SYSTEM AND METHOD FOR SECURING COMMUNICATIONS IN A DISTRIBUTED COMPUTING SYSTEM
A computing device for secure communications includes a communication interface, a transceiver, and a processor. The processor identifies an action to be completed by a third computing device operably connected to the computing device via the communication interface. The action is associated with data stored in the third computing device. In response to identifying the action, the processor transmits an identifier, obtained from the third computing device, to a second computing device using the transceiver; receives a second identifier from the second computing device using the transceiver; transmits the second identifier to the third computing device via the communication interface; and receives a confirmation of completion of the action from the third computing device via the communication interface.
Computing devices may communicate via multiple intermediary devices such as in a distributed computing environment. For example, when computing devices communicate via the Internet multiple routers, switches, repeaters, and other types of computing devices may assist in transmitting the communication from a sending computing device to a receiving computing device.
In some cases, it may be important to ensure the authenticity of both the communication and the content of the communication. In a distributed environment doing so may be made difficult due to the nature of the environment. For example, a communication may be received and transmitted by an unknown number and type of computing device. Each of the transmissions may subject the communication and its contents to risk of inadvertent modification or malicious action by a third party.
Certain embodiments of the invention will be described with reference to the accompanying drawings. However, the accompanying drawings illustrate only certain aspects or implementations of the invention by way of example and are not meant to limit the scope of the claims.
Illustrative embodiments of the system of the present application are described below in the interest of clarity, all features of an actual implementation may not be described in this specification. It will of course be appreciated that in the development of any such actual embodiment, numerous implementation-specific decisions must be made to achieve the developer's specific goals, such as compliance with system-related and business-related constraints, which will vary from one implementation to another. Moreover, it will be appreciated that such a development effort might be complex and time consuming but would nevertheless be a routine undertaking for those of ordinary skill in the art having the benefit of this disclosure.
In the specification, reference may be made to the spatial relationships between various components and to the spatial orientation of various aspects of components as the devices are depicted in the attached drawings. However, as will be recognized by those skilled in the art after a complete reading of the present application, the devices, members, apparatuses, etc. described herein may be positioned in any desired orientation. Thus, the use of terms such as “above,” “below,” “upper,” “lower,” or other like terms to describe a spatial relationship between various components or to describe the spatial orientation of aspects of such components should be understood to describe a relative relationship between the components or a spatial orientation of aspects of such components, respectively, as the device described herein may be oriented in any desired direction.
Embodiments of the invention relate to system and methods for securing communications in a distributed system. Securing the communications may include ensuring both that a message is communicated and the contents of the communication are accurate.
In one or more embodiments of the invention, a system may utilize a combination of communication mediums to complete a secure communication. The communication mediums may include one or more wireless communication interfaces and one or more optical communication interfaces. A wireless communication interface may be, for example, a near field communication interface, a wireless local area network interface, or another type of wireless interface. An optical communication interface may be, for example, an optical transceiver. The optical transceiver may include a display and a camera. The display may be a display for displaying information to a user of a computing device, e.g., a display of a cell phone.
In one or more embodiments of the invention, the system is utilized to facilitate secure communications for transaction purposes. Conventional commercial transaction and ticket authentication systems are limited in that they are configured with limited one-way communication between an image and scannable code reader. Conventional systems and methods lack the ability to authenticate the originality or validity of a scannable code, such as a quick response (QR) code.
In one or more embodiments of the invention, the system is utilized to facilitate secure communications for commercial purposes. Traditional credit and debit cards, checks, and cash require individuals to be in physical possession of the item in order to conduct transactions and are susceptible to theft. Near Field Communication (NFC) technology can pose a threat of theft and fraudulent use by thieves that are in possession of NFC scannable code readers in proximity to an individual's bank card. Digital ticketing systems, such as those commonly used by airlines, are unable to authenticate the originality or validity of a scannable code.
In one or more embodiments of the invention, the system is utilized to securing the secondary exchange of tickets for entrance to events. Conventional digital ticketing systems do not provide a means of controlling secondary market transactions by the original vendor. Further, conventional commercial transaction and ticket authentication systems are limited in the methods of control of purchaser access to transaction authentication displays. In one conventional commercial transaction and ticket authentication system, a purchaser may view a transaction authentication quick response (QR) code on a device and subsequently take a screenshot picture of the code thereby facilitating the easy transfer of the transaction authentication through means of transferring the screenshot picture from the device. Transfer of transaction authentication codes by purchasers can facilitate fraudulent action, reduce potential vendor profits, and lead to service denials of valid customers.
