Verifying Pin Patents (Class 705/72)
  • Patent number: 10748146
    Abstract: An electronic payment transaction involves operating a gateway device in an electronic payment system to receive first encrypted transaction data from a merchant device, wherein the first encrypted transaction data is encrypted by means of a merchant device-specific encrypting key. Decrypted transaction data is produced by using a merchant device-specific decrypting key to decrypt the first encrypted transaction data. Second encrypted transaction data is derived from the decrypted transaction data, wherein the second encrypted transaction data is encrypted by means of a gateway device-specific encrypting key. The gateway device communicates the second encrypted transaction data to another electronic payment system server. A key transmission block received from the merchant device includes information that enables the gateway device to derive the merchant device-specific decryption key.
    Type: Grant
    Filed: June 15, 2010
    Date of Patent: August 18, 2020
    Assignee: HEARTLAND PAYMENT SYSTEMS, LLC
    Inventors: Robert O. Carr, Steve Elefant, Sarah McCrary, Paul Minutillo
  • Patent number: 10740499
    Abstract: An apparatus includes an electronic circuit, a keypad and an active-shield layer. The keypad includes one or more keys for entering data to the electronic circuit by a user. The active-shield layer is placed between the electronic circuit and the keypad, and includes one or more electrical conductors laid in a pattern that shields at least a portion of the electronic circuit. In a specified region, the one or more electrical conductors of the active-shield layer are shaped to form contacts for sensing the one or more keys.
    Type: Grant
    Filed: March 12, 2018
    Date of Patent: August 11, 2020
    Assignee: NUVOTON TECHNOLOGY CORPORATION
    Inventor: Ziv Hershman
  • Patent number: 10735398
    Abstract: Techniques are described for single or multi-factor authentication. An access request is received followed by a prompt for authentication data comprising a segment of a continuous rolling authentication code. Upon receipt of the segment of a continuous rolling authentication code, it is compared to another version of the continuous rolling authentication code generated by an algorithm and shared secret key known to both parties. The access request may be authenticated when the segment of the rolling authentication code received in response to the prompt for authentication data matches a segment the continuous rolling authentication code generated. Otherwise, it is rejected.
    Type: Grant
    Filed: February 26, 2020
    Date of Patent: August 4, 2020
    Assignee: Bandwidth, Inc.
    Inventors: Adam Covati, Bryan C. Turner
  • Patent number: 10713657
    Abstract: A system includes one or more memory devices storing instructions, and one or more processors configured to execute the instructions to perform steps of a method for providing network security. The system may receive customer credentials in association with an attempted transaction initiated by a user device that is connected to a local network. The system may receive network identification data associated with the local network and generate a network confidence score based on the network identification data and a historical local network footprint. The system may determine a security action based on the network confidence score.
    Type: Grant
    Filed: August 1, 2017
    Date of Patent: July 14, 2020
    Assignee: CAPITAL ONE SERVICES, LLC
    Inventors: Charles Nathan Crank, Lawrence F. Altaffer, Erik Jay S. De Leon
  • Patent number: 10672214
    Abstract: A method and corresponding electronic device for securing the device. The device and method may include operations for: receiving a command requesting a modification of an operating parameter of the electronic device (C2); detecting whether the operating parameter is a parameter that is predefined as a sensitive parameter; and if so, determining whether the modification requested by the command, if applied, would lead to a degradation of the security of the electronic device. The determining may be done by comparing the initial state of the parameter on receiving the command with a new state for giving to the operating parameter in response to the command. And, in the event of the security of the electronic device being degraded, triggering an operation of securing the electronic device in response to the first command.
    Type: Grant
    Filed: May 5, 2017
    Date of Patent: June 2, 2020
    Assignee: IDEMIA FRANCE
    Inventors: Francis Chambero, Marco De Oliveira
  • Patent number: 10652742
    Abstract: A telematics control unit (TCU) of a vehicle includes at least one processor coupled to a memory, the at least one processor comprising a local authentication server configured to authenticate at least one device of a plurality of devices in the vehicle based on a first list of approved devices, and establish, upon successful authentication of the at least one device, a trusted communication link between the TCU and the at least one device to receive a first data from the at least one device and transmit a second data to the at least one device, wherein the first data is stored in the memory for future transmission to a remote server.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: May 12, 2020
    Assignee: VALEO COMFORT AND DRIVING ASSISTANCE
    Inventor: Shahram Rezaei
  • Patent number: 10592543
    Abstract: One or more computing devices, systems, and/or methods for sub-account management are provided. For example, a user may have a primary account with a service, such as a social network service, an email service, a bank service, etc. The user may create a sub-account connected/linked to the primary account. The primary account comprises and directly controls the sub-account. For example, the primary account can access content, sub-account settings, and/or sub-account activity of the sub-account from the primary account. The sub-account can be automatically disconnected from the primary account based upon a disconnect condition being satisfied.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: March 17, 2020
    Assignee: Oath Inc.
