| CPC G06Q 20/385 (2013.01) [G06Q 20/1085 (2013.01); G06Q 20/3827 (2013.01); H04L 9/3239 (2013.01); H04L 63/0838 (2013.01); H04W 12/08 (2013.01); H04W 12/33 (2021.01)] | 13 Claims |
|
1. A system for multi-device multi-channel authorization of automated teller machine (ATM) transactions, the system comprising:
an automated teller machine (ATM), said ATM comprising:
a user input interface for receiving user input;
a card reader for reading card information;
a processor configured to execute ATM functions, said processor being coupled to:
a memory module for storing data, wherein the memory module comprises:
a first sector for storing an authorization code;
a second sector for storing a preliminary code;
a third sector for storing a matrix row index;
a fourth sector for storing a provisional matrix;
a fifth sector for storing an ATM final authorization hash;
a networking module for transmitting and receiving data over a secure network connection;
wherein the ATM functions executed by the processor include:
the authorization module generating an authorization code for an ATM transaction based on user input and card information;
the authorization module storing the authorization code in the first sector of the ATM memory;
the communication module transmitting the authorization code to a server via the networking module;
the communication module receiving a preliminary code from the server, wherein the preliminary code is a one-time password (OTP);
the authorization module storing the preliminary code in the second sector of the ATM memory;
the provisional and preliminary code generation module generating a matrix row index for the preliminary code, which is used to identify specific rows in a provisional matrix;
the provisional and preliminary code generation module storing the matrix row index in the third sector of the ATM memory;
the wipeout module converting the provisional matrix into an ATM final matrix by wiping entries in the provisional matrix based on the matrix row index and the preliminary code, wherein the wiping of entries in the provisional matrix is performed on less than all rows in the provisional matrix;
the wipeout module storing the provisional matrix in the fourth sector of the ATM memory;
the hash and salt generation module hashing the ATM final matrix into an ATM hash value for each row in the ATM final matrix using a cryptographic hash function;
the hash and salt generation module generating an ATM final authorization hash by combining each said ATM hash value;
the authorization module storing the ATM final authorization hash in the fifth sector of the ATM memory;
a server communicatively coupled to the ATM, said server comprising:
a processor configured to execute server functions, said processor being coupled to:
a memory module for storing data, wherein the memory module comprises:
a sixth sector for storing the authorization code received from the ATM;
a seventh sector for storing a preliminary code;
an eighth sector for storing a provisional matrix;
a ninth sector for storing a matrix row index;
a tenth sector for storing a server final matrix;
an eleventh sector for storing a server final authorization hash;
a networking module for transmitting and receiving data over a secure network connection;
wherein the server functions executed by the processor include:
the server component module storing the authorization code received from the ATM in the sixth sector of the server memory;
the validation module authenticating the authorization code by comparing it with stored authorization codes;
the provisional and preliminary code generation module generating a preliminary code, which is a one-time password (OTP);
the server component module storing the preliminary code in the seventh sector of the server memory;
the communication module transmitting the preliminary code to a user smartphone via a secure wireless communication channel;
the provisional and preliminary code generation module generating a provisional matrix containing random values;
the server component module storing the provisional matrix in the eighth sector of the server memory;
the communication module transmitting the provisional matrix to the ATM;
the communication module receiving the matrix row index from the ATM, which indicates specific rows to be used in a final matrix calculation;
the server component module storing the matrix row index in the ninth sector of the server memory;
the wipeout module converting the provisional matrix into a server final matrix by wiping entries in the provisional matrix based on the matrix row index and the preliminary code, wherein the wiping of entries in the provisional matrix is performed on less than all rows in the provisional matrix;
the server component module storing the server final matrix in the tenth sector of the server memory;
the hash and salt generation module salting the server final matrix based on device characteristics of the user smartphone that include device ID, device type, operating system, and hardware characteristics;
the server component module storing the salted server final matrix in the eleventh sector of the server memory;
the hash and salt generation module hashing the server final matrix into a server hash value for each row in the server final matrix using the cryptographic hash function;
the server component module storing each said server hash value in a twelfth sector of the server memory;
the hash and salt generation module generating a server final authorization hash by combining each said server hash value;
the server component module storing the server final authorization hash in the eleventh sector of the server memory;
the validation module authorizing the ATM transaction if the ATM final authorization hash stored in the fifth sector of the ATM memory matches the server final authorization hash stored in the eleventh sector of the server memory;
a user smartphone communicatively coupled to the ATM and the server, said user smartphone comprising:
a display for displaying information;
a wireless communication module for transmitting and receiving data;
a processor configured to execute smartphone functions, said processor being coupled to:
a memory module for storing data;
wherein the smartphone functions executed by the processor include:
the communication module receiving the preliminary code from the server via the wireless communication module;
the operating system module displaying the preliminary code on the smartphone display; and
the communication module communicating the preliminary code to the ATM automatically through a near-field communication (NFC) wireless protocol via the wireless communication module.
|