OA17806A - Networked authentication of encrypted digital items. - Google Patents

Abstract

Networked authentication systems and methods are described including using a mobile network operator (MNO) agent in communication with an authentication system, a data storage, and a wireless handset via a network, the MNO agent configured to, receive a request for encrypted validated data denominations from the wireless handset via the network, generate encrypted data denomination corresponding to the requested denomination, retrieve, from the data storage, numbers of validator strings corresponding to the requested data denomination, wherein the validators are received from the authentication system prior to and/or after receiving the request, and append the corresponding number of validator strings to the requested data denominations.

Description

NETWORKED AUTHENTICATION OF ENCRYPTED DIGITAL ITEMS

FIELD [0001] The présent invention relates.generally to computer and networked communication, 5 encryption and authentication Systems.

BACKGROUNDOF THEINVENTION [0002] There is a need for cryptographie networked communication and authentication of yarious.formàts.

¹⁰

SUMMÀRY OF THE INVENTION [0.003] Systems and methods here include a networked authentication System, including a mobile .network operator .(MNO) agent in communication With an· authentication system, a data storage, and .a wirêlesS handset via a network, the MNO agent configured to, receive a request • 15 for validated data .dénominations fromthewireless handset via the network, generate encrypted data dénomination corresponding to the requested dénomination, retrieve, from the data storage, numbers of encryption validator strings corresponding to the requested data dénomination, wherein the encryption validatorsare received from the authentication system prior to receiving the request, and.append the corresponding number of encryption validator 20 strings to the requested data dénominations. In certain examples, wherein the encryption validator strings are alpha nümeric strings :and/or encrypted digital watermarks. In some • -exemples, the .validator strings-are from a . block of pre-ordered encryption validators from the •authentication system, received from the authentication system prior to receiving the request. Arid some exemples -send the appended validator strings and data dénominations to the 25 requestingwireless handset for storage. In some exemples, an èxchange authentication system and a second authentication system, in communication with the authentication system via the network, the authentication-system further configured to, send the appended encryption validator string and data dénomination to the exchange authentication system via the network, retire the encryption validator string when it is sent to the exchange authentication system, the 30 .exchange'authentication system configured to, receive théappended encryption validator string and data corresponding to the dénomination from the authentication system via the network, remove .the encryption validator string from the data dénomination, generate an exetiange • validator string for the dénomination, append the exchange validator string to the data dénomination, send the appended exchange validator string and data dénomination to the second authentication system via the network, retire the exchange encryption validator string when it is sent to the second authentication system, the second authentication system configured to, receive the appended exchange encryption validator string and data dénomination from the exchange authentication system via the network, remove the exchange encryption validator string from the data dénomination, generate a second encryption validator string for the dénomination append the second encryption validator string to the data dénomination, send the appended second encryption validator string and data dénomination to a second wireless handset for storage via the network. Some examples hâve exchange authentication system changes the data dénomination according to a rate of exchange between the first authentication system and the second authentication system.

[0004] Certain example embodiments here include Systems and methods for a networked authentication system, including a first authentication system, an exchange authentication system and a second authentication system, ail in communication via a network, the first authentication system configured to, receive a request from a first wireless handset for a dénomination, via the network, generate encrypted data dénomination corresponding to the requested dénomination, generate a first validator string for the dénomination, append the first validator string to the encrypted data dénomination, send the appended first validator string and encrypted data dénomination to the exchange authentication system via the network, retire the first validator string when it is sent to the exchange authentication system, the exchange authentication system configured to, receive the appended first validator string and encrypted data corresponding to the dénomination from the first authentication system via the network, remove the first validator string from the encrypted data dénomination, generate an exchange validator string for the dénomination, append the exchange validator string to the encrypted data dénomination, send the appended exchange validator string and data dénomination to the second authentication system via the network, retire the exchange validator string when it is sent to the second authentication system, the second authentication system configured to, receive the appended exchange validator string and encrypted data dénomination from the exchange authentication system via the network, remove the exchange validator string from the encrypted data dénomination, generate a second validator string for the dénomination, append the second validator string to the encrypted data dénomination, send the appended second validator string and encrypted data dénomination to a second wireiess handset for storage via the network. Certain examples embodiments include the authentication system further configured to, send the appended validator strings and data dénominations to the requesting wireless handset for storage.

[0005] A further understanding of the nature and advantages of the présent invention herein may be realized by reference to the remaining portions of the spécification and the attached drawings. Further features and advantages of the présent invention as well as the structure and operation of various embodiments of the présent invention are described in detail below with respect to the accompanying drawings. In the drawings, the same reference numbers indicate identical or functionally similar éléments.

BRIEF DESCRIPTION OF THE DRAWINGS [0006] FIG. 1 illustrâtes the relationship between a digital item authentication management system, a central authorization system, and a digital item issuance system according to the disclosed technology.

[0007] FIG.s 2A and 2B illustrate exemplary methods according to the disclosed technology. [0008] FIG. 3 illustrâtes the authorization and distribution of exemplary digital item authorization devices according to the disclosed technology.

[0009] FIG. 4 illustrâtes a method of cascading authority between digital item authorization devices according to the disclosed technology.

[0010] FIG. 5 illustrâtes exemplary relationships between digital item authorization devices when cascading authority according to the disclosed technology.

[0011] FIG. 6 illustrâtes an exemplary central authorization system regulated ecosystem according to the disclosed technology.

[0012] FIG. 7 illustrâtes an exemplary central authorization system regulated ecosystem utilizing authenticated digital items according to the disclosed technology.

[0013] FIG. 8 illustrâtes an exemplary process basic flow with a single digital item issuance system according to the disclosed technology.

[0014] FIG. 9 is a sequence diagram illustrating the sequence of events for FIG. 2A for remitting money from sender to receiver, withdrawing and retiring the withdrawn electronic money.

[0015] FIG. 10 illustrâtes an electronic currency system according to another exemplary embodiment of the présent invention.

[0016] FIG. 11 illustrâtes an international electronic currency system according to an exemplary embodiment of the présent invention.

[0017] FIG. 12 illustrâtes an exemplary computing device according to the disclosed technology.

[0018] FIG. 13 illustrâtes an exemplary encryption diagram according to the disclosed technology.

DETAILED DESCRIPTION OF THE INVENTION [0019] Reference will now be made in detail to the embodiments ofthe invention, examples of which are illustrated in the accompanying drawings. While the invention will be described in conjunction with the preferred embodiments, it will be understood that they are not intended to limit the invention to these embodiments. On the contrary, the invention is intended to cover alternatives, modifications and équivalents which may be included within the spirit and scope of the invention as defined by the appended claims. Furthermore, in the following detailed description of the présent invention, numerous spécifie details are set forth to provide a thorough understanding of the présent invention. However, it will be obvious to one of ordinary skill in the art that the présent invention may be practiced without these spécifie details. In other instances, well-known methods, procedures, components, and circuits hâve not been described in detail so as to not unnecessarily obscure aspects ofthe présent invention.

[0020] Overview [0021] Digital items, such as electronic documents, stock shares, electronic money, digital certificates, and the like, are widely used and distributed in the world today. One of the biggest challenges associated with the widespread use of digital items relates to an entity’s ability to verify the authenticity of a digital item. In the digital world, it may be useful in a transaction that the authenticity of any digital items involved in the transaction be established, or at a minimum, vérifiable as well as encrypted.

[0022] As disclosed herein, a digital item can be authenticated by inserting a cryptogram, signature, or other identifier into the digital item using the methods and Systems disclosed herein. These items may be referred to herein as digital item validators. In addition, an authentication component, such as a hardware or software authentication component, such as an encryption/decryption machine can be used to provide the authentication for a digital item. Furthermore, such an authentication component can be distributed to an entity that has the capability to create a digital item, and used to authenticate the digital items created by that entity. For example, a publisher of digital certificates may be given an authentication component that allows it to authenticate each digital certificate it créâtes or publishes, thereby enabling any récipient of one ofthe digital certificates to verify its authenticity. To be effective and reliable, it is préférable that any . such authentication component be regulated and authenticated by a widely accepted controlling entity (i.e. a central authorization system) to prevent fraudulent création or use of illegitimate authentication components.

[0023] Transactions involving electronic money are examples of transactions involving digital items, and are used extensively herein to illustrate the utility of the disclosed technology. As such, much of the description and examples set forth herein are described with regard to electronic money and electronic currency. However, it should be understood that the technology described herein are is applicable to other types of digital or electronic items, and are not limited to electronic money or electronic currency.

[0024] Use of networked or online Systems including wireless Systems, could be used to move, transfer, remit and utilize the digital items among members of a group and as customer/merchants. Thus, the establishment of an exchange of digital items through users’ wireless smartphones and with network connected Systems, would allow for the transfer of encrypted digital items through wireless mobile network operators, network administrators and public exchanges. Thus, by utilizing such networks, the digital items could be issued and tracked by a central processing unit, track the movement of such issued digital items, and ensure their encrypted security throughout the network.

[0025] Electronic Data such as Money [0026] Money is a widely used measure of wealth. It refers to any object or record that can be redeemed as payment for goods and services. Examples of money include tickets, tokens, poker chips, and the like, many of which hâve their value identified using widely accepted and commonly known dénominations. Like many types of digital items, money is now usable in electronic form in addition to its physical form. Electronic money refers to any form of money that retains the characteristics of physical money while being usable in its electronic form, for example, redeemed as payment for goods and services, transmitted from one entity to another, and the like. While many types of electronic money, like physical money, hâve their values identified using widely accepted dénominations, some types use alternative dénominations for valuation. These forms of electronic money are referred to as pseudo electronic money. Examples of pseudo electronic money includes loyalty card points, pre-paid cell phone minutes, mobile minutes, and the like, which hâve quantitative value without utilizing a widely accepted dénomination value.

[0027] Currency, which is a subset of money, refers to any generally accepted medium of exchange that has been certified or authenticated by a central authority, such as a central bank. A subset of currency includes fiat money, which refers to any currency that is officially recognized as a legal currency by a government, and can be exchanged into circulating notes and coins in that currency. As disclosed herein, it is advantageous for currency to be usable in electronic form in similar fashion to the way electronic money can be used as money. Electronic currency would be advantageous compared to electronic money because it would retain ail of the advantages of physical currency (i.e. certification by a central bank), and would be usable in a completely open ecosystem, thereby also retaining the bénéficiai attributes of fiat money. [0028] The following example illustrâtes the distinction between money and currency. Imagine that a youth visits a fun fair where, for the sake of simplicity, ail of the games, rides, refreshment stalls and vending machines hâve been standardized to accept only quarter dollar coins. The youth has $25 in bills and exchanges these at the entrance to the funfair for 100 quarters. He can enjoy himself on the rides, play the games and consumes food and drink, ail paid for in quarters. When he gets bored, he knows he can go straight home with however many quarters he has left and spend them over the coming days anywhere he wants.

[0029] Now imagine a lady who goes to a casino with $25 in bills and changes these at the entrance into plastic gaming counters. For simplicity, ail of the gaming tables, slot machines, bars and food outlets accept the gaming counters, and a lucky person can pay for their refreshments out of their winnings and still go home with a profit. However, the lady cannot spend her counters outside the doors of the casino. She therefore has to consider the possibility that when she leaves, her remaining counters may be too few to hâve an automatic right of repayment, there may be a long queue at the exchange window (or it may hâve closed for the night), she may find that in the small print a transaction charge or spread is levied on the reverse exchange, or she may simply forget to make the exchange and return home with essentially useless pièces of plastic in her bag.

[0030] In both examples, the currency (fiat money) has been changed into some other form of exchange that makes it more useful in a particular local context, or ‘ecosystem,’ designed around their use. The différence is that while the quarters from the first scénario are another form of fiat money, and thus, equally as fungible as the bills, the gaming counters are not. Specifically, the boy received a fungible “currency,” while the lady received “money.” By analogy, the disclosed technology enables the conversion of fiat money into fully fungible electronic currency.

