US20140289116A1 - System and method for performing authentication for a local transaction - Google Patents

System and method for performing authentication for a local transaction Download PDF

Info

Publication number
US20140289116A1
US20140289116A1 US14/218,611 US201414218611A US2014289116A1 US 20140289116 A1 US20140289116 A1 US 20140289116A1 US 201414218611 A US201414218611 A US 201414218611A US 2014289116 A1 US2014289116 A1 US 2014289116A1
Authority
US
United States
Prior art keywords
authentication
user
local
data
transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/218,611
Inventor
Igor Polivanyi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nok Nok Labs Inc
Original Assignee
Igor Polivanyi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Igor Polivanyi filed Critical Igor Polivanyi
Priority to US14/218,611 priority Critical patent/US20140289116A1/en
Publication of US20140289116A1 publication Critical patent/US20140289116A1/en
Assigned to NOK NOK LABS, INC. reassignment NOK NOK LABS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: POLIVANYI, Igor
Assigned to VENTURE LENDING & LEASING VII, INC., VENTURE LENDING & LEASING VIII, INC. reassignment VENTURE LENDING & LEASING VII, INC. SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NOK NOK LABS, INC.
Assigned to VENTURE LENDING & LEASING VIII, INC., VENTURE LENDING & LEASING IX, INC. reassignment VENTURE LENDING & LEASING VIII, INC. SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NOK NOK LABS, INC.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/065Continuous authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • This invention relates generally to the field of data processing systems. More particularly, the invention relates to a system and method for performing authentication for a local transaction.
  • Patent Application No. 2011/0082801 (“'801 Application”) describes a framework for user registration and authentication on a network which provides strong authentication (e.g., protection against identity theft and phishing), secure transactions (e.g., protection against “malware in the browser” and “man in the middle” attacks for transactions), and enrollment/management of client authentication tokens (e.g., fingerprint readers, facial recognition devices, smartcards, trusted platform modules, etc).
  • the Co-Pending Applications describe authentication techniques in which a user enrolls with biometric devices of a client to generate biometric template data (e.g., by swiping a finger, snapping a picture, recording a voice, etc); registers the biometric devices with one or more servers over a network (e.g., Websites or other relying parties equipped with secure transaction services as described in the Co-Pending Applications); and subsequently authenticates with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices).
  • a user enrolls with biometric devices of a client to generate biometric template data (e.g., by swiping a finger, snapping a picture, recording a voice, etc); registers the biometric devices with one or more servers over a network (e.g., Websites or other relying parties equipped with secure transaction services as described in the Co-Pending Applications); and subsequently authenticates with those servers using data exchanged during the registration process (e.g., encryption keys
  • sensitive information such as fingerprint data and other data which can be used to uniquely identify the user, may be retained locally on the user's client device (e.g., smartphone, notebook computer, etc) to protect a user's privacy.
  • client device e.g., smartphone, notebook computer, etc
  • FIG. 1 illustrates one embodiment of a client performing a secure transaction with a local device
  • FIG. 2 illustrates one embodiment of a client architecture for performing a secure transaction with a local device
  • FIG. 3 illustrates one embodiment of a method for performing a secure transaction with a local device
  • FIGS. 4A-B illustrate different exemplary architectural arrangements within which embodiments of the invention may be implemented.
  • ATM automatic teller machine
  • POS checkout device
  • machine-readable medium for authenticating a user for a local transaction such as one involving an automatic teller machine (ATM), retail checkout device, or other device with which the user wishes to initiate a transaction.
  • the embodiments of the invention discussed below involve client devices with authentication capabilities such as biometric devices or PIN entry. These devices are sometimes referred to herein as “tokens,” “authentication devices,” or “authenticators.” While certain embodiments focus on facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face and tracking a user's eye movement), some embodiments may utilize additional biometric devices including, for example, fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user). The authentication capabilities may also include non-biometric devices such as trusted platform modules (TPMs) and smartcards.
  • TPMs trusted platform modules
  • the biometric device may be remote from the relying party.
  • the term “remote” means that the biometric sensor is not part of the security boundary of the computer it is communicatively coupled to (e.g., it is not embedded into the same physical enclosure as the relying party computer).
  • the biometric device may be coupled to the relying party via a network (e.g., the Internet, a wireless network link, etc) or via a peripheral input such as a USB port.
  • the relying party may know if the device is one which is authorized by the relying party (e.g., one which provides an acceptable level of authentication and integrity protection) and/or whether a hacker has compromised the biometric device. Confidence in the biometric device depends on the particular implementation of the device.
  • the term “local” is used herein to refer to the fact that the user is completing a transaction in person, at a particular location such as at an automatic teller machine (ATM) or a retail checkout location.
  • ATM automatic teller machine
  • the authentication techniques employed to authenticate the user may involve non-location components such as communication over a network with remote servers and/or other data processing devices.
  • specific embodiments are described herein (such as an ATM and retail location) it should be noted that the underlying principles of the invention may be implemented within the context of any system in which a transaction is initiated locally by an end user.
  • relying party is sometimes used herein to refer, not merely to the entity with which a user transaction is attempted (e.g., a Website or online service performing user transactions), but also to the secure transaction servers implemented on behalf of that entity which may performed the underlying authentication techniques described herein.
  • the secure transaction servers may be owned and/or under the control of the relying party or may be under the control of a third party offering secure transaction services to the relying party as part of a business arrangement.
  • server is used herein to refer to software executed on a hardware platform (or across multiple hardware platforms) that receives requests over a network from a client, responsively performs one or more operations, and transmits a response to the client, typically including the results of the operations.
  • the server responds to client requests to provide, or help to provide, a network “service” to the clients.
  • a server is not limited to a single computer (e.g., a single hardware device for executing the server software) and may, in fact, be spread across multiple hardware platforms, potentially at multiple geographical locations.
  • the embodiments of the invention described herein include techniques for authenticating a user for a local transaction initiated through a local secure transaction device.
  • the local transaction may be a withdrawal, transfer, or other user-initiated operation and the secure transaction device may be an ATM or other local device capable of executing financial transactions.
  • the local transaction may involve completing a payment to purchase goods or services at a retail store or other retail location equipped with a local secure transaction device.
  • a client device 100 with biometric authentication devices and associated software authenticates over a network to a relying party with secure transaction services 151 to perform a transaction on a local secure transaction device 150 .
  • the user of client device 100 wishes to perform a transaction locally with secure transaction device 150 , it initiates a series of authentication transactions with the relying party 151 (examples of which are described below).
  • the user may be required to swipe a finger on a fingerprint reader on the client device 100 and/or enter a PIN or other secret code via a client keypad.
  • the results of the authentication may then be transmitted from the client device 100 to the relying party 151 without transmitting the user's private data (e.g., the fingerprint data, PIN, or any other private user data), thereby protecting the user's privacy.
  • the user's private data e.g., the fingerprint data, PIN, or any other private user data
  • the relying party 151 may transmit a signal to the local secure transaction device 150 to perform an operation. For example, if the local secure transaction device is an ATM, the signal may instruct the ATM to dispense a specified amount of cash. If the local secure transaction device 150 is a retail checkout device then an indication of successful payment may be transmitted and the user's account may be debited.
  • a local secure communication channel may be established between the client device 100 and the local secure transaction device 150 to supplement the user authentication process.
  • the local secure channel may be established using wireless communication interfaces on the client device 100 and local secure transaction device 150 utilizing various wireless communication technologies such as near field communication (NFC), Bluetooth, or WiFi (e.g., an 802.11x channel), to name a few.
  • NFC near field communication
  • WiFi WiFi
  • the client device 100 may perform a near-field communication (NFC) handshake via its wireless interface with the wireless interface of the local secure transaction device 150 and establish the local secure channel to exchange data during authentication.
  • NFC near-field communication
  • the mere existence of the local secure channel comprises authentication data because it establishes the current location of the client device 100 . Consequently, this information may be used by the relying party 151 as proof of the current location of the client device 100 during the authentication process. In one embodiment, the relying party 151 may compare the location provided by the local secure transaction device 150 with the current GPS location reported by the client device 100 to confirm that the two location values match.
  • the relying party 151 may transmit a secret code or other authentication data to the client device 100 , which the client device 100 may then relay to the local secure transaction device 150 over the local secure channel to authenticate the client device.
  • the relying party 151 transmits a barcode to the client device 100 and a corresponding code to the local secure transaction device.
  • the local secure transaction device 150 may then read the barcode (e.g., from the display of the client device 100 ) using a barcode scanner or camera to perform authentication (i.e., comparing the code received from the relying party with the code read from the barcode).
  • the local secure transaction device 150 may transmit the code read from the barcode to the relying party, which will then confirm that the codes match.
  • the relying party 151 may transmit a secret code or other authentication data to the local secure transaction device 150 which will then relay the data to the client device 100 for authentication.
  • the local secure channel may be used to exchange data for a variety of authentication techniques.
  • the local secure transaction device 150 is an ATM device.
  • ATM machines are vulnerable devices, because their input/output controls (e.g., card-readers, keyboards, screens, cameras, etc) are exposed for the “outside world” and they are readily available for tampering.
  • debit card records and pins can be easily stolen with low-tech devices, such as hidden magnetic stripe readers, mirrors, and video cameras.
  • remote authentication techniques involving communication between the client 100 and relying party 151 are used to provide significantly improved authentication for ATM machines.
  • an ATM doesn't need to have legacy input/output controls, such as card-reader, touchscreen or keyboard. All it requires is a network connection and a slot to dispense cash. The authentication per se can be performed on the customer's client device 100 equipped with the biometric authentication devices.
  • the user would enter the vicinity of the ATM machine and initiate the remote authentication application to authenticate to the relying party 151 .
  • the user would then enter the amount for withdrawal and swipe her finger using the fingerprint sensor on the mobile device (or user any other type of authentication as discussed below).
  • a specified amount of money is dispensed from the ATM's slot.
  • This embodiment not only provides stronger authentication, but it also converts complex and expensive ATMs into simple and reliable money dispensers that are significantly cheaper to build and maintain. These new ATM's may be used for a long time. They will not require frequent updates, because all updates to the biometrics-related authentication features are introduced directly on the client devices 100 and/or the relying party's secure transaction servers 151 .
  • the client device 100 of this embodiment includes a local authentication application 104 which communicates with both the local secure transaction device 150 and relying party 151 to coordinate the various local authentication techniques described herein.
  • the local authentication application 104 establishes the local secure channel with the local secure transaction device 150 and an authentication engine 110 performs remote authentication with the relying party to verify that the legitimate user is in possession of the client device 100 .
  • the authentication engine 110 performs authentication by entering into a series of transactions with the secure transaction servers of the relying party as described in the co-pending patent applications mentioned above.
  • these transactions may include an enrollment process in which a user enrolls with biometric devices of a client to generate biometric template data (e.g., by swiping a finger, snapping a picture, recording a voice, etc). Enrollment may be under the direction of the secure transaction servers of the relying party or may be done autonomously by the user. The user may then register the biometric devices with the secure transaction servers over the network and subsequently authenticate with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices).
  • data exchanged e.g., encryption keys provisioned into the biometric devices.
  • the authentication engine 110 includes an assurance level calculation module 106 for calculating an assurance level corresponding to a likelihood that the legitimate user is in possession of the client device 100 . It may then use this assurance level to determine whether the relying party 151 should authorize a local transaction at the local secure transaction device 150 (e.g., such as a financial transaction, a retail purchase, an access to confidential information in the user's account, etc).
  • the relying party 151 may specify the level of assurance required for a given transaction. For example, for a financial transaction involving the transfer of a significant amount of money, the relying party 151 may require a relatively higher assurance level than, for example, a transaction involving access to a user's account.
  • the assurance level calculation module 106 transmits the assurance level (e.g., specified as a value, percentage, code, etc) to the relying party 151 , without disclosing any confidential user information, thereby protecting the user's privacy.
  • the assurance level calculation module 106 knows the assurance level required for the current transaction, determines whether the assurance level is sufficiently high, and transmits an indication of whether the transaction is permitted or denied to the relying party 151 , once again, without disclosing the user's private information to the relying party 151 .
  • the communication between the client device 100 and relying party 151 is secured via a secure communication module 113 , which may encrypt outgoing communication using a first key and decrypt incoming communication using a second key.
  • a secure communication module 113 may encrypt outgoing communication using a first key and decrypt incoming communication using a second key.
  • the first and second keys are the same.
  • the keys are different.
  • the underlying principles of the invention are not limited to any particular type of encryption.
  • the assurance level calculation module 106 determines the assurance level based, at least in part, on current user authentication results 105 which may include the results of a current or recent explicit user authentication via one or more explicit user authentication devices 120 - 121 .
  • This may include, for example, fingerprint authentication via a fingerprint device, facial recognition authentication via a camera and facial recognition hardware/software, voice recognition via a microphone and voice recognition hardware/software, retinal scanning using a camera and associated hardware/software, a password/PIN entry by the end user via a keypad, and/or various other types of explicit user authentication devices and/or techniques.
  • a secure storage 125 cryptographically protects the biometric reference data records for each user authentication device 120 - 121 (e.g., wrapping the data using a symmetric key to make the storage 125 secure). While the secure storage 125 is illustrated outside of the secure perimeter of the authentication device(s) 120 - 121 , in one embodiment, each authentication device 120 - 121 may have its own integrated secure storage to cryptographically protect the biometric reference data records.
  • the authentication engine 110 collects data from sensors 143 to be used by the assurance calculation module 106 to generate the assurance level.
  • the sensors 143 may include location sensors such as GPS sensors to indicate a current location of the user. If the client device 100 is in an expected location such as the known vicinity of the local secure transaction device 150 , then this increases the likelihood that the user is the legitimate user. By contrast, if the GPS reading indicates that the user is not in the vicinity of the local secure transaction device 150 , then this indicates that the user initiating the transaction is not the legitimate user.
  • the assurance calculation module 106 will tend to increase the assurance level if the user is in an expected location and decrease the assurance level if the user is in an unexpected location.
  • Various additional sensors 143 such as temperature sensors, humidity sensors and accelerometers may be used to collect data relevant to user authentication.
  • the temperature/humidity sensors may provide a current temperature/humidity which may be compared against the known temperature/humidity for the location specified by the location sensor. If the values are significantly different, then this may indicate that the client device 100 is being spoofed. The comparison of the asserted location and the temperature/humidity may be done at a remote server such as the secure transaction server(s) used by the relying party 151 .
  • accelerometers on the device may be used to measure the gait of the user and compare these measurements against the known gait of the user. If the gaits match (within a specified threshold), then this increases the likelihood that the legitimate user is in possession of the client device 100 .
  • the local authentication application 104 may be implemented in a variety of ways while still complying with the underlying principles of the invention.
  • the local authentication application 104 is designed specifically for the relying party 151 .
  • the relying party is a banking institution (e.g., Wells Fargo®)
  • the local authentication application 104 may be an application specifically designed by/for that bank.
  • the same local authentication application 104 may be shared among a variety of relying parties, for example, as a universal local authentication application.
  • the authentication engine 110 shown in FIG. 2 may be integrated within the local authentication application 104 .
  • the local authentication application 104 may be a Web browser or an application executed within the Web browser context (e.g., when the user enters the vicinity of the local secure transaction device 150 or connects to the relying party web page to initiate the transaction).
  • the local authentication application 104 may perform a variety of local functions depending on the implementation required by the relying party. For example, in one embodiment, the local authentication application 104 receives the secret code (or other authentication data) provided by the relying party 151 and securely transmits the secret code to the local secure transaction device 150 for authentication (e.g., via a barcode or using other communication techniques as discussed above). Alternatively, in one embodiment, the user may manually enter the secret code in the local secure transaction device 150 . Similarly, authentication data such as a secret code received by the local secure transaction device 150 may be relayed to the local authentication application 104 which then relays the authentication data to the authentication engine 110 and/or relying party 151 (e.g., as proof of the location of the client device 100 ).
  • the local authentication application 104 receives the secret code (or other authentication data) provided by the relying party 151 and securely transmits the secret code to the local secure transaction device 150 for authentication (e.g., via a barcode or using other communication techniques as discussed above).
  • FIG. 3 One embodiment of a method for performing authentication of a client device is illustrated in FIG. 3 .
  • the method may be implemented on the architecture shown in FIGS. 1-2 but is not limited to any particular system architecture.
  • the client enters the vicinity of the local secure transaction device (e.g., an ATM) and, at 302 , a secure connection is established with the local secure transaction device over a local channel.
  • the local channel may be implemented using near field communication, Bluetooth, Wifi, or any other type of protocol supported by both the client device and the local secure transaction device. Operation 302 may not be required in some embodiments. For example, when the client device is capable of authenticating with the relying party with a high level of assurance that the legitimate user is in possession of the client device and if the client device is capable of verifying its current location to the relying party, then the local channel may not be necessary.
  • the client device authenticates with the relying party over the network. Any available techniques for generating an assurance level that the legitimate user is in possession of the device may be used for this operation. For example, the user may perform explicit authentication by swiping a finger on a biometric fingerprint device, capturing a facial image for facial recognition, and/or entering a secret code. Alternatively, non-intrusive authentication techniques may be performed such as determining whether the user has explicitly authenticated with the client device recently (e.g., within a specified time period) and/or using sensor data such as location data, temperature/pressure data, and/or accelerometer data.
  • sensor data such as location data, temperature/pressure data, and/or accelerometer data.
  • the results of the authentication may be provided to the relying party over the network in a manner which protects the user's privacy (e.g., without providing data that specifically identifies the client device).
  • the assurance level itself and/or an indication of the success or failure of authentication may be provided to the relying party, without disclosing any confidential user information.
  • the local transaction is permitted. In one embodiment, this involves the relying party transmitting a signal instructing the local secure transaction device to perform one or more operations. For example, if the local secure transaction device is an ATM, then the operations may include dispensing a user-specified amount of cash. If the local secure transaction device is a debit device (e.g., at a retail store or other location where the user is making a purchase), then the signal transmitted by the relying party may confirm payment for the transaction (and debit the user's account accordingly). It should be noted that these are merely illustrative examples. Various alternative applications may be employed while still complying with the underlying principles of the invention.
  • the transaction is denied and/or one or more additional authentication techniques may be required.
  • the user may be required to provide additional authentication using one or more additional techniques (e.g., entering a secret code if the initial authentication was a fingerprint, etc). If the additional techniques are sufficient, determined at 306 , then the transaction is permitted at 307 . If not, then the transaction is again denied and/or additional authentication techniques are attempted.
  • relying party is used herein to refer, not merely to the entity with which a user transaction is attempted (e.g., a Website or online service performing user transactions), but also to the secure transaction servers implemented on behalf of that entity which may performed the underlying authentication techniques described herein.
  • the secure transaction servers may be owned and/or under the control of the relying party or may be under the control of a third party offering secure transaction services to the relying party as part of a business arrangement.
  • FIGS. 4A-B illustrate two embodiments of a system architecture comprising client-side and server-side components for authenticating a user.
  • the embodiment shown in FIG. 4A uses a browser plugin-based architecture for communicating with a website while the embodiment shown in FIG. 4B does not require a browser.
  • the various techniques described herein for performing strong authentication on local devices may be implemented on either of these system architectures.
  • the authentication engine 110 and local authentication application 104 shown in FIGS. 1-2 may be implemented as part of the secure transaction service 401 including interface 402 . It should be noted, however, that the embodiment illustrated in FIGS. 1-2 stands on its own and may be implemented using logical arrangements of hardware and software other than those shown in FIGS. 4A-B .
  • the illustrated embodiment includes a client 400 equipped with one or more authentication devices 410 - 412 for enrolling and authenticating an end user.
  • the authentication devices 410 - 412 may include biometric devices such as fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user) and non-biometric devices such as a trusted platform modules (TPMs) and smartcards.
  • a user may enroll the biometric devices by providing biometric data (e.g., swiping a finger on the fingerprint device) which the secure transaction service 401 may store as biometric template data in secure storage 420 (via interface 402 ).
  • each authentication device 410 - 412 may have its own integrated secure storage. Additionally, each authentication device 410 - 412 may cryptographically protect the biometric reference data records (e.g., wrapping them using a symmetric key to make the storage 420 secure).
  • the authentication devices 410 - 412 are communicatively coupled to the client through an interface 402 (e.g., an application programming interface or API) exposed by a secure transaction service 401 .
  • the secure transaction service 401 is a secure application for communicating with one or more secure transaction servers 432 - 433 over a network and for interfacing with a secure transaction plugin 405 executed within the context of a web browser 404 .
  • the Interface 402 may also provide secure access to a secure storage device 420 on the client 400 which stores information related to each of the authentication devices 410 - 412 such as a device identification code, user identification code, user enrollment data (e.g., scanned fingerprint or other biometric data), and keys used to perform the secure authentication techniques described herein. For example, as discussed in detail below, a unique key may be stored into each of the authentication devices and used when communicating to servers 430 over a network such as the Internet.
  • the secure transaction service 401 may then register the biometric devices with the secure transaction servers 432 - 433 over the network and subsequently authenticate with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices).
  • the authentication process may include any of the authentication techniques described herein (e.g., generating an assurance level on the client 400 based on explicit or non-intrusive authentication techniques and transmitting the results to the secure transaction servers 432 - 433 ).
  • the secure transaction plugin 405 is initiated in response to specific HTML tags inserted into the HTML code of a web page by the web server 431 within the secure enterprise or Web destination 430 (sometimes simply referred to below as “server 430 ”). In response to detecting such a tag, the secure transaction plugin 405 may forward transactions to the secure transaction service 401 for processing. In addition, for certain types of transactions (e.g., such as secure key exchange) the secure transaction service 401 may open a direct communication channel with the on-premises transaction server 432 (i.e., co-located with the website) or with an off-premises transaction server 433 .
  • the secure transaction servers 432 - 433 are coupled to a secure transaction database 440 for storing user data, authentication device data, keys and other secure information needed to support the secure authentication transactions described below. It should be noted, however, that the underlying principles of the invention do not require the separation of logical components within the secure enterprise or web destination 430 shown in FIG. 4A .
  • the website 431 and the secure transaction servers 432 - 433 may be implemented within a single physical server or separate physical servers.
  • the website 431 and transaction servers 432 - 433 may be implemented within an integrated software module executed on one or more servers for performing the functions described below.
  • FIG. 4B illustrates an alternate implementation in which a stand-alone application 454 utilizes the functionality provided by the secure transaction service 401 to authenticate a user over a network.
  • the application 454 is designed to establish communication sessions with one or more network services 451 which rely on the secure transaction servers 432 - 433 for performing the user/client authentication techniques described in detail below.
  • the secure transaction servers 432 - 433 may generate the keys which are then securely transmitted to the secure transaction service 401 and stored into the authentication devices within the secure storage 420 . Additionally, the secure transaction servers 432 - 433 manage the secure transaction database 440 on the server side.
  • Embodiments of the invention may include various steps as set forth above.
  • the steps may be embodied in machine-executable instructions which cause a general-purpose or special-purpose processor to perform certain steps.
  • these steps may be performed by specific hardware components that contain hardwired logic for performing the steps, or by any combination of programmed computer components and custom hardware components.
  • Elements of the present invention may also be provided as a machine-readable medium for storing the machine-executable program code.
  • the machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs, and magneto-optical disks, ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic program code.

