WO2004079499A2 - System and method for verifying user identity - Google Patents

System and method for verifying user identity Download PDF

Info

Publication number
WO2004079499A2
WO2004079499A2 PCT/IL2004/000224 IL2004000224W WO2004079499A2 WO 2004079499 A2 WO2004079499 A2 WO 2004079499A2 IL 2004000224 W IL2004000224 W IL 2004000224W WO 2004079499 A2 WO2004079499 A2 WO 2004079499A2
Authority
WO
WIPO (PCT)
Prior art keywords
location
request
user
secure
procedure
Prior art date
Application number
PCT/IL2004/000224
Other languages
French (fr)
Other versions
WO2004079499A3 (en
Inventor
Tomer Eden
Michael Eden
Original Assignee
Tomer Eden
Michael Eden
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tomer Eden, Michael Eden filed Critical Tomer Eden
Publication of WO2004079499A2 publication Critical patent/WO2004079499A2/en
Publication of WO2004079499A3 publication Critical patent/WO2004079499A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS

Definitions

  • the present invention relates to systems and methods for verifying user
  • resource to one or more authorized users. For example access to resources such as
  • PIN personal identification number
  • passwords passwords
  • Access codes are prone to theft and/or fraudulent use because they are
  • an authorized user may be any authorized user.
  • Tangible media is slightly better than access codes because a user is more
  • tangible media is not challenged when requesting access to a resource, this means that possession grants full access.
  • the mobile unit can move from one location to another, the system can thereby
  • system may only prevent the duplication of cellular terminals, based on location
  • the authentication process may only occur when the user initiates
  • PCT Patent Application No. 9641488 describes a system for detecting
  • This system records the geographical location of the
  • a single user may have several network terminals every time it is used.
  • a single user may have several network terminals
  • this invention performs passive location
  • the system and method verifies user identity by verifying the user presence at the
  • the verification is carried out by locating his or her associated
  • said system comprised of means for receiving user request for secure
  • procedure including a tentative identification of a specific user; means for detecting
  • the system also includes logic means for
  • said first location is detected by evaluation of at least one identifying information
  • the proximity indicator is determined as the distance between said first location and said second location. Either of the locations may be defined as an exact
  • the secure procedure may be, for example, a credit card
  • the request is originated by a designated terminal and the detection of the first
  • location is based on defined lookup table including information of different
  • the system also includes means for creating and
  • the wireless devices are associated with identified users
  • a method for authenticating a user request for processing a secure procedure is
  • FIG. 1 is a diagram illustrating the system' s principal components according to the
  • FIG. 2 is a flow diagram of the authorization algorithm according to the preferred embodiment
  • FIG. 3 is a flow diagram of the managing vendors' location lookup table algorithm
  • the present invention is decision supporting systems and methods for
  • the present invention may help evaluate
  • claims may refer to an individual or to a group of individuals. For purposes of this
  • This definition specifically includes, but is
  • a credit card account not limited to, a credit card account, a bank account and a customer account with a
  • Secure procedures may include the authorizing of physical access such as, for
  • opening of a gate, door, or lock or electronic procedures such as, for
  • Electronic secure procedure specifically includes, but is not limited to, electronic
  • At least one locatable device which may be, for example, a cellular telephone, an
  • alpha numeric pager or a dedicated user tracking device.
  • PDAs digital assistants
  • portable computers as well as devices which have
  • dedicated user tracking device might work, for example by GPS or GSM
  • Such a dedicated device for example, a financial institution or an employer.
  • a dedicated device for example, a financial institution or an employer.
  • a dedicated user tracking device might be incorporated into a functional
  • Figure 1 is an illustration of the main components of a decision supporting
  • a wireless network means such as a mobile phone
  • the system compares the position of person A and the location of person B to produce a proximity indicator.
  • the user 102 may communicate with the vendor 130 directly, provided that the
  • the credit card terminal 150 then communicates with the authentication
  • the Server 160 is designed and configured to receive an
  • Server 160 is
  • This directory may include data correlating locations to, for example,
  • IP addresses e.g. area codes
  • IP addresses IP addresses or portions thereof.
  • the server commences a
  • system therefore farther includes identifying at least one locatable device 101
  • server 160 Preferably location of person A is provided as a
  • Method 80 furthermore
  • the proximity Preferably, the proximity
  • server 150 which in turn informs the vender 130.
  • the server 160 receives the
  • authorization request 210 which include the identity of the card holder, the details of
  • Verified vendors are vendors' location may be verified or unverified. Verified vendors are vendors
  • the proximity indicator is then examined to determine the validity of
  • the rule may take the
  • location 102 is defined as an area A and location 101 is defined as a point P
  • the rule may be formulated as "Approve request if P is in A.” In case both
  • locations 101 , 102 are defined as areas A and A ' respectively the rule may be
  • the authentication server 160 holds and constantly
  • the server 310 the unique vendor ID is searched for in the
  • the location of the cellular device is registered as the

Abstract

The present invention is decision supporting systems and methods for authenticating users' requests which may be used to prevent the processing of fraudulent secure procedures. The system and method verifies user identity by verifying the user presence at the place of transaction. Specifically, the present invention may help evaluate the authenticity of users' requests at the time of a transaction approval by comparing the location of the transaction request with the location of a wireless network entity associated with an authorized user. According to the present invention the geographic location of a mobile network device, which is known to be carried by the user, is compared with the geographic location from which the request is initiated. The mobile network device may be, for example, a cellular phone, PDA, laptop or a designated device. The request may include financial transactions, physical or electronic access requests and the like.

