1. Field of the Invention
The present invention relates to a wireless portable security device along with several method of use for providing an automated multi-factor authentication for RFID payment process and online transactions including email correspondence on mobile devices as well secure access to Automated Teller Machines (ATM) and local and remote access login devices. The security device will wirelessly pair with a mobile device, and while positioned in the close proximity of the mobile device, will authenticate various electronic transactions made via the paired mobile device.
2. Description of Prior Art
Mobile devices such as cellular phones and tablet computers are often used to perform electronic transactions such as RFID payment process, as well as online financial transactions, personal and private information accesses, web-based purchases of products and email correspondences. To authenticate such accesses and transactions on mobile devices, various methods and devices are being used.
One approach is to place biometric scanners such as fingerprint readers on the mobile device itself. One issue with this approach is that a person's fingerprint information can be hi-jacked via malicious software that might have been inadvertently loaded and be operating on the mobile device. The other drawback for this approach is the lack of convenience to the legitimate user of the mobile device, as he or she would then be required to constantly swipe their fingerprint for scanning and validation prior to performing a transaction on their mobile device.
Another approach is to enter a password prior to each RFID transaction and online access by the mobile device. This approach also presents a deficiency as it a) is vulnerable to being hi-jacked via malicious software that might have been inadvertently loaded on the mobile device and b) is inconvenient for user to have to enter a password on each RFID transaction.
Yet another approach involves the use of a secondary portable device with an LCD display. The device constantly displays a sequence of numbers that is randomly generated and time-synchronized with an outside base station. The displayed number gets updated on a fixed interval of times, typically every 60 seconds. The user has to enter that number on the mobile device prior to performing a transaction. The outside base station then checks the validity of the randomly generated number being sent by the mobile device.
Yet another approach involves the use of another secondary portable device with an LCD display. The said device is capable of receiving messages such as passwords, wirelessly from a base-station. Once the user initiates an online transaction, the corresponding host station will send a secondary and often temporarily password to the portable device which the user has to enter on their mobile device prior to performing the transaction.
Automated Teller Machines (ATM) and banking centers typically utilize an ATM card in conjunction with a password or PIN number as a two factor authentication process to grant account access to customers. This approach for two factor authentication solution poses major security issue as the PIN number can be easily hijacked and the ATM card can be stolen or replicated.