In one or more embodiments of the invention, the system utilizes a scannable code is a QR code. In other embodiments the scannable code may be a barcode, or any other scannable image containing embedded information that may be read and interpreted by a camera. It should be appreciated that the exact scannable code is implementation specific.
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
The ASC system transaction processes facilitate financial transactions that: are more convenient than cash, have more potential benefits and opportunities for data gathering than credit cards, more secure than both cash and credit cards, and more smart devices in use today are capable of running the ASC application than Near-Field Communication (NFC) based transactions. The ASC system and smart device application enable the exchange or transfer of funds between friends, family, strangers, and businesses and customers without disclosing the user's sensitive personal credit card or account information. Additionally, these transactions may be conducted in a physical face-to-face situation, or over long distances via a cellular or wireless network. Because of the unique methodology of the ASC system, even if someone were to take a screenshot of a user's payment code, it would not satisfy the authentication process and the original user's payment and account information is protected. Even in a situation where a user's smart device is stolen, without the original user's ASC system passcode, or fingerprint authentication, the user's payment and account information is safe within the ASC system application; unlike other items such as cash or credit cards that can also be stolen.
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
Referring to
The embodiments of the authenticated QR code system and method include a scannable code reader 2000 that is configured to both scan and read QR codes, as well as the display screen 2002 to display QR codes, and the process, enabled through software, to authenticate QR codes. As described further above, the system can require the user/consumer to create a user account via a company website or Authenticated QR Code System smartphone application, at which point, the user is assigned a unique customer account QR code. The user account can utilize digital certificates in order to associate user accounts with the specific user device (such as a smartphone, for example) or alternatively, can recognize the unique IP address assigned to users electronic device. When a user purchases a ticket, or other digital item, through their device, data of the digital ticket or transaction is immediately downloaded to the user's device, stored in the software program coding, unable to be viewed directly by the user. In order to redeem the digital ticket or transaction, the user utilizes the Authenticated QR Code System smartphone application. Upon entering a venue for which the user has purchased a digital ticket or transaction, the user can select the appropriate digital ticket or item in the Authenticated QR Code System smartphone application and the user's unique account QR code is displayed on the smartphone to be read by the scannable code reader 2000, and the camera 2102 on the device 2100 is activated. Once the Authenticated QR Code Scanner reads the user's unique account QR code, the system identifies the specific account associated with the account QR code and in turn displays an activation QR code, specific and unique to the user's account and ticket, to be read by the smartphone application. The smartphone application detects the activation QR code, which unlocks the digital ticket QR code and is displayed on the screen of the smartphone to be read by the scannable code reader 2000. The scannable code reader 2000 recognizes the ticket QR code as a valid and authenticated digital ticket and the user is admitted to the event or venue. Because the actual digital ticket is downloaded to the user smartphone upon purchase, the Authenticated QR Code smartphone application can function as necessary at the ticketing window, gate, venue, etc., regardless of whether a cellular or WiFi network is available. If a user attempted to take a screenshot, picture, or copy of their unique account QR code and send it to another individual to use, it would be a static image, incapable of interacting with the scannable code reader 2000, and would be rejected. Providing added security, is the fact that the user is unable to access, view, or transmit the actual ticket QR code until the smartphone application receives the activation QR code provided by the scannable code reader 2000.