    Inventors: Mohit Goenka, Ashish Khushal Dharamshi, Nikita Varma
  • Patent number: 10587419
    Abstract: A central service provider manages and writes transaction details to a private block chain network. Blocks of transaction records written onto the block chain by the central service provider are distributed to members of the block chain, thereby enabling data resiliency and self-verifiability. As the full block chain is available to members of the block chain network, the central service provider also ensures the privacy of transaction details by providing an assembled header and encrypted block of transaction records that are generated using a combination of symmetric and asymmetric cryptographic techniques. Altogether, the full block chain network is distributed across members of the block chain, but the members can only access and read transaction details in the block chain that they are authorized to view.
    Type: Grant
    Filed: August 10, 2018
    Date of Patent: March 10, 2020
    Assignee: The Bank of New York Mellon
    Inventors: Sarthak Pattanaik, Vadim Pertsovskiy
  • Patent number: 10461933
    Abstract: Embodiments can provide methods for securely provisioning sensitive credential data, such as a limited use key (LUK) onto a user device. In some embodiments, the credential data can be encrypted using a separate storage protection key and decrypted only at the time of a transaction to generate a cryptogram for the transaction. Thus, end-to-end protection can be provided during the transit and storage of the credential data, limiting the exposure of the credential data only when the credential data is required, thereby reducing the risk of compromise of the credential data.
    Type: Grant
    Filed: January 27, 2016
    Date of Patent: October 29, 2019
    Assignee: Visa International Service Association
    Inventors: Eric Le Saint, Soumendra Bhattacharya
  • Patent number: 10431033
    Abstract: This disclosure relates to systems and methods to provide physical items to users participating in a real-world interactive environment. The users may participate in the interactive environment by having experiences within the interactive environment. The systems and methods described herein include techniques in which the users may be provided with physical items through special purpose physical item dispensers. The physical items may be specifically selected and dispensed to the users based on the experiences that have occurred during their past participation.
    Type: Grant
    Filed: May 17, 2018
    Date of Patent: October 1, 2019
    Assignee: Disney Enterprises, Inc.
    Inventor: Shelley Short
  • Patent number: 10373149
    Abstract: A card reader comprising a display configured to optionally graphically display a character; one or more sensors configured to receive user input, wherein the one or more sensors are configured to send one or more signals that modify and select the character; a microcontroller configured to process the user input, wherein the processing comprises modifying or selecting the character based on user input at the one or more sensors; and memory configured to store selected characters based on processing the user input.
    Type: Grant
    Filed: December 13, 2012
    Date of Patent: August 6, 2019
    Assignee: Square, Inc.
    Inventors: Elliot Sather, Robert von Behren
  • Patent number: 10360609
    Abstract: Methods and a system for inter-device Self-Service Terminal (SST) interactions are provided. A customer causes a request for assistance to be communicated from a SST during a transaction. A device in proximity to the SST accepts the request. A message is selected by a clerk of the device and relayed to the SST for presentation during the transaction. In an embodiment, the device wirelessly receives the request from a second device that is also in proximity to the SST.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: July 23, 2019
    Assignee: NCR Corporation
    Inventors: Ian M. Joy, Rafael Torcida Fernández
  • Patent number: 10296892
    Abstract: A method for online payments includes receiving an instruction to start a payment application. Payment tag information is then received and sent over a network. Product information that is associated with the payment tag information is then received over the network and displayed on a first payment page that includes a request for payment account credentials. The first payment page is provided through the payment application immediately following the sending of the payment tag information. Payer account credentials are then received through the payment application and sent over the network. Payer account information is then received over the network and displayed on a second payment page that includes a payment confirmation indicator. The second payment page is provided through the payment application immediately following the first payment page. A selection of the payment confirmation indicator is then received through the payment application and sent over the network.
    Type: Grant
    Filed: October 29, 2013
    Date of Patent: May 21, 2019
    Assignee: PAYPAL, INC.
