Patents by Inventor Simon Laws
Simon Laws has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240104548Abstract: Systems and methods are provided for facilitating contactless payment using cloud-based wallet containing payment credentials (e.g. Visa, Mastercard, American Express) using a near field communication (NFC)-capable device and payment gateway servers. A user can use their existing payment card, herein referred to as a funding card, for contactless payments. A second payment card, herein referred to as a virtual card, is generated. The virtual card is associated with the funding card on a payment gateway server. The virtual card is used on a NFC-enabled mobile device. When a payment is initiated, the virtual card data is sent through the NFC system from a point of sale terminal. This information is sent to the payment gateway server, which retrieves the funding card to make the payment. The funding card, not the virtual card, is used to transfer the money to make payment.Type: ApplicationFiled: December 5, 2023Publication date: March 28, 2024Inventors: Simon LAW, Michael SHVARTSMAN, Pierre Antoine ROBERGE, Peter Thien DUONG
-
Publication number: 20240046252Abstract: Tokens are used for payment systems. The tokens are references or proxies to actual payment credit card or banking card numbers to improve security. However, verification of these tokens are often limited and rigid systems and are prone fraud. An improved token framework system is provided to allow for different entities to provision and verify the tokens using strong identity and strong authentication at the device level. For example, biometric identity and verification using the mobile device is used to authenticate the tokens during provisioning and subsequent transactions.Type: ApplicationFiled: August 4, 2023Publication date: February 8, 2024Inventors: WILLIAM LEDDY, SIMON LAW
-
Patent number: 11863545Abstract: A method for utilizing a registration authority computer to facilitate a certificate signing request is provided. A registration authority computer may receive a certificate signing request associated with a token requestor. The registration authority computer may authenticate the identity of the token requestor and forward the certificate signing request to a certificate authority computer. A token requestor ID and a signed certificate may be provided by the certificate authority computer and forwarded to the token requestor. The token requestor ID may be utilized by the token requestor to generate digital signatures for subsequent token-based transactions.Type: GrantFiled: January 10, 2023Date of Patent: January 2, 2024Assignee: Visa International Service AssociationInventors: Simon Law, Kim R. Wagner
-
Patent number: 11836706Abstract: Systems and methods are provided for facilitating contactless payment using cloud-based wallet containing payment credentials (e.g. Visa, Mastercard, American Express) using a near field communication (NFC)-capable device and payment gateway servers. A user can use their existing payment card, herein referred to as a funding card, for contactless payments. A second payment card, herein referred to as a virtual card, is generated. The virtual card is associated with the funding card on a payment gateway server. The virtual card is used on a NFC-enabled mobile device. When a payment is initiated, the virtual card data is sent through the NFC system from a point of sale terminal. This information is sent to the payment gateway server, which retrieves the funding card to make the payment. The funding card, not the virtual card, is used to transfer the money to make payment.Type: GrantFiled: April 16, 2013Date of Patent: December 5, 2023Inventors: Simon Law, Michael Shvartsman, Pierre Antoine Roberge, Peter Thien Duong
-
Publication number: 20230353360Abstract: A system and techniques are described herein for providing authentication. The technique includes registering user authentication data such as biometrics data with a communication device. The authentication data is linked to an account or service provider, and is used to verify the identity of the user when accessing the account. The communication device may obtain a public/private key pair, for which the public key may be stored on a secure remote server. When the user attempts to access the account or service provider, the user may provide the authentication data to authenticate the user to the communication device. Thereafter, the communication device may sign an authentication indicator using the private key and send the authentication indicator to the secure remote server. Upon verification of the signature using the public key, the secure remote server may grant access to the user, for example, by releasing a token.Type: ApplicationFiled: July 12, 2023Publication date: November 2, 2023Applicant: Visa International Service AssociationInventor: Simon Law
-
Patent number: 11743042Abstract: A system and techniques are described herein for providing authentication. The technique includes registering user authentication data such as biometrics data with a communication device. The authentication data is linked to an account or service provider, and is used to verify the identity of the user when accessing the account. The communication device may obtain a public/private key pair, for which the pubic key may be stored on a secure remote server. When the user attempts to access the account or service provider, the user may provide the authentication data to authenticate the user to the communication device. Thereafter, the communication device may sign an authentication indicator using the private key and send the authentication indicator to the secure remote server. Upon verification of the signature using the public key, the secure remote server may grant access to the user, for example, by releasing a token.Type: GrantFiled: May 2, 2022Date of Patent: August 29, 2023Assignee: Visa International Service AssociationInventor: Simon Law
-