[0031] As the use of electronic commerce developed, the use of electronic money also increased and became widely accepted, for example, in the form of mobile money. The availability of mobile phone networks and the considérable pénétration of mobile phone handsets has fueled and enabled this development. Mobile network operators, or MNO’s, hâve met the needs of their customers to hâve the very basic money related services with a variety of applications. Collectively, these applications make up the world of mobile money. The availability and ease-of-use of mobile money has made it popular across a broad démographie, spanning both the “unbanked” and the “banked” customers of mobile operators. Among the “unbanked” population, with no access to any formai financial services, mobile money is a necessity that until now has gone unmet. Among the “banked” populations, who hâve access to traditional financial services, mobile money is an essential convenience. The use of mobile devices to conduct electronic commerce transactions has been referred to as mobile commerce, which is also known as Μ-Commerce or mCommerce. More specifically, mobile commerce refers to the ability to conduct commerce using a mobile device, such as a mobile phone, a Smart phone, a Personal Digital Assistant (PDA), or other mobile device.

[0032] Up until now, the developments surrounding the use of electronic money hâve occurred without the involvement of a central bank. As a resuit, the types of electronic money in use today are actually types of pseudo electronic money which are used within closed Systems. The use of electronic money within closed Systems is limited because only the issuers of the pseudo electronic money (e.g. the mobile network operators) are able to honor the value of the electronic money. Thus, the electronic money is only usable within the closed system of their respective networks. This is especially true for the use of electronic money with mobile devices. Thus, interoperability of mobile money between closed Systems is impossible, and the effective value of different types of electronic money is questionable.

[0033] Examples Of Electronic Money [0034] As indicated above, there are many examples of electronic money in use today. In one system, an account holder can crédit fiat money to his online account using a credit/debit card or an electronic funds transfer from a linked bank account. The money held in the account can then be transferred via an on-line transaction to any récipient with an email address. The récipient can then hâve the electronic money withdrawn into a fiat money bank account. This allows the transfer of fiat money funds between any two parties without requiring any trust between the parties.

[0035] In another system, users can download a person-to-person client program that runs on their computer and mobile computer and communicate with similar programs being run by other users. The application enables users to participate in ‘lotteries,’ with the winner being awarded a predetermined amount of a spécifie unit of pseudo electronic money. This type of money can be used within a spécifie ecosystem. In this manner, the amount of pseudo electronic money in the ecosystem can be controlled, and the limitation on the total amount in circulation means that a community of mutually trusting users can still employ it as electronic money.

[0036] In other Systems, smart phones, smartcards, or other devices can be used to transfer payment details via NFC to enable wireless ‘tap and pay’ functionality in which payments can be made via crédit, débit, or pre-paid cards, for example. Exemplary smartcards include bus, subway, and train cards. In another system, subscribers can load fiat money onto a cell phone electronic wallet via payment of cash to an agent and send it to another cell phone via SMS.

[0037] Regulatory And Other Issues With Deploying Electronic Money [0038] Fungibility: The electronic crédit units are not automatically fungible between different ecosystems even when both represent currency electronic money rather than pseudo electronic money. While it is technically possible to pay for a newspaper with pre-paid cell phone crédits, this has to be bilaterally agreed in advance by the newspaper vendor and the mobile network operator. Users may therefore hâve to manage multiple electronic wallets for different transactions.

[0039] On-going counter-party risk to the value stored in the electronic crédit units: If a bus operator becomes insolvent, there is no obvious mechanism for retrieving the value of pre-paid journeys on its buses. Converting the crédits back to fiat money may be a contractual right extended by the now defunct bus company, but is not a statutory right underwritten by the central bank. Even in cases where there is no insolvency involved, it is not obvious that electronic money would be convertible back to fiat money in the event of a liquidity crisis (i.e. a ‘run on the electronic money issuers’).

[0040] Risk of fraud is higher than for printed bank notes: It is more of a challenge to print forged notes on spécial grades of paper using sophisticated presses than to hack into smartcards or SIM’s to create false balances. In fact, it is not even necessary to create a false balance entirely from scratch; each genuine electronic crédit unit is merely an encrypted string of characters stored in memory and, unlike a paper note, can potentially be copied electronically and used to make multiple payments.

[0041] Facilitating criminal behavior: Relatively small sums of electronic money (up to a few hundred dollars) can be held in fully anonymous form (i.e. just like notes). However, electronic money is much easier than notes to send abroad and so may facilitate crimes that involve transferring relatively small sums of money.

[0042] Macroeconomic distortions: Unlike the printing of bank notes, when electronic money is created it does not currently appear in the centrai bank’s calculation and reporting of the money supply. As volumes of electronic money ramp up it will become increasingly difficult for central banks to monitor, let alone control, the money supply. The money supply, or volume of money, is the total amount of money available in an economy at a spécifie time. Money supply data are recorded and published, usually by the government or the central bank of the country. Changes in the volume of money in an ecosystem can impact price levels, inflation and business cycles.

[0043] The increasing use of electronic money could also hâve an interesting effect on monetary policy. This is typically focused on controlling various measures of money supply. In addition to distorting the money supply picture, substantial issuance of electronic money might cause a significant shift in the ‘velocity of money’. The velocity of money (also called velocity of circulation) is the average frequency with which a unit of money is spent in a spécifie period of time. Velocity associâtes the amount of économie activity associated with a given money supply. The higher the velocity, the greater the amount of économie activity associated with a given money supply. However, increases in velocity can also dénoté inflation (more money is needed for each transaction, so each unit of money has to be used more often for a given level of économie activity). The velocity of money is another parameter monitored by central banks and used for targeting purposes, but such narrow monetary aggregates will become much less useful in an era of widespread electronic money. The velocity of electronic money can be monitored using any standard méthodologies.

[0044] Networked Exchange of Authenticated Electronic Items [0045] In overview, the disclosed technology relates to an authentication protocol and associated technology platform that will enable use of digital items and facilitate transactions with digital items, in particular mobile transactions, by utilizing the relationships between three general entities including an digital item authentication management system, a central authorization system associated with a central authority, and a digital item issuance system associated with a digital item issuer.

[0046] These entities and their relationships are broadly illustrated in FIG. 1. !n FIG. 1, the digital item authentication management System 110 preferably includes a server 111, a database 112, an administration component 113, and other components. The central authorization system 120 preferably includes a server 121, database 122, an administration component 123, and other components. The digital item issuance system 130 preferably includes a server 131, a database 132, an administration component 133, and other components. Any relevant entity can act as the central authorization system, the digital item issuance system, and the digital item authentication management system. Exemplary central authorization Systems include central banks, the Securities and Exchange Commission (SEC), and the like. Exemplary digital item issuance Systems include electronic currency issuance Systems, payment companies, pre-pay services, stored value card, and the like. Exemplary digital item issuance Systems further include any device capable of issuing digital items, such as a computing device or a mobile device, and the like. By example, where the digital item is electronic currency, the digital item authentication management system can be an electronic currency management system, the central authorization system can be a central bank, and the digital item issuer can be an electronic money issuer.

[0047] Using these entities, two exemplary process flows may be described. FIG. 2A illustrâtes a method 200A in which a digital item authorization device authorizes a digital item issuance system to generate an authenticated digital item. Specifically, in step 210A, the digital item issuance system is authorizes by the digital item authorization device, which is a hardware security module embodied on a device that includes information authorizing a digital item issuance system. Digital item authorization devices are described in more detail later. After being authenticated, the digital item issuance system generates the digital item in step 220A.

[0048] In the alternative method 200B shown in FIG. 2B, a digital item issuance system receives a digital item validator from a digital item authorization device, the digital item validator being associated with the génération an authenticated digital item. Specifically, in step 210B, the digital item authorization device provides the digital item validator to the digital item issuance system. The digital item issuance system then generates the digital item in step 220B, the digital item including the digital item validator.

[0049] After the digital item is created, the digital item authentication management system is notified of the création of the digital item in step 230. The digital item authentication management system then notifies the central authorization system of the création of the digital item in step 240, and the digital item issuance system provides the digital item to the user in step 250. A digital item validator may be attached to, or included with, the digital item. The user can then use or transfer the digital item, for example, in the case of electronic currency, spend or transfer the electronic currency to retailers, etc. in step 260.

[0050] Referring again to FIG. 1, in the case where the digital item is electronic currency, central authorization Systems 120 could be central bank Systems, which are authorities in a sovereign country whose rôles is to create, destroy, control and maintain a certain amount of économie activities via the issuance and maintenance of currency, paper or electronic. in this scénario, digital item authentication management Systems 110 can be electronic currency management Systems, which are entities that facilitate the control of issuance, management and flow of electronic payment system by the central bank Systems. The digital item authentication management Systems 110 provide an infrastructure to ensure that control over the digital items can be enforced with minimum inconvenience to the existing digital item issuance Systems 130, such as electronic currency issuance Systems in the case of electronic _;'· currency. With respect to electronic currency, electronic currency management Systems further enable the interoperability of electronic payment among ail electronic currency issuance Systems. The electronic payment consumers are not involved in this scheme by design, as this y is an effective way to ensure the current electronic currency issuance Systems and commerce provided to their consumers are not inconvenienced by the introduction of the architecture . -¾ ’ · described herein. In fact, customers will greatly benefit from it due to the interoperability brought about, and financial security they will enjoy. -, [0051] More specifically, where the digital item is electronic currency, the central bank ;· Systems are preferably responsible for authorizing and controlling the amount of electronic payment each participating electronic currency issuance system can provide via the control of an electronic currency management system and providing legitimacy to any electronic payment transaction that hâve occurred within the system.

[0052] Digital item issuance Systems 130 are entities that are in a capacity to issue and retire digital items. They also facilitate transactions involving digital items within their platforms or ^σ across platforms. In the case where the digital item is electronic currency, exemplary digital item issuance Systems 130 include, but are not limited to, electronic currency issuance Systems, such as mobile network operators, payment Systems providers, money remittance services, banks and other non-bank financial service providers. Digital item issuance Systems 130 can also certify and authenticate the issuance of digital items and monitor the circulation of digital . items. Digital item authentication management Systems 110 and central authorization Systems 4 120 may charge digital item issuance Systems 130 combinations of license fees, usage fees,

- ! maintenance fees and service fees, according to the number of digital item users and other :

i ·. units of measures as appropriate. | [0053] Describing FIG. 1 with respect to the exemplary situation in which the digital item is electronic currency, electronic currency issuance Systems can be used to issue and retire electronic currency in a country, facilitate exchanges of electronic currency within their platforms or across platforms, and certify and authenticate the issuance of electronic currency and. ‘ f ( monitor the circulation of electronic currency. \ V.

[0054] Digital item authentication management Systems 110 serve as trusted third parties to / facilitate the création and maintenance of vérifiable trust relationship between the central· ; ' V authorization system 120 and the digital item issuance Systems 130, and maintain the infrastructure necessary to facilitate the création and maintenance of the trust reiationship and the enforcement of the monitoring and control via the use of digital item authorization devices. Digital item issuance Systems 130 provide verifiabie information to the central authorization Systems 120 to support the monitoring of transactions involving the central authorization system 5 120 via the digital item authorization device, provide legitimacy via the centrai authorization system 120 authorization to transactions conducted by its consumers, and process transactions that are coming from or going to other digital item issuance Systems 130 via the digital item authentication management infrastructure sanctioned by the central authorization system 120.

[0055] Again describing FIG. 1 with respect to the exemplary situation in which the digital 10 item is electronic currency, electronic currency management Systems can facilitate the création and maintenance of the trust reiationship and the enforcement of the monitoring and control via the use of electronic currency authorization plates. Electronic currency issuance système can provide verifiabie information to the central bank Systems to support the monitoring of electronic payment by the central bank system via the electronic currency authorization plate, provide 15 legitimacy via the central bank system authorization to electronic payment conducted by its consumers, and process transactions that are coming from or going to other electronic currency issuance Systems via the electronic currency management infrastructure sanctioned by the central bank system.

