-
公开(公告)号:US20140059348A1
公开(公告)日:2014-02-27
申请号:US14068586
申请日:2013-10-31
发明人: Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Rene McIver , Greg Wolfond , Andre Boysen
CPC分类号: H04L63/08 , G06F21/00 , H04L9/3234 , H04L9/3263 , H04L63/0853 , H04L2209/56 , H04L2209/80
摘要: A method of establishing a communication channel between a network client and a computer server over a network is described. The network client may be configured to communicate with the computer server over the network and to communicate with a token manager. The token manager may be configured with a parent digital certificate that is associated with the token manager. The token manager or network client generates a credential from the parent digital certificate, and transmits the credential to the computer server. The credential may be associated with the computer server. The network client may establish the communications channel with the computer server in accordance with an outcome of a determination of validity of the credential by, the computer server.
摘要翻译: 描述了通过网络在网络客户端和计算机服务器之间建立通信信道的方法。 网络客户端可以被配置为通过网络与计算机服务器通信并与令牌管理器进行通信。 令牌管理器可以配置有与令牌管理器相关联的父数字证书。 令牌管理器或网络客户端从父数字证书生成凭证,并将凭证发送到计算机服务器。 证书可能与计算机服务器相关联。 网络客户端可以根据由计算机服务器确定证书的有效性的结果与计算机服务器建立通信信道。
-
公开(公告)号:US10735397B2
公开(公告)日:2020-08-04
申请号:US16253600
申请日:2019-01-22
发明人: Troy Jacob Ronda , Pierre Antoine Roberge , Dmitry Barinov , Michael Varley , David Alexander Stark , Gregory Howard Wolfond , Aleksandar Likic , Michael John Page
摘要: Systems and methods for decentralized and asynchronous authentication flow between users, relying parties and identity providers. A trusted user agent application or digital lock box under a user's control may perform the functions of an authentication broker. In particular, the user agent application or digital lock box can accept relying party requests and respond with authentication and identity data previously obtained from an identity provider server, and without the involvement of a centralized broker server.
-
公开(公告)号:US10210489B2
公开(公告)日:2019-02-19
申请号:US13640275
申请日:2011-04-08
申请人: Andre Michel Boysen , Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Gregory Howard Wolfond
发明人: Andre Michel Boysen , Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Gregory Howard Wolfond
摘要: A method of authenticating to a computer server involves a first authentication client transmitting an authentication token to the computer server via a first communications channel, and a second authentication client receiving a payload from the computer server via a second communications channel distinct from the first communications channel in accordance with an outcome of a determination of authenticity of the authentication token by the computer server.
-
公开(公告)号:US20140207682A1
公开(公告)日:2014-07-24
申请号:US14220488
申请日:2014-03-20
发明人: Greg Wolfond , Troy Ronda , Andre Boysen , Michael Varley , Abhishek Das
IPC分类号: G06Q20/32
摘要: Systems and methods for performing mobile commerce transactions using mobile devices. A transaction initiation request is received at a transaction server from a merchant device. The transaction server generates a transaction identifier, which is transmitted to the merchant device. The merchant device communicates the transaction identifier to a customer device. The customer device transmits the transaction identifier to the transaction server and authorizes the transaction with the transaction server.
摘要翻译: 使用移动设备执行移动商务交易的系统和方法。 在商务设备的交易服务器处接收交易发起请求。 交易服务器生成交易标识符,该交易标识符被发送到商家设备。 商家设备将交易标识符传达给客户设备。 客户设备将交易标识符传送到交易服务器,并授权与交易服务器进行交易。
-
公开(公告)号:US08756674B2
公开(公告)日:2014-06-17
申请号:US13202387
申请日:2010-02-19
申请人: Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Rene McIver , Gregory Howard Wolfond , Andre Michel Boysen
发明人: Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Rene McIver , Gregory Howard Wolfond , Andre Michel Boysen
IPC分类号: H04L29/06
CPC分类号: H04L63/0853 , H04L9/3213 , H04L9/3215 , H04L9/3228 , H04L9/3268 , H04L63/08 , H04L2209/56 , H04L2463/102
摘要: A method of authenticating a network client to a relying party computer via a computer server comprises the computer server receiving a transaction code from a token manager via a first communications channel. The network client is configured to communicate with a token manager which is configured to communicate with a hardware token interfaced therewith. The network client is also configured to communicate with the relying party computer and the computer server. The computer server also receives a transaction pointer from the relying party computer via a second communications channel that is distinct from the first communications channel. Preferably, the transaction pointer is unpredictable by the computer server. The computer server transmits an authorization signal to the relying party computer in accordance with a correlation between the transaction code and the transaction pointer. The authorization signal facilitates authentication of the network client to the relying party computer.
