System and method for NFC peer-to-peer authentication and secure data transfer
US-9312926-B2 · Apr 12, 2016 · US
Access control system with automatic mobile credentialing service hand-off
US10062226B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10062226-B2 |
| Application number | US-201515528829-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 1, 2015 |
| Priority date | Dec 2, 2014 |
| Publication date | Aug 28, 2018 |
| Grant date | Aug 28, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method of initializing a mobile device to operate in a mobile credentialing system, the method including sending an authorization code and host URL from a hotel loyalty application to a mobile credential library of a mobile application on a mobile device, the mobile device operable to perform a first sync with a credential service to establish an ongoing trust relationship between the mobile credential library and the credential service such that the mobile application is operable to interact with an access control without the user of the mobile device knowing either an authorization code or a host location of the credential service.
First claim
Opening claim text (preview).
What is claimed: 1. A method of initializing a mobile device to operate in a mobile credentialing system, the method comprising: sending an authorization code and a host Uniform Resource Locator (URL) to a mobile credential library of a mobile application on a mobile device, the mobile device operable to perform a first sync with a credential service to establish an ongoing trust relationship between the mobile credential library and the credential service such that the mobile application is operable to interact with an access control without a user of the mobile device knowing either the authorization code or the host URL of the credential service; and handing-off from a first trust relationship to the ongoing trust relationship between the mobile credential library and the credential service, wherein the first trust relationship is between a user's account or a user of loyalty account on a loyalty application and a service, and a second trust relationship is between the service and the credential service based on a service-to-service authorization, the second trust relationship different than the first trust relationship. 2. The method as recited in claim 1 , further comprising an automatic hand-off from the first trust relationship to the ongoing trust relationship between the mobile credential library and the credential service. 3. The method as recited in claim 2 , wherein the first trust relationship is between the user's account on the loyalty application and the service, the user's account comprising an ID and password. 4. The method as recited in claim 1 , wherein the service is a hotel service based on a hotel loyalty account authorization. 5. The method as recited in claim 1 , further comprising generating mobile credentials at the credential service for download to the credential library. 6. The method as recited in claim 5 , wherein the mobile credentials are for an associated user ID account. 7. The method as recited in claim 1 , wherein the mobile device includes a smartphone. 8. The method as recited in claim 7 , wherein the access control is a lock. 9. The method as recited in claim 7 , wherein the access control is a lock box. 10. The method as recited in claim 1 , further comprising creating a 3rd trust relationship between the mobile credential library and the credential service, the credential service generating mobile credentials to the mobile credential library for the associated user during the first sync and thereafter. 11. The method as recited in claim 1 , wherein the credential service is hosted from one of a multiple of locations. 12. The method as recited in claim 11 , wherein the one of the multiple of locations are selected for geographic load distribution. 13. The method as recited in claim 1 , wherein the mobile library decrypts the authorization code, validates the code, and retrieves a mobile library serial number contained in the authorization code. 14. The method as recited in claim 13 , wherein the mobile library uses information contained in the authorization code to perform the first sync with a credential service and to authenticate. 15. The method as recited in claim 14 , wherein the credential service validates the first sync information and then establishes the ongoing trust relationship between the mobile credential library and the credential service. 16. A method of initializing a mobile device to operate in a mobile credentialing system, the method comprising: creating a secure connection to a system and sending a password for validation to the system to validate the authenticity of a loyalty account on a loyalty application of a mobile device, and, by association, an authenticity and an identity of a user of loyalty account or a user's account; sending a request to a credentialing service from the system to request an authorization code for a user identification; generating an authorization code that is associated with a mobile credentialing account from the credential service; unlocking the mobile credentialing account associated with the authorization code to allow a ‘first sync’ from the credential service; returning the authorization code to the system from the credential service host location; downloading the authorization code to the loyalty application with the credential service host location; sending an authorization code and a host Uniform Resource Locator (URL) to a mobile credential library of a mobile application on a mobile device, the mobile device operable to perform a first sync with a credential service to establish an ongoing trust relationship between the mobile credential library and the credential service such that the mobile application is operable to interact with an access control without the user of the mobile device knowing either the authorization code or the host URL of the credential service; handing-off from a first trust relationship to the ongoing trust relationship between the mobile credential library and the credential service, wherein the first trust relationship is between the user's account on the loyalty application and a service, and a second trust relationship is between the service and the credential service based on a service-to-service authorization, the second trust relationship different than the first trust relationship; and creating a 3rd trust relationship between the mobile credential library and the credential service, the credential service generating mobile credentials to the mobile credential library for the associated user during the first sync and thereafter. 17. The method as recited in claim 16 , wherein the credential service is hosted from one of a multiple of locations. 18. The method as recited in claim 17 , wherein the one of the multiple of locations are selected for geographic load distribution. 19. The method as recited in claim 16 , wherein the mobile library decrypts the authorization code, validates the code, and retrieves a mobile library serial number contained in the authorization code. 20. The method as recited in claim 19 , wherein the mobile library uses information contained in the authorization code to perform the first sync with a credential service and to authenticate. 21. The method as recited in claim 20 , wherein the credential service validates the first sync information and then establishes the ongoing trust relationship between the mobile credential library and the credential service. 22. The method as recited in claim 16 , wherein the first trust relationship is between the user's account on a loyalty application and the service is a hotel service.
Assignees
Inventors
Classifications
- G07C9/00571Primary
operated by interacting with a central unit · CPC title
Access security · CPC title
for hotels, motels, office buildings or the like · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10062226B2 cover?
- A method of initializing a mobile device to operate in a mobile credentialing system, the method including sending an authorization code and host URL from a hotel loyalty application to a mobile credential library of a mobile application on a mobile device, the mobile device operable to perform a first sync with a credential service to establish an ongoing trust relationship between the mobile …
- Who is the assignee on this patent?
- Carrier Corp
- What technology area does this patent fall under?
- Primary CPC classification G07C9/00571. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 28 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).