-
Patent Agency Ranking
公开(公告)号:US11157905B2
公开(公告)日:2021-10-26
申请号:US14839234
申请日:2015-08-28
Applicant: MasterCard International Incorporated
Inventor: Ashfaq Kamal , Bob Reany , Gregory D. Williamson
Abstract: A secure on-device cardholder authentication method and system. In an embodiment, a consumer's mobile device uses a mobile application to receive a user authentication request from an entity. A biometric data capture request is then transmitted to a biometric sensor of the mobile device, and a determination made that the mobile application is authorized to use an authenticator API. Next, the mobile device processor prompts the user to provide at least one form of biometric data in accordance with business rules, receives a user authentication response when the user provided biometric data matches locally stored biometric data, generates a positive user authentication response message, and transmits the positive user authentication response message to the entity.
-
2.发明申请公开(公告)号:US20160086172A1
公开(公告)日:2016-03-24
申请号:US14492337
申请日:2014-09-22
Applicant: MasterCard International Incorporated
Inventor: Ashfaq Kamal , Gregory D. Williamson , Bob Reany
CPC classification number: G06Q20/3829 , G06F21/62 , G06Q20/24 , G06Q20/26 , G06Q20/322 , G06Q20/3227 , G06Q20/40145
Abstract: According to some embodiments, a requesting application executing on a mobile device may request a transport layer security key pair in connection with a payment transaction. Responsive to the request, a trusted execution environment client of the mobile device may route a request to a payment application executing in a secure trusted execution environment of the mobile device. It may then be arranged, within the secure trusted execution environment, to create the transport layer security key pair and provide key pair to the requesting application. Moreover, in some embodiments, the mobile device may transmit payment transaction information to an access control server and receive a request for biometric authentication. It may then be arranged for hardware within the mobile device to biometrically authenticate a user of the mobile device.
Abstract translation: 根据一些实施例,在移动设备上执行的请求应用可以与支付交易相关联地请求传输层安全密钥对。 响应于该请求,移动设备的可信赖执行环境客户端可以将请求路由到在移动设备的安全可信执行环境中执行的支付应用。 然后,可以在安全的受信任的执行环境内设置创建传输层安全密钥对,并向请求应用提供密钥对。 此外,在一些实施例中,移动设备可以向接入控制服务器发送支付交易信息,并且接收对生物认证的请求。 然后可以将移动设备内的硬件设置为对移动设备的用户进行生物测量认证。
-
公开(公告)号:US09704160B2
公开(公告)日:2017-07-11
申请号:US14492337
申请日:2014-09-22
Applicant: MasterCard International Incorporated
Inventor: Ashfaq Kamal , Gregory D. Williamson , Bob Reany
CPC classification number: G06Q20/3829 , G06F21/62 , G06Q20/24 , G06Q20/26 , G06Q20/322 , G06Q20/3227 , G06Q20/40145
Abstract: According to some embodiments, a requesting application executing on a mobile device may request a transport layer security key pair in connection with a payment transaction. Responsive to the request, a trusted execution environment client of the mobile device may route a request to a payment application executing in a secure trusted execution environment of the mobile device. It may then be arranged, within the secure trusted execution environment, to create the transport layer security key pair and provide key pair to the requesting application. Moreover, in some embodiments, the mobile device may transmit payment transaction information to an access control server and receive a request for biometric authentication. It may then be arranged for hardware within the mobile device to biometrically authenticate a user of the mobile device.
-
公开(公告)号:US20170061441A1
公开(公告)日:2017-03-02
申请号:US14839234
申请日:2015-08-28
Applicant: MasterCard International Incorporated
Inventor: Ashfaq Kamal , Bob Reany , Gregory D. Williamson
IPC: G06Q20/40
CPC classification number: G06Q20/40145 , G06Q20/32 , G06Q2220/00
Abstract: A secure on-device cardholder authentication method and system. In an embodiment, a consumer's mobile device uses a mobile application to receive a user authentication request from an entity. A biometric data capture request is then transmitted to a biometric sensor of the mobile device, and a determination made that the mobile application is authorized to use an authenticator API. Next, the mobile device processor prompts the user to provide at least one form of biometric data in accordance with business rules, receives a user authentication response when the user provided biometric data matches locally stored biometric data, generates a positive user authentication response message, and transmits the positive user authentication response message to the entity.
Abstract translation: 安全的设备上的持卡人认证方法和系统。 在一个实施例中,消费者的移动设备使用移动应用从实体接收用户认证请求。 然后将生物特征数据捕获请求发送到移动设备的生物特征传感器,并且确定移动应用被授权使用认证器API。 接下来,移动设备处理器提示用户根据业务规则提供至少一种形式的生物特征数据,当用户提供的生物统计数据与本地存储的生物统计数据匹配时,接收用户认证响应,生成正用户认证响应消息,以及 向实体发送正用户认证响应消息。
-
公开(公告)号:US20150294313A1
公开(公告)日:2015-10-15
申请号:US14684749
申请日:2015-04-13
Applicant: MasterCard International Incorporated
Inventor: Ashfaq Kamal , Gregory D. Williamson , Steve Hubbard , Bob Reany
Abstract: Multi-factor authentication techniques are described that use secure push authentication technology for transactions. An embodiment includes receiving, by an assurance platform operating as an authentication service platform, a user authentication request and transaction data from an access control server (ACS), determining an authentication rule, generating a user validation request message, transmitting the user validation request message to a user mobile device, and receiving user authentication data. The assurance platform then validates the user authentication data, transmits a device authentication request, receives a device authentication response signed with a private key of the user, and authenticates the user based on the device authentication response and private key.
Abstract translation: 描述了使用安全推送认证技术进行交易的多因素认证技术。 一个实施例包括由作为验证服务平台的保证平台从访问控制服务器(ACS)接收用户认证请求和交易数据,确定认证规则,生成用户验证请求消息,发送用户验证请求消息 到用户移动设备,并且接收用户认证数据。 然后,保证平台验证用户认证数据,发送设备认证请求,接收用用户私钥签名的设备认证响应,并根据设备认证响应和私钥认证用户。
-
-
-
-
Search Results
5
records
(took 0.014 seconds)
