Patents by Inventor Dominique Fedronic
Dominique Fedronic has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220353252Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate a key pair comprising a public key and a private key. The first computing device can generate a first shared secret using the private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: ApplicationFiled: July 8, 2022Publication date: November 3, 2022Applicant: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Patent number: 11394697Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate a key pair comprising a public key and a private key. The first computing device can generate a first shared secret using the private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: GrantFiled: November 25, 2019Date of Patent: July 19, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Patent number: 11086980Abstract: Enhance authentication techniques may include receiving credential data of a secondary device by a primary device, generating a cryptogram using the credential data of the secondary device, and transmitting the cryptogram to an access device to request for authorization to use an account associated with a user of the primary device. The authorization can be granted based on verification of the cryptogram and an interaction activity pattern of interactions between the primary device and a set of communication devices including the secondary device.Type: GrantFiled: February 7, 2020Date of Patent: August 10, 2021Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, Dominique Fedronic, Christian Aabye
-
Patent number: 10972257Abstract: Techniques are provided to generate a secure communication for use in a transaction. In some embodiments, a user device is provided a first set of encryption keys associated with one or more authorizing entities. The user device may, prior to or during a transaction, receive one or more second encryption keys related to a second party to the transaction. In some embodiments, the one or more second encryption keys may be provided to the user device via a local communication means. Once the user device has been provided with transaction details, it may generate a transaction request using the multiple encryption keys that it has been provided, such that portions of the message are encrypted using different encryption keys.Type: GrantFiled: June 7, 2017Date of Patent: April 6, 2021Assignee: Visa International Service AssociationInventors: Eric Le Saint, Yue Chen, Marc Kekicheff, Dominique Fedronic
-
Publication number: 20200177583Abstract: Enhance authentication techniques may include receiving credential data of a secondary device by a primary device, generating a cryptogram using the credential data of the secondary device, and transmitting the cryptogram to an access device to request for authorization to use an account associated with a user of the primary device. The authorization can be granted based on verification of the cryptogram and an interaction activity pattern of interactions between the primary device and a set of communication devices including the secondary device.Type: ApplicationFiled: February 7, 2020Publication date: June 4, 2020Inventors: Eric Le Saint, Dominique Fedronic, Christian Aabye
-
Patent number: 10601818Abstract: Enhance authentication techniques may include receiving credential data of a secondary device by a primary device, generating a cryptogram using the credential data of the secondary device, and transmitting the cryptogram to an access device to request for authorization to use an account associated with a user of the primary device. The authorization can be granted based on verification of the cryptogram and an interaction activity pattern of interactions between the primary device and a set of communication devices including the secondary device.Type: GrantFiled: April 13, 2016Date of Patent: March 24, 2020Assignee: Visa International Service AssociationInventors: Eric Le Saint, Dominique Fedronic, Christian Aabye
-
Publication number: 20200092269Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate a key pair comprising a public key and a private key. The first computing device can generate a first shared secret using the private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: ApplicationFiled: November 25, 2019Publication date: March 19, 2020Inventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Patent number: 10574633Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate an ephemeral key pair comprising an ephemeral public key and an ephemeral private key. The first computing device can generate a first shared secret using the ephemeral private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the ephemeral public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the ephemeral private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: GrantFiled: June 18, 2015Date of Patent: February 25, 2020Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Publication number: 20190089531Abstract: Techniques are provided to generate a secure communication for use in a transaction. In some embodiments, a user device is provided a first set of encryption keys associated with one or more authorizing entities. The user device may, prior to or during a transaction, receive one or more second encryption keys related to a second party to the transaction. In some embodiments, the one or more second encryption keys may be provided to the user device via a local communication means. Once the user device has been provided with transaction details, it may generate a transaction request using the multiple encryption keys that it has been provided, such that portions of the message are encrypted using different encryption keys.Type: ApplicationFiled: June 7, 2017Publication date: March 21, 2019Inventors: Eric Le Saint, Yue Chen, Mark Kekicheff, Dominique Fedronic
-