Abstract

A system, apparatus, method, and machine readable medium are described for strong authentication for a local transaction. For example, one embodiment of a system comprises: a local transaction device; a client device performing one or more authentication transactions including receiving biometric input from the user to generate an authentication result; a secure transaction service communicatively coupled to the local transaction device over a network, the secure transaction service receiving the authentication result from the client device; and the remote secure transaction service transmitting a signal to the local transaction device to perform one or more operations if the authentication result is sufficient to complete a transaction.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application claims the benefit of and priority to co-pending U.S. Provisional Patent Application No. 61/804,568, filed, Mar. 22, 2013, entitled, “Advanced Methods of Authentication And Its Applications”.
    • BACKGROUND
  • 1. Field of the Invention
  • This invention relates generally to the field of data processing systems. More particularly, the invention relates to a system and method for performing authentication for a local transaction.
  • 2. Description of Related Art
  • Systems have been designed for providing secure user authentication over a network using biometric sensors. In such systems, the score generated by the application, and/or other authentication data, may be sent over a network to authenticate the user with a remote server. For example, Patent Application No. 2011/0082801 (“'801 Application”) describes a framework for user registration and authentication on a network which provides strong authentication (e.g., protection against identity theft and phishing), secure transactions (e.g., protection against “malware in the browser” and “man in the middle” attacks for transactions), and enrollment/management of client authentication tokens (e.g., fingerprint readers, facial recognition devices, smartcards, trusted platform modules, etc).
  • The assignee of the present application has developed a variety of improvements to the authentication framework described in the '801 application. Some of these improvements are described in the following set of US Patent Applications (“Co-pending Applications”), all filed Dec. 29, 1012, which are assigned to the present assignee and incorporated herein by reference: Ser. No. 13/730,761, Query System and Method to Determine Authentication Capabilities; Ser. No. 13/730,776, System and Method for Efficiently Enrolling, Registering, and Authenticating With Multiple Authentication Devices; Ser. No. 13/730,780, System and Method for Processing Random Challenges Within an Authentication Framework; Ser. No. 13/730,791, System and Method for Implementing Privacy Classes Within an Authentication Framework; Ser. No. 13/730,795, System and Method for Implementing Transaction Signaling Within an Authentication Framework.
  • Briefly, the Co-Pending Applications describe authentication techniques in which a user enrolls with biometric devices of a client to generate biometric template data (e.g., by swiping a finger, snapping a picture, recording a voice, etc); registers the biometric devices with one or more servers over a network (e.g., Websites or other relying parties equipped with secure transaction services as described in the Co-Pending Applications); and subsequently authenticates with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices). Once authenticated, the user is permitted to perform one or more online transactions with a Website or other relying party. In the framework described in the Co-Pending Applications, sensitive information such as fingerprint data and other data which can be used to uniquely identify the user, may be retained locally on the user's client device (e.g., smartphone, notebook computer, etc) to protect a user's privacy.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • A better understanding of the present invention can be obtained from the following detailed description in conjunction with the following drawings, in which:
  • FIG. 1 illustrates one embodiment of a client performing a secure transaction with a local device;
  • FIG. 2 illustrates one embodiment of a client architecture for performing a secure transaction with a local device;
  • FIG. 3 illustrates one embodiment of a method for performing a secure transaction with a local device; and
  • FIGS. 4A-B illustrate different exemplary architectural arrangements within which embodiments of the invention may be implemented.
    •  DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
  • Described below are embodiments of an apparatus, method, and machine-readable medium for authenticating a user for a local transaction such as one involving an automatic teller machine (ATM), retail checkout device, or other device with which the user wishes to initiate a transaction. Throughout the description, for the purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. In other instances, well-known structures and devices are not shown or are shown in a block diagram form to avoid obscuring the underlying principles of the present invention.
  • The embodiments of the invention discussed below involve client devices with authentication capabilities such as biometric devices or PIN entry. These devices are sometimes referred to herein as “tokens,” “authentication devices,” or “authenticators.” While certain embodiments focus on facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face and tracking a user's eye movement), some embodiments may utilize additional biometric devices including, for example, fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user). The authentication capabilities may also include non-biometric devices such as trusted platform modules (TPMs) and smartcards.
  • In a mobile biometric implementation, the biometric device may be remote from the relying party. As used herein, the term “remote” means that the biometric sensor is not part of the security boundary of the computer it is communicatively coupled to (e.g., it is not embedded into the same physical enclosure as the relying party computer). By way of example, the biometric device may be coupled to the relying party via a network (e.g., the Internet, a wireless network link, etc) or via a peripheral input such as a USB port. Under these conditions, there may be no way for the relying party to know if the device is one which is authorized by the relying party (e.g., one which provides an acceptable level of authentication and integrity protection) and/or whether a hacker has compromised the biometric device. Confidence in the biometric device depends on the particular implementation of the device.
  • The term “local” is used herein to refer to the fact that the user is completing a transaction in person, at a particular location such as at an automatic teller machine (ATM) or a retail checkout location. However, as discussed below, the authentication techniques employed to authenticate the user may involve non-location components such as communication over a network with remote servers and/or other data processing devices. Moreover, while specific embodiments are described herein (such as an ATM and retail location) it should be noted that the underlying principles of the invention may be implemented within the context of any system in which a transaction is initiated locally by an end user.
  • The term “relying party” is sometimes used herein to refer, not merely to the entity with which a user transaction is attempted (e.g., a Website or online service performing user transactions), but also to the secure transaction servers implemented on behalf of that entity which may performed the underlying authentication techniques described herein. The secure transaction servers may be owned and/or under the control of the relying party or may be under the control of a third party offering secure transaction services to the relying party as part of a business arrangement.
  • The term “server” is used herein to refer to software executed on a hardware platform (or across multiple hardware platforms) that receives requests over a network from a client, responsively performs one or more operations, and transmits a response to the client, typically including the results of the operations. The server responds to client requests to provide, or help to provide, a network “service” to the clients. Significantly, a server is not limited to a single computer (e.g., a single hardware device for executing the server software) and may, in fact, be spread across multiple hardware platforms, potentially at multiple geographical locations.
  • Embodiments for Authenticating the user for a Local Transaction
  • The embodiments of the invention described herein include techniques for authenticating a user for a local transaction initiated through a local secure transaction device. By way of example, the local transaction may be a withdrawal, transfer, or other user-initiated operation and the secure transaction device may be an ATM or other local device capable of executing financial transactions. Similarly, the local transaction may involve completing a payment to purchase goods or services at a retail store or other retail location equipped with a local secure transaction device.
  • As illustrated in FIG. 1, in one embodiment, a client device 100 with biometric authentication devices and associated software authenticates over a network to a relying party with secure transaction services 151 to perform a transaction on a local secure transaction device 150. In particular, when the user of client device 100 wishes to perform a transaction locally with secure transaction device 150, it initiates a series of authentication transactions with the relying party 151 (examples of which are described below). For example, the user may be required to swipe a finger on a fingerprint reader on the client device 100 and/or enter a PIN or other secret code via a client keypad. The results of the authentication may then be transmitted from the client device 100 to the relying party 151 without transmitting the user's private data (e.g., the fingerprint data, PIN, or any other private user data), thereby protecting the user's privacy.
  • In response to a successful authentication, the relying party 151 may transmit a signal to the local secure transaction device 150 to perform an operation. For example, if the local secure transaction device is an ATM, the signal may instruct the ATM to dispense a specified amount of cash. If the local secure transaction device 150 is a retail checkout device then an indication of successful payment may be transmitted and the user's account may be debited.
  • In addition, as shown in FIG. 1, a local secure communication channel may be established between the client device 100 and the local secure transaction device 150 to supplement the user authentication process. The local secure channel may be established using wireless communication interfaces on the client device 100 and local secure transaction device 150 utilizing various wireless communication technologies such as near field communication (NFC), Bluetooth, or WiFi (e.g., an 802.11x channel), to name a few. For example, when in the vicinity of the location secure transaction device 150, the client device 100 may perform a near-field communication (NFC) handshake via its wireless interface with the wireless interface of the local secure transaction device 150 and establish the local secure channel to exchange data during authentication.
  • The mere existence of the local secure channel comprises authentication data because it establishes the current location of the client device 100. Consequently, this information may be used by the relying party 151 as proof of the current location of the client device 100 during the authentication process. In one embodiment, the relying party 151 may compare the location provided by the local secure transaction device 150 with the current GPS location reported by the client device 100 to confirm that the two location values match.
  • In addition, the relying party 151 may transmit a secret code or other authentication data to the client device 100, which the client device 100 may then relay to the local secure transaction device 150 over the local secure channel to authenticate the client device. For example, in one embodiment, the relying party 151 transmits a barcode to the client device 100 and a corresponding code to the local secure transaction device. The local secure transaction device 150 may then read the barcode (e.g., from the display of the client device 100) using a barcode scanner or camera to perform authentication (i.e., comparing the code received from the relying party with the code read from the barcode). Alternatively, the local secure transaction device 150 may transmit the code read from the barcode to the relying party, which will then confirm that the codes match. Conversely, the relying party 151 may transmit a secret code or other authentication data to the local secure transaction device 150 which will then relay the data to the client device 100 for authentication. Thus the local secure channel may be used to exchange data for a variety of authentication techniques.
  • As mentioned, in one particular embodiment, the local secure transaction device 150 is an ATM device. ATM machines are vulnerable devices, because their input/output controls (e.g., card-readers, keyboards, screens, cameras, etc) are exposed for the “outside world” and they are readily available for tampering. For example, debit card records and pins can be easily stolen with low-tech devices, such as hidden magnetic stripe readers, mirrors, and video cameras. In one embodiment, remote authentication techniques involving communication between the client 100 and relying party 151 are used to provide significantly improved authentication for ATM machines. When integrated with this remote authentication, an ATM itself doesn't need to have legacy input/output controls, such as card-reader, touchscreen or keyboard. All it requires is a network connection and a slot to dispense cash. The authentication per se can be performed on the customer's client device 100 equipped with the biometric authentication devices.
  • In one embodiment, for a cash withdrawal, the user would enter the vicinity of the ATM machine and initiate the remote authentication application to authenticate to the relying party 151. The user would then enter the amount for withdrawal and swipe her finger using the fingerprint sensor on the mobile device (or user any other type of authentication as discussed below). When the user's presence and authenticity are confirmed with the relying party 151, a specified amount of money is dispensed from the ATM's slot.
  • This embodiment not only provides stronger authentication, but it also converts complex and expensive ATMs into simple and reliable money dispensers that are significantly cheaper to build and maintain. These new ATM's may be used for a long time. They will not require frequent updates, because all updates to the biometrics-related authentication features are introduced directly on the client devices 100 and/or the relying party's secure transaction servers 151.
  • Additional architectural details of one embodiment of the invention are illustrated in FIG. 2. As illustrated, the client device 100 of this embodiment includes a local authentication application 104 which communicates with both the local secure transaction device 150 and relying party 151 to coordinate the various local authentication techniques described herein. In one embodiment, the local authentication application 104 establishes the local secure channel with the local secure transaction device 150 and an authentication engine 110 performs remote authentication with the relying party to verify that the legitimate user is in possession of the client device 100.
  • In one embodiment, the authentication engine 110 performs authentication by entering into a series of transactions with the secure transaction servers of the relying party as described in the co-pending patent applications mentioned above. For example, these transactions may include an enrollment process in which a user enrolls with biometric devices of a client to generate biometric template data (e.g., by swiping a finger, snapping a picture, recording a voice, etc). Enrollment may be under the direction of the secure transaction servers of the relying party or may be done autonomously by the user. The user may then register the biometric devices with the secure transaction servers over the network and subsequently authenticate with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices).
  • In one embodiment, the authentication engine 110 includes an assurance level calculation module 106 for calculating an assurance level corresponding to a likelihood that the legitimate user is in possession of the client device 100. It may then use this assurance level to determine whether the relying party 151 should authorize a local transaction at the local secure transaction device 150 (e.g., such as a financial transaction, a retail purchase, an access to confidential information in the user's account, etc). In one embodiment, the relying party 151 may specify the level of assurance required for a given transaction. For example, for a financial transaction involving the transfer of a significant amount of money, the relying party 151 may require a relatively higher assurance level than, for example, a transaction involving access to a user's account.
  • In one embodiment, the assurance level calculation module 106 transmits the assurance level (e.g., specified as a value, percentage, code, etc) to the relying party 151, without disclosing any confidential user information, thereby protecting the user's privacy. In another embodiment, the assurance level calculation module 106 knows the assurance level required for the current transaction, determines whether the assurance level is sufficiently high, and transmits an indication of whether the transaction is permitted or denied to the relying party 151, once again, without disclosing the user's private information to the relying party 151.
  • In one embodiment, the communication between the client device 100 and relying party 151 is secured via a secure communication module 113, which may encrypt outgoing communication using a first key and decrypt incoming communication using a second key. In a symmetric key encryption scheme the first and second keys are the same. In an asymmetric key encryption scheme, the keys are different. However, the underlying principles of the invention are not limited to any particular type of encryption.
  • In one embodiment, the assurance level calculation module 106 determines the assurance level based, at least in part, on current user authentication results 105 which may include the results of a current or recent explicit user authentication via one or more explicit user authentication devices 120-121. This may include, for example, fingerprint authentication via a fingerprint device, facial recognition authentication via a camera and facial recognition hardware/software, voice recognition via a microphone and voice recognition hardware/software, retinal scanning using a camera and associated hardware/software, a password/PIN entry by the end user via a keypad, and/or various other types of explicit user authentication devices and/or techniques.
  • In one embodiment, a secure storage 125 cryptographically protects the biometric reference data records for each user authentication device 120-121 (e.g., wrapping the data using a symmetric key to make the storage 125 secure). While the secure storage 125 is illustrated outside of the secure perimeter of the authentication device(s) 120-121, in one embodiment, each authentication device 120-121 may have its own integrated secure storage to cryptographically protect the biometric reference data records.
  • In addition to explicit user authentication, one embodiment of the authentication engine 110 collects data from sensors 143 to be used by the assurance calculation module 106 to generate the assurance level. By way of example, the sensors 143 may include location sensors such as GPS sensors to indicate a current location of the user. If the client device 100 is in an expected location such as the known vicinity of the local secure transaction device 150, then this increases the likelihood that the user is the legitimate user. By contrast, if the GPS reading indicates that the user is not in the vicinity of the local secure transaction device 150, then this indicates that the user initiating the transaction is not the legitimate user. Thus, in one embodiment, the assurance calculation module 106 will tend to increase the assurance level if the user is in an expected location and decrease the assurance level if the user is in an unexpected location.
  • Various additional sensors 143 such as temperature sensors, humidity sensors and accelerometers may be used to collect data relevant to user authentication. For example, the temperature/humidity sensors may provide a current temperature/humidity which may be compared against the known temperature/humidity for the location specified by the location sensor. If the values are significantly different, then this may indicate that the client device 100 is being spoofed. The comparison of the asserted location and the temperature/humidity may be done at a remote server such as the secure transaction server(s) used by the relying party 151. In another embodiment, accelerometers on the device may be used to measure the gait of the user and compare these measurements against the known gait of the user. If the gaits match (within a specified threshold), then this increases the likelihood that the legitimate user is in possession of the client device 100.
  • The local authentication application 104 may be implemented in a variety of ways while still complying with the underlying principles of the invention. For example, in one embodiment, the local authentication application 104 is designed specifically for the relying party 151. For example, if the relying party is a banking institution (e.g., Wells Fargo®), then the local authentication application 104 may be an application specifically designed by/for that bank. In another embodiment, the same local authentication application 104 may be shared among a variety of relying parties, for example, as a universal local authentication application. Moreover, while illustrated in FIG. 2 as separate logical components, the authentication engine 110 shown in FIG. 2 may be integrated within the local authentication application 104. In another embodiment, the local authentication application 104 may be a Web browser or an application executed within the Web browser context (e.g., when the user enters the vicinity of the local secure transaction device 150 or connects to the relying party web page to initiate the transaction).
  • The local authentication application 104 may perform a variety of local functions depending on the implementation required by the relying party. For example, in one embodiment, the local authentication application 104 receives the secret code (or other authentication data) provided by the relying party 151 and securely transmits the secret code to the local secure transaction device 150 for authentication (e.g., via a barcode or using other communication techniques as discussed above). Alternatively, in one embodiment, the user may manually enter the secret code in the local secure transaction device 150. Similarly, authentication data such as a secret code received by the local secure transaction device 150 may be relayed to the local authentication application 104 which then relays the authentication data to the authentication engine 110 and/or relying party 151 (e.g., as proof of the location of the client device 100).
  • One embodiment of a method for performing authentication of a client device is illustrated in FIG. 3. The method may be implemented on the architecture shown in FIGS. 1-2 but is not limited to any particular system architecture.
  • At 301, the client enters the vicinity of the local secure transaction device (e.g., an ATM) and, at 302, a secure connection is established with the local secure transaction device over a local channel. As mentioned, the local channel may be implemented using near field communication, Bluetooth, Wifi, or any other type of protocol supported by both the client device and the local secure transaction device. Operation 302 may not be required in some embodiments. For example, when the client device is capable of authenticating with the relying party with a high level of assurance that the legitimate user is in possession of the client device and if the client device is capable of verifying its current location to the relying party, then the local channel may not be necessary.
  • At 303, the client device authenticates with the relying party over the network. Any available techniques for generating an assurance level that the legitimate user is in possession of the device may be used for this operation. For example, the user may perform explicit authentication by swiping a finger on a biometric fingerprint device, capturing a facial image for facial recognition, and/or entering a secret code. Alternatively, non-intrusive authentication techniques may be performed such as determining whether the user has explicitly authenticated with the client device recently (e.g., within a specified time period) and/or using sensor data such as location data, temperature/pressure data, and/or accelerometer data.
  • Regardless of how the assurance level is generated, the results of the authentication may be provided to the relying party over the network in a manner which protects the user's privacy (e.g., without providing data that specifically identifies the client device). For example, as previously mentioned, the assurance level itself and/or an indication of the success or failure of authentication may be provided to the relying party, without disclosing any confidential user information.
  • If authentication is successful, determined at 304, then at 307 the local transaction is permitted. In one embodiment, this involves the relying party transmitting a signal instructing the local secure transaction device to perform one or more operations. For example, if the local secure transaction device is an ATM, then the operations may include dispensing a user-specified amount of cash. If the local secure transaction device is a debit device (e.g., at a retail store or other location where the user is making a purchase), then the signal transmitted by the relying party may confirm payment for the transaction (and debit the user's account accordingly). It should be noted that these are merely illustrative examples. Various alternative applications may be employed while still complying with the underlying principles of the invention.
  • If the authentication at 304 is unsuccessful (e.g., because an acceptable assurance level was not reached), then at 305, the transaction is denied and/or one or more additional authentication techniques may be required. For example, the user may be required to provide additional authentication using one or more additional techniques (e.g., entering a secret code if the initial authentication was a fingerprint, etc). If the additional techniques are sufficient, determined at 306, then the transaction is permitted at 307. If not, then the transaction is again denied and/or additional authentication techniques are attempted.
    • Exemplary System Architectures
  • It should be noted that the term “relying party” is used herein to refer, not merely to the entity with which a user transaction is attempted (e.g., a Website or online service performing user transactions), but also to the secure transaction servers implemented on behalf of that entity which may performed the underlying authentication techniques described herein. The secure transaction servers may be owned and/or under the control of the relying party or may be under the control of a third party offering secure transaction services to the relying party as part of a business arrangement. These distinctions are specified in FIGS. 4A-B discussed below which show that the “relying party” may include Websites 431 and other network services 451 as well as the secure transaction servers 432-433 for performing the authentication techniques on behalf of the websites and network services.
  • In particular, FIGS. 4A-B illustrate two embodiments of a system architecture comprising client-side and server-side components for authenticating a user. The embodiment shown in FIG. 4A uses a browser plugin-based architecture for communicating with a website while the embodiment shown in FIG. 4B does not require a browser. The various techniques described herein for performing strong authentication on local devices may be implemented on either of these system architectures. For example, the authentication engine 110 and local authentication application 104 shown in FIGS. 1-2 may be implemented as part of the secure transaction service 401 including interface 402. It should be noted, however, that the embodiment illustrated in FIGS. 1-2 stands on its own and may be implemented using logical arrangements of hardware and software other than those shown in FIGS. 4A-B.
  • Turning to FIG. 4A, the illustrated embodiment includes a client 400 equipped with one or more authentication devices 410-412 for enrolling and authenticating an end user. As mentioned above, the authentication devices 410-412 may include biometric devices such as fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user) and non-biometric devices such as a trusted platform modules (TPMs) and smartcards. A user may enroll the biometric devices by providing biometric data (e.g., swiping a finger on the fingerprint device) which the secure transaction service 401 may store as biometric template data in secure storage 420 (via interface 402).
  • While the secure storage 420 is illustrated outside of the secure perimeter of the authentication device(s) 410-412, in one embodiment, each authentication device 410-412 may have its own integrated secure storage. Additionally, each authentication device 410-412 may cryptographically protect the biometric reference data records (e.g., wrapping them using a symmetric key to make the storage 420 secure).
  • The authentication devices 410-412 are communicatively coupled to the client through an interface 402 (e.g., an application programming interface or API) exposed by a secure transaction service 401. The secure transaction service 401 is a secure application for communicating with one or more secure transaction servers 432-433 over a network and for interfacing with a secure transaction plugin 405 executed within the context of a web browser 404. As illustrated, the Interface 402 may also provide secure access to a secure storage device 420 on the client 400 which stores information related to each of the authentication devices 410-412 such as a device identification code, user identification code, user enrollment data (e.g., scanned fingerprint or other biometric data), and keys used to perform the secure authentication techniques described herein. For example, as discussed in detail below, a unique key may be stored into each of the authentication devices and used when communicating to servers 430 over a network such as the Internet.
  • In addition to enrollment of devices, the secure transaction service 401 may then register the biometric devices with the secure transaction servers 432-433 over the network and subsequently authenticate with those servers using data exchanged during the registration process (e.g., encryption keys provisioned into the biometric devices). The authentication process may include any of the authentication techniques described herein (e.g., generating an assurance level on the client 400 based on explicit or non-intrusive authentication techniques and transmitting the results to the secure transaction servers 432-433).
  • As discussed below, certain types of network transactions are supported by the secure transaction plugin 405 such as HTTP or HTTPS transactions with websites 431 or other servers. In one embodiment, the secure transaction plugin is initiated in response to specific HTML tags inserted into the HTML code of a web page by the web server 431 within the secure enterprise or Web destination 430 (sometimes simply referred to below as “server 430”). In response to detecting such a tag, the secure transaction plugin 405 may forward transactions to the secure transaction service 401 for processing. In addition, for certain types of transactions (e.g., such as secure key exchange) the secure transaction service 401 may open a direct communication channel with the on-premises transaction server 432 (i.e., co-located with the website) or with an off-premises transaction server 433.
  • The secure transaction servers 432-433 are coupled to a secure transaction database 440 for storing user data, authentication device data, keys and other secure information needed to support the secure authentication transactions described below. It should be noted, however, that the underlying principles of the invention do not require the separation of logical components within the secure enterprise or web destination 430 shown in FIG. 4A. For example, the website 431 and the secure transaction servers 432-433 may be implemented within a single physical server or separate physical servers. Moreover, the website 431 and transaction servers 432-433 may be implemented within an integrated software module executed on one or more servers for performing the functions described below.
  • As mentioned above, the underlying principles of the invention are not limited to a browser-based architecture shown in FIG. 4A. FIG. 4B illustrates an alternate implementation in which a stand-alone application 454 utilizes the functionality provided by the secure transaction service 401 to authenticate a user over a network. In one embodiment, the application 454 is designed to establish communication sessions with one or more network services 451 which rely on the secure transaction servers 432-433 for performing the user/client authentication techniques described in detail below.
  • In either of the embodiments shown in FIGS. 4A-B, the secure transaction servers 432-433 may generate the keys which are then securely transmitted to the secure transaction service 401 and stored into the authentication devices within the secure storage 420. Additionally, the secure transaction servers 432-433 manage the secure transaction database 440 on the server side.
  • Embodiments of the invention may include various steps as set forth above. The steps may be embodied in machine-executable instructions which cause a general-purpose or special-purpose processor to perform certain steps. Alternatively, these steps may be performed by specific hardware components that contain hardwired logic for performing the steps, or by any combination of programmed computer components and custom hardware components.
  • Elements of the present invention may also be provided as a machine-readable medium for storing the machine-executable program code. The machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs, and magneto-optical disks, ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic program code.
  • Throughout the foregoing description, for the purposes of explanation, numerous specific details were set forth in order to provide a thorough understanding of the invention. It will be apparent, however, to one skilled in the art that the invention may be practiced without some of these specific details. For example, it will be readily apparent to those of skill in the art that the functional modules and methods described herein may be implemented as software, hardware or any combination thereof. Moreover, although some embodiments of the invention are described herein within the context of a mobile computing environment, the underlying principles of the invention are not limited to a mobile computing implementation. Virtually any type of client or peer data processing devices may be used in some embodiments including, for example, desktop or workstation computers. Accordingly, the scope and spirit of the invention should be judged in terms of the claims which follow.

