|||||||||||||||||||||||||||||||||l||l|||||||l|l||||||||||||||||||||||||||||
`
`U8009100826B2
`
`(12) United States Patent
`Weiss
`
`(10) Patent No.:
`(45} Date of Patent:
`
`US 9,100,826 32
`*Aug. 4, 2015
`
`(54)
`
`(71)
`
`METHOD AND APPARATUS FOR SECURE
`ACCESS Pi-XYMENT AND IDENTIFICATION
`
`Applicant: UNIVERSAL SECURE REGISTRY,
`LLC. Newton. MA (US)
`
`(72)
`
`Inventor: Kenneth P. Weiss. Newton. MA (US)
`
`(73)
`
`Assignee: Universal Secure Registry, LLC.
`Newton. MA (U S)
`
`[*1
`
`Notice:
`
`Subject to any disclaimer. the term ofthjs
`patent is extended or adjusted under 35
`U.S.C. 154(13) by 0 days.
`
`This patent is subject to a temiinal dis-
`claimer.
`
`(58}
`
`(56)
`
`21/6245 (2013.01 ); GOéQ 20/3676 (2013.01 );
`(HMQ 20/3115 (2013.01 ); (.069 211/3821
`(2013.01); G06Q 20/40 (2013.01): (106;;
`20/401(2013.01); Gfl6Q30/06 (2013.01);
`GMQ 41002901301); GMQ 50/22 (2013.01):
`1107C 9000370013111): (1071* 9010103
`(2013.01);11041. 9/0891 (201301): 111141.
`9/3231 (2013.01); 11041. 91324171201301);
`11041. 9/32 71 (201301): 11041. 63/0853
`(2013.01): (1061‘ 2221/2115 (2013.01 );
`(Continued)
`Field of Classification Search
`None
`See application file for complete search history.
`
`References Cited
`
`US. PATENT DOCUMENTS
`
`(21)
`
`Appl. No; 141027.860
`
`122)
`
`Filed:
`
`Sep. 16, 2013
`
`(651
`
`(63)
`
`(60)
`
`(51)
`
`Prior Publication Data
`
`US 201410096216 Al
`
`Apr. 3, 2014
`
`Related U.S. Application Data
`
`Continuation of application No. 131621.609. filed on
`Sep. 17. 2012. now Pat. No. 8,538.88]. which is a
`confirmation of application No. 131168.556= filed on
`Jun. 24. 2011, now Pat. No. 8.271.397. which is a
`continuation of application No. 111677.490. filed on
`Feb. 21. 2007, now Pat. No. 8,001.055.
`
`Provisional application No. 601775.046. filed on Feb.
`21. 2006, provisional application No. 601812.279.
`filed on Jun. 9. 2006. provisional application No.
`601859.235. filed on Nov. 15. 2006.
`
`Int. Cl.
`G06F 2.1/00
`IRMW 12/06
`
`(2013.01)
`(2009.01)
`(Continued)
`
`(52}
`
`US. Cl.
`CPC
`
`1104W12/06(2013.01):G06FZI/32
`(2013.01): G06F 21/35 (2013.01): (1061’
`
`4.720.860 A
`4.856.062 A
`
`111988 Weiss
`811989 Weiss
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`FP
`EP
`
`0986209 A2
`1081632 Al
`
`312000
`3"2001
`
`(Continued)
`('J‘l‘tllrlR PUBLJCAI‘IONS
`l’abrai. 1.} . “Biometrics for l’C-User Authentication: A Primer“ Feb.
`1. 2001. Access (.‘onLrols 81 Security Systems. All pages. <http:.-"r'
`unwsecuritysolulionscom-"mag“securitybiometrics pcuser au-
`Ibentication-‘indesbtmb.
`
`(Continued)
`
`Prim/11:11 Examiner — Calvin C heung
`(74) 111101210}; Agent. or Finn — Lando & Anastasi. LLP
`(57)
`ABSTRACT
`According to one aspect. the invention provides a system for
`authenticating identities of a plurality of users.
`111 one
`embodiment. the system includes a first handheld device
`including a wireless transcciver which is configured to trans-
`mit authentication infonnation, a second device including a
`wireless receiver, where the second device is configured to
`receive the authentication il'l.lbl'lJ‘lEltiOn.
`
`35 Claims, 28 Drawing Sheets
`
`
`
`
`
`
`
`
`Apple 1101
`Apple 1101
`
`

`

`US 9,100,826 B2
`
`Page 2
`
`(51}
`
`(56)
`
`473857778 A
`479987379 A
`§~0§37923 A
`7707871 1 A
`570977525 A
`57158754) A
`5733377514 A
`573517063 A
`273333;; A
`-7
`7
`2233;? l
`2'495'515 "
`-7
`A
`372217-33 7:
`57811-006 A
`5:870:723 A
`.7 5023 A
`57“ 7
`5797172713 A
`570737105 A
`21:02:? 2
`I
`u
`s.
`1‘
`572927055 Bl
`2773333131 3:
`6735-07519 131
`673087253 Bl
`6309.342 131
`7
`- 7
`57393744 31
`674987861 Bl
`232%: 3:
`7
`7
`-
`575317959 3'
`6.640.211 Bl
`575537499 B?
`9 131
`67819721
`2593;123:5173:
`679.0791 131
`710071298 131
`7237 117 137
`72
`-
`1 133
`77349-11-
`37337232 3%
`774897281 132
`735021159 Bl
`
`[111.01.
