Abstract: A user verification system employs forward and rearward facing imaging devices on a mobile communication device. An image is displayed on the display of a computing device from which a user wishes to access computer services. The user captures the displayed image with one of the imaging devices on the mobile communication device and simultaneously takes a picture of the user. An authentication system compares the displayed image captured by the mobile communication device with a stored image to determine a match. A successful match results in a displayed match indicator. In addition, the captured facial image of the user is compared with a stored image of an authenticated user. A successful match between the captured facial image and the stored image results in the generation of a facial match indicator. Computer access is granted to an authenticated user only if both the captured display image and the captured facial image result in a match with the stored counterpart images.

Abstract: Client and server computers on a network can be authenticated using a shared secret. During a log-on and authentication process, the server transmits an image to the client. A mobile communication device captures and analyzes the image. If the image contains the shared secret, the mobile device can authenticate the server. The secret in the image can be a geometric relationship between elements of the picture, a mathematical relationship between elements, a particular number or types of elements in the picture, colors of elements, or combinations of the above. A single image may contain multiple shared secrets. The mobile device can readily analyze the image to determine if it contains the shared secret and thereby authenticate the server.

Abstract: Computers can be authenticated using a shared secret. During an authentication process, a server transmits an image to a client. A mobile device captures and analyzes the image. If the image contains the shared secret known only to the authentic server and the authentic mobile communication device, the mobile device can authenticate the server. The secret in the image can be readily analyzed. A single image may contain multiple shared secrets. Once the server has been authenticated, the user must modify the image in accordance with a shared modification secret to thereby authentic the user. The modified image is transmitted back to the authenticated server. If the image was properly modified, the user is authenticated.

Abstract: A user verification system employs forward and rearward facing imaging devices on a mobile communication device. An image is displayed on the display of a computing device from which a user wishes to access computer services. The user captures the displayed image with one of the imaging devices on the mobile communication device and simultaneously takes a picture of the user. An authentication system compares the displayed image captured by the mobile communication device with a stored image to determine a match. A successful match results in a displayed match indicator. In addition, the captured facial image of the user is compared with a stored image of an authenticated user. A successful match between the captured facial image and the stored image results in the generation of a facial match indicator. Computer access is granted to an authenticated user only if both the captured display image and the captured facial image result in a match with the stored counterpart images.

Abstract: Computers can be authenticated using automatically combined images. During an authentication process, a server transmits an image to a client. The transmitted image is combined with a stored image using a randomly selected logical operator to generate a combined image. The combined image is transmitted back to the server. The server has a copy of the transmitted image and the stored image and generates a series of template combined images using different logical operators selected from a set of logical operators to determine whether any of the template combined images match the received combined image. If the received combined image matches one of the template combined images, the user is authenticated.

Abstract: Wireless communication devices can be designated for group communication. A communication device, which may be part of the designated communication group, originates an emergency message to the communication group. Upon receipt of the emergency message, each wireless communication device that receives the message generates an alarm to alert the user to the arrival of an emergency message. Upon receipt of the emergency message, the user of each of the communication devices activates a response device to indicate that the emergency message has been received. The message originator receives the confirmation messages to determine that each of the members of the communication group have received the emergency message. If a device has not received the emergency message, transmission may be repeated or messages sent to the other group members to notify them of the failure of the device to respond to the emergency message.

Abstract: A panic button is activated in a wireless communication device to transmit an emergency message. Upon activation, the wireless communication device will monitor one or more predetermined tones in an OFDM system for confirmation that the emergency message has been received. If the emergency message confirmation has not been received, the wireless device can increase the effective transmission level and transmit the emergency message again. The cycle can be repeated where the effective transmission signal strength is repeatedly increased until the confirmation signal is received or until the device reaches its maximum output power. If the message is received, the emergency mode may be deactivated and the repeated transmissions terminated. The device can transmit geo-location data as part of the emergency message and may include an audible alarm activated by the panic button or remotely activated.

Abstract: A broadband push-to-talk communication system provides identity data to uniquely identify a message sender in a group communication. The individual wireless devices that are part of a group call are each assigned a unique identity, which may be an IP address and/or other identity. When a PTT communication is initiated, the transmitting device transmits identity data in addition to the message. The message and identity data are relayed to each wireless device designated as part of a group call to permit unambiguous identification of the transmitting unit. When the PTT communication is terminated, the group members receive a terminating packet that will delete the sender identity. In addition to identity data, location data and other auxiliary data may also be transmitted to all group members.

Abstract: A transaction authentication system uses a mobile unit to connect with a wireless network and with an authentication station using a short-range transceiver. Prior to a transaction, the mobile unit transmits an Identity to an authentication processor using the wireless provider network and receives a Hash and Identifiers therefrom. During a transaction, the mobile unit connects to an authentication station using a short-range air link and transmits its Hash. The authentication station transmits the received Hash to the authentication processor, which confirms the Identity of the mobile unit. If identified, the authentication processor sends a Private Identifier to the authentication station and the mobile unit connects using an air link with the Private Identifier. The authentication station sends a success message if it connects to the mobile unit using the Private Identifier air link. A device authentication message is sent to a transaction processor to process the requested transaction.

Abstract: A transaction authentication system uses a computer network and mobile telephone network to authenticate a user. The user initiates a transaction and provides an identity token, such as the mobile telephone number. The identity token is used by an authentication server to initiate the issuance of a new temporary identity for the corresponding mobile device. The new temporary identity is forwarded from the mobile device to the authentication server which issues a security code if there is a match between the new temporary identities. The security code is forwarded to a transaction server which relays it to the authentication server. If the forwarded security code matches the generated security code, the transaction is permitted to continue.

Abstract: Client and server computers on a network can be authenticated using a shared secret. During a log-on and authentication process, the server transmits an image to the client. A mobile communication device captures and analyzes the image. If the image contains the shared secret, the mobile device can authenticate the server. The secret in the image can be a geometric relationship between elements of the picture, a mathematical relationship between elements, a particular number or types of elements in the picture, colors of elements, or combinations of the above. A single image may contain multiple shared secrets. The mobile device can readily analyze the image to determine if it contains the shared secret and thereby authenticate the server.

Abstract: The identity of a mobile communication device can be authenticated to allow the device to access a web site without the need for a user log-in operation. The mobile device stores an identity token and sends it to the web server in the web browser data stream. Additionally, the mobile device transmits an identity token to an authentication entity using a data stream other than the web browser data. The authentication entity queries the wireless network to verify authentication of the mobile device. The identity token may be the mobile telephone number itself, a temporary mobile subscriber identity assigned by the mobile network, or encrypted or hashed versions of either. Alternatively, a new temporary mobile subscriber identity may be sent to the mobile device and retransmitted back to the authentication entity.

Abstract: A system to verify user identity on a computer uses a server with a set of stored or created images. An image is selected and transmitted over a computer network to the computer whose user identity is to be verified. The user captures the image on a mobile communication device using, by way of example, a built-in camera. The captured image is transmitted via a public mobile network back to the server where the captured image is compared with the stored image. If the images match, the user identity is verified. In another embodiment, multiple images may be displayed and user-selectable options are selected by capturing one of the multiple images.

Abstract: A user can specify rules governing access to location information for a portable device. The rules can impose time, date and location restrictions as well as impose restrictions regarding the type of location information that can be disclosed. The rules for the portable device are stored in association with a unique portable device identifier. Multiple devices owned by the same user can have separate sets of rules or identical rules. A uniform application program interface is provided to permit a third party to request location information. When a request is received, the rules database is accessed to determine whether the request can proceed and what limitations are imposed on the location information. The allowed location information is returned to the third party requester. The system allows the user to allow all or block all location information and provides an override mechanism to allow location information in the event of an emergency call.

Abstract: A system to verify user identity on a computer uses a server with a set of stored or created images. An image is selected and transmitted over a computer network to the computer whose user identity is to be verified. The user captures the image on a mobile communication device using, by way of example, a built-in camera. The captured image is transmitted via a public mobile network back to the server where the captured image is compared with the stored image. If the images match, the user identity is verified. In another embodiment, multiple images may be displayed and user-selectable options are selected by capturing one of the multiple images.

Abstract: A transaction authentication system uses a computer network and mobile telephone network to authenticate a user. The user initiates a transaction and provides an identity token, such as the mobile telephone number. The identity token is used by an authentication server to initiate the issuance of a new temporary identity for the corresponding mobile device. The new temporary identity is forwarded from the mobile device to the authentication server which issues a security code if there is a match between the new temporary identities. The security code is forwarded to a transaction server which relays it to the authentication server. If the forwarded security code matches the generated security code, the transaction is permitted to continue.

Abstract: The identity of a mobile communication device can be authenticated to allow the device to access a web site without the need for a user log-in operation. The mobile device stores an identity token and sends it to the web server in the web browser data stream. Additionally, the mobile device transmits an identity token to an authentication entity using a data stream other than the web browser data. The authentication entity queries the wireless network to verify authentication of the mobile device. The identity token may be the mobile telephone number itself, a temporary mobile subscriber identity assigned by the mobile network, or encrypted or hashed versions of either. Alternatively, a new temporary mobile subscriber identity may be sent to the mobile device and retransmitted back to the authentication entity.

Abstract: A system to permit push-to-talk communications in an orthogonal frequency division multiplexed (OFDM) communication network. Individual wireless communication devices that are part of a Group Call are assigned the same set or sets of OFDM tones for a downlink timeslot. Because each wireless communication device receives the same set of tones, each device will receive a communication simultaneously. The assigned OFDM tones need not be contiguous within a block of available tones. Because a large number of OFDM tones are available, the concept may be extended to a large number of groups that each separately support a Group Call function.

Abstract: A system and method for delivering coupon messages to a consumer wireless device utilizes a fixed communication device that functions as a base station for the consumer wireless device. The fixed communication device has limited coverage zone. When the consumer wireless device comes within the coverage zone of the fixed communication device, the consumer wireless device selects the fixed communication device as the preferred base station. Upon completion of registration, the fixed communication device transmits one or more coupon messages to the consumer wireless device. The consumer may enter the associated retail establishment and complete a transaction using the received coupon message. The consumer wireless device may be viewed manually, or the display scanned or read electronically to accept the coupon message in the retail establishment.

Abstract: A system for robust transmission in an orthogonal frequency division multiplexed (OFDM) communication network is disclosed. An individual wireless communication device is assigned a set of OFDM tones for transmission in an uplink timeslot. If the received signal is not satisfactory, the number of OFDM tones assigned to the individual wireless communication device may be doubled such that the OFDM signal is duplicated in the additional set of OFDM tones. This process can be extended to multiple additional sets of OFDM tones. The multiple sets of OFDM tones may be combined at the base station to enhance recovery of the original transmitted signal. The assigned OFDM tones need not be contiguous within a block of available tones. Because a large number of OFDM tones are available, the concept may be extended to a large number of duplicate sets of OFDM tones.