Patents by Inventor Eric MONTI
Eric MONTI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230316255Abstract: In an example, a method can include receiving, at a merchant-facing portion of a payment system, data from a customer-facing portion of the payment system indicating a payment transaction between a merchant and a customer, wherein there is a physical connection between the portions; determining that the payment system is unable to access a remote payment service system via an external network; determining that the payment transaction is not preapproved for payment by the remote payment service system; storing the payment transaction on the merchant-facing portion even though the payment transaction is not preapproved; determining that the payment system is able to access the remote payment service system via the external network; and transmitting transaction information including the stored payment transaction to the remote payment service system, via the external network, for processing the stored payment transaction.Type: ApplicationFiled: April 25, 2023Publication date: October 5, 2023Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Huey Chen, Christopher Clark, J. Bryan Scott, Eric Monti
-
Patent number: 11762646Abstract: Techniques are described for securely updating a point-of-sale (POS) system that includes a merchant-facing device and a buyer-facing device. For instance, the merchant-facing device may execute first software that provides first POS functionality and the buyer-facing device may execute second software that provides second POS functionality. To update both devices, the merchant-facing device may receive a software update from a payment service via a network connection, and update the first software using the software update. The merchant-facing device can then cause, via a physical connection, the buyer-facing device to reboot in an update mode and send the software update to the buyer-facing device. In response, the buyer-facing device can update the second software using the software update and then reboot in a payments mode. In some instances, the buyer-facing device can then update a secure enclave on the buyer-facing device using the software update.Type: GrantFiled: March 15, 2021Date of Patent: September 19, 2023Assignee: Block, Inc.Inventors: John Kelley, Max Guise, Todor Ristov, Imran Khan, Eric Monti
-
Patent number: 11669826Abstract: Techniques associated with a customer-facing device and a merchant-facing device are described herein. In an example, a system can include a customer-facing device configured with a customer application that is executable on an operating system of the customer-facing device to (i) display information to a customer and (ii) receive input from the customer, wherein the customer-facing device includes a payment reader to read payment data from a payment instrument in association with a payment transaction between the customer and a merchant, and a merchant-facing device configured with a merchant application that is executable on an operating system of the merchant-facing device to (i) display information to the merchant and (ii) receive input from the merchant. In at least one example, the customer-facing device and the merchant-facing device can communicate to process, at least in part, the payment transaction associated with the payment instrument via a remote payment service system.Type: GrantFiled: August 31, 2022Date of Patent: June 6, 2023Assignee: Block, Inc.Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Huey Chen, Christopher Clark, J. Bryan Scott, Eric Monti
-
Patent number: 11593780Abstract: Disclosed is a technique for verifying the validity of security certificates received by a mobile device. The technique can involve diverting a security certificate into a secure environment, such as a payment application, by modifying an import address table (e.g., implementing a “hook”) that is accessed by the security layer of the mobile device. Once diverted, the payment application can create a copy of the security certificate. The copy may be stored in a list of security certificates that is subsequently uploaded to a payment processing system for authentication. In some embodiments, a checksum is generated for the import address table using a cryptographic hash function. The checksum allows the payment application or the payment processing system to determine whether an unauthorized modification of the import address table is present.Type: GrantFiled: December 10, 2015Date of Patent: February 28, 2023Assignee: BLOCK, INC.Inventors: Dino Dai Zovi, Eric Monti
-
Publication number: 20220414635Abstract: Techniques associated with a customer-facing device and a merchant-facing device are described herein. In an example, a system can include a customer-facing device configured with a customer application that is executable on an operating system of the customer-facing device to (i) display information to a customer and (ii) receive input from the customer, wherein the customer-facing device includes a payment reader to read payment data from a payment instrument in association with a payment transaction between the customer and a merchant, and a merchant-facing device configured with a merchant application that is executable on an operating system of the merchant-facing device to (i) display information to the merchant and (ii) receive input from the merchant. In at least one example, the customer-facing device and the merchant-facing device can communicate to process, at least in part, the payment transaction associated with the payment instrument via a remote payment service system.Type: ApplicationFiled: August 31, 2022Publication date: December 29, 2022Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Huey Chen, Christopher Clark, J. Bryan Scott, Eric Monti