Description

SYSTEM AND METHOD FOR VERIFYING
USER IDENTITY
FIELD AND BACKGROUND OF THE INVENTION
The present invention relates to systems and methods for verifying user
identity and, more particularly, to systems and methods which rely upon
comparison of at least two sets of location information for verifying user identity.
In the modern world it is often necessary or desirable to restrict access to a
resource to one or more authorized users. For example access to resources such
as physical facilities, information databases and accounts is typically restricted to
specific users. Authorization of users is most often accomplished by use of access
codes such as a personal identification number (PIN), a user name or passwords or
a combinations thereof, or tangible media such as a key, a credit card, a debit card
or an ID card.
Access codes are prone to theft and/or fraudulent use because they are
easily transferred or intercepted. In many cases, an authorized user may be
unaware that their PIN code has been intercepted by another and is being used for
unauthorized access.
Tangible media is slightly better than access codes because a user is more
likely to notice the absence of tangible media if it is lost or stolen. However, tangible
media is susceptible to unauthorized duplication and forgery. Typically, a bearer of
tangible media is not challenged when requesting access to a resource, this means that possession grants full access.
Further, in the case of credit/debit cards, information imprinted on the
media such as account number and expiration date may suffice for purposes of a
telephone or internet transaction.
Known in the art are several location based user authentication systems.
US Patent No. 6,097,938, for example, discloses a system and a method for
determine whether the mobile unit is a fraudulent user of the cellular
communication network. Every time the cellular terminal is used, the system
receives an identification number for a mobile unit as well as a location code. The
system then compares the current location code with a previously received
location code. Given that there are natural physical constraints on how quickly a
mobile unit can move from one location to another, the system can thereby
determine if there are two mobile units using the same identification number. This
system may only prevent the duplication of cellular terminals, based on location
information, and the authentication process may only occur when the user initiates
a call.
PCT Patent Application No. 9641488 describes a system for detecting
fraud on electronic networks. This system records the geographical location of the
network terminal every time it is used. A single user may have several network
terminals, all carrying the same identification code (SIN number). The system then
checks if by dividing the geographic distance between every two sequential uses
of the terminal of a single user, by the time elapsed between them, exceeds a
reasonable ground speed limitation predetermined by the system administrators. As with the patent described above, this invention performs passive location
verifications and depends on two sequential logins of the user to validate the user
identification.
There is thus a need for systems and methods for actively verifying user
identity while approving a transaction, in real time, devoid of the above limitation.
SUMMARY OF THE INVENTION
The system and method verifies user identity by verifying the user presence at the
place of transaction. The verification is carried out by locating his or her associated
traceable device. A system for authenticating a user request for processing secure
procedure, said system comprised of means for receiving user request for secure
procedure including a tentative identification of a specific user; means for detecting
a first location from which the request originates; means for active detection of a
second location at which at least one wireless device associated with said specific
user is located. Said first location and said second iocation are compared in order
to produce a proximity indicator. The system also includes logic means for
evaluating authentication level of the request for the secure procedure in
accordance with said proximity indicator and at least one predetermined rule. The
said first location is detected by evaluation of at least one identifying information
detail and the wireless device is selected from the group consisting of cellular
telephones an alpha numeric pager and a dedicated user tracking device.
The proximity indicator is determined as the distance between said first location and said second location. Either of the locations may be defined as an exact
point or as an area. The secure procedure may be, for example, a credit card
payment transaction or an accessing an electronic information resource request.
The request is originated by a designated terminal and the detection of the first
location is based on defined lookup table including information of different
designated terminals locations. The system also includes means for creating and
editing said lookup table, wherein the designated terminal location are
determined according to prior secure procedures activities associated with said
terminal wherein said activities location are identified according to associated
wireless devices. The wireless devices are associated with identified users
according to updated look up table correlating between users ID and their
wireless devices, which are designated for the authentication process.
A method for authenticating a user request for processing a secure procedure is
comprised of the following steps: receiving user request for secure procedure
including a tentative identification of a specific user; detecting a first location from
which the request originates; actively detecting of a second location at which at
least one wireless device associated with said specific user is located; and
comparing said first location and said second location to produce a proximity
indicator.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention is herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the
drawings in detail, it is stressed that the particulars shown are by way of
example and for purposes of illustrative discussion of the preferred
embodiments of the present invention only, and are presented in the cause of
providing what is believed to be the most useful and readily understood
description of the principles and conceptual aspects of the invention. In this
regard, no attempt is made to show structural details of the invention in more
detail than is necessary for a fundamental understanding of the invention, the
description taken with the drawings making apparent to those skilled in the art
how the several forms of the invention may be embodied in practice.
In the drawings:
FIG. 1 is a diagram illustrating the system' s principal components according to the
preferred embodiment of the present invention;
FIG. 2 is a flow diagram of the authorization algorithm according to the preferred
embodiment of the present invention;
FIG. 3 is a flow diagram of the managing vendors' location lookup table algorithm
according to the preferred embodiment of the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention is decision supporting systems and methods for
authenticating users' requests which may be used to prevent the processing of
fraudulent secure procedures. Specifically, the present invention may help evaluate
the authenticity of users' requests at the time of a transaction approval by comparing the location of the transaction request with the location of a wireless
network entity associated with an authorized user. Comparison between locations
may also be subsequent thereto. The principles of operation of systems and
methods according to the present invention may be better understood with
reference to the drawings and accompanying descriptions.
Before explaining at least one embodiment of the invention in detail, it is to
be understood that the invention is not limited in its application to the details of
construction and the arrangement of the components set forth in the following
description or illustrated in the drawings. The invention may include other
embodiments and may be practiced or carried out in various ways. Also, it is to be
understood that the phraseology and terminology employed herein is for the purpose
of description and should not be regarded as limiting.
The term "user" as employed in this specification and the accompanying
claims may refer to an individual or to a group of individuals. For purposes of this
specification and the accompanying claims the term "account" refers to any
calculation of monetary indebtedness. This definition specifically includes, but is
not limited to, a credit card account, a bank account and a customer account with a
commercial entity (e.g. line of credit).
For purposes of this specification and the accompanying claims, the term
processing secure procedure should be construed in its broadest possible sense.
Secure procedures may include the authorizing of physical access such as, for
example, opening of a gate, door, or lock, or electronic procedures such as, for
example, and access to stored data and/or an account belonging to specific user. Electronic secure procedure specifically includes, but is not limited to, electronic
funds transfers.
According to the preferred embodiments of the invention the user uses at
