Patent application number | Description | Published |
20080227436 | METHOD AND SYSTEM FOR PROVIDING ENHANCED BROADCAST ADVERTISING - One example provides a broadcast device configured to display an advertisement for viewing by a user and a mobile client device configured to capture information relating to the advertisement from the broadcast device. The mobile client device determines whether the captured information is sufficient to allow the mobile client device to generate an electronic coupon. If it is, the mobile client device generates a coupon may be stored in the mobile client device and subsequently presented at a point-of-sale device as part of a transaction. If the captured information is insufficient, the mobile client device may request additional information from an advertiser server either directly or via the broadcast device. | 09-18-2008 |
20080229109 | HUMAN-RECOGNIZABLE CRYPTOGRAPHIC KEYS - A visual authentication scheme for websites is provided that binds an image to a website so that a user can by visually authenticate whether he/she is viewing an intended/trusted website. An authentication or cryptographic key (associated with a web page) is rendered as a unique key-identifying image or unique sequence of images. This key-identifying image(s) is then displayed to the user. The user associates this key-identifying image with the originator or source of the web page so that the user can easily recognize the originator by glancing at the key-identifying image. The association between the key-identifying image and the cryptographic/authentication key (and thereby the source of the web page) can be achieved similarly to brand awareness. | 09-18-2008 |
20080263117 | INITIAL SEED MANAGEMENT FOR PSEUDORANDOM NUMBER GENERATOR - A secure seeding and reseeding scheme is provided for pseudorandom number generators by using a pre-stored initialization seed. This scheme initializes a pseudorandom number generator into an unknown state even when entropy collection is unavailable. A primary seed file and a shadow seed file are maintained with initialization seed information in a secure file system. If the primary seed file is corrupted, the pseudorandom number generator is seeded with the content of the shadow seed file. Additionally, a trusted timer or clock may be mixed with the pre-stored initialization seed to add entropy even when the pre-stored seed information has been compromised. | 10-23-2008 |
20090003597 | Small Public-Key Based Digital Signatures for Authentication - Embodiments disclosed allow authentication between two entities having agreed on the use of a common modulus N. The authentication includes generating a pseudorandom string value; generating a public key value based on the modulus N and the pseudorandom string value; generating a private key value corresponding to the public key value; receiving a verifier's public key value; generating a shared secret value based on the modulus N, the private key value and the verifier's public key value; calculating an authentication signature value using the shared secret value; and transmitting the authentication signature value for authentication. When the authentication signature is received, the public key value and the shared value are generated to calculate an authentication signature value. Thereafter, the authentication signature values are compared and authenticated. | 01-01-2009 |
20090141890 | DIGITAL AUTHENTICATION OVER ACOUSTIC CHANNEL - Apparatus and method are disclosed for digital authentication and verification. In one embodiment, authentication involves storing a cryptographic key and a look up table (LUT), generating an access code using the cryptographic key; generating multiple parallel BPSK symbols based upon the access code; converting the BPSK symbols into multiple tones encoded with the access code using the LUT; and outputting the multiple tones encoded with the access code for authentication. In another embodiment, verification involves receiving multiple tones encoded with an access code; generating multiple parallel BPSK symbols from the multiple tones; converting the BPSK symbols into an encoded interleaved bit stream of the access code; de-interleaving the encoded interleaved bit stream; and recovering the access code from the encoded de-interleaved bit stream. | 06-04-2009 |
20090282243 | PUZZLE-BASED AUTHENTICATION BETWEEN A TOKEN AND VERIFIERS - A puzzle-based protocol is provided that allows a token and verifier to agree on a secure symmetric key for authentication between the token and verifier. A token stores a secret key and one or more puzzle-generating algorithms. The verifier independently obtains a plurality of puzzles associated with the token, pseudorandomly selects at least one of the puzzles, and solves it to obtain a puzzle secret and a puzzle identifier. The verifier generates a verifier key based on the puzzle secret. The verifier sends the puzzle identifier and an encoded version of the verifier key to the token. The token regenerates the puzzle secret using its puzzle-generating algorithms and the puzzle identifier. The token sends an encoded response to the verifier indicating that it knows the verifier key. The token and verifier may use the verifier key as a symmetric key for subsequent authentications. | 11-12-2009 |
