Patents by Inventor Upendra Mardikar
Upendra Mardikar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20160092696Abstract: Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.Type: ApplicationFiled: September 28, 2015Publication date: March 31, 2016Inventors: Abhishek Guglani, Sanjeev Sharma, Jalpesh Chitalia, Gerald Destremps, Upendra Mardikar, Minghua Xu, Jose Luis Rios Trevino, Brijendra Singh
-
Publication number: 20160087983Abstract: Methods and systems for authenticating a user device employ a database of global network latencies categorized and searchable by location and calendar date-time of day usage, providing network latency by geography and by time. The database is constructed using voluminous daily data collected from a world-wide clientele of users who sign in to a particular website. Accuracy of the latency data and clock skew machine identification is made practical and useful for authentications using a service provider-proprietary, stable reference clock, such as an atomic clock, so that internal clock jitter of a service provider performing authentications does not affect the network latency time and clock skew identification of user devices. Increased authentication confidence results from using the database for correcting network latency times and user device signatures generated from the clock skew identifications and for cross checking the authentication using comparisons of initial registration to current sign in data.Type: ApplicationFiled: November 23, 2015Publication date: March 24, 2016Inventors: Rasta A. Mansour, Upendra Mardikar
-
Publication number: 20160078438Abstract: Methods and systems are provided for making secure financial transactions, such as purchase payments, using rich Internet applications (RIA) running an RIA runtime (also referred to as a platform or framework) on the user's smart phone or other mobile device. Embodiments differ from the usual way of re-directing a user from a third-party application and authenticating the user by providing secure in-line payments from a rich Internet application running on an RIA runtime. A system includes: a mobile device executing a rich Internet application running on an RIA runtime; a payment library communicating with the RIA runtime and a service provider, for which the payment library communicates with the service provider to authenticate the rich Internet application; and in response to authentication by the service provider, facilitates secure financial transactions via the rich Internet application.Type: ApplicationFiled: November 25, 2015Publication date: March 17, 2016Inventors: Prashant Jamkhedkar, Upendra Mardikar, Mark Wenger, Mehul Asher, Victor Chau
-
Publication number: 20160044026Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client, e.g., mobile network device, authentication.Type: ApplicationFiled: October 19, 2015Publication date: February 11, 2016Inventors: Upendra Mardikar, Kent Griffin, Allison Elizabeth Miller, Amol Patel
-
Publication number: 20150372811Abstract: Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate an ephemeral key pair comprising an ephemeral public key and an ephemeral private key. The first computing device can generate a first shared secret using the ephemeral private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the ephemeral public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the ephemeral private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.Type: ApplicationFiled: June 18, 2015Publication date: December 24, 2015Inventors: Eric Le Saint, Upendra Mardikar, Dominique Fedronic
-
Patent number: 9218601Abstract: Methods and systems are provided for making secure financial transactions, such as purchase payments, using rich Internet applications (RIA) running an RIA runtime (also referred to as a platform or framework) on the user's smart phone or other mobile device. Embodiments differ from the usual way of re-directing a user from a third-party application and authenticating the user by providing secure in-line payments from a rich Internet application running on an RIA runtime. A system includes: a mobile device executing a rich Internet application running on an RIA runtime; a payment library communicating with the RIA runtime and a service provider, for which the payment library communicates with the service provider to authenticate the rich Internet application; and in response to authentication by the service provider, facilitates secure financial transactions via the rich Internet application.Type: GrantFiled: November 9, 2011Date of Patent: December 22, 2015Assignee: PAYPAL, INC.Inventors: Prashant Jamkhedkar, Upendra Mardikar, Mark Wenger, Mehul Asher, Victor Chau
-
Patent number: 9197634Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client authentication, e.g., mobile network device authentication.Type: GrantFiled: February 7, 2014Date of Patent: November 24, 2015Assignee: PAYPAL, INC.Inventors: Upendra Mardikar, Kent Griffin, Allison Elizabeth Miller, Amol Patel
-
Patent number: 9197624Abstract: Methods and systems for authenticating a user device employ a database of global network latencies categorized and searchable by location and calendar date-time of day usage, providing network latency by geography and by time. The database is constructed using voluminous daily data collected from a world-wide clientele of users who sign in to a particular website. Accuracy of the latency data and clock skew machine identification is made practical and useful for authentications using a service provider-proprietary, stable reference clock, such as an atomic clock, so that internal clock jitter of a service provider performing authentications does not affect the network latency time and clock skew identification of user devices. Increased authentication confidence results from using the database for correcting network latency times and user device signatures generated from the clock skew identifications and for cross checking the authentication using comparisons of initial registration to current sign in data.Type: GrantFiled: July 14, 2014Date of Patent: November 24, 2015Assignee: PAYPAL, INC.Inventors: Rasta A. Mansour, Upendra Mardikar