least one locatable device, which may be, for example, a cellular telephone, an
alpha numeric pager or a dedicated user tracking device. For purposes of this
specification and the accompanying claims, the term "cellular telephone"
includes devices which have cellular telephone capabilities such as, personal
digital assistants (PDAs) and portable computers as well as devices which have
cellular telephonic communication as their primary function. Further included in
this definition are satellite mobile phones which perform a similar function. A
dedicated user tracking device might work, for example by GPS or GSM
technology and could be assigned to a user for purposes of function of system by,
for example, a financial institution or an employer. Such a dedicated device
would preferably be small and unobtrusive so that the user would habitually
carry it. A dedicated user tracking device might be incorporated into a functional
and necessary item such as, for example a wrist-watch or a key.
Figure 1 is an illustration of the main components of a decision supporting
system for authenticating a user request before processing secure procedure in
accordance with the preferred embodiment of the present invention. In order to
perform the authentication of the user holding the credit card 102 (person A) before
processing a secure procedure, such as approving a credit card payment, the
system locates the position of a wireless network means, such as a mobile phone
101 , which is associated with the user (person B), The system then compares the position of person A and the location of person B to produce a proximity indicator.
According to the analysis of this proximity indicator the system decides whether to
produce an approval or a rejection recommendation of the user authentication
procedure.
Once the user initiates a payment approval procedure the system' s user
authentication process commences. As with standard purchases via a credit card,
the user 102 may communicate with the vendor 130 directly, provided that the
purchase is carried out in person, or via other communication medium such as the
phone or the Internet, and the vendor 130 communicates with the credit transaction
server 150 via an authentication layer 140. In cases when the purchase is performed
in person the location of person A is identical to the location of the vendor 130. For
purchases done via remote communication means the location of person A is
automatically acquired by the vendor terminal 130. The system holds and constantly
updates the location of all relevant vendors 130 in any given area. The process of
acquiring and updating the lists of vendors' locations is described below.
The credit card terminal 150 then communicates with the authentication
server 160. The Server 160 is designed and configured to receive an
authentication request including the identification of person A. Server 160 is
further designed and configured to ascertain a location for person A from
which the request originates. Acquiring this location may be accomplished, for
example, by comparing data contained in a request (e.g. unique identification
number, phone number or IP address) with a data directory. Thus, the system, as
detailed hereinabove preferably further includes stored data 165 of the server 160 to facilitate ascertaining the location of person A from whom the request
originates. This directory may include data correlating locations to, for example,
unique identification numbers (e.g. vendor numbers), phone numbers or portions
thereof (e.g. area codes) or IP addresses or portions thereof.
In order to ascertain the location of person B the server commences a
locating process in order to find the position of the locatable device 101 which
is associated with the identity of person A as registered in database 165. The
system therefore farther includes identifying at least one locatable device 101
associated with specific user (person A) by means of a look-up table stored in
memory 165 of server 160. Preferably location of person A is provided as a
location at the time of the request, although a location of device 101 from shortly
before or shortly after the time of the request can be also used. Method 80 further
includes comparing 32 first location 36 and second location 37 to produce a
proximity indicator.
In order to acquire the location of person B the authenticating sever 160
sends a locating query to the cellular network 190. Preferably, the proximity
indicator produced by the comparison of locations of person A and person
B is expressed as a distance. In some cases, it may be advantageous to
define these locations as an area if the ascertaining of either of those
locations is characterized by a low degree of accuracy. According to the
preferred embodiments of the invention, a decision about whether to
authorize a request is made by the server 160 by evaluating the proximity
indicator according to a predetermined rule. Once the server 160 analyses the proximity of the two locations and reaches
an authorization conclusion the authorizing server 160 informs the credit transaction
server 150, which in turn informs the vender 130.
Following is a description of the authorization algorithm, which is illustrated in
figure 2, as it is conducted by the server 160. The server 160 receives the
authorization request 210 which include the identity of the card holder, the details of
his or her locatable mobile device and the identity of the vendor. The server then
proceeds with locating the position of the user' s mobile device 220 and searching
the vendors' lookup table for the details of the vendor 225. The status of a
vendors' location may be verified or unverified. Verified vendors are vendors
which are well known to the system and their details have been checked. The
procedure of handling new and unverified vendors is described below. Assuming
that the vendor' s details are verified its location is retrieved from the list. Having
obtained the two locations the system compares them and the proximity indicator is
calculated 240. The proximity indicator is then examined to determine the validity of
the request 245, and having determined, an approval 260 or denial 250
recommendation of the transaction is sent back 270.
If the proximity indicator is expressed as a distance d, the rule may take the
form of "Approve request if d < a predetermined distance." If, for instance
location 102 is defined as an area A and location 101 is defined as a point P
the rule may be formulated as "Approve request if P is in A." In case both
locations 101 , 102 are defined as areas A and A ' respectively the rule may be
phrased as "Approve request if A and A Overlap." As mentioned above, the authentication server 160 holds and constantly
updates a lookup table of the location of all possible vendors in a specific area in
database 165. Following is a description of the method for managing this lookup
table for unverified vendors as, illustrated in figure 3. As a new authentication
request is received by the server 310 the unique vendor ID is searched for in the
lists of existing vendors 320. If the vendor is found in the list and its location is
verified the authentication procedure proceeds as described above. If the vendor
is not found in the list, the location of the cellular device is registered as the
location of the new vendor in the vendors' lookup list 340, and the authentication
process terminates with no approval or denial results 380.
In case the vendor exists in the lookup table of known vendors, the system
compares the registered location of the vendor and the location of the cellular
device 335. If the locations match authentication is approved 370 and the approval
recommendation is sent back to the credit transaction server 150. In case the
locations do not match the system checks the distance between them 355. If they
are found to be in close proximity the definition of the location of the vendor may
be updated to include the new location 365 and the authentication is approved
370. If the distance between vendor' s location and the location of the cellular
device is found to be substantial the authentication is denied and the denial is sent
back to the credit transaction server 50.
It is appreciated that certain features of the invention, which are, for the
purpose of clarity, described in the context of separate embodiments, may also be
provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single
embodiment, may also be provided separately or in any suitable combination.
Although the invention has been described in conjunction with specific
embodiments thereof, it is evident that many alternatives, modifications and
variations will be apparent to those skilled in the art. Accordingly, it is intended to
embrace all such alternatives, modifications and variations that fall within the spirit
and broad scope of the appended claims. All publications, patents and patent
applications mentioned in this specification are herein incorporated in their entirety
by reference into the specification, to the same extent as if each individual
publication, patent or patent application was specifically and individually indicated to
be incorporated herein by reference. In addition, citation or identification of any
reference in this application shall not be construed as an admission that such
reference is available as prior art to the present invention.