`7:30-37
`2022:
`1
`--
`1
`(2013.01)
`G06F21/62
`72772-7777
`77767227777
`{201201)
`6069 2033
`{2012-01)
`G06920/40
`(2012.01)
`606Q30706
`{201201)
`G06Q 40/02
`(201270”
`6969 50"”
`(2006-01)
`G071? 9/00
`(2006.01)
`H0415 2971315
`(20060”
`”"4“ W
`{200601)
`(52) 3241;?!”
`-
`- 7-
`CPC .. GOYC 2009/00095 (2013.01); HO4L 2209/56
`(2013.01); H1J4L2209/805 (2013.01)
`.
`Referenm Cited
`..
`..
`.
`.
`U5. PM 11M DOC-”MW”
`.
`_
`”U939 We!SS
`3'.199‘ We!“
`531391 We!SW
`‘0'.”91 We?"
`3",1993 We!"A
`”f9” WP!“
`811993 W'3!“
`“1.1994 we!SS “A‘—
`1:17.33: 1:15;:11861
`-
`-
`{3.33; affifmm'
`11.19% W"
`7.
`ASS
`l
`3-133; F1111”
`97.1998 Piinzfxz:711
`271999 97116476181.
`671999 Bel-1151010
`.
`101.1999 ”513°
`5’20”” R02?" 3““-
`[£333 aimed
`.
`3":2001 H9uvenerem7
`2533: 31:3”
`a1
`777001 Sch
`fifty:
`1053001
`11 b“; :t‘ 1‘
`10.500]
`131738 '[37
`'.
`“FY ‘3
`‘
`5.3003 P3811.“
`12’2"” 11.7mm 3““-
`$333;
`(3’:fo er a]
`7;
`‘33”
`51.2903 BMAM‘AL
`10.72003 Holden
`13'2”“ PEWAA‘A‘AL
`1172004 130110010].
`.
`.
`.
`473337;: 948997777417
`91.20075
`5710;171:4161 at a]
`272006 Shinzaki ctal.
`6!.7007 Weiss
`.;
`15 M. \
`l
`777007
`cf “”7
`123533; g‘fi‘m“
`3.2009 Knife“ etal
`3.2009 mosaic),
`
`7
`
`7
`
`'
`
`7.552033 B2
`7.552.467 132*
`7.571.139 131
`7.657.039 32
`7.705.732 32
`7.766.223 131
`
`672009 Wheeleret n1.
`672009 Lindsay
`372009 Giordano 9131,
`2.72010 Hinton
`472010 Bishopel :11.
`872010 Mello et al.
`
`72675
`
`300770193435 7“
`209170345153 7“
`20017025600 Al
`2001302659374 Al’“
`200370005576 Al
`200870021997 Al
`
`313007 W983
`1079007 “231107331
`[1.12007 Shatzkameretal.
`[172007 52111111211121
`1752003 Weiss
`172008 Hinton
`
`972010 Weiss
`1072010 Weiss
`
`..
`..
`
`
`7
`705744
`
`7.805.372 132
`7.809.651 132
`W.
`1272011 Zhangeta].
`8.079.079 132
`”772012 Weiss
`8.234.220 B2
`2338 W
`77.08:
`7'
`.eVUVll‘Z.
`..
`.
`472013 Lane
`8.423.466 132*
`972013 Weiss
`8.538.881 132
`1172013 Weiss
`8.577.813 B2
`7"
`0153
`.
`.
`a
`323731.323 31"“ {$7533 {72,2121 e101.
`8.856.539 02
`1072014 Weiss
`200170032100 Al
`1072001 Mahmud ctal.
`20000044900 Al
`[17'200l Uchida
`3333033330 ii
`$3333 13.73.12.215]
`.
`lljlWflIaei
`200270176610 Al
`1172002 01012711661711.
`200270178364 A1
`1172002 Weiss
`200270184538 Al
`[272002 Sugimumetal.
`200270194499 Al" 1272002 Audcbertctal.
`200370014372 Al
`172003 Wheelcrcta].
`200370028481 Al
`272003 1710068616].
`200370037233 Al*
`272003 Pearson ..................
`200370046540 A1
`372003 Nakmnuraela].
`200370084332 Al
`572003 Krasinski 61 al.
`200370085808 A1
`572003 Goidberg
`200370115490 Al
`6.72003 Russoetal.
`200370123713 A1
`772003 Geng
`200370129965 A1
`772003 Siegel
`200370163710 Al
`872003 0111261711.
`200370226041 Al
`1272003
`Pain-16761 711.
`200370229637 Al
`1272003 1368167616].
`200470014423 AlW 172004 Croomectal.
`200470017934 Al
`172004 Koehor
`200470034771 Al
`272004 Edgell e16].
`200470059923 A1
`372004 ShamRzlo
`200470088369 A17
`572004 Yeagereta].
`200470111625 A1
`672004 1311113761711.
`200470117215 A1
`672004 Mmehosky
`200470117302 Al
`672004 Wcichcrtetal.
`200470133787 Al
`772004 Doughtycta].
`3334:9335; A1
`333% 2°
`4.01
`l
`"Al
`’.
`'am’”
`200470236699 Al
`11.72004 Beenau elal.
`200570001711 A1
`172005 Doughtyetal.
`200570039027 Al
`272005 Shapiro
`233573097363 A1“
`53335 $113771 e: a].
`|l.
`200570187843 :1
`872005 1'Apslgye1 21].
`200570187873 Al
`872005 Labl'ou et :11.
`200570210270 Al
`972005 Rehatgictal.
`200570235148 A1
`1072005 Schcidtetal.
`200570238147 Al
`1072005 C_arro
`200570238208 Al
`1072005 Slm
`200670000900 Al
`172006 Fernandeseta].
`200670016884 Al
`172006 Blockctal.
`200670087999 Al‘“
`472006 Cnlsmye elal.
`200670104486 A1
`572006 Le Saint e1 al.
