US 12,475,464 B2
Unified login biometric authentication support
Darshan Desai, Fremont, CA (US); and Kishore Jaladi, Fremont, CA (US)
Assigned to PayPal, Inc., San Jose, CA (US)
Filed by PayPal, Inc., San Jose, CA (US)
Filed on Dec. 30, 2021, as Appl. No. 17/565,788.
Application 17/565,788 is a continuation of application No. 15/691,898, filed on Aug. 31, 2017, abandoned.
Claims priority of provisional application 62/411,940, filed on Oct. 24, 2016.
Prior Publication US 2022/0122088 A1, Apr. 21, 2022
Int. Cl. G06Q 20/40 (2012.01); G06Q 20/38 (2012.01); H04L 9/14 (2006.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01)
CPC G06Q 20/40145 (2013.01) [G06Q 20/3821 (2013.01); G06Q 20/3829 (2013.01); H04L 9/14 (2013.01); H04L 9/30 (2013.01); H04L 9/3231 (2013.01); H04L 9/3271 (2013.01); G06Q 2220/00 (2013.01); H04L 2209/56 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A method comprising:
implementing at least a portion of an enrollment process in which a user is permitted to enroll in biometric validation in response to providing valid biometrics, wherein the implementing includes:
receiving, from a device of the user via a first web browser, an indication that a first biometric obtained from the user matches a previously registered biometric of the user that was registered before the user opted to use the biometric validation; and
in response to receiving the indication, instructing the device of the user to generate a keypair that includes a public key and a private key;
receiving the public key from the device after instructing the device to generate the keypair, wherein the public key is stored by a server, wherein the private key is stored in a secure memory area of the device;
receiving, from the device of the user via a second web browser, a request to complete a transaction initiated by the user at the device, the transaction accessing a user account at the server;
responsive to receiving the request and based on a determination that the user opted to use the biometric validation, generating a nonce for authentication of the device;
sending, to the device, the nonce and instructions that direct the device to obtain a second biometric of the user for additional authentication;
receiving an encrypted nonce from the device, the nonce encrypted with the private key stored in the secure memory area that can only be accessed if the second biometric matches the previously registered biometric associated with the device;
decrypting the encrypted nonce with the public key of the keypair based on the device being previously authenticated for accessing the user account at the server; and
completing the transaction in response to determining that the decrypted nonce matches the nonce sent to the device.