Claims

WHAT IS CLAIMED IS:
1. A system for authenticating a user request for
processing secure procedure, said system comprised of:
(a) means for receiving user request for secure procedure
including a tentative identification of a specific user;
(b) means for detecting a first location from which the
request originates;
(c) means for active detection of a second location at
which at least one wireless device associated with said specific user
is located; and
(d) compare said first location and said second location to
produce a proximity indicator.
2. The system of claim 1 , further comprising ;
(e) logic means for evaluating authentication level of the
request for the secure procedure in accordance with said proximity
indicator and at least one predetermined rule.
3. The system of claim 1, wherein said first location is
detected by evaluation of at least one identifying information detail.
4. The system of claim 1 , wherein said wireless device is selected from the group consisting of cellular telephones an alpha
numeric pager and a dedicated user tracking device.
5. The system of claim 1 , wherein said proximity indicator
is a distance between said first location and said second location.
6. The system of claim 1, wherein at the said first
location and said second location are defined as an area.
7. The system of claim 1 wherein the secure procedure
is a credit card payment transaction.
8. The system of claim 1 wherein the secure procedure
is a procedure for accessing an electronic information resource.
9. The system of claim 1 wherein the request is
originated by a designated terminal and the detection of the first
location is based on defined lookup table including information of
different designated terminals locations.
10. The system of claim 9 further comprising means for
creating and editing said lookup table, wherein the designated
terminal location are determined according to prior secure procedures activities associated with said terminal wherein said
activities location are identified according to associated wireless
devices.
11. The system of claim 1 wherein the wireless devices
are associated with identified users according to updated look up
table correlating between users ID and their wireless devices,
which are designated for the authentication process.
12. The system of claim 1 wherein the authentication
process is applied to a group of users.
13. A method for authenticating a user request for
processing a secure procedure, said method comprising the steps
of:
(a) receiving user request for secure procedure including a tentative
identification of a specific user;
(b) detecting a first location from which the request originates;
(c) actively detecting of a second location at which at least one
wireless device associated with said specific user is located; and
(d) comparing said first location and said second location to produce
a proximity indicator.
14. The method of claim 13 further comprising the step of
evaluating authentication level of the request for the secure
procedure in accordance with said proximity indicator and at least
one predetermined rule.
15. The method of claim 13 wherein said first location is
detected by evaluation of at least one identifying information.
16. The method of claim 13 wherein said wireless device is
selected from the group consisting of cellular telephones an alpha
numeric pager and a dedicated user tracking device.
17. The method of claim 13 wherein said proximity
indicator is a distance between said first location and said
second location.
18. The method of claim 13 wherein at the said first
location and said second location is defined as an area.
19. The method of claim 13 wherein the secure
procedure is a credit card payment transaction.
20. The method of claim 13 wherein the secure
procedure is a procedure for accessing an electronic information information resource.
21. The method of claim 13 wherein the request is
originated by a designated terminal and the detection of the first
location is based on defined lookup table including information of
different locations of designated terminals.
22. The method of claim 13 further comprising the step of
creating and editing said lookup table, wherein the designated
terminal locations are determined according to prior secure
procedures activities associated with said terminal wherein said
activities location are identified according to associated wireless
devices.
23. The method of claim 13 wherein the wireless devices
are associated with identified users according to updated look up
table correlating between users ID and their wireless devices,
which are designated for the authentication process.
24. The method of claim 13 wherein the authentication
process is applied to a group of users.
PCT/IL2004/000224 2003-03-05 2004-03-04 System and method for verifying user identity WO2004079499A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US45165503P 2003-03-05 2003-03-05
US60/451,655 2003-03-05

Publications (2)

Publication Number Publication Date
WO2004079499A2 true WO2004079499A2 (en) 2004-09-16
WO2004079499A3 WO2004079499A3 (en) 2004-12-29

Family

ID=32962618

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2004/000224 WO2004079499A2 (en) 2003-03-05 2004-03-04 System and method for verifying user identity

Country Status (1)

Country Link
WO (1) WO2004079499A2 (en)

