公开(公告)号：US20150278795A1

公开(公告)日：2015-10-01

申请号：US14226785

申请日：2014-03-26

Applicant: GOOGLE INC.

Inventor： Fan Jiang ,  Aneto Pablo Okonkwo ,  Erwin Aitenbichler

IPC: G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/32 ,  G06Q20/12 ,  G06Q20/3278 ,  G06Q20/38215 ,  G06Q20/3823 ,  G06Q20/3829 ,  G06Q20/388 ,  G06Q20/40

Abstract: A method for providing secure offline payments comprises an account system that communicates a signed balance certificate to a user device. The system accesses the user's account, determines the available unlocked funds, creates and signs a balance certificate, and transmits the signed balance certificate to the user device. To complete an offline payment transaction, the user device and a merchant device establish a communication channel. The merchant device transmits a payment request to the user device. A signed withdrawal record and the signed balance certificate are transmitted to the merchant device for verification and completion of the offline payment transaction. The merchant device signs the withdrawal record, transmits it to the user device, and saves it until the merchant device has network access and can transmit the it to the system. The system verifies the withdrawal record and records it in the user's account.

Abstract translation: 用于提供安全离线支付的方法包括将签名的余额证明传送给用户设备的帐户系统。 系统访问用户帐户，确定可用的解锁资金，创建并签署余额证书，并将签名的余额证明书发送给用户设备。 为了完成离线支付交易，用户设备和商家设备建立通信信道。 商家设备向用户设备发送支付请求。 已签署的提款记录和签名的余额凭证被传送到商家设备以进行离线支付交易的验证和完成。 商家设备签收提款记录，将其发送给用户设备，并保存，直到商家设备具有网络访问权限，并将其发送到系统。 系统验证提款记录并将其记录在用户的帐户中。

公开(公告)号：US09584489B2

公开(公告)日：2017-02-28

申请号：US14725818

申请日：2015-05-29

Applicant: GOOGLE INC.

Inventor： Roger Trias Sanz ,  Erwin Aitenbichler

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06Q20/401 ,  G06Q2220/12 ,  H04L9/3231 ,  H04L63/0861 ,  H04L2209/56 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/08

Abstract: Controlling access resource functions. Establishing, by a resource access manager, enrollment information (e) for each of a plurality of users. Encrypting, by the access manager, each received (e) in an authorization data item for the corresponding user. Transmitting, by the access manager, each authorization data item to a corresponding user device. Receiving, by a resource control point, from a user device, a request for access to a function of the resource, the request for access comprising the received authorization data item and verification information (v). Decrypting, by the control point, the received authorization data item to extract (e). Determining, by the control point, a similarity measure between (v) and (e). For a determined similarity measure greater than or equal to a threshold, authorizing, by the control point, the request for access. For a determined similarity measure less than the threshold, denying, by control point, the request for access.

Abstract translation: 控制访问资源功能。 由资源访问管理器建立用于多个用户中的每一个的登记信息（e）。 由访问管理器加密，每个在相应用户的授权数据项中接收（e）。 由访问管理器将每个授权数据项发送给相应的用户设备。 由资源控制点从用户设备接收访问资源的功能的请求，包括接收的授权数据项的验证请求和验证信息（v）。 通过控制点解密接收到的授权数据项以提取（e）。 通过控制点确定（v）和（e）之间的相似性度量。 对于大于或等于阈值的确定的相似性度量，由控制点授权访问请求。 对于小于阈值的确定的相似性度量，通过控制点拒绝访问请求。

公开(公告)号：US20160255055A1

公开(公告)日：2016-09-01

申请号：US14725818

申请日：2015-05-29

Applicant: GOOGLE INC.

