Patents by Inventor Roopesh Joshi
Roopesh Joshi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11877213Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.Type: GrantFiled: December 17, 2021Date of Patent: January 16, 2024Assignee: Visa International Service AssociationInventors: James Gordon, Roopesh Joshi, David Horton, Johan Van Tilburg
-
Publication number: 20230231715Abstract: A computer-implemented method performed by a user device is provided. The computer-implemented method includes receiving a message including an encrypted credential from a server computer; determining a response shared secret using a private key and a server public key; decrypting the encrypted credential using the response shared secret to determine a credential; obtaining a key derivation parameter from the credential; determining a first cryptogram key using the key derivation parameter; generating a first cryptogram using the first cryptogram key; and sending the first cryptogram to a second computer.Type: ApplicationFiled: January 19, 2023Publication date: July 20, 2023Applicant: Visa International Service AssociationInventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Patent number: 11588637Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: GrantFiled: May 5, 2021Date of Patent: February 21, 2023Assignee: Visa International Service AssociationInventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Publication number: 20220116745Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.Type: ApplicationFiled: December 17, 2021Publication date: April 14, 2022Inventors: James Gordon, Roopesh Joshi, David Horton, Johan Van Tilburg
-
Patent number: 11234105Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.Type: GrantFiled: September 29, 2015Date of Patent: January 25, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: James Gordon, Roopesh Joshi, David Horton, Johan Van Tilburg
-
Publication number: 20210258162Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: ApplicationFiled: May 5, 2021Publication date: August 19, 2021Inventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Patent number: 11032075Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: GrantFiled: June 17, 2019Date of Patent: June 8, 2021Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Patent number: 10826702Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: GrantFiled: May 22, 2019Date of Patent: November 3, 2020Assignee: Visa International Service AssociationInventors: James Gordon, Roopesh Joshi, David Horton
-
Publication number: 20190305953Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: ApplicationFiled: June 17, 2019Publication date: October 3, 2019Inventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Publication number: 20190273615Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: ApplicationFiled: May 22, 2019Publication date: September 5, 2019Inventors: James Gordon, Roopesh Joshi, David Horton
-
Patent number: 10389533Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: GrantFiled: October 2, 2017Date of Patent: August 20, 2019Assignee: Visa International Service AssociationInventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Patent number: 10341111Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: GrantFiled: August 21, 2018Date of Patent: July 2, 2019Assignee: Visa International Service AssociationInventors: James Gordon, Roopesh Joshi, David Horton
-
Publication number: 20180359093Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: ApplicationFiled: August 21, 2018Publication date: December 13, 2018Inventors: James Gordon, Roopesh Joshi, David Horton
-
Patent number: 10116447Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: GrantFiled: February 17, 2016Date of Patent: October 30, 2018Assignee: Visa International Service AssociationInventors: James Gordon, Roopesh Joshi, David Horton
-
Publication number: 20180026787Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. A secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. The user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key, which can be used to generate a cryptogram for conducting secure communications.Type: ApplicationFiled: October 2, 2017Publication date: January 25, 2018Inventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Patent number: 9813245Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. In some embodiments, a secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. For example, the user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can also derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key. The cryptogram key can be used to generate a cryptogram for conducting secure communications.Type: GrantFiled: August 31, 2015Date of Patent: November 7, 2017Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Eric Le Saint, James Gordon, Roopesh Joshi
-
Publication number: 20160241402Abstract: An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.Type: ApplicationFiled: February 17, 2016Publication date: August 18, 2016Inventors: James Gordon, Roopesh Joshi, David Horton
-
Publication number: 20160092871Abstract: Techniques for obfuscating and deploying digital assets (e.g., mobile applications) are provided to mitigate the risk of unauthorized disclosure. An asset can be received that is to be deployed to a plurality of mobile devices, each of the mobile devices associated with a corresponding account having account attributes. A deployment group of one or more mobile devices for deploying the asset can be identified based on a set of one or more obfuscation parameters, comprising account attributes shared among the one or more mobile devices within the deployment group. A customized obfuscation scheme to be applied to the asset can be determined based at least in part on the set of obfuscation parameters. The customized obfuscation scheme can be applied to the asset to generate an obfuscated asset. The obfuscated asset can be transmitted and/or updated over a network to the one or more mobile devices within the deployment group.Type: ApplicationFiled: September 29, 2015Publication date: March 31, 2016Inventors: James Gordon, Roopesh Joshi, David Horton, Johan Van Tilburg
-
Publication number: 20160065370Abstract: Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. In some embodiments, a secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. For example, the user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can also derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key. The cryptogram key can be used to generate a cryptogram for conducting secure communications.Type: ApplicationFiled: August 31, 2015Publication date: March 3, 2016Inventors: Eric Le Saint, James Gordon, Roopesh Joshi