Cited By (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006002458A1 (en) * 2004-07-07 2006-01-12 Nariste Networks Pty Ltd Location-enabled security services in wireless network
WO2007004224A1 (en) * 2005-07-05 2007-01-11 Mconfirm Ltd. Improved location based authentication system
US7221949B2 (en) 2005-02-28 2007-05-22 Research In Motion Limited Method and system for enhanced security using location-based wireless authentication
US7503489B2 (en) * 2005-04-26 2009-03-17 Bpriv, Llc Method and system for monitoring electronic purchases and cash-withdrawals
EP2078370A2 (en) * 2006-04-18 2009-07-15 Guy Heffez Method and system for authenticating internet user identity
EP2130357A1 (en) * 2007-03-16 2009-12-09 FINSPHERE, Corporation Method for tracking credit card fraud
EP2151085A1 (en) * 2007-05-29 2010-02-10 Guy S. Heffez Method and system for authenticating internet user indentity
EP2199966A1 (en) * 2008-12-22 2010-06-23 Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" Method for securing transactions, corresponding transaction device, banking server, mobile terminal and computer program products
EP2216730A1 (en) * 2009-02-10 2010-08-11 Deutsche Telekom AG Method for encrypting and/or decrypting personal data
US8103906B1 (en) 2010-10-01 2012-01-24 Massoud Alibakhsh System and method for providing total real-time redundancy for a plurality of client-server systems
US8166068B2 (en) * 2005-09-02 2012-04-24 Qwest Location based authorization of financial card transactions systems and methods
US8176077B2 (en) 2005-09-02 2012-05-08 Qwest Communications International Inc. Location based access to financial information systems and methods
US8413898B2 (en) 2005-04-26 2013-04-09 Guy Heffez Method and system for monitoring electronic purchases and cash-withdrawals
WO2013060935A1 (en) * 2011-10-24 2013-05-02 Nokia Corporation Method and apparatus for verifying proof of presence
US8522349B2 (en) 2007-05-25 2013-08-27 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
US8640197B2 (en) 2005-04-26 2014-01-28 Guy Heffez Methods for acquiring an internet user's consent to be located and for authenticating the identity of the user using location information
US8656458B2 (en) 2005-08-25 2014-02-18 Guy Heffez Method and system for authenticating internet user identity
US20140052497A1 (en) * 2012-02-07 2014-02-20 Thomas Varghese Correlating location data
US8683609B2 (en) 2009-12-04 2014-03-25 International Business Machines Corporation Mobile phone and IP address correlation service
US8762724B2 (en) 2009-04-15 2014-06-24 International Business Machines Corporation Website authentication
US8831564B2 (en) 2007-03-16 2014-09-09 Finsphere Corporation System and method for identity protection using mobile device signaling network derived location pattern recognition
US8838988B2 (en) 2011-04-12 2014-09-16 International Business Machines Corporation Verification of transactional integrity
US8847733B2 (en) 2011-05-20 2014-09-30 Mastercard International Incorporated Methods, systems, and computer-readable storage media for managing risk using location, mobile, and user participating-based identity verification
US8917826B2 (en) 2012-07-31 2014-12-23 International Business Machines Corporation Detecting man-in-the-middle attacks in electronic transactions using prompts
US8924295B2 (en) * 2007-01-03 2014-12-30 At&T Intellectual Property I, L.P. User terminal location based credit card authorization servers, systems, methods and computer program products
EP1696626B1 (en) * 2005-02-28 2015-01-21 BlackBerry Limited Method and System for Enhanced Security Using Location Based Wireless Authentication
US8977260B1 (en) * 2010-04-14 2015-03-10 Sprint Communication Company L.P. Preventing clone device registration in a wireless communication system
US9033225B2 (en) 2005-04-26 2015-05-19 Guy Hefetz Method and system for authenticating internet users
US9185123B2 (en) 2008-02-12 2015-11-10 Finsphere Corporation System and method for mobile identity protection for online user authentication
US9420448B2 (en) 2007-03-16 2016-08-16 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US9432845B2 (en) 2007-03-16 2016-08-30 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US9691066B2 (en) 2012-07-03 2017-06-27 Verifone, Inc. Location-based payment system and method
US9721250B2 (en) 2007-10-25 2017-08-01 Visa U.S.A. Inc. Location based authentication
US9922323B2 (en) 2007-03-16 2018-03-20 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US20180351956A1 (en) * 2017-05-31 2018-12-06 Ca, Inc. Integrated biometrics for application security
US10289833B2 (en) 2005-04-26 2019-05-14 Guy Hefetz Authenticating internet user identities in electronic transactions
US10521786B2 (en) 2005-04-26 2019-12-31 Spriv Llc Method of reducing fraud in on-line transactions
US10645072B2 (en) 2005-04-26 2020-05-05 Spriv Llc Method and system for validating transactions
US11232187B2 (en) * 2016-01-13 2022-01-25 American Express Travel Related Services Company, Inc. Contextual identification and information security
US11308477B2 (en) 2005-04-26 2022-04-19 Spriv Llc Method of reducing fraud in on-line transactions
US11354667B2 (en) 2007-05-29 2022-06-07 Spriv Llc Method for internet user authentication
US11792314B2 (en) 2010-03-28 2023-10-17 Spriv Llc Methods for acquiring an internet user's consent to be located and for authenticating the location information
US11818287B2 (en) 2017-10-19 2023-11-14 Spriv Llc Method and system for monitoring and validating electronic transactions

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020089960A1 (en) * 2000-08-23 2002-07-11 Shuster Gary Stephen Method for verifying geographical location of wide area network users
US20020177449A1 (en) * 2000-05-24 2002-11-28 Mcdonnell James Thomas Edward Location-based data access control
US20030186710A1 (en) * 2000-03-13 2003-10-02 Ahti Muhonen Service provision in a communication system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030186710A1 (en) * 2000-03-13 2003-10-02 Ahti Muhonen Service provision in a communication system
US20020177449A1 (en) * 2000-05-24 2002-11-28 Mcdonnell James Thomas Edward Location-based data access control
US20020089960A1 (en) * 2000-08-23 2002-07-11 Shuster Gary Stephen Method for verifying geographical location of wide area network users

