or any combination of a fingerprint, a speech/voice input, an iris scan, a retina scan, a facial scan, a written input, the user's fingerprint and DNA. In a further embodiment, the biometric sensor can be employed to process a written input that includes a signature. - In addition, various embodiments of the
user device 352 may be in the form of a smart card or other type of credit card as described previously. Further, in some embodiments, theuser device 352 may include an embodiment of thefirst wireless device 2110 illustrated inFIG. 21 . Accordingly, in various embodiments, theuser device 352 can include all or some of the features and functionality found in thefirst wireless device 2110. That is, theuser device 352 can include features that may not be illustrated inFIG. 31 , for example, a microprocessor, memory, a power source, etc. In yet another embodiment, thefirst wireless device 2110 can be employed to conduct transactions in accordance with the embodiment illustrated inFIG. 31 and described below. - In general, the
POS device 354 may be any type of POS device as known to those of ordinary skill in the art. In accordance with some embodiments, thePOS device 354 includes adisplay 368, auser interface 370 and acommunication link 372. Further, in some embodiments, the user device may include an embodiment of thesecond wireless device 2112 illustrated inFIG. 21 . Accordingly, in various embodiments, thePOS device 354 can include all or some of the features and functionality found in thesecond wireless device 2112. That is, thePOS device 354 can include features that may not be illustrated inFIG. 31 , for example, a microprocessor, memory, a power source, a biometric sensor, etc. In yet another embodiment, thesecond wireless device 2112 can be employed to conduct transactions in accordance with the embodiment illustrated inFIG. 31 and described below. Further, it should be apparent to those of skill in the art that the POS device may be a handheld device or a larger “countertop” device. It should also be apparent to those of skill in the art that the POS device may communicate wirelessly with the network or may be coupled to thenetwork 357 via a hardwired connection. - In accordance with one embodiment, the
network 357 includes a plurality of networks that may allow communication between any of theuser device 352, thePOS device 354 and theUSR 356 over any communication medium including wired networks (including fiber optic networks) or wireless networks. Further, the network may include one or more of either or both of local area networks and wide area networks including the Internet. In general, thenetwork 357 can be employed for communication between theuser device 352 and theUSR 356, communication between theuser device 352 and thePOS device 354, communication between thePOS device 354 and theUSR 356, and communication between theuser device 352 and theUSR 356 via thePOS device 354. According to the illustrated embodiment, thesystem 350 may also include anetwork 374 that allows communication between theuser device 352 and thePOS device 354 but does not provide communication with the USR. A wireless personal area network such as Bluetooth provides one example, while a local WiFi network, near field communication and ultra-wideband communication provide further examples of various embodiments of thenetwork 374. As should be apparent to those of ordinary skill in the art, however, thenetwork 357 may include any of the preceding in accordance with some embodiments. - Further, in accordance with some embodiments, the
user device 352 may wirelessly communicate with a converter device, for example, theconverter device 102 described with reference toFIG. 28 . According to this embodiment, the converter device is used to communicate with thePOS device 354, for example, where the POS includes a mag-stripe reader. - According to one embodiment, the
USR 356 includes a secure database that stores account information for a plurality ofusers 358. In a further embodiment, theUSR 356 retains records concerning one ormore accounts 360 for each of the plurality users so that in effect theUSR 356 in the system creates a secure wallet that allows a user of thedevice 352 to select a particular account from among a plurality of accounts associated with the user for use in a selected transaction. The type of account can vary in accordance with various embodiments. In accordance with one embodiment, theaccounts 360 are credit card accounts, for example, any of those serviced by VISA, MasterCard, Discover and American Express. Alternatively or in combination with the preceding, theaccounts 360 may be debit accounts associated with the various bank accounts held by theuser 358. - In accordance with various embodiments, the
user device 352 includes software that allows theuser device 352 to operate in combination with theUSR 356. In accordance with one embodiment, theuser device 352 can initially be provided with the software or it can be retrofitted by downloading software for operation with the USR via thenetwork 357. In one embodiment, the software is loaded via a cellular network. In another embodiment, the software is loaded via any wireless network such as a WiFi network. In a further embodiment, the software is included in a Subscriber Identity Module (“SIM”) that can be removably installed in theuser device 352. In yet another embodiment, the software is loaded over a hardwired communication link between theuser device 352 and an access point to thenetwork 357. Accordingly, various embodiments can allow a user to download the software for operation with the USR (including the initial receipt of the software, later updates, security patches, etc.). - In general and in accordance with one embodiment, the
system 350 allows each user to employ theirrespective user device 352 to purchase goods or services at a wide variety of points-of-sale, and further, to make such purchases from one or more accounts selected from a plurality ofaccounts 360. Accordingly, thesystem 350 allows users to employ a mobile phone as an “electronic wallet” to select, at the point-of-sale, a particular account from among a plurality of available accounts, for example, a plurality of credit card accounts. Further, in some embodiments, thesystem 350 allows users to employ the approach for purchases that are made using the Internet. As mentioned above, thesystem 350 can also be employed in other forms of financial transactions including banking transactions and investment transactions. - In accordance with some embodiments, the
user device 352 is activated for a transaction when the user satisfactorily completes an authentication process with the device. In some embodiments, the entry of a PIN number known to the user is employed to activate the device. In some embodiments, the software included in theuser device 352 and employed in conducting transactions using thesystem 350 remains inoperative until the entry of the correct PIN. In a further embodiment, the data (for example, contact lists and associated information) stored in theuser device 352 is unavailable or unintelligible until the entry of the correct PIN. In accordance with one embodiment, the data in theuser device 352 is stored following a mathematical operation that acts to modify the data such that it is unintelligible. In this example, theuser device 352 employs the PIN supplied by the user to reverse the mathematical operation, for example, by performing an exclusive or operation (“XOR”) on the data using the PIN to render the data legible. In other words, this embodiment provides a secure embodiment of the user device that is useless in the hands of a user without knowledge of the PIN information, as without the entry of the PIN, the data stored on the device is useless. - In a further embodiment, the above approach is used to disable the software employed by the
user device 352. That is, a mathematical operation is performed on software stored in theuser device 352 with the PIN. Once the mathematical operation is performed the modified software is unusable and the software remains inoperative until the PIN is supplied by the user. Here too, an XOR operation may be employed to recover the software, which allows the software to operate. - In accordance with one embodiment, the preceding approaches provide an increased level of security because the theft of the user device 352 (for example, the mobile phone) is not enough for the thief to employ the
user device 352. Instead, a third party in possession of theuser device 352 cannot employ the device to conduct a transaction without knowledge of the PIN. - Some embodiments can employ a multi-factor authentication process before allowing a user to employ the
user device 352 to conduct a transaction. That is, thesystem 350 can authenticate a user based on something the user knows, something the user is, and something that the user has. According to one embodiment, theuser device 352 is included in the last element of the three factors. For example, many electronic devices, including mobile phones, include an electronic serial number. Thus, in one embodiment, the user is authenticated and allowed to conduct a transaction with theUSR 356 by providing something the user knows (for example, a PIN), something the user is (for example, a biometric measurement as detected by the biometric sensor 367) and something the user possesses (for example, the mobile phone as evidenced by the correct electronic serial number). In accordance with this embodiment, the PIN, the biometric information and the electronic serial number are communicated to theUSR 356 where the user is authenticated. In various embodiments, the multiple pieces of data can be combined (for example, cryptographically combined through known encryption techniques) before being communicated. The transaction and/or access to the user's account info are permitted when an authentication is successful. Conversely, a transaction can be denied/refused where the authentication is unsuccessful, for example, where one or more of the PIN, the biometric information and the electronic serial number are incorrect. - According further embodiments, the multi-factor authentication process can also employ the identification of the account selected by the user for the current transaction. That is, the
system 350 can authenticate the user based on a combination of two or more of something the user knows, something the user is, something that the user has and an account selected by the user for the current transaction (i.e., the transaction for which the authentication is being completed). For example, in one embodiment, encrypted authentication information is generated from a non-predictable value generated by theuser device 352, identifying information for the selecteduser account 360, and at least one of the biometric information and secret information the user knows (for example, a PIN). According to one embodiment, the authentication information (for example, encrypted authentication information) is communicated to the secure registry for authentication and approval of the requested account access and/or financial transaction. In a further embodiment, one or more aspects of the authentication and approval are completed at the POS, for example, using thePOS device 354, while in another embodiment, the POS provides a conduit or communication path from theuser device 352 to thesecure registry 356. - According to another embodiment, the
user device 352 is secured such that authentication information cannot be generated by theuser device 352 prior to an authentication of the user based on the biometric input provided to theuser device 352. In one embodiment, theuser device 352 performs the authentication. In another embodiment, thePOS device 354 authenticates the biometric information provided by the user. In yet another embodiment, the biometric information is authenticated by thesecure registry 356. - According to one embodiment, any two of the PIN, the biometric information, the electronic serial number, a discrete code associated with the device and the identifying information concerning the selected account are employed to generate a seed from which further authentication information is generated, for example, to generate a seed from which a non-predictable value can be generated by the
user device 352. For example, in one embodiment, the seed is employed in an algorithm that also employs a temporal value to generate the authentication information. In one embodiment, the seed and the further authentication information are generated at theuser device 352 and are provided to either or both of thesecond device 354 and theUSR 356. Either or both of the second device and the USR can use the authentication information to authenticate or validate the identity of the user of thedevice 352, as has been described herein. In accordance with another embodiment, all four of the PIN, the biometric information, the electronic serial number and the identifying information concerning the selected account are employed to generate the seed. In one embodiment, the discrete code that is associated with the device is also used in combination with each of the preceding to generate the seed. - In some embodiments, the discrete code that is associated with the device is provided in lieu of the electronic serial number while in other embodiments the unique code is employed with the electronic serial number to generate the seed. In one embodiment, the discrete code is unique to the
user device 352. In accordance with one embodiment, the discrete code is inaccessible to an individual in possession of the device. Further, the discrete code may be maintained by theuser device 352 such that any indication that the security of the device is compromised results in the discrete code being set to a default value (for example, zero) which effectively prevents valid authentication information from being generated by theuser device 352. As just one example, the preceding security measure can be taken when the device receive an indication that it is being used under duress. - In another embodiment, a challenge/response protocol is employed, for example, where the
USR 356 communicates a challenge to theuser device 352 and access to the USR is only granted where the user's response is correct. In accordance with one embodiment, a correct response is generated using any of the PIN, the biometric information and the electronic serial number in combination with the information provided as the challenge. As has been discussed herein, the challenge/response protocol can be invisible and seamless to the user of thedevice 352, since other than the user providing any of PIN and/or biometric information, the communication protocol of the challenge/response protocol can be done in the background without active participation from the user. - According to some embodiments, the validation of the biometric information provided by the user can be performed on a character by character basis. For example, where the biometric information includes a spoken word or phrase, each spoken character (whether alpha or numeric) can be individually evaluated to determine whether it was provided by a user authorized to employ the
user device 352. In various embodiments, the authentication of the biometric occurs at theuser device 352, at thePOS device 354, at theUSR 356 or at a combination of the preceding. - In accordance with some embodiments, the security of the system may be further increased where the
system 350 allows for one or more approaches to limit the use of theuser device 352. For example, according to one embodiment, the system allows a user to establish limitations on the use of theuser device 352. For example, a user may establish an active period or periods as the only period(s) that theuser device 352 can be used in combination with theUSR 356. Accordingly, the active period may include a temporal element. For example, the active period may be so many consecutive hours or days beginning from the start of the activation period, a fixed period of time during every day, certain days of the week, etc. As should be apparent to those of skill in the art, in one embodiment, operation of theuser device 352 may be completely disabled outside of the designated active period(s). In the embodiment illustrated inFIG. 31 where thesystem 350 is employed for financial transactions including credit card purchases, the user may limit the use of theuser device 352 to conduct such transactions to a maximum amount of a single transaction, a maximum cumulative amount of all transactions, a maximum quantity of transactions and/or a predetermined monetary amount. According to some embodiments, each of the preceding can be employed alone or in combination with a temporal element such that, for example, the maximums are determined for an active period of time having a known length. Further, the values may be set by the user, or for example, by an issuer of theuser device 352. Alternatively, the maximum values may be provided by an issuer of one or more of the plurality of user accounts 360. - As a further security enhancement, the
user device 352 can be configured to cease operating when an unauthorized use of the device is detected. The unauthorized use may be detected where theuser 352 provides an indication that the device is being used under duress as described above. In one embodiment, a transaction in which a user signals the use under duress proceeds but theuser device 352 becomes inoperative for one or more subsequent transactions. In a further embodiment, thesystem 350 communicates information concerning the situation to local law enforcement, for example, the location of the user device and the identity and/or appearance of the user. According to one embodiment, a constant is added to the value of the PIN when theuser device 352 is being used under duress. For example, the user can enter a value which corresponds to the PIN plus one. - In some embodiments, the