摘要翻译: 经由计算机服务器向依赖方计算机认证网络客户端的方法包括计算机服务器经由第一通信信道从令牌管理器接收事务代码。 网络客户端被配置为与被配置为与与其接口的硬件令牌通信的令牌管理器进行通信。 网络客户端还被配置为与依赖方计算机和计算机服务器进行通信。 计算机服务器还经由与第一通信信道不同的第二通信信道从依赖方计算机接收事务指针。 优选地,计算机服务器不可预测事务指针。 计算机服务器根据事务代码和事务指针之间的相关性向依赖方计算机发送授权信号。 授权信号有助于认证网络客户端到依赖方计算机。
-
公开(公告)号:US09300665B2
公开(公告)日:2016-03-29
申请号:US14124891
申请日:2012-05-29
申请人: Troy Jacob Ronda , Andre Boysen , Afshin Rezayee , Malcolm Ronald Smith , Mikhael Khaymov , Kshitiz Vadera , Murat Cat
发明人: Troy Jacob Ronda , Andre Boysen , Afshin Rezayee , Malcolm Ronald Smith , Mikhael Khaymov , Kshitiz Vadera , Murat Cat
IPC分类号: H04W12/06 , H04L29/06 , H04L9/32 , G06F21/34 , G06F21/62 , G06F21/74 , G06Q20/34 , G06Q20/38 , G06F21/64
CPC分类号: H04L63/0884 , G06F21/34 , G06F21/6227 , G06F21/74 , G06F2221/2101 , G06Q20/341 , G06Q20/3821 , H04L9/3234 , H04L2209/56
摘要: Methods and systems are provided for performing and verifying transactions involving authentication with a secure credential, such as a smart card, in an untrusted or semi-trusted environment. An application module, operating in an untrusted or semi-trusted environment can be denied access to sensitive data. The application module can determine a preliminary command to be sent to the credential and transmit the preliminary command to a broker module. The broker module, operating in a trusted environment, can supply sensitive data and transmit the command to the credential. Subsequently, the broker module can extract sensitive data from a response before it is transmitted to the application module. A verification server can audit the transaction to verify that it was carried out properly.
摘要翻译: 提供的方法和系统用于在不受信任的或半信任的环境中执行和验证涉及使用诸如智能卡的安全凭证进行认证的交易。 在不受信任或半信任的环境中运行的应用程序模块可能被拒绝访问敏感数据。 应用模块可以确定要发送到凭证的初步命令并将初步命令发送到代理模块。 在受信任的环境中运行的代理模块可以提供敏感数据,并将该命令传送给凭证。 随后,代理模块可以在应答模块发送之前从响应中提取敏感数据。 验证服务器可以审核事务以验证其是否正确执行。
-
公开(公告)号:US09160732B2
公开(公告)日:2015-10-13
申请号:US14068586
申请日:2013-10-31
发明人: Troy Jacob Ronda , Pierre Antoine Roberge , Patrick Hans Engel , Rene McIver , Greg Wolfond , Andre Boysen
CPC分类号: H04L63/08 , G06F21/00 , H04L9/3234 , H04L9/3263 , H04L63/0853 , H04L2209/56 , H04L2209/80
摘要: A method of establishing a communication channel between a network client and a computer server over a network is described. The network client may be configured to communicate with the computer server over the network and to communicate with a token manager. The token manager may be configured with a parent digital certificate that is associated with the token manager. The token manager or network client generates a credential from the parent digital certificate, and transmits the credential to the computer server. The credential may be associated with the computer server. The network client may establish the communications channel with the computer server in accordance with an outcome of a determination of validity of the credential by, the computer server.
