U.S. patent application number 14/210240 was filed with the patent office on 2014-09-18 for systems and methods to secure short-range proximity signals.
This patent application is currently assigned to OPTIO LABS, INC.. The applicant listed for this patent is Optio Labs, Inc.. Invention is credited to Thomas Charles CLANCY, III, Brian DOUGHERTY, David Alexander HAMRICK, Robert Austin HANLIN, Grayson Gates SHARPE, Christopher Michael THOMPSON, Christopher Jules WHITE, Krzysztof Kamil ZIENKIEWICZ.
Application Number | 20140273857 14/210240 |
Document ID | / |
Family ID | 51529248 |
Filed Date | 2014-09-18 |
United States Patent
Application |
20140273857 |
Kind Code |
A1 |
WHITE; Christopher Jules ;
et al. |
September 18, 2014 |
SYSTEMS AND METHODS TO SECURE SHORT-RANGE PROXIMITY SIGNALS
Abstract
A system for short-range communications includes a device and a
server. The mobile device receives information via short range
wireless signals, processes that information, and transmits
information to the server. The server uses the information to
verify that the information from the device is consistent with a
device currently located in the location. Such verification may be
done using cryptographic or signal processing techniques.
Inventors: |
WHITE; Christopher Jules;
(Nashville, TN) ; DOUGHERTY; Brian; (Nashville,
TN) ; CLANCY, III; Thomas Charles; (Washington,
DC) ; HAMRICK; David Alexander; (Nashville, TN)
; SHARPE; Grayson Gates; (Louisville, KY) ;
HANLIN; Robert Austin; (Nashville, TN) ; ZIENKIEWICZ;
Krzysztof Kamil; (Nashville, TN) ; THOMPSON;
Christopher Michael; (Nashville, TN) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Optio Labs, Inc. |
Boston |
MA |
US |
|
|
Assignee: |
OPTIO LABS, INC.
Boston
MA
|
Family ID: |
51529248 |
Appl. No.: |
14/210240 |
Filed: |
March 13, 2014 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61781252 |
Mar 14, 2013 |
|
|
|
61780408 |
Mar 13, 2013 |
|
|
|
61785109 |
Mar 14, 2013 |
|
|
|
61779931 |
Mar 13, 2013 |
|
|
|
61790728 |
Mar 15, 2013 |
|
|
|
Current U.S.
Class: |
455/41.2 |
Current CPC
Class: |
G06F 21/44 20130101;
Y02D 30/70 20200801; H04W 64/006 20130101; H04L 63/20 20130101;
G01S 5/02 20130101; H04W 12/00503 20190101; H04W 4/029 20180201;
G06F 2221/2111 20130101; H04L 63/0428 20130101; H04L 63/107
20130101; G06F 21/6218 20130101; H04W 4/02 20130101; H04W 64/00
20130101; H04W 4/80 20180201; H04W 84/10 20130101; G01S 5/00
20130101 |
Class at
Publication: |
455/41.2 |
International
Class: |
H04W 4/00 20060101
H04W004/00; H04W 4/02 20060101 H04W004/02 |
Claims
1. A method for securely proving the location of a device,
comprising: receiving one or more short range signals from a beacon
in a location; obtaining data from at least one of the short range
signals, wherein the data is location-dependent and time-dependent;
and securely determining the location of the device by verifying
that information related to the data obtained from the at least one
of the short range signals is consistent with expected information
for a device currently located in the location.
2. The method of claim 1, wherein the short range signals comprise
one or more of Bluetooth LE beacon signals, Bluetooth signals, near
field communication signals, acoustic signals, infrared signals, or
visual signals.
3. The method of claim 1, wherein the obtained data comprises one
or more of cryptographic data or a digitally signed location
identifier.
4. The method of claim 1, further comprising communicating the
information related to the data obtained from the at least one of
the short range signals to a server and wherein the communicated
information further comprises an identifier indicating the user of
the device.