USR 356 provides consolidated security for the plurality of user accounts associated with a plurality of individual service companies (i.e., VISA MasterCard, etc.) who employ USR. In some embodiments, this avoids the need for the individual service companies to separately monitor the security of transactions for each of their respective accounts even where the service companies are not be affiliated with one another. - In a further embodiment, the
user device 352 may destroy data/information present in the user device based on the occurrence of an event or multiple events. In one embodiment, this action is the result of evidence of tampering with theuser device 352, for example, the repeated entry of an incorrect PIN. In another embodiment, theuser device 352 destroys sensitive information (or a subset of information included in the user device 352) following the passage of a predetermined period of time of, for example, inactivity. It is also to be appreciated that, in an embodiment, the underlying data and/or software need not be destroyed in the above events, but instead there may be a lockout period as a result of the above events for which the device is rendered unusable. This lockout period may be extended and/or increased for repeated events discussed above. - It is to be appreciated, as has been discussed herein, that according to some embodiments, biometric information of a user of the first device or authentication of biometric information of the user of the first device can be provided to the
second device 354 for any of the purposes described herein in any of the following ways: at least in part from thefirst device 352, at least in part from theUSR 356, and at least in part from reading the biometric data stored on the second device. - In accordance with one embodiment where wireless communication is employed to communicate information between the
user device 352 and the POS device 354 (for example, communication via Bluetooth protocol), the POS device may receive signals from a plurality ofuser devices 352 in the vicinity of thePOS device 354. Accordingly, thePOS device 354 may be employed to select from a plurality of users to conduct a transaction. For example, where an image of each of the users in the vicinity is displayed at thePOS device 354, the individual operating thePOS device 354 may select the user (and associated accounts) by selecting the photo of the user who is employing theuser device 352 for the current transaction. - It is to be appreciated, as has been discussed herein, that according to some embodiments the
system 350 including theUSR 356 is used to provide authorization for an occurrence of an event, such as a credit or debit transaction, without providing secure information such as the credit or debit card number. In particular, for such embodiments, the USR either by itself or in combination with credit or banking authority, authenticates the user of the first device and the selected account information and either provides a one time code for authorizing the transaction or a denial to the second device, which can be displayed on the second device to indicate the approval or denial of the transaction to the POS operator. It also to be appreciated that the system can also be employed, for example, for internet purchase through a web site where the USR can alone or in combination approves or denies the transaction and provides the approval or denial to the operator of the web site, for example, where the user of thefirst device 352 either manually logs into a web site and provides account information, or where the user of the first device communicates via thefirst device 352 and the token provided by the first device with the web site. It is also to be appreciated that the code or information displayed at thesecond device 354 can enable many forms of a transaction not just limited to a credit or debit transaction. It can include approval for enablement of any of the events that have been described herein. In addition, the code or information can, for example, provide authorization or security that funds exist in the account to cover a check written by the user of the first device, in effect providing a code that turns the personal check into a certified check, without the need for the user of the first device having to obtain a bank check. - In various embodiments of the preceding system, the
system 350 can be employed as a peer to peer network. For example, the first device and the second device are configured as peer to peer devices, in combination with theUSR 356 or in some embodiments without the needs for information in theUSR 356, as has been discussed herein, to authenticate and/or validate an identity of a user of the first device to the second device and in addition to authenticate and/or validate an identity of a user of the second device to the first device, to allow an occurrence of an event, such as a credit or debit transaction, access to a secure location, passport identification information and the like. - Although the above-described
system 350 employs theUSR 356 to facilitate the preceding operations, the above approach may be employed with alternative systems that include a secure database with the user's account information. Further, although the preceding description concerningFIG. 31 primarily discusses sales transactions, thesystem 350 may be employed in a variety of fields to allow only authorized access by authenticated users to secure data, for example, as illustrated inFIG. 4 , and the like as has been described herein. Further, the user device can in some embodiments be used to authenticate identity in a variety of applications. That is, an authentication code can be generated by theuser device 352 as described above where the authentication code is used to determine whether the user is authorized to take one or more actions. According to one embodiment, the authentication code is provided to a security system to determine whether the user is permitted to access a physical facility, for example, to determine whether the user is permitted to access a residence or a place of business. In a further embodiment, theuser device 352 wirelessly communicates an authentication code to a home security system as part of an access request. The authentication code generated by theuser device 352 can be used in a similar manner to determine whether an individual can access a computer network, for example, log in. According to additional embodiments, such an authentication code can also be used to provide positive identification of an individual in possession of theuser device 352 in the manner of a passport, driver's license or other form of identification issued by the government or another third party such as an employer. - In one embodiment, a user device is configured to allow a user to select any one of a plurality of accounts associated with the user to employ in a financial transaction. In one embodiment, the user device includes a biometric sensor configured to receive a biometric input provided by the user, a user interface configured to receive a user input including secret information known to the user and identifying information concerning an account selected by the user from the plurality of accounts. In a further embodiment, the user device includes a communication link configured to communicate with a secure registry, and a processor coupled to the biometric sensor to receive information concerning the biometric input, the user interface, and the communication link. According to one embodiment, the processor is configured to generate a non-predictable value and to generate encrypted authentication information from the non-predictable value, the identifying information, and at least one of the information concerning the biometric input and the secret information, and to communicate the encrypted authentication information via the communication link to the secure registry. According to another embodiment, the secret information includes the identifying information. In a further embodiment, the communication link wirelessly transmits the encrypted authentication information to a point-of-sale (POS) device, and the POS device is configured to transmit at least a portion of the encrypted authentication information to the secure registry. Further, the POS device can include a magnetic stripe reader.
- In yet another embodiment, the communication link wirelessly transmits the encrypted authentication information to a converter device configured to generate an emulated magnetic stripe output for use with the POS device.
- In still another embodiment, the user device includes a memory coupled to the processor where the memory stores information employed by the device to authenticate the biometric received by the biometric sensor. In one embodiment, the device does not permit the entry of the user input if the biometric input received by the biometric sensor is determined to not belong to an authorized user of the device.
- According to a further embodiment, the secret information known to the user includes a PIN, and the authentication of the secret information and the biometric input activate the device for the financial transaction. In one embodiment, the user device includes a memory coupled to the processor and the data stored in the memory is unavailable to an individual in possession of the device until the device is activated. According to his embodiment, the data can be subject to a mathematical operation that acts to modify the data such that it is unintelligible until the device is activated.
- In accordance with some embodiments, a method of generating authentication information includes acts of authenticating an identity of a user to a device based on at least one of biometric data received by the device from the user and secret information known to the user and provided to the device. The method can also include the generation of a non-predictable value with the device. The method can further include acts of receiving identifying information from the user concerning a selected one of a plurality of user accounts and generating encrypted authentication information from the non-predictable value, the identifying information, and at least one of the biometric data and the secret information. In a further embodiment, the device can generate encrypted authentication information from each of the non-predictable value, the biometric data, the secret information, and the identifying information.
- In accordance with another embodiment, the method includes an act of de-activating the device without generating the encrypted authentication information if the identity of the user is not successfully authenticated to the device. Embodiments may also include an act of generating encrypted authentication information in a manner that allows the identification of the user and the selected one of the plurality of user accounts by a secure registry.
- According to a still further embodiment, a method of controlling access to a plurality of accounts is provided where the method includes acts of generating, with a device, encrypted authentication information from a non-predictable value generated by the device, identifying information concerning an account selected by a user of the device from among a plurality of accounts associated with the user, and at least one of a biometric of the user received by the device and secret information provided to the device by the user, communicating the encrypted authentication information from the device to a secure registry via a point-of-sale (POS) device to authenticate or not authenticate the device with the secure registry, authorizing the POS device to initiate a financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is successfully authenticated, and denying the POS device from initiation of the financial transaction involving a transfer of funds to or from the account selected by the user when the encrypted authentication information is not successfully authenticated.
- According to a further embodiment, the method includes an act of authenticating an identity of the user by validating the biometric with one of the device and the secure registry. In some embodiments, the biometric can be validated on a character-by-character basis.
- According to yet another embodiment, the method includes an act of transmitting image data from the secure registry to the POS device along with an authorization authorizing the POS device to initiate the financial transaction provided that the image data when processed at the POS device authenticates an identity of the user. In a further embodiment, the method also includes an act of authenticating the identity of the user at the POS device by any of displaying an image of the user at the POS device for visual confirmation by an operator of the POS device and processing biometric data provided by the image data. The operator may be a store clerk, bank clerk, security personnel or an individual in any other capacity in which they are tasked with a responsibility to verify an identity of an individual in possession of the user device.
- In accordance with one embodiment, the secure registry includes a database containing information concerning a plurality of accounts associated with a different one of a plurality of users, respectively. Further, the plurality of accounts can include accounts associated with a plurality of different financial service providers. According to some embodiments, the method can include an act of transmitting information including at least a portion of the encrypted authentication information to the secure registry from the POS device.
- According to one embodiment, a mobile electronic device for authenticating a user involved in a transaction is provide comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and wherein the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the one or more processors are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a method for authenticating a user involved in a transaction using a mobile electronic device is provided comprising authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the method further comprises encrypting the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a computer readable medium or media containing instructions for authenticating a user involved in a transaction is provided, wherein execution of the instructions by one or more processors of a mobile electronic device causes the one or more processors to carry out the steps of authenticating the user based on at least one of biometric information of the user captured by a biometric sensor of the mobile electronic device, and a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user, retrieving identification information specific to the mobile electronic device and a user account to be employed in the transaction, generating a one-time authentication code specific to the transaction, wirelessly transmitting the identification information and the one-time authentication code to a computer system for processing, and receiving an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system, wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, execution of the instructions by the one or more processors further causes the one or more processors to carry out the step of encrypting the identification information and the one-time authentication code before the identification information and the one-time authentication code are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- According to one embodiment, a system for authenticating a user involved in a transaction is provided comprising a mobile electronic device, the mobile electronic device comprising a biometric sensor configured to capture biometric information of the user, a user interface configured to receive a user input comprising a personal identification number (PIN) or other secret information known to the user, one or more processors configured to authenticate the user based on the user input, authenticate the user based on the biometric information, retrieve identification information specific to the mobile electronic device and a user account to be employed in the transaction, and generate a one-time authentication code specific to the transaction, and a wireless communications interface configured to transmit the identification information and the one-time authentication code to a computer system for processing, the computer system, comprising a communications interface configured to receive the identification information and the one-time authentication code, and one or more processors configured to retrieve account information associated with the mobile electronic device and the user account to be employed in the transaction, and to use the retrieved account information to validate the received identification information and one-time authentication code, where generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device, and where the wireless communications interface is further configured to receive an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system.
- In one embodiment, the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user. In an embodiment, the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value. In one embodiment, the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
- In one embodiment, the one or more processors of the mobile electronic device are further configured to encrypt the identification information and the one-time authentication code before they are transmitted to the computer system. In an embodiment, the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information. In one embodiment, the computer system comprises one or more servers associated with a credit card company or bank.
- Having thus described several aspects of at least one embodiment of this invention, it is to be appreciated various alterations, modifications, and improvements will readily occur to those skilled in the art. Such alterations, modifications, and improvements are intended to be part of this disclosure, and are intended to be within the spirit and scope of the invention. Accordingly, the foregoing description and drawings are by way of example only.
