Security, Fraud Detection, and Fraud Mitigation in Device-Assisted Services Systems
US-2017188232-A1 · Jun 29, 2017 · US
Authenticating based on a hardware identifier
US10706404B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10706404-B2 |
| Application number | US-201916382628-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 12, 2019 |
| Priority date | Jun 5, 2013 |
| Publication date | Jul 7, 2020 |
| Grant date | Jul 7, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system and method are disclosed herein leveraging financial networks standards with mobile device data and secure processing and storage environment knowledge to authenticate a device. For instance, a party to a transaction may utilize these elements of information, not traditionally associated with wireless transactions, to achieve a lower probability of fraud and/or a higher confidence associated with the transaction.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method comprising: receiving, by a computer, a transaction request message having a mobile device hardware identifier and a mobile device secure processing identifier and requesting a transfer of an amount of value; validating, by the computer, the mobile device hardware identifier based at least in part on comparing the mobile device hardware identifier with an expected mobile device hardware identifier; validating, by the computer, the mobile device secure processing identifier based at least in part on comparing the mobile device secure processing identifier with an expected mobile device secure processing identifier; appending, by the computer, transaction account information of a mobile device user to the transaction request message to create an appended transaction request message in response to the mobile device hardware identifier and the mobile device secure processing identifier being validated, the transaction account information indicating a source of funding for the amount of value; and transmitting, by the computer, the appended transaction request message for authorization. 2. The method of claim 1 , further comprising associating, by the computer, the mobile device hardware identifier and the mobile device secure processing identifier with a mobile device user identifier of the mobile device user. 3. The method of claim 1 , further comprising transmitting, by the computer, public key data and private key data to a mobile device, wherein the private key data is appended to the transaction request message to create a signed message, and wherein the public key data is appended to the signed message. 4. The method of claim 3 , further comprising verifying, by the computer, that the public key data and the private key data are correct. 5. The method of claim 1 , wherein at least one of the expected mobile device hardware identifier or the expected mobile device secure processing identifier are associated with public key data. 6. The method of claim 1 , wherein the transaction account information is not stored to a memory coupled to a mobile device. 7. The method of claim 1 , wherein at least one of the expected mobile device hardware identifier and the expected mobile device secure processing identifier are captured by a mobile network operator. 8. The method of claim 1 , wherein the mobile device secure processing identifier comprises an International Mobile Subscriber Identity (IMSI) code. 9. The method of claim 1 , wherein the mobile device hardware identifier comprises an International Mobile Equipment Identity (IMEI) code. 10. The method of claim 1 , further comprising: validating, by the computer, mobile device location information based at least in part on comparing mobile device location information captured from the transaction request message with expected mobile device location information. 11. The method of claim 10 , wherein the mobile device location information captured during transmitting of the transaction request message via the mobile device are captured by a mobile network operator. 12. The method of claim 10 , wherein the mobile device location information comprises a Mobile Subscriber Integrated Services Digital Network Number (MSISDN). 13. The method of claim 1 , wherein the appended transaction request message is formatted into International Organization for Standardization format. 14. The method of claim 1 , wherein a transaction application locates the mobile device hardware identifier from an operating system of the mobile device. 15. The method of claim 1 , further comprising pre-provisioning a secure memory location for receiving at least one of public key data or private key data prior to issuing a secure processing and storage environment for use on a mobile network. 16. The method of claim 1 , further comprising providing to an electronic registry at least one of the expected mobile device hardware identifier or the expected mobile device secure processing identifier. 17. The method of claim 1 , wherein a trusted certificate authority working with a mobile network operator transmits at least one of private key data or public key data to a secure processing environment. 18. The method of claim 1 , further comprising restricting the transaction request message from being sent in response to at least one of public key data, private key date, the mobile device hardware identifier or the mobile device secure processing identifier being incorrect. 19. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer, cause the computer to perform operations comprising: receiving, by the computer, a transaction request message having a mobile device hardware identifier and a mobile device secure processing identifier and requesting a transfer of an amount of value; validating, by the computer, the mobile device hardware identifier based at least in part on comparing the mobile device hardware identifier with an expected mobile device hardware identifier; validating, by the computer, the mobile device secure processing identifier based at least in part on comparing the mobile device secure processing identifier with an expected mobile device secure processing identifier; appending, by the computer, transaction account information of a mobile device user to the transaction request message to create an appended transaction request message in response to the mobile device hardware identifier and the mobile device secure processing identifier being validated, the transaction account information indicating a source of funding for the amount of value; and transmitting, by the computer, the appended transaction request message for authorization. 20. A system comprising: a processor; and a tangible, non-transitory memory communicating with the processor, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising: receiving, by the processor, a transaction request message having a mobile device hardware identifier and a mobile device secure processing identifier and requesting a transfer of an amount of value; validating, by the processor, the mobile device hardware identifier based at least in part on comparing the mobile device hardware identifier with an expected mobile device hardware identifier; validating, by the processor, the mobile device secure processing identifier based at least in part on comparing the mobile device secure processing identifier with an expected mobile device secure processing identifier; appending, by the processor, transaction account information of a mobile device user to the transaction request message to create an appended transaction request message in response to the mobile device hardware identifier and the mobile device secure processing identifier being validated, the transaction account information indicating a source of funding for the amount of value; and transmitting, by the processor, the appended transaction request message for authorization.
Assignees
Inventors
Classifications
Counter-measures against attacks; Protection against rogue devices · CPC title
using certificates or pre-shared keys · CPC title
Key distribution or pre-distribution; Key agreement · CPC title
Key generation or derivation · CPC title
Detection or prevention of fraud · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10706404B2 cover?
- A system and method are disclosed herein leveraging financial networks standards with mobile device data and secure processing and storage environment knowledge to authenticate a device. For instance, a party to a transaction may utilize these elements of information, not traditionally associated with wireless transactions, to achieve a lower probability of fraud and/or a higher confidence asso…
- Who is the assignee on this patent?
- American Express Travel Related Services Co Inc
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/3223. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jul 07 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).