`200670122939 A1
`672006 Cohen eta].
`2005.0155060 m 7.2006 Dua
`200670206724 Al
`972006
`86117111871“: 01
`-
`‘
`-
`200670256961 A1
`11.72006 Bralnard elal.
`200670276226 Al“ 1272006 .1ng .......................
`200770005988 A1W 172007 Zhangeta].
`”mgm” "1
`2:200? K01]?
`1
`2007.
`79136 Al
`4.2007 Vol 0171.
`200770118758 AIW 572007 77.107113511761711.
`200770124597 A1
`572007 Bedingfield
`200770124697 A1
`572007 Dongelmans
`200770140145 Al"
`672007 Kumal'ctal.
`200770186105 A1
`8.72007 Bailcyelal.
`
`.
`
`...........
`
`'
`
`45574“
`
`7137201
`
`7137156
`
`4557412
`
`7097217
`
`7137201
`
`3707328
`
`4557558
`7137186
`
`7137186
`
`37077254
`
`705765
`
`

`

`US 9,100,826 B2
`
`Page 3
`
`(56}
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`200870040274 Al
`272008 Uzo
`572008 Yasaki etal.
`200870127311 A1
`200870212848 Al
`972008 Doyle
`200870275819 Al
`1172008 Rifai
`200970083544 Al
`372009 Schoinick et al.
`472009 Orsinietal.
`200970097661 A1"
`672009 Sacco
`200970144814 Al
`772009 Schaffncr
`200970175507 Al
`872009 Clark
`200970203355 A1"
`1172009 Weiss
`200970292641 .~\1
`72010 Jiact al.
`201070046443 Al
`1072011 Weiss
`201170258120 A1
`201170283337 Al" 117201] Sehalzmayr
`201270130904 Al
`72012 Weiss
`201270150750 Al"
`672012 Lawetal.
`201270230555 Al"
`972012 .VIiuraetal.
`201270240195 Al
`972012 Weiss
`201370024374 Al
`172013 Weiss
`........................ 34075.82
`201370307670 A1"
`1172013 Ramaci
`20137031858i A1"
`1172013 Counterman
`72677
`201470101049 A1"
`472014 Fernandesetal.
`705744
`201470149295 Al
`572014 Weiss
`201470196118 A1
`772014 Weiss
`201570046340 A1”
`272015 Dimmick
`
`3807279
`
`4557411
`
`72673
`705776
`.................. 3827124
`
`
`
`705772
`
`FOREIGN PATENT DOCUMENTS
`
`GB
`W0
`W0
`WO
`WO
`W0
`
`2382006 A
`9207436 A]
`9636934 Al
`0214985 A2
`2010000455 A]
`20127037479 A9
`
`572003
`471992
`1171996
`272002
`[72010
`772012
`
`011 [ER PUBLICATIONS
`
`“Information Security: Challenges in Using Biometrics" Sep. 9.
`2003. All pages. <http177uw:gao.gow'new. item $711103 1 1371.9(115.
`Huntington. G. “101 Things to Know About Single Sign on." 2006.
`Authentication World. All pages. <http:77www.aumentieationworld.
`com-7Single-SignaOn-Aulhenl‘icationi‘
`10 l ThingsToKnowAboutSingleSignOnpdfb.
`“Single Sign on Authentication" Mar. 13. 2007. Authentication
`World. All pages. Retrieved Jul. 9. 2010 via Waybacl: Machine.
`<htlp:77web.archiveorgfwebfl 007 03 132004347h1tpr77www.
`authenticationworld.com7Single-Sign-On-Atlthenticatiors’>.
`
`from corresponding PCT-11520077
`
`Kessler. (3. “An Overview of Cryptography.” Aug. 22. 2002. All
`pages. Retrivecl viaWayback Machine on Jan. 19. 2010. hltp::'.-'www_
`garykessler.net-"iibrmy7erypto.html.
`Treasury Board of Canada Secretariat. PKI for Beginners Glossary.
`http:Home“.tbs~scl.ge.cafpki—icpx'beginners-"glossary—eng.asp.
`“FIPS PUB 46-3." Oct. 25. 1999. National Institute of Science and
`’I'echnology (NIS‘I‘). All pages.
`Intemationai Search Report from PCT-'1J820077004646 mailed Nov.
`2'7. 200?.
`International Search Report
`070701 mailed Mar. 1 1. 2008.
`International Search Report from PCT-1152009035282 mailed Jul.
`[0. 2009.
`“Bluetooth Technology FAQ”. Mobileinfocom. Jan. 21. 2001. all
`pages. htt'p:.-".-"www.weh.a.rchive.org-“weh-"2001012 l 155 l-'hltp:.-"-".www
`mobileinfo.com7Bluetooth7FAQ.htm.
`“Biometrics: Who‘s Watching‘i’ou'7". Electronic Frontier Foundation
`(EFF). Sep. 2003. all pages. http:.77ww.elT.orgr"up.7biometries-
`whos-watching-you.
`“FIPS PUB 46-3". National institute of Science and Technology
`(NIST). Oct. 25. [999. all pages.
`“Information Security: Challenges in using biometrics“. Sep. 9,
`2003. all pages. <http:7.-"W\mv.gao.gov7newsitems7d03l137t.pdf>.
`“PGP: An introduction to cryptography". 2000. all pages.
`"Single Sign on Authentication". Authentication World. Mar. 13.
`2007. ali pages. retrieved Jul. 9. 2010 via Wayback Machine. <http:7.-'
`web.a.rchive.org-'web7200703132004347http:77ww.
`authenticationworld.com7Single-Sign-On-Authenticationr').
