WO2004079499A2 - System and method for verifying user identity - Google Patents
System and method for verifying user identity Download PDFInfo
- Publication number
- WO2004079499A2 WO2004079499A2 PCT/IL2004/000224 IL2004000224W WO2004079499A2 WO 2004079499 A2 WO2004079499 A2 WO 2004079499A2 IL 2004000224 W IL2004000224 W IL 2004000224W WO 2004079499 A2 WO2004079499 A2 WO 2004079499A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- location
- system
- request
- method
- user
- Prior art date
Links
- 230000001413 cellular Effects 0 abstract claims description 15
- 238000000034 methods Methods 0 claims description 36
- 230000000694 effects Effects 0 claims description 6
- 229920001690 polydopamine Polymers 0 abstract description 2
- 239000001965 potato dextrose agar Substances 0 abstract 1
- 239000002609 media Substances 0 description 7
- 238000004891 communication Methods 0 description 4
- 238000004422 calculation algorithm Methods 0 description 3
- 230000004048 modification Effects 0 description 2
- 238000006011 modification Methods 0 description 2
- 238000004458 analytical methods Methods 0 description 1
- 238000004364 calculation methods Methods 0 description 1
- 230000001721 combination Effects 0 description 1
- 238000010276 construction Methods 0 description 1
- 238000005516 engineering processes Methods 0 description 1
- 239000010410 layers Substances 0 description 1
- 230000000670 limiting Effects 0 description 1
- 230000015654 memory Effects 0 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Abstract
Description
SYSTEM AND METHOD FOR VERIFYING
USER IDENTITY
FIELD AND BACKGROUND OF THE INVENTION
The present invention relates to systems and methods for verifying user
identity and, more particularly, to systems and methods which rely upon
comparison of at least two sets of location information for verifying user identity.
In the modern world it is often necessary or desirable to restrict access to a
resource to one or more authorized users. For example access to resources such
as physical facilities, information databases and accounts is typically restricted to
specific users. Authorization of users is most often accomplished by use of access
codes such as a personal identification number (PIN), a user name or passwords or
a combinations thereof, or tangible media such as a key, a credit card, a debit card
or an ID card.
Access codes are prone to theft and/or fraudulent use because they are
easily transferred or intercepted. In many cases, an authorized user may be
unaware that their PIN code has been intercepted by another and is being used for
unauthorized access.
Tangible media is slightly better than access codes because a user is more
likely to notice the absence of tangible media if it is lost or stolen. However, tangible
media is susceptible to unauthorized duplication and forgery. Typically, a bearer of
tangible media is not challenged when requesting access to a resource, this means that possession grants full access.
Further, in the case of credit/debit cards, information imprinted on the
media such as account number and expiration date may suffice for purposes of a
telephone or internet transaction.
Known in the art are several location based user authentication systems.
US Patent No. 6,097,938, for example, discloses a system and a method for
determine whether the mobile unit is a fraudulent user of the cellular
communication network. Every time the cellular terminal is used, the system
receives an identification number for a mobile unit as well as a location code. The
system then compares the current location code with a previously received
location code. Given that there are natural physical constraints on how quickly a
mobile unit can move from one location to another, the system can thereby
determine if there are two mobile units using the same identification number. This
system may only prevent the duplication of cellular terminals, based on location
information, and the authentication process may only occur when the user initiates
a call.
PCT Patent Application No. 9641488 describes a system for detecting
fraud on electronic networks. This system records the geographical location of the
network terminal every time it is used. A single user may have several network
terminals, all carrying the same identification code (SIN number). The system then
checks if by dividing the geographic distance between every two sequential uses
of the terminal of a single user, by the time elapsed between them, exceeds a
reasonable ground speed limitation predetermined by the system administrators. As with the patent described above, this invention performs passive location
verifications and depends on two sequential logins of the user to validate the user
identification.
There is thus a need for systems and methods for actively verifying user
identity while approving a transaction, in real time, devoid of the above limitation.
SUMMARY OF THE INVENTION
The system and method verifies user identity by verifying the user presence at the
place of transaction. The verification is carried out by locating his or her associated
traceable device. A system for authenticating a user request for processing secure
procedure, said system comprised of means for receiving user request for secure
procedure including a tentative identification of a specific user; means for detecting
a first location from which the request originates; means for active detection of a
second location at which at least one wireless device associated with said specific
user is located. Said first location and said second iocation are compared in order
to produce a proximity indicator. The system also includes logic means for
evaluating authentication level of the request for the secure procedure in
accordance with said proximity indicator and at least one predetermined rule. The
said first location is detected by evaluation of at least one identifying information
detail and the wireless device is selected from the group consisting of cellular
telephones an alpha numeric pager and a dedicated user tracking device.
The proximity indicator is determined as the distance between said first location and said second location. Either of the locations may be defined as an exact
point or as an area. The secure procedure may be, for example, a credit card
payment transaction or an accessing an electronic information resource request.
The request is originated by a designated terminal and the detection of the first
location is based on defined lookup table including information of different
designated terminals locations. The system also includes means for creating and
editing said lookup table, wherein the designated terminal location are
determined according to prior secure procedures activities associated with said
terminal wherein said activities location are identified according to associated
wireless devices. The wireless devices are associated with identified users
according to updated look up table correlating between users ID and their
wireless devices, which are designated for the authentication process.
A method for authenticating a user request for processing a secure procedure is
comprised of the following steps: receiving user request for secure procedure
including a tentative identification of a specific user; detecting a first location from
which the request originates; actively detecting of a second location at which at
least one wireless device associated with said specific user is located; and
comparing said first location and said second location to produce a proximity
indicator.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention is herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the
drawings in detail, it is stressed that the particulars shown are by way of
example and for purposes of illustrative discussion of the preferred
embodiments of the present invention only, and are presented in the cause of
providing what is believed to be the most useful and readily understood
description of the principles and conceptual aspects of the invention. In this
regard, no attempt is made to show structural details of the invention in more
detail than is necessary for a fundamental understanding of the invention, the
description taken with the drawings making apparent to those skilled in the art
how the several forms of the invention may be embodied in practice.
In the drawings:
FIG. 1 is a diagram illustrating the system' s principal components according to the
preferred embodiment of the present invention;
FIG. 2 is a flow diagram of the authorization algorithm according to the preferred
embodiment of the present invention;
FIG. 3 is a flow diagram of the managing vendors' location lookup table algorithm
according to the preferred embodiment of the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention is decision supporting systems and methods for
authenticating users' requests which may be used to prevent the processing of
fraudulent secure procedures. Specifically, the present invention may help evaluate
the authenticity of users' requests at the time of a transaction approval by comparing the location of the transaction request with the location of a wireless
network entity associated with an authorized user. Comparison between locations
may also be subsequent thereto. The principles of operation of systems and
methods according to the present invention may be better understood with
reference to the drawings and accompanying descriptions.
Before explaining at least one embodiment of the invention in detail, it is to
be understood that the invention is not limited in its application to the details of
construction and the arrangement of the components set forth in the following
description or illustrated in the drawings. The invention may include other
embodiments and may be practiced or carried out in various ways. Also, it is to be
understood that the phraseology and terminology employed herein is for the purpose
of description and should not be regarded as limiting.
The term "user" as employed in this specification and the accompanying
claims may refer to an individual or to a group of individuals. For purposes of this
specification and the accompanying claims the term "account" refers to any
calculation of monetary indebtedness. This definition specifically includes, but is
not limited to, a credit card account, a bank account and a customer account with a
commercial entity (e.g. line of credit).
For purposes of this specification and the accompanying claims, the term
processing secure procedure should be construed in its broadest possible sense.
Secure procedures may include the authorizing of physical access such as, for
example, opening of a gate, door, or lock, or electronic procedures such as, for
example, and access to stored data and/or an account belonging to specific user. Electronic secure procedure specifically includes, but is not limited to, electronic
funds transfers.
According to the preferred embodiments of the invention the user uses at
least one locatable device, which may be, for example, a cellular telephone, an
alpha numeric pager or a dedicated user tracking device. For purposes of this
specification and the accompanying claims, the term "cellular telephone"
includes devices which have cellular telephone capabilities such as, personal
digital assistants (PDAs) and portable computers as well as devices which have
cellular telephonic communication as their primary function. Further included in
this definition are satellite mobile phones which perform a similar function. A
dedicated user tracking device might work, for example by GPS or GSM
technology and could be assigned to a user for purposes of function of system by,
for example, a financial institution or an employer. Such a dedicated device
would preferably be small and unobtrusive so that the user would habitually
carry it. A dedicated user tracking device might be incorporated into a functional
and necessary item such as, for example a wrist-watch or a key.
Figure 1 is an illustration of the main components of a decision supporting
system for authenticating a user request before processing secure procedure in
accordance with the preferred embodiment of the present invention. In order to
perform the authentication of the user holding the credit card 102 (person A) before
processing a secure procedure, such as approving a credit card payment, the
system locates the position of a wireless network means, such as a mobile phone
101 , which is associated with the user (person B), The system then compares the position of person A and the location of person B to produce a proximity indicator.
According to the analysis of this proximity indicator the system decides whether to
produce an approval or a rejection recommendation of the user authentication
procedure.
Once the user initiates a payment approval procedure the system' s user
authentication process commences. As with standard purchases via a credit card,
the user 102 may communicate with the vendor 130 directly, provided that the
purchase is carried out in person, or via other communication medium such as the
phone or the Internet, and the vendor 130 communicates with the credit transaction
server 150 via an authentication layer 140. In cases when the purchase is performed
in person the location of person A is identical to the location of the vendor 130. For
purchases done via remote communication means the location of person A is
automatically acquired by the vendor terminal 130. The system holds and constantly
updates the location of all relevant vendors 130 in any given area. The process of
acquiring and updating the lists of vendors' locations is described below.
The credit card terminal 150 then communicates with the authentication
server 160. The Server 160 is designed and configured to receive an
authentication request including the identification of person A. Server 160 is
further designed and configured to ascertain a location for person A from
which the request originates. Acquiring this location may be accomplished, for
example, by comparing data contained in a request (e.g. unique identification
number, phone number or IP address) with a data directory. Thus, the system, as
detailed hereinabove preferably further includes stored data 165 of the server 160 to facilitate ascertaining the location of person A from whom the request
originates. This directory may include data correlating locations to, for example,
unique identification numbers (e.g. vendor numbers), phone numbers or portions
thereof (e.g. area codes) or IP addresses or portions thereof.
In order to ascertain the location of person B the server commences a
locating process in order to find the position of the locatable device 101 which
is associated with the identity of person A as registered in database 165. The
system therefore farther includes identifying at least one locatable device 101
associated with specific user (person A) by means of a look-up table stored in
memory 165 of server 160. Preferably location of person A is provided as a
location at the time of the request, although a location of device 101 from shortly
before or shortly after the time of the request can be also used. Method 80 further
includes comparing 32 first location 36 and second location 37 to produce a
proximity indicator.
In order to acquire the location of person B the authenticating sever 160
sends a locating query to the cellular network 190. Preferably, the proximity
indicator produced by the comparison of locations of person A and person
B is expressed as a distance. In some cases, it may be advantageous to
define these locations as an area if the ascertaining of either of those
locations is characterized by a low degree of accuracy. According to the
preferred embodiments of the invention, a decision about whether to
authorize a request is made by the server 160 by evaluating the proximity
indicator according to a predetermined rule. Once the server 160 analyses the proximity of the two locations and reaches
an authorization conclusion the authorizing server 160 informs the credit transaction
server 150, which in turn informs the vender 130.
Following is a description of the authorization algorithm, which is illustrated in
figure 2, as it is conducted by the server 160. The server 160 receives the
authorization request 210 which include the identity of the card holder, the details of
his or her locatable mobile device and the identity of the vendor. The server then
proceeds with locating the position of the user' s mobile device 220 and searching
the vendors' lookup table for the details of the vendor 225. The status of a
vendors' location may be verified or unverified. Verified vendors are vendors
which are well known to the system and their details have been checked. The
procedure of handling new and unverified vendors is described below. Assuming
that the vendor' s details are verified its location is retrieved from the list. Having
obtained the two locations the system compares them and the proximity indicator is
calculated 240. The proximity indicator is then examined to determine the validity of
the request 245, and having determined, an approval 260 or denial 250
recommendation of the transaction is sent back 270.
If the proximity indicator is expressed as a distance d, the rule may take the
form of "Approve request if d < a predetermined distance." If, for instance
location 102 is defined as an area A and location 101 is defined as a point P
the rule may be formulated as "Approve request if P is in A." In case both
locations 101 , 102 are defined as areas A and A ' respectively the rule may be
phrased as "Approve request if A and A Overlap." As mentioned above, the authentication server 160 holds and constantly
updates a lookup table of the location of all possible vendors in a specific area in
database 165. Following is a description of the method for managing this lookup
table for unverified vendors as, illustrated in figure 3. As a new authentication
request is received by the server 310 the unique vendor ID is searched for in the
lists of existing vendors 320. If the vendor is found in the list and its location is
verified the authentication procedure proceeds as described above. If the vendor
is not found in the list, the location of the cellular device is registered as the
location of the new vendor in the vendors' lookup list 340, and the authentication
process terminates with no approval or denial results 380.
In case the vendor exists in the lookup table of known vendors, the system
compares the registered location of the vendor and the location of the cellular
device 335. If the locations match authentication is approved 370 and the approval
recommendation is sent back to the credit transaction server 150. In case the
locations do not match the system checks the distance between them 355. If they
are found to be in close proximity the definition of the location of the vendor may
be updated to include the new location 365 and the authentication is approved
370. If the distance between vendor' s location and the location of the cellular
device is found to be substantial the authentication is denied and the denial is sent
back to the credit transaction server 50.
It is appreciated that certain features of the invention, which are, for the
purpose of clarity, described in the context of separate embodiments, may also be
provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single
embodiment, may also be provided separately or in any suitable combination.
Although the invention has been described in conjunction with specific
embodiments thereof, it is evident that many alternatives, modifications and
variations will be apparent to those skilled in the art. Accordingly, it is intended to
embrace all such alternatives, modifications and variations that fall within the spirit
and broad scope of the appended claims. All publications, patents and patent
applications mentioned in this specification are herein incorporated in their entirety
by reference into the specification, to the same extent as if each individual
publication, patent or patent application was specifically and individually indicated to
be incorporated herein by reference. In addition, citation or identification of any
reference in this application shall not be construed as an admission that such
reference is available as prior art to the present invention.
Claims
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US45165503P true | 2003-03-05 | 2003-03-05 | |
| US60/451,655 | 2003-03-05 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2004079499A2 true WO2004079499A2 (en) | 2004-09-16 |
| WO2004079499A3 WO2004079499A3 (en) | 2004-12-29 |
Family
ID=32962618
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IL2004/000224 WO2004079499A2 (en) | 2003-03-05 | 2004-03-04 | System and method for verifying user identity |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2004079499A2 (en) |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006002458A1 (en) * | 2004-07-07 | 2006-01-12 | Nariste Networks Pty Ltd | Location-enabled security services in wireless network |
| WO2007004224A1 (en) * | 2005-07-05 | 2007-01-11 | Mconfirm Ltd. | Improved location based authentication system |
| US7221949B2 (en) | 2005-02-28 | 2007-05-22 | Research In Motion Limited | Method and system for enhanced security using location-based wireless authentication |
| US7503489B2 (en) * | 2005-04-26 | 2009-03-17 | Bpriv, Llc | Method and system for monitoring electronic purchases and cash-withdrawals |
| EP2078370A2 (en) * | 2006-04-18 | 2009-07-15 | Guy Heffez | Method and system for authenticating internet user identity |
| EP2130357A1 (en) * | 2007-03-16 | 2009-12-09 | FINSPHERE, Corporation | Method for tracking credit card fraud |
| EP2151085A1 (en) * | 2007-05-29 | 2010-02-10 | Guy S. Heffez | Method and system for authenticating internet user indentity |
| EP2199966A1 (en) * | 2008-12-22 | 2010-06-23 | Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" | Method for securing transactions, corresponding transaction device, banking server, mobile terminal and computer program products |
| EP2216730A1 (en) * | 2009-02-10 | 2010-08-11 | Deutsche Telekom AG | Method for encrypting and/or decrypting personal data |
| US8103906B1 (en) | 2010-10-01 | 2012-01-24 | Massoud Alibakhsh | System and method for providing total real-time redundancy for a plurality of client-server systems |
| US8166068B2 (en) * | 2005-09-02 | 2012-04-24 | Qwest | Location based authorization of financial card transactions systems and methods |
| US8176077B2 (en) | 2005-09-02 | 2012-05-08 | Qwest Communications International Inc. | Location based access to financial information systems and methods |
| US8413898B2 (en) | 2005-04-26 | 2013-04-09 | Guy Heffez | Method and system for monitoring electronic purchases and cash-withdrawals |
| WO2013060935A1 (en) * | 2011-10-24 | 2013-05-02 | Nokia Corporation | Method and apparatus for verifying proof of presence |
| US8522349B2 (en) | 2007-05-25 | 2013-08-27 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US8640197B2 (en) | 2005-04-26 | 2014-01-28 | Guy Heffez | Methods for acquiring an internet user's consent to be located and for authenticating the identity of the user using location information |
| US8656458B2 (en) | 2005-08-25 | 2014-02-18 | Guy Heffez | Method and system for authenticating internet user identity |
| US20140052497A1 (en) * | 2012-02-07 | 2014-02-20 | Thomas Varghese | Correlating location data |
| US8683609B2 (en) | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
| US8762724B2 (en) | 2009-04-15 | 2014-06-24 | International Business Machines Corporation | Website authentication |
| US8831564B2 (en) | 2007-03-16 | 2014-09-09 | Finsphere Corporation | System and method for identity protection using mobile device signaling network derived location pattern recognition |
| US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
| US8847733B2 (en) | 2011-05-20 | 2014-09-30 | Mastercard International Incorporated | Methods, systems, and computer-readable storage media for managing risk using location, mobile, and user participating-based identity verification |
| US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
| US8924295B2 (en) * | 2007-01-03 | 2014-12-30 | At&T Intellectual Property I, L.P. | User terminal location based credit card authorization servers, systems, methods and computer program products |
| EP1696626B1 (en) * | 2005-02-28 | 2015-01-21 | BlackBerry Limited | Method and System for Enhanced Security Using Location Based Wireless Authentication |
| US8977260B1 (en) * | 2010-04-14 | 2015-03-10 | Sprint Communication Company L.P. | Preventing clone device registration in a wireless communication system |
| US9033225B2 (en) | 2005-04-26 | 2015-05-19 | Guy Hefetz | Method and system for authenticating internet users |
| US9185123B2 (en) | 2008-02-12 | 2015-11-10 | Finsphere Corporation | System and method for mobile identity protection for online user authentication |
| US9420448B2 (en) | 2007-03-16 | 2016-08-16 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US9432845B2 (en) | 2007-03-16 | 2016-08-30 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US9691066B2 (en) | 2012-07-03 | 2017-06-27 | Verifone, Inc. | Location-based payment system and method |
| US9721250B2 (en) | 2007-10-25 | 2017-08-01 | Visa U.S.A. Inc. | Location based authentication |
| US9922323B2 (en) | 2007-03-16 | 2018-03-20 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US10289833B2 (en) | 2005-04-26 | 2019-05-14 | Guy Hefetz | Authenticating internet user identities in electronic transactions |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020089960A1 (en) * | 2000-08-23 | 2002-07-11 | Shuster Gary Stephen | Method for verifying geographical location of wide area network users |
| US20020177449A1 (en) * | 2000-05-24 | 2002-11-28 | Mcdonnell James Thomas Edward | Location-based data access control |
| US20030186710A1 (en) * | 2000-03-13 | 2003-10-02 | Ahti Muhonen | Service provision in a communication system |
-
2004
- 2004-03-04 WO PCT/IL2004/000224 patent/WO2004079499A2/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030186710A1 (en) * | 2000-03-13 | 2003-10-02 | Ahti Muhonen | Service provision in a communication system |
| US20020177449A1 (en) * | 2000-05-24 | 2002-11-28 | Mcdonnell James Thomas Edward | Location-based data access control |
| US20020089960A1 (en) * | 2000-08-23 | 2002-07-11 | Shuster Gary Stephen | Method for verifying geographical location of wide area network users |
Cited By (60)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8707458B2 (en) | 2004-07-07 | 2014-04-22 | Nariste Networks Pty. Ltd. | Location-enabled security services in wireless network |
| WO2006002458A1 (en) * | 2004-07-07 | 2006-01-12 | Nariste Networks Pty Ltd | Location-enabled security services in wireless network |
| US9277400B2 (en) | 2004-07-07 | 2016-03-01 | Nariste Networks Pty. Ltd. | Location-enabled security services in wireless network |
| US7221949B2 (en) | 2005-02-28 | 2007-05-22 | Research In Motion Limited | Method and system for enhanced security using location-based wireless authentication |
| EP1696626B1 (en) * | 2005-02-28 | 2015-01-21 | BlackBerry Limited | Method and System for Enhanced Security Using Location Based Wireless Authentication |
| US9014725B2 (en) | 2005-02-28 | 2015-04-21 | Blackberry Limited | Method and system for enhanced security using location based wireless authentication |
| US9033225B2 (en) | 2005-04-26 | 2015-05-19 | Guy Hefetz | Method and system for authenticating internet users |
| US8640197B2 (en) | 2005-04-26 | 2014-01-28 | Guy Heffez | Methods for acquiring an internet user's consent to be located and for authenticating the identity of the user using location information |
| US10289833B2 (en) | 2005-04-26 | 2019-05-14 | Guy Hefetz | Authenticating internet user identities in electronic transactions |
| US7503489B2 (en) * | 2005-04-26 | 2009-03-17 | Bpriv, Llc | Method and system for monitoring electronic purchases and cash-withdrawals |
| US8413898B2 (en) | 2005-04-26 | 2013-04-09 | Guy Heffez | Method and system for monitoring electronic purchases and cash-withdrawals |
| WO2007004224A1 (en) * | 2005-07-05 | 2007-01-11 | Mconfirm Ltd. | Improved location based authentication system |
| US8285639B2 (en) | 2005-07-05 | 2012-10-09 | mConfirm, Ltd. | Location based authentication system |
| US8656458B2 (en) | 2005-08-25 | 2014-02-18 | Guy Heffez | Method and system for authenticating internet user identity |
| US8590007B2 (en) | 2005-08-25 | 2013-11-19 | Guy Heffez | Method and system for authenticating internet user identity |
| US9002814B2 (en) | 2005-09-02 | 2015-04-07 | Qwest Communications International Inc. | Location based authorization of financial card transactions systems and methods |
| US8166068B2 (en) * | 2005-09-02 | 2012-04-24 | Qwest | Location based authorization of financial card transactions systems and methods |
| US8176077B2 (en) | 2005-09-02 | 2012-05-08 | Qwest Communications International Inc. | Location based access to financial information systems and methods |
| US8935226B2 (en) | 2005-09-02 | 2015-01-13 | Qwest Communications International Inc. | Location based access to financial information systems and methods |
| EP2078370A2 (en) * | 2006-04-18 | 2009-07-15 | Guy Heffez | Method and system for authenticating internet user identity |
| GB2458979B (en) * | 2006-04-18 | 2011-09-21 | Guy Heffez | Method and system for authenticating internet user identity |
| EP2078370A4 (en) * | 2006-04-18 | 2012-01-04 | Guy Heffez | Method and system for authenticating internet user identity |
| US10373150B2 (en) | 2007-01-03 | 2019-08-06 | At&T Intellectual Property I, L.P. | User terminal location based credit card authorization servers, systems, methods and computer program products |
| US8924295B2 (en) * | 2007-01-03 | 2014-12-30 | At&T Intellectual Property I, L.P. | User terminal location based credit card authorization servers, systems, methods and computer program products |
| US8374634B2 (en) | 2007-03-16 | 2013-02-12 | Finsphere Corporation | System and method for automated analysis comparing a wireless device location with another geographic location |
| KR101490132B1 (en) * | 2007-03-16 | 2015-02-05 | 핀스피어 코포레이션 | Method for tracking credit card fraud |
| US9838872B2 (en) | 2007-03-16 | 2017-12-05 | Visa International Service Association | System and method for mobile identity protection for online user authentication |
| US9848298B2 (en) | 2007-03-16 | 2017-12-19 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| EP2130357A4 (en) * | 2007-03-16 | 2013-05-22 | Finsphere Corp | Method for tracking credit card fraud |
| US9420448B2 (en) | 2007-03-16 | 2016-08-16 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US9922323B2 (en) | 2007-03-16 | 2018-03-20 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US10354253B2 (en) | 2007-03-16 | 2019-07-16 | Visa International Service Association | System and method for identity protection using mobile device signaling network derived location pattern recognition |
| EP2130357A1 (en) * | 2007-03-16 | 2009-12-09 | FINSPHERE, Corporation | Method for tracking credit card fraud |
| US8831564B2 (en) | 2007-03-16 | 2014-09-09 | Finsphere Corporation | System and method for identity protection using mobile device signaling network derived location pattern recognition |
| US9432845B2 (en) | 2007-03-16 | 2016-08-30 | Visa International Service Association | System and method for automated analysis comparing a wireless device location with another geographic location |
| US9603023B2 (en) | 2007-03-16 | 2017-03-21 | Visa International Service Association | System and method for identity protection using mobile device signaling network derived location pattern recognition |
| US8533821B2 (en) | 2007-05-25 | 2013-09-10 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US8522349B2 (en) | 2007-05-25 | 2013-08-27 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
| US20130125220A1 (en) * | 2007-05-29 | 2013-05-16 | Guy Heffez | Method and system for authenticating internet user identity |
| EP2151085A1 (en) * | 2007-05-29 | 2010-02-10 | Guy S. Heffez | Method and system for authenticating internet user indentity |
| US8370909B2 (en) | 2007-05-29 | 2013-02-05 | Guy Heffez | Method and system for authenticating internet user identity |
| EP2151085A4 (en) * | 2007-05-29 | 2013-03-20 | Guy S Heffez | Method and system for authenticating internet user indentity |
| US10163100B2 (en) | 2007-10-25 | 2018-12-25 | Visa International Service Association | Location based authentication |
| US9721250B2 (en) | 2007-10-25 | 2017-08-01 | Visa U.S.A. Inc. | Location based authentication |
| US9185123B2 (en) | 2008-02-12 | 2015-11-10 | Finsphere Corporation | System and method for mobile identity protection for online user authentication |
| US9697511B2 (en) | 2008-12-22 | 2017-07-04 | Ingenico Group | Method for securing transactions, transaction device, bank server, mobile terminal, and corresponding computer programs |
| FR2940567A1 (en) * | 2008-12-22 | 2010-06-25 | Ingenico Sa | Transaction securing method, transaction device, bank server, mobile terminal, and corresponding computer program products |
| EP2199966A1 (en) * | 2008-12-22 | 2010-06-23 | Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" | Method for securing transactions, corresponding transaction device, banking server, mobile terminal and computer program products |
| EP2216730A1 (en) * | 2009-02-10 | 2010-08-11 | Deutsche Telekom AG | Method for encrypting and/or decrypting personal data |
| US8762724B2 (en) | 2009-04-15 | 2014-06-24 | International Business Machines Corporation | Website authentication |
| US8683609B2 (en) | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
| US8977260B1 (en) * | 2010-04-14 | 2015-03-10 | Sprint Communication Company L.P. | Preventing clone device registration in a wireless communication system |
| US8689038B2 (en) | 2010-10-01 | 2014-04-01 | Massoud Alibakhsh | System and method for providing total real-time redundancy for a plurality of client-server systems |
| US8103906B1 (en) | 2010-10-01 | 2012-01-24 | Massoud Alibakhsh | System and method for providing total real-time redundancy for a plurality of client-server systems |
| US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
| US8847733B2 (en) | 2011-05-20 | 2014-09-30 | Mastercard International Incorporated | Methods, systems, and computer-readable storage media for managing risk using location, mobile, and user participating-based identity verification |
| WO2013060935A1 (en) * | 2011-10-24 | 2013-05-02 | Nokia Corporation | Method and apparatus for verifying proof of presence |
| US20140052497A1 (en) * | 2012-02-07 | 2014-02-20 | Thomas Varghese | Correlating location data |
| US9691066B2 (en) | 2012-07-03 | 2017-06-27 | Verifone, Inc. | Location-based payment system and method |
| US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2004079499A3 (en) | 2004-12-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE69727519T2 (en) | Data network with voice control means | |
| AU2007281028B2 (en) | Transaction authorisation system and method | |
| US7333635B2 (en) | Method and system for confirming personal identity | |
| ES2714377T3 (en) | Network security and fraud detection procedure | |
| US6913194B2 (en) | Method and system to prevent fraudulent payment in credit/debit card transactions, and terminals therefor | |
| EP1250685B1 (en) | Banking system with enhanced identification of financial accounts | |
| ES2566060T3 (en) | Verification and authentication systems and methods | |
| US7725732B1 (en) | Object authentication system | |
| US6985887B1 (en) | Apparatus and method for authenticated multi-user personal information database | |
| US8280348B2 (en) | System and method for identity protection using mobile device signaling network derived location pattern recognition | |
| US6988657B1 (en) | Wireless payment processing system | |
| EP1450317B1 (en) | Method and system for blocking or deblocking a financial account associated to a SIM-card | |
| US6581042B2 (en) | Tokenless biometric electronic check transactions | |
| US8364120B2 (en) | Identity verification using location over time information | |
| US8407112B2 (en) | Transaction authorisation system and method | |
| JP2013225314A (en) | Transaction authentication using network | |
| US8924295B2 (en) | User terminal location based credit card authorization servers, systems, methods and computer program products | |
| US6070141A (en) | System and method of assessing the quality of an identification transaction using an identificaion quality score | |
| US20130291099A1 (en) | Notification services with anomaly detection | |
| US20080249939A1 (en) | Systems and Methods for Using Interactive Devices for Identification, Security, and Authentication | |
| US20170132631A1 (en) | System and method for user identity validation for online transactions | |
| US20020133462A1 (en) | Instant electronic notification of credit card use serves as deterrent | |
| US20030101137A1 (en) | Method and system for authorizing use of a transaction card | |
| US6192142B1 (en) | Tokenless biometric electronic stored value transactions | |
| US20170140386A1 (en) | Transaction assessment and/or authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| 122 | Ep: pct application non-entry in european phase |