`
`U800857781332
`
`(12) United States Patent
`Weiss
`
`[10) Patent N0.:
`
`(45) Date of Patent:
`
`US 8,577,813 32
`*Nov. 5, 2013
`
`{54)
`
`(is)
`(73;
`
`UNIVERSAL SECURE REGISTRY
`
`Inventor: Kenneth P. Weiss. Newton. MA (US)
`Assignee: Universal Secure Registry, LLC.
`Newton. MA (US)
`
`(*J
`
`Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(1)) by 0 days.
`
`This patent is subject to a terminal dis—
`claimer.
`
`(21)
`
`(22)
`
`(65}
`
`(63)
`
`(60)
`
`(51)
`
`(52)
`
`(53)
`
`Appl. No; 131237.184
`
`Filed:
`
`Sep. 20, 2011
`Prior Publication Data
`
`May 24, 2012
`US 201230130904 Al
`Related US. Application Data
`
`Continuation of application No. 121393586. filed on
`Feb. 26. 2009, now Pat. No. 8,234,220. which is a
`continuation-in-part of application No. 111760.732.
`filed on Jun. 8, 2007. now Pat. No. 7.809.651. and a
`continuation-in-part of application No. “£760,729.
`filed on Jun. 8. 2007. now Pat. No. 1805.372. and a
`continuation-in-part of application No. 111627.490.
`filed on Feb. 21. 2007, now Pat. No. 8.001.055.
`application
`No.
`131237.184,
`which
`is
`a
`continuation-impart of application No. 131168556.
`filed on Jun. 24. 2011. which is a continuation of
`application No. 111677.490. filed on Feb. 21. 2007.
`now Pat. No. 8.001.055.
`
`Provisional application No. 60f812.279. filed on Jun.
`9. 2006, provisional application No. 601859.235. filed
`on Nov.
`15. 2006, provisional application No.
`601275.046,
`filed on Feb. 21. 2006, provisional
`application No. 611031529. filed on Feb. 26. 2008.
`Int. Cl.
`
`G06Q 20/00
`U.S. Cl.
`USPC
`
`(2012.01)
`
`705176: 70564: 705171: 705r’i'2:
`7:052‘73; 705174; 705175: 705177; TOSNS;
`205t79
`Field of Classification Search
`USI’C
`
`705!64. 71—79
`
`(56)
`
`References Cited
`
`US. PATENT DOCUMENTS
`
`4.720.860 A
`4.856.062 A
`
`M988 Weiss
`8-0989 Weiss
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`
`0980209
`1081632
`
`3.92000
`3-"2001
`
`(Continued)
`OTHER PUBLICATIONS
`
`“Biometrics: Who‘sWatchingYou'?". Eleclronic Frontier meriai ion
`(EFF). Sep. 2003. all pages. http:L’wwwcfiiorgr'wp-‘biornetrics-
`whos-watching-you.
`
`(Continued)
`
`Prirmirj' Exarriirier — Calvin C hating
`(74) Allomqi’. Agent. or Firm — Lando & Anastasi. LLP
`
`(57}
`
`ABSTRACT
`
`A device is configured to allow a user to select any of a
`plurality of accounts to employ in a financial transaction. The
`user device includes a biometric sensor configured to receive
`a biometric input. a user interface configured to receive a user
`input including secret information known to the user and
`identifying information concerning an account selected by
`the user from the plurality of accounts. The user device
`includes a communication link configured to communicate
`with a secure registry. and a processor coupled to the biomet-
`ric sensor to receive information concerning the biometric
`input. the user interface, and the communication link. The
`processor is configured to generate a non-predictable value
`and encrypted authentication information from the non—pre—
`dicta ble value. the identifying infonnation. and at least one of
`the information concerning the biometric input and the secret
`information. and comnnmicate the authentication informa-
`tion via the communication link to the secure registry.
`
`See application file for complete search history.
`
`26 Claims, 29 Drawing Sheets
`
`
`
`VISA - EXHIBIT 1201
`
`VISA - EXHIBIT 1201
`
`
`
`US 8,577,813 B2
`
`Page 2
`
`(56}
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4.885.778 A
`4.998.279 A
`5023303 A
`5‘053‘151 A
`5091505 A
`5.153.520 A
`5.237.614 A
`5.351.052 A
`5.307.572 A
`5.398.285 A
`5.452.742 A 2
`53,2795” A
`5.485.519 A
`5.657.388 A
`5.654.109 A
`5.813.006 A
`5.820223 .4 2
`5315023 A
`5.971.272 A
`6.073.106 A
`6.088.450 A
`6.130.621 A
`5.202055 B1
`5.253202 Bl
`5253203 131
`6.250.039 Bl
`5.303.203 Bl
`6.309.342 Bl
`6393.421 Bl
`5.498.801.
`131
`6,515.315 Bl
`6.546.005 131
`6.581.059 131
`6.640.211 131
`6.658.400 32
`15.81.9219 Bl
`6.845.448 Bl
`5.041.221 Bl
`6.950.521 131
`7.007.298 131
`7.231117 B2
`2.249.112 B2
`7.278.026 132
`7.411504 131
`1439331 132
`7‘502‘459 Bl
`7.543331 Bl
`7.552.333 B2”
`7.571 . 139 B1
`7.657.639 B2
`7.705.732 132
`7,766,223 Bl
`
`12.31989 Weiss
`321991 Weiss
`52199] Weiss
`102199] Weiss
`321992 Weiss
`[221992 Weiss
`831993 Weiss
`”21994 Weiss
`11.21994 Weiss
`321995 Borgcit
`1021995 Drcxlerctal.
`1231995 Weiss
`1.21995 Weiss
`32199;; Weiss
`92199—2
`Johnson
`911993 Polnerow
`2.31999 Pare.1r.e1a1.
`631999 Bernstein
`1021999 115010
`632000 Rozcn at a],
`722000 Davis ct a],
`1022000 Weiss
`3.32001 Houvenereta].
`52200] Gilmour
`632001 O‘Flaherty 81:11.
`72200] Schneck et al.
`[02200]
`112113215111 et aL
`1022001 Blazey el al.
`522002 P331111
`1222002 Hamid Ci (11.
`222003 Gupta
`422003 Berkley ct a],
`632003 Barrett eta].
`1022003 Hoiden
`1222003 Part-21101211.
`”22004 30115: at 211.
`1.22005 (Shaganti El 211.
`922005 Soong
`922005 Marcovicictal.
`232006 Shinzaki ct a].
`632007 Weiss
`222002 Berardielal.
`1022007 McGowan
`322003 003,19
`222009 Klassen ct BL
`322009 Moseley
`522009 Taylor .31 a1.
`632009 Wheeleretal.
`832009 Giordano el al.
`232010 Hinton
`432010 Bishop Ct :11.
`832010 Melloeial.
`
`7.809.651 132
`8.001.055 132
`8.079.079 B2
`8234.220 B2
`200130032100 Al
`200130044900 Al
`200230046061 Al
`200230090930 Al
`200230176610 Al
`
`1032010 Weiss
`3201] Weiss
`123201 1 Zhang et 3].
`732012 Weiss
`1032001 Mahmudetal.
`113200] Uchida
`432002 Wright eta].
`732002 Fujiwalaet :11.
`[132002 Okare'Bki et al.
`
`.
`_
`5333:3132: R:
`200320024322 A1"
`200330028481 .412
`200330046540 Al
`200330084332 A1"
`2003,-'0035303 Al
`200370115490 A1
`200320123713 .011
`200330129965 A1
`200320163710 A1
`200330236041 Al
`200330229637 Al
`
`.
`..
`‘11
`lmura et a .
`333333 231301515
`1
`122003 Wilfoclcretal.
`2.32003 Fiitcmfietal.
`32-2003 Nakaunum et :11.
`5.32003 Krasinski etal.
`522003 Goldberg
`1522003 Russo e1 al.
`232003 Gang
`222003 Siege]
`832003 Ortiz ct al.
`1232003 Palmer
`1232003 Baxter et a].
`
`132004 Kosher
`200430017934 .41
`232004 Edgett
`200430034771 A1
`3.32004 ShamRao
`200420059923 Al
`632004 Duffy et a].
`2004301 1 1625 A1
`632004 Mambosky
`200430117215 A1
`632004 Weicl'lert et al.
`200430117302 Al
`732004 Doughty
`200430133787 Al
`832004 110
`200430151351 Al
`932004 CaSSOi'lc
`200430188519 Al
`1132004 Beenalletal.
`200430236699 Al
`132005 Doughtyeta].
`200530001711 Al
`232005 Shapiro
`200530039027 A1
`532005 Okabe
`200530113070 Al
`832005 Lapsiey at a].
`200530187843 Al
`332005 l-abmllFlaL
`300530137373 Al
`932005 9101121th et al.
`200530210270 Al
`103-2005 Scheidt (:‘1 al.
`200530235 148 A1
`1032005 Carro
`200530238147 Al
`103-2005 Sim
`200530238208 Al
`132006 Fernandes et al.
`200630000900 Al
`132006 Blockaalv
`200630016884 Al
`532006 Le Saint et al.
`200630104486 Al
`632006 Cohen at a].
`200630122939 Al
`7320015l Dua
`200630165060 A1
`932006 Schallfele et al.
`200630206724 Al
`1132006 Brainardel :11.
`200630256961 Al
`132007 21131186”!-
`300730005933 A1
`232007 Kozlay
`200770040017 Al
`432007 Vishik cl :1].
`200730079136 Al
`532007 BedingfielCL Sr.
`200730124597 Al
`632007 Kumar ct al.
`200730140145 Al
`832007 Bailey 0101.
`200730186105 .411
`832007 (33.0 01: al.
`2007301861 15 Al
`832007 Weiss
`2007301984315 Al
`1032007 P173110 et a].
`200730245152 Al
`[132007 Shartzkamer et a].
`200730256120 Al
`133003 “{9193
`200330005575 Al
`132008 Hutton
`200830021997 Al
`232008 U20
`200830040274 Al’“
`532008 Yasaki et a].
`200830127311 Al
`932008 D0340
`200800212848 Al
`1132008 R1171;
`200830275819 A1
`332009 Scholnickcta].
`200970083544 Al“
`632009 Sacco
`200930144814 Al
`32009 Schaflher
`200930175507 Al
`332009 Clark
`200930303355 A1
`1132009 Weiss
`200930292541 A1
`232010 .1121 et al.
`201030046443 Al
`103201 1 Weiss
`20] 130253120 A1
`932012 Weiss
`201230240195 Al
`132013 Welss
`201330024374 Al
`FOREIGN 13'251’1‘1’31071~ DOCUMEN'I'S
`
`GB
`wo
`
`WO
`wo
`W0
`W0
`WO
`wo
`
`2 382 006
`9202435
`
`96313934
`9636934 Al
`02l4985
`0214935 A2
`2010000455 A}
`2013,-'032479 Ag
`
`532003
`421992
`
`11-31996
`1131990
`2720012
`2.32002
`[72010
`222013
`
`OTHER PUBLICATIONS
`
`705344
`
`7133186
`
`.—
`.-
`-
`from PC'I' Application No. PC'1'3
`International Search Report
`052002200454611121110110022,2002.._
`.
`.
`.
`0mm?“ scml' Rem” 33““ PU "Ppl'ca‘mn 5‘“ PU"
`[J 320072070701 mailed Mar. 11.. 2003. .
`.
`.
`Inn-“31101131 Search Repofl 1mm PCT Application 510- PCT3
`U820093035282 mailed Jul. 10,2009.
`Kessler G. "An Overview of (thographyf’ Aug. 22. 2002. All
`pages.RetrievedviaWaybackMachineonJan.19.2010.hltp:.-'.-\vww.
`garykeSslerneuhhmykrypluhml-
`“FIPS PUB 46-3." Oct. 25. 1999. Natinnal Inslimle 01' Science and
`’lbchnology (01191). All pages.
`“PGP: An Introduction to Cryptography.“ 2000. All pages.
`
`7133186
`
`205.339
`
`7133176
`
`205221
`205239
`
`213-200
`
`
`
`US 8,577,813 B2
`Page 3
`
`(56}
`
`References Cited
`
`OTHER PUBLICATIONS
`
`Pabrai. U. "Biometrics for PC-User Authentication: A Primer" 1‘01).
`1. 2001. Access Controls & Security Systems. All pages. <http:.-'x'
`www.securitysoiuliona.comiimg’security_biometries_pcuser_au-
`Lhenticationr'indexhunb.
`“information Security: Challenges in Using Biometrics" Sep. 9.
`2003. All pages. <http:fl-"wwwgao.govfnewjtemsr'dm1 1371.pdt‘>.
`I-Iungtington. G. “101 Things to Know About Single Sign On.” 2006.
`Authentication World. All pages. <http:Ifwwaulhenticationworld.
`com-“Sirigle~Sign—0n~Aulhenlicalion’
`10 1'I‘l1ings'l'o KnowAboutSingleSignOnpdb.
`“Single Sign on Authentication" Mar. 13. 200?. Authentication
`World. All pages. Retrieved Jul. 9. 2010 via Wayback Machine.
`<htrp:x'a'web.archive.org;"web."200?0313200434.-’http:x'x‘uw-.
`authenticationworldcom“Singie-Sign-0n-Authentica1iorp">.
`Pabrai, U. "Biometrics for PC-User Authentication: A Primer" Feb.
`I. 200]. Access Controls & Security Systems. All pages. <http:.-".-’
`masecuriIysoiulions.com"mag-“security_biome1rics_pcuser_au—
`thentication-'index.html>.
`
`Huntington. G. “[01 Things to Know About Single Sign On." 2006.
`Authentication World. All pages. <http:I'Aawnuthenticationworld.
`comeingle-Sign-On-Authentication:‘
`101'I'hingsToKnowAboutSingleSignOn.pdf>.
`Kessler. G. "An Overview of Cryptography." 22 Aug. 22. 2002. All
`pages. Retrived via Waybaek Machine on Jan. [9. 2010. http:."-"www.
`gaiykc ssler.net.-"libra.rye'crypto.hnnl.
`Treasury Board of Canada Secretariat. PKI for Beginners Glossary.
`http:sfvwvw.tbs-3cl.ge.ca-“pki-icp.-'begimem-‘glossaw-engasp.
`International Search Repon from le'rU32007.-‘004646 mailed Nov.
`27. 2007.
`lntemational Search Report
`0TOT01 mailed Mar. 1 l, 2008.
`International Search Report from PCTa'USZUI'JinBSZBZ maiied Jul.
`10. 2009.
`“Bluetooth Technology FAQ". Mobileinfocom. Jan. 21. 2001. all
`pages. http;.-".-'www.web.a.n:hive.org.-'weh.-'200 [012 l 155 la'hltpL-i-“www.
`inobileinfo.ceirflBluetoothfFAQ.htm.
`International Search Report and Written Opinion for international
`Application No. PCTFUS2DI 0051966. 49 pages.
`
`from corresponding PCTJ-US200?!
`
`* cited by examiner
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheetl of 29
`
`US 8,577,813 B2
`
`
`
`
`
`12:
`
`20
`
`22
`
`26
`
`{/70
`
`RAM
`
`ROM
`
`18
`
`User
`Interface
`
`USR
`Software
`
`Comm.
`Port
`
`Wide
`Area
`Network
`
`16
`
`f4
`
`
`Universal Secure
`
`
`
`Registry
`
`24
`
`.30
`
`_. .30
`
`—.
`
`'
`
`.30
`
`Person No.
`
`:1
`
`.
`
`
`
`FIG.
`
`1
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 2 of 29
`
`US 8,577,813 B2
`
`
`
`10
`
`Computer Computer Computer
`Module
`Module
`Module
`
`27
`
`In terfoce
`Center
`
`Interface
`Center
`
`27
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`27
`
`FIG. 2
`
`USR System
`
`
`Computer Computer Computer
`Module
`
`Wide Area Network
`
`27
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`
`
`US. Patent
`
`N
`
`B
`
`mf0
`
`US 8,577,813 B2
`
`On.
`
`
`
`mm.mm.Fm.NM.
`
`
`
`a,mmEvv<m_nu__o><$8045302.;w.323.5
`
`
`
`
`
`
`
`msonoELouFEcow—US$05520:05.85cozoEgoE
`
`
`
`
`
`:8ng
`
`eoz
`
`
`
`.fl..Sxnfi.c0_u00__n_a<60522L230UCU
`an:ozoELEEwcozoctouflfi
`
`5305.855555.85_o_oco:_.._
`.no:300:85
`
`
`
`m?3vN».0%
`
`m.wot
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 4 of 29
`
`US 8,577,813 B2
`
`Financial
`Medical
`Public
`Information information Information
`
`Computer Computer Computer
`Module
`Module
`Module
`
`USR System
`
`Tax _
`dab .
`Address
`Information Applicatlon Information
`Computer Computer Computer
`Module
`Module
`
`Module
`Centers
`
`Public
`Information
`interface
`Centers
`
`Medical
`Information
`Interface
`Centers
`
`Wide Area Network
`
`Tax _
`_ information
`Interface
`Centers
`
`Job Application
`Information
`Interface
`Centers
`
`Financial
`Informatlon
`Interface
`Centers
`
`Address
`Information
`Interface
`
`FIG. 4
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 5 of 29
`
`US 8,577,813 B2
`
`T'
`ram
`
`th Dtb
`e aaase
`
`500
`
`identification
`
`Validate Person's
`
`502
`
`
` No
`
`Does
`Person Have Rights to
`
`Enter Data
`?
`
`Yes
`
`504
`
`Enable Person to Enter
`
`Basic Personal Data
`
`506
`
`
`Person Have Right to
`
`
`Enter Additional Data
`
`‘?
`
`No
`
`Yes
`
`508
`
`to Advanced Personal Data
`
`Enable Person to Enter
`Advanced Personal Data
`
`510
`
`Enable Person to Specify Access
`
`
`
`512
`
`FIG. 5
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 6 of 29
`
`US 8,577,813 B2
`
`600
`
`Enable Access to
`
`Basic Personal Data
`
`602
`
`
`
`
` 13 No
`Additional Information
`
`
`Requested
`
`
`?
`
`Yes
`
`604
`
`/"
`
`
`
`No
`Does Requester
`Have Rights to Access
`
`
`Type of Requested
`Data ‘?
`
`
`
`608
`
`
`
`
`/
`
` No
`Is Person
`Participating in
`
`Transaction
`
`Yes
`
`_>]
`
`
`
`Yes
`
`Validate Person's
`Identity
`
`612
`
`6'”
`
`Enable Person to
`
`Rights to Data
`
`Change Access
`
`616
`
`
`
`
` Does Requester
`N0
`Have Rights to Access
`
`Type of Requested
`
`Data ?
`
`
`505
`
`
`
`
`Cause USR to Enable
`Access to Type of
`Requested Data
`
`610
`
`FIG. 6
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 7 of 29
`
`US 8,577,813 B2
`
`User initiates Purchase
`
`User Enters Secret Code
`in Secure 1D
`
`Merchant Transmits to Credit
`
`Card Company
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`700
`
`702
`
`704
`
`706
`
`708
`
`710
`
`712
`
`Transfers $ to Merchant’s Account
`
`
`
`Credit Card Company
`Sends Code to USR
`
`USR Determines if Code is Valid, and if
`Valid Accesses User's Credit Card
`Information and Transmits Credit Card
`Number to Credit Card Company
`
`Credit Card Company Checks
`Credit Worthiness and Declines
`Card or Debits User's Account and
`
`CCC Notifies Merchant of
`Result of Transaction
`
`FIG. 7
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 8 of 29
`
`US 8,577,813 B2
`
`800
`
`802
`
`804
`
`806
`
`808
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USP!
`
`
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`USR Accesses User’s Credit Card
`Information and Transmits to CCC
`
`(1) Credit Card Number
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`
`
`
` 814
`
`
`
`810
`
`CCC Checks Credit Worthiness and
`
`Declines Card or Debits User's Account
`
`and Transfers $ to Merchant's Account
`
`812
`
`CCC Notifies USR of
`Result of Transaction
`
`USR Notifies Merchant of
`Result of Transaction
`
`FIG. 8
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 9 of 29
`
`US 8,577,813 B2
`
`900
`
`User Initiates Purchase and
`Writes Check to Merchant
`
`'
`
`
` 902
`
`
`User Enters Secret Code
`in Secure iD
`
`
`
`904
`
`
`Merchant Transmits to USR
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`USR Determines if Code is Valid
`
`906
`
`.908
`
`USR Accesses User's Bank
`Information and Transmits to Bank
`
`
`
`
`
`
`
`l—___
`Bank Checks Account Balance
`
`QIO
`
`912
`
`914
`
`(1) Bank Account Number
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`
`
`
`
`
`
`
`to Verify Availability of Funds
`
`Bank Notifies USR of
`Result of Verification
`
`USR Notifies Merchant of
`Result of Verification
`
`FIG. 9
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 10 0f 29
`
`US 8,577,813 B2
`
`User Initiates Anonymous Purchase
`by Entering Secret Code in Secure
`ID and Transmitting Result to
`On—Line Merchant
`
`Merchant Transmits to USR
`
`(1) Code from Secure ID
`(2) Store Number
`(5) Amount of Purchase
`
`1004
`
`USR Determines if Code is Valid
`
`1000
`
`1002
`
`1006
`
`
`
`
`USR Accesses User’s Credit Card
`Information and Transmits to CCC:
`
`(1) Credit Card Number
`2 Store Number
`3 Amount of Purchase
`
`1008
`
`
`CCC Checks Credit Worthiness and
`Declines Card or Debits User's Account
`
`and Transfers $ to Merchant's Account
`
`
`
`
`
`7010
`
`
`
`CCC Notifies USR
`of Result of Transaction
`
`
`
`
`1014
`
`if Credit Accepted, USR
`Accesses Address Code
`
`and Provides Merchant
`with Address Code
`
`If Credit Declined.
`USR Notifies Merchant
`
`1072
`
`
`
`
`Merchant Labels Package
`with Address Code and Ships
`
`
`FIG. 70
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 11 of 29
`
`US 8,577,813 B2
`
`
` User Provides Address
`
`User Provides Address Information
`
`
`
`Code on Public Area
`in Address Area of USR
`to be Mailed
`
`1100
`
`1102
`
`”04
`
`
`
`
`Person Places Public Code
`on Parcel
`
`1106
`
`Post Office Accesses USR
`
`
`to Retrieve Address Information
`
`
`
`
`Post Office Prints Bar Code
`on Parcel
`to Automate
`Delivery of Parcel to Address
`in Address Area of USR
`
`
`1108\
`
`to
`Post Office Delivers Parcel
`Address in Address Area of USR
`
`/1110
`
`FIG.
`
`17
`
`User Provides Telephone
`Code on Public Area
`
`1200
`
`1202
`
`
`
`User Provides Telephone Information
`in Telephone Area of USR
`
` 1204
`
`Person Dials USR Phone Number and
`
`Enters Telephone Code for User
`
`1206
`
`
`
`USR Connects Person to Telephone
`Number Without Providing User
`Person with Telephone Number
`
`FIG. 72
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 12 of 29
`
`US 8,577,813 B2
`
`
`
`
`
`53E:EEEIO25”ESE..3;3:35?
`
`
`
`
`
`mE—ucuumyzomo:uzm69003.3:01AB
`
`NOV.“8h.h
`we:won“ coEmozom35:00:35?
`
`8:82
`
`3330)3thman.ucocosoEktE £35305;
`
` mmmmmuu<mm: naLogo—26> n:EsomwE800“ScummhmacmEm:n:0.33mE300#Eomw
`coroELSE308m.8:01usecozoELPFE
`
`
`EeycmEm:
`
`
`
`2me$8084mm:Langmgozawhom:
`26>238t855359mm:20>238t35553mm:
`320:9330mm".0.332;ANVno
`
`
`533:0)38302352
`
`mm:3thmcot.:UEmozommm:3memcofi
`
`m>oLn_3mEEofidLam:«Bonn.330.832
`
`
`QEzomwEat990093385E9:300
`
`20:n:23%B332;Q
`
`.62.. 09:ooh.“
`
`3552Bconcoctm>F:oEuozom3mfiEmcot.tcoAv3.3.52.6cozooELo>CU
`
`3GEM.“GE
`
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 13 of 29
`
`US 8,577,813 B2
`
`002
`
`New“
`
`V09“
`
`mom“
`
`mom“
`
`
`23>thB3:35am:
`
`EoEtonE5£380.20...0L83%?B3:me
`
`ham:
`
`38.”.2cosooEEmE
`
`a.230mmE250Eomm935..Em:
`
`
`
`n:mSommE250#mbmmBEENEm:
`
`Eot230mm:3mtEchfiEm:
`
`
`
`
`
`mfioo:o_uoo__aa<“EU9Ezomm
`
`
`
`muoomm:9.thwcPFaton—
`
`muooEgon“use0.«BeamEat
`
`
`
`26>288am:amocwéfloemm:
`
`26>E@300:$55.23mm:
`
`/com.“
`
`/Nam;
`
`#00h
`
`mom.h
`
`mom“
`
`
`
`
`
`cosoo=aa<wxom:mommwoo<mm:
`
`
`
`23:94mtEmcofivcoco_u.oE._£c_
`
`
`
`333500.05m:3coBDELBE
`
`
`
`Low:05*0:050m:0c0302???:0
`
`
`
`
`
`coSoELouFEmxom:mommmoo<mm:
`
`tauotoo35m.3m:_v._ooo<35a.3m_nc__o><
`thmcE...
`
`
`
`aton—32033.:anm3u=u><
`
`36E
`
`.0sGE
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 14 of 29
`
`US 8,577,813 32
`
`10
`
`
`
`USR System
`
` Lap Top
`Computer
`
`
`
`
`Electronic
`Device
`Automobile
`
`
`
`FIG. 77
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 15 of 29
`
`US 8,577,813 B2
`
`1302
`
`1802
`
`1802
`/ /
`I
`"1
`I—_'—"'
`| Access 1
`
`| Access |
`
`F___ __|l
`i Device E
`
`USR System
`
`1'804
`
`1804
`
`$304
`
`1804
`
`FIG. 78A
`
`___/
`: Access :|
`
`1802
`
`1802
`
`
`
`||1
`
`.1
`
`
`
`1804
`
`———————————
`
`1304
`
`USR System
`
`FIG. 18B
`
` |
`
`i Device E
`
`|
`I
`1
`I
`|___ ___|
`L._.. ___r
`K
`1
`L __________ i __________
`
`7800
`
`/
`
`IO
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 16 of 29
`
`US 8,577,813 B2
`
`1900\ 1902
`
`-
`
`Entity Initiates Access Request
`
`1904
`
`.
`
`1914
`
`1906
`
`\
`
`Entity Supplies
`1) Authentication info
`2) Computer Network ID
`
`USR Receives Access
`
`Request Including
`
`1 Authentication Info
`
`2 Computer Network ID
`
`Provide Indication that
`
`Entity is Denied Access
`
`1.908
`
`No
`
`
` ls
`
`
`Auth.
`Info Vaiid
`for a User
`
`9
`
`Yes
`
`
`
`
`
`ls Entity Authorized
`
`to Access the Computer Network
`
`Identified by the ID
`
`
`Yes
`
`
`
`
`
`
`1912
`
`Allow Communications Between
`
`the Entity and Secure System
`
`FIG. 79
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 17 of 29
`
`US 8,577,813 32
`
`2000 \
`
`Entity initiates Access Request
`
`2002
`
`2004
`
`2006
`
`Entity Supplies
`Authentication information
`
`
`
`Secure System Receives
`Authentication Information
`
`
`
`2008
`
`Secure System Communicates
`Authentication Information to USR
`
`2010
`
`USR Validates
`Authentication Information
`
`2014
`
`2016
`
`Secure System Receives
`Indication from USR
`
`Secure System Grants or
`Denies Access Based
`on the indication
`
`FIG. 20
`
`
`
`US. Patent
`
`Nov.5,2013
`
`Sheet 13 of 29
`
`US 8,577,813 B2
`
`Responder
`
`Challenger /
`
`2300
`
`2152Hririterf3331
`
`2’35\
`
`.I
`
`: Biometric :
`
` Database
`
`213:
`2140
`
`
`2142— 2754
`2744
`\\_________|
`\l______4__,__._l
`
`
`Secure
`
`.2146
`
`
`| Addititionai
`:
`
`Wireless T/R I
`|_ __________ _l
`
`I
`Fiat—689336“ Addititionol
`I_ ______ J! Wireless T/R I
`L. __________ _l
`
`FIG. 27
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 19 of 29
`
`US 8,577,813 B2
`
`
`E
`r “““ 7—7" "*I
`r‘“
`Shutdown
`f
`Delete
`Per‘ofi‘ca'w ,
`I No:
`Device #1
`|
`Data
`Commumcate WithI—I
`L _________ J
`L§992399£<1b9§£J
`
`
`
`
`
`
`210
`
`216
`214
`_ __________1 __.1__-
`.1
`Periodically "I Nol—
`Delete
`No :
`lCommunicate withi—"i
`Data
`'LSecure Database I
`j
`
`212
`
`Shutdown
`Device #2
`
`
`
`1
`[
`J
`
`FIG. 22A
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 20 of 29
`
`US 8,577,813 B2
`
`213
`
`initiate Valid
`Communication Protocol
`
`Yes
`
`220
`
`Transmit First Wireless Signal
`Containing Encrytped Authentication
`Information to Device 2
`
`
`
`
`
`
`
`
`
`
`
`
`Authenticate Identity of User #1
`
`r____________________________/_
`
`Yes
`
`222
`
`226
`
`l
`Transmit Second Wireless Signal
`l
`i Containing Encrytped Authentication :
`l
`I
`
`i“
`No I
`----j
`l
`
`‘I
`I
`I
`Authenticate Identity of User #2
`I
`____________________________ J
`
`2284/
`
`I Yes
`
`_____________________________ _|
`
`:
`Contact Secure Database
`:
`for Information
`____________________________ _|
`
`
`
`230/ I
`
`
`
`Take Appropriate Action
`
`224
`
`FIG. 223
`
`
`
`US. Patent
`
`flu
`
`S
`
`2
`
`,m
`
`92
`
`US 8,577,813 B2
`
`
`1En.NR.
`
`a\\mA3%9550vSouoEwEoEuBQCocoxoxmmo
`
`MNGE
`
`m,/2n/mom/.3»,En/wonm4/02.
`BonxmmomESIocO33305in..230oEzlocOV83055_B_m_n_vafiflmvLevomIv
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 22 of 29
`
`US 8,577,813 132
`
`400
`
`\
`
`
`
`
`Sense Header #1
`
`Verify Protocol
`
`
`
`I Verify/Decrypt Respondent #1
`:
`Digital Signature
`
`Yes
`
`
`
`
`i
`i
`
`/ 404
`
`|
`
`{Verify/Decrypt One—time Code
`I_ ________________________ __|
`
`:|
`
`Authenticate User #1
`
`406
`
`FIG. 24
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 23 of 29
`
`US 8,577,813 B2
`
`520\
`
`522
`
`Receive Public ID #1 PKI Encrypted DES
`Key. Encrypted Portion of Biodato
`
`Look Up from ID #1, Public Key #1
`
`524
`
`526
`
`528
`
`530
`
`f I
`
`E
`
`
`
`Look Up Remainder of
`Biodoto Information #1
`
`
`
`Combine Biodoto Information to
`Recreate Biodoto Information
`
`
`
`I
`I
`
`:
`:
`
`Process Biodoto information
`
`
`
` 5.36
`
`FIG. 25
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 24 of 29
`
`US 8,577,813 B2
`
`6‘20
`
`
`\
`
`Receive Public Key ID #1, PKI
`Encrypted DES Key (Optional)
`
`
`
`
`Look Up Public Key #1
`
`
`
`Unhash Files
`
`Transmit Public ID #2 Information
`to Secure Database
`
`Determine Whether l0 #2 Has Right
`to Access Secure Database
`
`622
`
`624
`
`626
`
`628
`
`6.30
`
`6.34
`
`
`
`
`
`
`
`r—uEBBEFGEENSE—‘prééfiéii;Eo—d—e""l
`From lDi
`Information (Time—varying)
`L ______________________________ J
`
`
`
`
`
`
`
`
`
`
`
`
`Transmit Public ID #1 from Device #2
`to Secure Database
`
`6.32
`
`Access with Secure Database at Least
`
`Portion of Bio information of Entity #1
`
`Transmit Bio Information of
`Entity #1 to Device #2
`
`6.36
`
`Display Bio Information
`
`6.38
`
`Process Biodata Information
`
`FIG. 26
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 25 of 29
`
`US 8,577,813 32
`
`720
`
`\
`
`722
`
`724
`
`725
`
`728
`
`Private Key of #2
`
`Public Keys of
`Plural 1st Entities
`
`Portion of Biodato
`Files of Other Users
`
`Biodota of #2
`
`FIG. 27
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 26 of 29
`
`US 8,577,813 B2
`
`8Nh
`
`
`
`mEBmxw5050
`
`m:
`
`m:
`
`N:
`
`#2
`
`00$
`
`“Hanna-f
`
`33300
`
`TON“
`
`0:
`
`mew“
`
`E398
`
`LemmoooLa
`
`Lo
`
`
`
`5:9::00
`
`____
`
`_.IIIIIIIII._24ton.BoaLI.
`
`mNGE
`
`\th
`
`.0:
`
`$2955
`
`_1|4_Lmtowm_8360
`__3003a3_H033mm:Flynn
`..|||||||||u._llllllE52825:nnaK;3328
`
`yum!“’_‘"NW“_|IIIIIIIIIIIFma...“
`v.3mmfiL“20:9:_525a
`
`Lmiwoom_ »
`
`
`
`
`
`F1III:lllllllllllllllIL4./.v9khT\\\V8300Lvtm>coomm.“
`
`on:\
`
`we:
`
`Ewyflnw
`
`VNN
`
`NN“
`
`$98309Low:
`
`.5:55:
`
`mNh
`
`NW.“
`
`Lowcmm
`
`oEoEEmHE
`
`
`
`mmootoyENQT\NM.“mm.”
`
`
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 27 of 29
`
`US 8,577,813 32
`
`262
`
`
`
`
`
`
`
`
`
`Authenticate User
`
`
`
`Simulate Data
`
`264
`
`266
`
`268
`
`
`
`Receive User
`
`Information
`L. __________________ _i
`
`270
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 28 of 29
`
`US 8,577,813 B2
`
`QQM.not
`
`
`
`09m,.QE
`
`:E:‘~:-~EH‘
`
`«Gm.6E
`
`th.
`
`/wan
`
`.....F.““““““‘“1
`
`“fin.
`
`
`
`
`
`
`US. Patent
`
`Nov. 5, 2013
`
`Sheet 29 of 29
`
`US 8,577,813 B2
`
`
`
`mkznoooxw-2.02mmm:mszmw
`
`
`
`
`
`>m.rw_0mmmmzommimam—223
`
`vmmmmm
`
`4/03
`
`thmEQm
`
`.:
`
`
`
`_‘2.230091owm
`
`
`
` comF2.2300022com
`
`com
`
`5.0E
`
`2.22093.v.022mm:
`
`
`
`><._nmm_o>4.._n_w_n_
`
`
`
`1
`UNIVERSAL SECURE REGISTRY
`
`CROSS REFERENCE TO RELATED
`APPLICATIONS
`
`'lhis application claims the benefit under 35 U.S.C. § 120 as
`a continuation of US. patent application Ser. No. 127393.586
`filed Feb. 26. 2009. now US. Pat. No. 8.234.220 which is a
`contimtation-in-part of each of US. patent application Ser.
`No. 117760.732 filed Jun. 8. 2007. now U.S. Pat. No. 7.809.
`65]; U.S. patent application Ser. No. 117760.729 filed Jun. 8.
`2007. now U.S. Pat. No. 7.805.372; and U.S. patent applica-
`tion Ser. No. 117677.490 filed Feb. 21. 2007. now U.S. Pat.
`No. 8,001.05 5. This application also claims the benefit under
`35 U.S.C. § 120 as a continuation-impart ofU. S. patent appli-
`cation Ser. No. 137168.556 filed on Jun. 24. 2011. which
`claims the benefit under 35 U .S.C . §120 as a continuation of
`U.S. application Ser. No. 117677.490 filed Feb. 21. 2007. now
`U.S. Pat. No. 8.001.055. Each of U.S. application Ser. Nos.
`117760.732. 117760.729 and 117677.490 claim priority under
`35 U.S.C. §119 (e) to U.S. Provisional Application Nos.
`607812.279 filed on Jun. 9. 2006. and 607859.235 filed on
`Nov. 15. 2006. U.S. application Ser. No. 117677.490 also
`claims priority under 35 U.S.C. §119 (e) to US. Provisional
`Application No. 607775.046 filed on Feb. 21 . 2006. Each of
`the above-identified applications is hereby incorporated
`herein by reference in it's entirety.
`Application Ser. No. 127393.586 filed Feb. 26. 2009 claims
`priority under 35 U.S.C. §119(e) to U.S. Provisional Appli—
`cation
`Ser. No.
`617031.529.
`entitled “UNIVERSAL
`SECURE REGISTR ." filed on Feb. 26. 2008. which is
`herein incorporated by reference in its entirety.
`
`BACKGROUND OF INV’l'iN'l‘ION
`
`1. Field of Invention
`
`Embodiments ofthe invention generally relate to systems.
`methods. and apparatus for authenticating identity or verify-
`ing the identity of individuals and other entities seeking
`access to certain privileges and for selectively granting privi-
`leges and providing other services in response to such iden-
`tificationst’verifications.
`In addition. embodiments of the
`invention relate generally to systems and methods for obtain—
`ing information from and70r transmitting information to a
`user device and. in particular. to systems. methods. and appa-
`ratus that provide for contactless information transmission.
`2. Discussion of Related Art
`
`Control of access to secure systems presents a problem
`related to the identification ofa person. An individual may be
`provided access to the secure system after their identity is
`authorized. Generally. access control to secure computer net-
`works is presently provided by an authentication scheme
`implemented. at least partly. in software located on a device
`being employed to access the secure computer network and
`on a server within the secure computer network. For example,
`if a corporation chooses to provide access control for their
`computer network. they may purchase authentication soft—
`ware that includes server—side software installed on a server in
`their computer system and corresponding client-side soli-
`ware that is installed on the devices that are used by employ-
`ees to access the system. The devices may include desktop
`computers. laptop computers. and handheld computers (cg.
`PDAs and the like).
`In practice. the preceding approach has a number ofdisad—
`vantages including both the difliculty and cost of maintaining
`the authentication system and the difficulty and cost o f main-
`taining the security of the authentication system. More spe-
`
`10
`
`3t]
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 8,577,813 B2
`
`2
`
`cifically. the soltware resides in the corporation‘s computers
`where it may be subject to tamperingfunaulhorized use by
`company employees. That is.
`the information technology
`team that manages the authentication system has access to the
`private keys associated with each of the authorized users. As
`a result. these individuals have an opportunity to compromise
`the security ofthc system. Further. any modification and7or
`upgrade to the authentication system soltware is likely to
`require an update to at least the server-side software and may
`also require an update of the software located on each user7
`client device. In addition. where the company‘s computer
`systems are geographically distributed. sofiware upgradest’
`updates may be required on a plurality of geographically
`distributed servers.
`
`There is also a need. especially in this post September 11
`environment. for secure and valid identification of an indi-
`vidual before allowing the individual access to highly secure
`areas. For example. an FBI agent or an air marshal may need
`to identify themselves to airport security or a gate agent,
`without compromising security. Typically such identification
`may comprise the air marshal or FBI agent showing identifi—
`cation indieia to appropriate personnel. I-lowever. there are
`inherent flaws in this process that allow for security to be
`compromised. including falsification of identification infor-
`mation and failure ot‘the airport security or other personnel to
`recognize the situation. Of course this process could be auto-
`mated. for example. by equipping airport personnel or secti—
`rity with access to a database and requiring the FBI agent or
`air marshal to appropriately identify themselves to the data-
`base. for example, by again providing identification which
`airport personnel can then enter into the database to verify the
`identity of the person seeking access to a secure area. How-
`ever. this process also has the inherent flaws in it as described
`above. In addition. there may be times when airport security
`or personnel may not be able to communicate with the data—
`base to check the identity of the person seeking access. for
`example. when they are not near a computer terminal with
`access to a database or are carrying a hand-held device that
`does not have an appropriate wireless signal to access the
`database. In addition. there is a need to ensure that it' such a
`hand—held device ends up the wrong hands. that security is not
`compromised.
`Further. both commercial (e.g.. banking networks) and
`non-commercial (cg. security systems) information systems
`often rely on magnetic card readers to collect infomiation
`specific to a user (e.g.. a security code. a credit card number.
`etc.) from a user device (eg, a transaction card). Credit card
`purchases made in person provide an example of the most
`common transaction—type that relies on a user device= the
`credit or debit card. which is read by a magnetic card reader.
`User devices that rely on magnetic-stripe based technology
`magnetically store infonnation (e.g.. binary information] in
`the magnetic stripe. The magnetic stripe reader provides an
`interface to a larger computerized network that receives the
`user’s information to detemiine. for example. whether to
`authorize a transaction. to allow the user access to a secure
`area. etc.
`Recently. such devices have seen technological advances
`that increase their capabilities and improvetheir security. For
`example. such devices may now include embedded proces-
`sors. integral biometric sensors that sense one or more bio-
`metric feature (e.g.. a fingerprint) of the user. and magnetic
`stripe emulators. As one result. such devices may provide
`greater security by dynamically generating the necessary
`information. for example. generating the credit card number
`at the time of a transaction. Improved security can also be
`
`
`
`3
`
`4
`
`US 8,577,813 B2
`
`provided by such devices because more sophisticated authenfi
`tication schemes can be implemented with the devices.
`In addition. user devices such as transaction cards may now
`also provide for one or more modes of information transmis-
`sion other than transmission via a magnetic stripetcard reader
`combimttion. For example, user devices that may transmit
`information optically or via radio frequency (“RF") signal
`transmission to a compatible system interface are now avail-
`able. Further. the architecture of a user device that includes a
`processor is generally compatible with both the improved
`security features described above and the contactless trans-
`mission modes such as optical and RF signal transmission. As
`a result of the improved security and greater functionality of
`some current user devices. there is a desire to replace mag—
`netic—stripe based user devices with devices that
`include
`forms ofinformation transmission other than the reading ofa
`nlagIIEIIC-Slz‘lpe.
`There is. however. a substantial installed base of interfaces
`(for example. at points of sale, at automatic teller machines
`(“A'I'M”). and the like) that include magnetic card readers
`which are not equipped to receive information from a user
`device in any other format other than from a magnetic stripe.
`.As a result ofthe cost to replace or retrofit the installed base.
`efforts to more-widely introduce user devices