US009530137B2
`
`(12) United States Patent
`US 9,530,137 B2
`(10) Patent N0.:
`
` Weiss (45) Date of Patent: *Dec. 27, 2016
`
`
`(54) METHOD AND APPARATUS FOR SECURE
`ACCESS PAYMENT AND IDENTIFICATION
`
`(71) Applicant: UNIVERSAL SECURE REGISTRY:
`LLC, Newton, MA (US)
`
`(72)
`
`Inventor: Kenneth P. Weiss, Newton, MA (US)
`
`(73) Assignee: UNIVERSAL SECURE REGISTRY,
`LLC, Newton, MA (US)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`~
`~
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`This patent is subject to a terminal dis-
`claimer.
`
`(21) Appl. N0.: 15/019,660
`
`(22)
`
`Filed:
`
`Feb. 9, 2016
`
`(65)
`
`Prior Publication Data
`
`US 2016/0162902 A1
`
`Jun. 95 2016
`
`(2013.01); G06Q 20/40 (2013.01); G06Q
`20/401 (2013.01); G06Q 30/06 (2013.01);
`(Continued)
`(58) Field of Classification Search
`CPC ................................................ G06Q 20/40145
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`US. PATENT DOCUMENTS
`
`4,720,860 A
`4,856,062 A
`
`1/ 1988 we?”
`8/1989 Weiss
`.
`(Commued)
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`
`EP
`
`0986209 A2
`
`3/2000
`
`”001
`1081632 A1
`(Continued)
`
`OTHER PUBLICATIONS
`
`“Biometrics: Who’s Watching Y0u?”, Electronic Frontier Founda-
`tion (EFF), Sep. 2003, all pages, http://WWW.eif.0rg/Wp/bi0metrics-
`Whos-Watching-you.
`
`Related US. Application Data
`
`(Continued)
`
`(63) Continuation of application No. 14(814,740, filedon
`Jul. 31, 2015, which is a continuation of application
`(Continued)
`
`(51)
`
`Int. Cl.
`G06Q 20/40
`G06F 21/32
`
`(201201)
`(20801)
`(Continued)
`
`(52) U-S- Cl-
`CPC ~~~~~~~~~ G06Q 20/40145 (201301); G06F 21/32
`(2013.01); G06F 21/35 (2013.01); G06F
`21/6245 (2013.01); G06Q 20/3676 (2013.01);
`G06Q 20/385 (2013.01); G06Q 20/3821
`
`Primary Examiner i Calvin Cheung
`(74) Attorney, Agent, or Firm 7 Lando & Anastasi, LLP
`
`ABSTRACT
`(57)
`.
`.
`.
`d.
`A
`ccor mg to one aspect, the invention prov1des a system for
`authenticating identities of a plurality of users. In one
`embodiment, the system includes a first handheld device
`including a wireless transceiver which is configured to
`transmit authentication information, a second device includ-
`ing a Wireless receiver, where the second device is config-
`ured to receive the authentication information.
`
`12 Claims, 28 Drawing Sheets
`
`12
`
`
`
`
`User
`Interface
`
`
`
`
`
`
`
`
`
`USR
`Soflwurs
`
`
`
`
`
`
`
`
`Comm.
`Port
`
`
`
`CPU
`
`19/
`
` _o
`
`/m
`
`wideArea
`Network
`
`Apple 1101
`
`

`

`US 9,530,137 B2
`
`Page 2
`
`Related U.S. Application Data
`
`No. 14/027,860, filed on Sep. 16, 2013, now Pat. No.
`9,100,826, which is a continuation of application No.
`13/621,609, filed on Sep. 17, 2012, now Pat. No.
`8,538,881, which is a continuation of application No.
`13/168,556, filed on Jun. 24, 2011, now Pat. No.
`8,271,397, which is a continuation of application No.
`11/677,490, filed on Feb. 21, 2007, now Pat. No.
`8,001,055.
`
`(60)
`
`Provisional application No. 60/859,235, filed on Nov.
`15, 2006, provisional application No. 60/812,279,
`filed on Jun. 9, 2006, provisional application No.
`60/775,046, filed on Feb. 21, 2006.
`
`Int. Cl.
`
`(51)
`
`G06F 21/35
`G06F 21/62
`G06Q 20/36
`G06Q 20/38
`G06Q 30/06
`G06Q 40/02
`G06Q 50/22
`G07C 9/00
`H04L 29/06
`H04L 9/08
`H04L 9/32
`H04W 12/06
`U.S. Cl.
`
`(52)
`
`(2013.01)
`(2013.01)
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`(2012.01)
`(2006.01)
`(2006.01)
`(2006.01)
`(2006.01)
`(2009.01)
`
`CPC ............. G06Q 40/02 (2013.01); G06Q 50/22
`(2013.01); G07C 9/00087 (2013.01); G07C
`9/00103 (2013.01); H04L 9/0891 (2013.01);
`H04L 9/3231 (2013.01); H04L 9/3247
`(2013.01); H04L 9/3271 (2013.01); H04L
`63/0853 (2013.01); H04L 63/0861 (2013.01);
`H04W12/06 (2013.01); G06F 2221/2115
`(2013.01); G07C 2009/00095 (2013.01); H04L
`2209/56 (2013.01); H04L 2209/805 (2013.01)
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4,885,778 A
`4,998,279 A
`5,023,908 A
`5,058,161 A
`5,097,505 A
`5,168,520 A
`5,237,614 A
`5,280,527 A
`5,361,062 A
`5,367,572 A
`5,398,285 A
`5,457,747 A
`5,479,512 A
`5,485,519 A
`5,657,388 A
`5,664,109 A
`5,813,006 A
`5,870,723 A
`5,915,023 A
`5,971,272 A
`6,016,476 A *
`
`12/1989 Weiss
`3/1991 Weiss
`6/1991 Weiss
`10/1991 Weiss
`3/1992 Weiss
`12/1992 Weiss
`8/1993 Weiss
`1/1994 Gullman et a1.