5. The method of claim 4, further comprising receiving additional
data from the server and executing an application on the basis of
the additional data.
6. The method of claim 1, further wherein the securely determined
current location of the device is provided to one or more
applications or services on the device through inter-process
communication.
7. A method for securely proving the location of a device,
comprising: transmitting a time-varying and location-dependent
short range signal from a beacon at a location; receiving data
related to the short range signal from a device; and securely
determining that the device is in the location by determining if
the received data is consistent with data expected to be received
from a device currently located in the location.
8. The method of claim 7, wherein securely determining comprises
one or more of cryptographic processing, signal analysis, table
lookup, machine learning, or matching of the received data.
9. The method of claim 7, further comprising providing sensitive
data to the device upon securely determining the device's
location.
10. The method of claim 7, further comprising not providing
sensitive data to the device upon securely determining the device's
location.
11. The method of claim 7, further comprising authorizing a
financial transaction on the basis of the secure determination of
the device's location.
12. The method of claim 7, further comprising not authorizing a
financial transaction on the basis of the secure determination of
the device's location.
13. The method of claim 7, wherein the received data further
comprises a user identifier indicating the user of the device.
14. The method of claim 13, further comprising identifying a user
account associated with the user of the device based on the user
identifier.
15. The method of claim 14, further comprising awarding a reward to
the user account based on the result of the secure
determination.
16. The method of claim 7, further comprising granting the device
access to a network accessible resource based on the result of the
secure determination.
17. The method of claim 7, further comprising communicating the
location determination to a computational service.
18. The method of claim 17, wherein the communicated location
determination is a command to change behavior of the computational
service.
19. The method of claim 18, wherein the command comprises one or
more of controlling access to data within the computational
service, changing the control flow of a computation performed by
the computational service, querying a database of the computational
service, or authenticating with another server.
20. A system comprising: a device comprising: a receiver capable of
receiving a short-range signal from a beacon at a location; a
processor capable of obtaining data from the short-range signal,
wherein the data is location-dependent and time-dependent; and a
transmitter capable of communicating information related to the
obtained data to a server; and a server comprising: a receiver
capable of receiving the data related to the obtained data from the
device; and a location facility capable of securely determining the
location of the device, wherein securely determining the location
of the device comprises verifying that the received data is
consistent with the data expected to be received from a device
currently located in the location.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] Some of the aspects of the methods and systems described
herein have been described in U.S. Provisional Application Nos.
61/780,408 entitled "Systems And Methods To Synchronize Data To A
Mobile Device Based On A Device Usage Context", filed Mar. 13,
2013; 61/781,252 entitled "Systems And Methods To Secure
Short-Range Proximity Signals", filed Mar. 14, 2013; 61/781,509
entitled "Systems And Methods For Securing And Locating Computing
Devices", filed Mar. 14, 2013; 61/779,931 entitled "Systems And
Methods For Securing The Boot Process Of A Device Using Credentials
Stored On An Authentication Token", filed Mar. 13, 2013; 61/790,728
entitled "Systems And Methods For Enforcing Security In Mobile
Computing", filed Mar. 15, 2013; and U.S. Non-Provisional
application Ser. No. 13/735,885 entitled "Systems and Methods for
Enforcing Security in Mobile Computing", filed Jan. 7, 2013, each
of which is hereby incorporated by reference herein in its
entirety.
BACKGROUND OF THE INVENTION
[0002] The present invention is in the technical field of
communications security. More particularly, the present invention
is in the technical field of secure short-range communications
using a mobile device.
[0003] Stores, such as grocery stores, coffee shops, pharmacies,
convenience stores, clothing stores, and other stores, offer
customer loyalty programs to provide discounts and other incentives
to loyal customers. A key challenge of existing frequent customer
and customer loyalty programs is that they require the use of
external barcodes, RFID tags, ID numbers, or other identification
mechanisms. For example, some grocery stores provide barcodes on
keytags (i.e. small cards that may be attached to the customers'
key rings) to scan at checkout to obtain discounts. These existing
approaches to identifying frequent customers rely on extra objects,
such as keytags, that must be carried by customers or codes that
must be memorized. These existing approaches are inconvenient for
customers, do not provide information about where a user is located
in a store, and do not provide avenues for aiding or delivering
advertising or benefits, such as coupons, more effectively to
users.
