| CPC H04L 63/0861 (2013.01) [G06Q 20/40 (2013.01); G06Q 20/40145 (2013.01); G06Q 30/06 (2013.01)] | 17 Claims |
|
1. A method of authenticating a user for performing a transaction comprising the steps of:
(a) receiving data representing unique knowledge of the user and/or biometric data of the user on a first device;
(b) generating a public/private key pair;
(c) storing the public key of the public/private key pair on an authentication server;
(d) the private key is used to sign a payload including a hardware profile of the first device, the hardware profile being associated with the user;
(e) sending the payload including the hardware profile of the first device signed by the private key to the authentication server;
(f) receiving on the authentication server the payload including the hardware profile;
(g) verifying the payload including the hardware profile of the first device with the public key of the public/private key pair;
(h) comparing data received in step (a) with previously stored data representing unique knowledge of the user and/or biometric data of the user;
(i) comparing the hardware profile received at step (g) with a previously stored hardware profile associated with the user by calculating a percent difference of the previously stored hardware profile with the hardware profile; and
(j) allowing the transaction to go forward if the payload is verified by step (g), the data is authenticated by step (h) and the difference between the received hardware profile and the previously stored hardware profile from the result of step (i) is less than a set tolerance; and
(k) when the percentage difference is not within the set tolerance, the transaction does not proceed.
|