`11/1994 Weiss et a1.
`11/1994 Weiss
`3/1995 Borgelt et a1.
`10/1995 Drexler et a1.
`12/1995 Weiss
`1/1996 Weiss
`8/1997 Weiss
`9/1997 Johnson et a1.
`9/1998 Polnerow et a1.
`2/1999 Pare, Jr. et a1.
`6/1999 Bernstein
`10/1999 Hsiao
`1/2000 Maes ................... G06Q 20/108
`705/18
`
`6,073,106 A
`6,088,450 A
`6,130,621 A
`6,202,055 B1
`6,253,202 B1
`6,253,203 B1
`
`6/2000 Rozen et a1.
`7/2000 Davis et a1.
`10/2000 Weiss
`3/2001 Houvener et a1.
`6/2001 Gilmour
`6/2001 O’FlaheIty et a1.
`
`6,260,039
`6,308,203
`6,309,342
`6,393,421
`6,498,861
`6,516,315
`6,546,005
`6,581,059
`6,640,211
`6,658,400
`6,678,821
`6,819,219
`6,845,448
`6,941,271
`6,950,521
`7,007,298
`7,237,117
`7,249,112
`7,269,737
`
`7,278,026
`7,412,604
`7,489,781
`7,502,459
`7,548,981
`7,552,333
`7,552,467
`7,571,139
`7,657,639
`7,705,732
`7,742,967
`7,766,223
`7,805,372
`7,809,651
`8,001,055
`8,079,079
`8,234,220
`8,271,397
`8,380,637
`8,423,466
`8,538,881
`8,577,813
`8,594,632
`8,613,052
`8,856,539
`2001/0032100
`2001/0044900
`2002/0046061
`2002/0090930
`2002/0176610
`2002/0178364
`2002/0184500
`2002/0184538
`2002/0194499
`2003/0014372
`2003/0028481
`2003/0037233
`2003/0046540
`2003/0061171
`2003/0074568
`
`2003/0084332
`2003/0085808
`2003/0115490
`2003/0123713
`2003/0129965
`2003/0139984
`
`2003/0163710
`2003/0226041
`2003/0229637
`2004/0014423
`2004/0017934
`2004/0019564
`2004/0034771
`2004/0059923
`2004/0083170
`2004/0088369
`2004/0111625
`
`B1
`B1
`B1
`B1
`B1
`B1
`B1
`B1
`B1
`B2
`B1
`B1
`B1
`B1
`B1
`B1
`B2
`B2
`B2
`
`B2
`B1
`B2
`B1
`B1
`B2
`B2
`B1
`B2
`B2
`B1
`B1
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B1
`B2
`B2
`Al
`Al
`A1
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`Al
`
`A1
`A1
`A1
`A1
`A1
`A1
`
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`
`7/2001
`10/2001
`10/2001
`5/2002
`12/2002
`2/2003
`4/2003
`6/2003
`10/2003
`12/2003
`1/2004
`11/2004
`1/2005
`9/2005
`9/2005
`2/2006
`6/2007
`7/2007
`9/2007
`
`10/2007
`8/2008
`2/2009
`3/2009
`6/2009
`6/2009
`6/2009
`8/2009
`2/2010
`4/2010
`6/2010
`8/2010
`9/2010
`10/2010
`8/2011
`12/2011
`7/2012
`9/2012
`2/2013
`4/2013
`9/2013
`11/2013
`11/2013
`12/2013
`10/2014
`10/2001
`11/2001
`4/2002
`7/2002
`11/2002
`11/2002
`12/2002
`12/2002
`12/2002
`1/2003
`2/2003
`2/2003
`3/2003
`3/2003
`4/2003
`
`5/2003
`5/2003
`6/2003
`7/2003
`7/2003
`7/2003
`
`8/2003
`12/2003
`12/2003
`1/2004
`1/2004
`1/2004
`2/2004
`3/2004
`4/2004
`5/2004
`6/2004
`
`Schneck et a1.
`Itabashi et a1.
`Blazey et a1.
`Paglin
`Hamid et a1.
`Gupta
`Berkley et a1.
`Barrett et a1.
`Holden
`Perell et a1.
`Waugh et a1.
`Bolle et a1.
`Chaganti et a1.
`Soong
`Marcovici et a1.
`Shinzaki et al.
`Weiss
`Berardi et a1.
`Robinson ............... G06Q 20/04
`340/5 . 82
`
`McGowan
`Doyle
`Klassen et a1.
`Moseley
`Taylor et a1.
`Wheeler et a1.
`Lindsay
`Giordano et a1.
`Hinton
`Bishop et a1.
`Keresman, III et a1.
`Mello et a1.
`Weiss
`Weiss
`Weiss
`Zhang et a1.
`Weiss
`Weiss
`Levovitz
`Lanc
`Weiss
`Weiss
`Azizi et a1.
`Weiss
`Weiss
`Mahmud et a1.
`Uchida
`Wright et a1.
`Fujiwara et a1.
`Okazaki et a1.
`Weiss
`Maritzen et a1.
`Sugimura et a1.
`Audebert et a1.
`Wheeler et a1.
`Flitcroft et a1.
`Pearson
`Nakamura et a1.
`Gilbert et a1.
`Kinsella .................. G06F 21/32
`713/186
`
`Krasinski et a1.
`Goldberg
`Russo et a1.
`Geng
`Siegel
`Seigel
`
`..................... G06F 21/10
`705/28
`
`Ortiz et a1.
`Palmer et a1.
`Baxter et a1.
`Croome et al.
