Embed Size (px)
Citation preview
US008904495B2
(12) United States Patent Baghdasaryan et al.
(10) Patent N0.: (45) Date of Patent:
US 8,904,495 B2 Dec. 2, 2014
(54)
(75)
(73)
(*)
(21)
(22)
(65)
(60)
(51)
(52)
(58)
SECURE TRANSACTION SYSTEMS AND METHODS
Inventors: Davit Baghdasaryan, Fremont, CA (US); Ramesh Kesanupalli, San Jose, CA (US); Frank Schwab, Phoenix, AZ (US); Philip Yiu Kwong Chan, Fremont, CA (US); Larry Hattery, Beaverton, OR (U S)
Assignee:
Notice:
Synaptics Incorporated, San Jose, CA (Us)
Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 360 days.
App1.No.: 12/751,954
Filed: Mar. 31, 2010
Prior Publication Data
US 2011/0083173 A1 Apr. 7, 2011
Related US. Application Data
Provisional application No. 61/249,218, ?led on Oct. 6, 2009, provisional application No. 61/292,820, ?led on Jan. 6, 2010.
Int. Cl. G06F 7/04 (2006.01) G06Q 20/00 (2012.01) G06Q 20/10 (2012.01) G06Q 20/40 (2012.01) US. Cl. CPC .............. .. G06Q 20/10 (2013.01); G06Q 20/40
(2013.01); G06Q 20/401 (2013.01); G06Q 20/40145 (2013.01)
713/182, 185, 186, 189, 193; 705/35, 44, 705/50, 64, 67, 75, 76; 235/375, 379;
340/51, 584585 See application ?le for complete search history.
(56) References Cited
U.S. PATENT DOCUMENTS
5,280,527 A 5,326,104 A
1/1994 Gullman et al. 7/1994 Pease et al.
(Continued)
FOREIGN PATENT DOCUMENTS
EP 2343677 A1 7/2011 EP 2343679 A1 7/2011
(Continued) OTHER PUBLICATIONS
Hiltgen, et al., “Secure Internet Banking Authentication”, IEEE Security and Privacy, IEEE Computer Society, New York, NY, US, Mar. 1, 2006, pp. 24-31, XP007908655, ISSN: 1540-7993.
(Continued)
Primary Examiner * Gilberto Barron, Jr.
Assistant Examiner * Abdulhakim Nobahar
(74) Attorney, Agent, or Firm * Shartsis Friese LLP; Cecily Anne O’Regan; William C. Cray
(57) ABSTRACT
A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data, which is received from the user. The web browser plug-in then communicates a transaction con
USPC ............................................... .. 726/5; 705/75 ?nnation to the semen
Field of Classi?cation Search USPC ...... .. 726/245, 21, 26430; 713/150, 168, 169, 9 Claims, 17 Drawing Sheets
/100 116 r132 | | m
T TRANSACTION "J YOU AR'EFAEJUUTTO SEND WEB BROWSER DETAILS AGENT $5000 T0 JOHN SMITH.
APPL BIOMETRIC
ICATION PLEASE SWIPE YOUR FINGER TO
BROWSER EXTENSION
VERIFY SIGNATURE
OF APPLICATION
104
TRANSACTION DETAILS, A RANDOM CHALLENGE AND
SIGNATURE
106x
CONFIRM THIS TRANSACTION.
PERIODICALLY VERIFY THE TEXT UNTIL USER SWIPES
112
108
Q 4\ 11 SECURESTORAGE BIOMETRIC SENSOR M
BIOMETRIC SERV|CE H'I'I'PS WITH WEB SERVER
0
ENCRYPTION KEY
US 8,904,495 B2 Page 2
(56) References Cited 2006/0259873 A1 11/2006 Mister 2006/0287963 A1 12/2006 Steeves et al.
US PATENT DOCUMENTS 2007/0016943 A1 1/2007 M’Ralhi 2007/0021198 A1 1/2007 Muir et a1.