-
Publication number: 20150281191Abstract: Embodiments provide secure messaging communications. In an embodiment, a method comprises receiving, by a service provider processor, an encrypted message and a key from a sender associated with a first client device that is remote from the service provider, wherein the first client device internally encrypts the message. The message also comprises verifying the received key based on at least a comparison with a pre-determined key. Once the received key is verified, the method also comprises processing one or more unique factors associated with the sender or the first client device, wherein the one or more unique factors are known by the service provider. The method further comprises decrypting the message and re-encrypting the message using a key of a receiver associated with a second client device; and sending the re-encrypted message to the receiver associated with the second client device, wherein the second client device decrypts the message.Type: ApplicationFiled: May 12, 2015Publication date: October 1, 2015Inventor: Upendra Mardikar
-
Publication number: 20150220985Abstract: A system and method for facilitating electronic commerce over a network, according to one or more embodiments, includes communicating with a user via a user device and a business entity via a business entity device over the network, monitoring user navigation events over the network, determining a mood of the user based on user navigation behavior, marketing to the user based on the mood of the user, and storing user information related to the user navigation events and the mood of the user.Type: ApplicationFiled: April 13, 2015Publication date: August 6, 2015Inventor: Upendra Mardikar
-
Patent number: 9060271Abstract: Embodiments of the present disclosure provide systems and methods for secure Short Message Service (SMS) communications. According to an embodiment, a method of providing secure Short Message Service (SMS) communications comprises requesting that SMS data to be sent from a client device to a remote location be encrypted. The method also comprises encrypting the SMS data by processing the SMS data with a Message Authentication Code (MAC) and a timestamp and/or counter along with second factor authentication information. The method further comprises sending the encrypted SMS data to the remote location by a secure SMS application via a regular SMS channel of the client device.Type: GrantFiled: September 23, 2013Date of Patent: June 16, 2015Assignee: EBAY INC.Inventor: Upendra Mardikar
-
Publication number: 20140324637Abstract: Systems and methods for facilitating financial transactions over a network include a merchant device, a client device and a payment processing device. The merchant device is adapted to allow a merchant to provide items for purchase via the network. The client device is adapted to allow a user to access the merchant device via the network and view the items for purchase. The client device is adapted to provide a payment mechanism to the user. The user generates a purchase request for an item by selecting the one item, dragging the item to the payment mechanism, and dropping the item over the payment mechanism. The payment processing device is adapted to receive the purchase request from the client device via the network and authorize the user to purchase the item from the merchant based on information passed with the purchase request.Type: ApplicationFiled: July 7, 2014Publication date: October 30, 2014Inventors: Matthew Mengerink, Upendra Mardikar, David Gausebeck
-
Publication number: 20140325598Abstract: Methods and systems for authenticating a user device employ a database of global network latencies categorized and searchable by location and calendar date-time of day usage, providing network latency by geography and by time. The database is constructed using voluminous daily data collected from a world-wide clientele of users who sign in to a particular website. Accuracy of the latency data and clock skew machine identification is made practical and useful for authentications using a service provider-proprietary, stable reference clock, such as an atomic clock, so that internal clock jitter of a service provider performing authentications does not affect the network latency time and clock skew identification of user devices. Increased authentication confidence results from using the database for correcting network latency times and user device signatures generated from the clock skew identifications and for cross checking the authentication using comparisons of initial registration to current sign in data.Type: ApplicationFiled: July 14, 2014Publication date: October 30, 2014Inventors: Rasta A. Mansour, Upendra Mardikar
-