Claims (18)
1. An electronic ID device configured to allow a user to select an account associated with the user to employ in a transaction, the electronic ID device comprising:
a biometric sensor configured to receive a biometric input provided by the user;
a user interface configured to receive a user input, the user input including:
secret information known to the user; and
selection information concerning an account selected by the user from one or more accounts associated with the user;
a communication interface configured to communicate with a secure registry; and
a processor coupled to the biometric sensor to receive information concerning the biometric input, wherein the processor is programmed to:
activate the electronic ID device in response to a successful authentication of a user's identity, wherein authentication of the user's identity is based on at least one of the biometric input and the secret information;
generate a one-time non-predictable value;
obtain a public identifier that corresponds to private account information of the selected user account, wherein the public identifier does not contain any private account information of the selected user account;
generate authentication information using the one-time non-predictable value and the public identifier;
encrypt the authentication information; and
wirelessly communicate the encrypted authentication information to a requesting or receiving device via an authentication signal generated by the communication interface, such that the secure registry:
receives a transaction request and at least a portion of the encrypted authentication information from the requesting or receiving device, wherein the transaction request involves the selected user account;
verifies the encrypted authentication information;
uses the public identifier from the encrypted authentication information to acquire the private account information of the selected user account; and
generates an enablement signal to enable the transaction request without transmitting the private account information.
2. The electronic ID device of claim 1 , wherein the communication interface is configured to communicate with the secure registry either directly or via an intermediate device.
3. The electronic ID device of claim 1 , wherein the public identifier does not contain any compromisable account information.
4. The electronic ID device of claim 1 , wherein the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via an induced signal generated by the communication interface.
5. The electronic ID device of claim 1 , wherein the communication interface includes a magnetic stripe emulator.
6. The electronic ID device of claim 5 , wherein:
the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a time-varying signal which emulates data provided by a magnetic-stripe card to a magnetic card reader; and
the time varying signal is generated by the magnetic stripe emulator of the communication interface.
7. The electronic ID device of claim 1 , wherein the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a near field signal generated by the communication interface.
8. The electronic ID device of claim 1 , wherein:
the communication interface includes a near field communication (NFC) transceiver; and the authentication signal generated by the communication interface is an NFC signal.
9. The electronic ID device of claim 8 , wherein:
the NFC signal is generated by the NFC transceiver of the communication interface; and
the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via the NFC signal, the requesting or receiving device located within the same local area as the NFC transceiver such that the NFC signal is transmitted directly between the NFC transceiver and the requesting or receiving device.
10. The electronic ID device of claim 1 , wherein the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Wi-Fi™ radio technology signal generated by the communication interface.
11. The electronic ID device of claim 1 , wherein the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Bluetooth™ wireless technology standard signal.
12. The electronic ID device of claim 1 , wherein the processor is further programmed to wirelessly communicate the encrypted authentication information to the requesting or receiving device via a Bluetooth™ Low Energy wireless technology standard signal.
13. The electronic ID device of claim 1 , wherein in activating the electronic ID device, the processor is further programmed to render stored data legible.
14. The electronic ID device of claim 1 , wherein the encrypted authentication information is one-time encrypted authentication information.
15. The electronic ID device of claim 1 , wherein the communication interface is configured to communicate the encrypted authentication information to the secure registry, where the secure registry comprises a secure token database storing one or more tokens associated with the authentication information.
16. The electronic ID device of claim 1 , wherein the processor is further programmed to deactivate the electronic ID device without generating the authentication information where authentication based on at least one of the biometric input and the secret information is unsuccessful.
17. The electronic ID device of claim 16 , wherein deactivating the electronic ID device initiates a lock-out period.
18. The electronic ID device of claim 16 , wherein deactivating the electronic ID device includes deleting information present in the electronic ID device that is used to generate the authentication information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/590,863 US20200034849A1 (en) | 2006-02-21 | 2019-10-02 | Universal secure registry |
Applications Claiming Priority (12)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US77504606P | 2006-02-21 | 2006-02-21 | |
US81227906P | 2006-06-09 | 2006-06-09 | |
US85923506P | 2006-11-15 | 2006-11-15 | |
US11/677,490 US8001055B2 (en) | 2006-02-21 | 2007-02-21 | Method, system and apparatus for secure access, payment and identification |
US11/760,732 US7809651B2 (en) | 2006-02-21 | 2007-06-08 | Universal secure registry |
US11/760,729 US7805372B2 (en) | 2006-02-21 | 2007-06-08 | Universal secure registry |
US3152908P | 2008-02-26 | 2008-02-26 | |
US12/393,586 US8234220B2 (en) | 2007-02-21 | 2009-02-26 | Universal secure registry |
US13/168,556 US8271397B2 (en) | 2006-02-21 | 2011-06-24 | Method and apparatus for secure access, payment and identification |
US13/237,184 US8577813B2 (en) | 2006-02-21 | 2011-09-20 | Universal secure registry |
US14/071,126 US20140149295A1 (en) | 2006-02-21 | 2013-11-04 | Universal secure registry |
US16/590,863 US20200034849A1 (en) | 2006-02-21 | 2019-10-02 | Universal secure registry |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/071,126 Continuation US20140149295A1 (en) | 2006-02-21 | 2013-11-04 | Universal secure registry |
Publications (1)
Publication Number | Publication Date |
---|---|
US20200034849A1 true US20200034849A1 (en) | 2020-01-30 |
Family
ID=46332136
Family Applications (10)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/393,586 Expired - Fee Related US8234220B2 (en) | 2006-02-21 | 2009-02-26 | Universal secure registry |
US13/237,184 Active US8577813B2 (en) | 2006-02-21 | 2011-09-20 | Universal secure registry |
US14/071,126 Abandoned US20140149295A1 (en) | 2006-02-21 | 2013-11-04 | Universal secure registry |
US15/045,408 Abandoned US20160162903A1 (en) | 2006-02-21 | 2016-02-17 | Universal secure registry |
US15/661,943 Abandoned US20170323300A1 (en) | 2006-02-21 | 2017-07-27 | Universal secure registry |
US15/661,955 Abandoned US20170323301A1 (en) | 2006-02-21 | 2017-07-27 | Universal secure registry |
US15/685,813 Abandoned US20170372321A1 (en) | 2006-02-21 | 2017-08-24 | Universal secure registry |
US16/590,863 Abandoned US20200034849A1 (en) | 2006-02-21 | 2019-10-02 | Universal secure registry |
US16/590,872 Expired - Fee Related US10733607B2 (en) | 2006-02-21 | 2019-10-02 | Universal secure registry |
US16/833,006 Active US10832245B2 (en) | 2006-02-21 | 2020-03-27 | Universal secure registry |
Family Applications Before (7)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/393,586 Expired - Fee Related US8234220B2 (en) | 2006-02-21 | 2009-02-26 | Universal secure registry |
US13/237,184 Active US8577813B2 (en) | 2006-02-21 | 2011-09-20 | Universal secure registry |
US14/071,126 Abandoned US20140149295A1 (en) | 2006-02-21 | 2013-11-04 | Universal secure registry |
US15/045,408 Abandoned US20160162903A1 (en) | 2006-02-21 | 2016-02-17 | Universal secure registry |
US15/661,943 Abandoned US20170323300A1 (en) | 2006-02-21 | 2017-07-27 | Universal secure registry |
US15/661,955 Abandoned US20170323301A1 (en) | 2006-02-21 | 2017-07-27 | Universal secure registry |
US15/685,813 Abandoned US20170372321A1 (en) | 2006-02-21 | 2017-08-24 | Universal secure registry |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/590,872 Expired - Fee Related US10733607B2 (en) | 2006-02-21 | 2019-10-02 | Universal secure registry |
US16/833,006 Active US10832245B2 (en) | 2006-02-21 | 2020-03-27 | Universal secure registry |
Country Status (1)
Country | Link |
---|---|
US (10) | US8234220B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10942997B2 (en) * | 2014-08-12 | 2021-03-09 | At&T Intellectual Property I, L.P. | Multi-factor authentication |
Families Citing this family (247)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100299258A1 (en) * | 1999-12-10 | 2010-11-25 | Terri Page | System and method for verifying the authenticity of a check and authorizing payment thereof |
US7237117B2 (en) | 2001-03-16 | 2007-06-26 | Kenneth P. Weiss | Universal secure registry |
US7103576B2 (en) * | 2001-09-21 | 2006-09-05 | First Usa Bank, Na | System for providing cardless payment |
US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
US9286457B2 (en) | 2004-06-14 | 2016-03-15 | Rodney Beatson | Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US8896421B2 (en) * | 2005-09-30 | 2014-11-25 | Zebra Enterprise Solutions Corp. | Wide-area dynamic RFID system using UWB |
US8234220B2 (en) | 2007-02-21 | 2012-07-31 | Weiss Kenneth P | Universal secure registry |
US8001055B2 (en) | 2006-02-21 | 2011-08-16 | Weiss Kenneth P | Method, system and apparatus for secure access, payment and identification |
US11227676B2 (en) | 2006-02-21 | 2022-01-18 | Universal Secure Registry, Llc | Universal secure registry |
US9002018B2 (en) * | 2006-05-09 | 2015-04-07 | Sync Up Technologies Corporation | Encryption key exchange system and method |
US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US7937324B2 (en) | 2007-09-13 | 2011-05-03 | Visa U.S.A. Inc. | Account permanence |
US9852426B2 (en) | 2008-02-20 | 2017-12-26 | Collective Dynamics LLC | Method and system for secure transactions |
US11816665B2 (en) | 2008-02-20 | 2023-11-14 | Stripe, Inc. | Method and system for multi-modal transaction authentication |
US8793757B2 (en) * | 2008-05-27 | 2014-07-29 | Open Invention Network, Llc | User-directed privacy control in a user-centric identity management system |
US20100241868A1 (en) * | 2009-03-19 | 2010-09-23 | Hani Nachef | Method and apparatus for storing, managing, and securing personal information |
US20110225045A1 (en) * | 2009-03-30 | 2011-09-15 | Yuh-Shen Song | Paperless Coupon Transactions System |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US10140598B2 (en) | 2009-05-20 | 2018-11-27 | Visa International Service Association | Device including encrypted data for expiration date and verification value creation |
US9084071B2 (en) * | 2009-09-10 | 2015-07-14 | Michael-Anthony Lisboa | Simple mobile registration mechanism enabling automatic registration via mobile devices |
JP2011108148A (en) * | 2009-11-20 | 2011-06-02 | Sony Corp | Information processor, information processing method and program |
US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