5,326,194 A 7/1994 Pinto et al‘ 2007/0031009 A1 2/2007 Mwale 5,428,684 A 6/1995 Akiyama et 31‘ 2007/0036400 A1 2/2007 Watanabe et a1. 5,884,289 A 3/1999 Anderson et al‘ 2007/0038867 A1 2/2007 Verbauwhede et a1. 5,930,804 A 7/1999 Yu et 31‘ 2007/0057763 A1 3/2007 Blattner et a1. 6,091,835 A * 7/2000 Smithies et a1. ............ .. 382/115 2007/0067828 A1 3/2007 Bychkov 6,134,340 A 10/2000 Hsu et 31‘ 2007/0076926 A1 4/2007 Schne1der et a1. 6,173,400 B1 1/2001 Perlman et 31‘ 2007/0106895 A1 5/2007 Huang et a1. 6,182,076 B1 1/2001 Yu et 31‘ 2007/0174206 A1 7/2007 Colella 6,182,221 B1 1/2001 Hsu et al‘ 2007/0180263 A1 55/2007 Delgrosso et a1. 6,332,193 B1 12/2001 Glass et 31‘ 2007/0198435 A1 8/2007 Siegal et a1. 6,460,163 B1 10/2002 Bowman et al‘ 2007/0226516 A1 9/2007 Kubota 6,819,219 B1 11/2004 Bone et al‘ 2007/0237366 A1 10/2007 Maletsky 6,963,974 B1 11/2005 Skinner et 31‘ 2007/0245152 A1 10/2007 Pizano et a1. 7,004,389 B1 2/2006 Robinson et al‘ 2007/0245154 A1 10/2007 Akkermans et a1. 7,014,107 B2 3/2006 Singer et 31‘ 2007/0266342 A1 11/2007 Chang et a1.
* ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ ‘ H 7,174,323 B1 * 2/2007 Schultz et a1. ................ .. 705/75 Zoos/0072063 A1 3/2008 Takahashi et 91
7,188,362 B2 3/2007 Brandys 2008/0077796 A1 3/2008 Lund et al. 7,200,576 B2 4/2007 Steeves et 31‘ 2008/0127311 A1 5/2008 Yasaki et al. 7,233,942 B2 6/2007 Nye 2008/0147547 A1 * 6/2008 Drummond et a1. .......... .. 705/43 7,269,256 B2 9/2007 Rosen 2008/0155269 A1 6/2008 Yoshikawa 7,283,534 B1 10/2007 Kelly et al‘ 2008/0170695 A1 7/2008 Adler et al. 7,356,705 B2 4/2008 Ting 2008/0178008 A1 7/2008 Takahashi et al. 7,398,390 B2 7/2008 Hyser 2008/0183728 A1 7/2008 Cornelius et a1. 7,502,761 B2 3/2009 Siegal et al‘ 2008/0185429 A1 8/2008 Saville 7,505,941 B2 3/2009 Bishop et al‘ 2008/0189411 A1 8/2008 Motoyama et a1. 7,530,099 B2 5/2009 Flurry et al‘ 2008/0222049 A1 9/2008 Loomis et a1. 7,543,737 B2 6/2009 Bensimon et 31‘ 2008/0244277 A1 10/2008 Orsini et a1. 7,565,330 B2 * 7/2009 Steeves et a1. ................ .. 705/75 Zoos/0289020 A1 11/2008 Cameo? 51 31~ 7,589,832 B2 9/2009 Den Boef et 31‘ 2008/0320600 A1 12/2008 Pandiscia et a1. 7,623,659 B2 11/2009 Huang et al‘ 2009/0013191 A1 1/2009 Popowski 7 664 709 B2 2/2010 Chatani et al‘ 2009/0024499 A1 * 1/2009 Ribble .......................... .. 705/35
736813103 B2 3/2010 Devadas at 31, 2009/0070860 A1 3/2009 Hirata et 51. 7,685,629 B1 3/2010 White et al‘ 2009/0089867 A1 4/2009 Weatherford et a1. 7,693,279 B2 4/2010 Chen et al‘ 2009/0132813 A1 5/2009 Schibuk 7,698,230 B1 * 4/2010 Brown et a1. ................. .. 705/75 2009/0164796 A1 6/2009 Pence 7,752,450 B1 7/2010 Palmer et a1. 2009/0164798 A1 6/2009 Gupta 7,797,434 B2 9/2010 Blakley et 31‘ 2009/0210942 A1 8/2009 Abel 7,831,840 B1 11/2010 Love et 31‘ 2009/0217366 A1 8/2009 Gao et a1. 7,844,579 B2 11/2010 Peterson et 31‘ 2009/0228714 A1 9/2009 Fiske et a1. 8,032,932 B2 10/2011 Speyer et 31‘ 2009/0313687 A1 12/2009 Popp et a1. 8,046,589 B2 10/2011 Akkermans et al‘ 2009/0319435 A1 12/2009 Little, Jr. et a1. 8,078,885 B2 12/2011 Jobmann 2009/0319797 A1 12/2009 Toernqvist 8,112,787 B2 2/2012 Buer 2010/0049659 A1 2/2010 Cass0ne 8,132,242 B1 3/2012 Wu 2010/0083000 A1 4/2010 Kesanupalli 8,290,150 B2 10/2012 Erhm et 31‘ 2010/0088754 A1 4/2010 Ghislanzoni 8,327,142 B2 12/2012 Lund et al‘ 2010/0146275 A1 6/2010 Slick et a1. 8,421,595 B2 4/2013 Cassone 2010/0191634 A1 7/2010 Macy et a1. 8,799,666 B2 8/2014 Kesanupalli et al‘ 2011/0060913 A1 3/2011 led et a1.