[0004] One alternative approach provides virtual "keytags" for
scanning or otherwise inputting the barcode or ID number into an
application on a mobile device. While this approach removes the
physical card, fob or keytag, it still requires the customer obtain
a physical keytag or other item with the relevant identifying
information. Also, this approach is no less inconvenient, since the
customer still has to scan the screen of the device with the
virtual keytag, which is also less likely to work than scanning the
original keytag.
[0005] Some other approaches have suggested using mobile devices to
transmit customer loyalty information to the store upon entry, but
do not provide location-specific information (e.g. in which aisle
the customer is located) that can be effectively detected with a
mobile device. A need exists for methods and systems that overcome
the inconvenience of current systems.
SUMMARY OF THE INVENTION
[0006] The present invention includes a system for short-range
communications between a mobile device and another device to
securely provide location and location identification
information.
[0007] The present invention also includes a method for securely
locating a device by receiving one or more short range signals from
a beacon in a location, obtaining time-dependent and
location-dependent data from at least one of the short range
signals, and communicating the information related to the data
obtained from at least one of the short range signals to the
server. The information is suitable for use by the server to
securely determine the location of the device, including verifying
that the information is consistent with the information expected to
be received from a device currently located in the location.
[0008] Embodiments of the present invention may use short range
signals such as Bluetooth LE beacon signals, Bluetooth signals,
near field communication signals, acoustic signals, infrared
signals, or visual signals. The data obtained from the short range
signals may include time-dependent cryptographic data,
location-dependent cryptographic data, time-dependent data,
location-dependent data, or a digitally signed location identifier.
The information communicated to the server may additionally include
an identifier indicating the user of the device. Additionally, the
device may execute an application based on additional data received
from the server.
[0009] In embodiments of the present invention, secure
determination of the location of the device may include
cryptographic processing, signal analysis, table lookup, machine
learning, or matching of the received data. Based on the secure
determination of location, sensitive data may be provided or not
provided to the device, access to a network accessible resource may
be granted or not granted, and financial transactions may be
authorized or not authorized. In embodiments where the data
received by the server includes a user identifier indicating the
user of the device, the server may additionally identify a user
account associated with the user of the device based on the user
identifier, or may request a separate server to do so. The user
account may be credited, debited, rewarded, or otherwise affected
based on the result of the secure determination. In some
embodiments, the location is communicated to a computational
service, where the communicated location determination may be
treated as a command such as controlling access to data within the
computational service, changing the control flow of computation in
the computational service, querying a database of the computational
service, or authenticating the device with another server.
[0010] The present invention may provide customer location
information in addition to the customer identification information.
In some embodiments, the present invention may also use certain
events sent over an inter-process communication (IPC) mechanism to
securely trigger execution of an application on the device.
BRIEF DESCRIPTION OF THE FIGURES
[0011] FIG. 1 depicts certain components of a system for providing
customer location and identification according to certain preferred
embodiments described herein.
[0012] FIG. 2 describes an embodiment of the invention performed by
a device.
[0013] FIG. 3 describes an embodiment of the invention performed by
a server.
[0014] FIG. 4 illustrates the data flowing between a device and a
server in an embodiment of the invention.