The ticket authentication system and method described herein provides significant advantages over conventional ticketing systems and methods. For example, the ticket authentication systems and methods disclosed herein enable live entertainment venues, such as a sports stadiums, concerts, live theatre, etc. to regulate and monitor secondary market transactions of tickets that occur subsequent to the original ticket purchase from the venue or licensed agent. The ticket authentication systems and methods can insure that the spectator whom purchases the original ticket from the venue or ticketing agency is the same one that redeems the ticket upon entrance to the event, allowing the venue and spectator to capture the full value of the ticket. Further, because the actual digital ticket is downloaded to the customer smartphone upon purchase, the application on the smartphone can function as necessary at the ticketing gate regardless of whether a cellular or WiFi signal is available. If a customer was to attempt to take a screenshot or picture of their unique account CR code and sent it to someone else for their use, then it would be a static image incapable of interacting with the scannable code reader 2000, and would be rejected. Security is provided by the prevention of the user from accessing, viewing, or transmitting the actual ticket QR code until it receives the activation QR code provided by the scannable code reader 2000 at the point of entry into the venue. Further benefits include: 1) enabling the monitoring and tracking of a ticket through the life of the ticket; 2) preventing the unauthorized transfer or sale of tickets without the knowledge or approval of the original ticket seller; 3) enabling the easy transfer or sale of surplus tickets among customers, within the terms and conditions specified by the venue; and 4) allowing the transaction to take place without requiring the user to have cellular or WiFi signal on the user's device.
Referring now also to
The system 2101 can include an input/output (I/O) interface 2103, an analysis engine 2105, and a database 2107. Alternative embodiments can combine or distribute the input/output (I/O) interface 2103, analysis engine 2105, and database 2107, as desired. Embodiments of the system 2101 can include one or more computers that include one or more processors and memories configured for performing tasks described herein. This can include, for example, a computer having a central processing unit (CPU) and non-volatile memory that stores software instructions for instructing the CPU to perform at least some of the tasks described herein. This can also include, for example, two or more computers that are in communication via a computer network, where one or more of the computers include a CPU and non-volatile memory, and one or more of the computer's non-volatile memory stores software instructions for instructing any of the CPU(s) to perform any of the tasks described herein. Thus, while the exemplary embodiment is described in terms of a discrete machine, it should be appreciated that this description is non-limiting, and that the present description applies equally to numerous other arrangements involving one or more machines performing tasks distributed in any way among the one or more machines. It should also be appreciated that such machines need not be dedicated to performing tasks described herein, but instead can be multi-purpose machines, for example computer workstations, that are suitable for also performing other tasks.
The I/O interface 2103 can provide a communication link between external users, systems, and data sources and components of the system 2101. The I/O interface 2103 can be configured for allowing one or more users to input information to the system 2101 via any known input device. Examples can include a keyboard, mouse, touch screen, and/or any other desired input device. The I/O interface 2103 can be configured for allowing one or more users to receive information output from the system 2101 via any known output device. Examples can include a display monitor, a printer, phone display, and/or any other desired output device. The I/O interface 2103 can be configured for allowing other systems to communicate with the system 2101. For example, the I/O interface 2103 can allow one or more remote computer(s) to access information, input information, and/or remotely instruct the system 2101 to perform one or more of the tasks described herein. The I/O interface 2103 can be configured for allowing communication with one or more remote data sources. For example, the I/O interface 2103 can allow one or more remote data source(s) to access information, input information, and/or remotely instruct the system 2101 to perform one or more of the tasks described herein.
The database 2107 provides persistent data storage for system 2101. While the term “database” is primarily used, a memory or other suitable data storage arrangement may provide the functionality of the database 2107. In alternative embodiments, the database 2107 can be integral to or separate from the system 2101 and can operate on one or more computers. The database 2107 preferably provides non-volatile data storage for any information suitable to support the operation of systems and methods described herein, including various types of data discussed further herein. The analysis engine 2105 can include various combinations of one or more processors, memories, and software components.
The particular embodiments disclosed above are illustrative only, as the system may be modified and practiced in different but equivalent manners apparent to those skilled in the art having the benefit of the teachings herein. Modifications, additions, or omissions may be made to the apparatuses described herein without departing from the scope of the embodiment. The components of the system may be integrated or separated. Moreover, the operations of the system may be performed by more, fewer, or other components.
Furthermore, no limitations are intended to the details of construction or design herein shown, other than as described in the claims below. It is therefore evident that the particular embodiments disclosed above may be altered or modified and all such variations are considered within the scope and spirit of the application. Accordingly, the protection sought herein is as set forth in the claims below.
The problems discussed above should be understood as being examples of problems solved by embodiments of the invention disclosed herein and the invention should not be limited to solving the same/similar problems. The disclosed invention is broadly applicable to address a range of problems beyond those discussed herein.
