Two-level authentication for secure transactions
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
G06Q-020/40
G06F-021/31
G06F-021/32
G06F-021/34
G06Q-020/34
G07C-009/00
G07F-007/10
H04L-029/06
H04W-012/06
출원번호
US-0857905
(2013-04-05)
등록번호
US-9990628
(2018-06-05)
발명자
/ 주소
Giobbi, John J.
출원인 / 주소
Proxense, LLC
대리인 / 주소
Patent Law Works LLP
인용정보
피인용 횟수 :
0인용 특허 :
122
초록▼
A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A Personal Digital Key stores one or more profiles (e.g., a biometric profile) in a tamper-proof memory that is acquired in a secure trusted process. Biome
A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A Personal Digital Key stores one or more profiles (e.g., a biometric profile) in a tamper-proof memory that is acquired in a secure trusted process. Biometric profiles comprise a representation of physical or behavioral characteristics that are uniquely associated with an individual that owns and carries the PDK. The PDK wirelessly transmits the biometric profile over a secure wireless transaction to a Reader for use in a biometric authentication process. The Reader compares the received biometric profile to a biometric input acquired at the point of transaction in order to determine if the transaction should be authorized.
대표청구항▼
1. A method comprising: receiving, at a biometric reader, a biometric input, a personal digital key (PDK) comprising the biometric reader;generating, at the PDK, biometric data based on the biometric input;retrieving, from a secured memory element of the PDK, a biometric profile sample comprising bi
1. A method comprising: receiving, at a biometric reader, a biometric input, a personal digital key (PDK) comprising the biometric reader;generating, at the PDK, biometric data based on the biometric input;retrieving, from a secured memory element of the PDK, a biometric profile sample comprising biometric information, wherein the biometric profile sample is associated with a biometric profile associated with an individual;comparing, at the PDK, the information of the biometric profile sample to the biometric data based on the biometric input;subsequent to a determination of a match between the biometric data based on the biometric input and the biometric profile sample, retrieving, from the secured memory element of the PDK, the biometric profile associated with the individual;comparing, at the PDK, the biometric data based on the biometric input to the biometric profile;transmitting, by the PDK via radio, purchasing means information associated with the PDK, the purchasing means information used by a first remote registry administered by a trusted third-party organization in a first validation, the first validation subsequent to determining that the biometric data based on the biometric input matches the biometric profile,wherein a transaction with a merchant is authorized based on the first validation using the purchasing means information associated with the PDK and wirelessly transmitted subsequent to the comparison between the biometric profile and the biometric data based on the biometric input. 2. The method of claim 1 further comprising: establishing a secure communication channel with a second remote registry,wherein a PDK identifier is transmitted to the second remote registry using the secure communication channel,wherein a second validation is performed prior to comparing the information of the biometric sample to the biometric data and performed by the second remote registry, the second validation indicating whether the second remote registry determined the PDK is valid or invalid, andwherein the second remote registry includes a database administered by a trusted third-party organization and the PDK identifier is registered with the second remote registry. 3. The method of claim 1, wherein the biometric input comprises a representation of physical or behavioral characteristics derived from the individual. 4. The method of claim 1, wherein the biometric input comprises at least one of a fingerprint scan, a retinal scan, an iris scan, a facial scan, a palm scan, a DNA analysis, a signature analysis, and a voice analysis. 5. The method of claim 2, wherein the PDK identifier is transmitted subsequent to the PDK entering a proximity zone. 6. The method of claim 2, wherein the second validation of the PDK identifier comprises performing a challenge-response authentication to verify the PDK is valid, wherein the PDK further verifies validity of an external device. 7. The method of claim 1, further comprises: determining profile types available to the PDK;comparing the available profile types to profile types used to authorize the transaction. 8. The method of claim 1, further comprising one or more of displaying a representation of a purchasing means associated with the purchasing means information to a user, and allowing the user to select the purchasing means for the transaction from a plurality of purchasing means. 9. The method of claim 1, wherein purchasing means information is stored by the PDK and is associated with a funding source to be used to complete the transaction, wherein the transaction is a purchase. 