DETAILED DESCRIPTION
[0015] Referring to FIG. 1, a device 102 may include one or more of
a processor 103, a memory 105, a communication facility 108, a
location-aware facility 110 that may be adapted to send and receive
transmissions through the communication facility 108 via a network
106, and an IPC facility 112 that may be adapted to send and
receive communications between processes executing on processor
103. Communication facility 108 may provide an input and/or output
mechanism to communicate with other network devices such as
business server 116. Such transmissions may include short-range
proximity information from one or more short-range proximity radios
118A-C. Such transmissions may also include information to and from
a business server 116. The communication facility 108 may also
provide communication with, for example, other gateways, wireless
access nodes, and other servers to send and receive data such as
packets and messages. The communication facility 108 may provide
connectivity to 3G, 4G, WiFi, or other network types. Processor 103
runs software which uses the communication facility 108, the
location-aware facility 110, and the memory 105. Memory 105
comprises storage media such as a tangible, non-transitory computer
readable medium, a programmable read only memory (PROM), or flash
memory. Processor 103 may be any computer chip that is capable of
executing program instruction streams that are part of a software
program. Processor 103 may have multiple cores for executing
multiple streams of program instructions simultaneously. The
processor 103 may also have multiple sub-processors which are
optimized for executing particular categories of program
instructions and are controlled by the processor. The memory 105 is
capable of storing and retrieving program instructions, program
data, or any other data that is used by the processor. The
processor 103 may store and retrieve data from the memory as a
software program is executed.
[0016] The location-aware facility 110 may provide information to
one or more applications via IPC facility 112. In some embodiments,
an application process 114A may, in response to information
provided by the location-aware facility 110, transmit an event
indicating a business location change via the IPC facility 112 to a
second application process 114B. The second application process
114B may be dynamically launched to execute logic from the
application.
[0017] The business server 116 may be part of a business system
104, which may transmit data to the device 102 for determining the
location of the device 102 and/or for providing information to the
device 102 based on the location of the device 102.
[0018] We now describe a method for providing a secure short-range
proximity signal that may include providing a device 102, wherein
the device 102 includes a location-aware facility 110 and a
communication facility 108; and providing a business system 104 to
provide information to the device 102 based on the location of the
device 102, wherein the business system 104 may include one or more
short-range proximity radios 118A-C for identifying the location of
the device 102, and a business server 116 for providing the
information.
[0019] FIG. 2 illustrates one embodiment of this method. In step
200, the device receives one or more short range signals from a
plurality of locations. In step 201, the device obtains data from
at least one of the one or more short range signals. Such data may
be obtained directly from the short range signal or may be derived
from the short range signal or otherwise obtained by processing of
the short range signal. In step 202, the device transmits
information related to the data obtained from the short range
signal to a server to serve as basis for a secure location
determination.
[0020] The device 102 may be a mobile phone, a tablet, personal
digital assistant, a watch, a laptop, or some other device. The
device 102 may have one or more applications executing. In some
embodiments, the applications may execute in one or more processes
114A-B. The processes 114A-B may be connected to an inter-process
communications facility 112 to facilitate communication between one
or more processes 114A-B, and between one or more processes 114A-B
and the location-aware facility 110. In some embodiments, the
inter-process communications facility 112 may be an inter-process
communications firewall to enforce rules governing communication
between two subsystems.
[0021] In at least some embodiments, Wi-Fi, cellular, Bluetooth, or
Bluetooth Low Energy (Bluetooth LE) network events may indicate
entrance or exit from a business location. In some embodiments,
network events may be sent over the inter-process communication
facility 112 to automatically trigger the execution of logic
contained within a business aiding application running in a process
114 A and/or B. Such networking events indicating a business
location change may be generated in a first process 114A,
transmitted over an inter-process communication facility 112, and
then delivered to a second process 114B that is dynamically
launched to execute logic from the business aiding application.
This aspect of the disclosure allows the business aiding
application's code to be dynamically loaded into memory and
executed upon a networking event, such as a device 102 with a
specific Wi-Fi SSID coming into range, which may indicate a
business location has been entered or exited. Once this application
code is loaded into memory, the application may interact with the
user of the device 102 by doing one or more of the following: 1.)
using business logic to devise and present personalized discounts
based on the user's location in the business and their buying
history, 2.) providing a mechanism for requesting help from a
customer representative of the store, 3.) offering one or more
personalized advertisements, and 4.) offering help and/or
directions to a specific product.