`Hunglington, “101 Things to know about single sign on”. Authenti-
`cation World. 2006. all pages. <http:7.-"www.authenticationworld.
`cotm‘Singie-Sign-()n-Authentication-'
`10 ] ThingsTo KnowAhoulSingleSignOnpdb.
`International Search Report
`from PCT Application No. PCT-7
`[182007.-'004646 mailed Nov. 27. 2007.
`International Search Report
`from PCT Application No. PCT7
`U520077070701 mailed Mar.
`1 i. 2008.
`International Search Report
`from PCT Application No. PCT"
`U52009.-’035282 mailed Jul. 10. 2009.
`Kessler. “An overview of cryptography". Aug. 22. 2002. all pages.
`retrieved via Wayback Machine on Jan. 19. 2010. http:7-"www.
`garykessler.neb"iibrary.-’erypto.html.
`Pabrai. “Biometrics for PCT-user authentication: a primer". Access
`Controls & Security Systems. Feb. 1. 2001. all pages. <hlrp:77www_
`securitysolulions.com7mag7securit_biometrics_pcuser_authenti-
`cationi'indexhtml).
`International Search Report and Written Opinion for International
`Application No. PCT7US201 17051966. 49 pages.
`
`* cited by examiner
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 1 of 28
`
`US 9,100,826 32
`
`12
`
`/f0
`
`.20
`
`22
`
`26
`
`RAM
`
`18
`
`USR
`Software
`
`User
`Interface
`
`Comm.
`Port
`
`”"16
`N£32m
`
`.
`
`f6
`
`14
`
`24
`
`Universal Secure
`Registry
`
`_0
`
`
`
`Person No. 2
`
`Person Na. n
`
`FIG.
`
`7
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 2 of 28
`
`US 9,100,826 32
`
`
`
`10
`
`Computer Computer Computer
`Module
`Module
`Module
`
`USR System
`
`Computer Computer Computer
`Module
`Module
`Module
`
`27
`
`27
`
`Interface
`Center
`
`Wide Area Network
`
`Interface
`Center
`
`Interface -.
`Center
`
`.
`
`Interface
`Center
`
`27
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`27
`
`27
`
`FIG. 2
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 3 of 28
`
`US 9,100,826 B2
`
`on.
`
`c080,”.
`
`_..oz
`
`$823
`
`8505.25
`
`xo...
`
`:ozoEBE
`
`22.25
`
`«326$
`
`conuztoE
`
`n2.
`
`530333.
`
`comoEgoug
`
`NV
`
`0v
`
`mmooo<
`
`cozocteg
`
`cozou__a>
`
`cozoctog
`
`EB:
`
`corn—Eat...
`
`28:85
`
`3502.5
`
`6555...
`
`commutes
`
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 4 of 28
`
`US 9,100,826 32
`
`USR System
`
`Financial
`Medical
`Public
`Information Information Information
`
`Computer Computer Computer
`Module
`
`Module
`
`Job
`Address
`Information Application
`Computer Computer Computer
`Module
`Module
`
`Public
`Information
`Interface
`Centers
`
`
` Wide Area Network
`
`Tax
`Information
`Interface
`Centers
`
`
`
`
`
`
`
`'
`
`Medical
`Information .
`Interface
`Centers
`
`__
`
`'
`
`Job Application
`Information
`Interface
`Centers
`
`Financial
`Information
`Interface
`Centers
`
`Address
`Inform otion
`Interface
`Centers
`
`FIG. 4
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 5 of 28
`
`US 9,100,826 32
`
`
`
`
`
`Train the Database
`
`Validate Person's
`Iden tification
`
`500
`
`
`
`
`502
`
` No
`
`Does
`
`
`Person Have Rights to
`
`Enter Data
`‘?
`
`
`
`Enable Person to Enter
`Basic Personal Data
`
`Does
`Person Have Right to
`Enter Additional Data
`‘?
`
`Yes
`
`508
`
`
`
`
`Enable Person to Enter
`Advanced Personal Data
`
`5
`
`10
`
`Enable Person to Specify Access
`to Advanced Personal Data
`
`512
`
`FIG. 5
`
`
`
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 6 of 28
`
`US 9,100,826 32
`
`
`
`Enable Access to
`Basic Personal Data
`
`600
`
`602
`
`
`ls
`
`No
`Additional Information
`
`Requested
`
`
`?
`
`
`
`
`
`Does Requestor
`
`
`Participating in
`Have Rights to Access
`
`Transaction
`Type of Requested
`
`
`
`Data ?
`
`
`
`
`Validate Person's
`Identity
`
`Enable Person to
`Change Access
`Rights to Data
`
`
`
`Does Requester
`Have Rights to Access
`Type of Requested
`
`Data ?
