Patents by Inventor Ravi Ganesan

Ravi Ganesan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190238531
    Abstract: To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user's signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret.
    Type: Application
    Filed: April 9, 2019
    Publication date: August 1, 2019
    Applicant: EARLY WARNING SERVICES, LLC
    Inventor: Ravi Ganesan
  • Patent number: 10305886
    Abstract: An Identity Exchange that communicates and processes data exchanged between Identity Providers (IdP) and Relying Partys (RP) remains blinded from the attribute values of the data flowing through it. To make this happen each IdP and RP are issued anonymous certificates by a Certificate Authority, using which they perform key exchange with each other to exchange session keys, which are used subsequently to encrypt/decrypt all attribute values they exchange via the Identity Exchange.
    Type: Grant
    Filed: May 25, 2016
    Date of Patent: May 28, 2019
    Inventor: Ravi Ganesan
  • Patent number: 10284549
    Abstract: To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user's signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret.
    Type: Grant
    Filed: February 4, 2016
    Date of Patent: May 7, 2019
    Assignee: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Patent number: 10210488
    Abstract: Systems and methods for making a payment on behalf of a payer to a payee are provided. A request to make a payment on behalf of a payer to a payee is received at a first payment service provider. The first payment service provider supports a first payment network within a plurality of payment networks that each include a respective plurality of payers and payees. The payer is one of the plurality of payers and payees associated with the first payment network, and the payor is not one of the plurality of payers and payees associated with the first payment network. A second payment network within the plurality of payment networks with which the payee is associated is identified by the first payment service provider. A payment instruction to make the payment to the payee is transmitted by the first payment service provider to a second payment service provider associated with the second payment network.
    Type: Grant
    Filed: December 18, 2014
    Date of Patent: February 19, 2019
    Assignee: CheckFree Services Corporation
    Inventors: Peter Kight, Ravi Ganesan, Matthew Sheridan Lewis, Donald Kenneth Hobday, Jr., Hans Daniel Dreyer
  • Publication number: 20180288008
    Abstract: A 3BIES Discovery Service and Certificate Authority that can issue anonymized certificates allow for a traditional identity federation to perform its functions while the true identity of the Identity Provider and Service Provider are blinded from each other. This is called double blinding and we first describe how this can happen without the presence of an Identity Exchange. When an Identity Exchange is introduced it also becomes necessary to ensure that the Exchange itself does not become a single point of catastrophic failure. To avoid this we introduce the notion of triple blinding. Finally, we also point out that this design makes it possible for user's to request anonymous attestation; wherein the Service Provider does not learn their identity.
    Type: Application
    Filed: April 1, 2017
    Publication date: October 4, 2018
    Inventor: Ravi Ganesan
  • Patent number: 10050958
    Abstract: To validate a user's identity a network validation server receives a smartphone image of a preexisting user credential, including both a user biometric and a unique identifier associated with the credential and stores them in a database. The validation server also receives the unique identifier from a registrar network device seeking to validate the user, and in response transmits a validation code to the user's smartphone for display by the user's smartphone and/or the registrar's network device for display by the registrar's network device. The validation server additionally receives confirmation from the registrar's network device that a validation code displayed on the user's smartphone is the transmitted validation, thereby confirming that the user has been validated by the registrar.
    Type: Grant
    Filed: May 4, 2017
    Date of Patent: August 14, 2018
    Inventor: Ravi Ganesan
  • Patent number: 10025920
    Abstract: A method of operating a security server to securely transact business between a user and an enterprise via a network includes receiving, at the security server from an enterprise with which the user is currently connected via the network, a request of the enterprise to activate a secure communications channel over the network between the user and the security server. The request includes contact information for contacting the user via other than the network. The security server, in response, transmits an activation code for delivery to the user via other than the network and in a manner corresponding to the received contact information. The security server receives, from the user via the network, an activation code and compares the received activation code with the transmitted activation code to validate the received activation code. The secure communications channel is then activated based on the validation of the received activation code.
