Patents by Inventor Rammohan Varadarajan
Rammohan Varadarajan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20140040629Abstract: A system and method is provided for generating a one-time passcode (OTP) from a user device. The method includes providing a passcode application and a cardstring defined by a provider account to the user device. The passcode application is configured to generate a passcode configured as a user OTP for the provider account, using the cardstring. The cardstring is defined by at least one key camouflaged with a personal identification number (PIN). The key may be camouflaged by modifying and encrypting the modified key under the PIN. The key may be configured as a symmetric key, a secret, a seed, and a controlled datum. The cardstring may be an EMV cardstring; and the key may be a UDKA or UDKB. The cardstring may be an OTP cardstring, and the key may be a secret configurable to generate one of a HOTP, a TOTP, and a counter-based OTP.Type: ApplicationFiled: October 14, 2013Publication date: February 6, 2014Applicant: Computer Associates Think, Inc.Inventors: Geoffrey R. Hird, Rammohan Varadarajan
-
Patent number: 8615468Abstract: A method and system is provided for generating a dynamic card value (DCV) from a mobile user device for use in a transaction between a user cardholder and a transaction provider. The DCV may be configured for use as a card verification value (CVV), also known as a card security code (CSC), a primary account number (PAN), or a portion of a PAN. The DCV may be generated using a DCV generator which may include an algorithm and a DCV generation key. The DCV generation key may be camouflaged. Obtaining a DCV from the user device may require inputting a PIN, a device identifier, a challenge or transaction information. The DCV may be used for any transaction requiring the input of a user identification number and a verification value, including, credit card transactions, debit card transactions, online or telephonic transactions.Type: GrantFiled: January 25, 2011Date of Patent: December 24, 2013Assignee: CA, Inc.Inventor: Rammohan Varadarajan
-
Patent number: 8613065Abstract: This invention relates to a method and a system for generating user passcodes for each of a plurality of transaction providers from a mobile user device. A method and system for activating a plurality of passcode generators on a user device configured with a passcode application installed on the user device is provided. Each of the passcode generators may correspond to a different user account or transaction provider, such that each passcode generator provides a user passcode configured for the corresponding account or transaction provider. One or more of the passcode generators may include a passcode generating algorithm and a passcode key. Access to one or more of the passcode generators may require providing a PIN or a challenge.Type: GrantFiled: February 4, 2011Date of Patent: December 17, 2013Assignee: CA, Inc.Inventors: Geoffrey Hird, Rammohan Varadarajan, James D. Reno
-
Publication number: 20130332741Abstract: A method is provided for generating a human readable passcode to an authorized user including providing a control access datum and a PIN, and generating a unique machine identifier for the user machine. The method further includes modifying the controlled access datum, encrypting the controlled access datum using the PIN and/or a unique machine identifier to camouflage the datum, and generating a passcode using the camouflaged datum and the PIN and/or the unique machine identifier. A mobile user device may be used to execute the method in one embodiment. The passcode may be used to obtain transaction authorization and/or access to a secured system or secured data. The unique machine identifier may be defined by a machine effective speed calibration derived from information collected from and unique to the user machine.Type: ApplicationFiled: August 13, 2013Publication date: December 12, 2013Applicant: CA, Inc.Inventors: Geoffrey Hird, Rammohan Varadarajan
-
Patent number: 8572394Abstract: A system and method is provided for generating a one-time passcode (OTP) from a user device. The method includes providing a passcode application and a cardstring defined by a provider account to the user device. The passcode application is configured to generate a passcode configured as a user OTP for the provider account, using the cardstring. The cardstring is defined by at least one key camouflaged with a personal identification number (PIN). The key may be camouflaged by modifying and encrypting the modified key under the PIN. The key may be configured as a symmetric key, a secret, a seed, and a controlled datum. The cardstring may be an EMV cardstring; and the key may be a UDKA or UDKB. The cardstring may be an OTP cardstring, and the key may be a secret configurable to generate one of a HOTP, a TOTP, and a counter-based OTP.Type: GrantFiled: August 30, 2010Date of Patent: October 29, 2013Assignee: Computer Associates Think, Inc.Inventors: Geoffrey R. Hird, Rammohan Varadarajan
