U.S. and World News
:
Business
:
Patent and Trademark
News
Authernative Granted U.S. Patent For Private and Secure Financial Transactions Method
Wed, 18 Jun 2008, 11:10:21 EDT
REDWOOD CITY, Calif., June 18 (SEND2PRESS NEWSWIRE) -- Authernative, Inc., the developer of innovative user and transaction authentication and identity management technologies, announced today that the United States Patent & Trademark Office has granted the company a patent for a private and secure financial transactions method.
 The newly issued U.S. Patent No. 7,379,916, entitled "System and Method for Private and Secure Financial Transactions," adds to similar patent issuances in Canada, Australia, New Zealand, China and Hong Kong. The patent describes an enhanced security and fraud protection system which enables financial account holders to perform highly secure financial transactions with or without disclosing private financial or personal information to merchants or sellers. The method describes a transaction-processing architecture for performing secure in-person, offline, online, or mobile financial transactions with the direct participation of the account holder's financial account provider (i.e. bank account, mobile provider, credit provider, e-wallet provider, etc.). The patent also introduces a random partial PIN/password recognition algorithm to authenticate the account holder.
"The advantage of this embedded privacy and security layer (EPSL(TM)) architecture is that it enables account holders to perform controlled secure transactions without disclosing private, financial, or any other personally identifiable information to the seller or merchant, thus enhancing consumers' privacy and mitigating the potential for fraud and identity theft," says Dr. Len Mizrah, CEO of Authernative. "Another advantage is that it opens an opportunity for any financial account provider to become a counterpart to the payment transaction and share revenue generated from transaction fees."
Key aspects of the patent include the following. Prior or during a transaction, the account holder gets connected to the financial account provider where the account resides. The financial provider securely authenticates the account holder and accepts the transaction parameter controls such as the amount limit, type of transaction, time validity, and the like. Upon the entire transaction authentication, which includes both the account holder and the transaction parameters, the financial account provider generates a one-time, transaction-specific alphanumeric signature (i.e. transaction identifier, one-time virtual card number) that is transferred to the account holder from the financial provider back office during the transaction authentication stage. "This one-time transaction-specific signature pre-authenticates the entire financial transaction," says Len Mizrah, "and it is only valid for the initiated transaction, for up to a specified amount limit, and up to an allowable time limit, irrespective of which merchant processes the purchase."
Then, the one-time transaction-specific signature is presented to the merchant along with the EPSL(TM) account number. The merchant transmits them to the financial account provider along with the exact transaction amount and time and business stamps for the transaction authorization. The authorization stage of the financial transaction occurs at the back office when the financial account provider receives the transaction signature and the other parameters from the merchant and positively matches it to the prior authentication record. Concurrently, the accounting stage is completed in order to reconcile the actual transaction amount against the predicted transaction amount and the funds in the account. "This ensures that the authentication, authorization, and accounting stages are coupled together and tied to the legitimate account holder and the specific transaction," says Len Mizrah. Importantly, the entire authentication, authorization, and accounting system is clocked, enabling secure and efficient mass user EPSL(TM) implementation at back offices utilizing high frequency synchronized global clocking of EPSL(TM) logic blocks.
The security advantages of this system are manifold. This payment solution is merchant-independent - the transaction signature can be submitted to any merchant. The EPSL(TM) account number is useless if intercepted by an intruder unless it is supported by the one-time transaction-specific transaction signature. If the transaction-specific signature is stolen from the merchant's database or a payment gateway, it cannot be reused like the static payment card number. Nor will capturing transaction data in transit yield the ability to perform fraudulent transactions. Moreover, the user controlled transaction parameters limit the fraud potential. In addition, the system utilizes a random partial PIN/Password recognition algorithm to securely authenticate the user and prevent against a credential compromise. Importantly, the use of a one-time transaction signature and a one-time PIN exceeds the Payment Card Industry (PCI) and Payment Application (PA) Data Security Standard (DSS) requirements as neither the static reusable card number nor the static PIN are passed or stored at the merchant, the payment gateway provider, or the POS device.