    Type: Grant
    Filed: June 7, 2012
    Date of Patent: July 17, 2018
    Assignee: Early Warning Services, LLC
    Inventors: Peter George Tapling, Andrew Robert Rolfe, Ravi Ganesan
  • Publication number: 20180197167
    Abstract: A person-to-person (P2P) payment system provides payment from a payer to a payee without the payer identifying a payee payment receiving preference, such as the payee account into which funds are to be posted. The payment system includes a setup system for setting up payment between the payer and the payee and a messaging system for handling messages between the payer and the payment system and the payee and the payment system, including communications with the payee by way of a payee phone number or email address provided by the payer. A risk assessment system determines a risk score for the P2P transaction and, based on that score, the bank of the payer provides a guarantee to the bank of the payee.
    Type: Application
    Filed: January 11, 2017
    Publication date: July 12, 2018
    Applicant: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Patent number: 9832183
    Abstract: A portable apparatus is removably and communicatively connectable to a network device to communicate authentication or authorization credentials of a user in connection with the user logging into or entering into a transaction with a network site. The apparatus includes a communications port to connect and disconnect the apparatus to and from the network device and to establish a communication link with the network device when connected thereto. A processor receives a secure message from the network security server via the port. The message has a PIN for authenticating the user to the network site, and is readable only by the apparatus. The processor either transfers, via the port, the received PIN to an application associated with the network site that is executing on the network device or causes the apparatus to display the received PIN for manual transfer to the application associated with the network site.
    Type: Grant
    Filed: October 21, 2015
    Date of Patent: November 28, 2017
    Assignee: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Publication number: 20170237731
    Abstract: To validate a user's identity a network validation server receives a smartphone image of a preexisting user credential, including both a user biometric and a unique identifier associated with the credential and stores them in a database. The validation server also receives the unique identifier from a registrar network device seeking to validate the user, and in response transmits a validation code to the user's smartphone for display by the user's smartphone and/or the registrar's network device for display by the registrar's network device. The validation server additionally receives confirmation from the registrar's network device that a validation code displayed on the user's smartphone is the transmitted validation, thereby confirming that the user has been validated by the registrar.
    Type: Application
    Filed: May 4, 2017
    Publication date: August 17, 2017
    Inventor: Ravi GANESAN
  • Patent number: 9716691
    Abstract: A security server receives a request of a user to activate a secure communications channel over the network and, in response, transmits an activation code for delivery to the user via another network. The security server receives an activation code from the user network device via the network, compares the received activation code with the transmitted activation code to validate the received activation code, and activates the secure communications channel based on the validation. The security server next receives a query including a question for the user from an enterprise represented on the network, transmits the received enterprise query to the user network device via the secure communications channel, and receives, from the user network device via the secure communications channel, a user answer to the transmitted enterprise query. The security server then transmits the received user answer to the enterprise to further authenticate the user to the enterprise.
    Type: Grant
    Filed: June 7, 2012
    Date of Patent: July 25, 2017
    Assignee: Early Warning Services, LLC
    Inventors: Peter George Tapling, Andrew Robert Rolfe, Ravi Ganesan, Sally Sheward
  • Patent number: 9712525
    Abstract: To validate a user's identity a network validation server receives a smartphone image of a preexisting user credential, including both a user biometric and a unique identifier associated with the credential and stores them in a database. The validation server also receives the unique identifier from a registrar network device seeking to validate the user, and in response transmits a validation code to the user's smartphone for display by the user's smartphone and/or the registrar's network device for display by the registrar's network device. The validation server additionally receives confirmation from the registrar's network device that a validation code displayed on the user's smartphone is the transmitted validation, thereby confirming that the user has been validated by the registrar.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: July 18, 2017
    Inventor: Ravi Ganesan
  • Patent number: 9712519
    Abstract: A network server is operated so as to facilitate legal eavesdropping by receiving, from the first user via a network, a session key (SK) encrypted with a second user's public key, kpubU2, and the SK encrypted with an escrow server's (ES) public key, kpubES. The kpubU2 key is the public key of the second user asymmetric private/public key pair kpriU2/kpubU2 The kpubES key is the public key of the ES asymmetric private/public key pair kpriES/kpubES. The received SK encrypted with kpubES is stored. The SK encrypted with kpubU2 is transmitted to the second user via the network. A message encrypted with the SK is received from one of the first and the second users via the network, stored, and transmitted to the other of the first and the second users via the network.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: July 18, 2017
    Assignee: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Patent number: 9674167
    Abstract: The present invention provides a new method of site and user authentication. This is achieved by creating a pop-up window on the user's PC that is in communication with a security server, and where this communication channel is separate from the communication between the user's browser and whichever web site they are at. A legitimate web site embeds code in the web page which communicates to the security server from the user's desktop. The security server checks the legitimacy of the web site and then signals both the web page on the user's browser, as well as the pop-up window to which it has a separate channel. The security server also sends a random image to both the pop-up window and the browser. If user authentication is requested by the web site the user is first authenticated by the security server for instance by out of band authentication. Then the security server computes a one time password based on a secret it shares with the web site and sends it to the pop up window.