[0056] The disclosed technology further simplifies and facilitâtes the issue of authenticating 20 newly created digital items while at the same time providing central authorization Systems a way to integrate newly created digital items into mainstream use and distribution, for example, integrating electronic currency into the fiat money ecosystem. As described below, a central authorization system is provided with an encryption algorithm that allows it to assign a unique electronic ‘authentication certificate’ or digital item validator to each digital item that is created or 25 issued. The algorithm can be thought of as an^-electronic équivalent of the engraved plate that allows a printing press to confer distinctive graphie design features and a unique serial number onto an Item, such as a watermark, etc., causing it to become a trusted digital item while at the same time protecting against counterfeiting.

[0057] Mobile Network Operator Examples [0058] Certain exampîe Systems may include the transfer and exchange of mobile currency through any of various mobile networks. For examp'e, users may use a mobile subscriber such as a smartphone user who subscribes to a wireiess service, which is communicably coupied to communication network via a gateway. Such Communication network can be any wired, wireless, Internet, VPN (Virtual Private Network) and the like capable of transferring data from one point to another.

[0059] Gateway is preferably an SMS gateway capable of pushing and pulling text to and from mobile subscriber. A communication link, preferably wireless, couples mobile subscriber and gateway. A communication link communicably couples gateway and communication network.

[0060] As described, example electronic currency Systems may further include a MNO (Mobile Network Operator) platform communicably connected to communication network via communication links. As with the other communication type links, communication link can be wired or wireless.

[0061] The example MNO platform may be administered by a mobile operating entity that offers mobile téléphoné services. Such an MNO might lease or own its own equipment and often provides to users mobile device and corresponding hardware and software that are compatible with the MNO network.

[0062] Example Systems further comprise authentication system communicably coupled to communication network via link and to central bank via link. Information database stores pertinent information for authentication System. Authentication system issues electronic money validators and certifies electronic monies originated by MNO platform resulting from cash received from its mobile subscribers, as described herein.

[0063] In certain examples, mobile subscriber wishing to utilize electronic currency system begins by approaching MNO agent to deposit cash or cash équivalents. Here, it is assumed that mobile subscriber has active service with MNO platform. That is, mobile subscriber has completed preregistration and/or registration routines and has received an appropriate SIM (Subscriber Identification Module) card or other mobile handset identifier, to enable mobile money services on mobile subscriber handset or mobile device.

[0064] The example subscriber may deposit cash with MNO agent before mobile services from MNO platform can be received. Next, the Mobile subscriber deposits money with MNO agent. Mobile subscriber 102 also provides the mobile phone number to be associated with and for executing electronic money transactions, for example. Another example may be the movement of money from a checking or savings account. In such an example, an interface between a bank that the subscriber has a checking or savings account and the MNO may allow for the transfer of money between and among the accounts. In such a way, the mobile subscriber populates her MNO account with actual cash équivalent dénominations, of currency which originated and/or has been originally created by or authorized by the central bank or other central authority.

[0065] Upon receiving the cash money, either in paper form or electronic form, the MNO agent communicates with MNO platform to initiate the process of crediting mobile subscriber account with an équivalent amount of e-money. Here, electronic money or e-money refers to digital currency which only exists in an electronic state and is originated by non-banking institutions. A banking institution primarily functions to accept cash deposits and loan some or ail of said cash deposits to other customers.

[0066] Prior to or contemporaneously with crediting the mobile subscriber account with electronic money, MNO platform sends an electronic money validator request message asking for an electronic money validator from the authentication system.

[0067] Additionally or alternatively, the MNO need not request validators in real time when cash deposits are received. Rather, MNO can preorder blocks of electronic money validators in advance for storage on subscriber database for use as cash deposits are received. In such a way, the MNO can quickly attach the validators without having to request them individually. This can save effort in the communication flow with the authentication system and with the central bank as well.

(0068] After the electronic money validator request is received, authentication system generates and forwards an electronic money validator to the MNO platform. Upon receipt ofthe electronic money validator, MNO platform attaches this electronic money validator to the electronic money issued by MNO platform.

[0069] ln an example embodiment, the electronic money and the attached electronic money validator are delivered to mobile subscriber handset for storage. In such a case, electronic money access data need not be sent to mobile subscriber. Other examples include networked storage of the electronic money validator and electronic money.

[0070] In either case, a record of the electronic money corresponding to money and the electronic money validator équivalent to said electronic money is maintained. In this manner, unlike conventional Systems, an electronic money validator is attached and stored with electronic money or corresponding information thereof while the electronic money is within the electronic currency system to facilitate tracking and increase transparency of electronic money circulation.

[0071] The Digital Item Authorization Device Examples [0072] In certain examples, a device may be employed to create the authentication cryptography which may be generated and appended to the electronic money. Such hardware could be made from any of various computing components as described herein.

[0073] To prevent local tampering or extemal hacking, a dedicated hardware security module (HSM), referred to herein as a digital item authorization device, can be used to implement the encryption algorithms. In the case where the digital item is electronic currency, the digital item authorization device is referred to as an electronic currency authorization plate. As shown in FIG. 3, which illustrâtes a diagram 300 of the distribution of digital item authorization devices, there are two general types of digital item authorization devices that are distributed, for example, by the digital item authentication management system 310. First, a master or root digital item authorization device 325 is associated with, and held by, the central authorization system 320. The root digital item authorization device 325 is preferably operated under the direct control and authority of the central authorization system 320. However, the root digital item authorization device 325 may be physically located either at the central authorization system 320 or the premises of a third party, depending on convenience and the level of delegated trust. The other type of digital item authorization device is the subsidiary or operational digital item authorization device 335, which can be delegated to any number of digital item issuance Systems 330. Operational digital item authorization devices 335 are preferably configured to be a mirror of the central authorization system 320’s root digital item authorization device 325 with delegated authority to authenticate the digital items. The configuration of operational digital item authorization devices 335 preferably give operational digital item authorization devices 335 the authority to authorize the génération of authenticated digital items on behalf ofthe root digital item authorization devices 325. While FIG. 3 illustrâtes an exemplary aspect of the disclosed technology in which digital item authentication management System 310 distributes operational digital item authorization device 335, central authorization system 320 can distribute operational digital item authorization device 335 to the digital item issuance system 330.

[0074] The use of digital item authorization devices described herein has been embodied in a technical architecture designed to ensure speed, convenience and resilience in addition to security. Such a device may be referred to as an encryption device. For example, digital item authorization devices may include many advantageous features, such as a GPS, caméra, atomic clock, value limiter, wireless transmitter, and the like.

[0075] Preferably, digital item authorization devices operate in a secure environment isolated from the main IT Systems at the central authorization system 320 and the digital item issuance

Systems 330. The digital item authorization device is generally an electronic black box with data input and outputs, but without any means to exert external control over its operation once installed. Specifically, it preferably does not hâve a software operating system which can implement even low level commands such as ‘copy data’ or ‘export a file.’ Instead, the digital item authorization device can ideally execute a fixed menu of pre-set tasks defined by the circuitry ofthe hardware as embodied in application spécifie integrated circuits (ASICs) or read only memory chips (ROMs). This makes the digital item authorization device effectively invulnérable to hacking, either remotely over a network connection, or directly by a dishonest employée orsomeone who has gained unauthorized physical access to the module. Instructions executed directly on chip rather than compiled in software are also extremely rapid, ensuring that the digital item authorization device can work at very high speeds and, unlike an internet server, will be résilient to peaks in authentication demand.

[0076] Using a digital item authorization device as described herein provides the principal guarantee of security in the digital item authentication management system 310. The digital item authorization devices preferably authorize ail functions relating to the création, authentication, and authorization ofthe digital items. In addition, the digital item authorization device preferably incorporâtes components that enable increased capabilities, such as a video caméra, still caméra, clock, géographie location sensor (GPS, 3G/4G, or radio based), position sensor, wireless transmitter, and the like. The video caméra could be used to record the éléments of the various handover and initiation ceremonies described herein, thereby creating an audit trail. The clock provides highly précisé time and date-stamping for the digital items, making them much harder to counterfeit. The positioning sensor ensures that the digital item authorization device will only work while it remains physically located at the promises designated by the central authorization System, for example. In a final step, the digital item authorization device will preferably be ‘hardened’ to restrict input/output access for security purposes. Any breach of the digital item authorization device will make it inoperative.

[0077] The cryptographie algorithms used in the digital item authorization devices can be any algorithms that provide the appropriate level of security. One example of suitable algorithms are the ‘Suite B’ set of algorithms approved under the Fédéral Information Processing Standard (FIPS) suitable for commercial usage. For spécifie central authorization system installations, custom algorithms, or combinations of algorithms, can be used on a case-by-case basis. Electronic authentication can also be issued using a transaction enveloping method, which can be performed by any suitable algorithm in combination with a commercially available off-theshelf (COTS) hardware security module. The envelope will essentially serve as the ‘seal’ on the digital items as they circulate. The actual transaction authorization validators can be generated using any type of certificate, for example, X.509 certificates.

[0078] The communication protocols used are specified by the digital item issuance system and may, for example, be a simple SMS message from a cell phone handset The data packets corresponding to the digital items pass around the network protected by an envelope ‘seal’. The ‘seal’ is protected by the strength of the cryptography and this, in itself, provides a certain level of authorization. The fact that the ‘seal’ was issued by an authorized central authorization system digital item authorization device further validâtes the transactions.

[0079] At the core of its architecture, the digital item authorization device uses cryptographie keys, digital items validators, and key management processes to enforce a vérifiable trust reiationship among the central authorization system, digital item issuance Systems, and the digital item authentication management system. Electronic validators could also be any kind of encryption or cryptographie data attached to a file. For example, a public or private key system could be used between the sender and receiver, and only use of the key could decrypt the file. Pre-shared keys are an example of this. Hash functions or algorithms could be used to encrypt data, with a hash lookup table used to decrypt the files. Symmetric key cryptography could be used as well.

[0080] lf pièces of data are used in the Systems and methods here, and are encrypted, where only authorized users may move, account for and/or utilize the data, then unauthorized copying, use and transfer could be controlled. Below is a simple example using alphanumeric serial numbers in a piece of data. Such a data string could also be encrypted and therefore be more difficult to misuse.

[0081] Digital watermarking may be used as well. In such examples, a covertly embedded marker is hidden in a signal that is noise tolérant. Use of a particular algorithm will reveal the watermark, but would otherwise be impossible to detect. Serial digital watermarks could be employed at each distribution of the digital items described here. lf a copy is later found, the watermark could be analyzed to see where it has been and which users hâve handled it. Sources could be identified.

[0082] The following describes the key management processes that are preferred to create the necessary key materials for the various digital item authorization devices needed to operate the digital item authorization management infrastructure. As shown in FIG. 3, operational digital item authorization devices are initialized then transported to the digital item issuance system . and the central authorization Systems. In this regard, it is preferred for operational digital item authorization devices to be physically separated from the root digital item authorization device.

[0083] There are three basic processes for initializing and distributing digital item authorization devices: manufacturing initialization, initialization at the digital item authentication management system and central authorization system facilities, and re-authorization on-site during operation. These processes can occur in high profile public ceremonies, for example, a transport key ceremony, a root digital item authorization device initialization ceremony, and an operational digital item authorization device initialization ceremony. These ceremonies can be used to establish a trusted relationship between the parties (such as two banks, etc.). The process preferably involves mostly manipulation of cryptographie devices and protocols in which various security officers take part to execute a pre-defined script.