Electronic payments represent a significant growth opportunity for banks, payment processors, and retailers, as the focus shifts from replacing paper instruments to the next generation of electronic payment solutions. Concurrently, there is significant growth in fraud, undermining consumers' trust in the financial system, and constituting billions of dollars in losses for financial institutions, businesses and consumers. The methods of committing fraud are also growing in sophistication, including card theft, skimming devices, counterfeiting, mail interception, spoof sites, credential theft, mass financial database breaches, transaction data in-transit breaches, and consumer identity theft. In addition, the collection, data mining, and selling for profit, legally or illegally obtained, financial and personal consumer information is also escalating. As a result, there has been an increase in alternative payment methods adoption over the last several years. Consumers now view alternative payment methods as a trusted and viable way to pay for purchases.
Authernative's patented method offers a comprehensive set of capabilities in the (EPSL(TM)) architecture such as preventing fraud, giving the account holder control over the transaction, securely authenticating an account holder as part of the entire transaction authentication, and protecting the account holder's private personal information from merchants and other transaction counterparts.
The U.S. issued patent solidifies the company's ability to license private and secure financial transactions intellectual property and solutions.
About Authernative, Inc.:
Authernative develops, markets, and sells innovative patented software security solutions offering identity and access management capabilities including strong authentication, authorization, administration, and auditing. The company's products are used to prevent unauthorized access to confidential data, protected resources and financial transactions. They allow businesses to lower the cost of providing, deploying and managing strong user authentication for enabling e-commerce and regulatory compliance with customers, suppliers, partners, vendors, and employees.
More information: www.authernative.com.
NEWS SOURCE: Authernative, Inc.
Send2Press® is the originating wire service for this story.
» Read More Patent and Trademark News
» Other Send2Press Industry News by Category
More Information and Media Contact:
For questions about this story, contact the news source:
»
Click Here for Contact Information
THE CONTENT OF THE ABOVE NEWS STORY WAS PROVIDED BY THE NEWS SOURCE WHO IS SOLELY RESPONSIBLE FOR ITS ACCURACY. FOR QUESTIONS ABOUT THIS STORY CONTACT THE NEWS SOURCE AND NOT SEND2PRESS (THIS WEBSITE).
O T H E R R E S O U R C E S
T E R M S O F U S E
This article is Copr. © 1983-2008 Neotrope / Send2Press. Reproduction of this news article version requires written authorization. You may freely link to this article. Journalists (see the section "Journalist Resources" above) may use orig. news release as the basis for an article.
News Websites may republish the "news release" text version linked to above under "Journalist Resources" except must retain "Send2Press Newswire" as the source of this news if used verbatim. Websites which offer/sell PR or newswire services, or web promotion services, or "splogs" may NOT reprint our content in ANY form. Send2Press Newswire is a service mark of, and "Send2Press" is a registered trademark of, Neotrope. Creative Commons - Some Rights Reserved (3.0) - Attribution Required.
DISCLAIMER: the above article is believed accurate but not guaranteed, and is based on business news supplied by the source (Authernative, Inc.). The noted source is solely responsible for its accuracy. Financial/Stock news may contain forward looking statements. Neotrope/Send2Press makes no claims of accuracy or suitability for any purpose. Any opinions expressed by representatives of company(s) mentioned in news and profiles are solely those of the person indicated, and do not reflect any opinion or policy of Neotrope or Send2Press. Your use of any information contained herein is done solely at your own risk, and you are fully responsible for using any information herein, or on sites mentioned or linked to in the article. All trademarks acknowledged.
REFERENCES: Authernative Granted U.S. Patent For Private and Secure Financial Transactions Method, Authernative, Inc., System and Method for Private and Secure Financial Transactions, U.S. Patent No. 7,379,916, user and transaction authentication and identity management technologies, EPSL, CEO Dr. Len Mizrah, Jun 18, 2008.
VIEWED BY MEDIA (and public): 742 times (2 today, 12 this week,
19 this month, 742 this year)
|
|
|
Subscribe in a reader
PLAIN TEXT FORMAT (UTF-8)
PDF FORMAT