-
Patent number: 8533460Abstract: A method is provided for generating a human readable passcode to an authorized user including providing a control access datum and a PIN, and generating a unique machine identifier for the user machine. The method further includes modifying the controlled access datum, encrypting the controlled access datum using the PIN and/or a unique machine identifier to camouflage the datum, and generating a passcode using the camouflaged datum and the PIN and/or the unique machine identifier. A mobile user device may be used to execute the method in one embodiment. The passcode may be used to obtain transaction authorization and/or access to a secured system or secured data. The unique machine identifier may be defined by a machine effective speed calibration derived from information collected from and unique to the user machine.Type: GrantFiled: November 3, 2010Date of Patent: September 10, 2013Assignee: Computer Associates Think, Inc.Inventors: Geoffrey R. Hird, Rammohan Varadarajan
-
Publication number: 20130124855Abstract: Systems, apparatus, methods, and computer program products for using quick response (QR) codes for authenticating users to ATMs and other secure machines for cardless transactions are disclosed. Embodiments of the present disclosure read an image displayed on a display of an external device using a mobile device associated with a user authorized to access a secure resource, decode transaction information encoded in the image, transmit the transaction information and an identifier of the mobile device from the mobile device to an authentication system, and grant access to the secure resource if the transaction information and the identifier satisfy an authentication test performed at the authentication system.Type: ApplicationFiled: August 29, 2012Publication date: May 16, 2013Applicant: CA, INC.Inventors: Rammohan VARADARAJAN, Ambarish MALPANI
-
Patent number: 8381266Abstract: A method and system for identifying a machine used for an online session with an online provider includes executing a lightweight fingerprint code from a provider interface during an online session to collect and transmit machine and session information; generating and storing a machine signature or identity including a machine effective speed calibration (MESC) which may be used to identify the machine when the machine is used in a subsequent online session by a method of matching the machine signature and MESC to a database of machine identities, analyzing a history of the machine's online sessions to identify one or more response indicators, such as fraud indicators, and executing one or more responses to the response indicators, such as disabling a password or denying an online transaction, where the response and response indicator may be provider-designated.Type: GrantFiled: October 25, 2010Date of Patent: February 19, 2013Assignee: Computer Associates Think, Inc.Inventors: Venkata Babji Sama, Suril Rajul Desai, Rammohan Varadarajan
-
Publication number: 20110276495Abstract: According to the invention, a method of using a one-time password for a transaction between a user and a merchant is disclosed. The method may include generating the one-time password. The method may also include authenticating the user by the authentication server in response to a request from the user to use the one-time password. The method may further include authorizing the use of the one-time password for the transaction in response to authenticating the user by the authentication server. The method may moreover include using the one-time password in combination with an account number to settle the transaction between the user and the merchant. The method may additionally include sending a message to the authentication server originating from the merchant, wherein the message comprises the one-time password, and wherein the message requests a determination whether the one-time password is authorized for use in the transaction.Type: ApplicationFiled: May 9, 2011Publication date: November 10, 2011Applicant: Computer Associates Think, Inc.Inventors: Rammohan Varadarajan, Ambarish Malpani
-
Publication number: 20110238573Abstract: A method and system are provided for conducting automatic teller machine (ATM) transactions without the use of an ATM card, using a mobile user device. The mobile user device communicates with an ATM, a provider interface or a network. The ATM communicates with the mobile user device through a contact or contactless means, which may include communication through any wireless connection such as RFID, Bluetoothâ„¢ or other near field communication means, or through a USB port or other means of contact. A mobile user device may provide transaction information or authentication information to an ATM or to an authentication system in communication with an ATM. The transaction may be associated with the user's ATM account or another account. The mobile user device may generate a dynamic value which may be used as a password, an authentication value, an account identifier or a transaction identifier.Type: ApplicationFiled: March 15, 2011Publication date: September 29, 2011Applicant: Computer Associates Think, Inc.Inventor: Rammohan Varadarajan