20090282253 | NETWORK HELPER FOR AUTHENTICATION BETWEEN A TOKEN AND VERIFIERS - A network helper is provided that assists verifiers in executing a puzzle-based protocol for authentication of a token. A token stores a secret key and one or more puzzle-generating algorithms. The helper stores a plurality of puzzles associated with a particular token. When requested to do so by a verifier, the helper provides a plurality of pseudorandomly selected puzzles for the token to a verifier. The puzzles are encoded with information that is used between the verifier and token to establish a secured symmetric key. The verifier selects one or a few of the encoded puzzles and breaks them by a brute force attack. Because the helper does not know which puzzles have been selected, it has to break all puzzles to attempt to figure out the symmetric key. However, if a large number of puzzles are utilized, say millions, then breaking all of them becomes a computationally prohibitive task. | 11-12-2009 |
20100034385 | COMBINATIONAL COMBINER CRYPTOGRAPHIC METHOD AND APPARATUS - Another feature provides an efficient encryption method that safeguards the security of encrypted symbols. Each plaintext symbol is encrypted by using a separate pseudorandomly selected translation table. Rather than pre-storing every possible permutation of symbols as translation tables, the translation tables may be efficiently generated on-the-fly based on a pseudorandom number arid a symbol shuffling algorithm. A receiving device may similarly generate reverse translation tables on-the-fly to decrypt received encrypted symbols. | 02-11-2010 |
20100049615 | MOBILE COMMERCE AUTHENTICATION AND AUTHORIZATION SYSTEM - The mobile commerce authentication and authorization system disclosed, illustrated, and claimed allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the user of the mobile wireless communications instrument is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device. A transaction matching subsystem located in a wireless customer server hub may assist in processing the location data and the payment sum amount across the wireless communications network. | 02-25-2010 |
20100100933 | APPARATUS AND METHOD FOR TRANSITIONING ACCESS RIGHTS FOR ROLE-BASED ACCESS CONTROL COMPATIBILIITY - Disclosed is a method for transitioning access rights, in a remote station with role-based access control, for an unknown role having access rights defined by a central access control management module. In the method, a role capability table is maintained in the remote station specifying centrally-defined access rights of roles that are interpretable in the remote station. An access request associated with an unknown role that is not interpretable in the remote station is received. The access request includes a role transition list that relates the unknown role to other centrally-defined roles. At least one of the other centrally-defined roles is interpretable in the remote station. A role is selected, from the role transition list, that is interpretable in the remote station for interpreting the unknown role of the access request. Access is granted based on the access request associated with the unknown role using the access rights of the interpretable role selected from the role transition table. | 04-22-2010 |
20100198733 | Enabling Payment Using Paperless Image Of A Check - Payment or financial transactions are facilitated between two parties by utilizing mobile devices. A payor's mobile device may be adapted to generate an electronic/paperless version or image of a check. The payor may make the paperless image of a check out to a particular payee so that it can be cashed from the payor's checking account. The electronically-generated check may be in the form of an image than can be transmitted by the payor's mobile device to the recipient's mobile device. The payee then submits the received check, electronically or in paper form, to a financial institution for redemption. | 08-05-2010 |
20110107107 | Multisigning - A Protocol For Robust Multiple Party Digital Signatures - Embodiments describe a system and/or method for multiple party digital signatures. According to a first aspect a method comprises establishing a first validity range for a first key, establishing a first validity range for at least a second key, and determining if the validity range of the first key overlaps the first validity range of the at least a second key. A certificate is signed with the first validity range of the first key and the first validity range of the at least a second key if the validity ranges overlap. According to another embodiment, signage of the certificate is refused if the first validity range of the first key does not overlap with the first validity range of the at least a second key. | 05-05-2011 |
20110238998 | METHOD AND APPARATUS FOR PORTABLE SELF-CONTAINED NODE COMPUTER - A portable self-contained node computer is provided. The portable self-contained node computer connects to a host computer. The host computer allows the portable node computer to access its peripheral input/output devices. | 09-29-2011 |
20120069218 | VIRTUAL VIDEO CAPTURE DEVICE - Systems and methods for setting up and running a virtual video capture device are described herein. The virtual video capture device may receive image data and output the data in a format similar to a video capture device. The virtual video capture device may operate with an application configured to receive data from a physical video capture device. | 03-22-2012 |
20120239576 | MOBILE COMMERCE AUTHENTICATION AND AUTHORIZATION SYSTEM - The mobile commerce authentication and authorization system allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the mobile wireless communications instrument user is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device. A transaction matching subsystem located in a wireless customer server hub may assist in processing the location data and the payment sum across the wireless communications network. | 09-20-2012 |