    Inventors: James Eugene Foster, Chad Maurice Hoffman
  • Patent number: 10269204
    Abstract: A method for individualizing a portable data carrier, in particular a chip card includes an end device that supplies data for configuring and/or updating one or more functions of the portable data carrier. The data are transmitted by the end device to the portable data carrier via a communication connection between the end device and the portable data carrier. A configurating and/or updating of the function or functions of the portable data carrier is effectuated by means of the data transmitted to the portable data carrier.
    Type: Grant
    Filed: August 9, 2016
    Date of Patent: April 23, 2019
    Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBH
    Inventors: Thomas Tarantino, Sascha Behlendorf, Werner Strobl, Rodrigue Gil, Florian Gawlas
  • Patent number: 10237247
    Abstract: A convenient, easy to use ubiquitous secure communications capability can automatically encrypt and decrypt messages without requiring any special intermediating security component such as gateways, proxy servers or the like. Trusted/secure applications for the mobile workforce can significantly improve productivity and effectiveness while enhancing personal and organizational security and safety.
    Type: Grant
    Filed: February 6, 2017
    Date of Patent: March 19, 2019
    Assignee: Protected Mobility, LLC
    Inventors: William J. Marlow, Robert Cichielo, Emil Sturniolo, Paul Benware
  • Patent number: 10187361
    Abstract: Data may be protected using a combination of symmetric and asymmetric cryptography. A symmetric key may be generated and the data may be encrypted with the symmetric key. The symmetric key and a only a portion of the symmetrically encrypted data may then be encrypted with an asymmetric public key. The entire set of encrypted data, including the asymmetrically encrypted symmetric key, the doubly encrypted portion of data, and the remainder of the symmetrically encrypted data may then be sent to a remote device using insecure communications.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: January 22, 2019
    Assignee: SONY INTERACTIVE ENTERTAINMENT INC.
    Inventor: Jay Alan Carlson
  • Patent number: 10121142
    Abstract: Embodiments are directed to receiving a token from a wearable device carried by a customer, the token for user authentication based on a visitation pattern of the customer. Embodiments include receive, from the wearable device carried by the customer, the token comprising user authentication information associated with the customer, wherein receiving the token indicates a current visit of the customer to the financial institution location; access, based at least in part on the user authentication information, a visitation history from a customer profile associated with the customer; determine, based at least in part on the visitation history, whether the current visit falls within a recognized visitation pattern; and authenticate, based at least in part on the determination, the customer for performing a transaction at the financial institution location.
    Type: Grant
    Filed: April 11, 2014
    Date of Patent: November 6, 2018
    Assignee: Bank of America Corporation
    Inventors: David M. Grigg, Richard Andrew Starbuck, Carrie Anne Hanson, Alicia C. Jones
  • Patent number: 10075550
    Abstract: A method of redirecting data streams exchanged by a mobile terminal associated with a “third-party” account, with a first telecommunications network. The method includes a prior stage including: the first network receiving from the mobile terminal a registration request, and recovering the profile of the third-party account; the first network sending a DNS request including a “redirection” access point name; the DNS system responding by supplying the IP address of a “stream redirection” server; the first network setting up a tunnel between the server and the mobile terminal, by providing the server with at least one identifier of the third-party account; the server supplying a second telecommunications network with which the user of the mobile terminal holds a personal account that is distinct from the third-party account, with at least one identifier of the personal account; and the stream redirection server setting up a tunnel with the second network.
    Type: Grant
    Filed: January 6, 2016
    Date of Patent: September 11, 2018
    Assignee: ORANGE
    Inventors: Cedric Bonnet, Marc Balon
  • Patent number: 10063379
    Abstract: A central service provider manages and writes transaction details to a private block chain network. Blocks of transaction records written onto the block chain by the central service provider are distributed to members of the block chain, thereby enabling data resiliency and self-verifiability. As the full block chain is available to members of the block chain network, the central service provider also ensures the privacy of transaction details by providing an assembled header and encrypted block of transaction records that are generated using a combination of symmetric and asymmetric cryptographic techniques. Altogether, the full block chain network is distributed across members of the block chain, but the members can only access and read transaction details in the block chain that they are authorized to view.
    Type: Grant
    Filed: June 16, 2017
    Date of Patent: August 28, 2018
    Assignee: THE BANK OF NEW YORK MELLON
    Inventors: Sarthak Pattanaik, Vadim Pertsovskiy
  • Patent number: 9892407
    Abstract: There is disclosed a method and system for verifying an identity of a user to a computer system. The user is assigned a user access code in the form of an invariant string of integers from 0 to 9, with length no greater than ten. The user access code is stored in the computer system; the computer system generates a ten-digit random or pseudo-random non-repeating string of the integers 0 to 9, the string having 1st to 10th positions each with a unique integer and having respective positional values 1 to 10; and the computer system performs a predetermined algorithm to combine the user access code and the random or pseudo-random string, thereby to determine a one-time verification code in the form of a string of the same length as the user access code.