-
Publication number: 20110202984Abstract: This invention relates to a method and a system for generating user passcodes for each of a plurality of transaction providers from a mobile user device. A method and system for activating a plurality of passcode generators on a user device configured with a passcode application installed on the user device is provided. Each of the passcode generators may correspond to a different user account or transaction provider, such that each passcode generator provides a user passcode configured for the corresponding account or transaction provider. One or more of the passcode generators may include a passcode generating algorithm and a passcode key. Access to one or more of the passcode generators may require providing a PIN or a challenge.Type: ApplicationFiled: February 4, 2011Publication date: August 18, 2011Applicant: Arcot Systems, Inc.Inventors: Geoffrey Hird, Rammohan Varadarajan, James D. Reno
-
Publication number: 20110184867Abstract: A method and system is provided for generating a dynamic card value (DCV) from a mobile user device for use in a transaction between a user cardholder and a transaction provider. The DCV may be configured for use as a card verification value (CVV), also known as a card security code (CSC), a primary account number (PAN), or a portion of a PAN. The DCV may be generated using a DCV generator which may include an algorithm and a DCV generation key. The DCV generation key may be camouflaged. Obtaining a DCV from the user device may require inputting a PIN, a device identifier, a challenge or transaction information. The DCV may be used for any transaction requiring the input of a user identification number and a verification value, including, credit card transactions, debit card transactions, online or telephonic transactions.Type: ApplicationFiled: January 25, 2011Publication date: July 28, 2011Applicant: Arcot Systems, Inc.Inventor: Rammohan Varadarajan
-
Publication number: 20110113245Abstract: A method and system is provided for generating a one-time passcode (OTP) configured for use as a personal identification number (PIN) for a user account from a user device. The OTP may be generated using an OTP generator which may include an algorithm an user account-specific OTP key. The OTP key may be camouflaged by encryption, obfuscation or cryptographic camouflaging using a PIN or a unique machine identifier defined by the user device. Obtaining an OTP from the user device may require inputting a data element which may be one of a PIN, a character string, an image, a biometric parameter, a user device identifier such as an machine effective speed calibration (MESC), or other datum. The OTP may be used for any transaction requiring a user PIN input, including ATM and debit card transactions, secure access and online transactions.Type: ApplicationFiled: November 10, 2010Publication date: May 12, 2011Applicant: Arcot Systems, Inc.Inventor: Rammohan Varadarajan
-
Publication number: 20110113237Abstract: A method is provided for generating a human readable passcode to an authorized user including providing a control access datum and a PIN, and generating a unique machine identifier for the user machine. The method further includes modifying the controlled access datum, encrypting the controlled access datum using the PIN and/or a unique machine identifier to camouflage the datum, and generating a passcode using the camouflaged datum and the PIN and/or the unique machine identifier. A mobile user device may be used to execute the method in one embodiment. The passcode may be used to obtain transaction authorization and/or access to a secured system or secured data. The unique machine identifier may be defined by a machine effective speed calibration derived from information collected from and unique to the user machine.Type: ApplicationFiled: November 3, 2010Publication date: May 12, 2011Applicant: Arcot Systems, Inc.Inventors: Geoffrey Hird, Rammohan Varadarajan
-
Publication number: 20110099480Abstract: A method and system for identifying a machine used for an online session with an online provider includes executing a lightweight fingerprint code from a provider interface during an online session to collect and transmit machine and session information; generating and storing a machine signature or identity including a machine effective speed calibration (MESC) which may be used to identify the machine when the machine is used in a subsequent online session by a method of matching the machine signature and MESC to a database of machine identities, analyzing a history of the machine's online sessions to identify one or more response indicators, such as fraud indicators, and executing one or more responses to the response indicators, such as disabling a password or denying an online transaction, where the response and response indicator may be provider-designated.Type: ApplicationFiled: October 25, 2010Publication date: April 28, 2011Applicant: Arcot Systems, Inc.Inventors: Venkata Babji Sama, Suril Rajul Desai, Rammohan Varadarajan