`
`
`
`505
`
`610
`
`
`
`Cause USR to Enable
`
`Access to Type of
`Requested Data
`
`FIG. 6
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 7 of 28
`
`US 9,100,826 32
`
`700
`
`702
`
`704
`
`706
`
`708
`
`710
`
`712
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to Credit
`Card Company
`
`3 Amount of Purchase
`
`1) Code from Secure ID
`23 Store Number
`
`Credit Card Company
`Sends Code to USR
`
`
`
`USR Determines if Code is Valid. and if
`Valid Accesses User's Credit Card
`Information and Transmits Credit Card
`Number to Credit Card Company
`
`Credit Card Company Checks
`Credit Worthiness and Declines
`
`Transfers S to Merchant's Account
`
`Card or Debits User's Account and
`
`
`
`
`
`
`CCC Notifies Merchant of
`Result of Transaction
`
`
`FIG. 7
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 8 of 28
`
`US 9,100,826 32
`
`User Initiates Purchase
`
`800
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USR
`
`(1) Code from Secure ID
`(2) Store Number
`(.3) Amount of Purchase
`
`
`
`USR Determines if Code is Valid
`
`USR Accesses User's Credit Card
`
`Information and Transmits to 000
`
`(1) Credit Card Number
`(2) Store Number
`(.3) Amount of Purchase
`
`802
`
`804-
`
`806
`
`808
`
`810
`
`812
`
`814
`
`000 Checks Credit Worthiness and
`
`Declines Card or Debits User’s Account
`
`and Transfers 3 to Merchant's Account
`
`
`
`CCC Notifies USR of
`Resuit of Transaction
`
`USR Notifies Merchant of
`Result of Transaction
`
`FIG. 8
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 9 of 28
`
`US 9,100,826 32
`
`900
`
`902
`
`904
`
`906
`
`908
`
`910
`
`912
`
`914
`
`User Initiates Purchase and
`Writes Check to Merchant
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USR
`
`
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`USR Accesses User's Bank
`
`Information and Transmits to Bank
`
`
`
`(1) Bank Account Number
`(2) Store Number
`(3) Amount of Purchase
`
`Bank Checks Account Balance
`
`to Verify Availability of Funds
`
`Bank Notifies USR of
`Result of Verification
`
`USR Notifies Merchant of
`Result of Verification
`
`FIG. 9
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 10 of 23
`
`US 9,100,826 32
`
`/—1000
`User Initiates Anonymous Purchase
`by Entering Secret Code in Secure
`ID and Transmitting Result to
`On-Line Merchant
`
`l
`
`Merchant Transmits to USR
`
`1 Code from Secure ID
`2 Store Number
`3 Amount of Purchase
`
`|
`
`USR Determines if Code is Valid
`
`
`
`|
`
`USR Accesses User’s Credit Card
`Information and Transmits to CCC:
`
`r1002
`
`/—1004
`
`/— was
`
`1) Credit Card Number
`2; Store Number
`I”
`
`.3
`
`Amount of Purchase
`
`CCC Checks Credit Worthiness and
`Declines Card or Debits User's Account
`and Transfers 15 to Merchant's Account
`
`1010
`
`
`
`
`
`
` CCC Notifies USR
`
`of Result of Transaction
`
`
`
`
`
`/mr4
`
`
`
`
`
`
`If Credit Declined,
`
`USR Notifies Merchant
`
`
`
`If Credit Accepted. USR
`Accesses Address Code
`and Provides Merchant
`with Address Code
`
`1016
`
`Merchant Labels Package
`with Address Code and Ships
`
`FIG. 10
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 11 of 28
`
`US 9,100,826 32
`
` ”00
`
`User Provides Address
`Code on Public Area
`
`User Provides Address Information
`in Address Area of USR
`
`Person Places Public Code
`on Parcel
`to be Mailed
`
`Post Office Accesses USR
`to Retrieve Address Information
`
`1702
`
`”04
`
`1106
`
`”08
`
`”10
`
`to
`Post Office Delivers Parcel
`Address in Address Area of USR
`
`Post Office Prints Bar Code
`on Parcel
`to Automate
`Delivery of Parcel
`to Address
`in Address Area of USR
`
`
`FIG.
`
`11
`
`1200
`
`User Provides Telephone
`Code on Public Area
`
`f202
`
`1'204
`
`1206
`
`User Provides Telephone Information
`In Telephone Area of USR
`
`Person Dials USR Phone Number and
`Enters Telephone Code for User
`
`USR Connects Person to Telephone
`Number Without Providing User
`Person with Telephone Number
`
`FIG. 72
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 12 of 28
`
`US 9,100,826 B2
`
`001
`
`ND:
`
`we.“
`
`m6:
`
`m6:
`
`
`
`
`
`£3633;axon:3389amm:
`
`
`
`96$3mEEBE.8:
`
`8,523;9.conuoEEoE
`
`o>o._n_owREESE
`
`332?,B8:85:82
`
`9230mm:_£30ShamE35.Law:
`
`a.2:quE030“BoomESELow:
`
`
`
`mm:3szmcot.:oEoozom
`
`9BaumEatmuoo
`
`
`
`mm:2£55:3332,
`
`
`
`9BaumEatouoo
`
`26>m_38r35,533mm:
`
`26>2$8=«2538mm:
`
`
`
`
`
`cozthouFEEooom00:01«Eu:ofioELEE
`
`
`
`3555330noLoam.mEooom00:0;“3
`
`.520...n:Esomm“B230Ea3:52B5385.3.85.52.0;B3:55:26
`
`
`
`
`
`fiEoBozm{was$3034mm:
`
`820:a.938m“52303mm
`
`
`
`3:52.6558%”;9Lounge.)3szmEE.“EuCamacho?—
`
`Lou:
`
`
`
`
`
`
`
`33$:652.52.6ymmtd‘.5“.35:2:
`
`3GE
`
`m.5GR
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 13 of 28
`
`US 9,100,826 B2
`
`003
`
`Noun
`
`39
`
`83
`
`mob“
`
`023iB3:95Lem:
`
`
`
`Eat300mm:B«Ema—t...1.83
`
`$005:33325n:0.5qu
`
`23>a23003::moEEEmQmm:
`
`
`
`
`
`20:02am?mafia:mommmooq.mm:
`
`
`
`20.2623..Emco._._.uco5:05.25
`
`«329:8goham:38:09:85
`
`
`
`Em:05to:33co:o_¢uu__n_n_<:o
`
`
`
`
`
`5:056;when:momm000<mm:
`
`
`
`m..__Em:o._._.2.52.603.6.”.30520004.xtum3o_n_u=o><
`
`
`
`xtca3cozthoE03394
`
`9Gt
`
`m.5GE
`
`
`
`o.9.30m:_muoo“Scam82cmLow:
`
`9052.5E300«Boom335Low:
`26>m_.300:moEFtBoomm:
`2303.5a.269050mmE9:
`
`230mm:BmtEmcE»atom
`
`36;Bcozgczcog
`
`EuEtoa<Lo:35do...a.2man?38:39Lam:
`
`/8.§
`
`Nam.“
`
`‘69
`
`/.3m._
`
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 14 of 28
`
`US 9,100,826 32
`
`10
`
`
`
`USR System
`
`Lap Top
`Computer
`
`
`
`Electronic
`
`Device
`
`Automobile
`
`FIG. 77
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 15 of 28
`
`US 9,100,826 32
`
`in" "i
`| Access I
`
`E Device E
`
`[1802
`in" 1
`| Access |
`
`E Device E
`
`I
`I
`l
`I
`L__ ___|
`L__ ___l
`I
`7t
`L __________ i __________
`
`1802
`
`7300
`
`/
`
`USR System
`
`
`
`1804
`
`1804
`
`10
`
`
`
`I804
`
`1804
`
`1804
`
`FIG. 78A
`
`r“'/‘.
