TSI Granted US Patent 9,286,457 for Trusted Access to Mobile Devices with Secure Data Protection, Secure Transactions and PKI Communications Using Biometrics with Protected Local Templates.
March 16, 2016 – Odenton, MD – Transaction Security, Inc. announced today that it has been granted a very important Patent, which protects Mobile user data and communications, including secure device/cloud communications, and secure transactions.TSI Founder and patent co-author, Rod Beatson, believes it will significantly improve the security of data stored on the devices, protect user privacy and provide greater user convenience, through eliminating the need to enter and remember complex passwords. “It will also reduce card payment and ID fraud associated with mobile payments and chip card transactions”, he said. He explained that Transaction Security has been building its Crypto-Sign® Intellectual Property portfolio now for a number of years to enable enterprises to build low-cost, user-friendly, highly secure protection for mobile devices, their data and associated transactions with the aid of biometrics and cryptographic techniques.
In making the announcement, Beatson commented “There has been much publicity recently from Apple, Samsung, PayPal, Google, FIDO, Retailers and Credit Card companies with regard to the use of mobile devices, chip cards and biometrics in payment systems and for general transaction security. In addition”, he added, “Microsoft has announced that it is aiming to create a password-free World. TSI was preparing for these developments several years ago and the patent is a further result of the team’s vision.” Explaining its importance he said, “It’s all about using a biometric sensor on the device so that biometric samples can be matched against a local template to protect access to the device and its data in the event of loss or theft, to enable highly secure PKI-based communications and to encrypt device data - all without the need to enter complex passwords”. He added that the biometric sensor could be a fingerprint or “it could be based upon a secret sign submitted upon the device with a stylus”. He said also that the Patent adds coverage for Chip Card based transactions.”
Beatson added “…the Patent, uses an obfuscated, previously entered complex password to achieve this and eliminates the need for users to re-enter the password for future transactions. The security can be enhanced significantly with the entry of a user-selected simple PIN. Our solution is user friendly, highly secure and can be easily implemented – at very low cost.” In addition, he commented, “Since the biometric data are stored in secure encrypted form only on the device, it significantly enhances user privacy, putting the responsibility for template security firmly in the hands of the device owner. He explained further that “We believe that our improved methodology can be used to provide a trusted relationship between user, device and server whether local, remote or cloud-based. In addition, it provides the opportunity to release user credentials, like an authentic electronic signature with an ink-on-paper look, directly from the device to relying parties. The patented method achieves all this, while, at the same time relieving the user of the need to enter and remember complex passwords.”
“We have also recently filed a Continuation to this Patent which significantly expands its coverage” he added.
Mark Kelty, Board Director, co-author of the patent and TSI’s Crypto-Sign Software developer, explained, “I have worked with Rod for a number of years now on implementing these algorithms and processes and we are excited about the potential it offers for the expanded role of mobile devices and for the reduction in fraud.”
Glen Gulyas, Board Director, who works with Strategic Partners, added “Our first prototype application for user authentication of Windows-based devices was originally beta-tested by Microsoft, who believed it would be very valuable to their OEM’s.” “Later versions were also evaluated positively by HP, Dell, AT&T, the FAA and others”, he added. “Also, TSI and our partner, 20/20 Ventures, LLC, jointly hold a patent for applying automatic signature verification to authorize POS transactions. Together, these patents can significantly reduce catastrophic data breaches and the billions of dollars lost in fraud associated with payment card transactions and ID theft and save enterprises, payment card issuers, banks and consumers millions of dollars. This is a biometric solution without the normal pains associated with implementing one. This market has been developing over the years and now appears to be exploding.”
As a final comment, Beatson added “Our current objective is to move these patent protected Crypto-Sign processes into the mainstream marketplace and we are seeking strategic partners to help us accomplish this”.