Methods and apparatus for conducting electronic transactions
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06Q-020/00
G06F-007/04
출원번호
US-0086143
(2011-04-13)
등록번호
US-8423476
(2013-04-16)
발명자
/ 주소
Bishop, Fred A.
Saunders, Peter D.
출원인 / 주소
American Express Travel Related Services Company, Inc.
대리인 / 주소
Snell & Wilmer L.L.P.
인용정보
피인용 횟수 :
16인용 특허 :
151
초록▼
A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrum
A system and method for facilitating electronic transactions using an intelligent instrument is disclosed. An authorization server enables users to obtain authorization credentials through the use of the intelligent instrument by issuing a challenge to an intelligent token of the intelligent instrument. The intelligent token generates a challenge response and transmits the challenge response to the authorization server, which assembles credentials including a key for the electronic transaction upon validating the response. The authorization server sends the assembled credentials to the intelligent instrument and the intelligent instrument transmits the assembled credentials to the authorization server during a subsequent transaction. The authorization server validates the assembled credentials and provides authorization for the transaction in response to the validating the assembled credentials.
대표청구항▼
1. A method comprising: transmitting, by a computer-based system for conducting a transaction, a challenge to a client device having an intelligent token, wherein said intelligent token generates a challenge response that includes biometric data representing a biometric sample;receiving, by said com
1. A method comprising: transmitting, by a computer-based system for conducting a transaction, a challenge to a client device having an intelligent token, wherein said intelligent token generates a challenge response that includes biometric data representing a biometric sample;receiving, by said computer-based system, said challenge response;verifying, by said computer-based system, said biometric data;assembling, by said computer-based system and based on features of said biometric data, credentials in response to verifying said challenge response, wherein said assembled credentials include a key;transmitting, by said computer-based system, said assembled credentials to said client device;receiving, by said computer-based system, a request from said client device that includes at least a portion of said assembled credentials;validating, by said computer-based system, said portion of said assembled credentials with said key of said assembled credentials; andproviding, by said computer-based system, access to a transaction service in response to said validating. 2. The method of claim 1, wherein said biometric sample comprises at least one of an image, a series of images and a video, of a facial feature of an individual. 3. The method of claim 1, wherein said biometric sample is acquired by said client device. 4. The method of claim 1, wherein said client device comprises a mobile communication device equipped with a digital camera. 5. The method of claim 1, wherein said computer-based system is a trusted third-party server. 6. The method of claim 1, further comprising: receiving, by said computer-based system, initial credentials, wherein said initial credentials are received from a biometric interface coupled to said client device;modifying, by said computer-based system, said initial credentials using a first public key to create modified stored credentials;adding, by said computer-based system, a signature to said modified stored credentials by using a first private key;transmitting, by said computer-based system and to a validation server, said modified stored credentials, wherein said validation server validates said first signature, validates said modified stored credentials by using a second public key associated with said first public key, decrypts said modified credentials using a second private key, and stores said modified credentials;receiving, by said computer-based system, presented credentials from said client device;modifying, by said computer-based system, said presented credentials to create modified received credentials; andperforming, by said computer-based system, a credential validation procedure to determine whether a credential match threshold is met by matching values of said modified received credentials and values of said modified stored credentials. 7. The method of claim 1, wherein said providing access to said transaction service is further in response to a limited use Personal Identification Number (PIN). 8. The method of claim 7 further comprising: identifying, by said computer-based system, a primary account having an associated account number;receiving, by said computer-based system and from said intelligent token, a request for said limited use PIN;associating, by said computer-based system, said limited use PIN with said primary account;issuing, by said computer-based system, said limited use PIN to said intelligent token to facilitate said access to said transaction service;receiving, by said computer-based system, transaction information for authorization, wherein the transaction information includes said limited use PIN;processing, by said computer-based system, said transaction information to determine whether said transaction information includes said limited use PIN and interfacing with a limited use PIN system to determine whether authorization is appropriate, wherein authorization determination includes: receiving, by said computer-based system, account information associated with said account number;determining, by said computer-based system, whether conditions-of-use parameters associated with said limited use PIN are satisfied, the conditions-of-use parameters defining at least a predetermined restriction on use of the limited use PIN;issuing, by said computer-based system, an appropriate approval code, in response to conditions of use parameters associated with the limited use PIN and the primary account being satisfied; anddeclining, by said computer-based system, the authorization request in response to the conditions associated with the primary account and the limited use PIN not being satisfied. 9. The method of claim 1, further comprising: establishing, by said computer-based system, a master account for said client device;assigning, by said computer-based system, a pool of limited use account identifiers that correspond to said master account prior to a purchase by said client device, said pool of limited use account identifiers including a plurality of limited use account identifiers each identifying a separate financial account at an issuer, each formatted for processing by payment card networks, and each issued without an associated with an intelligent device, each of said pool of limited use account identifiers being different from said master account identifier;receiving, by said computer-based system and from said client device, a request for a purchase of an item from a merchant;identifying, by said computer-based system, said pool of limited use account identifiers associated with said client device; andassigning, by said computer-based system, one of said plurality of limited use account identifiers from said pool for use by said client device to access said transaction service. 