Patents by Inventor Hadi Nahari
Hadi Nahari has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20160205112Abstract: A detection is made that a first entity residing on a mobile device is requesting authentication. The first entity resides in a first portion of the mobile device. A determination is made that the mobile device is unable to establish network connections with a remote authentication server that is configured to authenticate the first entity. A local authentication process is performed in response to the determination that the mobile device is unable to establish network connections with the remote authentication server. Without accessing the remote authentication server, the local authentication process is performed by a second entity that resides in a second portion of the mobile device. The second portion has a greater level of security than the first portion.Type: ApplicationFiled: March 17, 2016Publication date: July 14, 2016Inventors: Sebastien Ludovic Jean Taveau, Hadi Nahari
-
Patent number: 9356930Abstract: A user inserts a received random sequence into the user's password or PIN. The user enters and transmits this randomized password to a service provider. The service provider extracts the password to determine whether to authenticate the user.Type: GrantFiled: May 19, 2014Date of Patent: May 31, 2016Assignee: PAYPAL, INC.Inventor: Hadi Nahari
-
Patent number: 9311641Abstract: The present disclosure involves a system that includes a computer memory storage component configured to store computer programming instructions and a computer processor component operatively coupled to the computer memory storage component. The computer processor component is configured to run a secure operating system and a non-secure operating system in parallel. The secure and non-secure operating systems are isolated from each other. The computer processor component is configured to execute code to perform the following operations: receiving an authentication request from an application that is run by the non-secure operating system, wherein the authentication request contains credentials of the application; communicating with a secure applet that is run by the secure operating system, and wherein the communicating includes transferring the credentials of the application to the secure applet; and authenticating and vetting the application based on the credentials of the application.Type: GrantFiled: December 2, 2014Date of Patent: April 12, 2016Assignee: PayPal, Inc.Inventors: Sebastien Ludovic Jean Taveau, Hadi Nahari
-
Publication number: 20160005039Abstract: A system includes a tag having a machine readable tag identifier (Tag ID) configured to be read by a reader; and a device to be identified by the tag, in which: the device is configured to communicate with the reader; the device has access to a secure Tag ID; and the device communicates a verification to the reader if the machine readable Tag ID communicated to the device from the reader matches the secure Tag ID. A method includes: reading a Tag ID from a tag attached to a device; communicating the Tag ID read from the tag to the device; comparing a secure Tag ID of the device to the Tag ID read from the tag; and responding with a “match” or “no-match” message from the device, according to which the device is either trusted or not trusted as being identified by the Tag ID. A method of verifying a trusted agent (TA) on a device includes: storing a digital signature of the TA in a secure vault of the device; and verifying the TA by verifying the digital signature of the TA each time the TA is used.Type: ApplicationFiled: September 14, 2015Publication date: January 7, 2016Inventors: Sebastien Taveau, Hadi Nahari
-
Publication number: 20150288521Abstract: Systems and methods are provided for a device to engage in a zero-knowledge proof with an entity requiring authentication either of secret material or of the device itself. The device may provide protection of the secret material or its private key for device authentication using a hardware security module (HSM) of the device, which may include, for example, a read-only memory (ROM) accessible or programmable only by the device manufacturer. In the case of authenticating the device itself a zero-knowledge proof of knowledge may be used. The zero-knowledge proof or zero-knowledge proof of knowledge may be conducted via a communication channel on which an end-to-end (e.g.Type: ApplicationFiled: June 19, 2015Publication date: October 8, 2015Inventor: Hadi Nahari
-
Patent number: 9135424Abstract: A system includes a tag having a machine readable tag identifier (Tag ID) configured to be read by a reader; and a device to be identified by the tag, in which: the device is configured to communicate with the reader; the device has access to a secure Tag ID; and the device communicates a verification to the reader if the machine readable Tag ID communicated to the device from the reader matches the secure Tag ID. A method includes: reading a Tag ID from a tag attached to a device; communicating the Tag ID read from the tag to the device; comparing a secure Tag ID of the device to the Tag ID read from the tag; and responding with a “match” or “no-match” message from the device, according to which the device is either trusted or not trusted as being identified by the Tag ID. A method of verifying a trusted agent (TA) on a device includes: storing a digital signature of the TA in a secure vault of the device; and verifying the TA by verifying the digital signature of the TA each time the TA is used.Type: GrantFiled: March 5, 2010Date of Patent: September 15, 2015Assignee: PAYPAL, INC.Inventors: Sebastien Taveau, Hadi Nahari
-