2001/0029527 A1 10/2001 Goshen 2011/0082791 A1 4/2011 Baghdasaryan et a1. 2002/0026478 A1 2/2002 Rodgers et 31‘ 2011/0082800 A1 4/2011 Baghdasaryan et a1. 2002/0029194 A1 * 3/2002 Lewis et al. ................... .. 705/39 2011/0082801 A1 4/2011 Baghdasaryan et al~ 2002/0073046 A1 6/2002 David 2011/0082802 A1 4/2011 Baghdasaryan et a1. 2002/0112162 A1 8/2002 Cocotis et a1. 2011/0083016 A1 4/2011 K989999911! 91 91~ 2002/0140542 A1 10/2002 Prokoski et a1. 2011/0083018 A1 4/2011 K989999911! 91 91~ 2002/0156726 A1 10/2002 Kleckner et a1. 2011/0083170 A1 4/2011 K989999911} 91 91~ 2002/0174348 A1 11/2002 Ting 2011/0138450 A1 6/2011 Kesanupalll et a1. 2003/0064805 A1 4/2003 Wells 2012/0012652 A1 * 1/2012 Couper et a1. .............. .. 235/379
2003/0074559 A1 * 4/2003 Riggs .......................... .. 713/168
2003/0123714 A1 7/2003 O’Gorman et a1. FOREIGN PATENT DOCUMENTS 2003/0135740 A1 7/2003 Talmor et a1. 2004/0010697 A1 1/2004 White EP 2343472 A1 7/2011 2004/0030741 A1 * 2/2004 Wolton et a1. ............... .. 709/202 EP 2391053 A1 11/2011 2004/0034784 A1 2/2004 Fedronic et a1. JP 2006/350767 12/2006 2004/0230536 A1 * 11/2004 Fung et a1. .................... .. 705/64 W0 WO 93/57247 A1 12/1993 2004/0260657 A1 12/2004 Cockerham W0 W0 03/007533 A1 1/2003 2005/0109835 A1 5/2005 Jacoby et a1. W0 WO 2005/018137 A1 2/2005 2005/0177750 A1 55/2005 Gasparini et a1. W0 WO 2010/034036 A1 3/2010 2005/0198377 A1 * 9/2005 Ferguson et a1. ........... .. 709/238 2006/0005022 A1 1/2006 Wakamori et a1. OTHER PUBLICATIONS 2006/0006224 A1 1/2006 MOdi _ _ _
2006/0078176 A1 4/2006 Abiko et 31‘ Hegt, “Analy51s of Current and Future Phlsh1ng Attacks on Internet 2006/0159313 A1 7/2006 Hicks et al‘ Banking Services”, Mater Thesis. Techische Universiteit 2006/0212487 A1 9/2006 Kennis et al, EindhoveniDepartment of Mathematics and Computer Science 2006/0239514 A1 10/2006 Watanabe et a1. May31, 2008, pp. 1-149, XP002630374, Retrieved from the Internet:
US 8,904,495 B2 Page 3
(56) References Cited Edward Suh and Ariniva Devadas: Physical uncloneable functions for device authentication and secret key generation, ACM, Proceed
OTHER PUBLICATIONS ings of the 44th annual Design Automation Conference, 2007, New York.
URL :http://alexandria.tue.nl/extral/afstversl/Wsk-i/hgt2008 .pdf [retrieved on Mar. 29, 2011] *pp. 127-134, paragraph 62*. * Cited by examiner ITD, “Anti-Money Laundering”, ITD, Jan. 22, 2009.