WO2011088109A2 (en) | 2010-01-12 | 2011-07-21 | Visa International Service Association | Anytime validation for verification tokens |
US9245267B2 (en) | 2010-03-03 | 2016-01-26 | Visa International Service Association | Portable account number for consumer payment account |
US8495720B2 (en) * | 2010-05-06 | 2013-07-23 | Verizon Patent And Licensing Inc. | Method and system for providing multifactor authentication |
US9342832B2 (en) | 2010-08-12 | 2016-05-17 | Visa International Service Association | Securing external systems with account token substitution |
US8613052B2 (en) | 2010-09-17 | 2013-12-17 | Universal Secure Registry, Llc | Apparatus, system and method employing a wireless user-device |
KR20120076459A (en) * | 2010-11-24 | 2012-07-09 | 한국전자통신연구원 | System and method for providing delivery information |
WO2012112822A2 (en) | 2011-02-16 | 2012-08-23 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
US10586227B2 (en) | 2011-02-16 | 2020-03-10 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
SG193510A1 (en) | 2011-02-22 | 2013-10-30 | Visa Int Service Ass | Universal electronic payment apparatuses, methods and systems |
US9544396B2 (en) | 2011-02-23 | 2017-01-10 | Lookout, Inc. | Remote application installation and control for a mobile device |
CN103503010B (en) | 2011-03-04 | 2017-12-29 | 维萨国际服务协会 | Ability to pay is bound to the safety element of computer |
US8915423B1 (en) * | 2011-03-07 | 2014-12-23 | Isaac S. Daniel | System and method for verifying an individual's authorization to cross borders |
US9070098B2 (en) * | 2011-04-06 | 2015-06-30 | Tyler J. Miller | Background investigation management service |
WO2012142045A2 (en) | 2011-04-11 | 2012-10-18 | Visa International Service Association | Multiple tokenization for authentication |
US9621350B2 (en) * | 2011-06-30 | 2017-04-11 | Cable Television Laboratories, Inc. | Personal authentication |
US9355393B2 (en) | 2011-08-18 | 2016-05-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
WO2013006725A2 (en) | 2011-07-05 | 2013-01-10 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
US9582598B2 (en) | 2011-07-05 | 2017-02-28 | Visa International Service Association | Hybrid applications utilizing distributed models and views apparatuses, methods and systems |
AU2012286583A1 (en) * | 2011-07-25 | 2014-03-13 | Emue Holdings Pty Ltd | Action verification methods and systems |
US9704155B2 (en) | 2011-07-29 | 2017-07-11 | Visa International Service Association | Passing payment tokens through an hop/sop |
US9659164B2 (en) * | 2011-08-02 | 2017-05-23 | Qualcomm Incorporated | Method and apparatus for using a multi-factor password or a dynamic password for enhanced security on a device |
US10242358B2 (en) | 2011-08-18 | 2019-03-26 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
US10825001B2 (en) | 2011-08-18 | 2020-11-03 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US9710807B2 (en) | 2011-08-18 | 2017-07-18 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods and systems |
US8616444B2 (en) * | 2011-09-19 | 2013-12-31 | Bank Of America Corporation | Authorizing financial transactions |
US10223730B2 (en) | 2011-09-23 | 2019-03-05 | Visa International Service Association | E-wallet store injection search apparatuses, methods and systems |
US8819428B2 (en) * | 2011-10-21 | 2014-08-26 | Ebay Inc. | Point of sale (POS) personal identification number (PIN) security |
EP2786548B1 (en) * | 2011-11-29 | 2018-04-11 | CardLogix | Layered security for age verification and transaction authorization |
US9294452B1 (en) | 2011-12-09 | 2016-03-22 | Rightquestion, Llc | Authentication translation |
US11475105B2 (en) | 2011-12-09 | 2022-10-18 | Rightquestion, Llc | Authentication translation |
US20130166462A1 (en) * | 2011-12-22 | 2013-06-27 | Travis Michael Glover | System and method for processing and management of firearm transactions |
RU2631983C2 (en) | 2012-01-05 | 2017-09-29 | Виза Интернэшнл Сервис Ассосиэйшн | Data protection with translation |
US9830595B2 (en) | 2012-01-26 | 2017-11-28 | Visa International Service Association | System and method of providing tokenization as a service |
AU2013214801B2 (en) | 2012-02-02 | 2018-06-21 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
TWI566564B (en) * | 2012-04-25 | 2017-01-11 | Samton International Development Technology Co Ltd | Virtual reality authentication circuit, system and electronic consumption method |
US10275764B2 (en) * | 2012-05-04 | 2019-04-30 | Mastercard International Incorporated | Transaction data tokenization |
WO2013166501A1 (en) | 2012-05-04 | 2013-11-07 | Visa International Service Association | System and method for local data conversion |
US9524501B2 (en) | 2012-06-06 | 2016-12-20 | Visa International Service Association | Method and system for correlating diverse transaction data |
US11468410B2 (en) | 2012-07-11 | 2022-10-11 | Viewpost, Llc. | Universal payment module and system |
US9887992B1 (en) | 2012-07-11 | 2018-02-06 | Microstrategy Incorporated | Sight codes for website authentication |
US10607236B2 (en) | 2012-07-11 | 2020-03-31 | Viewpost, Llc | Universal system for enabling dynamically discounted buyer-vendor payments |
US9027099B1 (en) * | 2012-07-11 | 2015-05-05 | Microstrategy Incorporated | User credentials |
US8762271B2 (en) | 2012-07-11 | 2014-06-24 | Viewpost, Llc | Universal payment module and system |
US9665722B2 (en) | 2012-08-10 | 2017-05-30 | Visa International Service Association | Privacy firewall |
US20150235215A1 (en) | 2012-08-16 | 2015-08-20 | Tango Mobile, LLC | System and Method for Mobile or Web-Based Payment/Credential Process |
US11017211B1 (en) * | 2012-09-07 | 2021-05-25 | Stone Lock Global, Inc. | Methods and apparatus for biometric verification |
US11594072B1 (en) | 2012-09-07 | 2023-02-28 | Stone Lock Global, Inc. | Methods and apparatus for access control using biometric verification |
US11017212B2 (en) * | 2012-09-07 | 2021-05-25 | Stone Lock Global, Inc. | Methods and apparatus for biometric verification |
US11163984B2 (en) * | 2012-09-07 | 2021-11-02 | Stone Lock Global, Inc. | Methods and apparatus for constructing biometrical templates using facial profiles of users |
US11275929B2 (en) * | 2012-09-07 | 2022-03-15 | Stone Lock Global, Inc. | Methods and apparatus for privacy protection during biometric verification |
US11163983B2 (en) * | 2012-09-07 | 2021-11-02 | Stone Lock Global, Inc. | Methods and apparatus for aligning sampling points of facial profiles of users |
US11017213B1 (en) * | 2012-09-07 | 2021-05-25 | Stone Lock Global, Inc. | Methods and apparatus for biometric verification |
US9740917B2 (en) * | 2012-09-07 | 2017-08-22 | Stone Lock Global, Inc. | Biometric identification systems and methods |
US11017214B1 (en) * | 2012-09-07 | 2021-05-25 | Stone Lock Global, Inc. | Methods and apparatus for biometric verification |
US11301670B2 (en) * | 2012-09-07 | 2022-04-12 | Stone Lock Global, Inc. | Methods and apparatus for collision detection in biometric verification |
WO2014043278A1 (en) | 2012-09-11 | 2014-03-20 | Visa International Service Association | Cloud-based virtual wallet nfc apparatuses, methods and systems |
US8935769B2 (en) | 2012-09-28 | 2015-01-13 | Liveensure, Inc. | Method for mobile security via multi-factor context authentication |
US10650385B1 (en) | 2012-10-08 | 2020-05-12 | Viewpost, Llc | System and method for remote check assurance |
US10176478B2 (en) | 2012-10-23 | 2019-01-08 | Visa International Service Association | Transaction initiation determination system utilizing transaction data elements |
US8775807B1 (en) | 2012-10-26 | 2014-07-08 | Microstrategy Incorporated | Credential tracking |
US9317721B2 (en) * | 2012-10-31 | 2016-04-19 | Google Inc. | Privacy aware camera and device status indicator system |
US9911118B2 (en) | 2012-11-21 | 2018-03-06 | Visa International Service Association | Device pairing via trusted intermediary |
GB2508173A (en) * | 2012-11-22 | 2014-05-28 | Barclays Bank Plc | Identity verification systems and methods |
US10164957B1 (en) | 2012-11-30 | 2018-12-25 | Microstrategy Incorporated | Conditional user credentials |
US9640001B1 (en) | 2012-11-30 | 2017-05-02 | Microstrategy Incorporated | Time-varying representations of user credentials |
US10304047B2 (en) | 2012-12-07 | 2019-05-28 | Visa International Service Association | Token generating component |
US9741051B2 (en) | 2013-01-02 | 2017-08-22 | Visa International Service Association | Tokenization and third-party interaction |
US9232394B2 (en) * | 2013-01-02 | 2016-01-05 | International Business Machines Corporation | Authentication of phone caller identity |
US10740731B2 (en) | 2013-01-02 | 2020-08-11 | Visa International Service Association | Third party settlement |
US9154303B1 (en) | 2013-03-14 | 2015-10-06 | Microstrategy Incorporated | Third-party authorization of user credentials |
US9378386B1 (en) | 2013-03-15 | 2016-06-28 | Microstrategy Incorporated | Content sharing technology |
US9022286B2 (en) | 2013-03-15 | 2015-05-05 | Virtual Electric, Inc. | Multi-functional credit card type portable electronic device |
US9450958B1 (en) | 2013-03-15 | 2016-09-20 | Microstrategy Incorporated | Permission delegation technology |
US11055710B2 (en) | 2013-05-02 | 2021-07-06 | Visa International Service Association | Systems and methods for verifying and processing transactions using virtual currency |
SG11201509386UA (en) | 2013-05-15 | 2015-12-30 | Visa Int Service Ass | Mobile tokenization hub |
US10878422B2 (en) | 2013-06-17 | 2020-12-29 | Visa International Service Association | System and method using merchant token |
CN113469670B (en) | 2013-07-24 | 2024-04-05 | 维萨国际服务协会 | System and method for ensuring data transfer risk using tokens |
US10496986B2 (en) | 2013-08-08 | 2019-12-03 | Visa International Service Association | Multi-network tokenization processing |
CN114819961A (en) | 2013-08-08 | 2022-07-29 | 维萨国际服务协会 | Method and system for provisioning payment credentials for mobile devices |
US9928355B2 (en) * | 2013-09-09 | 2018-03-27 | Apple Inc. | Background enrollment and authentication of a user |
US9978094B2 (en) | 2013-10-11 | 2018-05-22 | Visa International Service Association | Tokenization revocation list |
JP6386567B2 (en) | 2013-10-11 | 2018-09-05 | ビザ インターナショナル サービス アソシエーション | Network token system |
US10515358B2 (en) | 2013-10-18 | 2019-12-24 | Visa International Service Association | Contextual transaction token methods and systems |
US10489779B2 (en) | 2013-10-21 | 2019-11-26 | Visa International Service Association | Multi-network token bin routing with defined verification parameters |
US10366387B2 (en) | 2013-10-29 | 2019-07-30 | Visa International Service Association | Digital wallet system and method |
AU2014353151B2 (en) | 2013-11-19 | 2018-03-08 | Visa International Service Association | Automated account provisioning |
BR112016014106A2 (en) | 2013-12-19 | 2017-08-08 | Visa Int Service Ass | METHOD FOR ENHANCED SECURITY OF A COMMUNICATION DEVICE, AND, COMMUNICATION DEVICE |
US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
US20150178722A1 (en) * | 2013-12-20 | 2015-06-25 | International Business Machines Corporation | Temporary passcode generation for credit card transactions |
US10433128B2 (en) | 2014-01-07 | 2019-10-01 | Visa International Service Association | Methods and systems for provisioning multiple devices |
US9846878B2 (en) | 2014-01-14 | 2017-12-19 | Visa International Service Association | Payment account identifier system |
EP3100246A2 (en) * | 2014-01-27 | 2016-12-07 | Nortek Security & Control LLC | Building security and automation system |
GB2523101A (en) * | 2014-02-12 | 2015-08-19 | Ipl Information Proc Ltd | Method and system for executing online transfer of assets |
US9754097B2 (en) | 2014-02-21 | 2017-09-05 | Liveensure, Inc. | Method for peer to peer mobile context authentication |
US10511580B2 (en) | 2014-03-31 | 2019-12-17 | Monticello Enterprises LLC | System and method for providing a social media shopping experience |