While the invention has been described above with respect to a limited number of embodiments, those skilled in the art, having the benefit of this disclosure, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as disclosed herein. Accordingly, the scope of the invention should be limited only by the attached claims.
Claims
1. A computing device for secure communications, comprising:
- a communication interface;
- a transceiver; and
- a processor programmed to: identify an action to be completed by a third computing device operably connected to the computing device via the communication interface, wherein the action is associated with data stored in the third computing device; in response to identifying the action: transmit an identifier, obtained from the third computing device, to a second computing device using the transceiver; receive a second identifier from the second computing device using the transceiver; transmit the second identifier to the third computing device via the communication interface; and receive a confirmation of completion of the action from the third computing device via the communication interface.
2. The computing device of claim 1, wherein communication interface supports a first operable connection, the transceiver supports a second operable connection, and the first operable connection is separate from the second operable connection, wherein the transceiver is an optical transceiver.
3. The computing device of claim 2, wherein the third computing device is not operably connected via the second operable connection.
4. The computing device of claim 1, wherein the confirmation indicates that the second computing device has been uniquely identified by the third computing device.
5. The computing device of claim 1, wherein the confirmation indicates that the third computing device has verified that completion of the action is authorized by both of a first user of the computing device and a second user of the second computing device.
6. The computing device of claim 1, wherein the transceiver comprises:
- a light transmitting portion, and
- a light receiving portion.
7. The computing device of claim 6, wherein the light transmitting portion comprises a display adapted to display information to a user of the first computing device, wherein the light receiving portion comprises a camera.
8. The computing device of claim 7, wherein the identifier is transmitted using the display, wherein the second identifier is received using the camera.
9. The computing device of claim 1, further comprising a radio frequency transceiver, wherein the radio frequency transceiver supports the communication interface.
10. The computing device of claim 1, wherein the computing device does not communicate with the second computing device via the communication interface during the response to the secure communication request.
11. A method for securing communications between computing devices, comprising:
- identifying an action to be completed by a third computing device of the computing devices operably connected to a first computing device of the computing devices via a communication interface, wherein the action is associated with data stored in the third computing device;
- in response to identifying the action: transmitting an identifier, obtained from the third computing device, to a second computing device of the computing devices using a transceiver; receiving a second identifier from the second computing device using the transceiver; transmitting the second identifier to the third computing device via the communication interface; and receiving a confirmation of completion of the action from the third computing device via the communication interface.
12. The method of claim 11, wherein communication interface supports a first operable connection, the transceiver supports a second operable connection, and the first operable connection is separate from the second operable connection.
13. The computing device of claim 12, wherein the third computing device is not operably connected via the second operable connection.
14. The computing device of claim 11, wherein the confirmation indicates that the third computing device has verified that completion of the action is authorized by both of a first user of the computing device and a second user of the second computing device.
15. The computing device of claim 14, wherein the transceiver comprises:
- a display adapted to display information to the first user, and
- a camera.
16. A non-transitory computer readable medium comprising computer readable program code, which when executed by a computer processor enables the computer processor to perform a method for securing communications between computing devices, the method comprising:
- identifying an action to be completed by a third computing device of the computing devices operably connected to a first computing device of the computing devices via a communication interface, wherein the action is associated with data stored in the third computing device;
- in response to identifying the action: transmitting an identifier, obtained from the third computing device, to a second computing device of the computing devices using a transceiver; receiving a second identifier from the second computing device using the transceiver; transmitting the second identifier to the third computing device via the communication interface; and receiving a confirmation of completion of the action from the third computing device via the communication interface.
17. The non-transitory computer readable medium of claim 16, wherein communication interface supports a first operable connection, the transceiver supports a second operable connection, and the first operable connection is separate from the second operable connection.
18. The non-transitory computer readable medium of claim 17, wherein the third computing device is not operably connected via the second operable connection.
19. The non-transitory computer readable medium of claim 16, wherein the confirmation indicates that the third computing device has verified that completion of the action is authorized by both of a first user of the computing device and a second user of the second computing device.
20. The non-transitory computer readable medium of claim 19, wherein the transceiver comprises:
- a display adapted to display information to the first user, and
- a camera.
Type: Application
Filed: Jul 5, 2018
Publication Date: Dec 27, 2018
Inventor: William A. Wadley (Spring, TX)
Application Number: 16/028,344