Publication number: 20230269241Abstract: A requestor and a responder may conduct secure communication by making API calls based on a secure multi-party protocol. The requestor may send a request data packet sent in a API request to the responder, where the request data packet can include at least a control block that is asymmetrically encrypted and a data block that is symmetrically encrypted. The responder may return a response data packet to the requestor, where the response data packet can include at least a control block and a data block that are both symmetrically encrypted. The requestor and the responder may derive the keys for decrypting the encrypted portions of the request and response data packets based on some information only known to the requestor and the responder. The secure multi-party protocol forgoes the need to store and manage keys in a hardware security module.Type: ApplicationFiled: May 2, 2023Publication date: August 24, 2023Applicant: Visa International Service AssociationInventors: Rasta A. Mansour, Simon Law
-
Patent number: 11677729Abstract: A requestor and a responder may conduct secure communication by making API calls based on a secure multi-party protocol. The requestor may send a request data packet sent in a API request to the responder, where the request data packet can include at least a control block that is asymmetrically encrypted and a data block that is symmetrically encrypted. The responder may return a response data packet to the requestor, where the response data packet can include at least a control block and a data block that are both symmetrically encrypted. The requestor and the responder may derive the keys for decrypting the encrypted portions of the request and response data packets based on some information only known to the requestor and the responder. The secure multi-party protocol forgoes the need to store and manage keys in a hardware security module.Type: GrantFiled: May 4, 2021Date of Patent: June 13, 2023Assignee: Visa International Service AssociationInventors: Rasta A. Mansour, Simon Law
-
Publication number: 20230155995Abstract: A method for utilizing a registration authority computer to facilitate a certificate signing request is provided. A registration authority computer may receive a certificate signing request associated with a token requestor. The registration authority computer may authenticate the identity of the token requestor and forward the certificate signing request to a certificate authority computer. A token requestor ID and a signed certificate may be provided by the certificate authority computer and forwarded to the token requestor. The token requestor ID may be utilized by the token requestor to generate digital signatures for subsequent token-based transactions.Type: ApplicationFiled: January 10, 2023Publication date: May 18, 2023Applicant: Visa International Service AssociationInventors: Simon Law, Kim R. Wagner
-
Patent number: 11595373Abstract: A method for utilizing a registration authority to facilitate a certificate signing request is disclosed. In at least one embodiment, a registration authority computer may receive a certificate signing request associated with a token requestor. The registration authority may authenticate the identity of the token requestor and forward the certificate signing request to a certificate authority computer. A token requestor ID and a signed certificate may be provided by the certificate authority computer and forwarded to the token requestor. The token requestor ID may be utilized by the token requestor to generate digital signatures for subsequent token-based transactions.Type: GrantFiled: December 28, 2020Date of Patent: February 28, 2023Assignee: Visa International Service AssociationInventors: Simon Law, Kim R. Wagner
-
Patent number: 11574310Abstract: A method is disclosed. The method comprising: receiving, by an access control sewer via a directory sewer from an authentication requestor, an authentication request comprising an account identifier, and information regarding a prior authentication method on the account identifier and a current authentication method for the account identifier associated with a transaction; performing, by the access control server, a risk analysis for the transaction based at least in part on the information and a threshold; authenticating, by the access control server, the user of the account identifier using the information, the account identifier, and a result of the risk analysis; modifying, by the access control server, an authentication response to include an authentication indicator, and transmitting, by the access control sewer, the authentication response to the authentication requestor.Type: GrantFiled: August 16, 2018Date of Patent: February 7, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventor: Simon Law
-
Publication number: 20230020611Abstract: A system is provided that allows users to execute a secure transaction that is authenticated by their user device. Personally identifiable information (PII), such as, but not limited to, biometric authentication data, is locally stored on the user's device so as to protect the PII. A user device private key is associated with the particular user device and the user, and the corresponding public key is registered with a User Device Authentication Alliance server (UDAAS) system. In an online transaction, a LoginID server or an Access Control server interact with the UDAAS to confirm the user is authentic and has confirmed the transaction.Type: ApplicationFiled: September 19, 2022Publication date: January 19, 2023Inventors: SIMON LAW, PASAN CHANKAMA HAPUARACHCHI
-
Patent number: 11451401Abstract: A system is provided that allows users to execute a secure transaction that is authenticated by their user device. Personally identifiable information (PII), such as, but not limited to, biometric authentication data, is locally stored on the user's device so as to protect the PII. A user device private key is associated with the particular user device and the user, and the corresponding public key is registered with a User Device Authentication Alliance server (UDAAS) system. In an online transaction, a LoginID server or an Access Control server interact with the UDAAS to confirm the user is authentic and has confirmed the transaction.Type: GrantFiled: March 1, 2021Date of Patent: September 20, 2022Assignee: LOGIN ID INC.Inventors: Simon Law, Pasan Chankama Hapuarachchi
-