[0084] Digital item authorization device Manufacturing Initialization [0085] Digital item authorization devices could be secured from birth to destruction. At manufacturing time, key materials may be generated to protect the access to the digital item authorization device in the form of administrator authentication. This is preferably done for every single digital item authorization device that is created. A transport key between the digital item authorization device manufacturer and the digital item authentication management System and the central authorization system should be established once at the beginning via a standard transport key communication. The purpose of this key communication, which is described below, is to ensure that the digital item authorization device is sealed cryptographically after manufacturing and protected during the handling and transportation to the central authority and digital item authentication management system facilities for further key management operations. [0086] Referring now to FIG.s 4-5, the disclosed technology relates to a system and method in which digital item authorization devices can be authorized in a cascading fashion. For example, in a cascading arrangement, a root, or master, digital item authorization device can cascade authority to any number of operational digital item authorization devices.

[0087] FIG. 4 illustrâtes an exemplary method 400 of cascading authority between digital item authorization devices. In step 410, a root digital item authorization device initially assigns authority to a first digital item authorization device. If it is desired to re-assign authority to a second digital item authorization device, it is determined in step 420 whether the first digital item authorization device should assign authority to the second digital item authorization device. If so, the first digital item authorization device assigns authority to the second digital item authorization device in step 430. If the first digital item authorization device should not assign authority to the second digitai item authorization device, the root digital item authorization device can instead assign authority to the second digital item authorization device in step 440.

[0088] Similarly, if authority is to be further transferred or assigned to a third digital item authorization device, it is determined in step 450 whether the second digital item authorization device should assign authority to the third digital item authorization device. If so, the second digital item authorization device assigns authority to the third digital item authorization device in step 460. If the second digital item authorization device should not assign authority to the third digital item authorization device, the root digital item authorization device can instead assign authority to the third digital item authorization device in step 470. This process can be repeated for any number of digital item authorization devices.

[0089] FIG. 5 illustrâtes exemplary relationships between digital item authorization devices when cascading authority. Specifically, a root digital item authorization device 515, which is associated with central authorization system 510, first assigns authority via authorization 501 to the first operational digital item authorization device 525, which is associated with first digital item issuance system 520. Thus, after this initial assignment of authority, first digital item issuance system 520 is authorized to generate digital items.

[0090] If authority is to be transferred or assigned to the second digital item issuance system 530, the assignment can be made by either the first operational digital item authorization device 525 or the root digital item authorization device 515. In the former case, the first operational digital item authorization device 525 assigns authority via authorization 502A to the second operational digital item authorization device 535, which is associated with the second operational digital item issuance system 530. In the latter case, the root digital item authorization device 515 assigns authority via authorization 502 to the second operational digital item authorization device 535. Some or ail of the authority previously assigned to first operational digital item authorization device 525 may be assigned to the second operational digital item authorization device 535, or an additional amount of authority may be assigned to the second operational digital item authorization device 535 by the root digital item authorization device 515.

[0091] Similarly, if authority is to be further transferred or assigned to the third digital item issuance system 540, the assignment can be made by either the second operational digital item authorization device 535 or the root digital item authorization device 515. In the former case, the second operational digital item authorization device 535 assigns authority via authorization 503A to the third operational digital item authorization device 545, which is associated with the third operational digital item issuance system 540. In the latter case, the root digital item authorization device 515 assigns authority via authorization 503 to the third operational digital item authorization device 545. Some or ail of the authority previously assigned to second operational digital item authorization device 535 may be assigned to the third operational digital item authorization device 545, or an additional amount of authority may be assigned to the third operational digital item authorization device 545 by the root digital item authorization device 515.

[0092] In the above described examples, any number of digital item issuance Systems can be authorized to generate digital items using root and operational digital item authorization devices. Part of the authorization process may include issuing further operational digital item authorization devices to the appropriate digital item issuance Systems.

[0093] While authorization can be limited to a single digital item issuance system, authorization may also be shared by plurality of digital item issuance Systems. Separate operational digital item authorization devices may also be assigned authorization in parallel by either the root digital item authorization device or any number of operational digital item authorization devices. Thus, using a cascading technique as described herein enables the transfer of authority to any digital item issuance system. Furthermore, by utilizing a cascading délégation of authority, any device, for example, a mobile device associated with a particular user, can be assigned or delegated authorization as a digital item issuance system.

[0094] As described herein, the disclosed technology enables the création of authenticated digital items. This offers benefits over the types of digital items offered previously. Exemplary benefits of using the disclosed technology to authenticate digital items such as electronic currency are illustrated schematically in FIG.s 6-7.

[0095] FIG. 6 illustrâtes an exemplary electronic item regulatory environment in which a central authorization system 610 régulâtes a plurality of ecosystems 600A-D. Within each ecosystem, digital items, such as units of electronic currency, are created, authenticated, exchanged, etc. However, each ecosystem includes its own components, and can communicate with the central authorization system 610, but not with the other ecosystems. Thus, digital items from one ecosystem cannot be used in transactions with participants in the other ecosystems.

[0096] For example, ecosystem 600A includes digital item issuance system 620A, an issuing agent 621A, redeeming agent 622A, a consumer 630A, an intermediate récipient 640A, and a final récipient 650A. When the digital items are electronic currency, the récipients can be, for example, merchants.

[0097] Within this ecosystem, consumer 630A submits a request 631A that digital item issuance system 620A create a digital item, and optionally submits a payment for the digital item, for example, fiat money. Digital item issuance system 620A then returns the digital item 632A, for example, via issuing agent 621 A. Consumer 630A can then use or transfer digital item

632A to intermediate récipient 640A. Intermediate récipient 640A then receives an authentication from digital item issuance system 620A authenticating the digital item 632A. Intermediate récipient 640A can then use or transfer digital item 632A to one or more final récipients 650A. Final récipient 650A can then submit the digital item 632A back to digital item issuance system 620A, and digital item issuance system 620A can then authenticate the digital item 632A and, if appropriate, returns some form of rédemption 651 A, for example, fiat money, to final récipient 650A, for example, via redeeming agent 622A.

[0098] Similarly, the remaining ecosystems 600B-D include digital item issuance Systems 620B-D, issuing agents 621B-D, redeeming agents 622B-D, consumers 630B-D (who, for example, may submit requests 631 B-D), intermediate récipients 640B-D, and final récipients 650B-D. Within each ecosystem, consumers 630B-D request digital items 632B-D from digital item issuance Systems 620B-D and provide, if appropriate, payment, and digital item issuance Systems 620B-D returns digital items 632B-D to consumers 630B-D, for example, via issuing agents 621 B-D. Consumers 630B-D can then use or transfer digital items 632B-D to intermediate récipients 640B-D. The intermediate récipients 640B-D then receives an authentication from digital item issuance Systems 620B-D authenticating the digital items 632BD. Intermediate merchant/recipients 640B-D can then use or transfer digital items 632B-D to one or more final récipients 650B-D. Final récipients 650B-D can then submit the digital item 632B-D back to digital item issuance Systems 620B-D, and digital item issuance Systems 620BD can then authenticate the digital items 632B-D and, if appropriate, returns some form of rédemption 651 B-D, for example, fiat money, to final récipient 650B-D, for example, via redeeming agent 622B-D.

[0099] Central authorization system 610 can communicate directly with each of ecosystems 600A-D to regulate and control the flow of digital items 632A-D within each ecosystem. However, as noted above, no digital items can be transmitted directly from one ecosystem to another. For example, digital item 632A cannot be transmitted from ecosystem 600A to any of ecosystems 600B-D, and vice versa. This configuration greatly limits the usefulness of the digital items created and used in each ecosystem.

[00100] In FIG. 7, the central authorization system 710 takes responsibiiity not only for régulation, but also for authenticating digital items using digital item authorization devices as described herein. The ecosystems 700A-D still exist, but the digital items in each of them are authenticated digital items and are therefore completely vérifiable and transmittable. Thus, the digital items can be circuiated between the ecosystems just as easily as within each ecosystem.

For example, when the digital items are units of electronic currency, they are completely fungible in each ecosystem.

[00101] For example, ecosystem 700A includes digital item issuance system 720A, operational digital item authorization device 760A, an issuing agent 721 A, redeeming agent 722A, a consumer 730A, an independent récipient 740A, and a final récipient 750A. Within this ecosystem, consumer 730A submits a request 731A to digital item issuance System 720A, and optionally submits a payment for the digital item, for example, fiat money. Digital item issuance system 720A, which is authenticated by operation digital item authorization device 760A, returns digital item 732A to consumer 730A, for example, via issuing agent 721A. Consumer 730A can then use or transfer digital item 732A to intermediate récipient 740A. Intermediate récipient 740A can then likewise use or transfer digital item 732A again, for example, to one or more final récipients 750A. Final récipient 750A can then submit the digital item 732A back to digital item issuance system 720A, and digital item issuance system 720A can then authenticate the digital item 732A and, if appropriate, returns some form of rédemption 751A, for example, fiat money, to final récipient 750A, for example, via redeeming agent 722A.

[00102] Similarly, the remaining ecosystems 700B-D includes digital item issuance Systems 720B-D, operational digital item authorization devices 760B-D, issuing agents 721B-D, redeeming agents 722B-D, consumers 730B-D (who, for example, may submit requests 731BD), independent récipients 740B-D, and final récipients 750B-D. Within each ecosystem, consumers 730B-D request digital items 732B-D from digital item issuance Systems 720B-D and provide, if appropriate, payment. Digital item issuance Systems 720B-D, which are authenticated by operation digital item authorization devices 760B-D, return digital items 732B-D to consumers 730B-D, for example, via issuing agents 721 B-D. Consumers 730B-D can then use or transfer digital items 732B-D to intermediate récipients 740B-D. The intermediate récipients 740B-D can likewise use or transfer digital items 732B-D to one or more final récipients 750B-D. Final récipients 750B-D can then submit the digital items 732B-D back to digital item issuance Systems 720B-D, and digital item issuance Systems 720B-D can then authenticate the digital items 732B-D and, if appropriate, returns some form of rédemptions 751 B-D, for example, fiat money, to final récipients 750B-D, for example, via redeeming agents 722B-D.

[00103] Central authorization system 710, which includes root digital item authorization device 711, can communicate directly with each of ecosystems 700A-D to regulate and authenticate digital items 732A-D that are generated within each ecosystem. Because the génération of the digital items is authenticated by the digital item authorization devices, the authenticity of the digital items is completely vérifiable, and thus, the digital items can be freely transferred between the ecosystems. For example, digital items 732A can be freely transmitted from ecosystem 700A to any of ecosystems 700B-D, and vice versa. When the digital items are units of electronic currency, this verifiability makes the electronic currency fully fungible in any of the ecosystems.

[00104] Once the central authorization system involves itself directly in regulating the création and subséquent movement of the digital items, such as units of electronic currency, it may, for example, be acceptable to allow a mobile network operator to add electronic currency to a cell phone SIM with the simultaneous débit of a linked bank account without the mobile network operator having to be regulated as a bank or to provide client money guarantees. The mobile network operator will not need to hold the client money; it instead simply facilitâtes its movement from one storage medium to another. The mobile network operator is effectively acting as the electronic currency analogue of a company which opérâtes a set of ATM machines on behalf of a bank (in this case the central bank system), thereby taking on the installation, maintenance and fulfillment rôles, but not the banking rôle. The mobile network operator’s network for distribution of the electronic crédit units which embody electronic currency is simply a better version of the security van used to distribute the pièces of paper which embody paper fiat money.

[00105] Exemplary operation ofthe system of a disclosed technology can best be understood by describing the steps in the création, transfer and eventual retirement of an electronic currency unit. The global ubiquity of cell phones makes the methods and Systems described herein extremely useful. However, the protocols of the disclosed technology can be applied equally well to any electronic currency issuance system (i.e. not just a mobile network operator) working over any data network (i.e. not just a GSM wireless network).

