US2018114206A1PendingUtilityA1

Methods and apparatus for conducting electronic transactions

68
Assignee: GULA CONSULTING LLCPriority: Aug 31, 1999Filed: Oct 13, 2017Published: Apr 26, 2018
Est. expiryAug 31, 2019(expired)· nominal 20-yr term from priority
G06Q 20/105G06Q 20/367G06Q 30/0613G06Q 20/3674G06Q 20/4097G06Q 20/382G06Q 20/341G07F 7/1008G07F 7/0866G06Q 20/363G06Q 20/401
68
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

Claims

exact text as granted — not AI-modified
1 - 20 . (canceled) 
     
     
         21 . A method of authentication of a user device, the method comprising:
 receiving, by a first server comprising a processor and a memory, a request message from a user device;   formatting, by the first server, a challenge message;   sending, by the first server and to the user device, the challenge message indicating a challenge for the user device and initiating a challenge response from the user device;   receiving, by the first server, a response message provided by the user device after processing of the challenge, the response message comprising the challenge response;   verifying, by the first server, the user device based on data in the response message; and   generating, by the first server, a security token in response to a successful verification of the user device, wherein the security token can be used to bypass subsequent authentication attempts by the user device.   
     
     
         22 . The method of  claim 21 , wherein the challenge message initiates a challenge response message from a wallet client running on the user device. 
     
     
         23 . The method of  claim 21 , wherein the content of the received response message is generated, based at least in part, on a personal identifier received at the user device. 
     
     
         24 . The method of  claim 21 , wherein verifying the user device based on the data in the response message comprises routing the response message to an authorization server. 
     
     
         25 . The method of  claim 21 , wherein the data in the response message comprises a certificate and a signature. 
     
     
         26 . The method of  claim 21 , wherein the challenge message comprises random data. 
     
     
         27 . The method of  claim 21 , wherein the security token is stored by the first server. 
     
     
         28 . The method of  claim 21 , further comprising sending the security token to the user device. 
     
     
         29 . A non-transitory computer readable medium having instructions stored thereon that, in response to execution by a first server comprising a processor and a memory, cause the first server to perform steps including:
 receiving a request message from a user device;   formatting a challenge message;   sending, to the user device, the challenge message indicating a challenge for the user device and initiating a challenge response from the user device;   receiving a response message provided by the user device after processing of the challenge, the response message comprising the challenge response;   verifying the user device based on data in the response message; and   generating a security token in response to a successful verification of the user device, wherein the security token can be used to bypass subsequent authentication attempts by the user device.   
     
     
         30 . The non-transitory computer readable medium of  claim 29 , wherein the challenge message initiates a challenge response message from a wallet client running on the user device. 
     
     
         31 . The non-transitory computer readable medium of  claim 29 , wherein the content of the received response message is generated, based at least in part, on a personal identifier received at the user device. 
     
     
         32 . The non-transitory computer readable medium of  claim 29 , wherein verifying the user device based on the data in the response message comprises routing the response message to an authorization server. 
     
     
         33 . The non-transitory computer readable medium of  claim 29 , wherein the data in the response message comprises a certificate and a signature. 
     
     
         34 . The non-transitory computer readable medium of  claim 29 , wherein the challenge message comprises random data. 
     
     
         35 . The non-transitory computer readable medium of  claim 29 , wherein the security token is stored by the first server. 
     
     
         36 . The non-transitory computer readable medium of  claim 29 , having further instructions stored thereon that, in response to execution by the first server, further cause the first server to perform a step of sending the security token to the user device. 
     
     
         37 . A system comprising:
 a first computing device comprising a processor;   a memory communicatively coupled to the first computing device, the memory having instructions stored thereon that, in response to execution by the processor, at least cause the first computing device to:
 receive a request message from a user device; 
 format a challenge message; 
 send, to the user device, the challenge message indicating a challenge for the user device and initiating a challenge response from the user device; 
 receive a response message provided by the user device after processing of the challenge, the response message comprising the challenge response; 
 verify the user device based on data in the response message; and 
 generate a security token in response to a successful verification of the user device, wherein the security token can be used to bypass subsequent authentication attempts by the user device. 
   
     
     
         38 . The system of  claim 37 , wherein the challenge message initiates a challenge response message from a wallet client running on the user device. 
     
     
         39 . The system of  claim 37 , wherein the content of the received response message is generated, based at least in part, on a personal identifier received at the user device. 
     
     
         40 . The system of  claim 37 , wherein verifying the user device based on the data in the response message comprises routing the response message to an authorization server. 
     
     
         41 . The system of  claim 37 , wherein the data in the response message comprises a certificate and a signature. 
     
     
         42 . The system of  claim 37 , wherein the challenge message comprises random data. 
     
     
         43 . The system of  claim 37 , wherein the security token is stored by the first computing device. 
     
     
         44 . The system of  claim 37 , wherein the memory has further instructions stored thereon that, in response to execution by the processor, cause the first computing device to send the security token to the user device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.