Publication number: 20220255741Abstract: A system and techniques are described herein for providing authentication. The technique includes registering user authentication data such as biometrics data with a communication device. The authentication data is linked to an account or service provider, and is used to verify the identity of the user when accessing the account. The communication device may obtain a public/private key pair, for which the pubic key may be stored on a secure remote server. When the user attempts to access the account or service provider, the user may provide the authentication data to authenticate the user to the communication device. Thereafter, the communication device may sign an authentication indicator using the private key and send the authentication indicator to the secure remote server. Upon verification of the signature using the public key, the secure remote server may grant access to the user, for example, by releasing a token.Type: ApplicationFiled: May 2, 2022Publication date: August 11, 2022Inventor: Simon Law
-
Patent number: 11356257Abstract: A system and techniques are described herein for providing authentication. The technique includes registering user authentication data such as biometrics data with a communication device. The authentication data is linked to an account or service provider, and is used to verify the identity of the user when accessing the account. The communication device may obtain a public/private key pair, for which the pubic key may be stored on a secure remote server. When the user attempts to access the account or service provider, the user may provide the authentication data to authenticate the user to the communication device. Thereafter, the communication device may sign an authentication indicator using the private key and send the authentication indicator to the secure remote server. Upon verification of the signature using the public key, the secure remote server may grant access to the user, for example, by releasing a token.Type: GrantFiled: August 16, 2018Date of Patent: June 7, 2022Assignee: Visa International Service AssociationInventor: Simon Law
-
Publication number: 20220138298Abstract: Verifying identity of a person using remote communication (e.g., Internet) is difficult because images of identity documents can be fraudulent or copied and distributed to adversaries without the person's permission. A user device and a server use facial scanning to verify identity of a person and to provide strong authentication. The user device captures a scanned image of an identity document (e.g., a driver license, a passport, a credential document, etc.) extracts the photo of the person from the identity document. The user device also captures an image of the person's face (e.g., a selfie photo) and compares this image with the extracted photo from the identity document. If the faces match, then the person's identity is verified. The verification of the identity and a related action (e.g., registration of the person, logging into a system, etc.) are authenticated using strong authentication such as Fast Identity Online (FIDO) authentication.Type: ApplicationFiled: November 5, 2021Publication date: May 5, 2022Inventors: Simon LAW, Pasan Chankama HAPUARACHCHI, Phillip L. KUMNICK, Thomas R. SZOKE, Maxim UMAROV
-
Publication number: 20220029823Abstract: A system is provided that allows users to execute a secure transaction that is authenticated by their user device. Personally identifiable information (PII), such as, but not limited to, biometric authentication data, is locally stored on the user's device so as to protect the PII. A user device private key is associated with the particular user device and the user, and the corresponding public key is registered with a User Device Authentication Alliance server (UDAAS) system. In an online transaction, a LoginID server or an Access Control server interact with the UDAAS to confirm the user is authentic and has confirmed the transaction.Type: ApplicationFiled: March 1, 2021Publication date: January 27, 2022Inventors: SIMON LAW, PASAN CHANKAMA HAPUARACHCHI
-
Publication number: 20220014367Abstract: A distributed computing system is used to form a login network to perform an action for a user, using private data. The login network executes the verification using blockchain computing architecture, which is decentralized. The private data is stored on the blockchain in an obfuscated form. In order to compute the private data from the obfuscated form, multiple distributed private key shares are required to generate multiple decryption shares, which are combined to compute a One Time Pad (OTP). In turn, the OTP is used to obtain the private data from the obfuscated form.Type: ApplicationFiled: December 13, 2019Publication date: January 13, 2022Inventors: SIMON LAW, ALFRED JOHN MENEZES
-
Publication number: 20210392003Abstract: It is typically difficult for a user to have any awareness of which private data is being used by a third party and to control the flow of the private data to the third party. A computing system is provided with a trusted node that stores encrypted private data. When the third party wishes to obtain information types from the user, the trusted node generates a scope document that specifies the requested information types. This scope document is sent to the user device as a challenge. The user device uses the scope document to display the requested information types, and the user provides input to permit providing the information types to the third party. The user device returns a signed challenge response, which includes the scope document. The trusted node then decrypts the encrypted private data, which corresponds to the requested information types, for the third party.Type: ApplicationFiled: June 11, 2021Publication date: December 16, 2021Inventors: SIMON LAW, ALFRED JOHN MENEZES, PASAN CHANKAMA HAPUARACHCHI
-
Publication number: 20210377263Abstract: A distributed computing system is used to form a login network to verify the identity of users. The login network uses biometric authentication on a user device to digitally sign a payload, which is sent to the login network for verification. The login network executes the verification using blockchain computing architecture, which is decentralized. The login network provides strong customer authentication, decentralization of data and authentication, a trusted identity service, and privacy and control of the user data by the user.Type: ApplicationFiled: October 29, 2019Publication date: December 2, 2021Inventor: SIMON LAW