-
Patent number: 11475431Abstract: Techniques associated with a customer-facing device and a merchant-facing device are described herein. In an example, a system can include a customer-facing device configured with a customer application that is executable on an operating system of the customer-facing device to (i) display information to a customer and (ii) receive input from the customer, wherein the customer-facing device includes a payment reader to read payment data from a payment instrument in association with a payment transaction between the customer and a merchant, and a merchant-facing device configured with a merchant application that is executable on an operating system of the merchant-facing device to (i) display information to the merchant and (ii) receive input from the merchant. In at least one example, the customer-facing device and the merchant-facing device can communicate to process, at least in part, the payment transaction associated with the payment instrument via a remote payment service system.Type: GrantFiled: November 12, 2019Date of Patent: October 18, 2022Assignee: Block, Inc.Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Chen, Christopher R. Clark, J. Bryan Scott, Eric Monti
-
Publication number: 20210255848Abstract: This disclosure describes, in part, techniques for securely updating a point-of-sale (POS) system that includes a merchant-facing device and a buyer-facing device. For instance, the merchant-facing device may execute first software that provides first POS functionality and the buyer-facing device may execute second software that provides second POS functionality. To update both devices, the merchant-facing device may receive a software update from a payment service via a network connection, and update the first software using the software update. The merchant-facing device can then cause, via a physical connection, the buyer-facing device to reboot in an update mode and send the software update to the buyer-facing device. In response, the buyer-facing device can update the second software using the software update and then reboot in a payments mode. In some instances, the buyer-facing device can then update a secure enclave on the buyer-facing device using the software update.Type: ApplicationFiled: March 15, 2021Publication date: August 19, 2021Inventors: John Kelley, Max Guise, Todor Ristov, Imran Khan, Eric Monti
-
Patent number: 10949189Abstract: Techniques for securely updating a point-of-sale (POS) system that includes a merchant-facing device and a buyer-facing device are described. For instance, the merchant-facing device may execute first software that provides first POS functionality and the buyer-facing device may execute second software that provides second POS functionality. To update both devices, the merchant-facing device may receive a software update from a payment service via a network connection, and update the first software using the software update. The merchant-facing device can then cause, via a physical connection, the buyer-facing device to reboot in an update mode and send the software update to the buyer-facing device. In response, the buyer-facing device can update the second software using the software update and then reboot in a payments mode. In some instances, the buyer-facing device can then update a secure enclave on the buyer-facing device using the software update.Type: GrantFiled: June 28, 2017Date of Patent: March 16, 2021Assignee: Square, Inc.Inventors: John Kelley, Max Guise, Todor Ristov, Imran Khan, Eric Monti
-
Publication number: 20200082376Abstract: Techniques associated with a customer-facing device and a merchant-facing device are described herein. In an example, a system can include a customer-facing device configured with a customer application that is executable on an operating system of the customer-facing device to (i) display information to a customer and (ii) receive input from the customer, wherein the customer-facing device includes a payment reader to read payment data from a payment instrument in association with a payment transaction between the customer and a merchant, and a merchant-facing device configured with a merchant application that is executable on an operating system of the merchant-facing device to (i) display information to the merchant and (ii) receive input from the merchant. In at least one example, the customer-facing device and the merchant-facing device can communicate to process, at least in part, the payment transaction associated with the payment instrument via a remote payment service system.Type: ApplicationFiled: November 12, 2019Publication date: March 12, 2020Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Chen, Christopher R. Clark, J. Bryan Scott, Eric Monti
-