摘要翻译: 描述了通过网络在网络客户端和计算机服务器之间建立通信信道的方法。 网络客户端可以被配置为通过网络与计算机服务器通信并与令牌管理器进行通信。 令牌管理器可以配置有与令牌管理器相关联的父数字证书。 令牌管理器或网络客户端从父数字证书生成凭证,并将凭证发送到计算机服务器。 证书可能与计算机服务器相关联。 网络客户端可以根据由计算机服务器确定证书的有效性的结果与计算机服务器建立通信信道。
-
公开(公告)号:US20140101734A1
公开(公告)日:2014-04-10
申请号:US14124891
申请日:2012-05-29
申请人: Troy Jacob Ronda , Andre Boysen , Afshin Rezayee , Malcolm Ronald Smith , Mikhael Khaymov , Kshitiz Vadera , Murat Cat
发明人: Troy Jacob Ronda , Andre Boysen , Afshin Rezayee , Malcolm Ronald Smith , Mikhael Khaymov , Kshitiz Vadera , Murat Cat
IPC分类号: H04L29/06
CPC分类号: H04L63/0884 , G06F21/34 , G06F21/6227 , G06F21/74 , G06F2221/2101 , G06Q20/341 , G06Q20/3821 , H04L9/3234 , H04L2209/56
摘要: Methods and systems are provided for performing and verifying transactions involving authentication with a secure credential, such as a smart card, in an untrusted or semi-trusted environment. An application module, operating in an untrusted or semi-trusted environment can be denied access to sensitive data. The application module can determine a preliminary command to be sent to the credential and transmit the preliminary command to a broker module. The broker module, operating in a trusted environment, can supply sensitive data and transmit the command to the credential. Subsequently, the broker module can extract sensitive data from a response before it is transmitted to the application module. A verification server can audit the transaction to verify that it was carried out properly.
摘要翻译: 提供的方法和系统用于在不受信任的或半信任的环境中执行和验证涉及使用诸如智能卡的安全凭证进行认证的交易。 在不受信任或半信任的环境中运行的应用程序模块可能被拒绝访问敏感数据。 应用模块可以确定要发送到凭证的初步命令并将初步命令发送到代理模块。 在受信任的环境中运行的代理模块可以提供敏感数据,并将该命令传送给凭证。 随后,代理模块可以在应答模块发送之前从响应中提取敏感数据。 验证服务器可以审核事务以验证其是否正确执行。
-
公开(公告)号:US20130346753A1
公开(公告)日:2013-12-26
申请号:US14002824
申请日:2012-03-05
申请人: Andre Michel Boysen , Patrick Hans Engel , Troy Jacob Ronda , Pierre Antoine Roberge , Gregory Howard Wolfond
发明人: Andre Michel Boysen , Patrick Hans Engel , Troy Jacob Ronda , Pierre Antoine Roberge , Gregory Howard Wolfond
IPC分类号: H04L29/06
CPC分类号: H04L65/1069 , G06Q30/06 , H04L9/0863 , H04L9/3263 , H04L29/06 , H04L63/08 , H04L63/0807 , H04L63/0823 , H04L67/141 , H04L67/24 , H04L2209/56
摘要: A method of ad-hoc network communications comprises a computer server transmitting a communications session request to a primary logical communications device of a logical ad-hoc communications network. The logical ad-hoc communications network comprises the primary logical communications device and at least one secondary logical communications device that is registered to the primary logical communications device. The communications session request requests a communications session with one of the at least one secondary logical communications devices. Upon receipt of the communications session request, the primary logical communications device transmits to the one secondary logical communications device a session initiate message requesting the one secondary logical communications device initiate the communications session with the computer server. The one secondary logical communications device replies to the computer server with a communications session reply initiating the communications session and identifying the one secondary logical communications device to the computer server.
摘要翻译: 一种自组织网络通信的方法包括向逻辑自组织通信网络的主逻辑通信设备发送通信会话请求的计算机服务器。 逻辑自组织通信网络包括主逻辑通信设备和被注册到主逻辑通信设备的至少一个辅助逻辑通信设备。 通信会话请求请求与所述至少一个辅助逻辑通信设备中的一个的通信会话。 在接收到通信会话请求时,主逻辑通信设备向一个辅助逻辑通信设备发送请求一个辅助逻辑通信设备发起与计算机服务器的通信会话的会话发起消息。 一个辅助逻辑通信设备用发起通信会话的通信会话回复对计算机服务器进行回复,并将一个辅助逻辑通信设备识别到计算机服务器。
-
公开(公告)号:US20210192521A1
公开(公告)日:2021-06-24
申请号:US17190901
申请日:2021-03-03
摘要: Various embodiments are described herein for methods, devices and systems that can be used to authenticate a user identity attribute associated with a user during a transaction with a merchant. In one example embodiment, the method comprises receiving, at a payment processor, a unique identifier corresponding to a payment instrument provided by the user at a merchant terminal where the payment instrument is pre-linked to one or more user identity attributes, transmitting the unique identifier to an issuer network for payment verification, generating a transaction approval indicator and transmitting the unique identifier and an identity verification request from the payment processor to the third party server if payment verification is successful, receiving the one or more user identity attributes associated with the unique identifier from a third party server, and subsequently transmitting the one or more user identity attributes and the transaction approval indicator to the merchant terminal.
-
-
-
-
-
-
-
-
-
搜索结果
23 条记录 (耗时 0.017 秒)