    Type: Grant
    Filed: April 29, 2013
    Date of Patent: February 13, 2018
    Assignee: Swivel Secure Limited
    Inventor: Chris Russell
  • Patent number: 9819656
    Abstract: Data may be protected using a combination of symmetric and asymmetric cryptography. A symmetric key may be generated and the data may be encrypted with the symmetric key. The symmetric key and a only a portion of the symmetrically encrypted data may then be encrypted with an asymmetric public key. The entire set of encrypted data, including the asymmetrically encrypted symmetric key, the doubly encrypted portion of data, and the remainder of the symmetrically encrypted data may then be sent to a remote device using insecure communications.
    Type: Grant
    Filed: May 9, 2014
    Date of Patent: November 14, 2017
    Assignee: SONY INTERACTIVE ENTERTAINMENT INC.
    Inventor: Jay Alan Carlson
  • Patent number: 9787860
    Abstract: When a near field communication (NFC) function is set to be enabled, an information processing apparatus starts, upon startup, an operation in a direct wireless communication mode. When the NFC function is set to be disabled, the information processing apparatus starts an operation in the direct wireless communication mode in response to an external operation instruction.
    Type: Grant
    Filed: February 24, 2016
    Date of Patent: October 10, 2017
    Assignee: Canon Kabushiki Kaisha
    Inventors: Takashi Okazawa, Masamichi Tanji
  • Patent number: 9754126
    Abstract: A prompt for input data in a user interface (UI) is detected. An input window to receive the input data is presented, and the input data is received via the input window. The input data is encrypted by the input window, and the encrypted data is stored to a memory. A copy of the stored encrypted data is forwarded to a server device. In one example, portions of the encrypted data may be forwarded to the server device in separate transmissions.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: September 5, 2017
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: Michael Gellas
  • Patent number: 9711013
    Abstract: An automated teller machine is provided for processing a cash withdrawal request from a person having a payment card. The automated teller machine includes a microprocessor, a display connected to the microprocessor for displaying information thereon, an input device connected to the microprocessor for receiving an input from the person, and a card reader connected to the microprocessor for reading at least a card number, including a bank identifier, of the payment card presented by the person. The automated teller machine also includes a dispenser connected to the microprocessor for dispensing cash therefrom, at least one memory connected to the microprocessor for access by the microprocessor, and a plurality of bank identification numbers stored in the at least one memory. Each of the bank identification numbers is different from every other one of the bank identification numbers.
    Type: Grant
    Filed: February 2, 2017
    Date of Patent: July 18, 2017
    Assignee: Jarrett Enterprises, Inc.
    Inventor: Eric B. Johnston
  • Patent number: 9684783
    Abstract: A self-authentication device and method. The self-authentication device being for the user or owner of an electronic security device, wherein the self-authentication recovery device is separate from the security device and is configured for connecting to a computing device via a first communication link for authentication processing, preferably for authentication and recovery processing.
    Type: Grant
    Filed: May 16, 2014
    Date of Patent: June 20, 2017
    Assignee: FAST AND SAFE TECHNOLOGY PRIVATE LIMITED
    Inventor: Hsiang Ke Desmond Hsu
  • Patent number: 9661101
    Abstract: A transmitting terminal can transmit a content held by itself to a specific receiving terminal having no email software as if using a mailer. The transmitting terminal (10) and the receiving terminal (20) are connected to a delivery server (30) via a network (4). The delivery server (30) comprises: a database (36) for registering the device ID that specifies the receiving terminal (20); a content storage (39) for temporarily storing a content transmitted from the transmitting terminal (10); and table (33, 37) for managing contents separately on a per device ID basis of the receiving terminal. The delivery server (30), when receiving a request from the receiving terminal (20), refers to the tables (33, 27) and transmits to the receiving terminal (20) a content, the transmission destination of which corresponds to the device ID of the receiving terminal (20).
    Type: Grant
    Filed: February 28, 2016
    Date of Patent: May 23, 2017
    Assignee: Hitachi Maxell, Ltd.
