摘要 |
A method and system for securing a user transaction involving a subscriber unit (“SU”) (having a processor, memory, and a display configured to accept user input), a credential information manager (“CIM”) (having a processor and memory), and a transaction service provider (“TSP”) (having a processor and memory). A cyber identifier (“CyberID”), a subscriber identifier (“SubscriberID”), and subscriber information, each associated with the user, is stored in the CIM. A transaction request is sent from the SU to the TSP, which creates a transaction identifier (“TID”), stores it in the TSP memory and transmits it to the SU. The SU transmits an authentication request, the TID, and SubscriberID to the CIM, which authenticates the SubscriberID and verifies the TID to the TSP. The TSP verifies the TID and reports it to the CIM, which transmits the CyberID and subscriber information to the TSP, and transmits a transaction authorization to the SU. |
主权项 |
1. A method for securing a transaction by a user comprising:
providing first and second subscriber units each having a processor, a memory, and a display, wherein each said subscriber unit is configured to accept user input, providing a credential information manager having a processor and a memory, storing a cyber identifier associated with the user in said credential information manager memory, wherein said cyber identifier comprises a username and subscriber information; storing said subscriber information associated with the user in said credential information manager memory; providing a transaction service provider having a processor and a memory, transmitting a request for a transaction from said first subscriber unit to said transaction service provider; transmitting, from said credential information manager to said transaction service provider, said cyber identifier stored in said credential information manager memory; transmitting, from said credential information manager to said transaction service provider, said subscriber information stored in said credential information manager memory; transmitting a transaction authorization from said credential information manager to said transaction service provider; and transmitting a password from said second subscriber unit to said transaction service provider; wherein said password is never transmitted to said credential information manager and wherein said cyber identifier is never transmitted to said first and second subscriber units; and wherein said subscriber information is never transmitted to said transaction service provider by said first or second subscriber units. |