| 发明名称 |
Mobile device transaction using multi-factor authentication |
| 摘要 |
The following is a system in which a person may use a Cellular (Mobile) Telephone, a PDA or any other handheld computer to make a purchase. This is an example only. The process may entail any type of transaction which requires authentication, such as any financial transaction, any access control (to account information, etc.), and any physical access scenario such as doubling for a passport or an access key to a restricted area (office, vault, etc.). It may also be used to conduct remote transactions such as those conducted on the Internet (E-Commerce, account access, etc.). In the process, a multi-factor authentication is used. |
| 申请公布号 |
US9064257(B2) |
申请公布日期 |
2015.06.23 |
| 申请号 |
US201113287994 |
申请日期 |
2011.11.02 |
| 申请人 |
|
发明人 |
Beigi Homayoon |
| 分类号 |
G06F21/00;G06Q20/40;G06Q20/32;G06Q20/38 |
主分类号 |
G06F21/00 |
| 代理机构 |
Gordon & Jacobson, PC |
代理人 |
Gordon & Jacobson, PC |
| 主权项 |
1. A method of conducting an electronic transaction for an authorized user using a mobile device, the method comprising:
(a) storing an identifier for the authorized user in persistent memory of the mobile device; (b) storing a biometric model in an encrypted form in the persistent memory of the mobile device, the biometric model representing biometric features of an authorized user of the mobile device; (c) generating a first public key and private key pair (PPDA, RPDA) for the mobile device for use in conjunction with registration with at least one certificate authority; (d) utilizing a predetermined hash function to generate a plurality of hash values Yi based upon reference data stored on the mobile device, said reference data including said identifier stored in (a) and data of said biometric model of (b) in decrypted form; (e) encrypting said plurality of hash values Yi with said private key RPDA for the mobile device to derive a plurality of encrypted hash values Zi, and communicating said plurality of encrypted hash values Zi as well as said public key PPDA for the mobile device to the at least one certificate authority; (f) at the at least one certificate authority, decrypting said plurality of encrypted hash values Zi utilizing said public key PPDA for the mobile device to reconstruct said plurality of hash values Yi; (g) at the at least one certificate authority, generating a respective second public key and private key pair (PCA, RCA) for the respective certificate authority for use in conjunction with registration with the authorized user and the mobile device; (h) at the at least one certificate authority, encrypting said plurality of hash values Yi reconstructed in (f) with said respective private key RCA to derive a plurality of encrypted hash values Ai; (i) persistently storing said plurality of encrypted hash values Ai derived in (h) for access by the mobile device; (j) persistently storing said respective public key PCA for the respective certificate authority as generated in (g) for access by the mobile device; (k) performing a validation process on the mobile device that
(1) decrypts said plurality of encrypted hash values Ai persistently stored in (i) utilizing said respective public key PCA persistently stored in (j) to derive a plurality of hash values YiCA,(2) utilizes said predetermined hash function of (d) to generate a plurality of hash values Yi based upon said reference data stored on the mobile device, and(3) compares said plurality of hash values YiCA derived in (k)(1) and said plurality of hash values Yi derived in (k)(2) to determine if said hash values match one another; and (l) selectively performing a sequence of operations for carrying out the electronic transaction based upon the determination of (k)(3), wherein said sequence of operations include biometric verification for the authorized user of the mobile device utilizing said biometric model stored in (b). |
| 地址 |
|