Claims (26)

We claim:
1. A method comprising:
receiving a request from a client device to perform a transaction at a local transaction device; and
performing one or more authentication transactions including receiving biometric input from the user on the client device to generate an authentication result;
transmitting the authentication result to a remote secure transaction service; and
the remote secure transaction service transmitting a signal to the local transaction device to perform one or more operations if the authentication result is sufficient to complete the transaction.
2. The method as in claim 1 wherein performing one or more authentication transactions comprises determining an assurance level that a current user of the client is a legitimate user for the transaction.
3. The method as in claim 2 further comprising:
establishing a local communication channel between the client device and the local transaction device; and
utilizing the local communication channel for one of the one or more authentication transactions.
4. The method as in claim 3 wherein the local communication channel comprises a near field communication (NFC) channel, a Bluetooth communication channel and/or a Wifi communication channel.
5. The method as in claim 3 wherein the client device receives first authentication data from the remote secure transaction service and passes the authentication data to the local transaction device over the local communication channel.
6. The method as in claim 5 wherein the first authentication data comprises a code transmitted to the local transaction device over the local communication channel.
7. The method as in claim 1 wherein the local transaction device comprises a automatic teller machine (ATM) and wherein the one or more operations includes dispensing a user-specified amount of cash.
8. The method as in claim 1 wherein the assurance level is determined based, at least in part, on one or more explicit user authentication operations in which the biometric data provided by the user is compared against biometric reference data.
9. The method as in claim 8 wherein the biometric data comprises fingerprint data, facial image data, and/or voice data.
10. The method as in claim 8 wherein the assurance level is determined based, at least in part, on results of one or more non-intrusive authentication techniques in which the user is not required to enter biometric or other user data.
11. The method as in claim 9 wherein the non-intrusive authentication techniques include determining a period of time since a last explicit user authentication.
12. The method as in claim 9 wherein the non-intrusive authentication techniques include collecting and analyzing sensor data from one or more sensors on the client device.
13. The method as in claim 12 wherein at least one of the sensors comprises a location sensor indicating a current location of the client device.
14. A system comprising:
a local transaction device;
a client device performing one or more authentication transactions including receiving biometric input from the user to generate an authentication result;
a secure transaction service communicatively coupled to the local transaction device over a network, the secure transaction service receiving the authentication result from the client device; and
the remote secure transaction service transmitting a signal to the local transaction device to perform one or more operations if the authentication result is sufficient to complete a transaction.
15. The system as in claim 14 wherein performing one or more authentication transactions comprises determining an assurance level that a current user of the client is a legitimate user for the transaction.
16. The system as in claim 15 further comprising:
a first communication interface on the local transaction device;
a second communication interface on the client device;
wherein the client device and the local transaction device establish a local communication channel through the network interfaces and utilize the local communication channel for one of the one or more authentication transactions.
17. The system as in claim 16 wherein the local communication channel comprises a near field communication (NFC) channel, a Bluetooth communication channel and/or a Wifi communication channel.
18. The system as in claim 16 wherein the client device receives first authentication data from the remote secure transaction service and passes the authentication data to the local transaction device over the local communication channel.
19. The system as in claim 18 wherein the first authentication data comprises a code transmitted to the local transaction device over the local communication channel.
20. The system as in claim 14 wherein the local transaction device comprises a automatic teller machine (ATM) and wherein the one or more operations includes dispensing a user-specified amount of cash.
21. The system as in claim 14 wherein the assurance level is determined based, at least in part, on one or more explicit user authentication operations in which the biometric data provided by the user is compared against biometric reference data.
22. The system as in claim 21 wherein the biometric data comprises fingerprint data, facial image data, and/or voice data.
23. The system as in claim 21 wherein the assurance level is determined based, at least in part, on results of one or more non-intrusive authentication techniques in which the user is not required to enter biometric or other user data.
24. The system as in claim 22 wherein the non-intrusive authentication techniques include determining a period of time since a last explicit user authentication.
25. The system as in claim 22 further comprising one or more sensors on the client device, wherein the non-intrusive authentication techniques include collecting and analyzing sensor data collected from the one or more sensors.
26. The system as in claim 25 wherein at least one of the sensors comprises a location sensor indicating a current location of the client device.
US14/218,611 2013-03-22 2014-03-18 System and method for performing authentication for a local transaction Abandoned US20140289116A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/218,611 US20140289116A1 (en) 2013-03-22 2014-03-18 System and method for performing authentication for a local transaction

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361804568P 2013-03-22 2013-03-22
US14/218,611 US20140289116A1 (en) 2013-03-22 2014-03-18 System and method for performing authentication for a local transaction

Publications (1)

Publication Number Publication Date
US20140289116A1 true US20140289116A1 (en) 2014-09-25

Family

ID=51569865

Family Applications (12)

Application Number Title Priority Date Filing Date
US14/145,533 Active US9305298B2 (en) 2013-03-22 2013-12-31 System and method for location-based authentication
US14/145,466 Active 2036-01-03 US10706132B2 (en) 2013-03-22 2013-12-31 System and method for adaptive user authentication
US14/145,607 Active US9367676B2 (en) 2013-03-22 2013-12-31 System and method for confirming location using supplemental sensor and/or location data
US14/145,439 Active US9396320B2 (en) 2013-03-22 2013-12-31 System and method for non-intrusive, privacy-preserving authentication
US14/218,692 Active 2034-07-07 US10268811B2 (en) 2013-03-22 2014-03-18 System and method for delegating trust to a new authenticator
US14/218,743 Active 2035-03-30 US10176310B2 (en) 2013-03-22 2014-03-18 System and method for privacy-enhanced data synchronization
US14/218,551 Active US9898596B2 (en) 2013-03-22 2014-03-18 System and method for eye tracking during authentication
US14/218,646 Active 2034-11-05 US10776464B2 (en) 2013-03-22 2014-03-18 System and method for adaptive application of authentication policies
US14/218,575 Active US10366218B2 (en) 2013-03-22 2014-03-18 System and method for collecting and utilizing client data for risk assessment during authentication
US14/218,611 Abandoned US20140289116A1 (en) 2013-03-22 2014-03-18 System and method for performing authentication for a local transaction
US14/218,677 Active 2035-10-12 US10762181B2 (en) 2013-03-22 2014-03-18 System and method for user confirmation of online transactions
US15/900,620 Active US10282533B2 (en) 2013-03-22 2018-02-20 System and method for eye tracking during authentication

Family Applications Before (9)

Application Number Title Priority Date Filing Date
US14/145,533 Active US9305298B2 (en) 2013-03-22 2013-12-31 System and method for location-based authentication
US14/145,466 Active 2036-01-03 US10706132B2 (en) 2013-03-22 2013-12-31 System and method for adaptive user authentication
US14/145,607 Active US9367676B2 (en) 2013-03-22 2013-12-31 System and method for confirming location using supplemental sensor and/or location data
US14/145,439 Active US9396320B2 (en) 2013-03-22 2013-12-31 System and method for non-intrusive, privacy-preserving authentication
US14/218,692 Active 2034-07-07 US10268811B2 (en) 2013-03-22 2014-03-18 System and method for delegating trust to a new authenticator
US14/218,743 Active 2035-03-30 US10176310B2 (en) 2013-03-22 2014-03-18 System and method for privacy-enhanced data synchronization
US14/218,551 Active US9898596B2 (en) 2013-03-22 2014-03-18 System and method for eye tracking during authentication
US14/218,646 Active 2034-11-05 US10776464B2 (en) 2013-03-22 2014-03-18 System and method for adaptive application of authentication policies
US14/218,575 Active US10366218B2 (en) 2013-03-22 2014-03-18 System and method for collecting and utilizing client data for risk assessment during authentication

Family Applications After (2)

Application Number Title Priority Date Filing Date
US14/218,677 Active 2035-10-12 US10762181B2 (en) 2013-03-22 2014-03-18 System and method for user confirmation of online transactions
US15/900,620 Active US10282533B2 (en) 2013-03-22 2018-02-20 System and method for eye tracking during authentication

Country Status (1)

Country Link
US (12) US9305298B2 (en)

Cited By (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150227735A1 (en) * 2014-02-13 2015-08-13 Robert Chappell System and method for eye tracking authentication
GB2531839A (en) * 2014-10-30 2016-05-04 Intuit Inc Verifying a user's identity based on adaptive identity assurance levels
WO2016108017A1 (en) 2014-12-30 2016-07-07 Oberthur Technologies Payment request verification method including determination of the location where a payment token was issued
WO2016126384A1 (en) * 2015-02-06 2016-08-11 Qualcomm Incorporated Apparatuses and methods for secure display on secondary display device
US20160270724A1 (en) * 2014-07-23 2016-09-22 Invoy Technologies, Llc Ketone measurement system capable of detecting and notifying a user of proper insertion of detachable components
US9491170B2 (en) 2015-01-15 2016-11-08 Bank Of America Corporation Authenticating customers and managing authenticated sessions
US9525694B2 (en) * 2015-01-15 2016-12-20 Bank Of America Corporation Authenticating customers and managing authenticated sessions
EP3107052A1 (en) * 2015-06-15 2016-12-21 Tata Consultancy Services Limited Method and system for performing secure banking transactions
WO2017031504A1 (en) * 2015-08-20 2017-02-23 Cloudwear, Inc. Method and apparatus for geographic location based electronic security management
CN107016270A (en) * 2015-12-01 2017-08-04 由田新技股份有限公司 Dynamic graphic eye movement authentication system and method combining face authentication or hand authentication
EP3241159A1 (en) * 2014-12-31 2017-11-08 Vasco Data Security International GmbH A method and apparatus for securing an application using a measurement of a location dependent physical property of the environment
WO2017204960A1 (en) * 2016-05-27 2017-11-30 Mastercard International Incorporated Systems and methods for authenticating a requestor at an atm
EP3276556A1 (en) * 2016-07-28 2018-01-31 Samsung Electronics Co., Ltd. Method and electronic device for payment using biometric authentication
CN108604338A (en) * 2016-02-01 2018-09-28 苹果公司 Verify the online access to safety device function
EP3298723A4 (en) * 2015-05-21 2019-01-09 Ent. Services Development Corporation LP Contract token including sensor data
US10237070B2 (en) 2016-12-31 2019-03-19 Nok Nok Labs, Inc. System and method for sharing keys across authenticators
US10282533B2 (en) 2013-03-22 2019-05-07 Nok Nok Labs, Inc. System and method for eye tracking during authentication
EP3489878A1 (en) * 2017-11-21 2019-05-29 Capital One Services, LLC Transaction confirmation and authentication based on device sensor data
US10326761B2 (en) 2014-05-02 2019-06-18 Nok Nok Labs, Inc. Web-based user authentication techniques and applications
US10360733B2 (en) 2017-06-20 2019-07-23 Bank Of America Corporation System controlled augmented resource facility
EP3561753A1 (en) * 2018-04-25 2019-10-30 CCV Deutschland GmbH Data transmission and processing method and assembly for same
EP3588366A1 (en) * 2018-06-28 2020-01-01 Beijing Kuangshi Technology Co., Ltd. Living body detection method, apparatus, system and non-transitory computer-readable recording medium
US20200015080A1 (en) * 2018-07-03 2020-01-09 Sony Mobile Communications Inc. Methods for securely validating localization of a wireless communication device, and related devices
US10574662B2 (en) 2017-06-20 2020-02-25 Bank Of America Corporation System for authentication of a user based on multi-factor passively acquired data
US10637853B2 (en) 2016-08-05 2020-04-28 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
EP3458995A4 (en) * 2016-06-29 2020-04-29 Mastercard Asia/Pacific Pte. Ltd. Method for effecting an authentication procedure associated with a service provider or an application
US20200167539A1 (en) * 2018-11-28 2020-05-28 Nxp B.V. Location- and identity-referenced authentication method and communication system
US10769635B2 (en) 2016-08-05 2020-09-08 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
US10798087B2 (en) 2013-10-29 2020-10-06 Nok Nok Labs, Inc. Apparatus and method for implementing composite authenticators
US11080375B2 (en) 2018-08-01 2021-08-03 Intuit Inc. Policy based adaptive identity proofing
US11132425B1 (en) 2016-07-07 2021-09-28 Wells Fargo Bank, N.A. Systems and methods for location-binding authentication
US11170358B2 (en) * 2016-04-29 2021-11-09 International Business Machines Corporation System, method, and recording medium for identity fraud prevention in secure transactions using multi-factor verification
WO2023026002A1 (en) * 2021-08-25 2023-03-02 Worldline Method for strong asynchronous authentication and terminal configured to implement said method
US11749045B2 (en) 2021-03-01 2023-09-05 Honeywell International Inc. Building access using a mobile device
US11792024B2 (en) 2019-03-29 2023-10-17 Nok Nok Labs, Inc. System and method for efficient challenge-response authentication
US11831409B2 (en) 2018-01-12 2023-11-28 Nok Nok Labs, Inc. System and method for binding verifiable claims
US11868995B2 (en) 2017-11-27 2024-01-09 Nok Nok Labs, Inc. Extending a secure key storage for transaction confirmation and cryptocurrency
US11887424B2 (en) 2019-06-12 2024-01-30 Honeywell International Inc. Access control system using mobile device
US11929997B2 (en) 2013-03-22 2024-03-12 Nok Nok Labs, Inc. Advanced authentication techniques and applications
US11935055B2 (en) 2021-03-22 2024-03-19 Bank Of America Corporation Wired multi-factor authentication for ATMs using an authentication media