[00106] FIG. 8 illustrâtes an exemplary process basic flow of electronic currency according a simplistic deployment of the disclosed technology with a single electronic currency issuance system (in this case, as just noted, a mobile network operator). More elaborate arrangements can be deployed and, because of to the modular architecture of the electronic currency authorization plates, will work together behind the scenes to ensure a seamless expérience for the electronic currency user. For example, at final surrender, the electronic currency can be presented to any other electronic currency issuance system that is party to the same central bank system authentication and authorization system. This may occur when a subscriber to one mobile network operator transfers electronic currency to the electronic wallet of someone who subscribes to a different mobile network operator (both mobile network operators offering electronic currency issuance system services). Once the transaction has been authorized by the central bank system root electronic currency authorization plate, the mobile network operator which originally took in the deposit of fiat money simply transfers it by electronic funds transfer to the second mobile network operator which then pays it out to the final holder (and surrenderer) of the electronic currency.

[00107] The two electronic currency issuance Systems envisaged in the above example do not need to be in the same country or to operate in the same currency zone. If they are regulated by different central bank Systems and/or are linked to different root electronic currency authorization plates, then these electronic currency authorization plates can exchange the information needed to authenticate and authorize the transaction via a trusted third party seulement system, which will be issued with its own supra-national electronic currency authorization plate. The transfer of the original fiat money deposit between the original electronic currency ecosystem and the new electronic currency ecosystem by electronic funds transfer can readily include a foreign exchange conversion, as already occurs routinely in the world of fiat money transfers for trade finance.

[00108] As described herein, the disclosed technology can be applied when the digital items are units of electronic currency. An exemplary application of this scénario is illustrated in FIG. 8, which relates to an electronic currency management system 800 in which an electronic currency issuance system establishes the capability to offer electronic currency using electronic currency authorization plates. In order to become a mobile network operator 820 able to offer electronic currency, the mobile network operator 820 obtains an operational electronic currency authorization plate 830 which has been configured to be a mirror of the central bank system 850’s root electronic currency authorization plate 840. Fiat money is then presented to the mobile network operator 820 for exchange into electronic currency. Specifically, a customer who is a subscriber to the mobile network operator 820 and wishes to obtain electronic currency contacts an agent 822 of the mobile network operator 820 and arranges to exchange a certain sum of fiat money for the same amount of electronic currency. The agent 822 may be employed directly by the mobile network operator 820 (for example, in a call center and contacted remotely by phone or email), or else may be a designated local représentative of the mobile network operator 820 (for example, working from a kiosk or within a retail outlet and contacted face-to-face). In the former case, payment is likely to be made by crédit or débit card 815 or added to the subscriber’s monthly biil for mobile services and will ultimately be taken out of their bank account 810. In the latter case, the payment will probably be made over the counter, either by a card or using cash 816. Payment of cash 816 over the counter will be the only option for those without a bank account 810. The internai or external agent 822 of the mobile network operator 820 interacts with the mobile network operator 820’s database 821 (or other IT platform) to record the receipt of the fiat money from the customer.

[00109] Next, a request 831 is made by the electronic currency management system 800 for electronic authentication certificates 832. The mobile network operator 820’s database 821 interacts with a separate, highly secure, IT system set up to manage its operational electronic currency authorization plate 830. Working within its delegated authority from the root electronic currency authorization plate 840, the operational electronic currency authorization plate 830 issues electronic currency authentication certificates 832 using the algorithm. Although the request 831 is likely to hâve been for a certain dénomination of electronic currency (e.g. $10), effectively creating a digital bank note, the operational electronic currency authorization plate 830 will preferably generate a group of certificates each with the lowest circulating currency dénomination. For example, where $10 is requested, the operational electronic currency authorization plate 830 can create a bundle of 1000 separate certificates, each worth one cent. This will make it easier for the original $10 subsequently to be broken down to make multiple purchases from different vendors. If a purchase is made for, say, $3.26 then an electronic wallet can hand over a bundle of 326 separate one cent certificates and create a new bundle of 674 certificates to be retained. Details of the electronic authentication certificates 832 issued (amount, date, time, issuing agent, receiving electronic wallet, etc.) can be recorded securely within the operational electronic currency authorization plate 830. Before sending these certificates to the mobile network operator 820, the operational electronic currency authorization plate 830 vérifiés that the electronic currency thus being created compiles with any relevant policies governing, for example, the total level of permitted issuance for the mobile network operator, the jurisdiction within which the electronic currency can circulate and the completion of any associated validation procedures required under know-your-client (KYC) or anti-moneylaundering (AML) régulations. To avoid taking a fiat money deposit and then finding there is no headroom within the permitted issuance to issue the electronic authentication certificates 832, these may be pre-purchased from the mobile network operator 820 by a particular agent.

[00110] The authorized and authenticated electronic currency 801 is then issued to the subscriber. The mobile network operator 820 copies the electronic authentication certificates 832 sent to it by the operational electronic currency authorization plate 930 to the SIM card of the subscriber’s cell phone 811, which acts as an electronic wallet, thereby loading it up with the relevant amount of electronic currency 801. If the original deposit of fiat money was taken by an agent 822, then the mobile network operator 820 informs the agent 822 that the corresponding amount of electronic currency 801 has been issued. Instead of an electronic wallet, the electronic currency 801 could be on the IT system.

[00111] The subscriber can then présent the electronic currency 801 in payment 812 for goods or services. When the mobile network operator subscriber wishes to make a payment using the electronic currency 801 stored on his or her phone 811, the electronic wallet application on the handset offers the appropriate number of electronic authentication certificates 832 to the IT system of the payee. This may be another cell phone 880 communicated with via SMS or NFC, a dedicated electronic currency terminal 881 located in a retail outlet, probably communicated with via NFC, or a server 882 set up to receive on-line electronic currency payments communicated over communication network 883.

[00112] The récipient then authenticates the electronic currency 801 offered in payment. The recipient’s IT system uses a network connection (GSM, Internet, etc.) to send details 813 of the offered electronic authentication certificates back to the mobile network operator 820’s operational electronic currency authorization plate 830 via open electronic communication network 860. The operational electronic currency authorization piate 830 vérifiés that the certificates 832 are still valid (i.e. hâve not been cancelled or used already for a previous transaction by the same payer), and the mobile network operator 820 sends a message 814 to the récipient authenticating the transaction. Details of the transaction (serial numbers of the electronic currency units involved, date, time, offering and receiving electronic wallets, etc.) are recorded in the mobile network operator 820.

[00113] The récipient of the electronic currency can then convert it back to fiat money. After one or more transactions, the récipient of the electronic currency présents it to the original mobile network operator 820 for conversion back to fiat money. The récipient may visit an agent of the mobile network operator in person 885 to seek repayment in cash 886 or contact the mobile network operator 820 remotely over a network 870 via request 871 to seek a crédit of fiat money to a bank account 810, for example, by EFT 872. The request is authorized by the mobile network operator 820’s operational electronic currency authorization plate 830. By redeeming the electronic currency 801, the transaction also cancels the authentication certificates 832 via cancellation 833. Details of the transaction (serial numbers of the electronic currency units cancelled, date, time, nature of the fiat money payment made, etc.) can then be recorded by the mobile network operator 820. The relevant sum of fiat money can then be paid by the mobile network operator 820 to the party which presented the electronic currency 801 for conversion, either in cash 886 or via electronic funds transfer 872 transferring money from the mobile network operator 820’s bank account 890 to the bank account 810 of the subscriber. The mobile network operator 820’s bank 890 may undertake to send the subscriber a message 873 (e.g. by SMS) to confirm that the payment has been made. Alternatively, the mobile network operator 820 may generate such a message itself, for example.

[00114] The operational electronic currency authorization plate 830 preferably synchronizes regularly with the root electronic currency authorization plate 840 via encrypted communication 835. Using encrypted communication 835 over an open data network 860, the operational electronic currency authorization plate 830 regularly reports back to the root electronic currency authorization plate 840. The root electronic currency authorization plate 840 therefore maintains a master copy of ail electronic currency 801 issued and redeemed. The records of ali transactions will be audited automatically within the electronic currency management system, and any anomalies will be flagged for investigation, providing the central bank system 850 with confidence that the electronic currency management system 800 is operating within its control and policy requirements. The electronic currency management system 800 is capable of outputting regular aggregated statistical reports, for example on the quantity of electronic currency 801 in circulation and its velocity, and copies of these can be distributed to the central bank system 850, for example. The periodicity and content of these reports will be included in the original configuration of the electronic currency authorization plates to meet the particular requirements of a given customer.

[00115] While the algorithms utilized by the digital item authorization devices will preferably hâve recorded, in the course of authorizing the transactions, the identity of ali parties and Systems through which a particular digital item passes, this information is not normally made available to the central authorization system. Instead, it is preferably held securely by the digital item authentication management system. The digital item authentication management system can also generate aggregated statistical reports which provide the central authorization system with the high level information it needs to implement its chosen macroeconomic policies without intruding on the privacy of individual transactions, and can also output the information it contains with whatever granularity is requested by a particular central authorization system.

[00116] The control maintained by the central authorization system by the system of digital item authorization devices is clearly distinct from traditional digital items Systems, such as electronic currency Systems, and effectively éliminâtes any distinction between digital items authenticated via the system of the disclosed technology and digital items issued under more established forms of central authorization system control. The digital item issuance system effectively becomes an agent of the central authorization system. For exemple, when the digital items are units of electronic currency, the electronic currency issuance Systems effectively work in partnership with the central banks to issue the currency needed to meet the target money supply, and, in doing so, joins existing partners which mint coins and print banknotes. According to the disclosed technology, the electronic currency issuance system simply prints ‘modem’ digital bank notes while the printing presses print ‘legacy’ paper bank notes.

[00117] Many functions are supported by the disclosed technology for the digital item authentication management Systems, central authorization Systems and digital item issuance Systems. Each digital item authentication management system can register central authorization Systems and digital item issuance Systems, generate license keys, authenticate transfers, track and report transfers, calculate, bill and collect fees, monitor status of the Systems, renew and revoke license keys, set standards and propagate best practices, backup and restore Systems, exchange information with global financial, regulatory and law enforcement entities, and the like. [00118] The digital item authentication management Systems can also maintain records of ail the central authorization Systems and digital item issuance Systems that subscribe to the digital item authentication management system’s licenses or implement the digital item authentication management system’s system or services. For example, the digital item authentication management system’s record of the central authorization Systems and digital item issuance Systems may include the following information items: name of the legal entity, type of licensee (e.g. central bank system, electronic currency issuance system), licensee status (e.g. inactive and active), registered address, contact person information, license key, license key validity period, and the like. The digital item authentication management system should also generate a time and turnover volume limited license key upon authorization by the user with the appropriate access right. The license key is typically required by the central authorization system and digital item issuance system to function, as the digital item authentication management system may be configured to stop functioning without the valid license key. The system and the data in the system will become read only without a valid license key. The system should also allow the digital item authentication management system revoke a license key, or otherwise make a license key invalid, if necessary. The central authorization system or digital item issuance system preferably ceases to function once its license key is revoked, which is clearly not désirable for either the central authorization system or the digital item issuance system.

[00119] More Wireless Examples [00120] In this example a sequence of transmission of money between sender and receiver, withdrawal of e-money and transmission of a retirement report to authentication system is described with reference to the sequence diagram of FIG. 9. In such examples, the digital items are transferred across wireless networks, among users who are utilizing wireless communication devices such as smartphones. Multi Network Operators which may be any kind of wireless service provider, télécommunications provider, network administrator, etc. Through transmission of the digital items, digital currency, etc. the users of the wireless devices may be able to transmit, remit, save and exchange the digital items among one another, among merchant vendors either online or through their own wireless devices.

[00121] FIG. 9 is a sequence diagram illustrating the sequence of events for FIG. 2A for remitting money from sender 904 to receiver 202, withdrawing and retiring the withdrawn electronic money.

[00122] In FIG. 9, sender 904 has deposited money with MNO 904. Specifically, sender emoney account has been credited with the deposit amount. In this example, deposit amount can be assumed to be $100. Sender’s e-money/e-money account also has attached or associated with it an electronic money validator.