US 8,904,495 B2 Sheet 1 0f 17 Dec. 2, 2014 US. Patent
“82% QEEEQE mesmon mmzomw O: \H/ wow
US. Patent Dec. 2, 2014 Sheet 2 0f 17 US 8,904,495 B2
200 /'
AND CONFIRMS THE TRANSACTION BY PROVIDING VALID BIOMETRIC DATA OR DENIES THE TRANSACTION BY
CANCELING THE WINDOW/TRANSACTION
I GD FIG. 2A
202 ’ A USER SUBIVIITS A TRANSACTION TO A WEB SERVER ‘N/ \ VIA A WEB BROWSER APPLICATION J
‘7 r \ 204 THE WEB SERVER RETURNS THE TRANSACTION SIGNED WITH \J A KEY SHARED BETWEEN THE WEB SERVER AND THE CLIENT
DEVICE EXECUTING THE WEB BROWSER APPLICATION J
v 206
’ THE WEB SERVER COIVIIVIUNICATES ADDITIONAL DATA TO THE xv \ CLIENT DEVICE EXECUTING THE WEB BROWSER APPLICATION J
I J 208
THE WEB BROWSER APPLICATION RECEIVES THE M TRANSACTION DATA AND ANY ADDITIONAL DATA, AND
COIVWIUNICATES TO A BIONIETRIC SERVICE J
, I x 210 THE BIOMETRIC SERVICE GENERATES A WINDOW AND K/
DISPLAYS TRANSACTION DATA IN THE WINDOW J
I x 212 THE BIOIVIETRIC SERVICE IVIONITORS THE DATA DISPLAYED V
IN THE WINDOW TO ENSURE DATA IS NOT MODIFIED J
DATA IN WINDOW YES MODIFIED?
THE USER REVIEWS THE TRANSACTION DATA IN THE WINDOW 216
V
(B)
US. Patent Dec. 2, 2014 Sheet 3 0f 17 US 8,904,495 B2
220
USER PROVIDES VALID BIOMETRIC
DATA?
NO
YES 222
[ THE BIOMETRIC SERVICE G RATES A CONFIRMATION JV TOKEN AND COMMUNICATES CONFIRMATION TOKEN TO
THE WEB SERVER
' 224
[ THE WEB SERVER VALIDATES THE CONFIRMATION TOKEN J'V
VALID NO CONFIR TION
TOK .
22
[ THE WEB SERVER PROCESSES THE TRANSACTION J'V
V 230
[ THE WEB SERVER NOTIFIES THE BIOMETRIC SERVICE WHEN Jx/ TH E TRANSACTION IS COMPLETE
THE WEB SERVER CANCELS THE TRANSACTION
218
FIG. 25
US. Patent Dec. 2, 2014 Sheet 4 0f 17 US 8,904,495 B2
Login to your account using Fingerprint Security
Please swipe your ?nger
If you prefer you may use your Username and Password.
Not yet registered? Register now.
Send Money You can send money to another user.
Payment($)1 5000
400 To: John Smith J
My Aggount
US. Patent Dec. 2, 2014 Sheet 5 0f 17 US 8,904,495 B2
r \
Transaction Confirmation l—
' Please swipe your finger to confirm this transaction
Transfer $5000 from your account to account 'John Smith'.
500 \/\
Transaction Com plete Transfer $5000 from your account to account 'John Smith'.
600 \/T Thanks you for using this system!
Make another Transaction
My Account
FIG. 6
US 8,904,495 B2 Sheet 7 0f 17 Dec. 2, 2014 US. Patent
A
atmw n25
8285 £25 ____________________________________‘__
US. Patent Dec. 2, 2014 Sheet 8 0f 17 US 8,904,495 B2
/800 802
HOST PC BIOMETRIC
804 SENSOR ‘ WinUSB BIOMETRIC ‘
p ‘ DRIVER SERVICE APPLICATION
808 810 812
806
SECURE STORAGE
FIG. 8
US 8,904,495 B2 Sheet 9 0f 17 iDec.2,2014 US. Patent
/\J wow wow zOFm>mozm
oo@\\\\\\\
v Q
Mszmw wow QEPm§OE
US. Patent Dec. 2, 2014 Sheet 10 0f 17 US 8,904,495 B2
1008
1002 1004 a / / TPEETIsEENROEI‘YODRTTN'GER':
I AND PROVIDE CREDENTIALS I 4 (IF REQUIRED) I
' l ‘ l
‘ ENROLL I I
8%,??? APPLICATION I i q I APPLICATION ID I l
USER ID , I USER CREDENTIALS : I