Families Citing this family (392)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9148409B2 (en) 2005-06-30 2015-09-29 The Chamberlain Group, Inc. Method and apparatus to facilitate message transmission and reception using different transmission characteristics
US8422667B2 (en) 2005-01-27 2013-04-16 The Chamberlain Group, Inc. Method and apparatus to facilitate transmission of an encrypted rolling code
USRE48433E1 (en) 2005-01-27 2021-02-09 The Chamberlain Group, Inc. Method and apparatus to facilitate transmission of an encrypted rolling code
US20080201158A1 (en) 2007-02-15 2008-08-21 Johnson Mark D System and method for visitation management in a controlled-access environment
US9456054B2 (en) 2008-05-16 2016-09-27 Palo Alto Research Center Incorporated Controlling the spread of interests and content in a content centric network
US8923293B2 (en) 2009-10-21 2014-12-30 Palo Alto Research Center Incorporated Adaptive multi-interface use for content networking
US9773288B2 (en) * 2009-11-17 2017-09-26 Endera Systems, Llc Radial data visualization system
US20140095169A1 (en) * 2010-12-20 2014-04-03 Auraya Pty Ltd Voice authentication system and methods
WO2013046088A1 (en) * 2011-09-27 2013-04-04 Koninklijke Philips Electronics N.V. Management of group secrets by group members
US20150073987A1 (en) 2012-04-17 2015-03-12 Zighra Inc. Fraud detection system, method, and device
US9445387B2 (en) * 2012-06-01 2016-09-13 Korea Advanced Institute Of Science And Technology Method and apparatus for building Wi-Fi radio map
US9247432B2 (en) * 2012-10-19 2016-01-26 Airwatch Llc Systems and methods for controlling network access
US9280546B2 (en) 2012-10-31 2016-03-08 Palo Alto Research Center Incorporated System and method for accessing digital content using a location-independent name
US9400800B2 (en) 2012-11-19 2016-07-26 Palo Alto Research Center Incorporated Data transport by named content synchronization
US10430839B2 (en) 2012-12-12 2019-10-01 Cisco Technology, Inc. Distributed advertisement insertion in content-centric networks
US9978025B2 (en) 2013-03-20 2018-05-22 Cisco Technology, Inc. Ordered-element naming for name-based packet forwarding
US9515836B2 (en) * 2013-03-28 2016-12-06 Xerox Corporation System and method for location assurance using passive computational tags
JP2014197759A (en) * 2013-03-29 2014-10-16 富士通株式会社 Presence management method, information processing device, and program
US10693874B2 (en) 2013-04-19 2020-06-23 Pearson Education, Inc. Authentication integrity protection
US10235511B2 (en) 2013-04-19 2019-03-19 Pearson Education, Inc. Authentication integrity protection
US9760785B2 (en) * 2013-05-08 2017-09-12 Jpmorgan Chase Bank, N.A. Systems and methods for high fidelity multi-modal out-of-band biometric authentication
US9935791B2 (en) 2013-05-20 2018-04-03 Cisco Technology, Inc. Method and system for name resolution across heterogeneous architectures
US9185120B2 (en) 2013-05-23 2015-11-10 Palo Alto Research Center Incorporated Method and system for mitigating interest flooding attacks in content-centric networks
US9961077B2 (en) 2013-05-30 2018-05-01 Nok Nok Labs, Inc. System and method for biometric authentication with device attestation
TR201810890T4 (en) * 2013-06-20 2018-08-27 Censornet As A method and system that protects against identity theft or copy abuse.
US9444722B2 (en) 2013-08-01 2016-09-13 Palo Alto Research Center Incorporated Method and apparatus for configuring routing paths in a custodian-based routing architecture
US9384359B2 (en) * 2013-08-01 2016-07-05 Palo Alto Research Center Incorporated Information firewall
US9350717B1 (en) 2013-09-23 2016-05-24 Amazon Technologies, Inc. Location service for user authentication
US8970659B1 (en) 2013-10-11 2015-03-03 Edifire LLC Methods and systems for secure media-based conferencing
US9118654B2 (en) 2013-10-11 2015-08-25 Edifire LLC Methods and systems for compliance monitoring in secure media-based conferencing
US9118809B2 (en) * 2013-10-11 2015-08-25 Edifire LLC Methods and systems for multi-factor authentication in secure media-based conferencing
US9860235B2 (en) * 2013-10-17 2018-01-02 Arm Ip Limited Method of establishing a trusted identity for an agent device
US10069811B2 (en) 2013-10-17 2018-09-04 Arm Ip Limited Registry apparatus, agent device, application providing apparatus and corresponding methods
US9307405B2 (en) 2013-10-17 2016-04-05 Arm Ip Limited Method for assigning an agent device from a first device registry to a second device registry
US9407549B2 (en) 2013-10-29 2016-08-02 Palo Alto Research Center Incorporated System and method for hash-based forwarding of packets with hierarchically structured variable-length identifiers
US9276840B2 (en) 2013-10-30 2016-03-01 Palo Alto Research Center Incorporated Interest messages with a payload for a named data network
US9282050B2 (en) 2013-10-30 2016-03-08 Palo Alto Research Center Incorporated System and method for minimum path MTU discovery in content centric networks
US9401864B2 (en) 2013-10-31 2016-07-26 Palo Alto Research Center Incorporated Express header for packets with hierarchically structured variable-length identifiers
US9311377B2 (en) 2013-11-13 2016-04-12 Palo Alto Research Center Incorporated Method and apparatus for performing server handoff in a name-based content distribution system
US10129365B2 (en) 2013-11-13 2018-11-13 Cisco Technology, Inc. Method and apparatus for pre-fetching remote content based on static and dynamic recommendations
US10101801B2 (en) 2013-11-13 2018-10-16 Cisco Technology, Inc. Method and apparatus for prefetching content in a data stream
US10089655B2 (en) 2013-11-27 2018-10-02 Cisco Technology, Inc. Method and apparatus for scalable data broadcasting
US9503358B2 (en) 2013-12-05 2016-11-22 Palo Alto Research Center Incorporated Distance-based routing in an information-centric network
US10671993B2 (en) * 2013-12-11 2020-06-02 Visa International Service Association Location-based mobile access device configuration system and method
US9379979B2 (en) 2014-01-14 2016-06-28 Palo Alto Research Center Incorporated Method and apparatus for establishing a virtual interface for a set of mutual-listener devices
US10098051B2 (en) 2014-01-22 2018-10-09 Cisco Technology, Inc. Gateways and routing in software-defined manets
US10172068B2 (en) 2014-01-22 2019-01-01 Cisco Technology, Inc. Service-oriented routing in software-defined MANETs
US9374304B2 (en) 2014-01-24 2016-06-21 Palo Alto Research Center Incorporated End-to end route tracing over a named-data network
US9531679B2 (en) 2014-02-06 2016-12-27 Palo Alto Research Center Incorporated Content-based transport security for distributed producers
US9954678B2 (en) 2014-02-06 2018-04-24 Cisco Technology, Inc. Content-based transport security
US9286450B2 (en) 2014-02-07 2016-03-15 Bank Of America Corporation Self-selected user access based on specific authentication types
US9317674B2 (en) 2014-02-07 2016-04-19 Bank Of America Corporation User authentication based on fob/indicia scan
US20150227926A1 (en) * 2014-02-07 2015-08-13 Bank Of America Corporation Determining user authentication requirements based on the current location of the user in comparison to a user's travel route
US9390242B2 (en) 2014-02-07 2016-07-12 Bank Of America Corporation Determining user authentication requirements based on the current location of the user being within a predetermined area requiring altered authentication requirements
US20150227924A1 (en) * 2014-02-07 2015-08-13 Bank Of America Corporation Determining authentication requirements along a continuum based on a current state of the user and/or the service requiring authentication
US9647999B2 (en) 2014-02-07 2017-05-09 Bank Of America Corporation Authentication level of function bucket based on circumstances
US9317673B2 (en) 2014-02-07 2016-04-19 Bank Of America Corporation Providing authentication using previously-validated authentication credentials
US9213974B2 (en) 2014-02-07 2015-12-15 Bank Of America Corporation Remote revocation of application access based on non-co-location of a transaction vehicle and a mobile device
US9208301B2 (en) 2014-02-07 2015-12-08 Bank Of America Corporation Determining user authentication requirements based on the current location of the user in comparison to the users's normal boundary of location
US9313190B2 (en) 2014-02-07 2016-04-12 Bank Of America Corporation Shutting down access to all user accounts
US9331994B2 (en) 2014-02-07 2016-05-03 Bank Of America Corporation User authentication based on historical transaction data
US9223951B2 (en) 2014-02-07 2015-12-29 Bank Of America Corporation User authentication based on other applications
US9965606B2 (en) 2014-02-07 2018-05-08 Bank Of America Corporation Determining user authentication based on user/device interaction
US9305149B2 (en) 2014-02-07 2016-04-05 Bank Of America Corporation Sorting mobile banking functions into authentication buckets
US9678998B2 (en) 2014-02-28 2017-06-13 Cisco Technology, Inc. Content name resolution for information centric networking
US10089651B2 (en) 2014-03-03 2018-10-02 Cisco Technology, Inc. Method and apparatus for streaming advertisements in a scalable data broadcasting system
US11288346B1 (en) * 2014-03-03 2022-03-29 Charles Schwab & Co., Inc. System and method for authenticating users using weak authentication techniques, with differences for different features
US9836540B2 (en) 2014-03-04 2017-12-05 Cisco Technology, Inc. System and method for direct storage access in a content-centric network
US9928532B2 (en) * 2014-03-04 2018-03-27 Daniel Torres Image based search engine
US9686077B2 (en) * 2014-03-06 2017-06-20 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
US9473405B2 (en) 2014-03-10 2016-10-18 Palo Alto Research Center Incorporated Concurrent hashes and sub-hashes on data streams
US9626413B2 (en) 2014-03-10 2017-04-18 Cisco Systems, Inc. System and method for ranking content popularity in a content-centric network
US9391896B2 (en) 2014-03-10 2016-07-12 Palo Alto Research Center Incorporated System and method for packet forwarding using a conjunctive normal form strategy in a content-centric network
US10248770B2 (en) * 2014-03-17 2019-04-02 Sensory, Incorporated Unobtrusive verification of user identity
US9407432B2 (en) 2014-03-19 2016-08-02 Palo Alto Research Center Incorporated System and method for efficient and secure distribution of digital content
US9916601B2 (en) 2014-03-21 2018-03-13 Cisco Technology, Inc. Marketplace for presenting advertisements in a scalable data broadcasting system
US9363179B2 (en) 2014-03-26 2016-06-07 Palo Alto Research Center Incorporated Multi-publisher routing protocol for named data networks
US20150281003A1 (en) * 2014-03-31 2015-10-01 Sonicwall, Inc. Mobile application control
US9363086B2 (en) 2014-03-31 2016-06-07 Palo Alto Research Center Incorporated Aggregate signing of data in content centric networking
US9716622B2 (en) 2014-04-01 2017-07-25 Cisco Technology, Inc. System and method for dynamic name configuration in content-centric networks
US9473576B2 (en) 2014-04-07 2016-10-18 Palo Alto Research Center Incorporated Service discovery using collection synchronization with exact names
US10075521B2 (en) 2014-04-07 2018-09-11 Cisco Technology, Inc. Collection synchronization using equality matched network names
US9390289B2 (en) 2014-04-07 2016-07-12 Palo Alto Research Center Incorporated Secure collection synchronization using matched network names
US9451032B2 (en) 2014-04-10 2016-09-20 Palo Alto Research Center Incorporated System and method for simple service discovery in content-centric networks
US10121142B2 (en) * 2014-04-11 2018-11-06 Bank Of America Corporation User authentication by token and comparison to visitation pattern
US20150302422A1 (en) * 2014-04-16 2015-10-22 2020 Ip Llc Systems and methods for multi-user behavioral research
US9203885B2 (en) 2014-04-28 2015-12-01 Palo Alto Research Center Incorporated Method and apparatus for exchanging bidirectional streams over a content centric network
US10708778B2 (en) 2014-04-29 2020-07-07 Taliware, Inc. Method and system for authenticating an individual's geo-location via a communication network and applications using the same
US9801058B2 (en) * 2014-04-29 2017-10-24 Tarik Tali Method and system for authenticating an individual's geo-location via a communication network and applications using the same
US11039314B2 (en) 2014-04-29 2021-06-15 Taliware, Inc. Method for passive authentication of an individual using an individual's geo-location via a communication network and blockchain associated recording of individual's authentication data
US9992281B2 (en) 2014-05-01 2018-06-05 Cisco Technology, Inc. Accountable content stores for information centric networks
US9577999B1 (en) 2014-05-02 2017-02-21 Nok Nok Labs, Inc. Enhanced security for registration of authentication devices
US11100499B1 (en) * 2014-05-07 2021-08-24 Google Llc Location modeling using transaction data for validation
US20150324568A1 (en) 2014-05-09 2015-11-12 Eyefluence, Inc. Systems and methods for using eye signals with secure mobile communications
US10564714B2 (en) 2014-05-09 2020-02-18 Google Llc Systems and methods for biomechanically-based eye signals for interacting with real and virtual objects
US9710629B2 (en) * 2014-05-13 2017-07-18 Google Technology Holdings LLC Electronic device with method for controlling access to same
US9727859B1 (en) * 2014-05-20 2017-08-08 Carolina Coupon Clearing, Inc. Methods, systems, and computer program products for using shopper credentials to initiate payment for a purchase by matching the credentials with an open approval from a financial institution
US9609014B2 (en) 2014-05-22 2017-03-28 Cisco Systems, Inc. Method and apparatus for preventing insertion of malicious content at a named data network router
US9455835B2 (en) 2014-05-23 2016-09-27 Palo Alto Research Center Incorporated System and method for circular link resolution with hash-based names in content-centric networks
US9276751B2 (en) 2014-05-28 2016-03-01 Palo Alto Research Center Incorporated System and method for circular link resolution with computable hash-based names in content-centric networks
US9633184B2 (en) 2014-05-30 2017-04-25 Google Inc. Dynamic authorization
US10225248B2 (en) 2014-06-11 2019-03-05 Optimum Id Llc Methods and systems for providing online verification and security
US9516144B2 (en) 2014-06-19 2016-12-06 Palo Alto Research Center Incorporated Cut-through forwarding of CCNx message fragments with IP encapsulation
US9467377B2 (en) 2014-06-19 2016-10-11 Palo Alto Research Center Incorporated Associating consumer states with interests in a content-centric network
US9537719B2 (en) 2014-06-19 2017-01-03 Palo Alto Research Center Incorporated Method and apparatus for deploying a minimal-cost CCN topology
US9805201B2 (en) * 2014-06-23 2017-10-31 Google Inc. Trust agents
US10148692B2 (en) * 2014-06-23 2018-12-04 Google Llc Aggregation of asynchronous trust outcomes in a mobile device
US20150373051A1 (en) * 2014-06-24 2015-12-24 Google Inc. Dynamic authentication using distributed mobile sensors
US9813410B2 (en) * 2014-06-26 2017-11-07 Rakuten, Inc. Information processing apparatus, information processing method, and information processing program
US10546122B2 (en) 2014-06-27 2020-01-28 Endera Systems, Llc Radial data visualization system
US9426113B2 (en) 2014-06-30 2016-08-23 Palo Alto Research Center Incorporated System and method for managing devices over a content centric network
US9699198B2 (en) 2014-07-07 2017-07-04 Cisco Technology, Inc. System and method for parallel secure content bootstrapping in content-centric networks
US9621354B2 (en) 2014-07-17 2017-04-11 Cisco Systems, Inc. Reconstructable content objects
US9959156B2 (en) 2014-07-17 2018-05-01 Cisco Technology, Inc. Interest return control message
US9729616B2 (en) 2014-07-18 2017-08-08 Cisco Technology, Inc. Reputation-based strategy for forwarding and responding to interests over a content centric network
US9590887B2 (en) 2014-07-18 2017-03-07 Cisco Systems, Inc. Method and system for keeping interest alive in a content centric network
US9535968B2 (en) 2014-07-21 2017-01-03 Palo Alto Research Center Incorporated System for distributing nameless objects using self-certifying names
US10148630B2 (en) 2014-07-31 2018-12-04 Nok Nok Labs, Inc. System and method for implementing a hosted authentication service
US9875347B2 (en) 2014-07-31 2018-01-23 Nok Nok Labs, Inc. System and method for performing authentication using data analytics
US9749131B2 (en) 2014-07-31 2017-08-29 Nok Nok Labs, Inc. System and method for implementing a one-time-password using asymmetric cryptography
US9882964B2 (en) 2014-08-08 2018-01-30 Cisco Technology, Inc. Explicit strategy feedback in name-based forwarding
US9503365B2 (en) 2014-08-11 2016-11-22 Palo Alto Research Center Incorporated Reputation-based instruction processing over an information centric network
US9729662B2 (en) 2014-08-11 2017-08-08 Cisco Technology, Inc. Probabilistic lazy-forwarding technique without validation in a content centric network
US9444825B2 (en) * 2014-08-11 2016-09-13 Empire Technology Development Llc Continuous user authentication
US10032011B2 (en) * 2014-08-12 2018-07-24 At&T Intellectual Property I, L.P. Method and device for managing authentication using an identity avatar
US9391777B2 (en) 2014-08-15 2016-07-12 Palo Alto Research Center Incorporated System and method for performing key resolution over a content centric network
US9467492B2 (en) 2014-08-19 2016-10-11 Palo Alto Research Center Incorporated System and method for reconstructable all-in-one content stream
US9800637B2 (en) 2014-08-19 2017-10-24 Cisco Technology, Inc. System and method for all-in-one content stream in content-centric networks
US10187799B2 (en) 2014-08-19 2019-01-22 Zighra Inc. System and method for implicit authentication
US10362136B2 (en) 2014-08-20 2019-07-23 Visa International Service Association Device profile data usage for state management in mobile device authentication
GB2529632A (en) * 2014-08-26 2016-03-02 Ibm Authentication management
US9497282B2 (en) 2014-08-27 2016-11-15 Palo Alto Research Center Incorporated Network coding for content-centric network
US10698995B2 (en) * 2014-08-28 2020-06-30 Facetec, Inc. Method to verify identity using a previously collected biometric image/data
GB2529838B (en) 2014-09-03 2021-06-30 Advanced Risc Mach Ltd Bootstrap Mechanism For Endpoint Devices
US10204013B2 (en) 2014-09-03 2019-02-12 Cisco Technology, Inc. System and method for maintaining a distributed and fault-tolerant state over an information centric network
GB2530028B8 (en) 2014-09-08 2021-08-04 Advanced Risc Mach Ltd Registry apparatus, agent device, application providing apparatus and corresponding methods
EP3192252A4 (en) * 2014-09-08 2018-05-02 Edifire LLC Methods and systems for multi-factor authentication in secure media-based conferencing
US9553812B2 (en) 2014-09-09 2017-01-24 Palo Alto Research Center Incorporated Interest keep alives at intermediate routers in a CCN
US9736154B2 (en) 2014-09-16 2017-08-15 Nok Nok Labs, Inc. System and method for integrating an authentication service within a network architecture
US9716716B2 (en) * 2014-09-17 2017-07-25 Microsoft Technology Licensing, Llc Establishing trust between two devices
US9167098B1 (en) 2014-09-29 2015-10-20 Edifire LLC Dynamic conference session re-routing in secure media-based conferencing
US9131112B1 (en) 2014-09-29 2015-09-08 Edifire LLC Dynamic signaling and resource allocation in secure media-based conferencing
US10091174B2 (en) 2014-09-29 2018-10-02 Dropbox, Inc. Identifying related user accounts based on authentication data
US9137187B1 (en) 2014-09-29 2015-09-15 Edifire LLC Dynamic conference session state management in secure media-based conferencing
US9282130B1 (en) 2014-09-29 2016-03-08 Edifire LLC Dynamic media negotiation in secure media-based conferencing
US9430696B2 (en) * 2014-10-09 2016-08-30 Sensory, Incorporated Continuous enrollment for face verification
US10229272B2 (en) 2014-10-13 2019-03-12 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
US10069933B2 (en) 2014-10-23 2018-09-04 Cisco Technology, Inc. System and method for creating virtual interfaces based on network characteristics
US9692752B2 (en) * 2014-11-17 2017-06-27 Bank Of America Corporation Ensuring information security using one-time tokens
US9952744B2 (en) 2014-11-19 2018-04-24 Imprivata, Inc. Crowdsourced determination of movable device location
US9875468B2 (en) * 2014-11-26 2018-01-23 Buy It Mobility Networks Inc. Intelligent authentication process
US20160162900A1 (en) * 2014-12-09 2016-06-09 Zighra Inc. Fraud detection system, method, and device
US9536059B2 (en) 2014-12-15 2017-01-03 Palo Alto Research Center Incorporated Method and system for verifying renamed content using manifests in a content centric network
US9590948B2 (en) 2014-12-15 2017-03-07 Cisco Systems, Inc. CCN routing using hardware-assisted hash tables
US10237189B2 (en) 2014-12-16 2019-03-19 Cisco Technology, Inc. System and method for distance-based interest forwarding
US9846881B2 (en) 2014-12-19 2017-12-19 Palo Alto Research Center Incorporated Frugal user engagement help systems
US10003520B2 (en) 2014-12-22 2018-06-19 Cisco Technology, Inc. System and method for efficient name-based content routing using link-state information in information-centric networks
US9473475B2 (en) 2014-12-22 2016-10-18 Palo Alto Research Center Incorporated Low-cost authenticated signing delegation in content centric networking
US9600670B2 (en) * 2014-12-23 2017-03-21 Intel Corporation Provisioning location-based security policy
US9660825B2 (en) 2014-12-24 2017-05-23 Cisco Technology, Inc. System and method for multi-source multicasting in content-centric networks
US9946743B2 (en) 2015-01-12 2018-04-17 Cisco Technology, Inc. Order encoded manifests in a content centric network
US9832291B2 (en) 2015-01-12 2017-11-28 Cisco Technology, Inc. Auto-configurable transport stack
US9602596B2 (en) 2015-01-12 2017-03-21 Cisco Systems, Inc. Peer-to-peer sharing in a content centric network
US9916457B2 (en) 2015-01-12 2018-03-13 Cisco Technology, Inc. Decoupled name security binding for CCN objects
US9954795B2 (en) 2015-01-12 2018-04-24 Cisco Technology, Inc. Resource allocation using CCN manifests
US9462006B2 (en) 2015-01-21 2016-10-04 Palo Alto Research Center Incorporated Network-layer application-specific trust model
US10509898B2 (en) * 2015-01-21 2019-12-17 Jim Barney et al. Enhanced security authentication methods, systems and media
KR102277212B1 (en) * 2015-01-23 2021-07-15 삼성전자주식회사 Apparatus and method for iris recognition using display information
US9552493B2 (en) 2015-02-03 2017-01-24 Palo Alto Research Center Incorporated Access control framework for information centric networking
US10333840B2 (en) 2015-02-06 2019-06-25 Cisco Technology, Inc. System and method for on-demand content exchange with adaptive naming in information-centric networks
US9407754B1 (en) 2015-02-13 2016-08-02 Qualcomm Incorporated Multi-granular authentication techniques
CN108604983B (en) * 2015-02-14 2021-06-15 瓦利梅尔公司 Media and methods for secure delegated distribution of private keys through domain name services
WO2016133540A1 (en) 2015-02-20 2016-08-25 Hewlett-Packard Development Company, L.P. Eye gaze authentication
US10075401B2 (en) 2015-03-18 2018-09-11 Cisco Technology, Inc. Pending interest table behavior
US10621431B2 (en) * 2015-03-27 2020-04-14 Lenovo (Singapore) Pte. Ltd. Camera that uses light from plural light sources disposed on a device
US9613198B2 (en) * 2015-03-30 2017-04-04 Honeywell International Inc. Apparatus and method for intelligent video surveillance of industrial console operations
US10431106B1 (en) 2015-04-13 2019-10-01 Aptima, Inc. Systems and methods to measure performance
US10397220B2 (en) 2015-04-30 2019-08-27 Google Llc Facial profile password to modify user account data for hands-free transactions
US10733587B2 (en) 2015-04-30 2020-08-04 Google Llc Identifying consumers via facial recognition to provide services
US9619803B2 (en) 2015-04-30 2017-04-11 Google Inc. Identifying consumers in a transaction via facial recognition
CN106200891B (en) 2015-05-08 2019-09-06 阿里巴巴集团控股有限公司 Show the method, apparatus and system of user interface
US9613199B2 (en) 2015-05-27 2017-04-04 Daon Holdings Limited Methods and systems for ensuring that an individual is authorized to conduct an activity
US10116605B2 (en) 2015-06-22 2018-10-30 Cisco Technology, Inc. Transport stack name scheme and identity management
US10075402B2 (en) 2015-06-24 2018-09-11 Cisco Technology, Inc. Flexible command and control in content centric networks
US9749864B2 (en) * 2015-06-25 2017-08-29 International Business Machines Corporation Controlling mobile device access with a paired device
US10021123B2 (en) * 2015-06-29 2018-07-10 Qualcomm Incorporated Customized network traffic models to detect application anomalies
US10757104B1 (en) 2015-06-29 2020-08-25 Veritas Technologies Llc System and method for authentication in a computing system
KR102133534B1 (en) * 2015-07-01 2020-07-13 삼성전자주식회사 Method and Apparatus for User Authentication
US10509476B2 (en) * 2015-07-02 2019-12-17 Verizon Patent And Licensing Inc. Enhanced device authentication using magnetic declination
US20170004507A1 (en) * 2015-07-02 2017-01-05 Google Inc. Identifying consumers in a transaction via facial recognition
US10701038B2 (en) 2015-07-27 2020-06-30 Cisco Technology, Inc. Content negotiation in a content centric network