    Type: Grant
    Filed: April 15, 2013
    Date of Patent: June 6, 2017
    Assignee: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Publication number: 20170149769
    Abstract: Transaction authentication with techniques and geolocation are combined to provide privacy and security enhanced geolocation. In an example implementation, a user initiates a transaction at a web service which in turns triggers a security server. The security server uses its always on connection with the combined client on user security device to perform geolocation, proximity and transaction authentication. These results may be used by the web service to make a decision on whether to proceed with the transaction.
    Type: Application
    Filed: February 1, 2017
    Publication date: May 25, 2017
    Applicant: Early Warning Services, LLC
    Inventor: Ravi Ganesan
  • Patent number: 9444809
    Abstract: A portable apparatus is removably and communicatively connectable to a network device to communicate authentication or authorization credentials of a user in connection with the user logging into or entering into a transaction with a network site. The apparatus includes a communications port to connect and disconnect the apparatus to and from the network device and to establish a communication link with the network device when connected thereto. A processor receives a secure message from the network security server via the port. The message has a PIN for authenticating the user to the network site, and is readable only by the apparatus. The processor either transfers, via the port, the received PIN to an application associated with the network site that is executing on the network device or causes the apparatus to display the received PIN for manual transfer to the application associated with the network site.
    Type: Grant
    Filed: June 17, 2014
    Date of Patent: September 13, 2016
    Assignee: AUTHENTIFY, INC.
    Inventor: Ravi Ganesan
  • Publication number: 20160156620
    Abstract: To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user's signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret.
    Type: Application
    Filed: February 4, 2016
    Publication date: June 2, 2016
    Applicant: AUTHENTIFY, INC.
    Inventor: Ravi GANESAN
  • Patent number: 9325702
    Abstract: To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user's signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret.
    Type: Grant
    Filed: July 14, 2014
    Date of Patent: April 26, 2016
    Assignee: AUTHENTIFY, INC.
    Inventor: Ravi Ganesan
  • Publication number: 20160050199
    Abstract: A portable apparatus is removably and communicatively connectable to a network device to communicate authentication or authorization credentials of a user in connection with the user logging into or entering into a transaction with a network site. The apparatus includes a communications port to connect and disconnect the apparatus to and from the network device and to establish a communication link with the network device when connected thereto. A processor receives a secure message from the network security server via the port. The message has a PIN for authenticating the user to the network site, and is readable only by the apparatus. The processor either transfers, via the port, the received PIN to an application associated with the network site that is executing on the network device or causes the apparatus to display the received PIN for manual transfer to the application associated with the network site.
    Type: Application
    Filed: October 21, 2015
    Publication date: February 18, 2016
    Applicant: AUTHENTIFY, INC.
    Inventor: Ravi GANESAN
  • Publication number: 20150381608
    Abstract: A network server is operated so as to facilitate legal eavesdropping by receiving, from the first user via a network, a session key (SK) encrypted with a second user's public key, kpubU2, and the SK encrypted with an escrow server's (ES) public key, kpubES. The kpubU2 key is the public key of the second user asymmetric private/public key pair kpriU2/kpubU2 The kpubES key is the public key of the ES asymmetric private/public key pair kpriES/kpubES. The received SK encrypted with kpubES is stored. The SK encrypted with kpubU2 is transmitted to the second user via the network. A message encrypted with the SK is received from one of the first and the second users via the network, stored, and transmitted to the other of the first and the second users via the network.
    Type: Application
    Filed: August 25, 2015
    Publication date: December 31, 2015
    Applicant: AUTHENTIFY, INC.
    Inventor: Ravi GANESAN