I I. __________________ __:
1006
SECURE STORAGE
1108 1102 1104 / / E - A ------------ - -I
: PLEASE SWIPE YOUR FINGER : l I FOR AUTHENTICATION I
AUTHENTICATE "I : OR IDENTIFY : :
BIOMETRIC I I SERV|CE ‘ APPL|CAT|ON i :
USER CREDENTIALS : i l l ' I
I L __________________ __:
1106
SECURE STORAGE
FIG. 11
US 8,904,495 B2 Sheet 11 0f 17 Dec. 2, 2014 US. Patent
US. Patent Dec. 2, 2014 Sheet 12 0f 17 US 8,904,495 B2
/ 1300
SENSOR
I READ FINGERPRINT INFORMATION AS A USER SWIPES \ 1304 THEIR FINGER ACROSS THE FINGERPRINT SENSOR J’V
(CREATE A FINGERPRINT TEMPLATE ASSOCIATED WITH X4306 THE FINGERPRINT INFORMATION
[ DETECT A FINGER CONTACTING A FINGERPRINT F302
(
\ ( RECEIVE USER CREDENTIALS ASSOCIATED WITH THE $308
USER \ L J
K \ 1310 BIND THE USER CREDENTIALS WITH THE FINGERPRINT /\/
TEMPLATE \ L J
K \ 1312 STORE THE USER CREDENTIALS AND THE FINGERPRINT N \ TEMPLATE J
FIG. 13
US. Patent Dec. 2, 2014 Sheet 13 0f 17 US 8,904,495 B2
/ 1400
f READ FINGERPRINT INFORMATION FROM A USER'S 1402
\ FINGER IN CONTACT WITH A FINGERPRINT SENSOR
leENTIFY A FINGERPRINT TEMPLATE ASSOCIATED vv|TH \ 1404 THE USER
\ J
T
\ (COMPARE THE FINGERPRINT INFORMATION READ FROM 1406 \THE USER'S FINGER WITH THE FINGERPRINT TEMPLATE)
8
8
1408 NO
YES
[RETRIEVE USER CREDENTIALS ASSOCIATED WITH THE P410 USER
COMMUNICATE THE USER CREDENTIALS TO A 1412 REQUESTING PROCESS OR SYSTEM
V
DO NOT RETRIEVE 1414 USER CREDENTIALS
FIG. 14
US. Patent Dec. 2, 2014 Sheet 14 0f 17 US 8,904,495 B2
FINGER IN CONTACT WITH A FINGERPRINT SENSOR
I 1504
[ AUTHENTICATE THE FINGERPRINT INFORMATION F
[ READ FINGERPRINT INFORMATION FROM A USER'S P502
AUTHENTICATED?
RETRIEVE CREDENTIALS ASSOCIATED WITH THE USER I508 BASED ON THE FINGERPRINT INFORMATION
f \ 1510 DECRYPT THE USER CREDENTIALS /\/
\ (IDENTIFY A UNIQUE IDENTIFIER ASSOCIATED WITH THE 1512 \ FINGERPRINT SENSOR JN
I ( COMMUNICATE THE OEORYRTEO USER CREDENTIALS \ 1514
AND THE UNIQUE IDENTIFIER TO A REQUESTING PROCESS OR SYSTEM
\ J V
GENERATE MESSAGE INDICATING FAILURE OF
AUTHENTICATION 1516
FIG. 15
US. Patent Dec. 2, 2014 Sheet 15 or 17
/ 1600
A WEB BROWSER APPLICATION ACCESS ES A WEB 1602 SITE THAT SUPPORTS BIOMETRIC AUTHENTICATION
P604
08
DETERMINE WHETHER A BIOMETRIC DEVICE IS INSTALLED IN THE SYSTEM EXECUTING THE WEB
BROWSER APPLICATION
1606
BIOMETRIC DEVICE INSTALLED?
SECURITY TO A USER THROUGH THE USE OF THE THE WEB BROWSER APPLICATION OFFERS ENHANCED 16
BIOMETRIC DEVICE
I 1610 NO USER ACCEPTS OFFER
OF ENHANCED SECURITY?
1612 [ USER ENROLLS USING THE BIOMETRIC DEVICE )“V
V
US 8,904,495 B2
1614
2 THE WEB BROWSER APPLICATION OPERATES WITHOUT BIOMETRIC
AUTHORIZATION
FIG. 16
US 8,904,495 B2 Sheet 16 0f 17 Dec. 2, 2014 US. Patent
howcmw 2:255
![ユーザー登録方法について...'pepup. — [PepUp] X—Jb7 F Pep 77 'Y 7) To 4 22 %d.pepup.io/users/confirmation?confirmation token-vngKYBYBYE9KhLCMFLi](https://img.pdfslide.net/doc/110x75/5f0987697e708231d4274270/fffceoe-pepup-a-pepup-xajb7-f-pep-77-y.jpg)