10. The method of claim 1, further comprising: receiving, by said computer-based system, an initial authorization request, said initial authorization request including transaction information identifying a transaction including merchant information, an account identifier corresponding to a financial account, and a transaction amount;identifying, by said computer-based system, a pre-authorization record associated with said account identifier;determining, by said computer-based system, that said transaction amount complies with authorization criteria including a pre-authorized amount in said pre-authorization record, wherein said pre-authorization record corresponds to a predetermined purchase transaction;transmitting, by said computer-based system, an authorization message to said merchant;determining, by said computer-based system and based on said transaction information, that said transaction involves a partial shipment; andat least one of: updating, by said computer-based system, said pre-authorization record or creating, by said computer-based system, a new pre-authorization record in response to said transaction involving said partial shipment. 11. The method of claim 1, wherein said, verifying said challenge response comprises processing said response to verify said intelligent token. 12. The method of claim 1, further comprising receiving, by said computer-based system, a registration of a biometric sample, wherein said registration comprises a proffered biometric sample. 13. The method of claim 12, wherein said receiving said registration further comprises processing database information contained in at least one of: said intelligent token, an intelligent token reader, a biometric sensor, a remote server, or a merchant server. 14. The method of claim 13, wherein said comparing further comprises comparing said proffered biometric sample to said stored biometric sample by using at least one of a third-party security vendor device or a local CPU. 15. The method of claim 1, wherein said biometric sample comprises at least a portion of one of: voiceprint, fingerprint, facial features, ear features, sound signature, handwriting signature, vascular patterns, DNA, hand geometry, smell, keystroke/typing features, iris, retina, and brainwaves. 16. The method of claim 1, wherein said biometric sample is primarily associated with first user information, wherein said first user information comprises personal information, charge card information, debit card information, savings account information, membership information, PayPal account information, Western Union Account information, electronic bill payment information, automatic bill payment information and loyalty point information, and wherein said biometric sample is secondarily associated with at least one of second user information, wherein said second information comprises personal information, credit card information, debit card information, savings account information, membership information, PayPal account information, Western Union Account information, electronic bill payment information, automatic bill payment information and loyalty point information, and wherein said second user information is different than said first user information. 17. The method of claim 1, further comprising issuing, by said computer-based system, a secure token to said client device based on said validating, wherein said secure token at least one of: enables said transaction in accordance with rules associated with said secure token or enables authorization of said transaction independent of a transaction account issuer. 18. The method of claim 1, wherein said transaction service includes at least one of: access to view electronic file, access to download an electronic file, or a purchase authorization. 19. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer-based system for conducting a transaction, cause the computer-based system to perform operations comprising: transmitting, by said computer-based system, a challenge to a client device having an intelligent token, wherein said intelligent token generates a challenge response that includes biometric data representing a biometric sample;receiving, by said computer-based system, said challenge response;verifying, by said computer-based system, said biometric data;assembling, by said computer-based system and based on features of said biometric data, credentials in response to verifying said challenge response, wherein said assembled credentials include a key;transmitting, by said computer-based system, said assembled credentials to said client device;receiving, by said computer-based system, a request from said client device that includes at least a portion of said assembled credentials;validating, by said computer-based system, said portion of said assembled credentials with said key of said assembled credentials; andproviding, by said computer-based system, access to a transaction service in response to said validating. 20. A system comprising: a processor for conducting a transaction,a tangible, non-transitory memory configured to communicate with said processor,said tangible, non-transitory memory having instructions stored thereon that, in response to execution by said processor, cause said processor to perform operations comprising:transmitting, by said processor, a challenge to a client device having an intelligent token, wherein said intelligent token generates a challenge response that includes biometric data representing a biometric sample;receiving, by said processor, said challenge response;verifying, by said processor, said biometric data;assembling, by said processor and based on features of said biometric data, credentials in response to verifying said challenge response, wherein said assembled credentials include a key;transmitting, by said processor, said assembled credentials to said client device;receiving, by said processor, a request from said client device that includes at least a portion of said assembled credentials;validating, by said processor, said portion of said assembled credentials with said key of said assembled credentials; and providing, by said processor, access to a transaction service in response to said validating.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (151)
Gokcebay Asil T. (San Francisco CA), Access control system with mechanical keys which store data.
Davis Terry L. (Scottsdale AZ) Hart James A. (Radnor PA) O\Malley Michael F. (Glenside PA) Russell James F. (Hockessin DE) Sears John W. (Peoria AZ) Trice Philip H. (Phoenix AZ), Collection of value from stored value systems.