    Inventors: Hiroki Mizosoe, Junji Shiokawa, Kazuto Yoneyama, Kunihiro Nomura, Masaaki Hiramatsu, Yasuhisa Mori, Takashi Yoshimaru, Kazuaki Aoyama, Tomomu Ishikawa, Yo Miyamoto
  • Patent number: 9647847
    Abstract: Various techniques are described to protect secrets held by closed computing devices. In an ecosystem where devices operate and are offered a wide range of services from a service provider, the service provider may want to prevent users from sharing services between devices. In order to guarantee that services are not shared between devices, each device can be manufactured with a different set of secrets such as per device identifiers. Unscrupulous individuals may try to gain access to the secrets and transfer secrets from one device to another. In order to prevent this type of attack, each closed computing system can be manufactured to include a protected memory location that is tied to the device.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: May 9, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Sebastian Lange, Victor Tan, Adam G. Poulos
  • Patent number: 9635032
    Abstract: A method and system for determining unauthorized account access is provided. The method includes receiving a username of a user and a passcode for access to a secure account or device belonging to a user. The passcode is determined to be incorrect. Unauthorized access attempts with respect to the secure account or the device are determined based on based on the incorrect passcode and in response, a quality factor associated with the incorrect passcode with respect to the secure account or device is determined. The quality factor is compared to a threshold value. Security functions associated with the secure account or device with respect to the incorrect passcode and the results of the comparison are performed based on the quality factor and the unauthorized access attempts.
    Type: Grant
    Filed: June 17, 2016
    Date of Patent: April 25, 2017
    Assignee: International Business Machines Corporation
    Inventors: Micah M. Cross, Sharan J. Patel
  • Patent number: 9595026
    Abstract: A banking system operates responsive to data read from data bearing records. The system includes an automated banking machine comprising a card reader. The card reader includes a movable read head that can read card data along a magnetic stripe of a card that was inserted long-edge first. The card reader includes a card entry gate. The gate is opened for a card that is determined to be properly oriented for data reading. The card reader can encrypt card data, including account data. The machine also includes a PIN keypad. The card reader can send encrypted card data to the keypad. The keypad can decipher the encrypted card data. The keypad can encrypt both deciphered card data and a received user PIN. The card data and the PIN are usable by the machine to authorize a user to carry out a financial transfer involving the account.
    Type: Grant
    Filed: June 21, 2016
    Date of Patent: March 14, 2017
    Assignee: Diebold Self-Service Systems Division of Diebold, Incorporated
    Inventors: David Lewis, Jeffery Enright, Natarajan Ramachandran, Mark A. Douglass, Timothy Crews, Songtao Ma, Randall W. Jenkins, H. Thomas Graef, Sathish M. Irudayam, Klaus Steinbach
  • Patent number: 9491170
    Abstract: Methods, systems, and computer-readable media for authenticating customers of an organization and managing authenticated sessions of various customers are presented. Some aspects of the disclosure provide ways for a customer of an organization to authenticate using a mobile computing device, such as the customer's personal mobile device, when interacting with the organization in various contexts, such as when accessing an automated transaction device or when interacting with an agent of the organization during an in-person session or during a teleconference session. In some arrangements, the customer's authentication status, which may be established on the mobile computing device and which, in some instances, may be verified based on the location of the mobile computing device, may be carried over from the mobile computing device to another computing device or system, such as an automated transaction device or a teller terminal device, which may be used by an agent of the organization.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: November 8, 2016
    Assignee: Bank of America Corporation
    Inventor: Mark A. Pender
  • Patent number: 9471918
    Abstract: A method and system is provided for establishing credit on an automatic vending machine or vending device. A currency amount or a number of credits is established on a vending device in order to obtain a product, service or access time from a vending device using a cellular telephone, or other personal wireless communication device. The personal wireless communication device activates an applet, which may be downloaded at the site, to establish a link with a vending machine universal wireless interface coupled to the vending machine device controller and also establishes a link with a remote server for authorizing credit for a vending transaction, which allows the vending transaction to take place.
    Type: Grant
    Filed: December 18, 2009
    Date of Patent: October 18, 2016
    Assignee: Coin Free, LLC
    Inventors: Richard L. Krampe, Neal J. Peacock
  • Patent number: 9467443
    Abstract: An authentication system utilizes dynamic passcode from a user-defined formula based on a changing parameter value. The changing parameter is publicly accessible through the communication network and has a current value that is periodically updated, such as a stock value, temperature at a specific location, or a sports score. The user-defined formula is based on the changing parameter in order to derive a passcode which authenticates a user to an associated user account. As referred to herein, the user-defined formula is a mathematical formula in which the changing parameter is one variable (e.g., [changing parameter value]+1). Some formulas include more than one changing parameter.