US11004139B2 (en) | 2014-03-31 | 2021-05-11 | Monticello Enterprises LLC | System and method for providing simplified in store purchases and in-app purchases using a use-interface-based payment API |
US11915303B2 (en) | 2014-03-31 | 2024-02-27 | Monticello Enterprises LLC | System and method for providing a social media shopping experience |
US11282131B2 (en) | 2014-03-31 | 2022-03-22 | Monticello Enterprises LLC | User device enabling access to payment information in response to user input |
US11080777B2 (en) | 2014-03-31 | 2021-08-03 | Monticello Enterprises LLC | System and method for providing a social media shopping experience |
US12008629B2 (en) | 2014-03-31 | 2024-06-11 | Monticello Enterprises LLC | System and method for providing a social media shopping experience |
US10026087B2 (en) | 2014-04-08 | 2018-07-17 | Visa International Service Association | Data passed in an interaction |
US20150287014A1 (en) * | 2014-04-08 | 2015-10-08 | Ebay Inc. | Managing check in applications using protocol handlers |
US9183553B2 (en) * | 2014-04-13 | 2015-11-10 | Ynjiun Paul Wang | Once card number generation and validation method and apparatus |
BR102014010137A2 (en) * | 2014-04-28 | 2015-08-25 | Tecnologia Bancária S A | ATM Biometric Authentication System Applied to Self-Service Terminals with Biometric Sensors |
US20190147418A1 (en) * | 2014-04-28 | 2019-05-16 | Tecnologia Bancaria S.A. | Multibank biometric authentication system applied in automatic teller machines equipped with biometric sensors |
US11900305B2 (en) | 2014-04-29 | 2024-02-13 | Vivint, Inc. | Occupancy identification for guiding delivery personnel |
US10657483B2 (en) * | 2014-04-29 | 2020-05-19 | Vivint, Inc. | Systems and methods for secure package delivery |
US11410221B2 (en) | 2014-04-29 | 2022-08-09 | Vivint, Inc. | Integrated secure delivery |
US11049343B2 (en) | 2014-04-29 | 2021-06-29 | Vivint, Inc. | Techniques for securing a dropspot |
SG11201608973TA (en) | 2014-05-01 | 2016-11-29 | Visa Int Service Ass | Data verification using access device |
KR20160146784A (en) | 2014-05-05 | 2016-12-21 | 비자 인터네셔널 서비스 어소시에이션 | System and method for token domain control |
EP3146747B1 (en) | 2014-05-21 | 2020-07-01 | Visa International Service Association | Offline authentication |
CN104044531A (en) * | 2014-05-30 | 2014-09-17 | 江苏大学 | Automobile control method based on smartwatch and control system |
US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
US10013495B2 (en) * | 2014-06-13 | 2018-07-03 | Upbreeze Incorporated Limited | Intra-affiliation and inter-affiliation postings management |
US10515129B2 (en) | 2014-06-13 | 2019-12-24 | Upbreeze Incorporated Limited | Facilitating inter-entity communications |
WO2015194135A1 (en) | 2014-06-19 | 2015-12-23 | 日本電気株式会社 | Authentication device, authentication system, authentication method, and program storage medium |
US20160012422A1 (en) * | 2014-07-11 | 2016-01-14 | Google Inc. | Hands-free transactions with a transaction confirmation request |
US9652759B2 (en) | 2014-07-11 | 2017-05-16 | Google Inc. | Hands-free transactions |
US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
US10484345B2 (en) | 2014-07-31 | 2019-11-19 | Visa International Service Association | System and method for identity verification across mobile applications |
GB201414302D0 (en) * | 2014-08-12 | 2014-09-24 | Jewel Aviat And Technology Ltd | Data security system and method |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10140615B2 (en) | 2014-09-22 | 2018-11-27 | Visa International Service Association | Secure mobile device credential provisioning using risk decision non-overrides |
EP3198907B1 (en) | 2014-09-26 | 2019-04-10 | Visa International Service Association | Remote server encrypted data provisioning system and methods |
US11257074B2 (en) | 2014-09-29 | 2022-02-22 | Visa International Service Association | Transaction risk based token |
US11793869B2 (en) * | 2014-10-07 | 2023-10-24 | Serum Institute Of India Pvt Ltd. | Methods for enterovirus inactivation, adjuvant adsorption and dose reduced vaccine compositions obtained thereof |
US9977881B2 (en) * | 2014-10-15 | 2018-05-22 | Mastercard International Incorporated | Methods, apparatus and systems for securely authenticating a person depending on context |
US10015147B2 (en) | 2014-10-22 | 2018-07-03 | Visa International Service Association | Token enrollment system and method |
GB201419016D0 (en) | 2014-10-24 | 2014-12-10 | Visa Europe Ltd | Transaction Messaging |
SG11201702763TA (en) | 2014-11-26 | 2017-05-30 | Visa Int Service Ass | Tokenization request via access device |
US10020899B2 (en) | 2014-12-05 | 2018-07-10 | W2Bi, Inc. | Smart box for automatic feature testing of smart phones and other devices |
CN105743937B (en) * | 2014-12-08 | 2021-02-19 | 创新先进技术有限公司 | Method for displaying access content and server |
CN107005563B (en) | 2014-12-12 | 2021-03-30 | 维萨国际服务协会 | Supply platform for machine-to-machine devices |
US10257185B2 (en) | 2014-12-12 | 2019-04-09 | Visa International Service Association | Automated access data provisioning |
US9824207B1 (en) | 2014-12-15 | 2017-11-21 | Amazon Technologies, Inc. | Authentication information update based on fraud detection |
US9838384B1 (en) | 2014-12-15 | 2017-12-05 | Amazon Technologies, Inc. | Password-based fraud detection |
US9503451B1 (en) * | 2014-12-15 | 2016-11-22 | Amazon Technologies, Inc. | Compromised authentication information clearing house |
US10096009B2 (en) | 2015-01-20 | 2018-10-09 | Visa International Service Association | Secure payment processing using authorization request |
US11250391B2 (en) | 2015-01-30 | 2022-02-15 | Visa International Service Association | Token check offline |
AU2016266567B2 (en) * | 2015-02-09 | 2020-02-20 | Tzero Ip, Llc | Crypto integration platform |
US9940486B2 (en) * | 2015-02-23 | 2018-04-10 | Cisco Technology, Inc. | Detection of hardware tampering |
US10185949B2 (en) * | 2015-03-05 | 2019-01-22 | American Express Travel Related Services Company, Inc. | System and method for authentication of a mobile device configured with payment capabilities |
US10164996B2 (en) | 2015-03-12 | 2018-12-25 | Visa International Service Association | Methods and systems for providing a low value token buffer |
US10685349B2 (en) * | 2015-03-18 | 2020-06-16 | Google Llc | Confirming physical possession of plastic NFC cards with a mobile digital wallet application |
SG10201908338TA (en) | 2015-04-10 | 2019-10-30 | Visa Int Service Ass | Browser integration with cryptogram |
CN106161384A (en) | 2015-04-15 | 2016-11-23 | 伊姆西公司 | For providing the method and system of the secure access to data in a mobile device |
US9998978B2 (en) | 2015-04-16 | 2018-06-12 | Visa International Service Association | Systems and methods for processing dormant virtual access devices |
CA3136291A1 (en) * | 2015-04-20 | 2016-10-27 | Luc Bessette | Patient-centric health record system and related methods |
US10552834B2 (en) | 2015-04-30 | 2020-02-04 | Visa International Service Association | Tokenization capable authentication framework |
CN111833043B (en) * | 2015-05-25 | 2024-04-19 | 创新先进技术有限公司 | Information interaction method, equipment and server |
US9703976B1 (en) * | 2015-06-17 | 2017-07-11 | Amazon Technologies, Inc. | Encryption for physical media transfer |
US9888035B2 (en) | 2015-06-30 | 2018-02-06 | Symantec Corporation | Systems and methods for detecting man-in-the-middle attacks |
US11316844B2 (en) * | 2015-08-24 | 2022-04-26 | Paypal, Inc. | Optimizing tokens for identity platforms |
WO2017066792A1 (en) | 2015-10-15 | 2017-04-20 | Visa International Service Association | Instant token issuance system |
NL2015832B1 (en) * | 2015-11-20 | 2017-06-28 | Intellectueel Eigendom Beheer B V | A wireless communication method, a wireless communication system and a computer program product. |
US10664843B2 (en) | 2015-12-04 | 2020-05-26 | Visa International Service Association | Unique code for token verification |
US10817593B1 (en) * | 2015-12-29 | 2020-10-27 | Wells Fargo Bank, N.A. | User information gathering and distribution system |
AU2017206119B2 (en) | 2016-01-07 | 2020-10-29 | Visa International Service Association | Systems and methods for device push provisioning |
NO344910B1 (en) * | 2016-01-12 | 2020-06-29 | Kk88 No As | Device for verifying the identity of a person |
AU2017214412A1 (en) | 2016-02-01 | 2018-06-28 | Visa International Service Association | Systems and methods for code display and use |
US11501288B2 (en) | 2016-02-09 | 2022-11-15 | Visa International Service Association | Resource provider account token provisioning and processing |
EP3374916B1 (en) | 2016-03-01 | 2023-12-13 | Google LLC | Facial profile modification for hands free transactions |
US20170278127A1 (en) | 2016-03-28 | 2017-09-28 | Codebroker, Llc | Validating digital content presented on a mobile device |
US10313321B2 (en) | 2016-04-07 | 2019-06-04 | Visa International Service Association | Tokenization of co-network accounts |
CN109074578A (en) | 2016-04-19 | 2018-12-21 | 维萨国际服务协会 | System and method for executing push transaction |
US9792782B1 (en) | 2016-05-17 | 2017-10-17 | Visa International Service Association | Systems and methods for transferring resource access |
US11250424B2 (en) | 2016-05-19 | 2022-02-15 | Visa International Service Association | Systems and methods for creating subtokens using primary tokens |
RU2018144220A (en) | 2016-06-03 | 2020-07-09 | Виза Интернэшнл Сервис Ассосиэйшн | SUB-TOKEN MANAGEMENT SYSTEM FOR CONNECTED DEVICES |
US11068899B2 (en) | 2016-06-17 | 2021-07-20 | Visa International Service Association | Token aggregation for multi-party transactions |
AU2017281938A1 (en) | 2016-06-24 | 2018-10-25 | Visa International Service Association | Unique token authentication cryptogram |
BR112018076196A2 (en) | 2016-07-11 | 2019-03-26 | Visa International Service Association | method, and portable communication and access devices. |
CA3026224A1 (en) | 2016-07-19 | 2018-01-25 | Visa International Service Association | Method of distributing tokens and managing token relationships |
US10148646B2 (en) | 2016-07-20 | 2018-12-04 | Bank Of America Corporation | Preventing unauthorized access to secured information systems using tokenized authentication techniques |
US10057255B2 (en) | 2016-07-20 | 2018-08-21 | Bank Of America Corporation | Preventing unauthorized access to secured information systems using multi-device authentication techniques |
US10057249B2 (en) | 2016-07-20 | 2018-08-21 | Bank Of America Corporation | Preventing unauthorized access to secured information systems using tokenized authentication techniques |
WO2018026688A1 (en) | 2016-07-31 | 2018-02-08 | Google Llc | Automatic hands free service requests |
US10158552B2 (en) | 2016-08-12 | 2018-12-18 | W2Bi, Inc. | Device profile-driven automation for cell-based test systems |
US10548033B2 (en) | 2016-08-12 | 2020-01-28 | W2Bi, Inc. | Local portable test systems and methods |
US10681570B2 (en) | 2016-08-12 | 2020-06-09 | W2Bi, Inc. | Automated configurable portable test systems and methods |
US10251079B2 (en) | 2016-08-12 | 2019-04-02 | W2Bi, Inc. | Cloud-based services for management of cell-based test systems |
US10701571B2 (en) | 2016-08-12 | 2020-06-30 | W2Bi, Inc. | Automated validation and calibration portable test systems and methods |
US10509779B2 (en) | 2016-09-14 | 2019-12-17 | Visa International Service Association | Self-cleaning token vault |
US10346152B2 (en) * | 2016-09-20 | 2019-07-09 | At&T Intellectual Property I, L.P. | Facilitating use of a universal integrated circuit card (UICC) for secure device updates |
US10667134B2 (en) * | 2016-11-21 | 2020-05-26 | International Business Machines Corporation | Touch-share credential management on multiple devices |
CN110036386B (en) | 2016-11-28 | 2023-08-22 | 维萨国际服务协会 | Access identifier supplied to application program |