`E 9:33: g
`
`I A
`
`|
`L
`
`I
`
`|
`__|
`
`1802
`
`1802
`
`/’8"’
`
`———————————
`
`1304
`
`
`
`USR System
`
`FIG. 18B
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 16 of 23
`
`US 9,100,826 32
`
`1900\ 1902
`
`Entity Initiates Access Request
`
` 1904
`
`Entity Supplies
`1) Authentication Info
`2) Computer Network ID
`
`1906
`
`1974
`
`USR Receives Access
`
`Request Including
`
`13 Authentication Info
`
`2 Computer Network ID
`
`Provide Indication that
`
`Entity is Denied Access
`
`1908
`
`N
`
`0
`
`
`Is
`Info Valid
`Auth.
`
`
`for a User
`
`9
`
`Yes
`
`1910
`
`No
`
`
`
`
`
`
`
`Is Entity Authorlzed
`
`to Access the Computer Network
`
`Identified by the ID
`
`
`
`
`1912
`
`Yes
`
`Allow Communications Between
`
`the Entity and Secure System
`
`FIG. 19
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 17 of 23
`
`US 9,100,826 32
`
`2002
`
`2004
`
`2006‘
`
`2008
`
`2010
`
`2014
`
`2016
`
`2000\
`
`Entity Initiates Access Request
`
`Entity Supplies
`Authentication Information
`
`
`
`Secure System Receives
`Authentication Information
`
`
`
`Secure System Communicates
`Authentication Information to USR
`
`USR Validates
`Authentication Information
`
`Secure System Receives
`Indication from USR
`
`Secure System Grants or
`Denies Access Based
`on the Indication
`
`FIG. 20
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 13 of 23
`
`US 9,100,826 32
`
`2100
`
`Responder
`
`2752—4— ——————— —I
`l
`Interface |
`
`Chailenger /
`
`2135
`,;::,____,
`E Biometric :
`
`
`
`_|
`I
`Ul
`I
`L ________ _l
`
`______
`
`2115
`
`2718
`
`2138
`
`2142
`
`Secure
`Database
`
`2140
`
`2154
`
`2144
`
`
`TA?
`
`2?46
`
`
`
`
`
`
`
`
`
`
`:
`: Addltltlonol
`LWireless T/RJ
`
`:
`FEW—63326.1: Addltltlonol
`I_ ______ JLWireless T/RJ
`
`FIG. 27
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 19 of 23
`
`US 9,100,826 32
`
`202
`
`208
`
`/ __[____
`l—
`r ———————————— ‘l
`Ddete
`Penodmany
`' No;
`
`Communicate with|—[
`Data
`395219; 92392035
`L _________ J
`
`210
`
`
`
`206
`
`'l
`
`204
`
`Shutdown
`Device #1
`
`
`
`
`___________/ __/__:__
`
`216
`
`274
`
`2’2
`
`
`
`Shutdown
`Device #2
`
`F[0. 22A
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 20 of 28
`
`US 9,100,826 32
`
`Initiate Valid
`Communication Protocol
`
`Yes
`
`Transmit First Wireless Signal
`Containing Encrytped Authentication
`Information to Device 2
`
`
`
`
`Authenticate Identity of User #1
`
`218
`
`220
`
`222
`
`
`
`Containing Encrytped Authentication
`information to Device #1
`
`r__‘fiEEErEE‘§EEoEd_::Tr:E{s§—§i§fial__/
`/226
`'_____
`I"
`
`l
`
`‘1
`
`
`
`
`
` l_———————————————_—
`
`
`
`No I
`—-—--|
`|
`
`|
`I
`Authenticate Identity of User #2
`|
`____________________________ _l
`
`223/
`
`I Yes
`
`I' ____________________________ “I
`
`l
`i
`2.3'0"’//L
`
`Contact Secure Database
`for Information
`
`
`i
`:_J
`
`Take Appropriate Action
`
`224
`
`End
`
`FIG. 22B
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 21 of 28
`
`US 9,100,826 B2
`
`A3%9L050vEonoEoEoBuoyfihoco>9.mun.
`\in.\NR.
`
`
`
`
`MNGE
`
`
`
`
`
`vamxmun.ofialocovfifikocein..230mEzlocOV839556:99n__o_/2m./mom./no».
`
`
`
`
`
`
`
`£0
`
`*0
`
`Lancer—v
`
`/Non
`
`4/03.