Cited By (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006002458A1 (en) * 2004-07-07 2006-01-12 Nariste Networks Pty Ltd Location-enabled security services in wireless network
US8707458B2 (en) 2004-07-07 2014-04-22 Nariste Networks Pty. Ltd. Location-enabled security services in wireless network
US9277400B2 (en) 2004-07-07 2016-03-01 Nariste Networks Pty. Ltd. Location-enabled security services in wireless network
US9014725B2 (en) 2005-02-28 2015-04-21 Blackberry Limited Method and system for enhanced security using location based wireless authentication
EP1696626B1 (en) * 2005-02-28 2015-01-21 BlackBerry Limited Method and System for Enhanced Security Using Location Based Wireless Authentication
US7221949B2 (en) 2005-02-28 2007-05-22 Research In Motion Limited Method and system for enhanced security using location-based wireless authentication
US8413898B2 (en) 2005-04-26 2013-04-09 Guy Heffez Method and system for monitoring electronic purchases and cash-withdrawals
US7503489B2 (en) * 2005-04-26 2009-03-17 Bpriv, Llc Method and system for monitoring electronic purchases and cash-withdrawals
US8640197B2 (en) 2005-04-26 2014-01-28 Guy Heffez Methods for acquiring an internet user's consent to be located and for authenticating the identity of the user using location information
US10289833B2 (en) 2005-04-26 2019-05-14 Guy Hefetz Authenticating internet user identities in electronic transactions
US11308477B2 (en) 2005-04-26 2022-04-19 Spriv Llc Method of reducing fraud in on-line transactions
US9033225B2 (en) 2005-04-26 2015-05-19 Guy Hefetz Method and system for authenticating internet users
US10645072B2 (en) 2005-04-26 2020-05-05 Spriv Llc Method and system for validating transactions
US10521786B2 (en) 2005-04-26 2019-12-31 Spriv Llc Method of reducing fraud in on-line transactions
WO2007004224A1 (en) * 2005-07-05 2007-01-11 Mconfirm Ltd. Improved location based authentication system
US8285639B2 (en) 2005-07-05 2012-10-09 mConfirm, Ltd. Location based authentication system
US8656458B2 (en) 2005-08-25 2014-02-18 Guy Heffez Method and system for authenticating internet user identity
US8590007B2 (en) 2005-08-25 2013-11-19 Guy Heffez Method and system for authenticating internet user identity
US8935226B2 (en) 2005-09-02 2015-01-13 Qwest Communications International Inc. Location based access to financial information systems and methods
US8176077B2 (en) 2005-09-02 2012-05-08 Qwest Communications International Inc. Location based access to financial information systems and methods
US8166068B2 (en) * 2005-09-02 2012-04-24 Qwest Location based authorization of financial card transactions systems and methods
US9002814B2 (en) 2005-09-02 2015-04-07 Qwest Communications International Inc. Location based authorization of financial card transactions systems and methods
EP2078370A2 (en) * 2006-04-18 2009-07-15 Guy Heffez Method and system for authenticating internet user identity
EP2078370A4 (en) * 2006-04-18 2012-01-04 Guy Heffez Method and system for authenticating internet user identity
GB2458979B (en) * 2006-04-18 2011-09-21 Guy Heffez Method and system for authenticating internet user identity
US8924295B2 (en) * 2007-01-03 2014-12-30 At&T Intellectual Property I, L.P. User terminal location based credit card authorization servers, systems, methods and computer program products
US10373150B2 (en) 2007-01-03 2019-08-06 At&T Intellectual Property I, L.P. User terminal location based credit card authorization servers, systems, methods and computer program products
EP2130357A4 (en) * 2007-03-16 2013-05-22 Finsphere Corp Method for tracking credit card fraud
US9432845B2 (en) 2007-03-16 2016-08-30 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
EP2130357A1 (en) * 2007-03-16 2009-12-09 FINSPHERE, Corporation Method for tracking credit card fraud
US9922323B2 (en) 2007-03-16 2018-03-20 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US11405781B2 (en) 2007-03-16 2022-08-02 Visa International Service Association System and method for mobile identity protection for online user authentication
US9848298B2 (en) 2007-03-16 2017-12-19 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US8831564B2 (en) 2007-03-16 2014-09-09 Finsphere Corporation System and method for identity protection using mobile device signaling network derived location pattern recognition
US9838872B2 (en) 2007-03-16 2017-12-05 Visa International Service Association System and method for mobile identity protection for online user authentication
US9603023B2 (en) 2007-03-16 2017-03-21 Visa International Service Association System and method for identity protection using mobile device signaling network derived location pattern recognition
US10354253B2 (en) 2007-03-16 2019-07-16 Visa International Service Association System and method for identity protection using mobile device signaling network derived location pattern recognition