US11588813B2 (en) * | 2016-12-08 | 2023-02-21 | Mastercard International Incorporated | Systems and methods for biometric authentication using existing databases |
KR102614046B1 (en) * | 2016-12-26 | 2023-12-15 | 삼성전자주식회사 | Method for obtaining bio data and an electronic device thereof |
SE1750264A1 (en) * | 2017-03-09 | 2018-09-10 | Fingerprint Cards Ab | Arrangement and method for facilitating a transaction |
US10915899B2 (en) | 2017-03-17 | 2021-02-09 | Visa International Service Association | Replacing token on a multi-token user device |
US10902418B2 (en) | 2017-05-02 | 2021-01-26 | Visa International Service Association | System and method using interaction token |
US11494765B2 (en) | 2017-05-11 | 2022-11-08 | Visa International Service Association | Secure remote transaction system using mobile devices |
US10491389B2 (en) | 2017-07-14 | 2019-11-26 | Visa International Service Association | Token provisioning utilizing a secure authentication system |
US10990976B1 (en) * | 2017-12-20 | 2021-04-27 | United Services Automobile Association (Usaa) | Systems and methods for account ownership verification |
KR102488706B1 (en) * | 2018-02-14 | 2023-01-17 | 현대자동차주식회사 | Vehicle and method for controlling thereof |
EP3762844A4 (en) | 2018-03-07 | 2021-04-21 | Visa International Service Association | Secure remote token release with online authentication |
CN108449182B (en) * | 2018-04-09 | 2021-10-01 | 南京网觉软件有限公司 | Mobile phone verification login system and method based on display device electromagnetic radiation communication |
US20190311354A1 (en) * | 2018-04-09 | 2019-10-10 | Ca, Inc. | Model and method to advanced authentication and authorization process for payment transactions in a banking system with no cards issued to customers |
US11256789B2 (en) | 2018-06-18 | 2022-02-22 | Visa International Service Association | Recurring token transactions |
FR3084182B1 (en) * | 2018-07-18 | 2022-09-16 | Idemia France | METHOD FOR RECORDING BIOMETRIC REFERENCE DATA IN A BIOMETRIC CHIP CARD |
US11777934B2 (en) | 2018-08-22 | 2023-10-03 | Visa International Service Association | Method and system for token provisioning and processing |
EP3624037A1 (en) * | 2018-09-17 | 2020-03-18 | Mastercard International Incorporated | Payment devices using optical codes |
US11030853B2 (en) | 2018-10-01 | 2021-06-08 | Everi Payments Inc. | Mobile casino jackpot payment reporting system with secure email form reporting to customer |
SG11202103377WA (en) | 2018-10-08 | 2021-04-29 | Visa Int Service Ass | Techniques for token proximity transactions |
WO2020102484A1 (en) | 2018-11-14 | 2020-05-22 | Visa International Service Association | Cloud token provisioning of multiple tokens |
US10944745B2 (en) | 2018-12-06 | 2021-03-09 | Bank Of America Corporation | System and method for device and transaction authentication |
US10986079B2 (en) | 2018-12-06 | 2021-04-20 | Bank Of America Corporation | System and method for hierarchical decisioning within a hybrid blockchain |
FR3090934A1 (en) * | 2018-12-21 | 2020-06-26 | Orange | Method and system for securing operations, and associated user station |
US11501399B1 (en) * | 2019-04-08 | 2022-11-15 | American Airlines, Inc. | Mobile check-in and user verification for access to secured areas such as lounges |
SG11202108626QA (en) | 2019-05-17 | 2021-09-29 | Visa Int Service Ass | Virtual access credential interaction system and method |
US11418503B2 (en) * | 2019-07-03 | 2022-08-16 | Bank Of America Corporation | Sensor-based authentication, notification, and assistance systems |
US11657389B2 (en) * | 2019-12-27 | 2023-05-23 | Paypal, Inc. | Data input using multi-factor authentication |
US11444950B2 (en) * | 2020-04-24 | 2022-09-13 | Vmware, Inc. | Automated verification of authenticated users accessing a physical resource |
US11797598B2 (en) * | 2020-10-30 | 2023-10-24 | Sitecore Corporation A/S | System and method to automatically create, assemble and optimize content into personalized experiences |
USD976904S1 (en) | 2020-12-18 | 2023-01-31 | Stone Lock Global, Inc. | Biometric scanner |
US11952011B2 (en) * | 2021-03-08 | 2024-04-09 | Toyota Motor Engineering & Manufacturing North America, Inc. | Devices and methods for digitally combining multiple access keys and locations |
US20220343730A1 (en) | 2021-04-22 | 2022-10-27 | Everi Payments Inc. | System and method for suspending casino jackpot processing |
US11777922B2 (en) * | 2021-10-12 | 2023-10-03 | Dell Products L.P. | Autonomous multi-factor authentication |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5870723A (en) * | 1994-11-28 | 1999-02-09 | Pare, Jr.; David Ferrin | Tokenless biometric transaction authorization method and system |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US20070131759A1 (en) * | 2005-12-14 | 2007-06-14 | Cox Mark A | Smartcard and magnetic stripe emulator with biometric authentication |
US20070197261A1 (en) * | 2004-03-19 | 2007-08-23 | Humbel Roger M | Mobile Telephone All In One Remote Key Or Software Regulating Card For Radio Bicycle Locks, Cars, Houses, And Rfid Tags, With Authorisation And Payment Function |
US20070274242A1 (en) * | 2004-07-29 | 2007-11-29 | Kevin Lamacraft | Multi-tag emulator |
US7597250B2 (en) * | 2003-11-17 | 2009-10-06 | Dpd Patent Trust Ltd. | RFID reader with multiple interfaces |
Family Cites Families (205)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5367572A (en) | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
US5168520A (en) | 1984-11-30 | 1992-12-01 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US4998279A (en) | 1984-11-30 | 1991-03-05 | Weiss Kenneth P | Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics |
US4856062A (en) | 1984-11-30 | 1989-08-08 | Kenneth Weiss | Computing and indicating device |
US4720860A (en) | 1984-11-30 | 1988-01-19 | Security Dynamics Technologies, Inc. | Method and apparatus for positively identifying an individual |
US4885778A (en) | 1984-11-30 | 1989-12-05 | Weiss Kenneth P | Method and apparatus for synchronizing generation of separate, free running, time dependent equipment |
US5097505A (en) | 1989-10-31 | 1992-03-17 | Securities Dynamics Technologies, Inc. | Method and apparatus for secure identification and verification |
WO1992007436A1 (en) | 1990-10-19 | 1992-04-30 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US5485519A (en) | 1991-06-07 | 1996-01-16 | Security Dynamics Technologies, Inc. | Enhanced security for a secure token code |
US5657388A (en) | 1993-05-25 | 1997-08-12 | Security Dynamics Technologies, Inc. | Method and apparatus for utilizing a token for resource access |
US5479512A (en) | 1991-06-07 | 1995-12-26 | Security Dynamics Technologies, Inc. | Method and apparatus for performing concryption |
US5237614A (en) | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US6130621A (en) | 1992-07-09 | 2000-10-10 | Rsa Security Inc. | Method and apparatus for inhibiting unauthorized access to or utilization of a protected device |
US5361062A (en) | 1992-11-25 | 1994-11-01 | Security Dynamics Technologies, Inc. | Personal security system |
US5398285A (en) | 1993-12-30 | 1995-03-14 | Motorola, Inc. | Method for generating a password using public key cryptography |
US5457747A (en) * | 1994-01-14 | 1995-10-10 | Drexler Technology Corporation | Anti-fraud verification system using a data card |
US6950810B2 (en) | 1994-11-28 | 2005-09-27 | Indivos Corporation | Tokenless biometric electronic financial transactions via a third party identicator |
US5615277A (en) | 1994-11-28 | 1997-03-25 | Hoffman; Ned | Tokenless security system for authorizing access to a secured computer system |
US5613012A (en) | 1994-11-28 | 1997-03-18 | Smarttouch, Llc. | Tokenless identification system for authorization of electronic transactions and electronic transmissions |
US5915023A (en) | 1997-01-06 | 1999-06-22 | Bernstein; Robert | Automatic portable account controller for remotely arranging for transfer of value to a recipient |
US6202055B1 (en) | 1996-08-21 | 2001-03-13 | Image Data, Llc | Positive identification display device and scanner for low cost collection and display of graphic and text data in a secure manner |
US5664109A (en) | 1995-06-07 | 1997-09-02 | E-Systems, Inc. | Method for extracting pre-defined data items from medical service records generated by health care providers |
US6088450A (en) | 1996-04-17 | 2000-07-11 | Intel Corporation | Authentication system based on periodic challenge/response protocol |
US5813006A (en) | 1996-05-06 | 1998-09-22 | Banyan Systems, Inc. | On-line directory service with registration system |
US5930767A (en) | 1997-05-28 | 1999-07-27 | Motorola, Inc. | Transaction methods systems and devices |
US6498861B1 (en) | 1996-12-04 | 2002-12-24 | Activcard Ireland Limited | Biometric security encryption system |
US6546005B1 (en) | 1997-03-25 | 2003-04-08 | At&T Corp. | Active user registry |
US5971272A (en) | 1997-08-19 | 1999-10-26 | At&T Corp. | Secured personal identification number |
US6163771A (en) | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
US6000832A (en) | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
JP3922482B2 (en) | 1997-10-14 | 2007-05-30 | ソニー株式会社 | Information processing apparatus and method |
US6260039B1 (en) | 1997-12-15 | 2001-07-10 | International Business Machines Corporation | Web interface and method for accessing directory information |
US6098053A (en) | 1998-01-28 | 2000-08-01 | Citibank, N.A. | System and method for performing an electronic financial transaction |
US6754820B1 (en) | 2001-01-30 | 2004-06-22 | Tecsec, Inc. | Multiple level access system |
US6102846A (en) | 1998-02-26 | 2000-08-15 | Eastman Kodak Company | System and method of managing a psychological state of an individual using images |
US6636833B1 (en) * | 1998-03-25 | 2003-10-21 | Obis Patents Ltd. | Credit card system and method |
US7523856B2 (en) | 1998-04-17 | 2009-04-28 | Diebold Self-Service Systems | Cash dispensing automated banking machine with flexible display |
HUP0004158A2 (en) | 1998-09-04 | 2001-05-28 | Impower, Inc. | Electronic commerce with anonymous shopping and anonymous vendor shipping |
JP2000092046A (en) | 1998-09-11 | 2000-03-31 | Mitsubishi Electric Corp | Remote authentication system |
US6253202B1 (en) | 1998-09-18 | 2001-06-26 | Tacit Knowledge Systems, Inc. | Method, system and apparatus for authorizing access by a first user to a knowledge profile of a second user responsive to an access request from the first user |
IL128935A (en) | 1998-09-18 | 2003-10-31 | Direct & Clear Inc | Communication method and system utilizing a specific communication code |
US6253203B1 (en) | 1998-10-02 | 2001-06-26 | Ncr Corporation | Privacy-enhanced database |
US6073106A (en) | 1998-10-30 | 2000-06-06 | Nehdc, Inc. | Method of managing and controlling access to personal information |
TW451143B (en) | 1998-11-05 | 2001-08-21 | Ecomagents Inc | Method for controlling access to information |
JP2000322486A (en) | 1999-02-12 | 2000-11-24 | Citibank Na | Method and system for fulfilling bank card transaction |
US7571139B1 (en) | 1999-02-19 | 2009-08-04 | Giordano Joseph A | System and method for processing financial transactions |
JP2000259278A (en) | 1999-03-12 | 2000-09-22 | Fujitsu Ltd | Device and method for performing indivisual authentication by using living body information |
US6820204B1 (en) | 1999-03-31 | 2004-11-16 | Nimesh Desai | System and method for selective information exchange |
US6985583B1 (en) | 1999-05-04 | 2006-01-10 | Rsa Security Inc. | System and method for authentication seed distribution |
US7111172B1 (en) | 1999-07-19 | 2006-09-19 | Rsa Security Inc. | System and methods for maintaining and distributing personal security devices |
AU7056800A (en) | 1999-08-13 | 2001-03-13 | Fleetboston Financial Corporation | Proxy system for customer confidentiality |
EP1081632A1 (en) | 1999-09-01 | 2001-03-07 | Keyware Technologies | Biometric authentication device |