Publication number: 20140258010Abstract: A user who is authorizing a delegate to make a purchase using funds from an account of the user sends information to a payment provider. The information includes a picture of the delegate, along with information such as a merchant name, a maximum amount, a type of purchase, item information, and/or any other transaction limitations/restrictions. The payment provider then transmits this information to the merchant. A one-time code or number may be communicated to the delegate. When the delegate is ready to make a payment with the user account, the delegate gives the delegate's name and/or other identifying information to the merchant, along with the payment code. The merchant enters the information and is shown a picture of the delegate. If there is a match, the payment may be submitted for processing. In one embodiment, a photo of the delegate may be taken by the merchant and the image transmitted to the user. The user may then be requested to confirm the delegate as an authorized delegate.Type: ApplicationFiled: May 29, 2013Publication date: September 11, 2014Applicant: EBAY INC.Inventors: Upendra Mardikar, Attaullah Baig
-
Patent number: 8799159Abstract: Systems and methods for facilitating financial transactions over a network include a merchant device, a client device and a payment processing device. The merchant device is adapted to allow a merchant to provide items for purchase via the network. The client device is adapted to allow a user to access the merchant device via the network and view the items for purchase. The client device is adapted to provide a payment mechanism to the user. The user generates a purchase request for an item by selecting the one item, dragging the item to the payment mechanism, and dropping the item over the payment mechanism. The payment processing device is adapted to receive the purchase request from the client device via the network and authorize the user to purchase the item from the merchant based on information passed with the purchase request.Type: GrantFiled: July 29, 2013Date of Patent: August 5, 2014Assignee: eBay Inc.Inventors: Matthew Mengerink, Upendra Mardikar, David Gausebeck
-
Patent number: 8789158Abstract: Methods and systems for authenticating a user device employ a database of global network latencies categorized and searchable by location and calendar date-time of day usage, providing network latency by geography and by time. The database is constructed using voluminous daily data collected from a world-wide clientele of users who sign in to a particular website. Accuracy of the latency data and clock skew machine identification is made practical and useful for authentications using a service provider-proprietary, stable reference clock, such as an atomic clock, so that internal clock jitter of a service provider performing authentications does not affect the network latency time and clock skew identification of user devices. Increased authentication confidence results from using the database for correcting network latency times and user device signatures generated from the clock skew identifications and for cross checking the authentication using comparisons of initial registration to current sign in data.Type: GrantFiled: February 15, 2012Date of Patent: July 22, 2014Assignee: eBay Inc.Inventors: Rasta A. Mansour, Upendra Mardikar
-
Publication number: 20140185806Abstract: Embodiments of the present disclosure provide systems and methods for secure Short Message Service (SMS) communications. According to an embodiment, a method of providing secure Short Message Service (SMS) communications comprises requesting that SMS data to be sent from a client device to a remote location be encrypted. The method also comprises encrypting the SMS data by processing the SMS data with a Message Authentication Code (MAC) and a timestamp and/or counter along with second factor authentication information. The method further comprises sending the encrypted SMS data to the remote location by a secure SMS application via a regular SMS channel of the client device.Type: ApplicationFiled: September 23, 2013Publication date: July 3, 2014Applicant: EBAY INC.Inventor: Upendra Mardikar
-
Publication number: 20140157389Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client, e.g.Type: ApplicationFiled: February 7, 2014Publication date: June 5, 2014Applicant: eBay Inc.Inventors: Upendra Mardikar, Kent Griffin, Allison Elizabeth Miller, Amol Patel
-
Publication number: 20140122265Abstract: Systems and methods are provided for secure transactions according to one or more embodiments. According to an embodiment, a method for providing secure transactions comprises initiating a transaction via a point of sale device having a one time password generator. The method also comprises generating at least one password by the point of sale device. The method further comprises associating the at least one password with account information. The method further comprises transmitting the password associated with the account information to a remote location. If the transmitted password matches predetermined associated information at the remote location, the method further comprises confirming the transaction.Type: ApplicationFiled: January 3, 2014Publication date: May 1, 2014Applicant: eBay Inc.Inventors: Upendra Mardikar, Rene Aeberhard
-
Patent number: 8656459Abstract: A method for inhibiting phishing can include sending information from a mobile network device to a website server, generating a one time password at the mobile network device from the information, generating a one time password at the website server from the information, sending the one time password generated at the website server to the mobile network device when the mobile network device subsequently accesses the website, and comparing the one time password generated at the website server to the one time password generated at the mobile network device. In this manner, the website can be authenticated such that the occurrence of phishing is substantially mitigated.Type: GrantFiled: March 1, 2013Date of Patent: February 18, 2014Assignee: eBay Inc.Inventors: Upendra Mardikar, Kent Griffin, Elizabeth Allison Miller, Amol Patel