Patent number: 10496977Abstract: Method, systems, and apparatus for a method of processing a payment transaction using a mobile device of a merchant. In one aspect, determining the mobile device does not have a connection to an external network; receiving data indicating a payment transaction between a customer and the merchant; determining whether the payment transaction should be stored, where the determining is based on a risk heuristic model that considers one or more of the following: a number of already stored transactions, a value of the payment transaction, a total value, where the total value is a sum of the value of the payment transaction and values of one or more already stored transactions, and risk factors associated with the customer; and based at least on the determination, storing the payment transaction on the mobile device for future processing.Type: GrantFiled: March 12, 2013Date of Patent: December 3, 2019Assignee: Square, Inc.Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Chen, Christopher R. Clark, J. Bryan Scott, Eric Monti
-
Patent number: 10409984Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for storing a plurality of stored fingerprints, wherein each of the stored fingerprints is associated with a respective software environment and a respective mobile device; receiving from a first mobile device a first fingerprint of a first software environment in the first mobile device; determining whether the stored fingerprints include less than a threshold amount of fingerprints identical to the first fingerprint; based on a determination that the stored fingerprints include less than the threshold amount of fingerprints identical to the first fingerprint, determining that the first software environment is a compromised software environment; and performing a corrective measure.Type: GrantFiled: March 13, 2013Date of Patent: September 10, 2019Assignee: Square, Inc.Inventors: Nathan McCauley, Bob Lee, Oliver S. C. Quigley, Eric Monti, Michael R. Lewis
-
Publication number: 20190004785Abstract: This disclosure describes, in part, techniques for securely updating a point-of-sale (POS) system that includes a merchant-facing device and a buyer-facing device. For instance, the merchant-facing device may execute first software that provides first POS functionality and the buyer-facing device may execute second software that provides second POS functionality. To update both devices, the merchant-facing device may receive a software update from a payment service via a network connection, and update the first software using the software update. The merchant-facing device can then cause, via a physical connection, the buyer-facing device to reboot in an update mode and send the software update to the buyer-facing device. In response, the buyer-facing device can update the second software using the software update and then reboot in a payments mode. In some instances, the buyer-facing device can then update a secure enclave on the buyer-facing device using the software update.Type: ApplicationFiled: June 28, 2017Publication date: January 3, 2019Inventors: John Kelley, Max Guise, Todor Ristov, Imran Khan, Eric Monti
-
Patent number: 10037518Abstract: Some examples include sending, to a secure environment, coordinates for certain touch events made to a touchscreen of an electronic device. As one example, an import address table that is accessed by an event loop of the electronic device may be modified. For instance, only those touch events that are performed within the bounds of a user interface area may be diverted to the secure environment, and all touch events outside that area may continue to be identified, such as by using operating system libraries of the electronic device. In some cases, a checksum may be generated for the import address table using a cryptographic hash function. The checksum may allow a payment application and/or a payment processing system to determine whether an unauthorized modification of the import address table is present.Type: GrantFiled: February 28, 2017Date of Patent: July 31, 2018Assignee: SQUARE, INC.Inventors: Dino Dai Zovi, Eric Monti
-
Publication number: 20170169412Abstract: Some examples include sending, to a secure environment, coordinates for certain touch events made to a touchscreen of an electronic device. As one example, an import address table that is accessed by an event loop of the electronic device may be modified. For instance, only those touch events that are performed within the bounds of a user interface area may be diverted to the secure environment, and all touch events outside that area may continue to be identified, such as by using operating system libraries of the electronic device. In some cases, a checksum may be generated for the import address table using a cryptographic hash function. The checksum may allow a payment application and/or a payment processing system to determine whether an unauthorized modification of the import address table is present.Type: ApplicationFiled: February 28, 2017Publication date: June 15, 2017Inventors: Dino Dai Zovi, Eric Monti
-