`Kocher
`Goldthwaite et a1.
`Edgett et a1.
`ShamRao
`Bam et a1.
`Yeager et a1.
`Duffy et a1.
`
`

`

`US 9,530,137 B2
` Page 3
`
`(56)
`
`References Cited
`US. PATENT DOCUMENTS
`
`2010/0046443 A1
`2010/0049615 A1*
`
`2/2010 Jia et a1.
`2/2010 Rose ...................... G06Q20/02
`705/17
`
`2004/0117215 A1
`2004/0117302 A1
`2004/0133787 A1
`2004/0151351 A1
`2004/0188519 A1
`2004/0230536 A1
`2004/0236699 A1
`2005/0001711 A1
`2005/0035847 A1
`2005/0039027 A1
`2005/0097362 A1
`2005/0113070 A1
`2005/0187843 A1
`2005/0187873 A1
`2005/0210270 A1
`2005/0235148 A1
`2005/0238147 A1
`2005/0238208 A1
`2006/0000900 A1
`2006/0016884 A1
`2006/0087999 A1
`2006/0104486 A1
`2006/0122939 A1
`2006/0165060 A1
`2006/0180660 A1
`2006/0191995 A1
`2006/0205388 A1
`2006/0206724 A1
`2006/0256961 A1
`2006/0276226 A1
`2007/0005988 A1
`2007/0040017 A1
`2007/0079136 A1
`2007/0118758 A1
`2007/0124597 A1
`2007/0124697 A1
`2007/0140145 A1
`2007/0186105 A1
`2007/0186115 A1
`2007/0198436 A1
`2007/0245152 A1
`2007/0256120 A1
`2007/0265984 A1
`588;;8533333 :1
`2008/0005576 A1
`2008/0006691 A1*
`
`6/2004 Marchosky
`6/2004 Weichert et a1.
`7/2004 Doughty et a1.
`8/2004 110
`9/2004 Cassone
`11/2004 1:qu et a1.
`11/2004 Beenau et a1.
`1/2005 Doughty et a1.
`2/2005 Bonalle et a1.
`2/2005 Shapiro
`5/2005 Winget et a1.
`5/2005 Okabe
`8/2005 Lapsley et a1.
`8/2005 Labrou etal.
`9/2005 Rohatgi et a1.
`10/2005 Scheidt et a1.
`10/2005 Carro
`10/2005 Sim
`1/2006 Fernandes et a1.
`1/2006 Block et a1.
`4/2006 Gustaye et a1.
`5/2006 Le Salnt et al.
`6/2006 Cohen et a1.
`7/2006 Dua
`8/2006 Gray
`8/2006 Stewart et a1.
`9/2006 Semple et a1.
`9/2006 Schaufele et a1.
`11/2006 Brainard et al.
`12/2006 Jiang
`“2007 Zhang et 31'
`2/2007 K921.”
`4/2007 V1sh1k et a1.
`5/2007 Takahashi et a1.
`5/2007 Bedingfield
`5/2007 Dongelmans
`6/2007 Kumar et a1.
`8/2007 Bailey et 31.
`8/2007 Gao et a1.
`8/2007 Weiss
`10/2007 Pizano 6t 3L
`11/2007 Shatzkamer et 31'
`11/2007 Santhana
`3/588; $2:
`e1ss
`1/2008 W'
`1/2008 Bonalle .................. G06K 19/07
`235/380
`
`1/2008 Hinton
`2008/0021997 A1
`2/2008 Uzo
`2008/0040274 A1
`5/2008 Yasaki et 31.
`2008/0127311 A1
`6/2008 Robinson ............... G06Q 20/40
`2008/0147481 A1*
`9/2008 Doyle
`2008/0212848 A1
`_
`11/2008 Rifai
`2008/0275819 A1
`3/2009 S°h91¥11°k et 31'
`2009/0083544 A1
`4/2009 Ors1n1 et 31'
`2009/0097661 A1
`$3883 Sigma
`3883/8323)? :1
`8/2009 Clark
`2009/0203355 A1
`2009/0265764 A1* 10/2009 Schultz ................ G06Q10/107
`726/4
`
`2009/0287921 Al
`2009/0292641 A1
`2010/0000455 A1
`2010/0038418 A1*
`
`11/2009 Zhu et 31.
`11/2009 Weiss
`1/2010 Harper
`2/2010 FomitcheV ............. G06Q 20/20
`235/379
`
`2010/0241570 A1
`2011/0258120 A1
`2011/0283337 A1
`2012/0037479 A1
`2012/0130904 A1
`2012/0150750 A1
`2012/0230555 A1
`2012/0240195 A1
`2013/0024374 A1
`2013/0307670 A1
`2013/0318581A1
`2014/0096216 A1
`2014/0101049 A1
`2014/0149295 A1
`2014/0196118 A1
`2015/0046340 A1
`
`9/2010 Keresman, III et a1.
`10/2011 Weiss
`11/2011 Schatzmayr
`2/2012 Lucchi et a1.
`5/2012 Weiss
`6/2012 Law et a1.
`9/2012 Miura et a1.
`9/2012 Weiss
`1/2013 Welss_
`11/2013 RamaCI
`11/2013 Counterman
`4/2014 Welss
`4/2014 Fernandes et a1.
`5/2014 Weiss
`7/2014 WeiSS_
`2/2015 Dlmrmck
`
`FOREIGN PATENT DOCUMENTS
`
`GB
`WO
`WO
`WO
`WO
`WO
`
`2382006 A
`9207436 A1
`9636934 A1
`0214985 A2
`2010000455 A1
`2012037479 A1
`
`5/2003
`4/1992
`11/1996
`2/2002
`1/2010
`3/2012
`
`OTHER PUBLICATIONS
`
`“Bluetooth Technology FAQ”, Mobileinfo.com, Jan. 21, 2001, all
`pages,
`http://WWW.Web.archive.org/Web/200101211551/http://
`www.mobileinfo.com/Bluetooth/FAthm.
`“FIPS Pub 46-3”, National Institute of Science and Technology
`(NIST) Oct 25 1999 all
`“
`’
`.
`'
`’
`.
`’
`Pages
`.
`.
`.
`.
`,,
`Information Security: Challenges in us1ng biometrics , Sep. 9,
`2003, all pages, <http://Www.gao.gov/news.1tems/d031137t.pdf>.
`“PUP: An Introductlon t0 cryptOgraphy”, 2000, all pages.
`“Single Sign on Authentication”, Authentication World, Mar. 13,
`2007, all pages, retrieved Jul. 9, 2010 Via Wayback Machine,
`<http://Web.archive.org/Web/20070313200434/http://WWW.
`authenticationworld.com/Single-Sign-On-Authentication/>.
`Hungtington, “101 Things to know about single sign on”, Authen-
`tication World, 2006, all pages, <http://Www.authenticationworld.
`com/Single-Sign-On-Authentication/
`“
`.
`,,
`101ThingsToKnowAboutSingleSignOn.pdf>.
`Kessler, A11 OVeereW 0f CTYPFOnghY a A118 22a 2002, all pages,
`retrieved V1a Wayback Machine on Jan. 19, 2010, http://WWW.
`garykesSler~net/1ibmry/°rypt0~htm1~
`Pabrai, “Biometrics for PC-user authentication: a primer”, Access
`Controls & Security Systems, Feb. 1, 2001, all pages, <http://WWW.
`securitysolutions.conflmag/securitibiometricsipcuseriauthenti-
`cation/index.html>.
`Treasury Board of Canada Secretariat, PKI for Beginners Glossary,
`http://www.tbs-sct.gc.ca/pki-icp/beginners/glossary-eng.asp.
`International Search Report and Written Opinion for International
`Application No. PCTflJS2011/051966, 49 pages.
`International Search Report
`from PCT Application No. PCT/
`U52007/004646 malled N°V~ 27, 2007~
`_
`_
`International Search Report
`from PCT Application No. PCT/
`USZOO7/070701 mailed Mar. ll, 2008.
`Internati/onal Search1 (Report
`from PCT Application No. PCT/
`US2009 035282 maie Ju. 10, 2009.
`
`* cited by examiner
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 1 of 28
`
`US 9,530,137 B2
`
`12
`
`/70
`
`20
`
`22
`
`26
`
`RAM
`
`18
`
`USR
`Software
`
`User
`Interface
`
`Comm.
`Port
`
`Mde
`Area
`Network
`
`
`
`76
`
`14
`
`Universal Secure
`Registry
`
`24
`
`.30
`
`—. 30
`
`
`
`Person No. 2
`
`Person No. n
`
`.
`
`.
`
`FIG.
`
`1
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 2 of 28
`
`US 9,530,137 B2
`
`10
`
`Computer
`Module
`
`Computer
`Module
`
`Computer
`Module
`
`USR System
`
`Computer
`Module
`
`Computer
`Module
`
`Computer
`Module
`
` ‘
`
`27
`
`
`
`Interface
`Center
`
`Wide Area Network
`
`Interface
`Center
`
`27
`
`
`
`
`
`
`
`Interface -
`
`In terface
`Center
`Center
`
`
`
`
`
`
`
`27
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`27
`
`27
`
`FIG. 2
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 3 of 28
`
`US 9,530,137 B2
`
`on
`
`cofloa
`
`F.02
`
`8222
`
`cozoctec.
`
`x2.
`
`8:09:85
`
`2233
`
`o_no__u><
`
`cozoEgot:
`
`8.,
`
`cozoozaa<
`
`5:05.85
`
`$82
`
`53258:.
`
`c232;
`
`832585
`
`.0282
`
`5:05.25
`
`28:85
`
`.650EB
`
`.228:
`
`coonLoE
`
`hGE
`
`3‘
`
`Nw
`
`0V
`
`
`
`
`
`
`
`
`
`
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 4 of 28
`
`US 9,530,137 B2
`
`
`
`
`Public
`Information
`Computer
`Module
`
`Financial
`Information
`Computer
`Module
`
`Medical
`Information
`Computer
`Module
`
`
`
`USR System
`
`
`
`
`
`
`
`
`
`Tax
`Job
`Address
`Information Application Information
`Computer Computer Computer
`Module
`Module
`Module
`
`
`Centers
`
`Public
`Tax _
`Information
`Information
`Wide Area Network
`
`Interface
`Interface
`Centers
`Centers
`
`Medical
`Information
`Interface
`Centers
`
`Job Application
`Information
`Interface
`Centers
`
`Financial
`Information
`Interface
`Centers
`
`Address
`Information
`Interface
`
`FIG. 4
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 5 of 28
`
`US 9,530,137 B2
`
`Train the Database
`
`500
`
`Validate Person’s
`Identification
`
`502
`
`
` No
`
`Does
`Person Have Rights to
`
`
`Enter Data
`
`‘?
`
`
`
`Enable Person to Enter
`Basic Personal Data
`
`
`Does
`Person Have Right to
`Enter Additional Data
`?
`
`
`
`Yes
`
`508
`
`Enable Person to Enter
`
`Advanced Personal Data
`
`510
`
`Enable Person to Specify Access
`to Advanced Personal Data
`
`
`
`512
`
`FIG. 5
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 6 of 28
`
`US 9,530,137 B2
`
`
`
`Enable Access to
`
`
`Basic Personal Data
`
`
`
`600
`
` ls
`No
`
`Additional Information
`
`Requested
`?
`
`
`
`
`
`
`
`Is Person
`
`
`Does Requester
`Participating in
`Have Rights to Access
`
`
`Transaction
`Type of Requested
`
`
`Data ‘?
`
`
`
`Validate Person's
`Identity
`
`Enable Person to
`Change Access
`Rights to Data
`
`
`
`
`
` Does Requestor
`
`Have Rights to Access
`Type of Requested
`Data ?
`
`Cause USR to Enable
`Access to Type of
`Requested Data
`
`
`505
`
`610
`
`Return
`
`
`FIG. 6
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 7 of 28
`
`US 9,530,137 B2
`
`700
`
`702
`
`704
`
`706
`
`708
`
`710
`
`712
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to Credit
`Card Company
`
`5 Amount of Purchase
`
`(1) Code from Secure ID
`
`E2; Store Number
`
`Credit Card Company
`Sends Code to USR
`
`USR Determines if Code is Valid, and if
`Valid Accesses User's Credit Card
`Information and Transmits Credit Card
`
`Number to Credit Card Company
`
`Credit Card Company Checks
`Credit Worthiness and Declines
`Card or Debits User's Account and
`
`Transfers $ to Merchant's Account
`
`000 Notifies Merchant of
`Result of Transaction
`
`FIG. 7
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 8 of 28
`
`US 9,530,137 B2
`
`800
`
`802
`
`804
`
`806
`
`808
`
`810
`
`812
`
`814
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USR
`
`
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`USR Accesses User’s Credit Card
`Information and Transmits to CCC
`
`(1) Credit Card Number
`(2) Store Number
`(3) Amount of Purchase
`
`and Transfers $ to Merchant's Account
`
`CCC Checks Credit Worthiness and
`
`Declines Card or Debits User's Account
`
`CCC Notifies USR of
`Result of Transaction
`
`USR Notifies Merchant of
`Result of Transaction
`
`FIG. 8
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 9 of 28
`
`US 9,530,137 B2
`
`900
`
`902
`
`904
`
`906
`
`908
`
`910
`
`912
`
`914
`
`User Initiates Purchase and
`Writes Check to Merchant
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USR
`
`
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`USR Accesses User's Bank
`Information and Transmits to Bank
`
`(1) Bank Account Number
`(2) Store Number
`(3) Amount of Purchase
`
`
`
`Bank Checks Account Balance
`
`to Verify Availability of Funds
`
`Bank Notifies USR of
`Result of Verification
`
`USR Notifies Merchant of
`Result of Verification
`
`FIG. 9
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 10 of 28
`
`US 9,530,137 B2
`
`
`
`1000
`
`User Initiates Anonymous Purchase
`by Entering Secret Code in Secure
`ID and Transmitting Result to
`On—Line Merchant
`
`Merchant Transmits to USR
`
`(3) Amount of Purchase
`
`(1) Code from Secure ID
`(2) Store Number
`
`USR Determines if Code is Valid
`
`USR Accesses User’s Credit Card
`Information and Transmits to 000:
`
`(1) Credit Card Number
`2 Store Number
`3 Amount of Purchase
`
`and Transfers $ to Merchant’s Account
`
`000 Checks Credit Worthiness and
`Declines Card or Debits User’s Account
`
`CCC Notifies USR
`of Result of Transaction
`
`1 002
`
`1 004
`
`1 006
`
`1 008
`
`1010
`
`1014
`
`If Credit Declined,
`USR Notifies Merchant
`
`1012
`
`1016'
`
`If Credit Accepted. USR
`Accesses Address Code
`and Provides Merchant
`
`with Address Code
`
`Merchant Labels Package
`with Address Code and Ships
`
`FIG. 10
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 11 of 28
`
`US 9,530,137 B2
`
`User Provides Address
`Code on Public Area
`
`User Provides Address Information
`in Address Area of USR
`
`Person Places Public Code
`on Parcel
`to be Mailed
`
`Post Office Accesses USR
`to Retrieve Address Information
`
`1100
`
`1102
`
`1104
`
`1106
`
`1108
`
`1110
`
`to
`Post Office Delivers Parcel
`Address in Address Area of USR
`
`Post Office Prints Bar Code
`on Parcel
`to Automate
`Delivery of Parcel
`to Address
`in Address Area of USR
`
`
`
`FIG.
`
`11
`
`User Provides Telephone
`Code on Public Area
`
`1200
`
`1202
`
`1204
`
`1206
`
`
`
`User Provides Telephone Information
`in Telephone Area of USR
`
`Person Dials USR Phone Number and
`Enters Telephone Code for User
`
`USR Connects Person to Telephone
`Number Without Providing User
`Person with Telephone Number
`
`FIG. 12
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 12 0f 28
`
`US 9,530,137 B2
`
`Do:
`
`No:
`
`$0!
`
`no:
`
`no:
`
`5m: m.5GE
`
`
`
`
`
`
`
`:030EL85Eooom3:012:0cozoELRE
`
`3:52B5:82.;3:oEoo__0n_BmtEmcoc.ucc
`
`620:9230mmF09321ANV
`
`
`
`mEUCBBBmoLoam.wEooomoo__on_A3
`
`
`
`53$:_oc_E:owas$82._83:28;
`
`3GE
`
`3:8238:85?3L303;3mtEmco¢ncocozoELEE
`
`2020:0.230mmho9.32;A3
`
`o>€n_3mEEwS<
`
`coEoo__0n_B5300;3ch
`
`
`
`26E3flant<2mm:
`
`562.2,3538222
`
`
`
`a.830mmE280gmbwm9.35..6m:
`
`o.83$5£80“9.0mm2ch5m:
`
`
`
`mm:3mtEchFcoEoo__0n_
`
`n:833ES...260
`
`
`
`mm:9.mtEmcoc.882:3
`
`
`
`a.932.5Eotovoo
`
`25>2$8:$2.233mm:
`
`26>2$8282,538mm:
`
`/N92
`
`Q02
`
`3.2
`
`8.2
`
`mam.“
`
`:aEmoyocmfem:mommooo<mm:
`
`
`
`
`
`23530;;mam:3382mm:
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 13 of 28
`
`US 9,530,137 B2
`
`00.2
`
`N93
`
`V02
`
`82
`
`mums
`
`.52.. m.N6?.
`
`
`
`
`
`cozoo=qa<mmmm:mommmoo<mm:
`
`
`
`o_no__o><mtEmcEHucocozoctoE
`
`
`
`$315.00.6Lem:3cozoELQE
`
`5m:9:B:33:0550232:0
`
`3wt
`
`
`
`
`
`costhoE.fem:mommoou<mm:
`
`mtEmco¢vcoouooate;3@52823.6a2m_nu__o><
`
`
`
`atom8corthoEm_no__o><
`
`Loopboa“3mgmoo
`
`EoEtoa<go:3552,a
`
`2.32.”.33:30how:
`
`352838352
`
`983mmE2505.0mm95chEn:
`
`988mmc_280Show83cmLow:
`
`Eatmuoomm:3mtEmcoc.5m:
`
`
`
`
`
`2.60cozoozaa<nco9220mm
`
`230mm:3mtEmcE...ban.
`
`
`
`280Egon.can9EsoomE0:
`
`23>m_$8an:t35.528mm:
`
`23>238x3555ngam:
`
`/No.3
`
`009
`
`“69
`
`new“
`
`mam.N
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 14 of 28
`
`US 9,530,137 B2
`
`10
`
`
`
`USR System
`
`Lop Top
`Computer
`
`
`
`Electronic
`Device
`
`Automobile
`
`FIG. 77
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 15 of 28
`
`US 9,530,137 B2
`
`1802
`
`1802
`
`1802
`
`| Access |
`
`i Device i
`
`| Access |
`
`i Device i
`
`|
`|
`I
`|
`I___ ___I
`I___ ___I
`“L__________I __________
`
`7500
`
`/
`
`10
`
`
`
`
`
`
`USR System
`
`1804
`
`1804
`
`1804
`
`1804
`
`[1802
`F‘" ‘I
`| Access |
`i Device i
`I
`I
`
`1802
`
`1804
`
`L__$__J
`'— ——————————
`
`1804
`
`
`
`/
`
`1810
`
`1804
`
`
`
`USR System
`
`
`
`FIG. 183
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 16 of 28
`
`US 9,530,137 B2
`
`1900\ 1902
`
`
`
`Entity Initiates Access Request
`
`
`
`Entity Supplies
`1) Authentication Info
`2) Computer Network ID
`
`USR Receives Access
`
`Request Including
`
`7914
`
`Provide Indication that
`
`
`
`1) Authentication Info
`2) Computer Network ID
`
`Entity is Denied Access
`
`
`ls
`Auth.
`Info Valid
`
`for a User
`
`9
`
`
`
`
`ls Entity Authorized
`
`
`to Access the Computer Network
`
`Identified by the ID
`
`
`1912
`
`
`
`
`Allow Communications Between
`the Entity and Secure System
`
`FIG. 19
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 17 of 28
`
`US 9,530,137 B2
`
`2000\
`
`2002
`
`Entity Initiates Access Request
`
`Entity Supplies
`Authentication Information
`
`
`
`Secure System Receives
`Authentication Information
`
`2004
`
`2006
`
`2008
`
`2010
`
`2014
`
`2016
`
`Secure System Communicates
`Authentication Information to USR
`
`USR Validates
`Authentication Information
`
`Secure System Receives
`Indication from USR
`
`Secure System Grants or
`Denies Access Based
`on the Indication
`
`FIG. 20
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 18 of 28
`
`US 9,530,137 B2
`
`Challenger /
`Responder
`
`
`21524 ——————— -I
`2135
`
`I
`Interface I
`r_>_____
`: Biometric
`
`
`
`2100
`
`
`
`Secure
`Database
`
`2140
`
`2146
`
`
`
`2144
`2154\
`[A ________
`,____ Z_____
`.
`.
`.
`_l
`
`I Addititiona|_i
`:— Interface—H AddItItIonal
`l
`l_ ______ _ll Wireless T/R :
`I_ __________ _l
`I_ __________ _l
`I Wireless T/R I
`
`
`2118
`
`2138
`
`2142
`
`
`
`
`T R
`/
`
`
`
`
`
`
`
`
`FIG. 21
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 19 of 28
`
`US 9,530,137 B2
`
`202
`
`208
`206
`/ __,[____
`I— _____.__.___ __—|
`l—
`Perloellcally '
`: N0:
`l
`lCommumcote wuthl
`|
`L§ssar399£<1bj=§sj
`L
`
`204
`
`Shutdown
`Device #1
`
`
`
`
`210
`
`216
`214
`_ __________/ __[____
`‘|
`.
`.
`“I
`I—
`r
`:
`Perloelcally .
`i No:
`Delete
`:
`|
`.Communlcate wnthl—l
`Data
`L§§22£e_991<1b_°_82J
`L _________J
`
`272
`
`Shutdown
`Device #2
`
`
`
`FIG. 22A
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 20 of 28
`
`US 9,530,137 B2
`
`218
`
`Initiate Valid
`Communication Protocol
`
`Yes
`
`220
`
`Transmit First Wireless Signal
`Containing Encrytped Authentication
`
`222
`
`I
`Transmit Second Wireless Signal
`I
`I Containing Encrytped Authentication }
`|
`I
`
`l—______________l______________'I
`
`o I
`
`————I
`|
`
`Authenticate Identity of User #2
`____________________________ _l
`
`
`
`
`
`224.5*—//L
`
`I Yes
`
`I— ____________________________ ‘I
`
`Contact Secure Database
`for Information
`
`
`
`Take Appropriate Action
`
`224
`
`
`
`FIG. 223
`
`

`

`U.S. Patent
`
`7,
`
`m
`
`mM
`
`US 9,530,137 B2
`
`
`
`nin«Rw\\vnUABow9.650vBowoEoEoBnoyaboco>3mun
`
`MN6?.
`
`
`m//QR.//mom.//mom.“6m.//Newm/
`
`
`
`
`
`
`
`
`monxmmomEzlmcovoya‘foco_xn_.ouoooESImcov9.3035_3_m_n_vegg/EV.63va
`
`ooh.
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 22 of 28
`
`US 9,530,137 B2
`
`400
`
`\
`
`Sense Header #1 Verify Protocol
`
`I Verify/Decrypt Respondent #1
`:
`Digital Signature
`
`l
`:
`
`
` Authenticate User #1
`
`406
`
`FIG. 24
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 23 of 28
`
`US 9,530,137 B2
`
`522
`
`Receive Public ID #1 PKI Encrypted DES
`Key, Encrypted Portion of Biodata
`
`528
`
`524
`
`526
`
`:
`l
`
`I
`:
`
`Look Up Remainder of
`Biodata Information #1
`
`
`
`Combine Biodato Information to
`Recreate Biodata Information
`
`t
`l
`
`i
`:
`
`
`
`5.36
`
`Process Biodato information
`
`FIG. 25
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 24 of 28
`
`US 9,530,137 B2
`
`620
`
`
`
`\ Receive Public Key ID #1, PKI
`
`Encrypted DES Key (Optional)
`
`Look Up Public Key #1
`
`
`
`
`
`I
`Generate Non—predictable Code
`IF
`I
`From |D1 Information (Time—varying)
`I
`L ______________________________ J
`
`
`
`
`
`
`
`
`Transmit Public ID #1 from Device #2
`to Secure Database
`
`Access with Secure Database at Least
`Portion of Bio Information of Entity #1
`
`Transmit Bio Information of
`
`Entity #1 to Device #2
`
`Display Bio Information
`
`Process Biodata Information
`
`FIG. 26
`
`
`
`
`
`
`
`622
`
`624
`
`626
`
`628
`
`630
`
`632
`
`6.34
`
`636
`
`638
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 25 of 28
`
`US 9,530,137 B2
`
`720
`
`\
`
`Private Key of #2
`
`Public Keys of
`Plural lst Entities
`
`Biodoto of #2
`
`Portion of Biodata
`Files of Other Users
`
`
`
`722
`
`724
`
`726
`
`728
`
`FIG. 27
`
`

`

`U.S. Patent
`
`D
`
`US 9,530,137 B2
`
`MmmootBENSmm:mEBmxw
`
`7aLomcwmJm2
`oEwEoEa..........L
`
`Ha.
`
`02+8
`
`v9833.63
`
`mu“
`
`NE
`
`bytEmcE...
`
`kws
`
`003
`
`2:33.36a:
`
`83
`
`8N“
`
`mmGI
`
`6mmongoo"2o:n1IIIIIImm?an.m-n._62035:._
`Lommmooi200MEoymzm"0305.5:a:R*2
`awN:<03J3223,n826.".
`
`/v.2
`
`
`
`33:95:00LozwommN:
`
`
`‘6_Lovomm329:;
`
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 27 of 28
`
`US 9,530,137 B2
`
`262
`
`260\
`
`
`
`
`
`
`
`
`
`
`264
`
`266
`
`268
`
`
`
`Simulate Data
`
`Authenticate User
`
`
`
`Receive User
`'
`Information
`I
`|_ __________________ _|
`
`270
`
`

`

`U.S. Patent
`
`Dec. 27, 2016
`
`Sheet 28 of 28
`
`US 9,530,137 B2
`
`QR.6E
`
`09m.GE
`
`‘titttafii.l
`
`«6».6t
`
`Nun.
`
`Run.
`
`0mm.
`
`/won
`
`
`
`4/«on
`
`\4
`
`\V“““““““4
`
`van.
`
`
`
`
`
`

`

`US 9,530,137 B2
`
`1
`METHOD AND APPARATUS FOR SECURE
`ACCESS PAYMENT AND IDENTIFICATION
`
`CROSS REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a is a continuation of and also claims
`priority under 35 U.S.C. §120 to co-pending US. patent
`application Ser. No. 14/814,740 filed Jul. 31, 2015, entitled
`METHOD AND APPARATUS FOR SECURE ACCESS
`
`PAYMENT AND IDENTIFICATION, which is a continu-
`ation of and also claims priority under 35 U.S.C. §120 to Ser.
`No. 14/027,860, filed Sep. 16, 2013, entitled METHOD
`AND APPARATUS FOR SECURE ACCESS PAYMENT
`AND IDENTIFICATION, issued at US. Pat. No. 9,100,826,
`which application is a continuation of and also claims
`priority under 35 U.S.C. §120 to US. patent application Ser.
`No. 13/621,609, filed Sep. 17, 2012, entitled METHOD
`AND APPARATUS FOR SECURE ACCESS PAYMENT
`AND IDENTIFICATION, issued at US. Pat. No. 8,538,881,
`which application is a continuation of and also claims
`priority under 35 U.S.C. §120 to US. patent application Ser.
`No. 13/168,556, filed Jun. 24, 2011, entitled METHOD,
`SYSTEM AND APPARATUS FOR SECURE ACCESS
`PAYMENT AND IDENTIFICATION, issued at US. Pat.
`No. 8,271,397, which application is a continuation of and
`also claims priority under 35 U.S.C. §120 to US. patent
`application Ser. No. 11/677,490, filed Feb. 21, 2007, entitled
`METHOD, SYSTEM AND APPARATUS FOR SECURE
`ACCESS PAYMENT AND IDENTIFICATION, issued at
`US. Pat. No. 8,001,055, which claims priority under 35
`U.S.C. §119(e) to each of the following US. provisional
`patent applications: Ser. No. 60/775,046 entitled “METHOD
`AND APPARATUS FOR EMULATING A MAGNETIC
`STRIPE READABLE CARD,” filed Feb. 21 , 2006; Ser. No.
`
`60/812,279 entitled “UNIVERSAL SECURE REGISTRY,”
`filed Jun. 9, 2006; and Ser. No. 60/859,235 entitled “UNI-
`VERSAL SECURE REGISTR ,” filed Nov. 15, 2006 each
`of which applications is hereby incorporated herein by
`reference in their entirety.
`
`BACKGROUND OF INVENTION
`
`1. Field of Invention
`
`Embodiments of the invention generally relate to systems,
`methods, and apparatus for authenticating identity or veri-
`fying the identity of individuals and other entities seeking
`access to certain privileges and for selectively granting
`privileges and providing other services in response to such
`identifications/verifications. In addition, embodiments of the
`invention relate generally to systems and methods for
`obtaining information from and/or transmitting information
`to a user device and, in particular, to systems, methods, and
`apparatus that provide for contactless information transmis-
`sion.
`2. Discussion of Related Art
`
`Control of access to secure systems presents a problem
`related to the identification of a person. An individual may
`be provided access to the secure system after their identity
`is authorized. Generally, access control to secure computer
`networks is presently provided by an authentication scheme
`implemented, at least partly, in software located on a device
`being employed to access the secure computer network and
`on a server within the secure computer network. For
`example, if a corporation chooses to provide access control
`for their computer network, they may purchase authentica-
`tion software that includes server-side software installed on
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`a server in their computer system and corresponding client-
`side software that is installed on the devices that are used by
`employees to access the system. The devices may include
`desktop computers, laptop computers, and handheld com-
`puters (e.g., PDAs and the like).
`In practice,
`the preceding approach has a number of
`disadvantages including both the difficulty and cost of
`maintaining the authentication system and the difficulty and
`cost of maintaining the security of the authentication system.
`More specifically, the software resides in the corporation’s
`computers where it may be subject to tampering/unauthor-
`ized use by company employees. That is, the information
`technology team that manages the authentication system has
`access to the private keys associated with each of the
`authorized users. As a result,
`these individuals have an
`opportunity to compromise the security of the system.
`Further, any modification and/or upgrade to the authentica-
`tion system software is likely to require an update to at least
`the server-side software and may also require an update of
`the software located on each user/client device. In addition,
`where the company’s computer systems are geographically
`distributed, software upgrades/updates may be required on a
`plurality of geographically distributed servers.
`There is also a need, especially in this post September 11
`environment, for secure and valid identification of an indi-
`vidual before allowing the individual access to highly secure
`areas. For example, an FBI agent or an air marshal may need
`to identify themselves to airport security or a gate agent,
`without compromising security. Typically such identifica-
`tion may comprise the air marshal or FBI agent showing
`identification indicia to appropriate personnel. However,
`there are inherent flaws in this process that allow for security
`to be compromised, including falsification of identification
`information and failure of the airport security or other
`persomrel to recognize the situation. Of course this process
`could be automated,
`for example, by equipping airport
`persomrel or security with access to a database and requiring
`the FBI agent or air marshal
`to appropriately identify
`themselves to the database, for example, by again providing
`identification which airport personnel can then enter into the
`database to verify the identity of the person seeking access
`to a secure area. However, this process also has the inherent
`flaws in it as described above. In addition, there may be
`times when airport security or personnel may not be able to
`communicate with the database to check the identity of the
`person seeking access, for example, when they are not near
`a computer terminal with access to a database or are carrying
`a hand-held device that does not have an appropriate wire-
`less signal to access the database. In addition, there is a need
`to ensure that if such a hand-held device ends up the wrong
`hands, that security is not compromised.
`Further, both commercial (e.g., banking networks) and
`non-commercial (e.g., security systems) information sys-
`tems often rely on magnetic card readers to collect infor-
`mation specific to a user (e.g., a security code, a credit card
`number, etc.) from a user device (e.g., a transaction card).
`Credit card purchases made in person provide an example of
`the most common transaction-type that relies on a user
`device, the credit or debit card, which is read by a magnetic
`card reader. User devices that rely on magnetic-stripe based
`technology magnetically store information (e.g., binary
`information) in the magnetic stripe. The magnetic stripe
`reader provides an interface to a larger computerized net-
`work that receives the user’s information to determine, for
`example, whether to authorize a transaction, to allow the
`user access to a secure area, etc.
`
`

`

`US 9,530,137 B2
`
`3
`Recently, such devices have seen technological advances
`that increase their capabilities and improve their security.
`For example, such devices may now include embedded
`processors, integral biometric sensors that sense one or more
`biometric feature (e.g., a fingerprint) of the user, and mag-
`netic stripe emulators. As one result, such devices may
`provide greater security by dynamically generating the nec-
`essary information, for example, generating the credit card
`number at the time of a transaction Improved security can
`also be provided by such devices because more sophisticated
`authentication schemes can be implemented with the
`devices.
`In addition, user devices such as transaction cards may
`now also provide for one or more modes of information
`transmission other than transmission via a magnetic stripe/
`card reader combination. For example, user devices that may
`transmit information optically or via radio frequency (“RF”)
`signal transmission to a compatible system interface are now
`available. Further,
`the architecture of a user device that
`includes a processor is generally compatible with both the
`improved security features described a