GB2540987B (en) 2015-08-03 2020-05-13 Advanced Risc Mach Ltd Bootstrapping without transferring private key
GB2540989B (en) 2015-08-03 2018-05-30 Advanced Risc Mach Ltd Server initiated remote device registration
US9986034B2 (en) 2015-08-03 2018-05-29 Cisco Technology, Inc. Transferring state in content centric network stacks
US10008099B2 (en) 2015-08-17 2018-06-26 Optimum Id, Llc Methods and systems for providing online monitoring of released criminals by law enforcement
US10610144B2 (en) 2015-08-19 2020-04-07 Palo Alto Research Center Incorporated Interactive remote patient monitoring and condition management intervention system
JP5951094B1 (en) * 2015-09-07 2016-07-13 ヤフー株式会社 Generation device, terminal device, generation method, generation program, and authentication processing system
US10135801B2 (en) * 2015-09-09 2018-11-20 Oath Inc. On-line account recovery
US9832123B2 (en) 2015-09-11 2017-11-28 Cisco Technology, Inc. Network named fragments in a content centric network
JP6122924B2 (en) 2015-09-11 2017-04-26 ヤフー株式会社 Providing device, terminal device, providing method, providing program, and authentication processing system
GB201516617D0 (en) * 2015-09-18 2015-11-04 Mastercard International Inc Verification for payment transations
US10355999B2 (en) 2015-09-23 2019-07-16 Cisco Technology, Inc. Flow control with network named fragments
US10313227B2 (en) 2015-09-24 2019-06-04 Cisco Technology, Inc. System and method for eliminating undetected interest looping in information-centric networks
US9977809B2 (en) 2015-09-24 2018-05-22 Cisco Technology, Inc. Information and data framework in a content centric network
US10049272B2 (en) 2015-09-24 2018-08-14 Microsoft Technology Licensing, Llc User authentication using multiple capture techniques
US9826083B2 (en) 2015-09-29 2017-11-21 Google Inc. Automatic delegation control for device sharing
US10454820B2 (en) 2015-09-29 2019-10-22 Cisco Technology, Inc. System and method for stateless information-centric networking
GB201518339D0 (en) 2015-10-16 2015-12-02 Ibm Mobile device location proofing
US10263965B2 (en) 2015-10-16 2019-04-16 Cisco Technology, Inc. Encrypted CCNx
FR3042893B1 (en) * 2015-10-27 2017-11-03 Morpho METHOD OF DETECTING FRAUD BY PRE-RECORDED IMAGE PROJECTION
US9794238B2 (en) 2015-10-29 2017-10-17 Cisco Technology, Inc. System for key exchange in a content centric network
US9641539B1 (en) 2015-10-30 2017-05-02 Bank Of America Corporation Passive based security escalation to shut off of application based on rules event triggering
US9820148B2 (en) 2015-10-30 2017-11-14 Bank Of America Corporation Permanently affixed un-decryptable identifier associated with mobile device
US9729536B2 (en) 2015-10-30 2017-08-08 Bank Of America Corporation Tiered identification federated authentication network system
US10021565B2 (en) 2015-10-30 2018-07-10 Bank Of America Corporation Integrated full and partial shutdown application programming interface
US9807205B2 (en) 2015-11-02 2017-10-31 Cisco Technology, Inc. Header compression for CCN messages using dictionary
US10009446B2 (en) 2015-11-02 2018-06-26 Cisco Technology, Inc. Header compression for CCN messages using dictionary learning
US10021222B2 (en) 2015-11-04 2018-07-10 Cisco Technology, Inc. Bit-aligned header compression for CCN messages using dictionary
US10097521B2 (en) 2015-11-20 2018-10-09 Cisco Technology, Inc. Transparent encryption in a content centric network
US9912776B2 (en) 2015-12-02 2018-03-06 Cisco Technology, Inc. Explicit content deletion commands in a content centric network
US10097346B2 (en) 2015-12-09 2018-10-09 Cisco Technology, Inc. Key catalogs in a content centric network
EP3179432A1 (en) * 2015-12-11 2017-06-14 Mastercard International Incorporated Delegation of transactions
EP3179431A1 (en) * 2015-12-11 2017-06-14 Mastercard International Incorporated User authentication for transactions
US10291610B2 (en) 2015-12-15 2019-05-14 Visa International Service Association System and method for biometric authentication using social network
US11113687B2 (en) 2015-12-15 2021-09-07 Mastercard International Incorporated System for performing cross card authentication using wallet transaction authentication history
US10078062B2 (en) 2015-12-15 2018-09-18 Palo Alto Research Center Incorporated Device health estimation by combining contextual information with sensor data
US9781095B2 (en) * 2015-12-18 2017-10-03 International Business Machines Corporation Suppression of authorization risk feedback to mitigate risk factor manipulation in an authorization system
US10102358B2 (en) * 2015-12-29 2018-10-16 Sensory, Incorporated Face-controlled liveness verification
CN106940766A (en) * 2016-01-04 2017-07-11 由田新技股份有限公司 Sight line track authentication system and method
CN108475308A (en) * 2016-01-08 2018-08-31 维萨国际服务协会 The safety certification inputted using bioassay
US10257271B2 (en) 2016-01-11 2019-04-09 Cisco Technology, Inc. Chandra-Toueg consensus in a content centric network
US10007771B2 (en) 2016-01-15 2018-06-26 Qualcomm Incorporated User interface for a mobile device
US10481786B2 (en) 2016-01-15 2019-11-19 Qualcomm Incorporated User interface for enabling access to data of a mobile device
US9949301B2 (en) 2016-01-20 2018-04-17 Palo Alto Research Center Incorporated Methods for fast, secure and privacy-friendly internet connection discovery in wireless networks
US10305864B2 (en) 2016-01-25 2019-05-28 Cisco Technology, Inc. Method and system for interest encryption in a content centric network
US10043016B2 (en) 2016-02-29 2018-08-07 Cisco Technology, Inc. Method and system for name encryption agreement in a content centric network
CA3015697C (en) * 2016-02-29 2022-11-22 Securekey Technologies Inc. Systems and methods for distributed identity verification
WO2017147692A1 (en) * 2016-02-29 2017-09-08 Varley Michael Systems and methods for distributed data sharing with asynchronous third-party attestation
EP3374915B1 (en) * 2016-03-01 2021-06-30 Google LLC Facial template and token pre-fetching in hands free service requests
US10051071B2 (en) 2016-03-04 2018-08-14 Cisco Technology, Inc. Method and system for collecting historical network information in a content centric network
US10742596B2 (en) 2016-03-04 2020-08-11 Cisco Technology, Inc. Method and system for reducing a collision probability of hash-based names using a publisher identifier
US10003507B2 (en) 2016-03-04 2018-06-19 Cisco Technology, Inc. Transport session state protocol
US10038633B2 (en) 2016-03-04 2018-07-31 Cisco Technology, Inc. Protocol to query for historical network information in a content centric network
WO2017152956A1 (en) * 2016-03-08 2017-09-14 Izettle Merchant Services Ab User identity evaluation
US9832116B2 (en) 2016-03-14 2017-11-28 Cisco Technology, Inc. Adjusting entries in a forwarding information base in a content centric network
US10572961B2 (en) 2016-03-15 2020-02-25 Global Tel*Link Corporation Detection and prevention of inmate to inmate message relay
US10516654B2 (en) * 2016-03-15 2019-12-24 Intel Corporation System, apparatus and method for key provisioning delegation
US10212196B2 (en) 2016-03-16 2019-02-19 Cisco Technology, Inc. Interface discovery and authentication in a name-based network
US11436656B2 (en) 2016-03-18 2022-09-06 Palo Alto Research Center Incorporated System and method for a real-time egocentric collaborative filter on large datasets
US10067948B2 (en) 2016-03-18 2018-09-04 Cisco Technology, Inc. Data deduping in content centric networking manifests
US10229285B2 (en) 2016-03-22 2019-03-12 International Business Machines Corporation Privacy enhanced central data storage
US10091330B2 (en) 2016-03-23 2018-10-02 Cisco Technology, Inc. Interest scheduling by an information and data framework in a content centric network
US10033639B2 (en) 2016-03-25 2018-07-24 Cisco Technology, Inc. System and method for routing packets in a content centric network using anonymous datagrams
US20170288866A1 (en) * 2016-03-30 2017-10-05 AVAST Software s.r.o. Systems and methods of creating a distributed ring of trust
US10063562B1 (en) * 2016-03-31 2018-08-28 EMC IP Holding Company LLC Flexible access management framework based on measuring application usage behavior
US10320760B2 (en) 2016-04-01 2019-06-11 Cisco Technology, Inc. Method and system for mutating and caching content in a content centric network
US9930146B2 (en) 2016-04-04 2018-03-27 Cisco Technology, Inc. System and method for compressing content centric networking messages
US9609121B1 (en) 2016-04-07 2017-03-28 Global Tel*Link Corporation System and method for third party monitoring of voice and video calls
US10425503B2 (en) 2016-04-07 2019-09-24 Cisco Technology, Inc. Shared pending interest table in a content centric network
US10027578B2 (en) 2016-04-11 2018-07-17 Cisco Technology, Inc. Method and system for routable prefix queries in a content centric network
JP2019514113A (en) * 2016-04-12 2019-05-30 センソリアント・インコーポレイテッド Method and system for safeguarding stored data
US9596079B1 (en) * 2016-04-14 2017-03-14 Wickr Inc. Secure telecommunications
US10410239B2 (en) 2016-04-15 2019-09-10 Flipboard, Inc. Content presentation based on user interaction in a flip-based digital magazine environment
US10404450B2 (en) 2016-05-02 2019-09-03 Cisco Technology, Inc. Schematized access control in a content centric network
US10052073B2 (en) 2016-05-02 2018-08-21 Dexcom, Inc. System and method for providing alerts optimized for a user
US10320675B2 (en) 2016-05-04 2019-06-11 Cisco Technology, Inc. System and method for routing packets in a stateless content centric network
US10547589B2 (en) 2016-05-09 2020-01-28 Cisco Technology, Inc. System for implementing a small computer systems interface protocol over a content centric network
WO2017193165A1 (en) 2016-05-10 2017-11-16 National Ict Australia Limited Authenticating a user
US10063414B2 (en) 2016-05-13 2018-08-28 Cisco Technology, Inc. Updating a transport stack in a content centric network
US10084764B2 (en) 2016-05-13 2018-09-25 Cisco Technology, Inc. System for a secure encryption proxy in a content centric network
US9883403B2 (en) 2016-05-15 2018-01-30 Fmr Llc Monitoring presence of authorized user during user session based upon mobile computing device motion
US10469653B2 (en) 2016-05-15 2019-11-05 Fmr Llc Proximity and movement detection of a mobile computing device during a user session
US9686644B1 (en) 2016-05-15 2017-06-20 Fmr Llc Geospatial-based detection of mobile computing device movement
WO2017205543A1 (en) * 2016-05-24 2017-11-30 Brown Timothy J Liveness detection for face capture
US9801066B1 (en) 2016-06-02 2017-10-24 Duo Security, Inc. Method for automatic possession-factor authentication
US10103989B2 (en) 2016-06-13 2018-10-16 Cisco Technology, Inc. Content object return messages in a content centric network
US10185817B2 (en) 2016-06-16 2019-01-22 International Business Machines Corporation Device security via swipe pattern recognition
US10305865B2 (en) 2016-06-21 2019-05-28 Cisco Technology, Inc. Permutation-based content encryption with manifests in a content centric network
US10148572B2 (en) 2016-06-27 2018-12-04 Cisco Technology, Inc. Method and system for interest groups in a content centric network
US20170372310A1 (en) * 2016-06-27 2017-12-28 Paypal, Inc. Secure key based trust chain among user devices
JP2018005271A (en) * 2016-06-27 2018-01-11 株式会社東芝 Server, ic card processor and ic card processing system
US10152350B2 (en) * 2016-07-01 2018-12-11 Intel Corporation Secure domain manager
US10009266B2 (en) 2016-07-05 2018-06-26 Cisco Technology, Inc. Method and system for reference counted pending interest tables in a content centric network
US9992097B2 (en) 2016-07-11 2018-06-05 Cisco Technology, Inc. System and method for piggybacking routing information in interests in a content centric network
US10122624B2 (en) 2016-07-25 2018-11-06 Cisco Technology, Inc. System and method for ephemeral entries in a forwarding information base in a content centric network
US9854398B1 (en) 2016-08-03 2017-12-26 International Business Machines Corporation System, method and recording medium for location verification
WO2018027148A1 (en) * 2016-08-05 2018-02-08 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
US10069729B2 (en) 2016-08-08 2018-09-04 Cisco Technology, Inc. System and method for throttling traffic based on a forwarding information base in a content centric network
US10956412B2 (en) 2016-08-09 2021-03-23 Cisco Technology, Inc. Method and system for conjunctive normal form attribute matching in a content centric network
GB201613882D0 (en) * 2016-08-12 2016-09-28 Mastercard International Inc Digital secure remote payment(DSRP) Enhancements when transacting with an authenticated merchant
CN106899567B (en) * 2016-08-24 2019-12-13 阿里巴巴集团控股有限公司 User body checking method, device and system
US9980135B2 (en) * 2016-09-12 2018-05-22 Qualcomm Incorporated Managing security for a mobile communication device
US10033642B2 (en) 2016-09-19 2018-07-24 Cisco Technology, Inc. System and method for making optimal routing decisions based on device-specific parameters in a content centric network
US11010763B1 (en) * 2016-09-27 2021-05-18 United Services Automobile Association (Usaa) Biometric authentication on push notification
US10212248B2 (en) 2016-10-03 2019-02-19 Cisco Technology, Inc. Cache management on high availability routers in a content centric network
US10447805B2 (en) 2016-10-10 2019-10-15 Cisco Technology, Inc. Distributed consensus in a content centric network
US10341333B2 (en) 2016-10-18 2019-07-02 Tata Consultancy Services Limited Systems and methods for generating multi-dimensional password and authenticating thereof
US11062304B2 (en) 2016-10-20 2021-07-13 Google Llc Offline user identification
US10284538B2 (en) 2016-10-26 2019-05-07 Bank Of America Corporation System for processing an even request by determining a matching user profile based on user identifying information
US10135948B2 (en) 2016-10-31 2018-11-20 Cisco Technology, Inc. System and method for process migration in a content centric network
US10243851B2 (en) 2016-11-21 2019-03-26 Cisco Technology, Inc. System and method for forwarder connection information in a content centric network
KR20180074152A (en) * 2016-12-23 2018-07-03 삼성전자주식회사 Security enhanced speech recognition method and apparatus
US10532719B2 (en) * 2016-12-30 2020-01-14 Robert Bosch Gmbh Bluetooth low energy (BLE) passive vehicle access control system for defending the system against relay attacks and method thereof
US10091195B2 (en) 2016-12-31 2018-10-02 Nok Nok Labs, Inc. System and method for bootstrapping a user binding
US10313357B2 (en) 2017-01-13 2019-06-04 Microsoft Technology Licensing, Llc Reduced user authentication input requirements
US10375083B2 (en) * 2017-01-25 2019-08-06 International Business Machines Corporation System, method and computer program product for location verification
US10375457B2 (en) 2017-02-02 2019-08-06 International Business Machines Corporation Interpretation of supplemental sensors
CN108418776B (en) * 2017-02-09 2021-08-20 上海诺基亚贝尔股份有限公司 Method and apparatus for providing secure services
US11310224B2 (en) 2017-02-15 2022-04-19 Adp, Inc. Enhanced security authentication system
GB2560340A (en) * 2017-03-07 2018-09-12 Eyn Ltd Verification method and system
US11593773B1 (en) * 2017-03-31 2023-02-28 Block, Inc. Payment transaction authentication system and method
US10412096B2 (en) 2017-04-18 2019-09-10 Visa International Service Association Wireless authentication based on location data
KR102458805B1 (en) * 2017-04-20 2022-10-25 구글 엘엘씨 Multi-user authentication on a device
US10623402B2 (en) * 2017-04-20 2020-04-14 Adp, Llc Enhanced security authentication system
US10657607B2 (en) 2017-05-06 2020-05-19 Adp, Llc Implementation of payroll smart contract on a distributed ledger
US10027797B1 (en) 2017-05-10 2018-07-17 Global Tel*Link Corporation Alarm control for inmate call monitoring
US10645079B2 (en) * 2017-05-12 2020-05-05 Bank Of America Corporation Preventing unauthorized access to secured information systems using authentication tokens and multi-device authentication prompts
US10574650B2 (en) * 2017-05-17 2020-02-25 Bank Of America Corporation System for electronic authentication with live user determination
US10225396B2 (en) 2017-05-18 2019-03-05 Global Tel*Link Corporation Third party monitoring of a activity within a monitoring platform
US10579322B1 (en) * 2017-05-22 2020-03-03 Parallels International Gmbh Connecting to remote access session based on proximity of mobile device
CN110998626B (en) 2017-05-31 2023-12-01 谷歌有限责任公司 Providing hands-free data for interaction
US10860786B2 (en) 2017-06-01 2020-12-08 Global Tel*Link Corporation System and method for analyzing and investigating communication data from a controlled environment
US11182349B2 (en) 2017-06-04 2021-11-23 Apple Inc. Synchronizing content
US11528129B2 (en) 2017-06-04 2022-12-13 Apple Inc. Synchronizing content
US11068567B2 (en) * 2017-06-04 2021-07-20 Harsha Ramalingam Self-owned authentication and identity framework
US10657401B2 (en) * 2017-06-06 2020-05-19 Microsoft Technology Licensing, Llc Biometric object spoof detection based on image intensity variations
US10754939B2 (en) 2017-06-26 2020-08-25 International Business Machines Corporation System and method for continuous authentication using augmented reality and three dimensional object recognition
US11303631B1 (en) * 2017-06-30 2022-04-12 Wells Fargo Bank, N.A. Authentication as a service
US10606990B2 (en) * 2017-07-06 2020-03-31 Ebay Inc. Machine learning system for computing asset access
US10803014B2 (en) * 2017-07-28 2020-10-13 Adp, Llc Dynamic data relationships in a graph database
CA3076334A1 (en) * 2017-09-18 2019-03-21 Perk Hero Software Inc. Systems and methods for electronic payments with fraud prevention
US10346841B2 (en) * 2017-10-16 2019-07-09 Capital One Services, Llc Transaction card security device
EP4020939A1 (en) * 2017-11-06 2022-06-29 Google LLC Evaluating ip location on a client device
CN108428135A (en) * 2017-11-28 2018-08-21 深圳萨摩耶互联网金融服务有限公司 Auth method
US10652743B2 (en) 2017-12-21 2020-05-12 The Chamberlain Group, Inc. Security system for a moveable barrier operator
US11562362B1 (en) 2018-01-23 2023-01-24 Wells Fargo Bank, N.A. Systems and methods for a virtual identity card
US10587623B2 (en) 2018-01-31 2020-03-10 T-Mobile Usa, Inc. Mobile device platform for access privilege control system
US10924480B2 (en) 2018-02-28 2021-02-16 Cisco Technology, Inc. Extended trust for onboarding
US11356257B2 (en) * 2018-03-07 2022-06-07 Visa International Service Association Secure remote token release with online authentication
GB201803815D0 (en) * 2018-03-09 2018-04-25 Nchain Holdings Ltd Computer-implemented methods and systems
US20190342298A1 (en) * 2018-05-02 2019-11-07 Samsung Electronics Co., Ltd. System and method for resource access authentication
CN108875327A (en) 2018-05-28 2018-11-23 阿里巴巴集团控股有限公司 One seed nucleus body method and apparatus
US11074773B1 (en) 2018-06-27 2021-07-27 The Chamberlain Group, Inc. Network-based control of movable barrier operators for autonomous vehicles
US11093599B2 (en) * 2018-06-28 2021-08-17 International Business Machines Corporation Tamper mitigation scheme for locally powered smart devices
US11100204B2 (en) * 2018-07-19 2021-08-24 Motorola Mobility Llc Methods and devices for granting increasing operational access with increasing authentication factors
WO2020028502A1 (en) 2018-08-01 2020-02-06 The Chamberlain Group, Inc. Movable barrier operator and transmitter pairing over a network
CN109065058B (en) * 2018-09-30 2024-03-15 合肥鑫晟光电科技有限公司 Voice communication method, device and system
US11368446B2 (en) * 2018-10-02 2022-06-21 International Business Machines Corporation Trusted account revocation in federated identity management
US11822637B2 (en) * 2018-10-18 2023-11-21 Oracle International Corporation Adaptive authentication in spreadsheet interface integrated with web service
US10827452B2 (en) 2018-11-20 2020-11-03 Here Global B.V. Trustworthiness of location estimates
US20210366617A1 (en) * 2018-12-05 2021-11-25 Hewlett-Packard Development Company, L.P. Bio-analytics based triggering for recording events
US11641363B2 (en) * 2019-01-14 2023-05-02 Qatar Foundation For Education, Science And Community Development Methods and systems for verifying the authenticity of a remote service
US11263116B2 (en) 2019-01-24 2022-03-01 International Business Machines Corporation Champion test case generation
US11099975B2 (en) 2019-01-24 2021-08-24 International Business Machines Corporation Test space analysis across multiple combinatoric models
US11106567B2 (en) 2019-01-24 2021-08-31 International Business Machines Corporation Combinatoric set completion through unique test case generation
KR20200100481A (en) * 2019-02-18 2020-08-26 삼성전자주식회사 Electronic device for authenticating biometric information and operating method thereof
JP2022059099A (en) * 2019-02-25 2022-04-13 ソニーグループ株式会社 Information processing device, information processing method, and program
US20200311230A1 (en) * 2019-03-27 2020-10-01 Google Llc System and Method for Obtaining Authentication Credentials from Users
US11381577B2 (en) * 2019-03-29 2022-07-05 Citrix Systems, Inc. Techniques involving a security heat map
US11475134B2 (en) 2019-04-10 2022-10-18 Arm Limited Bootstrapping a device
US10997810B2 (en) 2019-05-16 2021-05-04 The Chamberlain Group, Inc. In-vehicle transmitter training
US11876798B2 (en) * 2019-05-20 2024-01-16 Citrix Systems, Inc. Virtual delivery appliance and system with remote authentication and related methods
US10970197B2 (en) * 2019-06-13 2021-04-06 International Business Machines Corporation Breakpoint value-based version control
US11232020B2 (en) 2019-06-13 2022-01-25 International Business Machines Corporation Fault detection using breakpoint value-based fingerprints of failing regression test cases
US11422924B2 (en) 2019-06-13 2022-08-23 International Business Machines Corporation Customizable test set selection using code flow trees
US11601284B2 (en) * 2019-06-14 2023-03-07 Planetway Corporation Digital signature system based on a cloud of dedicated local devices
CN112148119A (en) * 2019-06-26 2020-12-29 托比股份公司 Method, eye tracker and computer program for determining eye position in digital image data
US11545131B2 (en) 2019-07-16 2023-01-03 Microsoft Technology Licensing, Llc Reading order system for improving accessibility of electronic content
SG10201906806XA (en) * 2019-07-23 2021-02-25 Mastercard International Inc Methods and computing devices for auto-submission of user authentication credential
EP3786767B1 (en) * 2019-07-29 2023-11-08 HTC Corporation Eye tracking method, head-mounted display, and computer readable storage medium
US11096059B1 (en) * 2019-08-04 2021-08-17 Acceptto Corporation System and method for secure touchless authentication of user paired device, behavior and identity
EP3772699A1 (en) * 2019-08-09 2021-02-10 Siemens Aktiengesellschaft Method for user verification, communication device and computer program
US11062313B2 (en) 2019-09-13 2021-07-13 International Business Machines Corporation Smart contract enabled smart contact-based computing
US11820529B2 (en) 2019-10-29 2023-11-21 Ga Telesis, Llc System and method for monitoring and certifying aircrafts and components of aircrafts
US11528267B2 (en) * 2019-12-06 2022-12-13 Bank Of America Corporation System for automated image authentication and external database verification
US11575670B2 (en) 2019-12-09 2023-02-07 Accenture Global Solutions Limited Adaptive user authentication
US11523282B2 (en) * 2020-02-05 2022-12-06 Lookout Inc. Use of geolocation to improve security while protecting privacy
EP4121875A4 (en) * 2020-04-21 2023-11-29 Hewlett-Packard Development Company, L.P. Authentication and calibration via gaze tracking
US11677731B2 (en) 2020-04-29 2023-06-13 Wells Fargo Bank, N.A. Adaptive authentication
US11328085B2 (en) * 2020-05-13 2022-05-10 Capital One Services, Llc Securing confidential information during a telecommunication session
US11611877B2 (en) * 2020-07-08 2023-03-21 T-Mobile Usa, Inc. User authentication
GB2612499A (en) * 2020-07-08 2023-05-03 Cervais Inc Peer-to-peer secure communication, apparatus, and method
US11792188B2 (en) 2020-08-05 2023-10-17 Bank Of America Corporation Application for confirming multi-person authentication
US11528269B2 (en) 2020-08-05 2022-12-13 Bank Of America Corporation Application for requesting multi-person authentication
US11792187B2 (en) 2020-08-05 2023-10-17 Bank Of America Corporation Multi-person authentication
US20220058287A1 (en) * 2020-08-19 2022-02-24 Docusign, Inc. Modifying elements of a secure document workflow based on change in profile of recipient
US20220075850A1 (en) * 2020-09-04 2022-03-10 Shopify Inc. Systems and methods for user authentication
US11627129B2 (en) * 2020-10-14 2023-04-11 Citrix Systems, Inc. Method and system for contextual access control
US11457012B2 (en) * 2020-11-03 2022-09-27 Okta, Inc. Device risk level based on device metadata comparison
US20220383354A1 (en) * 2021-05-26 2022-12-01 Verizon Media Inc. Method and system for selecting payment option for transaction
US11930000B2 (en) * 2021-08-02 2024-03-12 Cisco Technology, Inc. Detection of anomalous authentications
US20230289535A1 (en) * 2021-11-03 2023-09-14 Virginia Tech Intellectual Properties, Inc. Visual language processing modeling framework via an attention-on-attention mechanism