10. The method of claim 1, further comprising: receiving a picture profile from the PDK comprising an image of the individual;verifying an identity of the individual based on the picture profile, the determination whether a transaction should be authorized based in part on the verification based on the picture profile. 11. The method of claim 1, further comprising: acquiring a personal identification number from the individual;receiving a PIN profile from the PDK; anddetermining if the acquired personal identification number matches the received PIN profile. 12. The method of claim 1, wherein generating the biometric data based on the biometric input comprises: computing a representation of the biometric input based on a mathematical hash of the biometric input. 13. The method of claim 1, wherein the PDK is integrated into one of a cell phone, a Personal Digital Assistant (PDA), an employee identification tag, clothing and jewelry. 14. The method of claim 1, the method further comprising: authorizing the transaction at an external device based on the determination. 15. The method of claim 1, wherein the secured memory element is tamper-resistant, the method further comprising writing the biometric profile to the tamper-resistant memory during a one time trusted initialization process. 16. An apparatus comprising: a biometric reader adapted to receive a biometric input and generate biometric data based on the biometric input;a secured memory element storing purchasing means information associated with a PDK, the purchasing means information used by a first remote registry administered by a trusted third-party organization in a first validation, a biometric profile sample comprising biometric information, wherein the biometric profile sample is associated with a biometric profile associated with an individual, and the biometric profile associated with the individual;a processor coupled to the secured memory element and the biometric reader, the processor adapted to compare the biometric profile sample to the biometric data based on the biometric input and determine that the biometric profile sample matches the biometric data based on the biometric input, and subsequent to a determination of a match between the biometric data based on the biometric input and the biometric profile sample, to compare the biometric data based on the biometric input to the biometric profile associated with the individual; anda radio communication interface coupled to the processor and to the secured memory element, the radio communication interface adapted to establish a secure communication channel, the radio communication interface adapted to transmit the purchasing means information associated with the PDK using the secure communication channel, wherein a transaction with a merchant is authorized based on the first validation of the purchasing means information associated with PDK and wirelessly transmitted, via radio, subsequent to the comparison between the biometric profile and the biometric data based on the biometric input. 17. The apparatus of claim 16, wherein the secure communication channel is to a second remote registry with which a PDK identifier is registered, the PDK identifier is transmitted to the second remote registry for validation. 18. The apparatus of claim 16, wherein the apparatus is a cell phone. 19. The apparatus of claim 16, wherein the apparatus is a watch. 20. A method comprising: receiving, from a personal digital key (PDK) comprising a biometric reader, purchasing means information at a first remote registry administered by a trusted third-party organization, the purchasing means information received subsequent to the PDK determining that biometric data based on a biometric input received by the biometric reader matches a biometric profile comprising biometric information stored in a secured memory element of the PDK, wherein the biometric information is associated with an individual, and wherein the biometric data based on the biometric input is compared to the biometric profile subsequent to a determination of a match between the biometric data based on the biometric input and a biometric profile sample stored in the secured memory element;validating, at the first remote registry administered by the trusted third-party organization, the purchasing means information; andauthorizing a transaction based on the validation of the purchasing means information received subsequent to the match between the biometric data based on the biometric input and the biometric profile stored in a secure element of the PDK, wherein the match between the biometric data based on the biometric input and the biometric profile stored in the secure element of the PDK determined subsequent to the determination of the match between the biometric data based on the biometric input and the biometric profile sample stored in the secured memory element.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (122)
Yap, Sue-Ken; Yourlo, Zhenya Alexander, Apparatus and method for distributing audio and video content.
Van Tilburg Johan,NLX ; Hekstra Andries Pieter,NLX, Authentication system wherein definition signals of two devices are altered, communicated between the two devices, and compared.