    Type: Grant
    Filed: August 26, 2014
    Date of Patent: October 11, 2016
    Inventor: Ram Balasubramaniam Mohan
  • Patent number: 9406065
    Abstract: Embodiments are directed to token management. Embodiments initiate presentation of a digital wallet management interface including initiating presentation of a digital wallet; initiating presentation of an original token associated with the digital wallet; initiating presentation of a toggle switch comprising a first position and a second position and associated with the original token and configured for graphical manipulation by the user between the first position and the second position, wherein the first position corresponds to the original token being available for use as a payment credential; and where the second position corresponds to the original token being unavailable for use as a payment credential.
    Type: Grant
    Filed: March 4, 2014
    Date of Patent: August 2, 2016
    Assignee: Bank of America Corporation
    Inventors: Laura Corinne Bondesen, Jason P. Blackhurst, Scott Lee Harkey, William Blakely Belchee, Tammy L. Brunswig
  • Patent number: 9342701
    Abstract: The present invention relates to digital rights management (DRM) for content that downloaded and saved to a storage device. The storage may be a disk drive, or network attached storage. In addition, the storage device performs cryptographic operations and provides a root of trust. The DRM employs a binding key, a content key, and an access key. The binding key binds the content to a specific storage and is based on a key that is concealed on the storage. The binding key is not stored on the storage device with the content. The content key is a key that has been assigned to the content. The access key is determined based on a cryptographic combination of the content key and the binding key. In one embodiment, the content is provisioned based on the access key and stored in encrypted form in the storage device.
    Type: Grant
    Filed: August 20, 2014
    Date of Patent: May 17, 2016
    Assignee: Western Digital Technologies, Inc.
    Inventors: David L. Blankenbeckler, Danny O. Ybarra, Lambertus Hesselink
  • Patent number: 9324076
    Abstract: A user may select or create a PIN at a non-secure input device, such as a web-enabled personal computer. PINs are stored at a financial host in encrypted form, as PIN offsets. The user selected PIN and a corresponding account number are sent in clear text form to the host, which selects a base PIN offset corresponding to the PIN. A host security module within the host converts the base PIN offset to an actual PIN offset using the actual account number. The actual PIN offset (corresponding to the new PIN and the account number) is then stored at the financial host.
    Type: Grant
    Filed: June 2, 2006
    Date of Patent: April 26, 2016
    Assignee: First Data Corporation
    Inventors: Robert E. Dravenstott, Brian Krzeminski, Laurence Martinez
  • Patent number: 9305172
    Abstract: Disclosed are systems and methods of employing a multi-ring encryption approach to secure a data payload. Each ring of encryption may be encrypted from a key derived from a password, such that each subsequent ring of protection is protected by a key derived from the key used to encrypt the previous ring of protection. Further, hardware-based encryption may be employed in one or more of the rings of protection to bind the encrypted payload to the hardware. Such systems and methods may be used to reduce the ability to parallelize an attack on encrypted data while also permitting password-related data to be synchronized across a network.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: April 5, 2016
    Assignee: McAfee, Inc.
    Inventor: David Webb
  • Patent number: 9232410
    Abstract: The present invention is a zero-configuration system including a registration server connecting (via the Internet) to a network terminal device through a network connection device, and a first network device located in a local area network same as the two devices and having a first identification name and a set of configuration values, wherein the registration server stores the first identification name corresponding to a user information. The network terminal device can login to the registration server by using the user information, and then scan the local area network and, when detecting a second network device having a second identification name not yet stored in the registration server, automatically receive the first identification name from the registration server, obtain the configuration values from the first network device, and configure the second network device according to the configuration values, so as to automatically connect to and access the second network device.
    Type: Grant
    Filed: October 19, 2012
    Date of Patent: January 5, 2016
    Assignee: D-LINK CORPORATION
    Inventors: Sheng-Jie Syu, Pai-Huan Wang, Chiao-Yu Yang
  • Patent number: 9223949
    Abstract: The invention relates to generating and using secure transformable passwords. In one example, a user grants a third party access to an online account at a host server, and the user requests a transformed password from the host server. The host server associates an encryption key with the third party and generates a transformed password using the user's online account password and the encryption key. The user transmits the transformed password to the third party which may use the transformed password to access the online account. The host server generates a second transformed password and compares it to the password information received from the third party. If the received password information and the second transformed password are identical, access is granted. The invention also includes methods for invalidating the transformed passwords by changing the encryption keys to an invalid state.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: December 29, 2015
    Assignee: Google Inc.
    Inventor: Philo Juang
  • Patent number: 9197627
    Abstract: Leveraging a persistent connection to provide a client access to a secured service may include establishing a persistent connection with a client in response to a first request from the client, and brokering a connection between the client and a secured service based on a second request from the client by leveraging the persistent connection with the client. The brokering may occur before the client attempts to connect to the secured service directly and the connection may be established between the client and the secured service without provision by the client of authentication information duplicative or additional to authentication information provided by the client to establish the persistent connection.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: November 24, 2015
    Assignee: FACEBOOK, INC.
    Inventor: Robert Bruce Hirsh
  • Patent number: 9123042
    Abstract: Systems and methods for performing token transactions are provided. In one embodiment, the invention provides for processing token transactions, including receiving an encrypted password for a debit card transaction, wherein the password was secured using encrypted debit-card information, decrypting the password using encrypted debit-card information for the debit card, recreating the password using actual debit-card information for the debit card, and forwarding the recreated password for subsequent transaction processing. The invention is suitable for implementation with other types of tokens in addition to debit-card tokens as well. The invention can be implemented in a scenario where the password includes a PIN block that is created by combining a clear or encrypted PIN for the token with token information.
    Type: Grant
    Filed: August 16, 2007
    Date of Patent: September 1, 2015
    Assignee: VeriFone, Inc.
    Inventors: Clay von Mueller, Scott R. Yale, Paul Catinella
  • Patent number: 9071428
    Abstract: Provided are methods, systems, and devices for preventing hardware piracy.
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: June 30, 2015
    Assignee: University of Connecticut
    Inventors: Mohammad Tehranipoor, Nicholas Tuzzio
  • Publication number: 20150134540
    Abstract: Systems and methods are provided for facilitating contactless payment using cloud-based wallet containing payment credentials (e.g. Visa, Mastercard, American Express) using a near field communication (NFC)-capable device and payment gateway servers. A user can use their existing payment card, herein referred to as a funding card, for contactless payments. A second payment card, herein referred to as a virtual card, is generated. The virtual card is associated with the funding card on a payment gateway server. The virtual card is used on a NFC-enabled mobile device. When a payment is initiated, the virtual card data is sent through the NFC system from a point of sale terminal. This information is sent to the payment gateway server, which retrieves the funding card to make the payment. The funding card, not the virtual card, is used to transfer the money to make payment.
    Type: Application
    Filed: April 16, 2013
    Publication date: May 14, 2015
    Inventors: Simon Law, Michael Shvartsman, Pierre Antoine Roberge, Peter Thien Duong
  • Publication number: 20150134539
    Abstract: A system and method for processing POS payment transactions via mobile devices is described. Encrypted first identification information is received from a merchant mobile device. Encrypted second identification information is received from a cardholder mobile device. A determination is made regarding whether the encrypted first identification information and the encrypted second identification information are associated with one another. In response to a determination that the determination that the encrypted first identification information and the encrypted second identification information are associated with one another, the encrypted first identification information and the encrypted second identification information are decrypted. The POS payment transaction is processed based on the decrypted first and second identification information.
    Type: Application
    Filed: November 12, 2013
    Publication date: May 14, 2015
    Inventor: Shashi Kapur
  • Publication number: 20150134541
    Abstract: The invention provides a chip-and-PIN reader device, which includes a slot for a chip card and a plurality of keys including numeric keys 0-9 and possibly an enter key and a restart key. The enter key is used to indicate to the device that the PIN has been fully entered and the restart key is used to indicate to the device that a mistake has been made in entering the PIN and that the PIN is to be re-entered. A set of electrodes is provided for making contact with corresponding electrodes on the chip card. A reading means connected to the set of electrodes reads the entered PIN and the card-number data stored on the chip. A comparing means compares the PIN entered by the user with the PIN stored on the chip and provides a signal indicative of a wrong entered PIN. A restart means is provided, which allows the PIN to be re-entered.
    Type: Application
    Filed: April 22, 2013
    Publication date: May 14, 2015
    Inventors: Jeffrey Moss Woolf, David Paul Ingram, Daniel Maurice Wagner
  • Publication number: 20150134542
    Abstract: Certain exemplary embodiments relate to techniques for processing PIN-inclusive transactions in connection with an electronic device or terminal, e.g., where PIN code encryption keys are not necessarily stored on the electronic device or terminal, and/or where payment instrument data is maintained in a separate system from PIN code data at least until certain elements are combined in a highly secure system for submission to an electronic funds transfer network. One or more separate or physically separated systems may be used in this regard, e.g., taking advantage of more prevalent computer networks such as the Internet. Similarly, the ability to provide less expensive terminals or electronic devices at a point-of-sale, point-of-purchase, etc., may be advantageous. The interchange rate is not necessarily driven up in certain example instances.
    Type: Application
    Filed: September 9, 2014
    Publication date: May 14, 2015
    Inventor: Robert R. DYKES
  • Patent number: 9031880
    Abstract: Facilitating transactions using non-traditional devices and biometric data to activate a transaction device is disclosed. A transaction request is formed at a non-traditional device, and communicated to a reader, wherein the non-traditional device may be configured with an RFID device. The RFID device is not operable until a biometric voice analysis has been executed to verify that the carrier of the RFID equipped non-traditional device is the true owner of account information stored thereon. The non-traditional device provides a conduit between a user and a verification system to perform biometric voice analysis of the user. When the verification system has determined that the user is the true owner of one or more accounts stored at the verification system, a purchase transaction is facilitated between the verification system. Transactions may further be carried out through a non-RF device such as a cellular telephone in direct communication with an acquirer/issuer or payment processor.
    Type: Grant
    Filed: October 25, 2006
    Date of Patent: May 12, 2015
    Assignee: III Holdings 1, LLC
    Inventors: Fred Bishop, Peter D Saunders
  • Publication number: 20150127555
    Abstract: The Electronic Payment Anti-Fraudulent System through Real-Time Phone based Verification Code is introduced to provide a method or a mechanism to secure the online payments and transactions for both registered online buyers and electronic merchants; this is mainly performed through 2 major sub methods: 1. Identity and Payment Card Owner Ship Verification. 2. Real-Time approval and verification for every online payment or transaction.
    Type: Application
    Filed: January 14, 2015
    Publication date: May 7, 2015
    Inventor: Maen Rajab QTEISHAT
  • Publication number: 20150127553
    Abstract: An intelligent payment card and a method for performing a financial transaction using the payment card are disclosed. The payment card includes inter-alia a biometric sensor, an input module, and a display screen. The payment card is activated when a primary user successfully authenticates himself by the way of providing valid finger print(s) to the biometric sensor of the payment card. The payment card is removably embedded with criteria that dictate at least a maximum transaction amount, maximum number of transactions to be performed on the card and maximum threshold time for completing a transaction. The payment card also includes a processor unit which compares the authorization code input by the user with a unique identification number stored within the payment card, and upon successful authentication enables the user to perform desired financial transaction and also ensures that the removably embedded criteria are not violated during the financial transaction.
    Type: Application
    Filed: May 28, 2013
    Publication date: May 7, 2015
    Inventors: MOHAN SUNDARAM, NEERAJ GUPTA
  • Patent number: RE45532
    Abstract: A Virtual Single Account (VSA) system and method that provides a mobile user with automatic authentication and connection to a remote network via local access networks with a single password, where the local access networks may be independent of the remote network. A mobile user has a single authentication credential for one VSA that is utilized by a VSA client installed on a mobile computing device. The VSA client provides for automatically authenticating and connecting the user's mobile device to a current local access network, and the target remote network such as the user's office network. All authentication credentials are encrypted using a key generated from the user's VSA password that is generated from the user's single password. The VSA client derives the key from the submitted VSA password and decrypts all authentication credentials that are required in order to connect the mobile device to the current local access network and thereafter to the office network.
    Type: Grant
    Filed: April 1, 2014
    Date of Patent: May 26, 2015
    Assignee: AT&T INTELLECTUAL PROPERTY II, L.P.
    Inventors: Paul Shala Henry, Zhimei Jiang, Hui Luo, Frederick Kenneth Schmidt
  • Patent number: RE47533
    Abstract: A method and system of securing account is provided. When a client computer requests access to an account accessible via a server, the server determines a MAC address associated with the client computer and compares it to a MAC address associated with the account. If the MAC address of the client computer is not the same as the MAC address associated with the account, the server initially denies access to the client computer, but may allow access after verification of the client computer by the user associated with the account.
    Type: Grant
    Filed: May 24, 2017
    Date of Patent: July 23, 2019
    Assignee: AAA Internet Publishing Inc.
    Inventor: Rob Bartlett