Publication number: 20180026973Abstract: Enhance authentication techniques may include receiving credential data of a secondary device by a primary device, generating a cryptogram using the credential data of the secondary device, and transmitting the cryptogram to an access device to request for authorization to use an account associated with a user of the primary device. The authorization can be granted based on verification of the cryptogram and an interaction activity pattern of interactions between the primary device and a set of communication devices including the secondary device.Type: ApplicationFiled: April 13, 2016Publication date: January 25, 2018Inventors: Eric Le Saint, Dominique Fedronic, Christian Aabye
-
Patent number: 9686072Abstract: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.Type: GrantFiled: July 13, 2015Date of Patent: June 20, 2017Assignee: Assa Abloy ABInventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Publication number: 20160043864Abstract: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.Type: ApplicationFiled: July 13, 2015Publication date: February 11, 2016Inventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Publication number: 20150372811Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate an ephemeral key pair comprising an ephemeral public key and an ephemeral private key. The first computing device can generate a first shared secret using the ephemeral private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the ephemeral public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the ephemeral private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: ApplicationFiled: June 18, 2015Publication date: December 24, 2015Inventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Patent number: 9112679Abstract: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.Type: GrantFiled: July 23, 2013Date of Patent: August 18, 2015Assignee: Assa Abloy ABInventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Publication number: 20140095879Abstract: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.Type: ApplicationFiled: July 23, 2013Publication date: April 3, 2014Applicant: ActivldentityInventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Patent number: 8628019Abstract: A portable authentication system includes a security module, that may be a smart card, SIM (Subscriber Identity Module), USB controller with a secure chip, or similar module capable of storing one or more credentials, and an interface module such as a digital badge holder that is able to communicate with the security module, for instance by providing a smart card communication interface. The portable authentication system may be either a single integrated system or a dual system where the security module can be removed or disconnected from the interface system.Type: GrantFiled: January 3, 2008Date of Patent: January 14, 2014Assignee: ActivIdentity, Inc.Inventors: Yves Louis Gabriel Audebert, Eric Fernand Le Saint, Jason Hart, Dominique Fedronic
-
Patent number: 8522014Abstract: A system obtains assurance by a content provider that a content control key is securely stored in a remote security module for further secure communications between the content provider and the security module. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module. The symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer. The content provider exchanging messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key. The symmetric transport key is independent of said content control key.Type: GrantFiled: March 15, 2007Date of Patent: August 27, 2013Assignee: ActividentityInventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Publication number: 20100023776Abstract: The invention concerns a method for obtaining assurance that a content control key is securely stored in a remote security module for further secure communications between a content provider and said security. A security module manufacturer, which has a pre-established trustful relation with the security module, imports a symmetric transport key into the security module, wherein the symmetric transport key is unique to the security module. The content provider shares the symmetric transport key with the security module manufacturer and exchanges messages with the security module through a security module communication manager in order to get the proof that the security module stores the content control key. At least a portion of the messages exchanged between the content provider and the security module are protected using the symmetric transport key.Type: ApplicationFiled: March 15, 2007Publication date: January 28, 2010Applicant: ACTIVIDENTITY INC.Inventors: Dominique Fedronic, Eric Le Saint, John Babbidge, Hong Liu
-
Publication number: 20090193264Abstract: A strong authentication method and system using a Secure ICC component coupled with a Personal device, and relying on the existing cryptographic protocols and keys for managing the secure ICC to generate One-Time-Passwords when the necessary authentication keys or cryptographic protocols are not already present in the Secure ICC configuration for that purpose.Type: ApplicationFiled: September 22, 2008Publication date: July 30, 2009Applicant: ActivIdentity, Inc.Inventors: Dominique FEDRONIC, Eric LE SAINT, John BOYER, William BOGGESS
-
Publication number: 20080169350Abstract: A portable authentication system includes a security module, that may be a smart card, SIM (Subscriber Identity Module), USB controller with a secure chip, or similar module capable of storing one or more credentials, and an interface module such as a digital badge holder that is able to communicate with the security module, for instance by providing a smart card communication interface. The portable authentication system may be either a single integrated system or a dual system where the security module can be removed or disconnected from the interface system.Type: ApplicationFiled: January 3, 2008Publication date: July 17, 2008Applicant: Activldentity, IncInventors: Yves Louis, Gabriel Audebert, Eric Fernand Le Saint, Jason Hart, Dominique Fedronic