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 22 of 23
`
`US 9,100,826 132
`
`400
`
`\
`
`Sense Header #1
`
`Verify Protocol
`
`: Verify/Decrypt Respondent #1
`:
`Digital Signature
`
`I
`:
`
`Yes
`
`Authenticate User #1
`
`406
`
`FIG. 24
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 23 of 23
`
`US 9,100,826 132
`
`520\
`
`522
`
`Receive Public ID #1 PKI Encrypted DES
`Key, Encrypted Portion of Biodata
`
`528
`
`Look Up from ID #1, Public Key #1
`
`524
`
`526
`
`Look Up Remainder of
`Biodata Information #1
`
`Combine Biodata Information to
`Recreate Biodata Information
`
`
`
`5.36
`
`Process Biodata information
`
`FIG. 25
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 24 of 23
`
`US 9,100,826 132
`
`620
`
`\ Receive Public Key ID #1, PKI
`Encrypted DES Key (Optional)
`
`622
`
`624
`
`Look Up Public Key #1
`
`
`
`626
`
`
`
`Transmit Public ID #2 Information
`to Secure Database
`
`628
`
`630
`
`632
`
`6.34
`
`636
`
`6.38
`
`F'"—c—eEEFeEE‘fiSH-‘prefififietfiFried—{"7
`i
`From |D1 Information (Time-varying)
`l
`L ______________________________ .1
`
`Transmit Public ID #1 from Device #2
`to Secure Database
`
`Access with Secure Database at Least
`Portion of Bio Information of Entity #1
`
`
`
`
`
`
`
`
`
`
`
`
`
`Transmit Bio Information of
`
`Entity #1 to Device #2
`
`Display Bio Information
`
`Process Biodata Information
`
`FIG. 26
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 25 of 28
`
`US 9,100,826 32
`
`720
`
`\
`
`722
`
`724
`
`726
`
`728
`
`Private Key of #2
`
`Public Keys of
`Plural 1st Entities
`
`Biodata of #2
`
`Portion of Biodata
`Files of Other Users
`
`FIG. 27
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 26 of 28
`
`US 9,100,826 B2
`
`N:
`
`I
`
`83
`
`omonoyuo
`
`Eoumam
`
`
`
`5:0::00
`
`1to".38J
`_mac—BE.
`_Illlllllll4LOZoochc.
`
`/©m.u
`
`N9
`
`mm6E
`
`8“\
`
`m9
`
`Emu—Km
`
`awe—”tag:—
`
` Lomzow
`
`oEoEofi
`
`
`
`_..Lammuuoi
`
`awe—ES,
`
`.3”aEmcot.
`
`333how:
`
`Lo.33$5Lommoooi.ozwgcomvoz
`
`
`mEBmxw350mIIIIIIIIII
`
`
`_l|||I||||||||||||||||L
`
`Eamon”.N!
`
`
`
`_
`
`kn.“|\
`
`80.25..‘Lommooocn.L‘
`
`mm.“
`
`RN“
`
`hw—
`
`mm.“
`
`mm.“
`
`a:
`
`Luzon.
`
`
`
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 27 of 28
`
`US 9,100,826 32
`
`262
`
`
`
`
`
`
`
`266
`
`Simulate Data
`
`264
`
`268
`
`270
`
`Authenticate User
`
`
`
`Receive User
`Information
`
`'
`_:
`
`
`
`
`Complete Transaction
`
`
`
`
`
`272
`
`FIG. 29
`
`

`

`US. Patent
`
`Aug. 4, 2015
`
`Sheet 28 of 23
`
`US 9,100,826 32
`
`FIG.300
`
`
`
`FIG..306
`
`E,
`
`EIIIII iI
`
` FIG.30A
`A. 302\
`inlunl’lll'l'll
`
`332
`
`3.34
`
`.380
`
`.302\
`
`3.34
`
`

`

`US 9,100,826 B2
`
`1
`METHOD AND APPARATUS FOR SECURE
`ACCESS PAYMENT AND IDENTIFICATION
`
`CROSS REFERENCE TO RELATED
`APPUCA'I‘IONS
`
`This application is a continuation ofand also claims prior—
`ity under 35 U.S.C. {$120 to co-pending US. patent applica-
`tion Ser. No. 131621.609.
`filed Sep. 17. 2012. entitled
`METHOD AND APPARATUS FOR SECURE ACCESS
`
`10
`
`PAYMENT AND IDENTIFICATION which application is a
`continuation ofand also claims priority under 351I.S.C. §120
`to co-pending US patent application Ser. No. l3l168.556.
`filed Jun. 24. 2011, entitled METHOD, SYSTEM AND
`APPARATUS FOR SECURE ACCESS PAYMENT AND
`
`IDENTIFICATION. which application is a continuation of
`and also claims priority under 35 U.S.C. §120 to U.S. patent
`application Ser. No. ll!677.490, tiled Feb. 21. 200?. entitled
`METHOD. SYSTEM AND APPARATUS FOR SECURE
`ACCESS PAYMIEN'I‘ AND IDIEN'I‘II'TCA'I‘ION. issued at
`U.S. Pat. No. 8,001,055. which claims priority under 35
`U.S.C. §l 19(e) to each of the following U.S. provisional
`patent applications: Ser. No. 60l?75.046 entitled “METHOD
`AND APPARATUS FOR EMUIAI‘ING A MAGNETIC
`STRIPE READABLE CARD." filed Feb. 21. 2006: Ser. No.
`60l812.279 entitled “UNIVERSAL SECURE REGISTRY."
`tiled .Illll. 9. 2006; and Ser. No. 60859235 entitled “UNI-
`VERSAL SECURE REGISTR .” filed Nov. 15. 2006 each of
`which is hereby incorporated herein by reference in its
`entirety.
`
`BACKGROUND OF INVENTION
`
`1. Field of Invention
`Embodiments ofthe invention generally relate to systems.
`methods. and apparatus tor authenticating identity or verify—
`ing the identity of individuals and other entities seeking
`access to certain privileges and for selectively granting privi-
`leges and providing other services in response to such iden-
`tificationsx’veritications.
`In addition. embodiments of the
`invention relate generally to systems and methods forobtain-
`ing information from andtor transmitting information to a
`user device and. in particular, to systems, methods. and appa—
`ratus that provide for contactless information transmission.
`2. Discussion of Related Art
`
`Control of access to secure systems presents a problem
`related to the identi fication of a person. An individual may be
`provided access to the secure system after their identity is
`authorized. Generally, access control to secure computer net—
`works is presently provided by an authentication scheme
`implemented. at least partly. in software located on a device
`being employed to access the secure computer network and
`on a server within the secure computer network. For example,
`if a corporation chooses to provide access control for their
`computer network, they may purchase authentication soft-
`ware that includes serverwside software installed on a server in
`
`their computer system and corresponding client—side soft—
`ware that is installed on the devices that are used by employ—
`ees to acceSs the system. The devices may include desktop
`computers, laptop computers. and handheld computers (e.g._.
`PDAs and the like).
`In practice. the preceding approach has a number o f disad-
`vantages including both the difficulty and cost ofmaintaining
`the authentication system and the difficulty and cost ofmain—
`taining the security of the authentication system. More spe—
`cifically, the software resides in the corporation‘s computers
`where it may be subject to tamperingfutuiuthorized use by
`
`3t]
`
`35
`
`4E]
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`the information technology
`company employees. That is.
`team that manages the authentication system has access to the
`private keys associated with each ofthe authorized users. As
`a result. these individuals have an opportunity to compromise
`the security ofthe system. Further, any modification auditor
`upgrade to the authentication system software is likely to
`require an update to at least the server-side software and may
`also require an update of the software located on each usent
`client device. In addition, where the company‘s computer
`systems are geographically distributed. sofiware upgrades!
`updates may be required on a plurality of geographically
`distributed servers.
`
`There is also a need, especially in this post September 11
`environment. for secure and valid identification of an indi-
`vidual before allowing the individual access to highly secure
`areas. For example, an FBI agent or an air marshal may need
`to identify themselves to airport security or a gate agent.
`without compromising security. Typically such identification
`may comprise the air marshal or FBI agent showing identiti-
`cation indicia to appropriate personnel. However. there are
`inherent flaws in this process that allow for security to be
`compromised, including falsification of identification infor-
`mation and failure ofthe airport security or other personnel to
`recognize the situation. Of course this process could be auto-
`mated. for example, by equipping airport personnel or secu-
`rity with access to a database and requiring the FBI agent or
`air marshal to appropriately identify themselves to the data—
`base. for example. by again providing identification which
`airport personnel can then enter into the database to veri fy the
`identity of the person seeking access to a secure area. How-
`ever. this process also has the inherent flaws in it as described
`above. In addition. there may be times when airport security
`or personnel may not be able to communicate with the data-
`base to check the identity of the person seeking access, for
`example. when they are not near a computer temu'nal with
`access to a database or are carrying a hand-held device that
`does not have an appropriate wireless signal to access the
`database. In addition. there is a need to ensure that if such a
`hand-held device ends up the wrong hands. that security is not
`compromised.
`Further. both commercial (e.g.._ banking networks) and
`non—conunercial (e.g., security systems) information systems
`often rely on magnetic card readers to collect information
`specific to a user (cg, a security code, a credit card number,
`etc.) from a user device {e.g.. a transaction card). Credit card
`purchases made in person provide an example of the most
`common transaction-type that relies on a user device. the
`credit or debit card, which is read by a magnetic card reader.
`User devices that rely on magnetic—stripe based technology
`magnetically store information (e.g.. binary information) in
`the magnetic stripe. The magnetic stripe reader provides an
`interface to a larger computerized network that receives the
`user‘s information to detennine, for example. whether to
`authorize a transaction. to allow the user access to a secure
`area. etc.
`
`Recently, such devices have seen technological advances
`that increase their capabilities and improve their security. For
`example, such devices may now include embedded proces-
`sors, integral biometric sensors that sense one or more bio-
`metric feature (e.g.. a fingerprint} of the user. and magnetic
`stripe emulators. As one result. such devices may provide
`greater security by dynamically generating the necessary
`information. for example, generating the credit card number
`at the time ofa transaction. Improved security can also be
`provided by such devices because more sophisticated authen-
`tication schemes can be implemented with the devices.
`
`

`

`3
`
`4
`
`US 9,100,826 B2
`
`In addition. user devices such as transaction cards rttay now
`also provide for one or more ntodes of information transmis-
`sion other than transmission via a magnetic stripetcard reader
`contbination. For example. user devices tltat may transmit
`inlbrmation optically or via radio li'equeucy (“R1") signal
`transmission to a compatible system interface are now avail-
`able. Further. the architecture ofa user device that includes a
`processor is generally compatible witlt both the improved
`security features described above and the contactless trans-
`mission modes such as optical and RF signal transmission. As
`a result of the improved security and greater fiinctionality of
`some current user devices. tltere is a desire to replace mag-
`netic-stripe based user devices with devices that
`include
`forms ofinlonuation transmission other than the reading of a
`magneticfistripe.
`There is. however. a substantial installed base of interfaces
`(for example. at points of sale, at automatic teller machines
`(“ATM"), and tlte like) that include magnetic card readers
`which are not equipped to receive information from a user
`device in any other format other than from a m