-
Publication number: 20110060913Abstract: A system and method is provided for generating a one-time passcode (OTP) from a user device. The method includes providing a passcode application and a cardstring defined by a provider account to the user device. The passcode application is configured to generate a passcode configured as a user OTP for the provider account, using the cardstring. The cardstring is defined by at least one key camouflaged with a personal identification number (PIN). The key may be camouflaged by modifying and encrypting the modified key under the PIN. The key may be configured as a symmetric key, a secret, a seed, and a controlled datum. The cardstring may be an EMV cardstring; and the key may be a UDKA or UDKB. The cardstring may be an OTP cardstring, and the key may be a secret configurable to generate one of a HOTP, a TOTP, and a counter-based OTP.Type: ApplicationFiled: August 30, 2010Publication date: March 10, 2011Applicant: Arcot Systems, Inc.Inventors: Geoffrey Hird, Rammohan Varadarajan
-
Publication number: 20090138706Abstract: Techniques for efficiently searching encrypted searchable spaces. For example, embodiments of the present invention provide techniques for searching a plurality of files that are stored in encrypted (or ciphertext) form. According to embodiments of the present invention, the search can usually be performed by decrypting only a portion of the encrypted searchable space. According to an embodiment of the present invention, the search techniques determine a set of files comprising one or more files from the plurality of encrypted files that contain a user-specified query element. The set of files is usually determined by decrypting only a subset of the plurality of encrypted files.Type: ApplicationFiled: December 7, 2008Publication date: May 28, 2009Applicant: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rammohan Varadarajan
-
Patent number: 7484092Abstract: Techniques for efficiently searching encrypted searchable spaces. For example, embodiments of the present invention provide techniques for searching a plurality of files that are stored in encrypted (or ciphertext) form. According to embodiments of the present invention, the search can usually be performed by decrypting only a portion of the encrypted searchable space. According to an embodiment of the present invention, the search techniques determine a set of files comprising one or more files from the plurality of encrypted files that contain a user-specified query element. The set of files is usually determined by decrypting only a subset of the plurality of encrypted files.Type: GrantFiled: March 11, 2002Date of Patent: January 27, 2009Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rammohan Varadarajan
-
Patent number: 7111789Abstract: Techniques are disclosed to increase the efficiency of multi-party authentication communications protocols. One technique includes a four party authentication method utilizing a general authenticator to store and provide a credit card authentication password and other payment information to an issuing bank and/or other parties involved in the transaction. Other techniques include the use of skeleton messages to minimize the forwarding of information through a forwarding party, the elimination of redundant communications exchanges, the use of a merchant appliance hardware solution to minimize system integration difficulties, and/or the imposition of credit card constraints. The techniques may be used singly or in combination.Type: GrantFiled: August 22, 2002Date of Patent: September 26, 2006Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, James Reno, Rammohan Varadarajan, Sanjay Vyas, Do-Pil Park, Robert Jerdonek
-
Patent number: 6908030Abstract: An online transaction is effected between a user system, a merchant system and an issuer system. The user system generates a one-time number (OTN) to use as a card number for a transaction with the merchant. The user system generates the OTN as a function of various parameters and sends the OTN to the issuer and to the merchant. With the issuer communication, the user is first authenticated, so the issuer can associate the received OTN with the user even if the user's identity cannot be fully discerned from the OTN alone. In authenticating the user with the issuer, and possibly other authentications, the user sends the issuer a signed challenge where the challenge is a sequential challenge or a function of a prior challenge provided by the issuer. The issuer responds with an approval/denial message and, in the latter case, includes the next challenge to be used.Type: GrantFiled: October 31, 2001Date of Patent: June 21, 2005Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rammohan Varadarajan