20130006868 | METHOD AND APPARATUS FOR DETERMINING AND UTILIZING VALUE OF DIGITAL ASSETS - Systems and methods for protecting digital assets associated with a computing device are described herein. An example of a method according to the disclosure includes assigning at least one asset worth value to respective digital assets associated with a device, computing at least one device worth value using the at least one asset worth value assigned to the digital assets associated with the device, identifying at least one device worth value threshold, performing a comparison of the at least one device worth value to the at least one worth value threshold, and initiating at least one action with respect to the digital assets associated with the device based on the comparison. | 01-03-2013 |
20130013433 | MOBILE COMMERCE AUTHENTICATION AND AUTHORIZATION SYSTEM - The mobile commerce authentication and authorization system allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the mobile wireless communications instrument user is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device. A transaction matching subsystem located in a wireless customer server hub may assist in processing the location data and the payment sum across the wireless communications network. | 01-10-2013 |
20130047231 | METHOD AND APPARATUS USING A CAPTCHA HAVING VISUAL INFORMATION RELATED TO THE CAPTCHA'S SOURCE - Disclosed is a method for visual verification a Captcha's source. In the method, a Captcha is served to a user. The Captcha includes visual information related to a characteristic of a source of the Captcha and related to a puzzle question of the Captcha. The visual information is for visual verification by the user of the Captcha's source. A response is received from the user based on the served Captcha. A determination is made as to whether the received response is a solution of the puzzle question of the served Captcha. | 02-21-2013 |
20130117817 | PREVENTION OF CROSS SITE REQUEST FORGERY ATTACKS BY CONDITIONAL USE COOKIES - To inhibit cross-site forgery attacks, different types/classes of cookies are used. A first cookie and a second cookie are generated by a web server and provided to a client browser during a web session. The first cookie defines a first set of use conditions for when the first cookie is to be used within the web session. The second cookie defines a second set of use conditions for when the second cookie is to be used within the web session. The client browser determines which (if any) of the first cookie or second cookie to send to the web server based on the use conditions defined within each cookie and the operation(s) sought by the client browser. The web server may grant different or the same privileges to operation(s) being sought by the client browser depending on whether the first or second cookie is sent by the client browser. | 05-09-2013 |
20130185792 | DYNAMIC EXECUTION PREVENTION TO INHIBIT RETURN-ORIENTED PROGRAMMING - A method, apparatus, and/or system for execution prevention is provided. A state indicator for a first subset of a plurality of memory pages of executable code in a memory device is set to a non-executable state. A state indicator for a second subset of the plurality of memory pages is set to an executable state, where the second subset of the plurality of memory pages includes indirection stubs to functions in the first subset of the plurality of memory pages. Upon execution of an application, a function call is directed to a corresponding indirection stub in the second subset of the plurality of memory pages which modifies the state indicator for a corresponding function in the first subset of the plurality of memory pages prior to directing execution of the called function from the first subset of the plurality of memory pages. | 07-18-2013 |
20140101368 | Binding microprocessor to memory chips to prevent re-use of microprocessor - A processor is provided that binds itself to a circuit such that the processor cannot be subsequently reused in other circuits. On a first startup of the processor, a memory segment of an external volatile memory device is read to obtain information prior to initialization of the memory segment. An original/initial identifier may be generated from the information read from the memory segment. The original/initial identifier may then be stored in a non-volatile storage of the processor. On subsequent startups of the processor, it verifies that the processor is still coupled to the same external volatile memory device by using the stored identifier. For instance, on a subsequent startup, the processor again reads the same memory segment of the external memory device and generates a new identifier. If the identifier matches the previously stored identifier, then the processor may continue its operations; otherwise the processor is disabled/halted. | 04-10-2014 |
20140213303 | LOCATION BASED SERVICE (LBS) SYSTEM AND METHOD FOR CREATING A SOCIAL NETWORK - A system and method for providing a location based service to create a social network, comprising activating a feature from a wireless terminal, registering from the wireless terminal with a location based service associated with the feature, creating a profile of a user of the feature, and displaying candidates based on the profile and based on the geographic location of the candidates. A Global Positioning System (GPS) may be used to geographically locate active users of a feature. An activity map may be associated with a feature, the activity map displaying active users of the feature. | 07-31-2014 |