Intelligent Token Patents (Class 713/172)
  • Patent number: 11915235
    Abstract: Systems and methods for interoperable network token processing are provided. A network token system provides a platform that can be leveraged by external entities (e.g., third party wallets, e-commerce merchants, payment enablers/payment service providers, etc.) or internal payment processing network systems that have the need to use the tokens to facilitate payment transactions. A token registry vault can provide interfaces for various token requestors (e.g., mobile device, issuers, merchants, mobile wallet providers, etc.), merchants, acquirers, issuers, and payment processing network systems to request generation, use and management of tokens. The network token system further provides services such as card registration, token generation, token issuance, token authentication and activation, token exchange, and token life-cycle management.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: February 27, 2024
    Assignee: Visa International Service Association
    Inventors: Matthew Dill, Prasanna L. Narayan, Glenn Powell, John Sheets, Andrew Carpenter
  • Patent number: 11895247
    Abstract: A system and method for a distributed security model that may be used to achieve one or more of the following: authenticate system components; securely transport messages between system components; establish a secure communications channel over a constrained link; authenticate message content; authorize actions; and distribute authorizations and configuration data amongst users' system components in a device-as-a-key system.
    Type: Grant
    Filed: September 2, 2020
    Date of Patent: February 6, 2024
    Assignee: DENSO CORPORATION
    Inventors: Eric John Smith, Raymond Michael Stitt, David Stuckless Meyer, Brian Ensink
  • Patent number: 11895491
    Abstract: A method and system for provisioning access data in a second application on a mobile device using a first application on the mobile device. Authentication data may be input into the first application, and an authentication code may be requested from a remote server. After the authentication code is received by the first application in the mobile device, it can pass the authentication code to a second application that initiates an access data provisioning process.
    Type: Grant
    Filed: August 28, 2020
    Date of Patent: February 6, 2024
    Assignee: Visa International Service Association
    Inventors: Glenn Powell, John F. Sheets
  • Patent number: 11895095
    Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authenticate device identity and authorize exchanges of data in real-time based on dynamically generated cryptographic data. For example, an apparatus may receive a first signal that includes a first cryptogram associated with a client device, and may perform operations that authenticate an identity of the client device based on a comparison of the received first cryptogram and a second cryptogram generated by a computing system associated with an application program executed by the client device. In response to the authenticated identity, the apparatus may load profile data associated with the client device from a storage unit, and perform operations consistent with the profile data in accordance with the authenticated identity.
    Type: Grant
    Filed: July 21, 2021
    Date of Patent: February 6, 2024
    Assignee: The Toronto-Dominion Bank
    Inventors: Dino Paul D'Agostino, Perry Aaron Jones Haldenby, Dean C. N. Tseretopoulos, Jeffrey Aaron Ecker, Adam Douglas McPhee, Milos Dunjic, John Jong-Suk Lee, Arun Victor Jagga
  • Patent number: 11886571
    Abstract: An entity may generate digital account credentials when a new account is approved for generation by an authorizing entity that controls or issues new accounts. A user may contact an authorizing entity to open a new account with the authorizing entity. The authorizing entity may authenticate the user and may approve a new account to be generated for the user. The user may wish to conduct transactions immediately upon approval. However, the authorizing entity may not immediately generate a physical identification device along with an actual account identifier associated with the new account. An intermediary entity may generate digital account credentials for the new account immediately after the authorizing entity approves generation of the new account, provide the digital account credentials to the account holder, and process transactions using the digital account credentials.
    Type: Grant
    Filed: August 24, 2021
    Date of Patent: January 30, 2024
    Assignee: Visa International Service Association
    Inventors: Shoon Ping Wong, Justin Monk
  • Patent number: 11868274
    Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a secure zone configured to store keys and an unscrambled zone configured to operate on unscrambled data. The processor can convert the scrambled data into the unscrambled data in the unscrambled zone using the keys retrieved from the secure zone in response to execution of instructions configured to operate on the unscrambled data. Another processor may also be coupled with the memory, but can be prevented from accessing the unscrambled data in the unscrambled zone.
    Type: Grant
    Filed: June 8, 2021
    Date of Patent: January 9, 2024
    Assignee: Lodestar Licensing Group LLC
    Inventor: Steven Jeffrey Wallach
  • Patent number: 11868278
    Abstract: Embodiments are provided for protecting boot block space in a memory device. Such a memory device may include a memory array having a protected portion and a serial interface controller. The memory device may have a register that enables or disables access to the portion when data indicating whether to enable or disable access to the portion is written into the register via a serial data in (SI) input.
    Type: Grant
    Filed: February 24, 2022
    Date of Patent: January 9, 2024
    Inventor: Theodore T. Pekny
  • Patent number: 11863554
    Abstract: Systems and methods as provided herein may create a biometric model associated with a user. The created biometric model may be used to generate challenges that are presented to the user for authentication purposes. A user response to the challenge may be compared to an expected response, and if the user response matches within a predetermined error of the expected response, the user may be authenticated. The systems and methods may further generate challenges that are adaptively designed to address weaknesses or errors in the created model such that the model is more closely associated with a user and the user is more likely to be the only person capable of successfully responding to the generated challenges.
    Type: Grant
    Filed: April 12, 2022
    Date of Patent: January 2, 2024
    Assignee: PayPal, Inc.
    Inventor: Bjorn Markus Jakobsson
  • Patent number: 11853560
    Abstract: Example implementations can involve a system, which can involve a server configured to distribute role decision condition expressions created based on user input to one or more storage devices; and the one or more storage devices, which can involve a processor, configured to, for receipt of a request, determine user identification information, request source environment information and requested contents from the request; determine a role from the role decision condition expressions based on the user identification information and request source environment information; and determine whether or not the request can be executed based on the role.
    Type: Grant
    Filed: August 13, 2021
    Date of Patent: December 26, 2023
    Assignee: HITACHI, LTD.
    Inventor: Hiroyuki Osaki
  • Patent number: 11842803
    Abstract: In various embodiments, authentication stations are distributed within a facility, particularly in spaces where mobile devices are predominantly used—e.g., a hospital's emergency department. Each such station includes a series of authentication devices. Mobile device may run applications for locating the nearest such station and, in some embodiments, pair wirelessly with the station so that authentication thereon will accord a user access to the desired resource via a mobile device.
    Type: Grant
    Filed: April 4, 2022
    Date of Patent: December 12, 2023
    Assignee: Imprivata, Inc.
    Inventor: Meinhard Dieter Ullrich
  • Patent number: 11842296
    Abstract: A method includes receiving a communication identifying a remote database and a first value stored in the remote database that is being transferred to a first entity by a second entity. That first value is capable of being modified by the second entity. Modification of the first value stored in the remote database by the second entity is prevented by identifying an application programming interface allowing operations to be performed on the remote database, and using that API to transfer the first value so as to be associated with one or more other identifiers unknown to the second entity. After modification of the first value stored by the second entity is prevented, a transfer of a second value to a database record associated with the second entity is triggered. Related systems and applications of the method and those systems are also disclosed.
    Type: Grant
    Filed: July 14, 2022
    Date of Patent: December 12, 2023
    Assignee: The Toronto-Dominion Bank
    Inventor: Michael Pronski
  • Patent number: 11838284
    Abstract: This disclosure describes techniques for implementing a Single-sign-On Domain-Agnostic Proof-of-Possession (SODA-POP) token (or access token) to solve generation of multiple POPs for authentication of multiple domains that may belong to a single mobile network operator (MNO). The access token may be implemented by a JSON Web Token (JWT) that includes a map of key-value pairs as confirmation claims. The key-value pairs may include multiple domains/sub-domains and their corresponding public keys. These key-value pairs may be registered and added in the confirmation claims to automatically authenticate each one of the domains to access a corresponding service provider. To register a new domain, the new domain redirects a request back to an already registered domain, which updates the access token and then redirects the request back to the new domain. After registration, the updated access token may be used to access services at all registered domains without further reauthentication.
    Type: Grant
    Filed: February 2, 2021
    Date of Patent: December 5, 2023
    Assignee: T-Mobile USA, Inc.
    Inventor: Kendrick Burson
  • Patent number: 11838408
    Abstract: A disclosed method for managing encryption keys, which may be performed by a key management server, responds to receiving, from a first client, a request to create a new key for a self-encrypting drive (SED) associated with the first client by retrieving unique identifiers of the first client and the SED, generating and storing the new key and a corresponding key identifier (KeyID), and associating the unique identifiers of the SED and first client with the new key. Upon receiving, from a second client, a locate key request that includes the SED identifier, providing the new key, the KeyID, and the first client identifier to the second client. Associating the SED and first client identifiers with the new key may include adding the identifiers as attributes of the KeyID. Embodiments may be implemented in accordance with a key management interoperability protocol (KMIP) standard.
    Type: Grant
    Filed: April 28, 2021
    Date of Patent: December 5, 2023
    Assignee: Dell Products L.P.
    Inventors: Karthik Arunachalam, Vigneswaran Ponnusamy, Karthikeyan Rajagopalan, Sanjeev Dambal, Kumaran Palaniappan Thangavelu
  • Patent number: 11838422
    Abstract: A user authentication method performed in an unmanned delivery system including a server, a buyer customer device, a deliveryman customer device, and an autonomous delivery vehicle includes: generating, by the server, a session key based on order information received from the buyer customer device, and transmitting the generated session key to the deliveryman customer device and the buyer customer device; generating, by the deliveryman customer device, a One-Time Password (OTP) based on the session key; applying, by the deliveryman customer device as a first application step, a hash function to the OTP a first predetermined number of times; additionally applying, by the deliveryman customer device as a second application step, the hash function to the OTP generated in the first application step a second predetermined number of times; and generating, by the deliveryman customer device, a first Quick Response (QR) code based on the OTP generated in the second application step.
    Type: Grant
    Filed: February 15, 2023
    Date of Patent: December 5, 2023
    Assignee: RESEARCH COOPERATION FOUNDATION OF YEUNGNAM UNIVERSITY
    Inventors: Seung Yeob Nam, Yu Na Park, Seong Eun Yang
  • Patent number: 11829996
    Abstract: Described is a hybrid centralized-decentralized system for managing data and token transactions among a decentralized group of stakeholders. The system uses a blockchain architecture to maintain secure identities for the stakeholders, as well as allow any stakeholder to perform a data or token transaction with another stakeholder. A central organization manages a central application and a data exchange. The central application manages profile data from users and interaction data for users with developer applications, and provides it to the data exchange. The data exchange organizes and packages the data, and may provide it to other stakeholder for analysis.
    Type: Grant
    Filed: April 25, 2019
    Date of Patent: November 28, 2023
    Assignee: PHUNWARE, INC.
    Inventors: Matthew Lindenberger, Luan Dang
  • Patent number: 11822840
    Abstract: An inspection apparatus that performs quality inspection on a printed matter printed by a printer using a reference image and a scanned image of the printed matter. When inspecting the quality of the printed matter, selection is performed as to which to use as the reference image, a pre-printed image for use in printing the printed matter, or the scanned image. In a case where a difference is detected as a result of comparison between the pre-printed image and the scanned image, a reference image selection screen including the pre-printed image and the scanned image is displayed. A user input is received concerning whether or not the detected difference is a defect. The reference image is selected based on the received user input.
    Type: Grant
    Filed: September 7, 2022
    Date of Patent: November 21, 2023
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Ryo Fujita
  • Patent number: 11818278
    Abstract: The disclosure provides an approach for certificate management for cryptographic agility. Embodiments include receiving, by a cryptographic agility system, a cryptographic request related to an application. Embodiments include selecting, by the cryptographic agility system, a cryptographic technique based on contextual information associated with the cryptographic request. Embodiments include determining, by the cryptographic agility system, based on the cryptographic request, a certificate for authenticating a key related to the cryptographic technique. Embodiments include providing, by the cryptographic agility system, the certificate to an endpoint related to the cryptographic request for use in authenticating the key.
    Type: Grant
    Filed: July 26, 2021
    Date of Patent: November 14, 2023
    Assignee: VMWARE, INC.
    Inventors: Marc Wayne Brotherson, Mark Benson, Daniel James Beveridge, Sean Huntley, Akeem Jenkins, David Ott
  • Patent number: 11811748
    Abstract: A computer-implemented method is disclosed. The method includes: receiving, via a communication interface from a client application executing on a first device, a first signal including a request to obtain an access token for accessing a protected resource, the request including a public key associated with an end user; validating the request to obtain the access token; and in response to validating the request: encrypting an authorization code associated with the request using the public key to generate a first code; and transmitting, via the communication interface to the client application on the first device, a second signal including both the access token for accessing the protected resource and the first code.
    Type: Grant
    Filed: July 28, 2021
    Date of Patent: November 7, 2023
    Assignee: The Toronto-Dominion Bank
    Inventors: Milos Dunjic, Anthony Haituyen Nguyen, Yubing Liu, Arthur Carroll Chow, Casey Lyn Doyle, Richard John Frederick Thake, Mengfei Wang, Aaron Ashish Hudali, Gregory Albert Kliewer, Martin Albert Lozon, Yusbel Garcia Diaz, Gareth Daly, Masashi Kobayashi, Randall John Bast
  • Patent number: 11809611
    Abstract: The present disclosure relates to devices and methods for protecting data from physical attacks. The devices and methods may establish an encryption protocol to encrypt data transmitted over a bus to one or more removable devices in communication with a computer device. The devices and methods may use the encryption protocol to communicate with the removal devices and perform storage requests at the removal devices. The devices and methods may also perform another layer of encryption on the data stored at the removal devices using a data at rest key stored on the removal devices.
    Type: Grant
    Filed: February 24, 2020
    Date of Patent: November 7, 2023
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Gerardo Diaz-Cuellar, Venkata Subrahmanyam Raman
  • Patent number: 11797969
    Abstract: A computer-implemented system and method that includes receiving, by a messaging hub, a code and a transaction amount from a recipient and determining, by the messaging hub, based at least partially on the code, an account number for a credit card held by a user. The system and method may include receiving, by the messaging hub, funds equaling the transaction amount from the credit card and depositing the funds in an account held by the messaging hub, the funds being received via a four-party credit card transaction in which the messaging hub operates as a merchant and sending the funds from the account held by the messaging hub to an account held by the recipient.
    Type: Grant
    Filed: February 25, 2020
    Date of Patent: October 24, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventors: Stephen M. Ellis, Michael J. Kennedy, Ashish Bhoopen Kurani, Melissa Lowry, Uma Meyyappan, Bipin Sahni, Nikolai Stroke
  • Patent number: 11797989
    Abstract: Systems and methods are provided for verifying recurring transactions to payment accounts. One exemplary method includes initially receiving an authorization request for a transaction to a payment account and involving a merchant, where the authorization request includes a recurring payment indicator. The method also generally includes transmitting, by at least one computing device, a verification request to a consumer associated with the payment account, and inhibiting, by the at least one computing device, at least one or authorization or clearing of the transaction until a verification of the transaction, based on a direction from the consumer, is recognized, whereby the consumer is able to verify the transaction before the transaction is cleared.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: October 24, 2023
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventor: Brian Vienravee
  • Patent number: 11792009
    Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for generation of dynamic authentication tokens for use in system-to-system transaction authorization and user identity verification. The system utilizes user biometric data to generate unique authentication tokens which are customized to a particular user. Furthermore, the system rotates not only the encryption algorithms used, but also the datasets being encrypted in order to provide a high level of security such that even if a user's biometric data was compromised, it would be highly unlikely that an attacker would be able to recreate the authentication token stemming from said biometric data at any given point in time. The system eliminates the need for user-provided authentication credentials and provides a more secure and more efficient method of authenticating data exchange between multiple systems or applications.
    Type: Grant
    Filed: June 14, 2021
    Date of Patent: October 17, 2023
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Joseph Benjamin Castinado, Brandon Ingram, Naoll Addisu Merdassa, Kevin Graham Robberts, Ann Ta
  • Patent number: 11782621
    Abstract: A data storage device 100 comprising: a non-volatile storage medium 108 configured to store user data 109; a data port 106 configured to transmit data and power between a host computer system 130 and the data storage device 100; a data access state indicator 140; and a controller 110 configured to: selectively set a data access state of the data storage device 100 to either: an unlocked state to enable access to the user data 109; or a locked state to disable access to the user data 109; and generate an indicator control signal to cause the data access state indicator 140 to indicate the data access state, wherein the data access state indicator 140 is configured to indicate the data access state irrespective of whether the data storage device 100 is powered through the data port 106.
    Type: Grant
    Filed: June 30, 2021
    Date of Patent: October 10, 2023
    Assignee: Western Digital Technologies, Inc.
    Inventor: Matthew Harris Klapman
  • Patent number: 11777930
    Abstract: A biometric token is generated for a user and provided to a user-operated device. A pre-staged transaction is defined by a user and the user supplies the token for association with the pre-staged transaction. Subsequently, a user visits a transaction terminal and a new candidate token is generated from biometric attributes of the user. The candidate token is matched to the token associated with pre-staged transaction to authenticate the user and the pre-staged transaction is processed at the transaction terminal as a completed transaction.
    Type: Grant
    Filed: October 14, 2022
    Date of Patent: October 3, 2023
    Assignee: NCR Corporation
    Inventors: Bruce McBain, Charlie Harrow, Husameldin M Ali Ibrahim
  • Patent number: 11770397
    Abstract: A method, including identifying, in network traffic during multiple periods, scans, each scan including an access of multiple ports on a given destination node by a given source node, and computing, for each given source in the scans, an average of destinations whose ports were accessed by the given source during any scan by the given source, and a fraction of periods when the given source accessed at least one of the destinations in at least one scan performed by the given source node. A whitelist is assembled sources for which one or more of the following conditions applies: the average of destinations accessed in the scans was greater than a first threshold, and the fraction of periods during which at least one destination was accessed in at least one scan was greater than a second threshold. Upon detecting a scan by any non-whitelisted node, a preventive action is initiated.
    Type: Grant
    Filed: September 2, 2021
    Date of Patent: September 26, 2023
    Assignee: PALO ALTO NETWORKS (ISRAEL ANALYTICS) LTD.
    Inventors: Yinnon Meshi, Idan Amit, Jonathan Allon, Aviad Meyer
  • Patent number: 11757864
    Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.
    Type: Grant
    Filed: February 2, 2021
    Date of Patent: September 12, 2023
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Darshak Thakore, Stuart Hoggan, Dave Belt, Amol Bhagwat
  • Patent number: 11736476
    Abstract: Embodiments disclosed herein generally related to a system and method of authenticating a user with a third party server. In one embodiment, a method is disclosed herein. A computing system receives, from a remote client device of the user, a token. The token includes personal identification information and a digitized file of a biometric captured by a biometric scanner. The computing system identifies via the personal identification information that the user has a user account. The computing system queries a database with the personal identification information and the digitized file to determine whether the biometric matches a stored biometric in the user account. Upon determining that the biometric matches the stored biometric, the computing system generates a message to be transmitted to the third party server that authenticates the user. The computing system transmits the message to the third party server.
    Type: Grant
    Filed: June 21, 2021
    Date of Patent: August 22, 2023
    Assignee: Capital One Services, LLC
    Inventors: Sophie Bermudez, Salik Shah
  • Patent number: 11715097
    Abstract: The CLOUD-BASED VIRTUAL WALLET NFC APPARATUSES, METHODS AND SYSTEMS (“EAE”) transform user enhanced security transaction initiation requests using EAE components into time-limited, session-specific transaction bounding tokens. In some implementations, the disclosure provides a processor-implemented method of transforming a transaction bounding token request into transaction bounded tokens and purchase authorizations.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: August 1, 2023
    Assignee: Visa International Service Association
    Inventor: Ayman Hammad
  • Patent number: 11704633
    Abstract: Systems and methods for transferring funds from an acquirer processor account to one or more financial accounts. The transferring of the funds can be directed by one or more settlement rules defined by a merchant.
    Type: Grant
    Filed: November 24, 2020
    Date of Patent: July 18, 2023
    Assignee: Worldpay, LLC
    Inventors: Thomas E. Rafferty, Bryan T. Bailey
  • Patent number: 11704432
    Abstract: An apparatus and method of protecting information by using a system on a chip (SoC) are discussed. The apparatus includes a SoC memory which is disposed in a predetermined SoC and includes a first region accessible only by a unit having an access right, and a hardware (HW) filter configured to monitor at least one unit attempting to access the SoC memory. When a unit without an access right attempts to access the first region, the HW filter can block access of the unit without the access right.
    Type: Grant
    Filed: September 4, 2019
    Date of Patent: July 18, 2023
    Assignee: LG ELECTRONICS INC.
    Inventor: Jae Yong Lee
  • Patent number: 11706256
    Abstract: A client application establishes a connection between the client application and an origin server over one or more networks. The application generates a request to establish a secure session with the origin server over the connection. The request includes information, in a header of the request, that flags traffic sent during the secure session to a network of the one or more networks as subject to one or more optimizations performed by the network. Subsequent to establishing the secure session, the application encrypts the traffic in accordance with the secure session and sends the traffic to the origin server over the connection, subject to the one or more optimizations. The infrastructure service applies the one or more optimizations to the traffic as it passes through the edge network to the origin server.
    Type: Grant
    Filed: June 14, 2021
    Date of Patent: July 18, 2023
    Assignee: Fastly, Inc.
    Inventors: Sean Leach, Artur Bergman
  • Patent number: 11700136
    Abstract: A computer-implemented method for authentication of a queried device having an electrical circuit exhibiting physically unclonable functions (PUFs). The method includes: at the queried device, generating a first random number based on an initial first counter value; matching the first random number against a first value of a record stored in a database of a querying device, the record including second (shuffled) and third values; at the queried device, generating a second random number based on a once incremented first counter value, deterministically generating a de-shuffled second value based on an initial second counter value, determining that the second random number matches the de-shuffled second value, and submitting sub-challenges corresponding to the second random number to the electrical circuit to generate a response; and, at the querying device, determining that the response matches the third value of the record to complete a first authentication of the queried device.
    Type: Grant
    Filed: November 21, 2019
    Date of Patent: July 11, 2023
    Assignee: Kansas State University Research Foundation
    Inventors: Mahmood Azhar Qureshi, Arslan Munir
  • Patent number: 11677554
    Abstract: Techniques are disclosed relating to secure message exchanges. In some embodiments, a first computing device generates an account key associated with a user account shared by a plurality of computing devices. The first computing device signs a public key of the first computing device with the generated account key to produce a digital signature and sends the public key and the digital signature to a first server system for distributing the public key to a second computing device attempting to send an encrypted message to the first computing device. The first computing device sends the account key to an external storage external usable by others of the plurality of computing devices to obtain the account key and use the account key to sign public keys of the other computing devices. The first computing device receives, from the second computing device, the encrypted message encrypted using the public key.
    Type: Grant
    Filed: May 29, 2020
    Date of Patent: June 13, 2023
    Assignee: Apple Inc.
    Inventors: Bailey E. Basile, Keaton F. Mowery, Yannick L. Sierra, Frederic Jacobs, Ryan W. Baker
  • Patent number: 11671250
    Abstract: Migration of a pairing of wearable device to a new companion electronic device is disclosed. In one embodiment, pairing migration is performed by syncing and verifying a migration key in the wearable and new companion device. Pairing migration includes moving settings and pairing data of the wearable to the new companion device in response to detecting the wearable is associated with the migration key, wherein the migration key establishes a validation of trust of the wearable relative to the companion device. The settings and pairing data can include configuration and protected data and one or more keys to establish a trust relationship between the wearable and new companion device. The settings and pairing data can also include device data such that the wearable can be discoverable by the new companion device.
    Type: Grant
    Filed: April 27, 2018
    Date of Patent: June 6, 2023
    Assignee: APPLE INC.
    Inventors: David C. Donley, Per Love Hornquist Astrand, Chen Ganir, Craig P. Dooley, James C. Grandy, Julien A. Poumailloux, Tyler D. Hawkins, David S. Wilser, David P. Remahl
  • Patent number: 11652904
    Abstract: A method, system, and computer-readable medium are disclosed for generating a unified user profile. For example, a system may store, on a client device, a token under a first domain name. The token may specify state data for a communication session between the client device and a first content publisher addressed by the first domain name. The communication session utilizes a stateless communication protocol. The system may then generate a redirection resource locator. The redirection resource locator may include an identifier for a web object belonging to a second content publisher addressed by a second domain name and the token. The system then stores, on the client device, the token under the second domain name by directing the client device to send a web object request generated based at least in part on the redirection resource locator to the second content publisher. The web object request may request the web object from the second content publisher and including the token.
    Type: Grant
    Filed: October 25, 2021
    Date of Patent: May 16, 2023
    Assignee: eBay Inc.
    Inventor: Victor Mendoza
  • Patent number: 11640605
    Abstract: A method, server and storage medium for verifying a transaction using a smart card are disclosed. A server receives a transaction request to perform a transaction with a user of the smart card. The transaction request includes identification information and encrypted data extracted from the smart card, and transaction information. The server determines a user account linked to the identification information. The server performs a first verification process to authenticate the smart card by verifying that the smart card possesses a correct decryption key corresponding to the identification information. The server performs a second verification process to authenticate the smart card by verifying that the encrypted data extracted from the smart card encodes stored data corresponding to the respective user account linked to the identification information. If the first and the second verification processes are successful, the server processes the transaction in accordance with the transaction information.
    Type: Grant
    Filed: November 23, 2020
    Date of Patent: May 2, 2023
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Kai Liu, Yaxuan Zhu, Runda Cai, Zhenyu Xu, Chenglin Liu
  • Patent number: 11630723
    Abstract: Transferring data between memories may include reading data associated with a memory transfer transaction from a first memory, determining whether a bypass indication associated with the memory transfer transaction is asserted, and transferring the data from the first memory to a second memory. The transferring may include bypassing the first-processing if the bypass indication is asserted. The transferring may further include bypassing second-processing the data if the bypass indication is asserted. Following bypassing the second-processing, the data may be stored in the second memory.
    Type: Grant
    Filed: January 12, 2021
    Date of Patent: April 18, 2023
    Assignee: QUALCOMM Incorporated
    Inventors: Yanru Li, Dexter Tamio Chun
  • Patent number: 11615204
    Abstract: A method of validating the contents of an electronic file. The method comprises requesting an electronic file by an application executing on a computer system by providing a multi-segment filename, wherein the multi-segment filename comprises a unique delimiter between each of the segments of the multi-segment filename and one of the segments of the multi-segment filename is a hash of a content of the electronic file referenced by the multi-segment filename, receiving by the application the electronic file referenced by the multi-segment filename, determining a hash over the content of the electronic file by the application, comparing by the application the hash determined by the application to the hash of the content stored in the one of the segments of the multi-segment filename, and, based on the two hashes agreeing, opening by the application the contents of the electronic file for use.
    Type: Grant
    Filed: February 12, 2020
    Date of Patent: March 28, 2023
    Assignee: T-MOBILE INNOVATIONS LLC
    Inventors: Lyle W. Paczkowski, William M. Parsel
  • Patent number: 11599279
    Abstract: In an information processing system, a storage control server (storage control node) that has received a read request of data from a compute server (compute node) transmits the read request to a drive box. The drive box that has received the read request from the storage control server reads encrypted read target data corresponding to the read request from non-volatile storage media, decrypts the read target data with key data acquired at a predetermined timing, and then transmits the decrypted read target data to the compute server as a read request source.
    Type: Grant
    Filed: September 9, 2021
    Date of Patent: March 7, 2023
    Assignee: HITACHI, LTD.
    Inventors: Tatsuya Hirai, Masakuni Agetsuma, Yoshinori Ohira, Takahiro Yamamoto
  • Patent number: 11580530
    Abstract: Various examples described herein are directed to systems and methods for processing a payment using a mobile wallet network and issuer. A mobile wallet application provides payment information and an indication if payment may be done directly via the mobile wallet network to a point of sale (POS) terminal. The POS terminal determines which payment network to use. A bill may be sent to the mobile wallet application. The mobile wallet application requests payment authorization from an issuer. The issuer provides the authorization and the transaction is completed between the POS terminal and the mobile wallet application.
    Type: Grant
    Filed: July 8, 2021
    Date of Patent: February 14, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Joon Maeng
  • Patent number: 11570009
    Abstract: A device management service to facilitate onboarding of a remote IoT device may receive, from a client service, a request for a session certificate for a remote device. The device management service may send the session certificate to the client service, where the session certificate is valid for the remote device to obtain a primary certificate during a session duration. The device management service may receive, from the remote device, a request for the primary certificate for the remote device. The device management service may send, to the remote device, the primary certificate, wherein the primary certificate enables communication between the remote device and the device management service, and wherein the primary certificate has a primary duration that is longer than the session duration. The device management service may establish a communication channel with the remote device according to the primary certificate.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: January 31, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Ranganath Mallipeddu, Yangfan Zhang, Nicholas A. Gochenaur, William Alex Stevenson, Lomash Kumar
  • Patent number: 11552945
    Abstract: A biometric token is generated for a user and provided to a user-operated device. A pre-staged transaction is defined by a user and the user supplies the token for association with the pre-staged transaction. Subsequently, a user visits a transaction terminal and a new candidate token is generated from biometric attributes of the user. The candidate token is matched to the token associated with pre-staged transaction to authenticate the user and the pre-staged transaction is processed at the transaction terminal as a completed transaction.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: January 10, 2023
    Assignee: NCR Corporation
    Inventors: Bruce McBain, Charlie Harrow, Husameldin M Ali Ibrahim
  • Patent number: 11538030
    Abstract: Methods and systems related to distributing payment keys to multiple discrete devices in a point of sale (POS) system are disclosed. One method includes storing a payment key on a first discrete device for a POS system and a public key certificate on a second discrete device for the POS system. The method also includes communicatively connecting the first discrete device with the second discrete device using a wire, transmitting the public key certificate from the second discrete device to the first discrete device using the wire, and verifying the public key certificate on the first discrete device. The method also includes finalizing a secure connection between the first discrete device and the second discrete device over the wire using a transport layer secure (TLS) protocol after the public key certificate is verified.
    Type: Grant
    Filed: August 24, 2017
    Date of Patent: December 27, 2022
    Assignee: CLOVER NETWORK, LLC.
    Inventor: Brian Jeremiah Murray
  • Patent number: 11539680
    Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.
    Type: Grant
    Filed: January 28, 2021
    Date of Patent: December 27, 2022
    Assignee: ARRIS ENTERPRISES LLC
    Inventors: Ali Negahdar, Marc Rizo, Wade E. Carter
  • Patent number: 11539525
    Abstract: Systems, devices, methods, and computer readable media are provided in various embodiments having regard to authentication using secure tokens, in accordance with various embodiments. An individual's personal information is encapsulated into transformed digitally signed tokens, which can then be stored in a secure data storage (e.g., a “personal information bank”). The digitally signed tokens can include blended characteristics of the individual (e.g., 2D/3D facial representation, speech patterns) that are combined with digital signatures obtained from cryptographic keys (e.g., private keys) associated with corroborating trusted entities (e.g., a government, a bank) or organizations of which the individual purports to be a member of (e.g., a dog-walking service).
    Type: Grant
    Filed: July 24, 2019
    Date of Patent: December 27, 2022
    Assignee: ROYAL BANK OF CANADA
    Inventors: Edison U. Ortiz, Mohammad Abuzar Shaikh, Margaret Inez Salter, Sarah Rachel Waigh Yean Wilkinson, Arya Pourtabatabaie, Iustina-Miruna Vintila
  • Patent number: 11538019
    Abstract: Disclosed are various embodiments for issuing virtual cards to client devices. Also disclosed are embodiments for provisioning a transaction terminal to process transactions with virtual cards. A zero-knowledge proof algorithm can be utilized to validate the transactions. A virtual card can be based upon a public key of a client device that is managed by a hardware security module.
    Type: Grant
    Filed: June 5, 2020
    Date of Patent: December 27, 2022
    Assignee: American Express Travel Related Services Company, INC.
    Inventor: Andras L. Ferenczi
  • Patent number: 11531467
    Abstract: A method for controlling public access of resources in a secure distributed storage system using an API level model. A request to access a volume is checked for authentication. If the request does not include an authentication token ID, a guest role is created and assigned to the requestor. The guest role can only access public volumes or owned volumes that specifically allow public access. The guest role can be updated using API management.
    Type: Grant
    Filed: January 29, 2021
    Date of Patent: December 20, 2022
    Assignee: Pure Storage, Inc.
    Inventors: Luis Pablo Pabon, Grant William Griffiths
  • Patent number: 11520873
    Abstract: A method for enrolling a device in a secure network to which an information system is connected, the method comprising the steps, implemented by a trusted device connected to the secure network, of: a) receiving from a user terminal, distinct from the device to be enrolled, an authorization to connect to the device to be enrolled, b) generating cryptographic keys intended for the device to be enrolled to access the secure network, and c) transmitting the cryptographic keys to the device to be enrolled.
    Type: Grant
    Filed: July 19, 2018
    Date of Patent: December 6, 2022
    Assignee: ELECTRICITE DE FRANCE
    Inventors: Paul Lajoie-Mazenc, Alexandre Michon, Gautier Delis, Florent Cardolaccia
  • Patent number: 11521194
    Abstract: A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.
    Type: Grant
    Filed: December 22, 2017
    Date of Patent: December 6, 2022
    Assignee: PAYPAL, INC.
    Inventor: Upendra Mardikar
  • Patent number: 11509643
    Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.
    Type: Grant
    Filed: July 18, 2018
    Date of Patent: November 22, 2022
    Assignee: Google LLC
    Inventors: Anna Sapek, Uday Savagaonkar, Jeffrey Thomas Andersen, Thomas Michael Roeder