Inventor： Roger Trias Sanz ,  Erwin Aitenbichler

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06Q20/401 ,  G06Q2220/12 ,  H04L9/3231 ,  H04L63/0861 ,  H04L2209/56 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/08

Abstract: Controlling access resource functions. Establishing, by a resource access manager, enrollment information (e) for each of a plurality of users. Encrypting, by the access manager, each received (e) in an authorization data item for the corresponding user. Transmitting, by the access manager, each authorization data item to a corresponding user device. Receiving, by a resource control point, from a user device, a request for access to a function of the resource, the request for access comprising the received authorization data item and verification information (v). Decrypting, by the control point, the received authorization data item to extract (e). Determining, by the control point, a similarity measure between (v) and (e). For a determined similarity measure greater than or equal to a threshold, authorizing, by the control point, the request for access. For a determined similarity measure less than the threshold, denying, by control point, the request for access.

Abstract translation: 控制访问资源功能。 由资源访问管理器建立用于多个用户中的每一个的登记信息（e）。 由访问管理器加密，每个在相应用户的授权数据项中接收（e）。 由访问管理器将每个授权数据项发送给相应的用户设备。 由资源控制点从用户设备接收访问资源的功能的请求，包括接收的授权数据项的验证请求和验证信息（v）。 通过控制点解密接收到的授权数据项以提取（e）。 通过控制点确定（v）和（e）之间的相似性度量。 对于大于或等于阈值的确定的相似性度量，由控制点授权访问请求。 对于小于阈值的确定的相似性度量，通过控制点拒绝访问请求。

公开(公告)号：US20170126635A1

公开(公告)日：2017-05-04

申请号：US15408348

申请日：2017-01-17

Applicant: GOOGLE INC.

Inventor： Roger Trias Sanz ,  Erwin Aitenbichler

IPC: H04L29/06 ,  H04W12/06 ,  G06Q20/40 ,  H04L9/32

Abstract: Controlling access resource functions. Establishing, by a resource access manager, enrollment information (e) for each of a plurality of users. Encrypting, by the access manager, each received (e) in an authorization data item for the corresponding user. Transmitting, by the access manager, each authorization data item to a corresponding user device. Receiving, by a resource control point, from a user device, a request for access to a function of the resource, the request for access comprising the received authorization data item and verification information (v). Decrypting, by the control point, the received authorization data item to extract (e). Determining, by the control point, a similarity measure between (v) and (e). For a determined similarity measure greater than or equal to a threshold, authorizing, by the control point, the request for access. For a determined similarity measure less than the threshold, denying, by control point, the request for access.

公开(公告)号：US20160371716A1

公开(公告)日：2016-12-22

申请号：US14744716

申请日：2015-06-19

Applicant: GOOGLE INC.

Inventor： Erwin Aitenbichler ,  Iyad Assad ,  Aneto Pablo Okonkwo

IPC: G06Q30/02 ,  G06Q20/38

CPC classification number: G06Q30/0233 ,  G06Q20/387 ,  G06Q30/0207

Abstract: A method for redeeming rewards during an offline payment transaction. Once a user reaches a reward threshold, a reward certificate is transmitted to a merchant device by an account system. The user initiates a payment transaction when the devices are without network access to the account system. The user device transmits a withdrawal record, a transaction history, a reward redemption history, and an identification to the merchant device. The merchant device determines whether the user has an available reward, whether additional funds are required to process the offline payment transaction, and whether the user device has a sufficient balance to complete the offline payment transaction. The merchant device prepares a withdrawal record, writes it to the user device, and saves it until the merchant device has network access. When the merchant device has network access, it transmits the withdrawal record and transaction history to the account system.

Abstract translation: 在离线支付交易期间兑换奖励的方法。 一旦用户达到奖励阈值，则奖励证书由帐户系统发送给商家设备。 当设备没有网络访问帐户系统时，用户启动支付交易。 用户设备向商家设备发送提款记录，交易记录，奖励兑换历史和标识。 商家设备确定用户是否具有可用的奖励，是否需要额外的资金来处理离线支付交易，以及用户设备是否具有足够的余额来完成离线支付交易。 商家设备准备提款记录，将其写入用户设备，并保存到商家设备进行网络访问。 当商家设备具有网络访问权限时，它将提款记录和交易记录传送到帐户系统。