Publication number: 20150088749Abstract: The present disclosure involves a system that includes a computer memory storage component configured to store computer programming instructions and a computer processor component operatively coupled to the computer memory storage component. The computer processor component is configured to run a secure operating system and a non-secure operating system in parallel. The secure and non-secure operating systems are isolated from each other. The computer processor component is configured to execute code to perform the following operations: receiving an authentication request from an application that is run by the non-secure operating system, wherein the authentication request contains credentials of the application; communicating with a secure applet that is run by the secure operating system, and wherein the communicating includes transferring the credentials of the application to the secure applet; and authenticating and vetting the application based on the credentials of the application.Type: ApplicationFiled: December 2, 2014Publication date: March 26, 2015Inventors: Sebastian Ludovic Jean Taveau, Hadi Nahari
-
Patent number: 8914876Abstract: The present disclosure involves a system that includes a computer memory storage component configured to store computer programming instructions and a computer processor component operatively coupled to the computer memory storage component. The computer processor component is configured to run a secure operating system and a non-secure operating system in parallel. The secure and non-secure operating systems are isolated from each other. The computer processor component is configured to execute code to perform the following operations: receiving an authentication request from an application that is run by the non-secure operating system, wherein the authentication request contains credentials of the application; communicating with a secure applet that is run by the secure operating system, and wherein the communicating includes transferring the credentials of the application to the secure applet; and authenticating and vetting the application based on the credentials of the application.Type: GrantFiled: April 6, 2012Date of Patent: December 16, 2014Assignee: eBay Inc.Inventors: Sebastien Ludovic Jean Taveau, Hadi Nahari
-
Publication number: 20140323052Abstract: Methods and systems utilize a shake and transfer process to initiate a wireless communication and provide a user device with time and location information of the communication, which can be associated with contact information of a user of the other device. As a result, a user has additional information associated with a contact, and the time and location information can be used to determine or track elapsed time and distance traveled between communications.Type: ApplicationFiled: July 14, 2014Publication date: October 30, 2014Inventors: Sebastien Taveau, Carl Stone, Nadav Naaman, Hadi Nahari
-
Publication number: 20140250507Abstract: A user inserts a received random sequence into the user's password or PIN. The user enters and transmits this randomized password to a service provider. The service provider extracts the password to determine whether to authenticate the user.Type: ApplicationFiled: May 19, 2014Publication date: September 4, 2014Applicant: EBAY INC.Inventor: Hadi Nahari
-
Patent number: 8781393Abstract: Methods and systems utilize a shake and transfer process to initiate a wireless communication provide a user device with time and location information of the communication, which can be associated with contact information of a user of the other device. As a result, a user has additional information associated with a contact, and the time and location information can be used to determine or track elapsed time and distance traveled between communications.Type: GrantFiled: September 30, 2009Date of Patent: July 15, 2014Assignee: Ebay Inc.Inventors: Sebastien Taveau, Carl Stone, Nadav Naaman, Hadi Nahari
-
Patent number: 8731197Abstract: A user inserts a received random sequence into the user's password or PIN. The user enters and transmits this randomized password to a service provider. The service provider extracts the password to determine whether to authenticate the user.Type: GrantFiled: February 25, 2011Date of Patent: May 20, 2014Assignee: Ebay Inc.Inventor: Hadi Nahari
-
Patent number: 8707048Abstract: Various methods and systems are provided for inserting a user-selected pattern below a main application display when sensitive information is being requested or to be communicated. The border of the main application layer may also be modified at this time, either with or without the underlying pattern. This visual change provides the user an assurance that the application or site is authentic and not a phishing attack. The user-selected patterns are stored in secure areas, such as a secure element on the user device or in a cloud accessible by the application or site.Type: GrantFiled: March 5, 2010Date of Patent: April 22, 2014Assignee: Ebay Inc.Inventors: Sebastien Taveau, Hadi Nahari, Eric Duprat
-
Patent number: 8650614Abstract: Systems and methods for use with a client device and a server provide interactive phishing detection at the initiation of the user. Detection of phishing is based on the user's comparison of a visual indicator sent from the server to the client device with a another identical looking visual indicator displayed, for example, on a trusted website. Several security measures may be employed such as changing the visual indicator periodically, generating the visual indicator in a random manner, and authenticating the client device to the server before the server will transmit the visual indicator to the client device. User comparison of the website-displayed visual indicator with the user's client device user interface-displayed visual indicator may facilitate user verification of authenticity of a software application.Type: GrantFiled: April 1, 2010Date of Patent: February 11, 2014Assignee: Ebay Inc.Inventors: Hadi Nahari, Aleksey V. Sanin
