US 2016/0005032 A1 - Method And System Of Providing Authentication Of User Access To A Computer Resource Via A Mobile Device Using Multiple Separate Security Factors - The Lens

Method And System Of Providing Authentication Of User Access To A Computer Resource Via A Mobile Device Using Multiple Separate Security Factors

Published: Jan 7, 2016
Earliest Priority: Nov 28 2012
Family: 1
Cited Works: 0
Cited by: 29
Cites: 0
Additional Info: Full text

Abstract

A method and system of authenticating a computer resource such as an application or data on a mobile device uses a contactless token to provide multi-factor user authentication. User credentials are stored on the token in the form of private keys, and encrypted data and passwords are stored on the device. When application user requires access to the resource an encrypted password is transmitted to and decrypted on the token using a stored private key. An unencrypted data encryption key or password is then transmitted back to the device under the protection of a cryptographic session key which is generated as a result of strong mutual authentication between the device and the token.

Claims

A method of conducting a cryptocurrency payment via a mobile computing device comprising:
using the mobile computing device, storing an encrypted wallet received from a portable security token that is separate from the mobile device, wherein the encrypted wallet comprises a cryptocurrency wallet encrypted with a secret key that is restricted to the portable security token;

using the mobile computing device, receiving a cryptocurrency payment instruction;

using the mobile computing device, prompting for a user credential to approve the cryptocurrency payment instruction;

using the mobile computing device, sending, to the portable security token, a message in response to receiving the user credential, wherein the message comprises the encrypted wallet, the cryptocurrency payment instruction, and the user credential; and

wherein the sending of the message causes the portable security token to: decrypt, using the secret key, the cryptocurrency wallet from the encrypted wallet; in response to confirming that the user credential matches an authentication identifier registered with the portable security token, create a cryptocurrency payment transaction by digitally signing the cryptocurrency payment instruction using the cryptocurrency wallet; transmit the cryptocurrency payment transaction to a cryptocurrency network; and erase the cryptocurrency wallet.
The method of claim 1, wherein the encrypted wallet is stored on a remote cloud storage location.
The method of claim 1, wherein the authentication identifier is one of a personal identification number (PIN), a biometric identifier, and a fingerprint.
The method of claim 1, wherein the receiving of the encrypted wallet is in response to sending, to the portable security token, an encryption request that embeds the cryptocurrency wallet.
The method of claim 1, wherein the receiving of the encrypted wallet is in response to sending, to the portable security token, an encryption request to create the cryptocurrency wallet as a new wallet.
The method of claim 1, wherein the cryptocurrency payment instruction is received from one of: an application executing on the mobile device, an application executing on a separate computing device owned by a user of the mobile device, and a merchant terminal.
The method of claim 1, wherein the cryptocurrency payment instruction is received using one of: a cryptocurrency exchange application program interface (API), one or more near field communication (NFC) messages, and cellular or wireless Internet access.
The method of claim 1, wherein the receiving of the encrypted wallet from the portable security token and the sending of the message to the portable security token utilize near field communication (NFC).
The method of claim 1, wherein the prompting is by outputting, on a display, a price, a product, and a merchant associated with the cryptocurrency payment instruction.
The method of claim 1, wherein the cryptocurrency payment transaction is transmitted to the cryptocurrency network by communicating with one of: a separate computing device owned by a user of the mobile device, a merchant terminal, and a cryptographic currency exchange.
The method of claim 1, wherein the portable security token is one of: a wearable device, a watch, a card, and a ring.
The method of claim 1, wherein the cryptocurrency wallet is a BITCOIN wallet.
A data processing system that is programmed to conduct a cryptocurrency payment via a mobile computing device, the system comprising:
the mobile computing device comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, storing an encrypted wallet received from a portable security token that is separate from the mobile device, wherein the encrypted wallet comprises a cryptocurrency wallet encrypted with a secret key that is restricted to the portable security token;

stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving a cryptocurrency payment instruction;

stored program instructions that are programmed to cause, when executed by the mobile computing device, prompting for a user credential to approve the cryptocurrency payment instruction; and

stored program instructions that are programmed to cause, when executed by the mobile computing device, sending, to the portable security token, a message in response to receiving the user credential, wherein the message comprises the encrypted wallet, the cryptocurrency payment instruction, and the user credential; and

wherein the sending of the message causes the portable security token to: decrypt, using the secret key, the cryptocurrency wallet from the encrypted wallet; in response to confirming that the user credential matches an authentication identifier registered with the portable security token, create a cryptocurrency payment transaction by digitally signing the cryptocurrency payment instruction using the cryptocurrency wallet; transmit the cryptocurrency payment transaction to a cryptocurrency network; and erase the cryptocurrency wallet.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, storing the encrypted wallet on a remote cloud storage location.
The system of claim 13, wherein the authentication identifier is one of a personal identification number (PIN), a biometric identifier, and a fingerprint.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving the encrypted wallet in response to sending, to the portable security token, an encryption request that embeds the cryptocurrency wallet.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving the encrypted wallet is in response to sending, to the portable security token, an encryption request to create the cryptocurrency wallet as a new wallet.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving the cryptocurrency payment instruction from one of: an application executing on the mobile device, an application executing on a separate computing device owned by a user of the mobile device, and a merchant terminal.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving the cryptocurrency payment instruction using one of: a cryptocurrency exchange application program interface (API), one or more near field communication (NFC) messages, and cellular or wireless Internet access.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, receiving the encrypted wallet from the portable security token and sending of the message to the portable security token using near field communication (NFC).
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, prompting by outputting, on a display, a price, a product, and a merchant associated with the cryptocurrency payment instruction.
The system of claim 13, further comprising stored program instructions that are programmed to cause, when executed by the mobile computing device, transmitting the cryptocurrency payment transaction to the cryptocurrency network by communicating with one of: a separate computing device owned by a user of the mobile device, a merchant terminal, and a cryptographic currency exchange.
The system of claim 13, wherein the portable security token is one of: a wearable device, a watch, a card, and a ring.
The system of claim 13, wherein the cryptocurrency wallet is a BITCOIN wallet.