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020010857A1 (en) * 2000-06-29 2002-01-24 Kaleedhass Karthik Biometric verification for electronic transactions over the web
US7512567B2 (en) * 2006-06-29 2009-03-31 Yt Acquisition Corporation Method and system for providing biometric authentication at a point-of-sale via a mobile device
US20090307139A1 (en) * 2008-06-06 2009-12-10 Ebay, Inc. Biometric authentication of mobile financial transactions by trusted service managers
US20140090039A1 (en) * 2012-09-24 2014-03-27 Plantronics, Inc. Secure System Access Using Mobile Biometric Devices

Family Cites Families (477)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5272754A (en) 1991-03-28 1993-12-21 Secure Computing Corporation Secure computer interface
US5280527A (en) 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
JPH06195307A (en) 1992-12-22 1994-07-15 Fujitsu Ltd Automatic registering device for many and unspecified users
US5588061A (en) 1994-07-20 1996-12-24 Bell Atlantic Network Services, Inc. System and method for identity verification, forming joint signatures and session key agreement in an RSA public cryptosystem
US5764789A (en) 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
JPH09231172A (en) 1996-02-26 1997-09-05 Nippon Denki Ido Tsushin Kk Password registering method
US6088450A (en) 1996-04-17 2000-07-11 Intel Corporation Authentication system based on periodic challenge/response protocol
US6377691B1 (en) 1996-12-09 2002-04-23 Microsoft Corporation Challenge-response authentication and key exchange for a connectionless security protocol
US6035406A (en) 1997-04-02 2000-03-07 Quintet, Inc. Plurality-factor security system
US7047415B2 (en) 1997-09-22 2006-05-16 Dfs Linkages, Inc. System and method for widely witnessed proof of time
US6378072B1 (en) 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
US6618806B1 (en) 1998-04-01 2003-09-09 Saflink Corporation System and method for authenticating users in a computer network
US6178511B1 (en) 1998-04-30 2001-01-23 International Business Machines Corporation Coordinating user target logons in a single sign-on (SSO) environment
US6270011B1 (en) 1998-05-28 2001-08-07 Benenson Tal Remote credit card authentication system
JP2000092046A (en) 1998-09-11 2000-03-31 Mitsubishi Electric Corp Remote authentication system
US6950539B2 (en) * 1998-09-16 2005-09-27 Digital Persona Configurable multi-function touchpad device
US7047416B2 (en) 1998-11-09 2006-05-16 First Data Corporation Account-based digital signature (ABDS) system
US6510236B1 (en) 1998-12-11 2003-01-21 International Business Machines Corporation Authentication framework for managing authentication requests from multiple authentication devices
US7505941B2 (en) 1999-08-31 2009-03-17 American Express Travel Related Services Company, Inc. Methods and apparatus for conducting electronic transactions using biometrics
US6842896B1 (en) 1999-09-03 2005-01-11 Rainbow Technologies, Inc. System and method for selecting a server in a multiple server license management system
US7085931B1 (en) 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
US7260724B1 (en) 1999-09-20 2007-08-21 Security First Corporation Context sensitive dynamic authentication in a cryptographic system
US6801998B1 (en) 1999-11-12 2004-10-05 Sun Microsystems, Inc. Method and apparatus for presenting anonymous group names
WO2001044968A2 (en) 1999-12-02 2001-06-21 Oakington Technologies Limited Transaction system and method
AU777912B2 (en) 2000-02-29 2004-11-04 International Business Machines Corporation System and method of associating devices to secure commercial transactions performed over the internet
US7444368B1 (en) 2000-02-29 2008-10-28 Microsoft Corporation Methods and systems for selecting methodology for authenticating computer systems on a per computer system or per user basis
US7140036B2 (en) 2000-03-06 2006-11-21 Cardinalcommerce Corporation Centralized identity authentication for electronic communication networks
US7233926B2 (en) 2000-03-07 2007-06-19 Thomson Licensing Electronic wallet system with secure inter-purses operations
US7698565B1 (en) 2000-03-30 2010-04-13 Digitalpersona, Inc. Crypto-proxy server and method of using the same
US7263506B2 (en) 2000-04-06 2007-08-28 Fair Isaac Corporation Identification and management of fraudulent credit/debit card purchases at merchant ecommerce sites
US7487112B2 (en) 2000-06-29 2009-02-03 Barnes Jr Melvin L System, method, and computer program product for providing location based services and mobile e-commerce
WO2002011028A1 (en) 2000-07-27 2002-02-07 Eft Datalink, Incorporated Value transfer system for unbanked customers
CA2417770C (en) 2000-08-04 2011-10-25 First Data Corporation Trusted authentication digital signature (tads) system
AU2001288679A1 (en) 2000-09-11 2002-03-26 Sentrycom Ltd. A biometric-based system and method for enabling authentication of electronic messages sent over a network
JP3805610B2 (en) 2000-09-28 2006-08-02 株式会社日立製作所 Closed group communication method and communication terminal device
US20020040344A1 (en) * 2000-10-04 2002-04-04 Preiser Randall F. Check guarantee, verification, processing, credit reports and collection system and method awarding purchase points for usage of checks
JP2002152189A (en) 2000-11-14 2002-05-24 Nippon Hoso Kyokai <Nhk> Open key distributing method, and open key transmitting device and open key receiving device used for the same method
US7356704B2 (en) 2000-12-07 2008-04-08 International Business Machines Corporation Aggregated authenticated identity apparatus for and method therefor
FI115098B (en) 2000-12-27 2005-02-28 Nokia Corp Authentication in data communication
US7941669B2 (en) 2001-01-03 2011-05-10 American Express Travel Related Services Company, Inc. Method and apparatus for enabling a user to select an authentication method
US20020112170A1 (en) 2001-01-03 2002-08-15 Foley James M. Method and apparatus for using one financial instrument to authenticate a user for accessing a second financial instrument
US6588812B1 (en) * 2001-02-22 2003-07-08 The Regents Of The University Of California Enhanced tamper indicator
US7398549B2 (en) 2001-05-18 2008-07-08 Imprivata, Inc. Biometric authentication with security against eavesdropping
US6601762B2 (en) 2001-06-15 2003-08-05 Koninklijke Philips Electronics N.V. Point-of-sale (POS) voice authentication transaction system
SG124290A1 (en) 2001-07-23 2006-08-30 Ntt Docomo Inc Electronic payment method, system, and devices
EP1412870A4 (en) 2001-07-30 2005-07-13 Alcatel Internetworking Inc Distributed network management system using policies
CN1564994B (en) 2001-08-10 2010-09-29 松下电器产业株式会社 Electronic device
AU2002343424A1 (en) 2001-09-28 2003-04-14 Bluesocket, Inc. Method and system for managing data traffic in wireless networks
JP2003132160A (en) 2001-10-23 2003-05-09 Nec Corp Personal information management system and device, and personal information management program
JP3943897B2 (en) 2001-10-30 2007-07-11 株式会社東芝 Identification system and device
JP4145118B2 (en) 2001-11-26 2008-09-03 松下電器産業株式会社 Application authentication system
US20030115142A1 (en) 2001-12-12 2003-06-19 Intel Corporation Identity authentication portfolio system
US7194761B1 (en) 2002-01-22 2007-03-20 Cisco Technology, Inc. Methods and apparatus providing automatic client authentication
JP2003219473A (en) 2002-01-22 2003-07-31 Citizen Watch Co Ltd Portable information apparatus, personal authentication system and data managing method
EP1600898B1 (en) 2002-02-05 2018-10-17 Panasonic Intellectual Property Management Co., Ltd. Personal authentication method, personal authentication apparatus and image capturing device
JP2003318894A (en) 2002-02-21 2003-11-07 Matsushita Electric Ind Co Ltd Method for processing authentication between pieces of apparatus using challenge and response system
JP2003274007A (en) 2002-03-19 2003-09-26 Nec Corp Mobile phone
US20030182551A1 (en) 2002-03-25 2003-09-25 Frantz Christopher J. Method for a single sign-on
GB0210692D0 (en) 2002-05-10 2002-06-19 Assendon Ltd Smart card token for remote authentication
US20030226036A1 (en) 2002-05-30 2003-12-04 International Business Machines Corporation Method and apparatus for single sign-on authentication
US7322043B2 (en) 2002-06-20 2008-01-22 Hewlett-Packard Development Company, L.P. Allowing an electronic device accessing a service to be authenticated
US7296154B2 (en) 2002-06-24 2007-11-13 Microsoft Corporation Secure media path methods, systems, and architectures
US20040003990A1 (en) * 2002-07-02 2004-01-08 Pierre Mansur Water purification apparatus and method for purifying water
EP1535127A2 (en) 2002-07-03 2005-06-01 Aurora Wireless Technologies, Inc. Biometric private key infrastructure
US7853983B2 (en) 2002-07-29 2010-12-14 Bea Systems, Inc. Communicating data from a data producer to a data receiver
US20160072787A1 (en) 2002-08-19 2016-03-10 Igor V. Balabine Method for creating secure subnetworks on a general purpose network
US20040039909A1 (en) 2002-08-22 2004-02-26 David Cheng Flexible authentication with multiple levels and factors
US8301884B2 (en) 2002-09-16 2012-10-30 Samsung Electronics Co., Ltd. Method of managing metadata
JP2004118456A (en) 2002-09-25 2004-04-15 Japan Science & Technology Corp Authentication system of mobile terminal using position information
US7287052B2 (en) 2002-11-09 2007-10-23 Microsoft Corporation Challenge and response interaction between client and server computing devices
JP2004288156A (en) 2002-11-20 2004-10-14 Stmicroelectronics Sa Evaluation of definition of eye iris image
US7353533B2 (en) 2002-12-18 2008-04-01 Novell, Inc. Administration of protection of data accessible by a mobile device
US20040128542A1 (en) 2002-12-31 2004-07-01 International Business Machines Corporation Method and system for native authentication protocols in a heterogeneous federated environment
JP4374904B2 (en) 2003-05-21 2009-12-02 株式会社日立製作所 Identification system
US8555344B1 (en) 2003-06-05 2013-10-08 Mcafee, Inc. Methods and systems for fallback modes of operation within wireless computer networks
DE10326893A1 (en) * 2003-06-14 2004-12-30 Degussa Ag Resins based on ketones and aldehydes with improved solubility properties and low color numbers
US7676551B1 (en) * 2003-06-25 2010-03-09 Microsoft Corporation Lookup partitioning storage system and method
CN1882963A (en) 2003-06-30 2006-12-20 塞尔维纳坦·纳拉因萨米 Transaction verification system
JP2005025337A (en) 2003-06-30 2005-01-27 Sony Corp Appliance registration system, appliance registration server, appliance registration method, appliance registration program, storage medium and terminal appliance
US7716469B2 (en) 2003-07-25 2010-05-11 Oracle America, Inc. Method and system for providing a circle of trust on a network
AU2004272083B2 (en) * 2003-09-12 2009-11-26 Emc Corporation System and method for risk based authentication
JP2005092614A (en) 2003-09-18 2005-04-07 Toda Constr Co Ltd Biometrics system, program, and information storage medium
US20050080716A1 (en) * 2003-09-25 2005-04-14 Boris Belyi Data validation systems and methods for use in financial transactions
US9130921B2 (en) 2003-09-30 2015-09-08 Ca, Inc. System and method for bridging identities in a service oriented architectureprofiling
US20050100166A1 (en) 2003-11-10 2005-05-12 Parc Inc. Systems and methods for authenticating communications in a network medium
US7415138B2 (en) 2003-11-25 2008-08-19 Ultra-Scan Corporation Biometric authorization method and system
US20050125295A1 (en) * 2003-12-09 2005-06-09 Tidwell Lisa C. Systems and methods for obtaining payor information at a point of sale
US7263717B1 (en) 2003-12-17 2007-08-28 Sprint Communications Company L.P. Integrated security framework and privacy database scheme
US9191215B2 (en) 2003-12-30 2015-11-17 Entrust, Inc. Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
JP4257250B2 (en) 2004-03-30 2009-04-22 富士通株式会社 Biometric information matching device, biometric feature information narrowing device, biometric feature information narrowing program, and computer-readable recording medium recording the program
JP3770897B2 (en) 2004-03-31 2006-04-26 株式会社ドワンゴ Product server, purchase price settlement method, product purchase method, and computer program
US7607008B2 (en) 2004-04-01 2009-10-20 Microsoft Corporation Authentication broker service
US8762283B2 (en) 2004-05-03 2014-06-24 Visa International Service Association Multiple party benefit from an online authentication service
US20050278253A1 (en) 2004-06-15 2005-12-15 Microsoft Corporation Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like
EP2264956B1 (en) 2004-07-23 2017-06-14 Citrix Systems, Inc. Method for securing remote access to private networks
US7194763B2 (en) 2004-08-02 2007-03-20 Cisco Technology, Inc. Method and apparatus for determining authentication capabilities
US7711952B2 (en) 2004-09-13 2010-05-04 Coretrace Corporation Method and system for license management
US7543740B2 (en) * 2004-09-17 2009-06-09 Digital Envoy, Inc. Fraud analyst smart cookie
US7497374B2 (en) * 2004-09-17 2009-03-03 Digital Envoy, Inc. Fraud risk advisor
JP4391375B2 (en) 2004-09-30 2009-12-24 フェリカネットワークス株式会社 Information management apparatus and method, and program
CA2922172A1 (en) * 2004-10-25 2006-05-04 Security First Corp. Secure data parser method and system
US7298873B2 (en) 2004-11-16 2007-11-20 Imageware Systems, Inc. Multimodal biometric platform
JP4442818B2 (en) 2004-11-22 2010-03-31 財団法人鉄道総合技術研究所 Authentication system
US20060161672A1 (en) 2004-11-22 2006-07-20 Bea Systems, Inc. System and method for improved interportlet communications
TW200642408A (en) 2004-12-07 2006-12-01 Farsheed Atef System and method for identity verification and management
WO2006063118A2 (en) 2004-12-07 2006-06-15 Pure Networks, Inc. Network management
EP1825413A2 (en) 2004-12-16 2007-08-29 Mark Dwight Bedworth User validation using images
WO2006068998A1 (en) 2004-12-20 2006-06-29 Rsa Security Inc. Consumer internet authentication service
US20060195689A1 (en) 2005-02-28 2006-08-31 Carsten Blecken Authenticated and confidential communication between software components executing in un-trusted environments
US20060213978A1 (en) * 2005-03-25 2006-09-28 Bluko Information Group Method and system of advancing value from credit card account for use with stored value account
US7844816B2 (en) 2005-06-08 2010-11-30 International Business Machines Corporation Relying party trust anchor based public key technology framework
TWI287206B (en) 2005-06-24 2007-09-21 Alfa Power Co Ltd Safe trading system of automatic teller machine (ATM) with integration of multimedia information
US8079079B2 (en) * 2005-06-29 2011-12-13 Microsoft Corporation Multimodal authentication
CN101495956B (en) 2005-08-11 2012-03-07 晟碟以色列有限公司 Extended one-time password method and apparatus
WO2007023756A1 (en) 2005-08-24 2007-03-01 Nec Corporation Identify authenticating system, user terminal, service provider apparatus, reliability assuring server, operating method of them and operating program of them
CN1941699B (en) 2005-09-29 2012-05-23 国际商业机器公司 Cryptographic methods, host system, trusted platform module, and computer arrangement
US20070077915A1 (en) 2005-09-30 2007-04-05 Black Greg R Method and apparatus for module authentication
US8874477B2 (en) * 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
AU2006303992A1 (en) 2005-10-11 2007-04-26 Citrix Systems, Inc. Systems and methods for facilitating distributed authentication
US7461035B2 (en) 2005-10-26 2008-12-02 Motorola, Inc. Path determination facilitation method
US8407146B2 (en) 2005-10-28 2013-03-26 Microsoft Corporation Secure storage
US7623659B2 (en) 2005-11-04 2009-11-24 Cisco Technology, Inc. Biometric non-repudiation network security systems and methods
US8458465B1 (en) * 2005-11-16 2013-06-04 AT&T Intellectual Property II, L. P. Biometric authentication
CA2629015A1 (en) * 2005-11-18 2008-05-08 Rick L. Orsini Secure data parser method and system
JP4736744B2 (en) 2005-11-24 2011-07-27 株式会社日立製作所 Processing device, auxiliary information generation device, terminal device, authentication device, and biometric authentication system
EP1955471A4 (en) 2005-12-01 2009-03-11 Firestar Software Inc System and method for exchanging information among exchange applications
US20080005562A1 (en) 2005-12-13 2008-01-03 Microsoft Corporation Public key infrastructure certificate entrustment
WO2007076476A2 (en) 2005-12-22 2007-07-05 Mastercard International Incorporated Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers
CN1992596A (en) 2005-12-27 2007-07-04 国际商业机器公司 User authentication device and method
EP1811421A1 (en) 2005-12-29 2007-07-25 AXSionics AG Security token and method for authentication of a user with the security token
US7941835B2 (en) 2006-01-13 2011-05-10 Authenticor Identity Protection Services, Inc. Multi-mode credential authorization
JP2007220075A (en) 2006-01-19 2007-08-30 Toshiba Corp Personal authentication device, positional information transmission device, personal authentication system, personal authentication method, and personal authentication program
EP1997066A4 (en) 2006-02-06 2011-05-25 Yt Acquisition Corp Method and system for providing online authentication utilizing biometric data
JPWO2007094165A1 (en) 2006-02-15 2009-07-02 日本電気株式会社 Identification system and program, and identification method
WO2007103818A2 (en) 2006-03-02 2007-09-13 Vxv Solutions, Inc. Methods and apparatus for implementing secure and adaptive proxies
JP4693171B2 (en) 2006-03-17 2011-06-01 株式会社日立ソリューションズ Authentication system
US8249233B2 (en) 2006-03-17 2012-08-21 International Business Machines Corporation Apparatus and system for representation of voices of participants to a conference call
US20080028453A1 (en) 2006-03-30 2008-01-31 Thinh Nguyen Identity and access management framework
US7818264B2 (en) * 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
JP4929803B2 (en) 2006-04-10 2012-05-09 富士通株式会社 Authentication method, authentication apparatus, and authentication program
WO2007122726A1 (en) 2006-04-21 2007-11-01 Mitsubishi Denki Kabushiki Kaisha Authenticating server device, terminal device, authenticating system and authenticating method
US7389913B2 (en) * 2006-04-28 2008-06-24 Ed Starrs Method and apparatus for online check processing
US9002018B2 (en) 2006-05-09 2015-04-07 Sync Up Technologies Corporation Encryption key exchange system and method
US8738921B2 (en) 2006-05-16 2014-05-27 Transactionsecure Llc System and method for authenticating a person's identity using a trusted entity
US8259647B2 (en) 2006-06-12 2012-09-04 Samsung Electronics Co., Ltd. System and method for wireless communication of uncompressed video having a link control and bandwidth reservation scheme for control/management message exchanges and asynchronous traffic
US20100242102A1 (en) 2006-06-27 2010-09-23 Microsoft Corporation Biometric credential verification framework
CN101101687B (en) 2006-07-05 2010-09-01 山谷科技有限责任公司 Method, apparatus, server and system using biological character for identity authentication
JP4805739B2 (en) 2006-07-07 2011-11-02 株式会社エヌ・ティ・ティ・ドコモ Near field communication terminal and security level setting method
CN101106452B (en) 2006-07-12 2010-12-08 华为技术有限公司 Generation and distribution method and system for mobile IP secret key
US20080025234A1 (en) 2006-07-26 2008-01-31 Qi Zhu System and method of managing a computer network using hierarchical layer information
JP4207065B2 (en) * 2006-07-26 2009-01-14 日本電気株式会社 Asset management system, asset management method, information processing apparatus, and program
US7966489B2 (en) 2006-08-01 2011-06-21 Cisco Technology, Inc. Method and apparatus for selecting an appropriate authentication method on a client
US8689287B2 (en) 2006-08-17 2014-04-01 Northrop Grumman Systems Corporation Federated credentialing system and method
EP2053777B1 (en) 2006-08-18 2016-01-13 Huawei Technologies Co., Ltd. A certification method, system, and device
EP2080142B1 (en) 2006-08-31 2014-09-24 International Business Machines Corporation Attestation of computing platforms
US8239677B2 (en) 2006-10-10 2012-08-07 Equifax Inc. Verification and authentication systems and methods
US9135444B2 (en) 2006-10-19 2015-09-15 Novell, Inc. Trusted platform module (TPM) assisted data center management
US7986786B2 (en) 2006-11-30 2011-07-26 Hewlett-Packard Development Company, L.P. Methods and systems for utilizing cryptographic functions of a cryptographic co-processor
US9055107B2 (en) 2006-12-01 2015-06-09 Microsoft Technology Licensing, Llc Authentication delegation based on re-verification of cryptographic evidence
EP1933522B1 (en) 2006-12-11 2013-10-23 Sap Ag Method and system for authentication
US20080189212A1 (en) * 2006-12-21 2008-08-07 Michael Kulakowski Electronic secure authentication for exchange buyer assurance system (eSafeBay)
JP2008176407A (en) 2007-01-16 2008-07-31 Toshiba Corp Biometrics system, device, and program
US8818904B2 (en) 2007-01-17 2014-08-26 The Western Union Company Generation systems and methods for transaction identifiers having biometric keys associated therewith
JP2008181295A (en) 2007-01-24 2008-08-07 Sony Corp Authentication system, information processor and method, program and recording medium
GB0703759D0 (en) 2007-02-27 2007-04-04 Skype Ltd A Communication system
WO2011005900A1 (en) * 2009-07-07 2011-01-13 Finsphere Corporation Mobile directory number and email verification of financial transactions
US8302196B2 (en) 2007-03-20 2012-10-30 Microsoft Corporation Combining assessment models and client targeting to identify network security vulnerabilities
US8413221B2 (en) 2007-03-23 2013-04-02 Emc Corporation Methods and apparatus for delegated authentication
CN101276448A (en) 2007-03-29 2008-10-01 阿里巴巴集团控股有限公司 Payment system and method performing trading with identification card including IC card
US20100299265A1 (en) 2007-04-17 2010-11-25 Hypercom Corporation Methods and systems for security authentication and key exchange
US20080271150A1 (en) 2007-04-30 2008-10-30 Paul Boerger Security based on network environment
US20090025084A1 (en) * 2007-05-11 2009-01-22 Fraud Management Technologies Pty Ltd Fraud detection filter
US8627409B2 (en) 2007-05-15 2014-01-07 Oracle International Corporation Framework for automated dissemination of security metadata for distributed trust establishment
US20080289020A1 (en) 2007-05-15 2008-11-20 Microsoft Corporation Identity Tokens Using Biometric Representations
CN101051908B (en) 2007-05-21 2011-05-18 北京飞天诚信科技有限公司 Dynamic cipher certifying system and method
US8359045B1 (en) 2007-05-31 2013-01-22 United Services Automobile Association (Usaa) Method and system for wireless device communication
US7627522B2 (en) 2007-06-04 2009-12-01 Visa U.S.A. Inc. System, apparatus and methods for comparing fraud parameters for application during prepaid card enrollment and transactions
US9003488B2 (en) 2007-06-06 2015-04-07 Datavalet Technologies System and method for remote device recognition at public hotspots
US7913086B2 (en) 2007-06-20 2011-03-22 Nokia Corporation Method for remote message attestation in a communication system
US8782801B2 (en) 2007-08-15 2014-07-15 Samsung Electronics Co., Ltd. Securing stored content for trusted hosts and safe computing environments
US20090055322A1 (en) * 2007-08-23 2009-02-26 Microsoft Corporation Removable module in personal handheld devices for personal information exchange
KR20230116073A (en) 2007-09-24 2023-08-03 애플 인크. Embedded authentication systems in an electronic device
US9172686B2 (en) 2007-09-28 2015-10-27 Alcatel Lucent Facilitating heterogeneous authentication for allowing network access
US20090089870A1 (en) 2007-09-28 2009-04-02 Mark Frederick Wahl System and method for validating interactions in an identity metasystem
JP4129586B2 (en) 2007-10-10 2008-08-06 クオリティ株式会社 Information processing system
FR2922396B1 (en) 2007-10-12 2009-12-25 Compagnie Ind Et Financiere Dingenierie Ingenico BIOMETRIC AUTHENTICATION METHOD, COMPUTER PROGRAM, AUTHENTICATION SERVER, CORRESPONDING TERMINAL AND PORTABLE OBJECT
US20090204964A1 (en) 2007-10-12 2009-08-13 Foley Peter F Distributed trusted virtualization platform
WO2009050324A1 (en) 2007-10-16 2009-04-23 Nokia Corporation Credential provisioning
US8134449B2 (en) 2007-10-23 2012-03-13 Minebea Co., Ltd Method and system for biometric keyboard
US8185457B1 (en) * 2007-10-25 2012-05-22 United Services Automobile Association (Usaa) Transaction risk analyzer
US20090119221A1 (en) 2007-11-05 2009-05-07 Timothy Martin Weston System and Method for Cryptographically Authenticated Display Prompt Control for Multifunctional Payment Terminals
US20090132813A1 (en) 2007-11-08 2009-05-21 Suridx, Inc. Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones
US8347374B2 (en) 2007-11-15 2013-01-01 Red Hat, Inc. Adding client authentication to networked communications
US8978117B2 (en) 2007-11-19 2015-03-10 Avaya Inc. Authentication frequency and challenge type based on environmental and physiological properties
TWI350486B (en) 2007-11-26 2011-10-11 Ind Tech Res Inst Biometrics method and apparatus and biometric data encryption method thereof
US8312269B2 (en) 2007-11-28 2012-11-13 Hitachi Global Storage Technologies Netherlands, B.V. Challenge and response access control providing data security in data storage devices
US9575558B2 (en) 2007-12-05 2017-02-21 Hewlett-Packard Development Company, L.P. System and method for electronically assisting a customer at a product retail location
US20090157560A1 (en) 2007-12-14 2009-06-18 Bank Of America Corporation Information banking and monetization of personal information
WO2009079593A1 (en) * 2007-12-17 2009-06-25 Janssen Pharmaceutica N.V. Piperazinyl derivatives useful as modulators of the neuropeptide y2 receptor
US8650616B2 (en) 2007-12-18 2014-02-11 Oracle International Corporation User definable policy for graduated authentication based on the partial orderings of principals
US9361440B2 (en) * 2007-12-21 2016-06-07 Apple Inc. Secure off-chip processing such as for biometric data
US8001582B2 (en) 2008-01-18 2011-08-16 Microsoft Corporation Cross-network reputation for online services
US8220032B2 (en) 2008-01-29 2012-07-10 International Business Machines Corporation Methods, devices, and computer program products for discovering authentication servers and establishing trust relationships therewith
US8635662B2 (en) * 2008-01-31 2014-01-21 Intuit Inc. Dynamic trust model for authenticating a user
US8175276B2 (en) 2008-02-04 2012-05-08 Freescale Semiconductor, Inc. Encryption apparatus with diverse key retention schemes
US8639630B2 (en) 2008-02-15 2014-01-28 Ddn Ip Holdings Limited Distribution of digital content
US8353016B1 (en) 2008-02-29 2013-01-08 Adobe Systems Incorporated Secure portable store for security skins and authentication information
US8555078B2 (en) 2008-02-29 2013-10-08 Adobe Systems Incorporated Relying party specifiable format for assertion provider token
US8302167B2 (en) 2008-03-11 2012-10-30 Vasco Data Security, Inc. Strong authentication token generating one-time passwords and signatures upon server credential verification
JP2009223452A (en) 2008-03-14 2009-10-01 Hitachi Ltd Authentication system, and authentication server device and user device and application server device
CA2659530A1 (en) * 2008-03-20 2009-09-20 Modasolutions Corporation Risk detection and assessment of cash payment for electronic purchase transactions
JP5328186B2 (en) 2008-03-21 2013-10-30 ルネサスエレクトロニクス株式会社 Data processing system and data processing method
US20090327131A1 (en) 2008-04-29 2009-12-31 American Express Travel Related Services Company, Inc. Dynamic account authentication using a mobile device
US8402526B2 (en) 2008-05-27 2013-03-19 Open Invention Network Llc System integrating an identity selector and user-portable device and method of use in a user-centric identity management system
US8359632B2 (en) 2008-05-30 2013-01-22 Microsoft Corporation Centralized account reputation
US8229812B2 (en) 2009-01-28 2012-07-24 Headwater Partners I, Llc Open transaction central billing system
US8572397B2 (en) 2008-06-20 2013-10-29 Koninklijke Philips N.V. Biometric authentication and identification
US8307093B2 (en) 2008-06-25 2012-11-06 Microsoft Corporation Remote access between UPnP devices
JP5258422B2 (en) 2008-07-01 2013-08-07 Kddi株式会社 Mutual authentication system, mutual authentication method and program
WO2010003239A1 (en) 2008-07-09 2010-01-14 Xtreme Mobility Inc. Secure wireless deposit system and method
US8250627B2 (en) 2008-07-28 2012-08-21 International Business Machines Corporation Transaction authorization
US20100029300A1 (en) 2008-07-30 2010-02-04 Arima Communications Corp. Method for inquiring real-time travel-related information using a mobile communication device
US9061406B2 (en) * 2008-08-01 2015-06-23 Guy A. Cherry Tool for removing remnant of spark plug boot
US8132640B2 (en) * 2008-08-07 2012-03-13 Honda Motor Co., Ltd. Frangible mount for a vehicle differential
US20100042848A1 (en) 2008-08-13 2010-02-18 Plantronics, Inc. Personalized I/O Device as Trusted Data Source
US20130125222A1 (en) 2008-08-19 2013-05-16 James D. Pravetz System and Method for Vetting Service Providers Within a Secure User Interface
US8666904B2 (en) 2008-08-20 2014-03-04 Adobe Systems Incorporated System and method for trusted embedded user interface for secure payments
US8880036B2 (en) 2008-09-08 2014-11-04 Qualcomm Incorporated Retrieving data wirelessly from a mobile device
US20100083000A1 (en) 2008-09-16 2010-04-01 Validity Sensors, Inc. Fingerprint Sensor Device and System with Verification Token and Methods of Using
SK50862008A3 (en) 2008-09-19 2010-06-07 Logomotion, S. R. O. System for electronic payment applications and method for payment authorization
US7933836B2 (en) 2008-09-30 2011-04-26 Avaya Inc. Proxy-based, transaction authorization system
US8307412B2 (en) 2008-10-20 2012-11-06 Microsoft Corporation User authentication management
US8494482B2 (en) 2008-10-24 2013-07-23 Centurylink Intellectual Property Llc Telecommunications system and method for monitoring the body temperature of a user
