公开(公告)号：US20140025520A1

公开(公告)日：2014-01-23

申请号：US14043614

申请日：2013-10-01

Applicant: EBAY INC.

Inventor： Upendra Mardikar ,  Eric Duprat

IPC: G06Q20/40

CPC classification number: G06Q20/40145 ,  G06Q20/1085 ,  G06Q20/20 ,  G06Q20/204 ,  G06Q20/32 ,  G06Q20/3223 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/354 ,  G06Q20/36 ,  G06Q20/367 ,  G06Q20/3674 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/3829 ,  G06Q20/40 ,  G06Q20/4012 ,  G07C9/00087 ,  G07F7/0826 ,  H04L9/3231 ,  H04L63/0823 ,  H04L63/0861 ,  H04L2209/56 ,  H04L2209/80 ,  H04W12/06

Abstract: In one embodiment, a method comprises storing a biometric trait of a user in a data communication device of the user, comparing a biometric trait input into the device with the biometric trait stored in the device, generating a certificate authenticating the user within the device if the biometric trait input into the device matches the biometric trait stored in the device, and facilitating a financial transaction of the user using the certificate.

Abstract translation: 在一个实施例中，一种方法包括将用户的生物特征特征存储在用户的数据通信设备中，将存储在设备中的生物特征输入与设备中的生物特征输入进行比较，生成验证设备内的用户的证书，如果 输入到设备中的生物特征特征与存储在设备中的生物特征匹配，并且促进使用证书的用户的金融交易。

公开(公告)号：US09197634B2

公开(公告)日：2015-11-24

申请号：US14175115

申请日：2014-02-07

Applicant: eBay Inc.

Inventor： Upendra Mardikar ,  Kent Griffin ,  Allison Elizabeth Miller ,  Amol Patel

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/06 ,  H04W12/12 ,  H04L9/32

CPC classification number: H04L63/0846 ,  H04L9/3228 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0876 ,  H04L63/1466 ,  H04L63/1483 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/12

Abstract: Embodiments of systems and methods for client and/or server authentication are provided. In one embodiment, a method includes sending information from a mobile network device to a server, wherein the information comprises a seed that is used by both the mobile network device and the server to compute a series of one time passwords. The method also includes receiving, by the mobile network device, a succession of one time passwords generated by the server throughout a session. And the method further includes comparing the received one time passwords generated by the server throughout the session to corresponding one time passwords generated at the mobile network device. In this manner, the server can be authenticated. In various embodiments, the process may be reversed to facilitate client authentication, e.g., mobile network device authentication.

Abstract translation: 提供了用于客户机和/或服务器认证的系统和方法的实施例。 在一个实施例中，一种方法包括从移动网络设备向服务器发送信息，其中所述信息包括由移动网络设备和服务器两者使用以计算一系列一次密码的种子。 该方法还包括由移动网络设备在整个会话期间由服务器生成一连串的一次密码。 并且该方法还包括将由服务器在整个会话中生成的接收到的一次密码与在移动网络设备处生成的相应的一次密码进行比较。 以这种方式，可以认证服务器。 在各种实施例中，可以颠倒该过程以促进客户端认证，例如移动网络设备认证。

公开(公告)号：US20130198086A1

公开(公告)日：2013-08-01

申请号：US13794025

申请日：2013-03-11

Applicant: eBay Inc.

Inventor： Upendra Mardikar

IPC: G06Q20/32

CPC classification number: G06Q20/3227 ,  G06Q20/1085 ,  G06Q20/20 ,  G06Q20/204 ,  G06Q20/32 ,  G06Q20/3223 ,  G06Q20/3278 ,  G06Q20/367 ,  G06Q20/3674 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/3829 ,  G06Q20/40 ,  G06Q20/4012 ,  G06Q20/40145 ,  G06Q40/00 ,  G07C9/00087 ,  G07F7/0826 ,  H04L9/3231 ,  H04L63/0823 ,  H04L63/0861 ,  H04L2209/56 ,  H04L2209/80 ,  H04W12/06

Abstract: A client device comprises a first secure element and a second secure element. The first secure element comprises a first computer-readable medium having a payment application comprising instructions for causing the client device to initiate a financial transaction. The second secure element comprises a second computer-readable medium having a security key, a payment instrument, stored authentication data and instructions for generating a secure payment information message responsive to the payment application. The secure payment information message comprises the payment instrument and is encrypted in accordance with the security key.