Systems and methods for remote authorization of financial transactions using public key infrastructure (PKI)

摘要

The invention relates to systems and methods for secure, remote, wireless submission of financial transactions. Authentication and authorization functionality are provided through use of proof of possession tests, a token service that provides a user device with a token that includes user entitlement data, and high assurance digital certificates.

主权项

1. A mobile device for submitting a transaction using a Public Key Infrastructure (PKI) system, comprising:
a wireless transceiver; an authentication device for accepting data consisting at least in part of a digital certificate provided by a first trusted third party indicative of an identity of a user of the mobile device; a special purpose processor programmed to: retrieve, based on said data accepted by the authentication device, a secure token consisting at least in part of data relating to entitlements associated with the user from a second trusted third party, wherein the secure token is digitally signed by a security token service using a private key associated with the security token service, and the second trusted third party operates independently of the token service; generate a transaction message consisting at least in part of a transaction to be submitted and the retrieved secure token; digitally sign the transaction message utilizing a private key of the user; and transmit the signed transaction message to a server via the wireless transceiver for execution.