CN100581107C (en) 2008-11-04 2010-01-13 西安西电捷通无线网络通信有限公司 Trusted platform verification method based on three-element peer authentication
US8943311B2 (en) 2008-11-04 2015-01-27 Securekey Technologies Inc. System and methods for online authentication
CA2742963A1 (en) * 2008-11-06 2010-05-14 Visa International Service Association Online challenge-response
WO2010067433A1 (en) 2008-12-11 2010-06-17 三菱電機株式会社 Self-authentication communication device, self-authentication verification communication device, device authentication system, device authentication method for device authentication system, self-authentication communication program, and self-authentication verification communication program
US8245030B2 (en) 2008-12-19 2012-08-14 Nai-Yu Pai Method for authenticating online transactions using a browser
US20100169650A1 (en) 2008-12-31 2010-07-01 Brickell Ernest F Storage minimization technique for direct anonymous attestation keys
US8843997B1 (en) 2009-01-02 2014-09-23 Resilient Network Systems, Inc. Resilient trust network services
US8961619B2 (en) 2009-01-06 2015-02-24 Qualcomm Incorporated Location-based system permissions and adjustments at an electronic device
US20100186072A1 (en) 2009-01-21 2010-07-22 Akshay Kumar Distributed secure telework
US8590021B2 (en) * 2009-01-23 2013-11-19 Microsoft Corporation Passive security enforcement
US8284043B2 (en) 2009-01-23 2012-10-09 Honeywell International Inc. Method of formulating response to expired timer for data link message
US8752153B2 (en) 2009-02-05 2014-06-10 Wwpass Corporation Accessing data based on authenticated user, provider and system
US8359475B2 (en) 2009-02-12 2013-01-22 International Business Machines Corporation System, method and program product for generating a cancelable biometric reference template on demand
US8296564B2 (en) 2009-02-17 2012-10-23 Microsoft Corporation Communication channel access based on channel identifier and use policy
US8756674B2 (en) 2009-02-19 2014-06-17 Securekey Technologies Inc. System and methods for online authentication
US9015789B2 (en) 2009-03-17 2015-04-21 Sophos Limited Computer security lock down methods
CN101499908B (en) 2009-03-20 2011-06-22 四川长虹电器股份有限公司 Method for identity authentication and shared cipher key generation
US20110307707A1 (en) 2009-03-25 2011-12-15 Pacid Technologies, Llc Method and system for securing a file
US8291468B1 (en) 2009-03-30 2012-10-16 Juniper Networks, Inc. Translating authorization information within computer networks
US8959353B2 (en) 2009-03-31 2015-02-17 Topaz Systems, Inc. Distributed system for multi-function secure verifiable signer authentication
KR101548041B1 (en) 2009-04-15 2015-08-27 인터디지탈 패튼 홀딩스, 인크 Validation and/or authentication of a device for communication with a network
CN101540676B (en) 2009-04-28 2012-05-23 西安西电捷通无线网络通信股份有限公司 Platform identifying method suitable to identify credible network connecting construction in ternary equal way
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US20100299738A1 (en) 2009-05-19 2010-11-25 Microsoft Corporation Claims-based authorization at an identity provider
US8745698B1 (en) * 2009-06-09 2014-06-03 Bank Of America Corporation Dynamic authentication engine
US20100325684A1 (en) 2009-06-17 2010-12-23 Microsoft Corporation Role-based security for messaging administration and management
US8621203B2 (en) 2009-06-22 2013-12-31 Nokia Corporation Method and apparatus for authenticating a mobile device
KR20100137655A (en) 2009-06-23 2010-12-31 삼성전자주식회사 Method and apparatus for displaying electrical program guide
US8452960B2 (en) * 2009-06-23 2013-05-28 Netauthority, Inc. System and method for content delivery
WO2011017099A2 (en) 2009-07-27 2011-02-10 Suridx, Inc. Secure communication using asymmetric cryptography and light-weight certificates
US7865937B1 (en) 2009-08-05 2011-01-04 Daon Holdings Limited Methods and systems for authenticating users
US8756661B2 (en) 2009-08-24 2014-06-17 Ufp Identity, Inc. Dynamic user authentication for access to online services
US8429404B2 (en) 2009-09-30 2013-04-23 Intel Corporation Method and system for secure communications on a managed network
IL201351A0 (en) 2009-10-01 2010-05-31 Michael Feldbau Device and method for electronic signature via proxy
US20110083018A1 (en) 2009-10-06 2011-04-07 Validity Sensors, Inc. Secure User Authentication
US8621460B2 (en) 2009-11-02 2013-12-31 International Business Machines Corporation Endpoint-hosted hypervisor management
US8713325B2 (en) 2011-04-19 2014-04-29 Authentify Inc. Key management using quasi out of band authentication architecture
US8769784B2 (en) 2009-11-02 2014-07-08 Authentify, Inc. Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones
US8719905B2 (en) 2010-04-26 2014-05-06 Authentify Inc. Secure and efficient login and transaction authentication using IPhones™ and other smart mobile communication devices
KR20110048974A (en) 2009-11-04 2011-05-12 삼성전자주식회사 Apparatus and method for refreshing master session key in wireless communication system
WO2011059496A1 (en) 2009-11-11 2011-05-19 Cross Match Technologies, Inc. Apparatus and method for determining sequencing of fingers in images to a two-finger scanner of fingerprint images
TW201121280A (en) 2009-12-10 2011-06-16 Mao-Cong Lin Network security verification method and device and handheld electronic device verification method.
US8949978B1 (en) 2010-01-06 2015-02-03 Trend Micro Inc. Efficient web threat protection
CN102713922B (en) 2010-01-12 2015-11-25 维萨国际服务协会 For the method whenever confirmed to checking token
CN102763111B (en) 2010-01-22 2015-08-05 交互数字专利控股公司 For the method and apparatus of the management of credible identity federation and data access mandate
US8600855B2 (en) * 2010-01-26 2013-12-03 Visa International Service Association Transaction data repository for risk analysis
US9070146B2 (en) 2010-02-04 2015-06-30 Playspan Inc. Method and system for authenticating online transactions
WO2011094869A1 (en) 2010-02-05 2011-08-11 Lipso Systèmes Inc. Secure authentication system and method
WO2011109518A1 (en) 2010-03-02 2011-09-09 Interdigital Patent Holdings, Inc. Migration of credentials and/or domains between trusted hardware subscription modules
US20110219427A1 (en) 2010-03-04 2011-09-08 RSSBus, Inc. Smart Device User Authentication
US9065823B2 (en) 2010-03-08 2015-06-23 Gemalto Sa System and method for using a portable security device to cryptograhically sign a document in response to signature requests from a relying party to a digital signature service
US8930713B2 (en) 2010-03-10 2015-01-06 Dell Products L.P. System and method for general purpose encryption of data
US8776204B2 (en) 2010-03-12 2014-07-08 Alcatel Lucent Secure dynamic authority delegation
JP2011199458A (en) 2010-03-18 2011-10-06 Brother Industries Ltd Wireless communication system
CN102196407B (en) 2010-03-18 2015-09-16 中兴通讯股份有限公司 Anchoring authentication device method for relocating and system
US8826030B2 (en) * 2010-03-22 2014-09-02 Daon Holdings Limited Methods and systems for authenticating users
US9171306B1 (en) * 2010-03-29 2015-10-27 Bank Of America Corporation Risk-based transaction authentication
CA2795206C (en) 2010-03-31 2014-12-23 Rick L. Orsini Systems and methods for securing data in motion
US8412928B1 (en) 2010-03-31 2013-04-02 Emc Corporation One-time password authentication employing local testing of candidate passwords from one-time password server
US8676684B2 (en) * 2010-04-12 2014-03-18 Iovation Inc. System and method for evaluating risk in fraud prevention
US9356916B2 (en) 2010-04-30 2016-05-31 T-Central, Inc. System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI-based distributed locking of content and distributed unlocking of protected content
US8926335B2 (en) 2010-05-12 2015-01-06 Verificient Technologies, Inc. System and method for remote test administration and monitoring
US8973125B2 (en) 2010-05-28 2015-03-03 Alcatel Lucent Application layer authentication in packet networks
US20110314549A1 (en) 2010-06-16 2011-12-22 Fujitsu Limited Method and apparatus for periodic context-aware authentication
US8832461B2 (en) 2010-06-25 2014-09-09 Microsoft Corporation Trusted sensors
EP2591424A4 (en) 2010-07-08 2014-12-10 Hewlett Packard Development Co System and method for document policy enforcement
US8904189B1 (en) 2010-07-15 2014-12-02 The Research Foundation For The State University Of New York System and method for validating program execution at run-time using control flow signatures
US8453226B2 (en) * 2010-07-16 2013-05-28 Visa International Service Association Token validation for advanced authorization
KR101708345B1 (en) * 2010-07-23 2017-02-21 삼성전자 주식회사 Apparatus and method for charging battery
US8412158B2 (en) 2010-08-17 2013-04-02 Qualcomm Incorporated Mobile device having increased security that is less obtrusive
EP2424185B1 (en) 2010-08-23 2014-10-22 3M Innovative Properties Co. Method and device for challenge-response authentication
US8590014B1 (en) 2010-09-13 2013-11-19 Zynga Inc. Network application security utilizing network-provided identities
US9183683B2 (en) 2010-09-28 2015-11-10 Sony Computer Entertainment Inc. Method and system for access to secure resources
US8528069B2 (en) 2010-09-30 2013-09-03 Microsoft Corporation Trustworthy device claims for enterprise applications
US8819437B2 (en) 2010-09-30 2014-08-26 Microsoft Corporation Cryptographic device that binds an additional authentication factor to multiple identities
US20120084545A1 (en) 2010-10-04 2012-04-05 Ralph Rabat Farina Methods and systems for implementing a secure boot device using cryptographically secure communications across unsecured networks
US8566915B2 (en) 2010-10-22 2013-10-22 Microsoft Corporation Mixed-mode authentication
US8904472B2 (en) 2010-11-12 2014-12-02 Riaz Ahmed SHAIKH Validation of consistency and completeness of access control policy sets
US10153901B2 (en) 2010-11-23 2018-12-11 Concierge Holdings, Inc. System and method for verifying user identity in a virtual environment
CN103283204B (en) 2010-11-24 2015-12-16 西班牙电信公司 To the method that the access of protected content is authorized
US10404729B2 (en) * 2010-11-29 2019-09-03 Biocatch Ltd. Device, method, and system of generating fraud-alerts for cyber-attacks
US20120137137A1 (en) 2010-11-30 2012-05-31 Brickell Ernest F Method and apparatus for key provisioning of hardware devices
US8555355B2 (en) * 2010-12-07 2013-10-08 Verizon Patent And Licensing Inc. Mobile pin pad
US8955035B2 (en) 2010-12-16 2015-02-10 Microsoft Corporation Anonymous principals for policy languages
US8549145B2 (en) 2011-02-08 2013-10-01 Aventura Hq, Inc. Pre-access location-based rule initiation in a virtual computing environment
US8595507B2 (en) 2011-02-16 2013-11-26 Novell, Inc. Client-based authentication
CN106407766A (en) * 2011-03-07 2017-02-15 安全第公司 Secure file sharing method and system
US8490177B2 (en) 2011-03-15 2013-07-16 Lenovo (Singapore) Pte. Ltd. Apparatus and method for variable authentication requirements
JP5865992B2 (en) 2011-03-23 2016-02-17 インターデイジタル パテント ホールディングス インコーポレイテッド System and method for securing network communications
US8810368B2 (en) 2011-03-29 2014-08-19 Nokia Corporation Method and apparatus for providing biometric authentication using distributed computations
US20130144785A1 (en) 2011-03-29 2013-06-06 Igor Karpenko Social network payment authentication apparatuses, methods and systems
US10580049B2 (en) 2011-04-05 2020-03-03 Ingenico, Inc. System and method for incorporating one-time tokens, coupons, and reward systems into merchant point of sale checkout systems
US9092605B2 (en) * 2011-04-11 2015-07-28 NSS Lab Works LLC Ongoing authentication and access control with network access device
US8584224B1 (en) 2011-04-13 2013-11-12 Symantec Corporation Ticket based strong authentication with web service
US9600679B2 (en) 2011-04-29 2017-03-21 Micro Focus Software Inc. Techniques for resource operation based on usage, sharing, and recommendations with modular authentication
US8897500B2 (en) 2011-05-05 2014-11-25 At&T Intellectual Property I, L.P. System and method for dynamic facial features for speaker recognition
EP2712454A4 (en) 2011-05-10 2015-04-15 Bionym Inc System and method for enabling continuous or instantaneous identity recognition based on physiological biometric signals
US8839395B2 (en) 2011-05-13 2014-09-16 Cch Incorporated Single sign-on between applications
US8561152B2 (en) 2011-05-17 2013-10-15 Microsoft Corporation Target-based access check independent of access request
US8953789B2 (en) 2011-06-01 2015-02-10 International Business Machines Corporation Combining key control information in common cryptographic architecture services
EP2716094A4 (en) 2011-06-03 2014-12-03 Blackberry Ltd System and method for accessing private networks
US8843649B2 (en) 2011-06-07 2014-09-23 Microsoft Corporation Establishment of a pairing relationship between two or more communication devices
US20120313746A1 (en) 2011-06-10 2012-12-13 Aliphcom Device control using sensory input
US20120323786A1 (en) * 2011-06-16 2012-12-20 OneID Inc. Method and system for delayed authorization of online transactions
US9621350B2 (en) * 2011-06-30 2017-04-11 Cable Television Laboratories, Inc. Personal authentication
JP2013016070A (en) 2011-07-05 2013-01-24 Interman Corp Logon support system
US8631190B2 (en) * 2011-07-22 2014-01-14 International Business Machines Corporation Prefetching data tracks and parity data to use for destaging updated tracks
JP5710075B2 (en) 2011-07-29 2015-04-30 ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. Certificate validation
US8412945B2 (en) 2011-08-09 2013-04-02 CloudPassage, Inc. Systems and methods for implementing security in a cloud computing environment
US8800056B2 (en) 2011-08-12 2014-08-05 Palo Alto Research Center Incorporated Guided implicit authentication
CN102255917B (en) 2011-08-15 2014-09-03 北京宏基恒信科技有限责任公司 Method, system and device for updating and synchronizing keys of dynamic token
US8752123B2 (en) * 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing data tokenization
US8863258B2 (en) 2011-08-24 2014-10-14 International Business Machines Corporation Security for future log-on location
US8713314B2 (en) 2011-08-30 2014-04-29 Comcast Cable Communications, Llc Reoccuring keying system
US8590018B2 (en) * 2011-09-08 2013-11-19 International Business Machines Corporation Transaction authentication management system with multiple authentication levels
US8838982B2 (en) 2011-09-21 2014-09-16 Visa International Service Association Systems and methods to secure user identification
US9621404B2 (en) 2011-09-24 2017-04-11 Elwha Llc Behavioral fingerprinting with social networking
US20130133054A1 (en) * 2011-09-24 2013-05-23 Marc E. Davis Relationship Based Trust Verification Schema
US9081951B2 (en) 2011-09-29 2015-07-14 Oracle International Corporation Mobile application, identity interface
US20130090939A1 (en) 2011-10-11 2013-04-11 Robert N. Robinson Sytem and method for preventing healthcare fraud
US9043480B2 (en) 2011-10-11 2015-05-26 Citrix Systems, Inc. Policy-based application management
US9021565B2 (en) 2011-10-13 2015-04-28 At&T Intellectual Property I, L.P. Authentication techniques utilizing a computing device
US20140189807A1 (en) 2011-10-18 2014-07-03 Conor P. Cahill Methods, systems and apparatus to facilitate client-based authentication
US20130104187A1 (en) 2011-10-18 2013-04-25 Klaus Helmut Weidner Context-dependent authentication
EP4333554A3 (en) * 2011-10-31 2024-03-13 CosmoKey Solutions GmbH & Co. KG Authentication method
US10013692B2 (en) 2011-11-10 2018-07-03 Cryptocode, Inc. Systems and methods for authorizing transactions via a digital device
MX2014005691A (en) 2011-11-14 2014-08-22 Vasco Data Security Inc A smart card reader with a secure logging feature.
US8607319B2 (en) * 2011-11-22 2013-12-10 Daon Holdings Limited Methods and systems for determining biometric data for use in authentication transactions
WO2013082190A1 (en) 2011-11-28 2013-06-06 Visa International Service Association Transaction security graduated seasoning and risk shifting apparatuses, methods and systems
JP2013122736A (en) 2011-12-12 2013-06-20 Tohsho Corp Point management system
US8595808B2 (en) * 2011-12-16 2013-11-26 Daon Holdings Limited Methods and systems for increasing the security of network-based transactions
US8958599B1 (en) 2012-01-06 2015-02-17 Google Inc. Input method and system based on ambient glints
US8863299B2 (en) 2012-01-06 2014-10-14 Mobile Iron, Inc. Secure virtual file management system
CA2861660A1 (en) * 2012-01-08 2013-07-11 Imagistar Llc System and method for item self-assessment as being extant or displaced
WO2013109857A1 (en) 2012-01-20 2013-07-25 Interdigital Patent Holdings, Inc. Identity management with local functionality
CN104185868B (en) 2012-01-24 2017-08-22 澳尔亚有限公司 Authentication voice and speech recognition system and method
KR101716743B1 (en) 2012-02-14 2017-03-15 애플 인크. Mobile apparatus supporting a plurality of access control clients, and corresponding methods
WO2013123548A2 (en) 2012-02-20 2013-08-29 Lock Box Pty Ltd. Cryptographic method and system
KR101971697B1 (en) 2012-02-24 2019-04-23 삼성전자주식회사 Method and apparatus for authenticating user using hybrid biometrics information in a user device
US9367678B2 (en) * 2012-02-29 2016-06-14 Red Hat, Inc. Password authentication
US20130246272A1 (en) 2012-03-12 2013-09-19 OneID Inc. Secure mobile transactions
US20130239173A1 (en) * 2012-03-12 2013-09-12 Stephen T. Dispensa Computer program and method for administering secure transactions using secondary authentication
US10332112B2 (en) * 2012-03-27 2019-06-25 International Business Machines Corporation Authentication for transactions using near field communication
US9338656B2 (en) 2012-03-28 2016-05-10 Intel Corporation Conditional limited service grant based on device verification
WO2013159110A1 (en) 2012-04-20 2013-10-24 Conductiv Software, Inc. Multi-factor mobile transaction authentication
US9092616B2 (en) 2012-05-01 2015-07-28 Taasera, Inc. Systems and methods for threat identification and remediation
US9521548B2 (en) 2012-05-21 2016-12-13 Nexiden, Inc. Secure registration of a mobile device for use with a session
US9130837B2 (en) 2012-05-22 2015-09-08 Cisco Technology, Inc. System and method for enabling unconfigured devices to join an autonomic network in a secure manner
US9613052B2 (en) 2012-06-05 2017-04-04 International Business Machines Corporation Establishing trust within a cloud computing system
US9317689B2 (en) 2012-06-15 2016-04-19 Visa International Service Association Method and apparatus for secure application execution
US20140007215A1 (en) 2012-06-15 2014-01-02 Lockheed Martin Corporation Mobile applications platform
US20130346176A1 (en) 2012-06-20 2013-12-26 Zachery Alolabi System and method for payment incentivizing
US20140006776A1 (en) 2012-06-29 2014-01-02 Mark Scott-Nash Certification of a virtual trusted platform module
US9589399B2 (en) 2012-07-02 2017-03-07 Synaptics Incorporated Credential quality assessment engine systems and methods
US20140013422A1 (en) * 2012-07-03 2014-01-09 Scott Janus Continuous Multi-factor Authentication
TW201417598A (en) 2012-07-13 2014-05-01 Interdigital Patent Holdings Characteristics of security associations
US8799657B2 (en) 2012-08-02 2014-08-05 Gm Global Technology Operations, Llc Method and system of reconstructing a secret code in a vehicle for performing secure operations
US10771448B2 (en) 2012-08-10 2020-09-08 Cryptography Research, Inc. Secure feature and key management in integrated circuits
US9088891B2 (en) 2012-08-13 2015-07-21 Wells Fargo Bank, N.A. Wireless multi-factor authentication with captive portals
US9867043B2 (en) 2012-08-28 2018-01-09 Visa International Service Association Secure device service enrollment
US8955067B2 (en) 2012-09-12 2015-02-10 Capital One, Na System and method for providing controlled application programming interface security
US9444817B2 (en) 2012-09-27 2016-09-13 Microsoft Technology Licensing, Llc Facilitating claim use by service providers
US9215249B2 (en) 2012-09-29 2015-12-15 Intel Corporation Systems and methods for distributed trust computing and key management
US9172544B2 (en) 2012-10-05 2015-10-27 General Electric Company Systems and methods for authentication between networked devices
US20140250523A1 (en) * 2012-10-11 2014-09-04 Carnegie Mellon University Continuous Authentication, and Methods, Systems, and Software Therefor
US8910239B2 (en) 2012-10-15 2014-12-09 Citrix Systems, Inc. Providing virtualized private network tunnels
US9176838B2 (en) 2012-10-19 2015-11-03 Intel Corporation Encrypted data inspection in a network environment
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US8584219B1 (en) * 2012-11-07 2013-11-12 Fmr Llc Risk adjusted, multifactor authentication
US9166962B2 (en) * 2012-11-14 2015-10-20 Blackberry Limited Mobile communications device providing heuristic security authentication features and related methods
US8935808B2 (en) 2012-12-18 2015-01-13 Bank Of America Corporation Identity attribute exchange and validation broker
CN103888252A (en) 2012-12-19 2014-06-25 深圳市华营数字商业有限公司 UID, PID, and APPID-based control application access permission method
US9015482B2 (en) 2012-12-28 2015-04-21 Nok Nok Labs, Inc. System and method for efficiently enrolling, registering, and authenticating with multiple authentication devices
US9306754B2 (en) 2012-12-28 2016-04-05 Nok Nok Labs, Inc. System and method for implementing transaction signing within an authentication framework
US9219732B2 (en) 2012-12-28 2015-12-22 Nok Nok Labs, Inc. System and method for processing random challenges within an authentication framework
US9374369B2 (en) 2012-12-28 2016-06-21 Lookout, Inc. Multi-factor authentication and comprehensive login system for client-server networks
US9083689B2 (en) 2012-12-28 2015-07-14 Nok Nok Labs, Inc. System and method for implementing privacy classes within an authentication framework
US9172687B2 (en) 2012-12-28 2015-10-27 Nok Nok Labs, Inc. Query system and method to determine authentication capabilities
US20140189835A1 (en) * 2012-12-28 2014-07-03 Pitney Bowes Inc. Systems and methods for efficient authentication of users
EP2939166B1 (en) 2012-12-28 2020-11-11 Nok Nok Labs, Inc. Query system and method to determine authentication capabilities
US8856541B1 (en) 2013-01-10 2014-10-07 Google Inc. Liveness detection
CN103945374A (en) 2013-01-18 2014-07-23 深圳市华营数字商业有限公司 Method of mobile terminal equipment and user authentication based on PKI technology
US9143506B2 (en) * 2013-02-13 2015-09-22 Daniel Duncan Systems and methods for identifying biometric information as trusted and authenticating persons using trusted biometric information
US20140250011A1 (en) * 2013-03-01 2014-09-04 Lance Weber Account type detection for fraud risk
JP6069039B2 (en) 2013-03-11 2017-01-25 日立オートモティブシステムズ株式会社 Gateway device and service providing system
KR101731404B1 (en) 2013-03-14 2017-04-28 인텔 코포레이션 Voice and/or facial recognition based service provision
US20140279516A1 (en) * 2013-03-14 2014-09-18 Nicholas Rellas Authenticating a physical device
US9137247B2 (en) 2013-03-15 2015-09-15 Intel Corporation Technologies for secure storage and use of biometric authentication information
US9633322B1 (en) * 2013-03-15 2017-04-25 Consumerinfo.Com, Inc. Adjustment of knowledge-based authentication
US9141823B2 (en) 2013-03-15 2015-09-22 Veridicom, Sa De Cv Abstraction layer for default encryption with orthogonal encryption logic session object; and automated authentication, with a method for online litigation
US20140282868A1 (en) 2013-03-15 2014-09-18 Micah Sheller Method And Apparatus To Effect Re-Authentication
US9305298B2 (en) 2013-03-22 2016-04-05 Nok Nok Labs, Inc. System and method for location-based authentication
US10270748B2 (en) 2013-03-22 2019-04-23 Nok Nok Labs, Inc. Advanced authentication techniques and applications
US9887983B2 (en) 2013-10-29 2018-02-06 Nok Nok Labs, Inc. Apparatus and method for implementing composite authenticators
CN103220145B (en) 2013-04-03 2015-06-17 天地融科技股份有限公司 Method and system for electronic signature token to respond to operation request, and electronic signature token
GB2513125A (en) * 2013-04-15 2014-10-22 Visa Europe Ltd Method and system for transmitting credentials
JP6307593B2 (en) 2013-04-26 2018-04-04 インターデイジタル パテント ホールディングス インコーポレイテッド Multi-factor authentication to achieve the required level of certification assurance
US9760785B2 (en) * 2013-05-08 2017-09-12 Jpmorgan Chase Bank, N.A. Systems and methods for high fidelity multi-modal out-of-band biometric authentication
US9084115B2 (en) 2013-05-13 2015-07-14 Dennis Thomas Abraham System and method for data verification using a smart phone
US9294475B2 (en) 2013-05-13 2016-03-22 Hoyos Labs Ip, Ltd. System and method for generating a biometric identifier
GB201309702D0 (en) 2013-05-30 2013-07-17 Certivox Ltd Security
US8646060B1 (en) 2013-07-30 2014-02-04 Mourad Ben Ayed Method for adaptive authentication using a mobile device
US10366391B2 (en) * 2013-08-06 2019-07-30 Visa International Services Association Variable authentication process and system
US9161209B1 (en) 2013-08-21 2015-10-13 Sprint Communications Company L.P. Multi-step mobile device initiation with intermediate partial reset
US9876803B2 (en) 2013-08-23 2018-01-23 Morphotrust Usa, Llc System and method for identity management
CN103475666B (en) 2013-09-23 2017-01-04 中国科学院声学研究所 A kind of digital signature authentication method of Internet of Things resource
US9396319B2 (en) * 2013-09-30 2016-07-19 Laird H. Shuart Method of criminal profiling and person identification using cognitive/behavioral biometric fingerprint analysis
US9646150B2 (en) 2013-10-01 2017-05-09 Kalman Csaba Toth Electronic identity and credentialing system
US20150142628A1 (en) * 2013-11-20 2015-05-21 Bank Of America Corporation Detecting structured transactions
US20150180869A1 (en) 2013-12-23 2015-06-25 Samsung Electronics Company, Ltd. Cloud-based scalable authentication for electronic devices
US9633355B2 (en) * 2014-01-07 2017-04-25 Bank Of America Corporation Knowledge based verification of the identity of a user
US20150242605A1 (en) 2014-02-23 2015-08-27 Qualcomm Incorporated Continuous authentication with a mobile device
US9698976B1 (en) 2014-02-24 2017-07-04 Wickr Inc. Key management and dynamic perfect forward secrecy
WO2015130734A1 (en) 2014-02-25 2015-09-03 Uab Research Foundation Two-factor authentication systems and methods
US9344419B2 (en) 2014-02-27 2016-05-17 K.Y. Trix Ltd. Methods of authenticating users to a site
CN103793632B (en) 2014-02-28 2017-04-12 汕头大学 Method and device for transferring access permission control service of digital content products
US9652354B2 (en) 2014-03-18 2017-05-16 Microsoft Technology Licensing, Llc. Unsupervised anomaly detection for arbitrary time series
US20170109751A1 (en) 2014-05-02 2017-04-20 Nok Nok Labs, Inc. System and method for carrying strong authentication events over different channels
US9654463B2 (en) 2014-05-20 2017-05-16 Airwatch Llc Application specific certificate management
US10212176B2 (en) * 2014-06-23 2019-02-19 Hewlett Packard Enterprise Development Lp Entity group behavior profiling
US9418365B2 (en) * 2014-09-08 2016-08-16 Mastercard International Incorporated Systems and methods for using social network data to determine payment fraud
US9992207B2 (en) * 2014-09-23 2018-06-05 Qualcomm Incorporated Scalable authentication process selection based upon sensor inputs
US20160292687A1 (en) * 2014-10-13 2016-10-06 Empire Technology Development Llc Verification location determination for entity presence confirmation of online purchases
US9928603B2 (en) 2014-12-31 2018-03-27 Morphotrust Usa, Llc Detecting facial liveliness
US20170011406A1 (en) * 2015-02-10 2017-01-12 NXT-ID, Inc. Sound-Directed or Behavior-Directed Method and System for Authenticating a User and Executing a Transaction
US10387882B2 (en) * 2015-07-01 2019-08-20 Klarna Ab Method for using supervised model with physical store
WO2017007705A1 (en) 2015-07-06 2017-01-12 Shape Security, Inc. Asymmetrical challenges for web security
US10129035B2 (en) 2015-08-10 2018-11-13 Data I/O Corporation Device birth certificate
US10142107B2 (en) 2015-12-31 2018-11-27 Microsoft Technology Licensing, Llc Token binding using trust module protected keys
US10333705B2 (en) 2016-04-30 2019-06-25 Civic Technologies, Inc. Methods and apparatus for providing attestation of information using a centralized or distributed ledger
AU2017263465B9 (en) 2016-05-11 2021-01-28 Nasdaq, Inc. Application framework using blockchain-based asset ownership
KR101799343B1 (en) 2016-05-16 2017-11-22 주식회사 코인플러그 Method for using, revoking certificate information and blockchain-based server using the same
US10580100B2 (en) 2016-06-06 2020-03-03 Chicago Mercantile Exchange Inc. Data payment and authentication via a shared data structure
US10454683B2 (en) 2016-06-17 2019-10-22 Capital One Services, Llc Blockchain systems and methods for user authentication
US10769635B2 (en) * 2016-08-05 2020-09-08 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
US10846390B2 (en) 2016-09-14 2020-11-24 Oracle International Corporation Single sign-on functionality for a multi-tenant identity and data security management cloud service
US10237070B2 (en) * 2016-12-31 2019-03-19 Nok Nok Labs, Inc. System and method for sharing keys across authenticators
US10091195B2 (en) * 2016-12-31 2018-10-02 Nok Nok Labs, Inc. System and method for bootstrapping a user binding
US11042845B2 (en) * 2017-11-07 2021-06-22 Mastercard International Incorporated ACH transaction authentication systems and methods
US11868995B2 (en) * 2017-11-27 2024-01-09 Nok Nok Labs, Inc. Extending a secure key storage for transaction confirmation and cryptocurrency
US11288672B2 (en) * 2017-12-28 2022-03-29 Paypal, Inc. Machine learning engine for fraud detection following link selection
US11831409B2 (en) * 2018-01-12 2023-11-28 Nok Nok Labs, Inc. System and method for binding verifiable claims
US11366884B2 (en) * 2018-02-14 2022-06-21 American Express Travel Related Services Company, Inc. Authentication challenges based on fraud initiation requests

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020010857A1 (en) * 2000-06-29 2002-01-24 Kaleedhass Karthik Biometric verification for electronic transactions over the web
US7512567B2 (en) * 2006-06-29 2009-03-31 Yt Acquisition Corporation Method and system for providing biometric authentication at a point-of-sale via a mobile device
US20090307139A1 (en) * 2008-06-06 2009-12-10 Ebay, Inc. Biometric authentication of mobile financial transactions by trusted service managers
US20140090039A1 (en) * 2012-09-24 2014-03-27 Plantronics, Inc. Secure System Access Using Mobile Biometric Devices

Cited By (68)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10762181B2 (en) 2013-03-22 2020-09-01 Nok Nok Labs, Inc. System and method for user confirmation of online transactions
US10776464B2 (en) 2013-03-22 2020-09-15 Nok Nok Labs, Inc. System and method for adaptive application of authentication policies
US11929997B2 (en) 2013-03-22 2024-03-12 Nok Nok Labs, Inc. Advanced authentication techniques and applications
US10366218B2 (en) 2013-03-22 2019-07-30 Nok Nok Labs, Inc. System and method for collecting and utilizing client data for risk assessment during authentication
US10282533B2 (en) 2013-03-22 2019-05-07 Nok Nok Labs, Inc. System and method for eye tracking during authentication
US10706132B2 (en) * 2013-03-22 2020-07-07 Nok Nok Labs, Inc. System and method for adaptive user authentication
US10798087B2 (en) 2013-10-29 2020-10-06 Nok Nok Labs, Inc. Apparatus and method for implementing composite authenticators
US20150227735A1 (en) * 2014-02-13 2015-08-13 Robert Chappell System and method for eye tracking authentication
US10326761B2 (en) 2014-05-02 2019-06-18 Nok Nok Labs, Inc. Web-based user authentication techniques and applications
US20160270724A1 (en) * 2014-07-23 2016-09-22 Invoy Technologies, Llc Ketone measurement system capable of detecting and notifying a user of proper insertion of detachable components
US10169556B2 (en) 2014-10-30 2019-01-01 Intuit Inc. Verifying a user's identity based on adaptive identity assurance levels
US10565360B2 (en) 2014-10-30 2020-02-18 Intuit Inc. Verifying a user's identity based on adaptive identity assurance levels
GB2531839B (en) * 2014-10-30 2021-11-10 Intuit Inc Verifying a user's identity based on adaptive identity assurance levels
GB2531839A (en) * 2014-10-30 2016-05-04 Intuit Inc Verifying a user's identity based on adaptive identity assurance levels
WO2016108017A1 (en) 2014-12-30 2016-07-07 Oberthur Technologies Payment request verification method including determination of the location where a payment token was issued
EP3241159A1 (en) * 2014-12-31 2017-11-08 Vasco Data Security International GmbH A method and apparatus for securing an application using a measurement of a location dependent physical property of the environment
CN107636663A (en) * 2014-12-31 2018-01-26 威斯科数据安全国际有限公司 The position relational physical properties of use environment are measured to protect the method and apparatus of application
US10541986B2 (en) 2014-12-31 2020-01-21 Onespan North America Inc. Method and apparatus for securing an application using a measurement of a location dependent physical property of the environment
US9525694B2 (en) * 2015-01-15 2016-12-20 Bank Of America Corporation Authenticating customers and managing authenticated sessions
US9491170B2 (en) 2015-01-15 2016-11-08 Bank Of America Corporation Authenticating customers and managing authenticated sessions
US9619636B2 (en) 2015-02-06 2017-04-11 Qualcomm Incorporated Apparatuses and methods for secure display on secondary display device
WO2016126384A1 (en) * 2015-02-06 2016-08-11 Qualcomm Incorporated Apparatuses and methods for secure display on secondary display device
US11961154B2 (en) 2015-05-21 2024-04-16 Dxc Technology Services Llc Contract token including sensor data
EP3298723A4 (en) * 2015-05-21 2019-01-09 Ent. Services Development Corporation LP Contract token including sensor data
EP3107052A1 (en) * 2015-06-15 2016-12-21 Tata Consultancy Services Limited Method and system for performing secure banking transactions
WO2017031504A1 (en) * 2015-08-20 2017-02-23 Cloudwear, Inc. Method and apparatus for geographic location based electronic security management
US10375082B2 (en) * 2015-08-20 2019-08-06 Averon Us, Inc. Method and apparatus for geographic location based electronic security management
CN108369620A (en) * 2015-08-20 2018-08-03 艾佛伦美国公司 Method and apparatus for the electronic security(ELSEC) management based on geographical location
US20220043897A1 (en) * 2015-08-20 2022-02-10 Averon Us, Inc. Method And Apparatus For Geographic Location Based Electronic Security Management
US20170195339A1 (en) * 2015-08-20 2017-07-06 Cloudwear Inc. Method and apparatus for geographic location based electronic security management
CN107016270A (en) * 2015-12-01 2017-08-04 由田新技股份有限公司 Dynamic graphic eye movement authentication system and method combining face authentication or hand authentication
US11107071B2 (en) 2016-02-01 2021-08-31 Apple Inc. Validating online access to secure device functionality
CN108604338A (en) * 2016-02-01 2018-09-28 苹果公司 Verify the online access to safety device function
US11170358B2 (en) * 2016-04-29 2021-11-09 International Business Machines Corporation System, method, and recording medium for identity fraud prevention in secure transactions using multi-factor verification
US11429973B2 (en) 2016-05-27 2022-08-30 Mastercard International Incorporated Systems and methods for authenticating a requestor at an ATM
WO2017204960A1 (en) * 2016-05-27 2017-11-30 Mastercard International Incorporated Systems and methods for authenticating a requestor at an atm
US10453060B2 (en) 2016-05-27 2019-10-22 Mastercard International Incorporated Systems and methods for authenticating a requestor at an ATM
US10764300B2 (en) 2016-06-29 2020-09-01 Mastercard Asia/Pacific Pte. Ltd. Method for effecting an authentication procedure associated with a service provider or an application
EP3458995A4 (en) * 2016-06-29 2020-04-29 Mastercard Asia/Pacific Pte. Ltd. Method for effecting an authentication procedure associated with a service provider or an application
US11132425B1 (en) 2016-07-07 2021-09-28 Wells Fargo Bank, N.A. Systems and methods for location-binding authentication
CN107665426A (en) * 2016-07-28 2018-02-06 三星电子株式会社 Method and electronic device for payment using biometric authentication
US11017399B2 (en) 2016-07-28 2021-05-25 Samsung Electronics Co., Ltd Method and electronic device for paymnet using biometric authentication
EP3276556A1 (en) * 2016-07-28 2018-01-31 Samsung Electronics Co., Ltd. Method and electronic device for payment using biometric authentication
US10769635B2 (en) 2016-08-05 2020-09-08 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
US10637853B2 (en) 2016-08-05 2020-04-28 Nok Nok Labs, Inc. Authentication techniques including speech and/or lip movement analysis
US10237070B2 (en) 2016-12-31 2019-03-19 Nok Nok Labs, Inc. System and method for sharing keys across authenticators
US10574662B2 (en) 2017-06-20 2020-02-25 Bank Of America Corporation System for authentication of a user based on multi-factor passively acquired data
US10360733B2 (en) 2017-06-20 2019-07-23 Bank Of America Corporation System controlled augmented resource facility
US11171963B2 (en) 2017-06-20 2021-11-09 Bank Of America Corporation System for authentication of a user based on multi-factor passively acquired data
US11783335B2 (en) 2017-11-21 2023-10-10 Capital One Services, Llc Transaction confirmation and authentication based on device sensor data
EP3489878A1 (en) * 2017-11-21 2019-05-29 Capital One Services, LLC Transaction confirmation and authentication based on device sensor data
US11188915B2 (en) * 2017-11-21 2021-11-30 Capital One Services, Llc Transaction confirmation and authentication based on device sensor data
US11868995B2 (en) 2017-11-27 2024-01-09 Nok Nok Labs, Inc. Extending a secure key storage for transaction confirmation and cryptocurrency
US11831409B2 (en) 2018-01-12 2023-11-28 Nok Nok Labs, Inc. System and method for binding verifiable claims
EP3561753A1 (en) * 2018-04-25 2019-10-30 CCV Deutschland GmbH Data transmission and processing method and assembly for same
EP3588366A1 (en) * 2018-06-28 2020-01-01 Beijing Kuangshi Technology Co., Ltd. Living body detection method, apparatus, system and non-transitory computer-readable recording medium
US10885306B2 (en) 2018-06-28 2021-01-05 Beijing Kuangshi Technology Co., Ltd. Living body detection method, system and non-transitory computer-readable recording medium
US10798569B2 (en) * 2018-07-03 2020-10-06 Sony Corporation Methods for securely validating localization of a wireless communication device, and related devices
US20200015080A1 (en) * 2018-07-03 2020-01-09 Sony Mobile Communications Inc. Methods for securely validating localization of a wireless communication device, and related devices
US11080375B2 (en) 2018-08-01 2021-08-03 Intuit Inc. Policy based adaptive identity proofing
US11915507B2 (en) * 2018-11-28 2024-02-27 Nxp B.V. Location- and identity-referenced authentication method and communication system
US20200167539A1 (en) * 2018-11-28 2020-05-28 Nxp B.V. Location- and identity-referenced authentication method and communication system
US11792024B2 (en) 2019-03-29 2023-10-17 Nok Nok Labs, Inc. System and method for efficient challenge-response authentication
US11887424B2 (en) 2019-06-12 2024-01-30 Honeywell International Inc. Access control system using mobile device
US11749045B2 (en) 2021-03-01 2023-09-05 Honeywell International Inc. Building access using a mobile device
US11935055B2 (en) 2021-03-22 2024-03-19 Bank Of America Corporation Wired multi-factor authentication for ATMs using an authentication media
FR3126514A1 (en) * 2021-08-25 2023-03-03 Worldline Strong asynchronous authentication method and terminal configured for the implementation of said method.
WO2023026002A1 (en) * 2021-08-25 2023-03-02 Worldline Method for strong asynchronous authentication and terminal configured to implement said method

Also Published As

Publication number Publication date
US10366218B2 (en) 2019-07-30
US10706132B2 (en) 2020-07-07
US20180247038A1 (en) 2018-08-30
US10268811B2 (en) 2019-04-23
US9305298B2 (en) 2016-04-05
US10282533B2 (en) 2019-05-07
US10776464B2 (en) 2020-09-15
US20140289821A1 (en) 2014-09-25
US9367676B2 (en) 2016-06-14
US9396320B2 (en) 2016-07-19
US9898596B2 (en) 2018-02-20
US20140289808A1 (en) 2014-09-25
US10762181B2 (en) 2020-09-01
US20140289117A1 (en) 2014-09-25
US10176310B2 (en) 2019-01-08
US20140289790A1 (en) 2014-09-25
US20140289820A1 (en) 2014-09-25
US20140289528A1 (en) 2014-09-25
US20140289834A1 (en) 2014-09-25
US20140289822A1 (en) 2014-09-25
US20140289819A1 (en) 2014-09-25
US20140289509A1 (en) 2014-09-25

Similar Documents

Publication Publication Date Title
US20140289116A1 (en) System and method for performing authentication for a local transaction
EP3175414B1 (en) System and method for authenticating a client to a device
US10326761B2 (en) Web-based user authentication techniques and applications
KR102383021B1 (en) Enhanced security for registration of authentication devices
EP3693878B1 (en) Wireless biometric authentication system and method
KR102431834B1 (en) System and method for carrying strong authentication events over different channels
KR102457683B1 (en) System and method for performing authentication using data analytics
US7904718B2 (en) Personal digital key differentiation for secure transactions
US20140136419A1 (en) Limited use tokens granting permission for biometric identity verification
KR20140097467A (en) Method for authentication using biometric data for mobile device e-commerce transactions
US11792024B2 (en) System and method for efficient challenge-response authentication
CN111742314A (en) Biometric sensor on portable device
US9413533B1 (en) System and method for authorizing a new authenticator
US20140215586A1 (en) Methods and systems for generating and using a derived authentication credential
EP3975012A1 (en) Method for managing a pin code in a biometric smart card
Pote et al. Securing cash withdrawal from ATM with the help of Smart Mobile Banking Application

Legal Events

Date Code Title Description
AS Assignment

Owner name: NOK NOK LABS, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:POLIVANYI, IGOR;REEL/FRAME:034857/0449

Effective date: 20141218

AS Assignment

Owner name: VENTURE LENDING & LEASING VIII, INC., CALIFORNIA

Free format text: SECURITY INTEREST;ASSIGNOR:NOK NOK LABS, INC.;REEL/FRAME:041352/0867

Effective date: 20170111

Owner name: VENTURE LENDING & LEASING VII, INC., CALIFORNIA

Free format text: SECURITY INTEREST;ASSIGNOR:NOK NOK LABS, INC.;REEL/FRAME:041352/0867

Effective date: 20170111

AS Assignment

Owner name: VENTURE LENDING & LEASING IX, INC., CALIFORNIA

Free format text: SECURITY INTEREST;ASSIGNOR:NOK NOK LABS, INC.;REEL/FRAME:046492/0870

Effective date: 20180705

Owner name: VENTURE LENDING & LEASING VIII, INC., CALIFORNIA

Free format text: SECURITY INTEREST;ASSIGNOR:NOK NOK LABS, INC.;REEL/FRAME:046492/0870

Effective date: 20180705

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION