-
11.
公开(公告)号:US20200067922A1
公开(公告)日:2020-02-27
申请号:US16270255
申请日:2019-02-07
申请人: HYPR Corp.
发明人: George Avetisov , Bojan Simic , Roman Kadinsky
摘要: Provided is a process that affords out-of-band authentication based on a secure channel to a trusted execution environment on a client device. The authentication process includes one or more authentication steps in addition to verifying any credentials provided by a client device. A notification may be transmitted by a server to a device other than the client device attempting to access the asset. That device may be a mobile device with a trusted execution environment storing user credential information, and the server may store representations of those credentials. The mobile device collects user input credentials and transmits representations for matching the previously stored representations and signed data for verification by the server that received data originated from the mobile device. The access attempt by the client is granted based in part on the result of authenticating the data received from the mobile device in a response to the notification.
-
12.
公开(公告)号:US12081545B2
公开(公告)日:2024-09-03
申请号:US18191399
申请日:2023-03-28
申请人: HYPR Corp.
发明人: George Avetisov , Bojan Simic , Roman Kadinsky
CPC分类号: H04L63/0884 , G06F21/45 , H04L9/088 , H04L63/18
摘要: Provided is a process that affords out-of-band authentication for confirmation of physical access or when a device utilized for out-of-band authentication lacks connectivity to a network. An asymmetric cryptographic key-pair is established, a first device obtaining a key operable to decrypt data. A remote server obtaining a key operable to encrypt data and associating that key with an identifier of an identity or account associated with a user. An access attempt from the second device is received in association with the identifier of the identity associated with the user. A notification including data encrypted by the encryption key is generated by the remote server and transmitted to the second device. The first device obtains the notification data from the second device and decrypts the data to determine a notification response which is returned to the remote server for verification to permit or deny the access attempt of the second device.
-
公开(公告)号:US12041059B1
公开(公告)日:2024-07-16
申请号:US18220694
申请日:2023-07-11
申请人: HYPR Corp.
发明人: Bojan Simic , Roman Kadinsky , Baljeet Sandhu , Ryan Rowcliffe
CPC分类号: H04L63/102 , H04L9/321 , H04L9/3234 , H04L9/3247 , H04L63/0807 , H04L63/0823 , H04L63/083 , H04L63/0876 , H04W12/06 , H04W12/068
摘要: Provided are systems, processes, and methods for identity management, such as the verification of an identity of a user of device for securely onboarding a device remotely and other use cases. A user may access a webpage or obtain a native application on their device with which the user engages to prove their identity to an identity verifier delegated to attest to the identity of the user. A communication session is established between the user and the identity verifier via their respective devices. If the identity verifier attests to the asserted identity of the user, the device of the user may be issued a deep link, code, or other for the establishment or exchange of credential information with an identity management system. Embodiments of such systems may also be used for other instances of identity or device verification.
-
公开(公告)号:US20230239284A1
公开(公告)日:2023-07-27
申请号:US17992900
申请日:2022-11-22
申请人: HYPR Corp.
发明人: Bojan Simic , Roman Kadinsky , Robert Panebianco
IPC分类号: H04L9/40 , G06F21/62 , H04L67/1097 , G06F16/901 , H04L9/08
CPC分类号: H04L63/0815 , G06F21/6227 , H04L67/1097 , G06F16/9014 , H04L9/0825
摘要: Provided is a process that establishes user identities within a decentralized data store, like a blockchain. A user's mobile device may establish credential values within a trusted execution environment of the mobile device. Representations of those credentials may be generated on the mobile device and transmitted for storage in association with an identity of the user established on the blockchain. Similarly, one or more key-pairs may be generated or otherwise used by the mobile device for signatures and signature verification. Private keys may remain resident on the device (or known and input by the user) while corresponding public keys may be stored in associated with the user identity on the blockchain. A private key is used to sign representations of credentials and other values as a proof of knowledge of the private key and credential values for authentication of the user to the user identity on the blockchain.
-
公开(公告)号:US11659392B2
公开(公告)日:2023-05-23
申请号:US17158898
申请日:2021-01-26
申请人: HYPR Corp.
发明人: George Avetisov , Roman Kadinsky , Bojan Simic
IPC分类号: H04W12/06 , H04L9/40 , G06F21/45 , H04W12/08 , H04W12/069
CPC分类号: H04W12/068 , G06F21/45 , H04L63/062 , H04L63/083 , H04L63/0884 , H04L63/18 , H04L63/20 , H04W12/069 , H04W12/08 , G06F2221/2149
摘要: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device. The server may pass credentials corresponding to the web-service received from the mobile device and verified to permit user access to the web-service to the relying device. The relying device presents credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.
-
16.
公开(公告)号:US11354665B1
公开(公告)日:2022-06-07
申请号:US14538764
申请日:2014-11-11
申请人: HYPR Corp.
发明人: George Avetisov , Roman Kadinsky , Bojan Simic
摘要: Spending digital currency without owning digital currency may be facilitated. The user may use a software application running on the user's computing platform to scan a digital currency public address quick-response code (QR), or a near-field-communication (NFC) based public address. The user may be prompted to swipe-to-authenticate the transaction. The user may authenticate the transaction by fingerprint-swiping a biometric-enabled transitory password authentication device. The biometric-enabled transitory password authentication device may transmit an encrypted transitory password a server via the user's computing platform. Upon receiving and verifying the transaction, the server may send an amount of digital currency to the target address on behalf of the user. The server may charge the user's debit card an equivalent amount of sovereign currency.
-
公开(公告)号:US20210377254A1
公开(公告)日:2021-12-02
申请号:US17338394
申请日:2021-06-03
申请人: HYPR Corp.
IPC分类号: H04L29/06 , G06F21/62 , H04L29/08 , G06F16/901 , H04L9/08
摘要: Provided is a process that establishes user identities within a decentralized data store, like a blockchain. A user's mobile device may establish credential values within a trusted execution environment of the mobile device. Representations of those credentials may be generated on the mobile device and transmitted for storage in association with an identity of the user established on the blockchain. Similarly, one or more key-pairs may be generated or otherwise used by the mobile device for signatures and signature verification. Private keys may remain resident on the device (or known and input by the user) while corresponding public keys may be stored in associated with the user identity on the blockchain. A private key is used to sign representations of credentials and other values as a proof of knowledge of the private key and credential values for authentication of the user to the user identity on the blockchain.
-
公开(公告)号:US20210044976A1
公开(公告)日:2021-02-11
申请号:US17066280
申请日:2020-10-08
申请人: HYPR Corp.
发明人: George Avetisov , Roman Kadinsky , Bojan Simic
摘要: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device. The server may pass credentials corresponding to the web-service received from the mobile device and verified to permit user access to the web-service to the relying device. The relying device presents credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.
-
公开(公告)号:USD795255S1
公开(公告)日:2017-08-22
申请号:US29583692
申请日:2016-11-08
申请人: HYPR CORP.
设计人: George Avetisov , Roman Kadinsky , Bojan Simic
-
20.
公开(公告)号:US12093958B2
公开(公告)日:2024-09-17
申请号:US17740106
申请日:2022-05-09
申请人: HYPR Corp.
发明人: George Avetisov , Roman Kadinsky , Bojan Simic
CPC分类号: G06Q20/40145 , G06Q20/10 , G06Q20/3278
摘要: Spending digital currency without owning digital currency may be facilitated. The user may use a software application running on the user's computing platform to scan a digital currency public address quick-response code (QR), or a near-field-communication (NFC) based public address. The user may be prompted to swipe-to-authenticate the transaction. The user may authenticate the transaction by fingerprint-swiping a biometric-enabled transitory password authentication device. The biometric-enabled transitory password authentication device may transmit an encrypted transitory password a server via the user's computing platform. Upon receiving and verifying the transaction, the server may send an amount of digital currency to the target address on behalf of the user. The server may charge the user's debit card an equivalent amount of sovereign currency.
-
-
-
-
-
-
-
-
-