Rose Marshall T. ; Stein Lee H. ; Borenstein Nathaniel S. ; Lowery Carlyn M. ; New Darren ; Stefferud Einar, Computerized payment system for purchasing goods and services on the internet.
Stein Lee H. ; Stefferud Einar A. ; Borenstein Nathaniel S. ; Rose Marshall T., Computerized system for making payments and authenticating transactions over the internet.
Renner G. Fred ; Johnson Randall E. ; Chu-Jeng Caroline, Distinct smart card reader having wiegand, magnetic strip and bar code types emulation output.
Mansvelt Andre P. (171 ANderson Avenue Northcliff ; Johannesburg ; Transvaal ZAX) Belamant Serge C. P. (55 - 13th Street Parkmore ; Johannesburg ; Transvaal ZAX), Funds transfer system.
Glass Randal ; Salganicoff Marcos ; von Seelen Ulf Cahn, Method and apparatus for securely transmitting and authenticating biometric data over a network.
Biorge James E. ; Hauge Richard T. ; Svigals Jerome, Method and system for allocating and redeeming incentive credits between a portable device and a base device.
Friedes Albert (East Brunswick NJ) Perea Carlos A. (Bethlehem PA) Tsao Yao-Chung (Middletown NJ), Method and system for mediating transactions that use portable smart cards.
Bolle, Rudolf Maarten; Nunes, Sharon Louise; Pankanti, Sharathchandra; Ratha, Nalini Kanta; Smith, Barton Allen; Zimmerman, Thomas Guthrie, Method for biometric-based authentication in wireless communication for access control.
Bishop, Fred Alan; Glazer, Elliot Harold; Gorgol, Zygmunt Steven; Hohle, William G.; Johnson, Michael G.; Johnstone, David E; Lake, Walter Donald; Royer, Coby; Simkin, Marvin; Swift, Nick; White, Dirk B; Bennett, Russell, Methods and apparatus for conducting electronic transactions.
Maes Stephane Herman ; Sedivy Jan,CSX, Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security.
Dolan George M. (Charlotte NC) Holloway Christopher J. (Woking GB2) Matyas ; Jr. Stephen M. (Poughkeepsie NY), Public key data communications system under control of a portable security device.
Schick David (150-54 76th Rd. Flushing NY 11367) Bane Mark (141-17 72nd Crescent Flushing NY 11367), Self verifying transaction card with disabling capability.
Fox, Barbara L.; Waters, Lester L.; Spelman, Jeffrey F.; Seidensticker, Robert B.; Thomlinson, Matthew W., System and method for secure electronic commerce transaction.
Fox Barbara L. ; Waters Lester L. ; Spelman Jeffrey F. ; Seidensticker Robert B. ; Thomlinson Matthew W., System and method for secure electronic commerce transactions.
Dillaway Blair B. ; Barlow Douglas C. ; Lipscomb Terry M., System and method of using smart cards to perform security-critical operations requiring user authorization.
Hoehn-Saric Rudolph Christopher ; Nguyen Christopher L. ; Stevens Patrick D., System for administration of remotely-proctored, secure examinations and methods therefor.
Michael F. Guheen ; James D. Mitchell ; James J. Barrese, System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework.
Bogosian ; Jr. Charles A. (Warwick RI), System for verifying use of a credit/identification card including recording of physical attributes of unauthorized user.
Nguyen Trong ; Subramanian Mahadevan P. ; Haller Daniel R., System, method and article of manufacture for a gateway system architecture with system administration information acce.
Williams Humphrey ; Hughes Kevin ; Parmar Bipinkumar G., System, method and article of manufacture for network electronic authorization utilizing an authorization instrument.
Davis Terry L. ; Hart James A. ; Imperia Vincent A. ; Love Michael ; O'Malley Michael F. ; Russell James F. ; Sears John W. ; Trice Philip H., Transaction system comprising a first transportable integrated circuit device, a terminal, and a security device.
Davis Terry L. (Scottsdale AZ) Hart James A. (Radnor PA) Imperia Vincent A. (Tempe AZ) Love Michael (Wilmington DE) O\Malley Michael F. (Glenside PA) Russell James F. (Hockessin DE) Sears John W. (Pe, Transaction system for integrated circuit cards.
Pitroda Satyan G. (1480 Golden Bell Ct. Downers Grove IL 60515), Universal electronic transaction card including receipt storage and system and methods of conducting electronic transact.
Jost, Uwe Helmut; Woodland, Philip Charles; Katz, Marcel; Shahid, Syed Raza; Vozila, Paul J.; Ganong, III, William F., Data shredding for speech recognition acoustic model training under data retention restrictions.
Jost, Uwe Helmut; Woodland, Philip Charles; Katz, Marcel; Shahid, Syed Raza; Vozila, Paul J.; Ganong, III, William F., Data shredding for speech recognition language model training under data retention restrictions.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.