IP Verse

Personal Digital Key Initialization And Registration For Secure Transactions

Patent No. US11182792 (titled "Personal Digital Key Initialization And Registration For Secure Transactions") was filed by Proxense Llc on Jun 4, 2020.

What is this patent about?

’792 is related to the field of electronic authentication, specifically addressing the need for secure and efficient transaction processing and access control. Traditional methods like magnetic cards and PINs have inherent security flaws and usability issues. Biometric authentication offers a potential solution, but conventional approaches often require users to release sensitive biometric data to third parties, creating privacy risks and enrollment complexities.

The underlying idea behind ’792 is to provide a secure authentication system using a Personal Digital Key (PDK) that stores a user's biometric profile in a tamper-proof memory. The PDK wirelessly transmits identification information and the biometric profile to a reader device. The reader then compares the received biometric profile with a biometric input obtained from the user at the point of transaction, enabling secure authentication without storing sensitive biometric data in a central database.

The claims of ’792 focus on a reader device determining the presence of a portable electronic device (PDK) within a proximity zone and establishing a wireless communication channel. The reader receives device identification information from the PDK and determines its validity locally, without a remote lookup. Based on whether the transaction amount is below a threshold, the reader either automatically performs the transaction or requests profile authentication from the PDK.

In practice, the PDK is initialized and registered using a trusted programming device, potentially under the supervision of a trusted Notary, to ensure the integrity of the stored biometric profile. The reader device, upon detecting a PDK within range, performs device authentication to verify the PDK's validity. If the transaction amount is below a predefined threshold, the transaction is automatically processed. For higher-value transactions, the reader requests profile authentication, such as biometric verification, from the PDK to further enhance security.

This approach differs from prior solutions by eliminating the need for PINs or passwords and avoiding the storage of personal biometric information in external databases. The local validation of the PDK's identity by the reader, without requiring a remote lookup for low-value transactions, significantly speeds up the authentication process. The use of a tamper-proof memory in the PDK and the optional involvement of a trusted Notary during initialization and registration further enhance the security and reliability of the system.

How does this patent fit in bigger picture?

Technical landscape at the time

In the mid-2000s when ’792 was filed, at a time when secure transactions were typically implemented using magnetic stripe cards or early contactless technologies. Systems commonly relied on PINs or passwords for authentication, and biometric authentication, while recognized for its potential, faced challenges related to data security and enrollment complexity. Hardware or software constraints made secure storage and transmission of biometric data non-trivial.

Novelty and Inventive Step

The examiner allowed the claims because the prior art, including Gauthier, Doyle, and Cockrill, either individually or in combination, did not teach or make obvious the claimed invention. Specifically, the prior art failed to teach establishing communication for a transaction based on the proximity of a wireless device, performing device-based authentication for low-value transactions, and using biometric profile-based authentication for high-value transactions, all without requiring the reader/authenticator device to perform a remote lookup.

Claims

This patent contains 20 claims, of which claims 1 and 11 are independent. The independent claims are directed to a method and a system for performing a transaction using a portable electronic device located within a proximity zone of a reader device. The dependent claims generally elaborate on and refine the method and system described in the independent claims, adding details regarding profile authentication, secure communication channels, types of transaction information, validation processes, and specific devices.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)Support for SpecificationInterpretation
Amount threshold
(Claim 1, Claim 11)		“Additionally, the PDK can store other information such as credit/debit card information, bank information, or personal information in a memory for use in authorizing or completing a transaction.”A pre-determined monetary value used to decide whether a transaction can be automatically performed or requires profile authentication.
Device identification information
(Claim 1, Claim 11)		“The PDK can wirelessly transmit the identification information including a unique PDK identification number and the biometric profile over a secure wireless channel for use in an authentication process.”Data transmitted from the portable electronic device to the reader device that uniquely identifies the portable electronic device.
Profile authentication
(Claim 1, Claim 11)		“In one embodiment, the Reader acquires a biometric input from the individual carrying the PDK at the point of transaction. The biometric input can be acquired by, for example, a fingerprint scan, iris scan, retinal scan, palm scan, face scan, DNA analysis, signature analysis, voice analysis or any other input mechanism that provides physical or behavioral characteristics uniquely associated with the individual. The Reader compares the biometric profile received from the PDK to the biometric input obtained at the point of transaction to determine if a transaction should be authorized.”A process where the portable electronic device verifies the user's identity, likely using biometric data, before authorizing a transaction.
Proximity zone
(Claim 1, Claim 11)		“Typically, a receiving device, referred to herein as a Reader, wirelessly receives the profile from the PDK in order to process a transaction or provide access to secure digital or physical assets.”A defined area near the reader device within which the portable electronic device must be located for communication and transaction processing to occur.

Patent Family

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

  • Date

    Description

  • Get instant alerts for new documents

US11182792

PROXENSE LLC
Application Number
US16893155
Filing Date
Jun 4, 2020
Status
Granted
Expiry Date
May 5, 2027
External Links
Slate, USPTO, Google Patents