-
Patent number: 8565436Abstract: A system, according to one embodiment, includes a master key for encryption of data; an encryption key site accessible by computer and storing a first piece of the master key; a configuration file resident in a computer file system, the configuration file storing a second piece of the master key; a computer database storing a third piece of the master key; a master-key seal key used to encrypt the master key, wherein a secure self managed data (SSMD) key is obtained by assembling and decrypting the first piece, the second piece and the third piece using the master-key seal key; a unique ID for the data; a classification level for the data; and an expiration time for the data, wherein the data, the unique ID, the classification level, and the expiration time are encrypted together using the SSMD key to form an SSMD encoded data.Type: GrantFiled: March 31, 2009Date of Patent: October 22, 2013Assignee: EBAY Inc.Inventors: Rasta A. Mansour, Hadi Nahari
-
Publication number: 20130097698Abstract: The present disclosure involves a system that includes a computer memory storage component configured to store computer programming instructions and a computer processor component operatively coupled to the computer memory storage component. The computer processor component is configured to run a secure operating system and a non-secure operating system in parallel. The secure and non-secure operating systems are isolated from each other. The computer processor component is configured to execute code to perform the following operations: receiving an authentication request from an application that is run by the non-secure operating system, wherein the authentication request contains credentials of the application; communicating with a secure applet that is run by the secure operating system, and wherein the communicating includes transferring the credentials of the application to the secure applet; and authenticating and vetting the application based on the credentials of the application.Type: ApplicationFiled: April 6, 2012Publication date: April 18, 2013Applicant: eBay, Inc.Inventors: Sebastien Ludovic Jean Taveau, Hadi Nahari
-
Publication number: 20120158542Abstract: A system and method for facilitating electronic commerce over a network, according to one or more embodiments, includes communicating with a user via a user device over the network, distributing a resident application to the user device over the network, displaying a service icon on the user device, and receiving an authentication request from the user via the user device over the network. The service icon is linked to the resident application, and the authentication request includes user credentials inputted by the user via user selection of the service icon and resulting user access of the resident application. The system and method includes communicating with the resident application on the user device to request user confirmation of the authentication request, receiving user confirmation from the user via the user device over the network, authorizing the authentication request, and notifying the user of the authorized authentication request over the network via the resident application.Type: ApplicationFiled: December 16, 2010Publication date: June 21, 2012Applicant: EBAY INC.Inventor: Hadi Nahari
-
Publication number: 20120060214Abstract: Methods and systems for authenticating a user and a consumer electronic device (CED) to a financial services provider (FSP) for purposes of communications initiated from the device and needing security, such as purchases and financial transactions, are provided. The FSP may compile information about a user's behavior from various sources, both public and private, including the CED. The information may be of a stochastic nature, being gathered by sampling user data and behavior at chosen times. The information may include indicators of user behavior—such as the user using the device to check various accounts and web-pages—and data from the device—such as GPS location. Based on the compiled stochastic information, and using a sliding scale, a throttling mechanism, acceptance variation, and pinging information, the FSP can compare current information from the device with what is known about the user and the device to provide a more accurate and reliable authentication process.Type: ApplicationFiled: September 8, 2010Publication date: March 8, 2012Applicant: EBAY INC.Inventor: Hadi Nahari
-
Publication number: 20110225638Abstract: A user inserts a received random sequence into the user's password or PIN. The user enters and transmits this randomized password to a service provider. The service provider extracts the password to determine whether to authenticate the user.Type: ApplicationFiled: February 25, 2011Publication date: September 15, 2011Applicant: EBAY INC.Inventor: Hadi Nahari
-
Publication number: 20110162078Abstract: Various methods and systems are provided for inserting a user-selected pattern below a main application display when sensitive information is being requested or to be communicated. The border of the main application layer may also be modified at this time, either with or without the underlying pattern. This visual change provides the user an assurance that the application or site is authentic and not a phishing attack. The user-selected patterns are stored in secure areas, such as a secure element on the user device or in a cloud accessible by the application or site.Type: ApplicationFiled: March 5, 2010Publication date: June 30, 2011Applicant: EBAY INC.Inventors: Sebastien Taveau, Hadi Nahari, Eric Duprat