AU7621300A (en) | 1999-09-28 | 2001-04-30 | Chameleon Network Inc. | Portable electronic authorization system and associated method |
US7742967B1 (en) | 1999-10-01 | 2010-06-22 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
US6640211B1 (en) | 1999-10-22 | 2003-10-28 | First Genetic Trust Inc. | Genetic profiling and banking system and method |
AU4137601A (en) | 1999-11-30 | 2001-06-12 | Barry Johnson | Methods, systems, and apparatuses for secure interactions |
US6658400B2 (en) | 1999-12-04 | 2003-12-02 | William S. Perell | Data certification and verification system having a multiple-user-controlled data interface |
US20010032100A1 (en) | 1999-12-23 | 2001-10-18 | Khalid Mahmud | Dynamic remotely accessible medical record |
US6845448B1 (en) | 2000-01-07 | 2005-01-18 | Pennar Software Corporation | Online repository for personal information |
US6581059B1 (en) | 2000-01-24 | 2003-06-17 | International Business Machines Corporation | Digital persona for providing access to personal information |
US20020046061A1 (en) | 2000-02-11 | 2002-04-18 | Wright Kenneth L. | Personal information system |
US6941271B1 (en) | 2000-02-15 | 2005-09-06 | James W. Soong | Method for accessing component fields of a patient record by applying access rules determined by the patient |
US6453301B1 (en) | 2000-02-23 | 2002-09-17 | Sony Corporation | Method of using personal device with internal biometric in conducting transactions over a network |
WO2001065502A2 (en) | 2000-02-29 | 2001-09-07 | E-Scoring, Inc. | Systems and methods enabling anonymous credit transactions |
US7865414B2 (en) | 2000-03-01 | 2011-01-04 | Passgate Corporation | Method, system and computer readable medium for web site account and e-commerce management from a central location |
US6678821B1 (en) * | 2000-03-23 | 2004-01-13 | E-Witness Inc. | Method and system for restricting access to the private key of a user in a public key infrastructure |
US7412604B1 (en) | 2000-03-28 | 2008-08-12 | International Business Machines Corporation | Using biometrics on pervasive devices for mobile identification |
WO2001088804A1 (en) | 2000-05-15 | 2001-11-22 | Efunds Corporation | System for and method of effecting an electronic transaction |
JP4511684B2 (en) | 2000-05-16 | 2010-07-28 | 日本電気株式会社 | Biometrics identity verification service provision system |
DE10024707A1 (en) * | 2000-05-18 | 2001-11-29 | Fresenius Medical Care De Gmbh | Elastic film |
US7441123B2 (en) * | 2001-03-23 | 2008-10-21 | Ensign Holdings | Method and apparatus for characterizing and estimating the parameters of histological and physiological biometric markers for authentication |
US6950521B1 (en) | 2000-06-13 | 2005-09-27 | Lucent Technologies Inc. | Method for repeated authentication of a user subscription identity module |
US8924236B2 (en) | 2000-07-20 | 2014-12-30 | Marfly 1, LP | Record system |
US7552333B2 (en) * | 2000-08-04 | 2009-06-23 | First Data Corporation | Trusted authentication digital signature (tads) system |
BR0113462A (en) | 2000-08-17 | 2003-12-30 | Daniel A Kern | Method for facilitating payment of a customer financial account to a merchant / collector or a payment processor associated with a merchant / collector |
US6819219B1 (en) | 2000-10-13 | 2004-11-16 | International Business Machines Corporation | Method for biometric-based authentication in wireless communication for access control |
US8015592B2 (en) | 2002-03-28 | 2011-09-06 | Innovation Connection Corporation | System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe |
US7337326B2 (en) | 2002-03-28 | 2008-02-26 | Innovation Connection Corporation | Apparatus and method for effecting secure physical and commercial transactions in a contactless manner using biometric identity validation |
US8103881B2 (en) | 2000-11-06 | 2012-01-24 | Innovation Connection Corporation | System, method and apparatus for electronic ticketing |
US20040236632A1 (en) | 2000-12-07 | 2004-11-25 | Maritzen Michael L. | System and method for conducing financial transactions using a personal transaction device with vehicle-accessed, payment-gateway terminals |
US6950939B2 (en) | 2000-12-08 | 2005-09-27 | Sony Corporation | Personal transaction device with secure storage on a removable memory device |
JP2002186039A (en) * | 2000-12-14 | 2002-06-28 | Omron Corp | Entrance management unit and entrance management system |
US7921297B2 (en) | 2001-01-10 | 2011-04-05 | Luis Melisendro Ortiz | Random biometric authentication utilizing unique biometric signatures |
AU2002229972A1 (en) | 2001-02-14 | 2002-08-28 | Scientific Generics Limited | Cryptographic key generation apparatus and method |
US7237117B2 (en) | 2001-03-16 | 2007-06-26 | Kenneth P. Weiss | Universal secure registry |
EP1248007B1 (en) * | 2001-04-06 | 2004-01-14 | BorgWarner Inc. | Viscous coupling |
JP4177598B2 (en) | 2001-05-25 | 2008-11-05 | 株式会社東芝 | Face image recording apparatus, information management system, face image recording method, and information management method |
US20020184500A1 (en) * | 2001-05-29 | 2002-12-05 | Michael Maritzen | System and method for secure entry and authentication of consumer-centric information |
JP2003050783A (en) | 2001-05-30 | 2003-02-21 | Fujitsu Ltd | Composite authentication system |
US20020194499A1 (en) | 2001-06-15 | 2002-12-19 | Audebert Yves Louis Gabriel | Method, system and apparatus for a portable transaction device |
US7119659B2 (en) | 2001-07-10 | 2006-10-10 | American Express Travel Related Services Company, Inc. | Systems and methods for providing a RF transaction device for use in a private label transaction |
US7925535B2 (en) * | 2001-07-10 | 2011-04-12 | American Express Travel Related Services Company, Inc. | System and method for securing RF transactions using a radio frequency identification device including a random number generator |
US7249112B2 (en) * | 2002-07-09 | 2007-07-24 | American Express Travel Related Services Company, Inc. | System and method for assigning a funding source for a radio frequency identification device |
US20040236699A1 (en) * | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for hand geometry recognition biometrics on a fob |
US7705732B2 (en) * | 2001-07-10 | 2010-04-27 | Fred Bishop | Authenticating an RF transaction using a transaction counter |
US20030101348A1 (en) | 2001-07-12 | 2003-05-29 | Russo Anthony P. | Method and system for determining confidence in a digital transaction |
EP1282024A1 (en) | 2001-07-30 | 2003-02-05 | Hewlett-Packard Company | Trusted identities on a trusted computing platform |
KR100505187B1 (en) | 2001-08-08 | 2005-08-04 | 오므론 가부시키가이샤 | Device and method of authentication, and method of registration of identity of the person |
US20030074568A1 (en) | 2001-10-17 | 2003-04-17 | Kinsella David J. | Methods and apparatuses for performing secure transactions without transmitting biometric information |
US20030084332A1 (en) * | 2001-10-26 | 2003-05-01 | Koninklijke Philips Electronics N.V. | Method for binding a software data domain to specific hardware |
US20030229811A1 (en) | 2001-10-31 | 2003-12-11 | Cross Match Technologies, Inc. | Method that provides multi-tiered authorization and identification |
EP1308864A1 (en) | 2001-11-02 | 2003-05-07 | Hewlett-Packard Company | Passenger management system and method and electronic device |
GB2382006A (en) | 2001-11-06 | 2003-05-14 | Ibm | Digital certificate containing the identity of an entity which will rely on the certificate |
US7574711B2 (en) * | 2001-12-14 | 2009-08-11 | Nvidia International, Inc. | System for replaying and synchronizing patterns on a client and external data source devices |
US7221809B2 (en) | 2001-12-17 | 2007-05-22 | Genex Technologies, Inc. | Face recognition system and method |
US7278026B2 (en) | 2002-01-02 | 2007-10-02 | Mcgowan Tim | Method and system for the generation, management, and use of a unique personal identification token for in person and electronic identification and authentication |
US7502459B1 (en) | 2002-02-28 | 2009-03-10 | Adaptec, Inc. | Unified services entitlement architecture |
US7961884B2 (en) | 2002-08-13 | 2011-06-14 | Ipass Inc. | Method and system for changing security information in a computer network |
US7773972B2 (en) | 2002-05-15 | 2010-08-10 | Socket Mobile, Inc. | Functionality and policies based on wireless device dynamic associations |
US20030219121A1 (en) | 2002-05-24 | 2003-11-27 | Ncipher Corporation, Ltd | Biometric key generation for secure storage |
US7529933B2 (en) | 2002-05-30 | 2009-05-05 | Microsoft Corporation | TLS tunneling |
US7174332B2 (en) | 2002-06-11 | 2007-02-06 | Ip. Com, Inc. | Method and apparatus for safeguarding files |
EP1531164B1 (en) * | 2002-06-27 | 2006-09-27 | Asahi Glass Company Ltd. | Fluorocopolymer |
US20040019564A1 (en) | 2002-07-26 | 2004-01-29 | Scott Goldthwaite | System and method for payment transaction authentication |
US7616784B2 (en) | 2002-07-29 | 2009-11-10 | Robert William Kocher | Method and apparatus for contactless hand recognition |
US7822688B2 (en) | 2002-08-08 | 2010-10-26 | Fujitsu Limited | Wireless wallet |
US20040107170A1 (en) | 2002-08-08 | 2004-06-03 | Fujitsu Limited | Apparatuses for purchasing of goods and services |
US7494055B2 (en) | 2002-09-17 | 2009-02-24 | Vivotech, Inc. | Collaborative negotiation techniques for mobile personal trusted device financial transactions |
US20040059923A1 (en) | 2002-09-25 | 2004-03-25 | Shamrao Andrew Divaker | Systems and methods for authentication |
US7561183B1 (en) | 2002-10-08 | 2009-07-14 | Unisys Corporation | Mobile issuance of official documents with biometric information encoded thereon |
US20040083170A1 (en) | 2002-10-23 | 2004-04-29 | Bam Ajay R. | System and method of integrating loyalty/reward programs with payment identification systems |
US7213047B2 (en) | 2002-10-31 | 2007-05-01 | Sun Microsystems, Inc. | Peer trust evaluation using mobile agents in peer-to-peer networks |
AU2003293125A1 (en) | 2002-11-27 | 2004-06-23 | Rsa Security Inc | Identity authentication system and method |
US7571140B2 (en) * | 2002-12-16 | 2009-08-04 | First Data Corporation | Payment management |
US7319757B2 (en) * | 2003-01-02 | 2008-01-15 | Intel Corporation | Wireless communication device and method for over-the-air application service |
JP4397212B2 (en) * | 2003-02-05 | 2010-01-13 | 富士フイルム株式会社 | Identification device |
US7373657B2 (en) | 2003-03-10 | 2008-05-13 | Avaya Technology Corp. | Method and apparatus for controlling data and software access |
US6983882B2 (en) | 2003-03-31 | 2006-01-10 | Kepler, Ltd. | Personal biometric authentication and authorization device |
JP4240297B2 (en) * | 2003-04-21 | 2009-03-18 | ソニー株式会社 | Terminal device, authentication terminal program, device authentication server, device authentication program |
US8014570B2 (en) | 2004-11-16 | 2011-09-06 | Activcard, Inc. | Method for improving false acceptance rate discriminating for biometric authentication systems |
US8751801B2 (en) | 2003-05-09 | 2014-06-10 | Emc Corporation | System and method for authenticating users using two or more factors |
US20070038867A1 (en) | 2003-06-02 | 2007-02-15 | Verbauwhede Ingrid M | System for biometric signal processing with hardware and software acceleration |
GB0315278D0 (en) | 2003-06-30 | 2003-08-06 | Nokia Corp | A method for optimising handover between communication networks |
US20050039027A1 (en) | 2003-07-25 | 2005-02-17 | Shapiro Michael F. | Universal, biometric, self-authenticating identity computer having multiple communication ports |
ATE460816T1 (en) | 2003-08-13 | 2010-03-15 | Roamware Inc | SIGNALING GATEWAY WITH A MULTIPLE IMSI WITH MULTIPLE MSISDN (MIMM) SERVICE IN A SINGLE SIM FOR MULTIPLE ROAMING PARTNERS |
US7788480B2 (en) | 2003-11-05 | 2010-08-31 | Cisco Technology, Inc. | Protected dynamic provisioning of credentials |
JP4311174B2 (en) | 2003-11-21 | 2009-08-12 | 日本電気株式会社 | Authentication method, mobile radio communication system, mobile terminal, authentication side device, authentication server, authentication proxy switch, and program |