US8374634B2 (en) 2007-03-16 2013-02-12 Finsphere Corporation System and method for automated analysis comparing a wireless device location with another geographic location
US10669130B2 (en) 2007-03-16 2020-06-02 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US10776791B2 (en) 2007-03-16 2020-09-15 Visa International Service Association System and method for identity protection using mobile device signaling network derived location pattern recognition
KR101490132B1 (en) * 2007-03-16 2015-02-05 핀스피어 코포레이션 Method for tracking credit card fraud
US9420448B2 (en) 2007-03-16 2016-08-16 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US10776784B2 (en) 2007-03-16 2020-09-15 Visa International Service Association System and method for automated analysis comparing a wireless device location with another geographic location
US8522349B2 (en) 2007-05-25 2013-08-27 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
US8533821B2 (en) 2007-05-25 2013-09-10 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
EP2151085A4 (en) * 2007-05-29 2013-03-20 Guy S Heffez Method and system for authenticating internet user indentity
US11556932B2 (en) 2007-05-29 2023-01-17 Spriv Llc System for user authentication
EP2151085A1 (en) * 2007-05-29 2010-02-10 Guy S. Heffez Method and system for authenticating internet user indentity
US11354667B2 (en) 2007-05-29 2022-06-07 Spriv Llc Method for internet user authentication
US8370909B2 (en) 2007-05-29 2013-02-05 Guy Heffez Method and system for authenticating internet user identity
US20130125220A1 (en) * 2007-05-29 2013-05-16 Guy Heffez Method and system for authenticating internet user identity
US10163100B2 (en) 2007-10-25 2018-12-25 Visa International Service Association Location based authentication
US10755271B2 (en) 2007-10-25 2020-08-25 Visa U.S.A. Inc. Location based authentication
US9721250B2 (en) 2007-10-25 2017-08-01 Visa U.S.A. Inc. Location based authentication
US9185123B2 (en) 2008-02-12 2015-11-10 Finsphere Corporation System and method for mobile identity protection for online user authentication
FR2940567A1 (en) * 2008-12-22 2010-06-25 Ingenico Sa TRANSACTION SECURING METHOD, TRANSACTION DEVICE, BANK SERVER, MOBILE TERMINAL, AND CORRESPONDING COMPUTER PROGRAM PRODUCTS
EP2199966A1 (en) * 2008-12-22 2010-06-23 Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" Method for securing transactions, corresponding transaction device, banking server, mobile terminal and computer program products
US9697511B2 (en) 2008-12-22 2017-07-04 Ingenico Group Method for securing transactions, transaction device, bank server, mobile terminal, and corresponding computer programs
EP2216730A1 (en) * 2009-02-10 2010-08-11 Deutsche Telekom AG Method for encrypting and/or decrypting personal data
US8762724B2 (en) 2009-04-15 2014-06-24 International Business Machines Corporation Website authentication
US8683609B2 (en) 2009-12-04 2014-03-25 International Business Machines Corporation Mobile phone and IP address correlation service
US11792314B2 (en) 2010-03-28 2023-10-17 Spriv Llc Methods for acquiring an internet user's consent to be located and for authenticating the location information
US8977260B1 (en) * 2010-04-14 2015-03-10 Sprint Communication Company L.P. Preventing clone device registration in a wireless communication system
US8689038B2 (en) 2010-10-01 2014-04-01 Massoud Alibakhsh System and method for providing total real-time redundancy for a plurality of client-server systems
US8103906B1 (en) 2010-10-01 2012-01-24 Massoud Alibakhsh System and method for providing total real-time redundancy for a plurality of client-server systems
US8838988B2 (en) 2011-04-12 2014-09-16 International Business Machines Corporation Verification of transactional integrity
US8847733B2 (en) 2011-05-20 2014-09-30 Mastercard International Incorporated Methods, systems, and computer-readable storage media for managing risk using location, mobile, and user participating-based identity verification
WO2013060935A1 (en) * 2011-10-24 2013-05-02 Nokia Corporation Method and apparatus for verifying proof of presence
US20140052497A1 (en) * 2012-02-07 2014-02-20 Thomas Varghese Correlating location data
US9691066B2 (en) 2012-07-03 2017-06-27 Verifone, Inc. Location-based payment system and method
US8917826B2 (en) 2012-07-31 2014-12-23 International Business Machines Corporation Detecting man-in-the-middle attacks in electronic transactions using prompts
US11232187B2 (en) * 2016-01-13 2022-01-25 American Express Travel Related Services Company, Inc. Contextual identification and information security
US10686793B2 (en) * 2017-05-31 2020-06-16 Ca, Inc. Integrated biometrics for application security
US20180351956A1 (en) * 2017-05-31 2018-12-06 Ca, Inc. Integrated biometrics for application security
US11818287B2 (en) 2017-10-19 2023-11-14 Spriv Llc Method and system for monitoring and validating electronic transactions
US11936803B2 (en) 2019-12-22 2024-03-19 Spriv Llc Authenticating the location of an internet user