[00123] Electronic money validators are generated by generator 952 of authentication system. In this example, an electronic money validator can comprise a 12-digit alphanumeric number not unlike serial numbers employed on physical banknotes. As an example, a serial number might be: JD1233214510. In another example, a serial number can be: JD3211238920.

[00124] One skilled in the art will understand that the number of digits utilized or the serial number form can be varied as proves necessary. Thus, for example, an issuing authentication system might employ a 20-digit numeric code such as: 90323498786366637373.

[00125] Each serial number is distinct and uniquely authenticates electronic money to which it is attached. As noted, the serial numbers can be any number of digits or alphanumeric number combination commensurate with the amount of e-money needed. Each serial number digit might be storable as a data byte.

[00126] In one embodiment, various predetermined dénominations are issued by generator 952. For example, issued dénominations can be:

[00127] $10.00; $50.00; $100.00; $250.00; $500.00; and $1000.00.

[00128] A dénomination is also uniquely identifiable by a particular serial number. For example: Serial No. JD1233214510 = $100.00 e-money; Serial No. JD3211238920 = $1000.00 e-money.

[00129] In this embodiment, no dénomination other than the above-referenced is available. In order to represent e-money that has an amount differing from available dénominations, a combination of e-money dénominations is used. For example, a $150.00 e-money cash deposit can be represented by a combination ofthe following dénominations: $100.00 and $50.00.

[00130] In an alternate embodiment, no dénominations are issued. Rather, serial numbers are generated for block transactions. For example, cash deposits from five mobile subscribers can be assigned a particular serial number generated by generator 952. Further yet, a serial number (validator) can be generated for the entire amount deposited by sender 904.

[00131] Electronic money validators can also contain a unique digital watermark also generated by generator 952 of authentication system. This digital watermark comprises a sériés of data bits embedded into the electronic money data. In such a case, the electronic money is preferably an image viewable by the récipient or authorized parties to the transaction. The digital watermark is insert-able in the electronic money image and can viewed by the receiver to validate the electronic money. Electronic time stamp information might also be included as part of each electronic money validator.

[00132] Now referring to FIG. 9, sender 904 now wishes to remit money ($100) via a mobile device to receiver 902. As shown on the sequence diagram, sender 904 begins by using the mobile device to transmit a send money to receiver message to MNO platform 904.

[00133] Upon receipt of said message, in one embodiment, MNO platform 904 validâtes sender 904's credentials and checks sender 904's e-money balance to détermine whether the sender's account carries a sufficient balance. In other words, MNO platform 904 examines the e-money and the attached serial number and dénomination of the e-money to détermine sufficiency for transfer. If ali of the required information checks out, MNO platform 904 then crédits or transfers the appropriate e-money amount to receiver 902's account.

[00134] The e-money, the attached serial number, watermark and/or timestamp previously associated with sender 904 now become associated with receiver 902's account. Thereupon, MNO platform 904 can now respond to sender 904 by sending an acknowledgement and a money sent to receiver message as shown at B.

[00135] Contemporaneousiy with the message sent to sender 904, MNO platform 904 also sends a money received message to receiver 902. Receiver 902 is now aware that his or her electronic money account has been credited with the funds received from sender 904. Receiver 202 also receives the appropriate access code and information to withdraw or send or transmit the received money as deemed appropriate.

[00136] After the money received message has been sent to receiver 902, receiver 902 in this case now wishes to withdraw the money in its entirety. Therefore, receiver 902 sends a withdraw money from MNO agent message to MNO platform 904 at D. Note that in this case, receiver 902 has specified a particular MNO agent, namely receiver agent 932, from which the money is to be withdrawn.

[00137] Upon receipt of the withdraw message from receiver 902, MNO platform 904 validâtes receiver 902's credentials and ensures that the e-money is available after which MNO platform 904 sends an allow withdrawal by receiver message to MNO agent 932 as shown at E.

[00138] Thereafter, receiver 902 proceeds to MNO agent 932, withdraws the money from MNO agent 932. MNO agent 932 might coordinate with MNO platform 904 to physically withdraw cash from bank 230 in which the original deposit from sender 904 was made.

[00139] Referring now to FIG. 9, after receiver 902 has withdrawn the money, MNO agent 932 sends a money withdrawn message to MNO platform 904 as shown at F. In one embodiment, MNO platform 904 also informs authentication system 922 that the electronic money has exited the system as shown at G. This information is an indication to authentication system 922 to retire the associated electronic money validator. In an alternate embodiment, additional information in form of a report might be communicated to authentication system 922. In this manner, statistical information on the movement of electronic money can be gathered as économie data, for example.

[00140] Here, note that the electronic money validator is not only taken out of circulation when the money is withdrawn by an authorized représentative (receiver 902) of sender 104, the electronic money validator may be retired when a cash deposit is returned to the customer in paper currency form or via a bank account or when the cash deposit is used to purchase a product or service.

[00141] Referring now to FIG. 9, once authentication system 922 receives the exit message, it promptly retires the serial number JD1233214510 and the corresponding dénomination $100 from circulation. Note that in one embodiment, each individual transaction is separately reported to authentication system 922. Data reporter of authentication system 922 can then generate a retirement report for forwarding to central bank. In this manner, authentication system 922 can oversee the création and flow of mobile money in many of its forms. Among other advantages, the system of the présent invention eases central bank's discomfort of emerging mobile trends and formalizes the rôle of the central bank. Consumers, merchants and regulators can utilize the présent invention, thus providing essentia! trust in electronic/mobile money.

[00142] Authentication system 922 also gathers data and statistics that give transparency to mobile money. A system can instill confidence and trust for ali parties so that private and corporate entities can issue pseudo money without increased cost and maintain their abiiity to serve the both banked and unbanked population wherein low transaction costs are necessary. The system can be employed as a governing mechanism for electronic money. Prior art

Systems for governance of electronic money are non-existent. As such, the présent invention can assist with the inévitable transition from physical paper banknotes to electronic money.

[00143] Note that in the présent invention, the electronic money validators can certify money without reference to third-party Systems for validation. The présent invention can function based on trust not unlike physical banknotes that are issued by a central bank. As such, in FIG. 9, assuming that electronic money and the attached electronic money validator are stored on sender 904's mobile device, sender 904 can directly send the electronic money and validator via MNO 904 to receiver 902.

[00144] In that case, receiver 902 receives the money and simply checks (by opening, viewing or otherwise) the electronic money validator to ensure it is issued by authentication system 922. Receiver 902 might be familiar with electronic notes issued by authentication system 922 and upon simply checking by accessing, viewing or otherwise, can détermine that the electronic money validator was issued by authentication system 922.

[00145] Similarly, if the electronic money and attached electronic money validator résides on MNO 904, sender 904 can direct MNO 904 to send the money to receiver 902. MNO 904 simply retrieves the electronic money and validator from attached subscriber database 120 for forwarding to receiver 902.

[00146] Such hardware might be a general purpose computer including one or more processors and said software might comprise logic encoded in one or more tangible media for execution by the one or more processors and when executed opérable to implement the présent invention. Although not illustrated, other applications or components or configurations consistent with the spirit and scope of the présent invention can be utilized.

[00147] Examples Using Different MNO Platforms [00148] FIG. 10 illustrâtes electronic currency system 1000 according to another exemplary embodiment of the présent invention.

[00149] In FIG. 10, specifically, user 1002 can utilize system 1000 to remit money to receiver 1050 over two disparate mobile network operator Systems. Electronic currency system 1000 includes two separate and distinct mobile network operators namely: MNO A 1014 and MNO B 1015 within the same geographical or currency région. Further, central bank authentication system is part of and directly administered by an appropriate central bank or other governing party for the région.

[00150] Electronic currency system 1000 also includes subscriber database 320 attached to MNO A 1014, subscriber database 1021 associated with MNO B 1015, MNO B agent 1032 associated with MNO B 1015, gateway 1006 and bank 1030 from which deposit monies can be withdrawn.

[00151] In FIG. 10, sender 1002 has made a cash deposit (for example, $100) and has been provided corresponding value electronic money as described with reference to FIG. 1. Sender 1002's electronic money information is stored in subscriber database 1020 of MNO A 314. Sender 1002 now wishes to transmit electronic money from MNO A 1014to receiver 1050.

[00152] Here, the mobile subscriber for MNO B 1015 is receiver 1050 while that of MNO A 1014 is sender 1002. That is, sender 1002 is not a mobile subscriber of MNO B 1015 and receiver 1050 is not a subscriber of MNO A 1014. As such, any send and receive request between sender 1002 and receiver 1050 must navigate through disparate mobile network operators.

[00153] In FIG. 10, to initiate the remittance transfer from sender 1002 to receiver 1050, sender 1002 uses a registered mobile handset to transmit a send money message to receiver 1050. Specifically, sender 1002 transmits to MNO A 1014 a message to send money to receiver 1050. MNO A 1014 receives and validâtes the request and then checks sender 1002's e-money account for sufficiency of funds and upon proper validation transmits a send money request to MNO B 1015.

[00154] Along with the send money request, MNO A 1014 also sends the e-money, attached serial number, watermark and/or a timestamp. MNO B 1015 receives the request, the e-money and the attached serial number and détermines the validity ofthe request. Although the request is received from a separate and distinct MNO, MNO B 1015 can vaiidate the request based on the serial number attached to the money and certified by central bank authentication system 1022.

[00155] Consequently, upon receiving the request, MNO B 1015 crédits the electronic money account of receiver 1050 and subsequently sends a you've got money message to receiver 1050. Receiver 1050 receives the message and sends a request for withdrawal to MNO B 1015 with this withdrawal message indicating that receiver 1050 wishes to withdraw money from MNO B agent 1032.

[00156] Second MNO 1015 validâtes the request and sends a confirmation to MNO B agent 1032. Receiver 1050 can then withdraw the money from MNO B agent 1032. MNO B agent 1032, in collaboration with MNO B 1015 withdraws the physical cash from bank 1030. Although not shown, a bank associated with MNO A 1014 receives the cash deposited by sender 1002. That cash is then subsequently transferred to bank 1030 that is associated with MNO B 1015.

[00157] After receiver 1050 receïves the money, MNO B agent 1032 transmits a money received message to MNO B 1015. In turn, MNO B 1015 transmits a retirement report to central bank authentication system 1022 indicating that the money has been withdrawn by receiver 1050 and that the electronic money has exited the network.

[00158] Central bank authentication system 1022 then updates its records and retires the serial number corresponding to the electronic money that was withdrawn. Money deposited at a first mobile network operator can be retrieved or withdrawn at a second disparate mobile network operator. Money deposited at the second disparate mobile network operator can be withdrawn at the first mobile network operator.

[00159] International Movement of Items [00160] FIG. 11 illustrâtes international electronic currency system 600 according to an exemplary embodiment ofthe présent invention.

[00161] Specifîcally, in FIG. 11, electronic money transfer between users in two different countries is shown. Thus, mobile subscriber (sender) 1102 of Country A can utilize international electronic currency system 1100 to remit funds to user 1150 of Country B.

[00162] In Country A, international electronic currency system 1100 includes authentication system 1122, gateway 1106, MNO A 1114 and subscriber database 1120 ail which are communicably coupled via communication network 1110. Authentication system 1122 is preferably administered by a governing central bank of Country A.

[00163] Here, sender 1102 has previously deposited cash with MN O A 1114 and corresponding electronic money value has been generated and saved in database 1120. Authentication System 1122 then generates electronic money validators attached to and stored with the electronic money value.

[00164] In Country B, international electronic currency system 1100 comprises mobile subscriber (receiver) 1150 communicably coupled to MNO B 1115 and its associated database 1121 via gateway 1107 and communication network 1110. Authentication system 1123 is also attached to communication network 1110. Authentication system 1123 (and 1122) is preferably administered by a governing body or central bank in Country B.

[00165] In FIG. 11, bank 1170 facilitâtes money transfers between Country A and Country B. International electronic currency system 1100 also includes an international authentication system 1125 that is an overlay between Country A and Country B. Specifîcally, international authentication system 1125 is communicably coupled to authentication system 1122 of Country A and to authentication system 1123 of Country B. Although not shown, a foreign exchange component is provided for changing a first currency into a second currency based on prevailing foreign exchange market rates.

[00166] Transfers originated in Country A and intended for Country B are coordinated via international authentication system 1125. Similarly, transfers originated in Country B are also coordinated via international authentication system 1125.

[00167] As an example, sender 1102 might request money remittance or transfer to receiver 1150 in Country B. MNO A 1114 of Country A receives a request from sender 1102, détermines that the récipient, receiver 1150, is located in Country B and subsequently transfers the electronic money and corresponding access information to MNO B 1115 of Country B.

[00168] Contemporaneously, MNO A 1114 also indicates to authentication system 1122 that electronic money has been transferred out of the country. Authentication system 1122 in turn retires the serial number but passes the information to international authentication system 1125.

[00169] International authentication system 1125 generates an international serial number corresponding to the electronic money and forwards that international serial number to authentication system 1123 of Country B while second MNO B 1115 receives the electronic money from MNO A 1114. MNO B 1115 then reports to authentication system 1123 that electronic money has been received.

[00170] Authentication system 1123 corresponds the electronic money report to that of the international serial number issued by international authentication system 125. At that point, the international serial number is retired while the domestic serial number generated by authentication system 1123 is forwarded to MNO B 1115 for attachment to the electronic money and for storage in subscriber database 1121. In this manner, each participating Country A and Country B can track the flow of electronic money into and out of its monetary system.

[00171] In this manner, the présent invention can formalize a central bank's rôle for issuing electronic money and for tracking and controlling electronic money issuance. The electronic money and attached validator promotes interoperability as the electronic money and validator are immediately identifiable and can be honored outside the electronic money issuer's network. Among other advantages, the présent invention is seamless and can increase consumer protection and increases visibility of electronic money as the Central bank can monitor ail both deposits into and withdrawals from the electronic money network.

[00172] Thus, when electronic currency is transferred from one country to another country, the receiving and sending electronic currency issuance Systems can request the electronic currency management system to verify the identity and validity of the counter party. The electronic currency management system can then verify the îicense keys of the invoived electronic currency issuance Systems to confirm their authenticity and their active status. The receiving electronic currency issuance system may further request the electronic currency management system to authenticate the transaction seal associated with the electronic currency value to be transferred. The electronic currency management system will verify with the central bank system authenticating the sending electronic currency issuance system about the authenticity of the seal attached to the electronic currency to be transferred. In addition, when electronic currency is transferred from one country to another country, the receiving and sending electronic currency issuance Systems are typically required to report to the electronic currency management system the electronic currency amount which is successfully transferred. The reporting information may include, for example, transaction serial number, transaction type (i.e. international money transfer), sending and receiving electronic currency issuance system identity, sent electronic currency, amount and seal, received electronic currency, amount and seal, transaction date, transaction status (i.e. successful, failed), and the like.

[00173] If a successful international currency transfer is later cancelled (i.e. reversed), for example, upon the request and acceptance of the sender and receiver, then the involved electronic currency issuance Systems should inform the electronic currency management system of such reverse transaction. The electronic currency management system can record such reverse transaction with the following information items, for example, transaction serial number of the reversai transaction), transaction type (i.e. reversai of international money transfer), original transaction serial number, transaction date of the reversai transaction, transaction status (e.g. successful, failed), and the like.

[00174] The electronic currency management system should also provide the function for reconciling the international money transfer information with the records in the Systems of the central bank Systems and electronic currency issuance Systems. It should hâve the function to produce various reports and statistics on international money transfer. It should hâve the function to identify unusual patterns and suspicious international money transfer activities. The electronic currency management system should be able to maintain ail transaction records and provide the reports and analyses on transactions as needed, for example, for a period of time. [00175] Calculate, Bill And Collect Fees [00176] Central banks and electronic currency issuance Systems may hâve to pay the electronic currency management system license and transaction fees. The electronic currency management system should be able to define and calculate license fees based on combination of the following parameters, for example: number of electronic currency users allowed in the electronic currency management system, number of countries, population in the countries, number of years of validity of the license, and the like. The electronic currency management system can also define and calculate transaction fees based on combination of the following parameters, for example: revenue earned by the licensee, number of different types of electronic currency transactions, value of different types of electronic currency transactions, and the like. The electronic currency management system can also calculate and bill licensees on a pre-defined frequency, and can track the bill payment status.

[00177] The digital item authentication management system should also be allowed to see the status of every central authorization Systems and digital item issuance Systems associated with the electronic currency management system and its licenses and services. The status information includes, for example, active and inactive status of the central authorization Systems and digital item issuance Systems, system alarms, time and turnover limit utilization, system capacity utilization, and the like.

[00178] The digital item authentication management system can also provide the function to define the conditions for renewing and revoking license keys. The condition can be defined differently for the licensees. The conditions can include the following factors, for example: outstanding bill amount, days of outstanding bill, expiration date of the license keys, and the like.

[00179] The digital item authentication management system can also automatically renew the license key and transmit it to the concemed central authorization Systems and digital item issuance Systems if certain conditions are met. A notification and record of renewal will be generated prior to and after the renewal. The digital item authentication management system can further generate a warning of potential failure of license renewal if certain conditions are met (e.g. the expiration date is less than 30 days, but outstanding bills exceed 30 days). The digital item authentication management system should continue to generate warnings at regular intervals, for example, daily. The warnings can be sent to authorized parties associated with the central authorization Systems and digital item issuance Systems. The digital item authentication management system can also generate warnings for révocation of licensee keys. The révocation typically takes place upon the command of the appropriate person in the digital item authentication management system.

[00180] The digital item authentication management system also preferably maintains a library of system standards, operation procedure standards and best practice. The central authorization Systems and digital item issuance Systems can be given access to this library. In addition, the digital item authentication management system should preferably maintain encrypted back up copies of the data of the central authorization Systems and digital issuance

Systems. It can also provide minimum functions to the digital item issuance Systems, when the central bank Systems are out of service, for example. Furthermore, the digital item authentication management system should provide application program interfaces (API) and user interfaces to global financial and regulatory entities, preferably, in the form of a dashboard that provides a graphical user interface relevant to the actions of the user or other entity. The API and user interfaces should be constructed using common standards to provide information required and allowed by international laws and régulations.

[00181] The central authorization system will be responsible for activating, operating and managing the digital item authentication management system. The digital item authentication management system should provide a function for the central authorization system to register with the digital item authentication management system. Upon the receipt ofthe license key, the central authorization system will become operational. As part of the activation process, the central authorization system may require the appropriate person to parameterize the algorithm for generating the digital item transaction seal. This algorithm will be used by the digital item issuance system to generate the transaction seal, which is attached to the digital item transaction. The digital item authentication management system can then provide configuration user interfaces and customization tool kits to allow the central authorization system to configure and localize the digital item authentication management system according to spécifie needs, such as the needs of a spécifie country or ecosystem.

[00182] The central authorization system can also register digital item issuance Systems. Each digital item issuance system will be given a unique identifier and a key. The identifier and key can be used to authenticate the digital item issuance system in future transactions. The identifier and key can be distributed to the digital item issuance system in a secure manner. The central authorization Systems can provide application program interfaces and user interface to the central authorization Systems to enable fast implémentation, fast and reliable transaction and easy system maintenance.

[00183] The central authorization system may also receive the transaction and seal generated by the digital item issuance system in real time. These transaction and seal could be stored in a perpétuai database for future referral and for generating pertinent reports. The transaction and seal are preferably tested for their validity as they are received. The test should confirm the validity based on the following factors, for example, digital item issuance system identity, digital item issuance system license active status, security status of the digital item issuance system (e.g. no tampering alarm), time of seal génération, location of seal génération, currency, transaction value, uniqueness of seal (i.e. no duplication), and the like. Alerts can be sent to the central authorization system and digital item issuance system if the transaction and seal are invalid.

[00184] The central authorization system and digital item issuance system may also request vérification of past transactions and seals. The request can be done via an application program interface or user interface. The requestor of vérification can send information to the digital item authentication management system, including, for example, digital item issuance system identifier, transaction serial number, currency, amount, seal mark, and the like. The digital item authentication management system can then compare the provided information with the transaction and seal stored in its database, and provide a positive confirmation if the provided information matches any of the records.

[00185] The digital item authentication management system should also allow the central authorization system to see the status of its own system and ali digital item issuance Systems under the central authorization system’s purview. The status information can include, for example, active and inactive status of the central authorization Systems and digital item issuance Systems, system alarms, time and turnover limit utilization, system capacity utilization, and the like.

[00186] The digital item authentication management system can also generate reports to provide sufficient transparency on the dynamics of the digital item authentication management system, such as transaction volume, transaction value and transaction velocity for different types of transactions handled by each digital item issuance system. The digital item authentication management system may include report configuration tools for central authorization Systems to design and produce spécifie reports in addition to standard reports available in the digital item authentication management system.

[00187] For example, an exemplary report may be used as a dashboard or other user interface in the scénario where the digital items are units of electronic currency. The digital item authentication management system can also generate reports to provide sufficient transparency on the dynamics of the electronic currency management system, such as transaction volume, transaction value and transaction velocity for different types of transactions handled by each electronic currency issuance system. Reports may include, for example, system wide data and issued transaction data. System wide data can include information regarding how much electronic currency has been consumed, how much cash has been received, how much electronic currency has been transferred, how much cash has been sent out, and the like. The report can also include the velocity of the transactions on a system wide basis.

[00188] Issued transaction data can also include information regarding how much electronic currency has been consumed, how much cash has been received, how much electronic currency has been transferred, how much cash has been sent out, and the like. The report can also include the velocity of the issued transactions. Issued transaction data can further include information regarding the identity of the electronic currency issuance system, the identity of the associated electronic currency authorization plates, the status ofthe system, the location ofthe electronic currency authorization plates, the status of the docks on the electronic currency authorization plates, a tamper indicator, and the like.

[00189] The digital item authentication management Systems may also hâve visibility to patterns of digital within each country or ecosystem. This will give it the ability to detect trends and abnormal patterns of the digital item pool. As a resuit, the digital item authentication management system can identity anomalies or other indicators of fraud or illégal activity in the system.

[00190] In addition, the central authorization system can deregister digital item issuance Systems at the end of their contracts with digital issuance Systems. Digital item issuance Systems may also be terminated by instruction of the central authorization system or other authority. The central authorization system can then update the status of the deregistered digital item issuance Systems, bar them from accessing the digital item authentication management Systems and deactivate the digital item issuance system.

[00191] Furthermore, when an electronic currency issuance system generates an electronic currency transaction, such as a cash-in or transfer, the electronic currency management system generates a seal. The seal is a combination of serial number and / or watermark. The seal is preferably un-alterable, globally unique, and only true for this spécifie transaction. The electronic currency issuance Systems can then associate the transaction with the seal. This transaction and seal are then transmitted to the central bank system for storing and testing. The information sent to the central bank system should contain the following items, for example, electronic currency issuance system identifier, the electronic currency management system identifier of the electronic currency issuance system, currency (e.g. EUR, JPY), amount, seal mark, seal création time stamp and the like.

[00192] An electronic currency issuance system may also send a request to the central bank system to verify a transaction and seal. This normal happens when a first electronic currency issuance system receives a transaction and seal from a second electronic currency issuance system, and the first electronic currency issuance System wishes to verify the validity of the transaction and seal. The central bank system can then provide a response upon the request.

[00193] The digital item authentication management system should also allow the digital item issuance system to see the seals generated by the digital item authentication management system for the digital item issuance system’s transactions. For example, an exemplary report related to electronic currency may be displayed on a dashboard or other user interface. The report can include filters, such as the identity of the electronic currency issuance system, the identity of the electronic currency authorization plate, the transaction type, the current status, and the like, and a variety of data représentations, as needed. Additionally, the electronic currency issuance system should be able to see status information including, for example, active and inactive status of the electronic currency management system in the electronic currency issuance system, system alarms, time and turnover limit utilization, system capacity utilization, and the like. Furthermore, the electronic currency management system should allow the electronic currency issuance system to enquire the current and previous invoice and payment status, as needed.

[00194] In addition, the technology described herein may be implemented with software, for example modules executed on computing devices such as computing device 1210 of FIG. 12. Embodiments ofthe disclosed technology may, for example, execute modules to implement the Systems and methods disclosed herein. Of course, a single step may be performed by more than one module, a single module may perform more than one step, or any other logical division of various steps disclosed herein may be used to implement the processes as software executed on a computing device.

[00195] Of course, FIG. 12 illustrâtes computing device 1200 with a central processing unit (CPU) 1210, user interface 1214, display device 1218, and input device 1216. CPU 1210, display device 1218, and input device 1216 may be separate devices (e.g., a personal computer connected by wires to a monitor and mouse), may be integrated in a single device (e.g., a mobile device with a display including touch-enabled input like a smart phone or a tablet computer), or any combination of devices (e.g., a computing device operatively coupled to a touch-screen display device, a plurality of computing devices attached to a single display device and input device, etc.). Such a mobile computing device would also include a network interface 1220 which may include or communicate with a wireless antenna for communicating with a cellular tower and back end system, and/or a shorter range system such as a WiFi or Near Field Communication system. Any wireless transmission devices could be used to communicate data through carrier signais and to a network such as the Internet.

[00196] Computing device 1210 may hâve one or more processing devices 1211 designed to process instructions, for example computer readable instructions (i.e., code) stored on a data storage 1258. Data storage 1258 may be any type of storage device (e.g., an optical storage device, a magnetic storage device, a solid state storage device, etc.), for example a nontransitory storage device. Alternatively, instructions may be stored in remote storage devices, for example storage devices accessed over a network or the internet. Computing device 1200 additionally has a bus 1212 operatively coupling components of computing device 1200, including processor 1210, memory 1222,user interface 1214, data storage device 1258, input controller 1216, network interface 1220 and any other devices (e.g., network controllers, sound controllers, etc.). User interface 1214 may be operatively coupled (e.g., via a wired or wireless connection) to a display device 1218 (e.g., a monitor, télévision, mobile device screen, touchdisplay, etc.) in such a fashion that user interface 1214 can transform the display on display device 1218 (e.g., in response to modules executed). Input device 1216 may include an input device (e.g. touch-screen, touch-pad, keyboard, scroll-ball, voice activation, etc.) in such a fashion that input can be received from a user.

[00197] Memory 1222 may include an operating system 1232, network communication module 1234, instructions 1236 and applications 1238. Example applications here may include cryptography applications 1240 and transfer application 1242 as examples.

[00198] Data storage 1258 could include any of various data tables 1260, transaction logs 1262 and user data 1264 as well as encryption data 1270.

[00199] FIG. 13 shows an example public key encryption diagram as utilized by the Systems and methods according to certain embodiments. In this example, a sender 1302 wishes to send plain text message 1304 or any other kind of data to a receiver 1306. In this example the receiver 1306 sends the sender 1302 a public key 1308. The receiver 1306 keeps a private key 1310.

[00200] The sender 1302 uses the public key 1308 to encrypt 1312 the plain text or unencrypted data 1304.

[00201] Thus, the plain text or data 1304 is now coded 1314 by the public key 1308. When the receiver 1306 receives the coded message or data 1314, the receiver 1306 uses the private key 1310 to decrypt 1316 the coded data 1314. This renders the coded data 1314 as unencrypted plain text or plain data 1318 which the receiver 1306 may utilize.

[00202] If the coded data 1314 is captured or intercepted by a receiver who does not hâve access to the private key 1310 the data is useless as it is encrypted. And the public key 1308 can get lost or intercepted without compromising the private key 1310 and poses no harm to the receiver 1306.

[00203] The example of text in FIG. 13 is merely exemplary and any kind of data could be used. The examples here which include the electronic money, validators, etc. could be encrypted using this public key method, or any other of various methods to encrypt and decrypt data, validators, electronic money, etc.

[00204] CONCLUSION [00205] The foregoing description, for purpose of explanation, has been described with reference to spécifie embodiments. However, the illustrative discussions above are not intended to be exhaustive .or to limit the invention to the précisé forms disclosed. Many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described in order to best explain the principles of the invention and its practical applications, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated.

[00206] The computer may be a personal computer or other type of work station or terminal device. The structure, programming and general operation of such computer equipment and as a resuit the drawings is generally well known. The hardware éléments, operating Systems and programming languages of such equipment are conventional in nature.

[00207] The software is stored in a machine readable medium that may take many forms, including but not limited to, a tangible storage medium, a carrier wave medium or physical transmission medium. Non-volatile storage media include, for exampie, optical or magnetic disks, such as any ofthe storage devices in any computer(s) or the like. Volatile storage media include dynamic memory, such as main memory of such a computer platform. Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system. Carrier-wave transmission media can take the form of electric or electromagnetic signais, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications.

[00208] Common forms of computer-readable media therefore include for example: disks (e.g., hard, floppy, flexible) or any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, any other physical storage medium, a RAM, a PROM, a EPROM, a FLASH-EPROM, any other memory chip, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer can read programming code and/or data. Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution.

[00209] Accordingly, the spécification and figures associated with these embodiments are to be regarded in an illustrative rather than a restrictive sense, and ail modifications are intended to be included within the scope of the claims described below. The benefits, advantages, solutions to problems, and any element(s) that may cause any benefit, advantage, or solution to 5 occur or become more pronounced are not to be construed as a critical, required, or essential features or éléments of any or ail the claims. The invention is defined solely by the appended claims including any amendments made during the pendency of this application and ail équivalents of those claims as issued.

Claims (20)

1. A networked authentication system, comprising:

a mobile network operator (MNO) agent in communication with an authentication system, a data storage, and a wireless handset via a network, the MNO agent configured to, receive a request for validated data dénominations from the wireless handset via the network;

generate encrypted data dénomination corresponding to the requested dénomination;

retrieve, from the data storage, numbers of encryption validator strings corresponding to the requested data dénomination, wherein the encryption validators are received from the authentication system prior to receiving the request; and append the corresponding number of encryption validator strings to the requested data dénominations.

2. The system of claim 1 wherein the encryption validator strings are alpha numeric strings.

3. The system of claim 1 wherein the data dénominations include encrypted digital watermarks.

4. The system of claim 1 wherein the validator strings are from a block of pre-ordered encryption validators from the authentication system, received from the authentication system prior to receiving the request.

5. The system of claim 1 wherein the authentication system is further configured to, send the appended validator strings and data dénominations to the requesting wireless handset for storage.

6. The system of claim 1, further comprising an exchange authentication system and a second authentication system, in communication with the authentication system via the network, the authentication system further configured to, send the appended encryption validator string and data dénomination to the exchange authentication system via the network;

retire the encryption validator string when it is sent to the exchange authentication system;

the exchange authentication system configured to, receive the appended encryption validator string and data corresponding to the dénomination from the authentication system via the network;

remove the encryption validator string from the data dénomination;

generate an exchange validator string for the dénomination;

append the exchange validator string to the data dénomination;

send the appended exchange validator string and data dénomination to the second authentication system via the network;

retire the exchange encryption validator string when it is sent to the second authentication system;

the second authentication system configured to, receive the appended exchange encryption validator string and data dénomination from the exchange authentication system via the network;

remove the exchange encryption validator string from the data dénomination;

generate a second encryption validator string for the dénomination; append the second encryption validator string to the data dénomination; send the appended second encryption validator string and data dénomination to a second wireless handset for storage via the network.

7. The system of claim 6 wherein the exchange authentication system changes the data dénomination according to a rate of exchange between the first authentication system and the second authentication system.

8. A networked authentication system, comprising:

a first authentication system, an exchange authentication system and a second authentication system, ail in communication via a network;

the first authentication system configured to, receive a request from a first wireless handset for a dénomination, via the network;

generate encrypted data dénomination corresponding to the requested dénomination;

generate a first validator string for the dénomination;

append the first validator string to the encrypted data dénomination;

send the appended first validator string and encrypted data dénomination to the exchange authentication system via the network;

retire the first validator string when it is sent to the exchange authentication system;

the exchange authentication system confîgured to, receive the appended first validator string and encrypted data corresponding to the dénomination from the first authentication system via the network;

remove the first validator string from the encrypted data dénomination; generate an exchange validator string for the dénomination;

append the exchange validator string to the encrypted data dénomination;

send the appended exchange validator string and data dénomination to the second authentication system via the network;

retire the exchange validator string when it is sent to the second authentication system;

the second authentication system confîgured to, receive the appended exchange validator string and encrypted data dénomination from the exchange authentication system via the network;

remove the exchange validator string from the encrypted data dénomination;

generate a second validator string for the dénomination;

append the second validator string to the encrypted data dénomination; send the appended second validator string and encrypted data dénomination to a second wireless handset for storage via the network.

9. The system of ciaim 8 wherein the validator strings are alpha numeric strings.

10. The system of claim 8 wherein the data dénominations include digital watermarks.

11. The system of claim 8 wherein the validator strings are from a block of pre-ordered validators from the authentication system, received from the authentication system prior to receiving the request.

12. The system of claim 8 wherein the authentication system is further configured to, send the appended validator strings and data dénominations to the requesting wireless handset for storage.

13. A method of networked authentication, comprising:

via a mobile network operator (MNO) agent in communication with an authentication system, a data storage, and a wireless handset via a network, via the MNO agent, receiving a request for encrypted validated data dénominations from the wireless handset via the network;

generating encrypted data dénomination corresponding to the requested dénomination;

retrieving, from the data storage, numbers of encrypted validator strings corresponding to the requested encrypted data dénomination, wherein the encrypted validators are received from the authentication system; and appending the corresponding number of encrypted validator strings to the requested encrypted data dénominations.

14. The method of claim 13 wherein the encrypted validator strings are alpha numeric strings.

15. The method of claim 13 wherein the encrypted data dénominations include digital watermarks.

16. The method of claim 13 wherein the encrypted validator strings are received as a block of pre-ordered validators from the authentication system, received from the authentication system prior to receiving the request.

17. The method of claim 13 further comprising, via the MNO agent, sending the appended encrypted validator strings and data dénominations to the requesting wireless handset for storage.

18. The method of claim 13, further comprising via an exchange authentication system and a second authentication system, in communication with the authentication system via the network, further via the authentication system, sending the appended first encrypted validator string and data dénomination to the exchange authentication system via the network;

retiring the first encrypted validator string when it is sent to the exchange authentication system;

via the exchange authentication System, receiving the appended v encrypted validator string and data corresponding to the dénomination from the authentication system via the network;

removing the encrypted validator string from the data dénomination; generating an exchange validator string for the dénomination;

appending the exchange validator string to the encrypted data dénomination;

sending the appended exchange validator string and encrypted data dénomination to the second authentication System via the network;

retiring the exchange validator string when it is sent to the second authentication system;

via the second authentication System, receiving the appended exchange validator string and encrypted data dénomination from the exchange authentication system via the network;

removing the exchange validator string from the encrypted data dénomination;

generating a second validator string for the dénomination;

appending the second validator string to the encrypted data dénomination;

sending the appended second validator string and encrypted data dénomination to a second wireless handset for storage via the network.

19. The method of claim 18 wherein the exchange authentication system changes the data dénomination according to a rate of exchange between the first authentication system and the second authentication system.

20. The method of claim 13 wherein the validator strings are received from the authentication system after receiving the request for validated encrypted data dénominations.