US7548981B1 (en) | 2004-03-03 | 2009-06-16 | Sprint Spectrum L.P. | Biometric authentication over wireless wide-area networks |
US20050210270A1 (en) | 2004-03-19 | 2005-09-22 | Ceelox, Inc. | Method for authenticating a user profile for providing user access to restricted information based upon biometric confirmation |
WO2005098744A2 (en) | 2004-04-06 | 2005-10-20 | Rf Intelligent Systems, Inc. | Handheld biometric computer for 2d/3d image capture |
US7748617B2 (en) | 2004-04-12 | 2010-07-06 | Gray R O'neal | Electronic identification system |
US7412039B2 (en) | 2004-04-23 | 2008-08-12 | International Business Machines Corporation | Method and system for verifying an attachment file within an e-mail |
US20060013512A1 (en) * | 2004-07-14 | 2006-01-19 | Shaw Raymond R | Foldable blank in use with a bag material for securing and retaining articles of evidence in tamper-evident fashion |
JP4295172B2 (en) * | 2004-07-21 | 2009-07-15 | 富士通マイクロエレクトロニクス株式会社 | Charged particle beam exposure method and charged particle beam exposure apparatus |
WO2006039946A1 (en) | 2004-10-15 | 2006-04-20 | Paul Rifai | System and method for transaction payment in multiple languages and currencies |
US7865448B2 (en) | 2004-10-19 | 2011-01-04 | First Data Corporation | Methods and systems for performing credit transactions with a wireless device |
US7974234B2 (en) | 2004-10-22 | 2011-07-05 | Alcatel Lucent | Method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes |
US7489781B2 (en) | 2004-10-29 | 2009-02-10 | Research In Motion Limited | Secure peer-to-peer messaging invitation architecture |
WO2006055714A2 (en) | 2004-11-19 | 2006-05-26 | Triad Biometrics, Llc | Methods and systems for use in biomeiric authentication and/or identification |
US7606559B2 (en) | 2004-12-21 | 2009-10-20 | Nokia Corporation | System, and associated terminal, method and computer program product for forwarding content and providing digital rights management of the same |
JP4578485B2 (en) | 2005-01-05 | 2010-11-10 | 富士通株式会社 | Authentication system for information processing terminal using portable information processing device |
US8700729B2 (en) | 2005-01-21 | 2014-04-15 | Robin Dua | Method and apparatus for managing credentials through a wireless network |
CA2596592A1 (en) | 2005-02-01 | 2006-08-10 | Source, Inc. | Secure transaction system |
NZ560464A (en) | 2005-02-04 | 2010-10-29 | Qualcomm Inc | Secure bootstrapping for wireless communications |
US20060206724A1 (en) | 2005-02-16 | 2006-09-14 | David Schaufele | Biometric-based systems and methods for identity verification |
US8079079B2 (en) | 2005-06-29 | 2011-12-13 | Microsoft Corporation | Multimodal authentication |
US20070040017A1 (en) | 2005-08-22 | 2007-02-22 | Douglas Kozlay | Wireless biometric cardholder apparatus, method, & system |
US7849501B2 (en) | 2005-09-30 | 2010-12-07 | At&T Intellectual Property I, L.P. | Methods and systems for using data processing systems in order to authenticate parties |
US20070186115A1 (en) | 2005-10-20 | 2007-08-09 | Beijing Watch Data System Co., Ltd. | Dynamic Password Authentication System and Method thereof |
JP4736744B2 (en) | 2005-11-24 | 2011-07-27 | 株式会社日立製作所 | Processing device, auxiliary information generation device, terminal device, authentication device, and biometric authentication system |
JP5142510B2 (en) | 2005-11-25 | 2013-02-13 | オセ−テクノロジーズ ビーブイ | Graphical user interface providing method and system |
US8433919B2 (en) | 2005-11-30 | 2013-04-30 | Proxense, Llc | Two-level authentication for secure transactions |
US8112632B2 (en) | 2005-11-30 | 2012-02-07 | At&T Intellectual Property I, L.P. | Security devices, systems and computer program products |
US8191161B2 (en) | 2005-12-13 | 2012-05-29 | Microsoft Corporation | Wireless authentication |
US20070140145A1 (en) | 2005-12-21 | 2007-06-21 | Surender Kumar | System, method and apparatus for authentication of nodes in an Ad Hoc network |
US20070156436A1 (en) * | 2005-12-31 | 2007-07-05 | Michelle Fisher | Method And Apparatus For Completing A Transaction Using A Wireless Mobile Communication Channel And Another Communication Channel |
US9137012B2 (en) | 2006-02-03 | 2015-09-15 | Emc Corporation | Wireless authentication methods and apparatus |
US8001055B2 (en) | 2006-02-21 | 2011-08-16 | Weiss Kenneth P | Method, system and apparatus for secure access, payment and identification |
US8234220B2 (en) | 2007-02-21 | 2012-07-31 | Weiss Kenneth P | Universal secure registry |
US20070245152A1 (en) | 2006-04-13 | 2007-10-18 | Erix Pizano | Biometric authentication system for enhancing network security |
US7552467B2 (en) | 2006-04-24 | 2009-06-23 | Jeffrey Dean Lindsay | Security systems for protecting an asset |
US20070265984A1 (en) | 2006-04-24 | 2007-11-15 | Prakash Santhana | Financial transaction using mobile devices |
US8356171B2 (en) | 2006-04-26 | 2013-01-15 | Cisco Technology, Inc. | System and method for implementing fast reauthentication |
US8441342B2 (en) | 2006-05-15 | 2013-05-14 | Nxp B.V. | Pseudo-random authentification code altering scheme for a transponder and a base station |
US7657639B2 (en) | 2006-07-21 | 2010-02-02 | International Business Machines Corporation | Method and system for identity provider migration using federated single-sign-on operation |
US9177314B2 (en) * | 2006-08-14 | 2015-11-03 | Chijioke Chukwuemeka UZO | Method of making secure electronic payments using communications devices and biometric data |
US20090298514A1 (en) | 2006-09-14 | 2009-12-03 | Shah Ullah | Real world behavior measurement using identifiers specific to mobile devices |
GB0621189D0 (en) | 2006-10-25 | 2006-12-06 | Payfont Ltd | Secure authentication and payment system |
US8646056B2 (en) | 2007-05-17 | 2014-02-04 | U.S. Cellular Corporation | User-friendly multifactor mobile authentication |
US20090083544A1 (en) * | 2007-08-23 | 2009-03-26 | Andrew Scholnick | Security process for private data storage and sharing |
WO2009035674A1 (en) | 2007-09-14 | 2009-03-19 | Security First Corporation | Systems and methods for managing cryptographic keys |
US7766223B1 (en) | 2007-11-08 | 2010-08-03 | Mello Steven M | Method and system for mobile services |
US20090144814A1 (en) | 2007-12-03 | 2009-06-04 | Sacco John S | Automated Credentialing for Physicians and Other Professionals |
US8244211B2 (en) | 2008-02-07 | 2012-08-14 | Inflexis Llc | Mobile electronic security apparatus and method |
US20090247186A1 (en) | 2008-03-28 | 2009-10-01 | University Of South Carolina | Dynamic Localization Using Geographical Information Systems |
US8209744B2 (en) | 2008-05-16 | 2012-06-26 | Microsoft Corporation | Mobile device assisted secure computer network communication |
ES2373476T3 (en) | 2008-07-01 | 2012-02-03 | Vodafone Holding Gmbh | PROCEDURE AND DEVICE FOR GENERATING A PASSWORD DEPENDENT ON TIME. |
US8122840B2 (en) | 2008-07-02 | 2012-02-28 | Harper Justin A | Transom stern hull form and appendages for improved hydrodynamics |
US8165080B2 (en) | 2008-08-22 | 2012-04-24 | Qualcomm Incorporated | Addressing schemes for wireless communication |
US8290474B2 (en) | 2008-10-09 | 2012-10-16 | Nokia Corporation | Method, apparatus and computer program product for providing smart card security |
DE102009004490A1 (en) | 2009-01-09 | 2010-07-15 | T-Mobile International Ag | Method and system for authenticating network nodes of a peer-to-peer network |
WO2010114205A1 (en) | 2009-03-29 | 2010-10-07 | Lg Electronics Inc. | Method and apparatus for providing enhanced address book with automatic contact management |
EP2503509A4 (en) | 2009-11-17 | 2018-01-17 | Hitachi Industry & Control Solutions, Ltd. | Authentication system using organism information, and authentication device |
US8997975B2 (en) | 2010-08-13 | 2015-04-07 | Habasit Ag | Sprockets for a flexible conveyor belt and conveyor belt system |
US8310314B2 (en) | 2010-09-06 | 2012-11-13 | Mediatek Inc. | Signal amplification circuits for receiving/transmitting signals according to input signal |
US8613052B2 (en) | 2010-09-17 | 2013-12-17 | Universal Secure Registry, Llc | Apparatus, system and method employing a wireless user-device |
US9596237B2 (en) | 2010-12-14 | 2017-03-14 | Salt Technology, Inc. | System and method for initiating transactions on a mobile device |
US8380637B2 (en) | 2011-01-16 | 2013-02-19 | Yerucham Levovitz | Variable fractions of multiple biometrics with multi-layer authentication of mobile transactions |
US20130307670A1 (en) | 2012-05-15 | 2013-11-21 | Jonathan E. Ramaci | Biometric authentication system |
US8763101B2 (en) | 2012-05-22 | 2014-06-24 | Verizon Patent And Licensing Inc. | Multi-factor authentication using a unique identification header (UIDH) |
US8959032B2 (en) | 2012-10-10 | 2015-02-17 | Quisk, Inc. | Self-authenticating peer to peer transaction |
US8594632B1 (en) | 2012-12-11 | 2013-11-26 | Intel Corporation | Device to-device (D2D) discovery without authenticating through cloud |
US8814046B1 (en) * | 2013-03-14 | 2014-08-26 | Looppay Inc | System and method for a baseband nearfield magnetic stripe data transmitter |
US10366391B2 (en) | 2013-08-06 | 2019-07-30 | Visa International Services Association | Variable authentication process and system |
-
2009
- 2009-02-26 US US12/393,586 patent/US8234220B2/en not_active Expired - Fee Related
-
2011
- 2011-09-20 US US13/237,184 patent/US8577813B2/en active Active
-
2013
- 2013-11-04 US US14/071,126 patent/US20140149295A1/en not_active Abandoned
-
2016
- 2016-02-17 US US15/045,408 patent/US20160162903A1/en not_active Abandoned
-
2017
- 2017-07-27 US US15/661,943 patent/US20170323300A1/en not_active Abandoned
- 2017-07-27 US US15/661,955 patent/US20170323301A1/en not_active Abandoned
- 2017-08-24 US US15/685,813 patent/US20170372321A1/en not_active Abandoned
-
2019
- 2019-10-02 US US16/590,863 patent/US20200034849A1/en not_active Abandoned
- 2019-10-02 US US16/590,872 patent/US10733607B2/en not_active Expired - Fee Related
-
2020
- 2020-03-27 US US16/833,006 patent/US10832245B2/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5870723A (en) * | 1994-11-28 | 1999-02-09 | Pare, Jr.; David Ferrin | Tokenless biometric transaction authorization method and system |
US6016476A (en) * | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
US7597250B2 (en) * | 2003-11-17 | 2009-10-06 | Dpd Patent Trust Ltd. | RFID reader with multiple interfaces |
US20070197261A1 (en) * | 2004-03-19 | 2007-08-23 | Humbel Roger M | Mobile Telephone All In One Remote Key Or Software Regulating Card For Radio Bicycle Locks, Cars, Houses, And Rfid Tags, With Authorisation And Payment Function |
US20070274242A1 (en) * | 2004-07-29 | 2007-11-29 | Kevin Lamacraft | Multi-tag emulator |
US20070131759A1 (en) * | 2005-12-14 | 2007-06-14 | Cox Mark A | Smartcard and magnetic stripe emulator with biometric authentication |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10942997B2 (en) * | 2014-08-12 | 2021-03-09 | At&T Intellectual Property I, L.P. | Multi-factor authentication |
Also Published As
Publication number | Publication date |
---|---|
US10832245B2 (en) | 2020-11-10 |
US20170372321A1 (en) | 2017-12-28 |
US20200034850A1 (en) | 2020-01-30 |
US20120130904A1 (en) | 2012-05-24 |
US8234220B2 (en) | 2012-07-31 |
US10733607B2 (en) | 2020-08-04 |
US20200226611A1 (en) | 2020-07-16 |
US20140149295A1 (en) | 2014-05-29 |
US20170323300A1 (en) | 2017-11-09 |
US20090292641A1 (en) | 2009-11-26 |
US20160162903A1 (en) | 2016-06-09 |
US20170323301A1 (en) | 2017-11-09 |
US8577813B2 (en) | 2013-11-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10832245B2 (en) | Universal secure registry | |
US9530137B2 (en) | Method and apparatus for secure access payment and identification | |
US10636023B2 (en) | Universal secure registry | |
US11227676B2 (en) | Universal secure registry | |
EP2248059B1 (en) | Universal secure registry | |
WO2007146771A2 (en) | Universal secure registry |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |