Methods and systems for authentication for high-risk communications
US-12137102-B2 · Nov 5, 2024 · US
Authentication using application authentication element
US9883387B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9883387-B2 |
| Application number | US-201213428431-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 23, 2012 |
| Priority date | Mar 24, 2011 |
| Publication date | Jan 30, 2018 |
| Grant date | Jan 30, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element. The application authentication element may include a pre-selected authentication element and transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may be received by the mobile communication device from the user. The mobile communication device may generate a secret token that is derived from the user authentication token. If the secret token is correlated to a secret reference token, then a transaction may be conducted.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by a processor, an application authentication request; generating, by the processor, an application authentication element comprising a pre-selected authentication element; providing, by the processor, the application authentication element to a mobile communication device, the pre-selected authentication element of the application authentication element validating the authenticity of an application operating on the mobile communication device to a user; and receiving, by the processor, a user authentication request from the mobile communication device, the user authentication request indicating that the user has validated the authenticity of the application operating on the mobile communication device. 2. The method of claim 1 wherein the application authentication request is an application authentication request message from the mobile communication device and wherein providing the application authentication element to the mobile communication device further comprises sending an application authentication response message comprising the application authentication element to the mobile communication device. 3. The method of claim 1 wherein the user authentication request includes a secret token, the secret token being generated by the mobile communication device using a user authentication token entered by the user, and wherein the method further comprises: comparing the secret token to a secret reference token; authenticating the user by determining whether the secret token and the secret reference token are correlated; and sending a user authentication message to the mobile communication device, the user authentication message indicating that the user is authenticated for a transaction. 4. The method of claim 3 wherein the user authentication token is received by the mobile communication device in the form of a swipe input by the user. 5. The method of claim 1 wherein the application authentication element further comprises transaction data associated with a transaction conducted by the mobile communication device. 6. An apparatus comprising: a processor and a non-transitory computer-readable storage medium coupled to the processor, the computer-readable storage medium comprising code which when executed by the processor implements a method comprising: receiving an application authentication request; generating an application authentication element comprising a pre-selected authentication element; and providing the application authentication element to a mobile communication device, the pre-selected authentication element of the application authentication element validating the authenticity of an application operating on the mobile communication device to a user; and receiving a user authentication request from the mobile communication device, the user authentication request indicating that the user has validated the authenticity of the application operating on the mobile communication device. 7. The apparatus of claim 6 wherein the apparatus is a server computer, and wherein receiving the application authentication request further comprises receiving an application authentication request message from a mobile communication device; and wherein providing the application authentication element further comprises sending an application authentication response message comprising the application authentication element to the mobile communication device. 8. The apparatus of claim 6 wherein the user authentication request includes a secret token, the secret token being generated by the mobile communication device using a user authentication token entered by the user, and wherein the method further comprises: comparing the secret token to a secret reference token; authenticating the user by determining whether the secret token and the secret reference token are correlated; and sending a user authentication message to the mobile communication device, the user authentication message indicating that the user is authenticated for a transaction. 9. The apparatus of claim 8 wherein the user authentication token is received by the mobile communication device in the form of a swipe input by the user. 10. The apparatus of claim 6 wherein the application authentication request includes transaction data associated with a transaction and the application authentication element further comprises some of the transaction data. 11. The method of claim 3 further comprising: after authenticating the user, sending a transaction authorization request message to an issuer associated with the user. 12. The method of claim 1 wherein after providing the application authentication element to the mobile communication device, the application authentication element is displayed to the user on the mobile communication device. 13. The method of claim 3 , wherein the secret token is generated by the mobile communication device without the user's knowledge. 14. The method of claim 3 wherein the mobile communication device transmits the authentication message to an access device to initiate the transaction. 15. The apparatus of claim 6 , wherein the method further comprises: after authenticating the user, sending a transaction authorization request message to an issuer associated with the user. 16. The method of claim 3 , wherein the secret token is derived from the user authentication token entered by the user. 17. The method of claim 3 , wherein the user authentication token is received by the mobile communication device in the form of one of a signature input by the user, a picture of a familiar item, and a voice input by the user. 18. The method of claim 1 , wherein the pre-selected authentication element is selected by the user during registration of a payment account.
Assignees
Inventors
Classifications
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
RFID or NFC payments by means of M-devices · CPC title
using wireless networks · CPC title
Use of the SIM of a M-device as secure element · CPC title
using secure elements embedded in M-devices · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9883387B2 cover?
- Embodiments of the present invention can be directed to systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems. Embodiments may be directed to a mobile communication device displaying an application authentication element. The application authentication element may…
- Who is the assignee on this patent?
- Wilson Dave William, Bourdillon John Francis Benedict, Aabye Christian, and 1 more
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/3226. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 30 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).