Universal secure registry
Abstract
A computer system for authenticating a user involved in a transaction and a method thereof is provided. The computer system comprises a communications interface configured to receive identification information including information specific to a mobile electronic device and information specific to a user account, and a one-time authentication code. One or more processors are configured to retrieve account information, and to use the retrieved account information to validate the received identification information and one-time authentication code. The one-time authentication code is generated by the mobile electronic device responsive to successful authentication of at least one of biometric information of the user and a user input comprising a PIN or other secret information known to the user. The biometric information is captured by a biometric sensor, and the user input is received by a user interface.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computer system for authenticating a user involved in a transaction, the computer system comprising:
a communications interface configured to receive identification information including information specific to a mobile electronic device and information specific to a user account to be employed in the transaction, and a one-time authentication code specific to the transaction; and one or more processors configured to retrieve account information associated with the mobile electronic device and the user account to be employed in the transaction, and to use the retrieved account information to validate the received identification information and one-time authentication code; wherein the one-time authentication code is generated by the mobile electronic device responsive to successful authentication by the mobile electronic device of at least one of biometric information of the user and a user input comprising a personal identification number (PIN) or other secret information known to the user; and wherein the biometric information of the user is captured by a biometric sensor of the mobile electronic device, and the user input is received by a user interface of the mobile electronic device.
2 . The computer system of claim 1 , wherein the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
3 . The computer system of claim 1 , wherein the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
4 . The computer system of claim 1 , wherein the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
5 . The computer system of claim 1 , wherein the identification information and the one-time authentication code are encrypted before they are received by the computer system.
6 . The computer system of claim 1 , wherein the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
7 . The computer system of claim 1 , wherein the computer system comprises one or more servers associated with a credit card company or bank.
8 . A method for authenticating a user involved in a transaction using a computer system, the method comprising:
receiving identification information specific to a mobile electronic device and a user account to be employed in the transaction, and a one-time authentication code specific to the transaction; retrieving account information associated with the mobile electronic device and the user account to be employed in the transaction; and using the retrieved account information to validate the received identification information and the one-time authentication code; wherein the one-time authentication code is generated by the mobile electronic device responsive to successful authentication by the mobile electronic device of at least one of biometric information of the user and a user input comprising a personal identification number (PIN) or other secret information known to the user; and wherein the biometric information of the user is captured by a biometric sensor of the mobile electronic device, and the user input is received by a user interface of the mobile electronic device.
9 . The method of claim 8 , wherein the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
10 . The method of claim 8 , wherein the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
11 . The method of claim 8 , wherein the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
12 . The method of claim 8 , wherein the identification information and the one-time authentication code are encrypted before they are received by the computer system.
13 . The method of claim 8 , wherein the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
14 . The method of claim 8 , wherein the computer system comprises one or more servers associated with a credit card company or bank.
15 . A computer readable medium or media containing instructions for authenticating a user involved in a transaction, wherein execution of the instructions by one or more processors of a computer system causes the one or more processors to carry out the steps of:
receiving identification information including information specific to a mobile electronic device and information specific to a user account to be employed in the transaction, and a one-time authentication code specific to the transaction; retrieving account information associated with the mobile electronic device and the user account to be employed in the transaction; and using the retrieved account information to validate the received identification information and the one-time authentication code; wherein the one-time authentication code is generated by the mobile electronic device responsive to successful authentication by the mobile electronic device of at least one of biometric information of the user and a user input comprising a personal identification number (PIN) or other secret information known to the user; and wherein the biometric information of the user is captured by a biometric sensor of the mobile electronic device, and the user input is received by a user interface of the mobile electronic device.
16 . The computer readable medium or media of claim 15 , wherein the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
17 . The computer readable medium or media of claim 15 , wherein the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
18 . The computer readable medium or media of claim 15 , wherein the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
19 . The computer readable medium or media of claim 15 , wherein the identification information and the one-time authentication code are encrypted before they are received by the computer system.
20 . The computer readable medium or media of claim 15 , wherein the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
21 . The computer readable medium or media of claim 15 , wherein the computer system comprises one or more servers associated with a credit card company or bank.
22 . A method for authenticating a user involved in a transaction, the method comprising:
authenticating, by a mobile electronic device, the user based on at least one of: 1) biometric information of the user captured by a biometric sensor of the mobile electronic device, and 2) a user input received by a user interface of the mobile electronic device and comprising a personal identification number (PIN) or other secret information known to the user; retrieving, by the mobile electronic device, identification information including information specific to the mobile electronic device and information specific to a user account to be employed in the transaction; generating, by the mobile electronic device, a one-time authentication code specific to the transaction; wirelessly transmitting, by the mobile electronic device, the identification information and the one-time authentication code to a computer system for processing; receiving, by the computer system, the identification information and the one-time authentication code; retrieving, by the computer system, account information associated with the mobile electronic device and the user account to be employed in the transaction; using, by the computer system, the retrieved account information to validate the received identification information and one-time authentication code; and receiving, by the mobile electronic device, an enablement signal indicating an approved transaction, wherein the enablement signal is only received after successful validation of the identification information and the one-time authentication code by the computer system; wherein generating the one-time authentication code occurs responsive to successful authentication of at least one of the biometric information and the user input by the mobile electronic device.
23 . The method of claim 22 , wherein the one-time authentication code comprises a code associated with credit or bank card information of the user, and wherein the one-time authentication code does not contain the credit or bank card information of the user.
24 . The method of claim 22 , wherein the one-time authentication code is generated using at least one of a non-predictable value, a time-variant value, and a transaction-specific value.
25 . The method of claim 22 , wherein the one-time authentication code is associated with a public identification code for a credit or bank card account, and wherein the public identification code for the credit or bank card account is communicated to a credit or bank card issuer to enable the transaction.
26 . The method of claim 22 , further comprising encrypting, by the mobile electronic device, the identification information and the one-time authentication code before they are transmitted to the computer system.
27 . The method of claim 22 , wherein the biometric sensor is configured to capture at least one of fingerprint information, voice print information, signature information, iris information, facial scan information, and DNA information.
28 . The method of claim 22 , wherein the computer system comprises one or more servers associated with a credit card company or bank.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.