Matsuyama, Shinako; Ishibashi, Yoshihito; Futamura, Ichiro; Kon, Masashi; Watanabe, Hideaki, Content distribution system, content distribution method, information processing apparatus, and program providing medium.
Hatakeyama, Takahisa; Yoshioka, Makoto; Miyazawa, Yuji, Content usage control system, content usage apparatus, computer readable recording medium with program recorded for computer to execute usage method.
Steven T. Ansell ; Andrew R. Cherenson ; Mark E. Paley ; Steven B. Katz ; John Michael Kelsey, Jr. ; Bruce Schneier, Copy security for portable music players.
Dickinson, Alexander G.; Rohrbach, Mark D.; Clayton, Richard F.; Stark, Gregory H.; Ferrante, Michelle, Cryptographic server with provisions for interoperability between cryptographic systems.
Jones, Thomas C.; Brackenridge, Billy, Digital content distribution, transmission and protection system and method, and portable device for use therewith.
Rosin Robert ; Hsu P. Robert ; Sonoda Yumie ; Niijima Makoto,JPX ; Nakano Hiroaki, Internet content and television programming selectively displaying system.
Hammersley Scott D. (Rochester MN) Smet Arthur D. (Rochester MN) Wottreng Peter M. (Rochester MN), Method and apparatus for intraprocess locking of a shared resource in a computer system.
Adams, William Mark; Coyne, John Robert; Coyne, Christopher Andrew; Wallace, Raymond Munson, Method and system for creating and operating biometrically enabled multi-purpose credential management devices.
Schena, Robert J.; Anderer, Mike; Ritz, Peter B.; Bernstein, Mike, Method for managing printed medium activated revenue sharing domain name system schemas.
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
Kato Naotaka,JPX ; Kanada Yoshihisa,JPX, Methods and apparatus for downloading data between an information processing device and an external device via a wireless communications technique.
Naotaka Kato JP; Yoshihisa Kanada JP, Methods and apparatus for downloading data between an information processing device and an external device via a wireless communications technique.
Blair William (1154 W. Lunt ; Apt. 302 Chicago IL 60626) Brooks Stanley J. (P.O. Box 906 Douglas GA 31533), Microprocessor controlled security system for computers.
Maes Stephane Herman ; Sedivy Jan,CSX, Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security.
Campinos Arnaldo,FRX ; Fischer Jean-Bernard,FRX, Process for protecting an information item transmitted from a security element to a decoder and protection system using such a process.
Bowers John H. ; Clare Thomas J., RFID tags which are virtually activated and/or deactivated and apparatus and methods of using same in an electronic security system.
Handelman Doron (Givataim ILX) Kranc Moshe (Jerusalem ILX) Fink David (Jerusalem ILX) Zucker Arnold (Ramat Modiim ILX) Smith Perry (Jerusalem ILX) Bar-On Gerson (Kohav Hashahar ILX), Secure access systems and methods utilizing two access cards.
Kamibayashi,Tooru; Yamada,Hisashi; Iwasaki,Hiroshi; Tamura,Masafumi; Ishibashi,Yasuhiro; Kato,Taku; Tatebayashi,Makoto; Harada,Shunji; Katsuta,Noboru, Storage medium and contents protection method using the storage medium.
Michael S. Kupka ; Michael G. Lundgren, System for prepayment of electronic content using removable media and for prevention of unauthorized copying of same.
Getsin, Evgeniy M.; Lamkin, Allan B.; Collart, Todd R., System, method and article of manufacture for remote unlocking of local content located on a client device.
Bianco Peter Garrett ; Boon William Taylor ; Sterling Robert Brewster ; Ware Karl Roger, System, method and computer program product for allowing access to enterprise resources using biometric devices.
Lapsley, Philip Dean; Lee, Jonathan Alexander; Pare, Jr., David Ferrin; Hoffman, Ned, Tokenless biometric electronic financial transactions via a third party identicator.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.