[0022] The location-aware facility 110 may be adapted to send and
receive transmissions through a communication facility 108 via a
network 106. The location-aware facility 110 may use a hybrid
positioning system; triangulation, trilateration or multilateration
using signals such as from a plurality of short-range proximity
radios 118A-C, wireless internet signals, Bluetooth sensors; and/or
some other positioning system to identify the location of device
102.
[0023] The transmissions between the communication facility 108 and
the network may utilize one or more short-range proximity signals,
such as, but not limited to, cellular, Bluetooth, Bluetooth LE,
near-field communication, RFID, Wi-Fi, infrared, and an acoustic
signal, such as ultrasonic sound. The transmissions may include
short-range proximity information from one or more short-range
proximity radios 118A-C. Such transmissions may also include
information associated with the location of the device 102 to
and/or from the business server 116. For example, the information
may include customer loyalty information, store information, store
navigation information, purchasing information, a coupon, barcode
scanning information, product browsing information, shopping cart
information, sensitive information, and/or other business-aiding
information.
[0024] The business server 116 may be part of a business system
104. In some embodiments, the business server 116 may include a
location calculator 120, a business operations system 122, an
advertising operations system 124 and one or more other operations
systems 126. The location calculator 120 may, in response to data
associated with a customer device 102, and received via one or more
short-range proximity radios 118A-C, identify the location of the
customer device 102. The advertising operations system 124 may
identify advertisements to be delivered to a customer device 102
based on a location identified by the location calculator 120. The
business operations system 122 may process a business transaction
in response to a location of a customer device 102 identified by
the location calculator 120. For example, the location calculator
120 may identify that a customer device is standing in front of an
end cap for some cookies that are on sale. In the same example, in
response to the identification by the location calculator 120, the
advertising operations system 124, may deliver a coupon for the
cookies to the customer device 102. Continuing with the same
example, in response to the same identification by the location
calculator 120, the business operations system 122 may project
that, based on the rate of cookie sales to people who have stood in
the same location, the store should submit an order for more of the
cookies. In another example, in response to an identification by
the location calculator 120, the business operations system 122 may
generate date/time specific suggestions/reminders based on the
customer demographic. The other operations systems 126 may be any
other systems, such as, but not limited invoice printing, security,
CRM, or other systems.
[0025] An aspect of the current disclosure is that the short-range
proximity signal may transmit time-dependent cryptographic,
identity, and/or session data that the device 102 may collect and
use to indicate its location via one or more messages to the
business server 116. Because the data is time-dependent, the secure
location determination cannot be spoofed by playback of
earlier-recorded information obtained from signals. The device 102
may either directly transmit the data received over the short-range
proximity signal to the business server 116 to indicate location,
or use the data to create derivative data that the device 102 may
send to the business server 116. Such derivative data may be a
cryptographic hash, a signature, or other data.
[0026] FIG. 3 displays one embodiment by which the business server
processes the location indication data. At step 300, the server
transmits a short range signal from a first location. At step 301,
the server receives data related to the short rang signal from the
device. At step 302, the server securely determines the location of
the device. Such secure determination may further incorporate
verification of the devices location. The business server may use a
variety of methods to analyze and/or verify the authenticity of the
device's location indication data in order to make a secure
location determination, including, but not limited to,
cryptographic verification, time-based verification, a lookup table
verification, a signal analysis, machine learning classification,
or some combination thereof.
[0027] Once the location has been securely determined, the business
server may send sensitive data to the device. For example, in one
embodiment, the business server may send trade secret data, such as
pricing information to the device. In another embodiment, the
server may send a personal shopping history or wishlist to the
device. In yet another embodiment, the server may send payment
information to the device.
[0028] Another embodiment of the invention may use the secure
location determination to ensure that a customer is in the location
where a financial transaction associated with the user's account is
being processed. The server may use the secure location
determination to confirm that the customer is in the location of
the financial transaction and authorize the transaction. The server
may also determine that the customer is not in the location
associated with the transaction and not authorize the
transaction.
[0029] In some embodiments, the device may include an identifier
for the user of the device so that the server can securely
determine both the location of the device and the user of the
device. The server may use a cryptographic protocol or database
lookup to verify the authenticity of the user identifier. The
server may use the identification of the user to determine a
customer account, such as a loyalty or rewards program account
associated with the user. As a result of the location determination
and identification of the user's account, the user may be rewarded
in some fashion, including, but not limited to, receiving points,
credit, coupons, or other incentives.
[0030] In another embodiment, the server may use the location
determination to authorize or not authorize access to a network
resource. For example, the server may authorize use of a printer or
wireless network that is associated with the location. In another
example, the server may authorize access to a healthcare medical
records system as a result of determining that a device is within a
healthcare setting. The network resource may be accessed via a
variety of network communication protocols, including but not
limited to, the hyper-text transfer protocol, secure hyper-text
transfer protocol, user datagram protocol, and transmission control
protocol.
[0031] The business server may control access to a variety of
network resource types, including but not limited to, retail
business, healthcare, military, financial, or trade secret
resources. For example, the business server may grant access to
healthcare resources based on location of a user device within a
hospital, or may deny access to military resources based on
location of a user device outside of a secure military network.
Further, the resource may be data, a computational resource, such
as a web service, or some combination thereof. For example, the
access to healthcare resources may include access to medical
charts, access to prescription information, or access to hospital
communications systems, while access to financial resources may
include access to stock trading systems, access to quantitative
analysis computation services, or access to a transaction
processing system.
[0032] The server may also provide the location and/or user
determination to the network resource so that it can adapt its
behavior based on the user and/or location, including but not
limited to altering the control flow or branching of the program's
execution; parameterizing, selecting, or constructing database
queries; or authenticating with another server using some
combination of the user, location, and/or first server's identity
or other information provided by it. For example, the location of a
device outside a location may trigger a database query to a
location database to determine the next likely location of the
device, while the location of a device inside a location may
authenticate the user of the device to a second server in order to
allow the user to access computation resources within the second
server. In another embodiment, product information retrieved from a
network resource may be adapted based on the location provided to
the network resources.
[0033] In an exemplary embodiment of the invention, the location of
the device is used to authorize a financial transaction. The device
receives and processes a short range signal to obtain data. The
data is used to encrypt a user financial account identifier. The
encrypted user financial account identifier is transmitted to a
server. The server decrypts the data and securely determines
whether the device is in a location wherein a transaction is
occurring utilizing the user financial account. If the secure
location determination indicates the device is in the location, the
server authorizes the financial transaction. Otherwise, the server
does not authorize the financial transaction. FIG. 4 illustrates
the communication of data in the above exemplary embodiment.
[0034] A secure location determination may be part of determining a
device context as described in U.S. Provisional Patent Application
No. 61/780,408, at pages 3-4, which is incorporated herein by
reference. Secure location determination may also be used as
described in U.S. Provisional Patent Application No. 61/785,109 at
paragraphs [0004] and [0027]-[0033], which is incorporated herein
by reference, by securely locating the device for use in
location-based authorization, and may further be of use in securely
authenticating a user prior to enabling an operating system, as
described in U.S. Provisional Patent Application No. 61/779,931 at
paragraphs [0013]-[0014], which is incorporated herein by
reference. Secure determination of a location may be performed in a
trusted zone of a processor in some embodiments as described in
U.S. Provisional Patent Application No. 61/790,728 at paragraphs
[0095], which is incorporated herein by reference.
[0035] While the foregoing written description of the invention
enables one of ordinary skill to make and use what is considered
presently to be the best mode thereof, those of ordinary skill will
understand and appreciate the existence of variations,
combinations, and equivalents of the specific embodiment, method,
and examples herein. The invention should therefore not be limited
by the above described embodiment, method, and examples, but by all
embodiments and methods within the scope and spirit of the
invention.
* * * * *