Patent number: 9652610Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for determining, at a remote computing device, whether a first security measure has been compromised, wherein the first security measure is executed on a mobile device; and based on a determination that the first security measure has been compromised, performing a corrective measure, wherein the corrective measure is performed after a delay.Type: GrantFiled: February 25, 2015Date of Patent: May 16, 2017Assignee: SQUARE, INC.Inventors: Nathan McCauley, Robert Lee, Oliver S. C. Quigley, Eric Monti, Michael R. Lewis
-
Patent number: 9619802Abstract: Disclosed is a technique for identifying touch events performed on a mobile device within a secure environment. The technique can involve diverting coordinates for certain touch events to a secure environment in a payment application, for example, by modifying an import address table (e.g., implementing a “hook”) that is accessed by an event loop of the mobile device. Generally, only those touch events that are performed within the bounds of a user interface area are diverted to the secure environment, and all touch events outside that area continue to be identified using the operating system libraries of the mobile device. A checksum may be generated for the import address table using a cryptographic hash function. The checksum allows the payment application or a payment processing system to determine whether an unauthorized modification of the import address table is present.Type: GrantFiled: December 9, 2015Date of Patent: April 11, 2017Assignee: SQUARE, INC.Inventors: Dino Dai Zovi, Eric Monti
-
Patent number: 8997230Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for determining, at a remote computing device, whether a first security measure has been compromised, wherein the first security measure is executed on a mobile device; and based on a determination that the first security measure has been compromised, performing a corrective measure, wherein the corrective measure is performed after a delay.Type: GrantFiled: March 13, 2013Date of Patent: March 31, 2015Assignee: Square, Inc.Inventors: Nathan McCauley, Bob Lee, Oliver S. C. Quigley, Eric Monti, Michael R. Lewis
-
Patent number: 8880881Abstract: A method of establishing secure communication between a first mobile computing device and a second mobile computing device includes generating a first self-signed key at the first mobile computing device, pairing the first device with a second device, the pairing including receiving user input of a passcode and after receiving the user input sending the first public key to the second mobile computing device and receiving a second public key from the second mobile computing device, storing the second public key in a database of trusted devices, the database of trusted devices being stored in the first mobile computing device, receiving in the first mobile computing device a list of mobile computing devices connected to a mobile network, matching the list of mobile computing device against the database of trusted devices, and establishing secure communication between the first mobile computing device and the second mobile computing device.Type: GrantFiled: January 18, 2012Date of Patent: November 4, 2014Assignee: Square, Inc.Inventors: Shawn Morel, Diogo Monica, Eric Monti, Sam Wen, Nathan McCauley
-
Publication number: 20140019340Abstract: Method, systems, and apparatus for a method of processing a payment transaction using a mobile device of a merchant. In one aspect, determining the mobile device does not have a connection to an external network; receiving data indicating a payment transaction between a customer and the merchant; determining whether the payment transaction should be stored, where the determining is based on a risk heuristic model that considers one or more of the following: a number of already stored transactions, a value of the payment transaction, a total value, where the total value is a sum of the value of the payment transaction and values of one or more already stored transactions, and risk factors associated with the customer; and based at least on the determination, storing the payment transaction on the mobile device for future processing.Type: ApplicationFiled: March 12, 2013Publication date: January 16, 2014Applicant: Square, Inc.Inventors: Edward Ruder, James Puls, Mehdi Mulani, Shawn Morel, Grace Chen, Christopher R. Clark, J. Bryan Scott, Eric Monti
-
Publication number: 20130185559Abstract: A method of establishing secure communication between a first mobile computing device and a second mobile computing device includes generating a first self-signed key at the first mobile computing device, pairing the first device with a second device, the pairing including receiving user input of a passcode and after receiving the user input sending the first public key to the second mobile computing device and receiving a second public key from the second mobile computing device, storing the second public key in a database of trusted devices, the database of trusted devices being stored in the first mobile computing device, receiving in the first mobile computing device a list of mobile computing devices connected to a mobile network, matching the list of mobile computing device against the database of trusted devices, and establishing secure communication between the first mobile computing device and the second mobile computing device.Type: ApplicationFiled: January 18, 2012Publication date: July 18, 2013Applicant: Square, Inc.Inventors: Shawn MOREL, Diogo MONICA, Eric MONTI, Sam WEN, Nathan McCAULEY