Also Published As

Publication number Publication date
WO2004079499A3 (en) 2004-12-29

Similar Documents

Publication Publication Date Title
WO2004079499A2 (en) System and method for verifying user identity
US10776784B2 (en) System and method for automated analysis comparing a wireless device location with another geographic location
US20210142305A1 (en) Card false-positive prevention
US6715672B1 (en) System and method for enhanced fraud detection in automated electronic credit card processing
US6095413A (en) System and method for enhanced fraud detection in automated electronic credit card processing
US9870453B2 (en) Direct authentication system and method via trusted authenticators
US8116731B2 (en) System and method for mobile identity protection of a user of multiple computer applications, networks or devices
US6122624A (en) System and method for enhanced fraud detection in automated electronic purchases
KR101309594B1 (en) A system and method for verifying a user&#39;s identity in electronic transactions
US7558406B1 (en) System and method for employing user information
US7548886B2 (en) System and method for early detection and prevention of identity theft
US8386393B2 (en) Systems and methods for verifying identities in transactions
EP1700446B1 (en) Preventing identity theft in electronic communications
US20090045251A1 (en) Restricting bank card access based upon use authorization data
CN102197407A (en) System and method of secure payment transactions
JP2002541533A (en) Biometric ATM access system without token
BRPI0721466B1 (en) METHOD FOR DETERMINING FRAUDULENT CREDIT CARD ACTIVITY
GB2468788A (en) Authenticating a transaction by comparing identifiers
WO2013181151A2 (en) System and method for automated analysis comparing a wireless device location with another geographic location
GB2437761A (en) Virtual identity and authentication employing a mobile device
GB2402792A (en) Verifying identity and authorising transactions
JP2002298042A (en) Method and system for settlement of credit card, settling server, initial authentication method, authentication method, and authentication server

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase