WO1995025391A1 - Method and apparatus for utilizing a token for resource access - Google Patents
Method and apparatus for utilizing a token for resource access Download PDFInfo
- Publication number
- WO1995025391A1 WO1995025391A1 PCT/US1995/003181 US9503181W WO9525391A1 WO 1995025391 A1 WO1995025391 A1 WO 1995025391A1 US 9503181 W US9503181 W US 9503181W WO 9525391 A1 WO9525391 A1 WO 9525391A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- code
- token
- time
- proceεεor
- nonpredictable
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4093—Monitoring of device authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/215—Individual registration on entry or exit involving the use of a pass the system having a variable access-code, e.g. varied as a function of time
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0873—Details of the card reader
- G07F7/088—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself
- G07F7/0886—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself the card reader being portable for interacting with a POS or ECR in realizing a payment transaction
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/88—Medical equipments
Definitions
- This invention relates to techniques for controlling access to electronic information or other resources and more particularly to a method and apparatus for securely controlling access to such resources by use of a relatively simple token in conjunction with a remote and/or portable processo .
- information resources such as databases
- resources containing sensitive information to which authorized individuals require access but to which there may be legal, moral, privacy, business or other reasons for denying access to unauthorized individuals.
- examples of such resources or databases include medical records at a hospital or other medical facility where selected personnel, such as doctors or nurses working with a particular patient, may require access to such records without undue delay while at the same time such records are not made available to other hospital personnel not having a need to know or to nonho ⁇ pital personnel.
- companies may have engineering, business, accounting, or other company records in a data processing system, with authorized individuals requiring easy access to only selected portions of the database and with access otherwise being denied.
- a resource may also be a building, room, file cabinet, safe, container or other area or item to which it is desired that access be limited only to authorized individuals.
- the term "resource” as used hereinafter will generally be considered to include both information resources and these other types of resources .
- control of access to such resources has been primarily achieved by use of a personal identification code (PIN) or password known only to the user which the user keys or dials into the system before making an access request.
- PIN personal identification code
- password known only to the user which the user keys or dials into the system before making an access request.
- an unauthorized individual may surreptitiously learn an authorized party's PIN by for example monitoring a data line over which such PIN is being transmitted or surreptitiously observing the PIN being inputted.
- the fact that the PIN has been compromised may not be learned for some time during which large quantities of data or other resources may be improperly obtained and/or used.
- an individual once an individual has access to the system, he may make changes in the database or other resources which may cause additional serious problems to the organization.
- Password systems use only one of the three possible factors which are available to provide a secure system, namely, something the user knows.
- the other two factors are something an authorized individual has, for example a token, and something the individual is, for example a biocharacteristic.
- More secure resource access systems involve at least two of the factors, normally something the individual knows and something the individual has in his po ⁇ ses ⁇ ion.
- tokens containing a secret (i.e. nonobservable) static code value are also subject to surreptitious detection by for example the monitoring of a line over which such value is being transmitted. This problem is being exacerbated by the more extensive use of local and wide area networks and by the use of radiowaves to transmit data.
- the token could be "borrowed", read by a suitable device to obtain the secret user code and then returned before the owner realizes it is missing. In either event, the token containing the code could be recreated and used for some period of time to gain access to sensitive information within a database or to other information resources without detection. Therefore, improved "smart" tokens, such as those disclosed in U.S. Patent No ⁇ . 4,720,860 and 5,023,908 and various related patents have varied the values stored in the token, or at least the value outputted from the token, in accordance with some algorithm which causes the values to vary in a nonpredictable way with time ⁇ o as to provide unique one-time codes.
- Smart cards which for purpose ⁇ of this application as defined as a card having data processing capability
- Smart cards are usually somewhat larger and heavier than a standard credit card and are significantly more expensive. Since these devices are typically battery-operated, they also have a finite life, typically about three year ⁇ , and need to be replaced at the end of ⁇ uch time, further increa ⁇ ing the co ⁇ t of their use. For systems having large numbers of authorized u ⁇ er ⁇ , thi ⁇ expen ⁇ e can become ⁇ ubstantial and, in conjunction with some resistance to the bulk of such cards, has limited the applications of such systems .
- a "dumb token” is utilized which preferably only stores selected information which may be utilized to identify or verify the identity of a user, and/or provide data for an encryption key and/or for file compression, such information being stored in machine readable form.
- the token is de ⁇ igned for u ⁇ e with a standard remote and/or portable processor such a ⁇ (i) a lap-top computer, notebook computer, palm-top (i.e.
- token processor usually also provides an interface to a host processor, network, file server, other remote resource or the like (hereinafter “host proces ⁇ or").
- the token proce ⁇ or is utilized to generate a one-time, nonpredictable code from inputs received both from the token and from the user through a token proce ⁇ r input device and to automatically utilize directly and/or tran ⁇ mit such code or a representation of such code to the host proces ⁇ or where it may be utilized for ⁇ uch function ⁇ as identifying the individual, verifying acce ⁇ to the resource or inferring an encryption key as taught in U.S. Patent No. 5,237,614.
- the ba ⁇ ic ⁇ y ⁇ tem may be utilized in a number of way ⁇ .
- the token may al ⁇ o contain a public ID for the u ⁇ er which i ⁇ initially read and tran ⁇ mitted to the ho ⁇ t, which then generate ⁇ a query appropriate for such user.
- the query is transmitted to the token processor which then u ⁇ es the query in conjunction with a ⁇ ecret user code read from the token, and preferably a PIN or other coded input from the u ⁇ er, to produce a nonpredictable one-time coded re ⁇ pon ⁇ e which i ⁇ tran ⁇ mitted to the host.
- time-varying value or “one-time code”
- time-varying value or “one-time code”
- the portable proce ⁇ sor utilizes a clock as a time-varying value element.
- the time-varying value element changes its value each time a token is used with the token proce ⁇ sor. This change may, for example, be made when the token is inserted or when the token is removed.
- One option which may be used with the system is that, instead of a static secret code being ⁇ tored in the token, a value, such a ⁇ the nonpredictable code generated during the la ⁇ t use, some intermediate value in the generation thereof, or another related value is stored in the token a ⁇ a ⁇ ecret u ⁇ er code in place of the value previously stored therein.
- thi ⁇ procedure may be advantageous when a single token proce ⁇ or i ⁇ u ⁇ ed by a variety of individual ⁇ ⁇ ince it eliminate ⁇ the requirement for the token processor to ⁇ tore appropriate clock value ⁇ for each individual.
- thi ⁇ i ⁇ not a problem ⁇ o long a ⁇ this clock is synchronized with the clock at the host.
- An alternate technique is for some hash/repre ⁇ entation of t.ie remote proce ⁇ sor time to be transmitted along with the one-time code as taught in application Serial No. 07/981,808 filed February 5, 1993.
- the transmitter at the portable processor and receiver at the host proce ⁇ or may be modems interconnected by a telephone line network interface or the transmitter and receiver may be element ⁇ of a radio/cellular network.
- Other communication technique ⁇ between proce ⁇ or ⁇ known in the art may al ⁇ o be utilized.
- the token i ⁇ a "dumb card” there are applications where a " ⁇ mart card” having proce ⁇ ing capabilitiesitie ⁇ and it ⁇ own clock may be utilized which may be used in the manner described in the prior patents a ⁇ a smart card when token proce ⁇ or ⁇ are not available, but may be used with a token processor, with the seed or secret user code ⁇ tored thereat being read into the token proce ⁇ or in situations where it i ⁇ preferable to operate in that mode.
- the token containing the machine readable ⁇ ecret u ⁇ er code may al ⁇ o be u ⁇ ed to perform other function ⁇ ⁇ uch a ⁇ ⁇ upplemental memory (i.e.
- RAM or ROM chip containing files, application software, privileged or confidential data, private en ⁇ cription key ⁇ single sign-on information, etc.) or hardware/software for additional ⁇ y ⁇ tem features such a ⁇ modem, network interface, FAX, combined and integrated encryption/ compre ⁇ ion engine, etc.
- FIG. 1 i ⁇ a semi-schematic diagram of hardware suitable for use in practicing the teachings of this invention.
- FIG. 2 is a flow diagram for the operation of the system of FIG. 1 in accordance with practicing various embodiment ⁇ of the invention. Detailed De ⁇ cription
- FIG. 1 illu ⁇ trate ⁇ the three ba ⁇ ic component ⁇ of a system 10 utilized in practicing the teachings of thi ⁇ invention, the ⁇ e component ⁇ being a token 12, a token proces ⁇ or 14, and a ho ⁇ t proce ⁇ or 16.
- Token 12 i ⁇ preferably a "dumb" token which contain ⁇ only a memory 18 and a machine readable element, or for ⁇ ome embodiment ⁇ a read/write element, 20.
- memory 18 would contain only a ⁇ ecret u ⁇ er code 22.
- it may al ⁇ o be de ⁇ irable for memory 18 to ⁇ tore a public code 24, an algorithm 26 and/or a time-varying value 28.
- a ⁇ will be di ⁇ cus ⁇ ed in greater detail later, for ⁇ ome embodiments, the ⁇ ecret u ⁇ er code 22 and time-varying value 28 may be the ⁇ ame value. While not preferred, it i ⁇ po ⁇ ible for token 12 to have an input device, ⁇ uch a ⁇ numeric keypad ⁇ 30, and, a ⁇ will be di ⁇ cu ⁇ ed later, to al ⁇ o function a ⁇ a " ⁇ mart card", having certain processing and/or display capabilities.
- Token proces ⁇ or 14 may be any of a variety of remote and/or portable proce ⁇ or ⁇ which are currently available on the market. Such proce ⁇ or ⁇ fall into two general cla ⁇ e ⁇ , the fir ⁇ t of which includes such proce ⁇ sor ⁇ a ⁇ lap top computer ⁇ , palm top (hand-held) computer ⁇ , notebook computer ⁇ , personal assi ⁇ tant ⁇ , or other like computing device ⁇ .
- the second clas ⁇ of device ⁇ include telephones, credit card verifiers or other like device ⁇ having a keyboard/keypad (or equivalent input device), a card reader or other device adapted to read a value ⁇ tored on a token and a icroproces ⁇ or or other processor device.
- token proce ⁇ or 14 would typically include a token reader or token read/write device 40, a microproce ⁇ sor or other proce ⁇ sing device 42, at least one memory device 44, which may be part of processor 42 or may be in addition to memory provided in processor 42, a keyboard or other data input device 46 for inputting data into proce ⁇ or 46, a clock 48 or other device for generating time-varying values and a transmitter, or preferably a transmitter/receiver, 50.
- device 50 may be a modem which interconnects the proce ⁇ or to a telephone line, a network interface or may be ⁇ ome type of radio communications device such as a cellular phone element.
- Host proces ⁇ or 16 would typically be a proce ⁇ or utilized for performing a variety of function ⁇ , and may for example be a ⁇ erver through which acce ⁇ may be obtained to variou ⁇ databa ⁇ e ⁇ or other information resources or may be some other remote resource.
- Ho ⁇ t proce ⁇ sor 16 may be part of a network, which network may contain a plurality of such proces ⁇ or ⁇ .
- the function of ho ⁇ t proce ⁇ or 16 which is of concern in connection with this invention is to at least verify that the user possessing token 16 is authorized acce ⁇ to the system.
- ho ⁇ t processor 16 utilizes a proce ⁇ sor element 62 contained thereat and memory 64 containing information on tokens and authorized users for such tokens. Once host proce ⁇ sor 16 ha ⁇ verified a user, it may grant the u ⁇ er access to certain resource ⁇ and may also perform a variety of other functions which are not part of the pre ⁇ ent invention.
- the fir ⁇ t step in the use of the system 10 is for a user to insert the read/write element 20 of token 12 into the token read/write device 40 of token proces ⁇ or 14.
- the read/write element 20 i ⁇ for example a magnetic ⁇ tripe or electrodes
- thi ⁇ operation would involve phy ⁇ ically in ⁇ erting at lea ⁇ t a portion of token 12 into read/write device 40.
- optical element ⁇ , ⁇ uch a ⁇ light-emitting diode ⁇ (LED' ⁇ ) and photo diode ⁇ or infrared emitter ⁇ and detector ⁇ , or RF elements are utilized as the read/write element ⁇
- thi ⁇ operation would be performed by bringing the token read/write element into proximity with the read/write device of the token processor.
- one or more stored codes, and po ⁇ ibly additional information, i ⁇ read from the token into token proce ⁇ or 14 would typically either be scanned by the device 40 under control of proce ⁇ sor 42 or would be sequentially pre ⁇ ented.
- ⁇ ecret code 22 i ⁇ ⁇ tored in token 12 and thi ⁇ is the code which is read during ⁇ tep 70.
- Thi ⁇ code i ⁇ applied a ⁇ one input to processor 42.
- the current time-varying value at clock 48 is al ⁇ o applied as an input to proce ⁇ or 42 ( ⁇ tep 72) and the proce ⁇ or also receives from memory 44 or its internal memory an algorithm for utilizing the received inputs to generate a one-time nonpredictable code ( ⁇ tep 74).
- the u ⁇ er utilize ⁇ keyboard 46 to input the user's personal identification number (PIN) or other ⁇ ecret code which is generally known only to the u ⁇ er ( ⁇ tep 76).
- the PIN which may modify the token code i ⁇ applied a ⁇ the final input to proce ⁇ or 42 which then utilize ⁇ the secret code from the token, the time-varying or one-time value from clock 48 and the received PIN in the algorithm to generate a selected nonpredictable code. Since a time-varying value is involved in the generation of this code, this code will be a one-time code ⁇ o that, should anyone surreptitiou ⁇ ly intercept the code, the code will be of no value to that per ⁇ on ⁇ ince it will not be operative to gain access to the resource in the future.
- the one-time nonpredictable code generated during step 78 i ⁇ then tran ⁇ mitted to ho ⁇ t proce ⁇ sor 16 during step 80.
- the nonpredictable code i ⁇ received by device 60 ( ⁇ tep 82) and is provided to proce ⁇ or 62.
- Proce ⁇ or 62 may operate in an identify mode, in which case the inputted code is compared against codes for the given time interval for authorized user ⁇ and the u ⁇ er i ⁇ identified a ⁇ an authorized u ⁇ er if the received one-time nonpredictable code matche ⁇ a code for the given time interval being generated at the ho ⁇ t.
- thi ⁇ clock would normally be required to be in ⁇ ynchroni ⁇ m with a corre ⁇ ponding clock at ho ⁇ t proce ⁇ or 16 in order for identification to occur.
- Patent No. 4,885,778 teache ⁇ a mechani ⁇ m which may be utilized in practicing the teaching ⁇ of thi ⁇ invention which permit ⁇ ⁇ uch identification to be achieved when the clock ⁇ are out of ⁇ ynchroni ⁇ m and permit ⁇ the clocks to be re ⁇ ynchronized. It i ⁇ al ⁇ o po ⁇ ible during ⁇ tep 84 for proce ⁇ or 62 to operate in a verify mode. With verify, public code 24 i ⁇ also tran ⁇ mitted with the one-time nonpredictable code. The public code may be obtained from token 12 or may be stored at token processor 14. Proces ⁇ or 62 utilize ⁇ the received public code to retrieve or generate the proper one-time nonpredictable code for the u ⁇ er indicated by the public code and then compares this with the received one-time nonpredictable code to verify the user.
- a ⁇ ucces ⁇ ful verification or identification during ⁇ tep 84 re ⁇ ults in proces ⁇ or 62 granting the u ⁇ er acce ⁇ to the selected resource (step 86).
- acces ⁇ to the re ⁇ ource i ⁇ granted will depend on application and the ⁇ pecific way thi ⁇ is accompli ⁇ hed doe ⁇ not form part of the pre ⁇ ent invention.
- a u ⁇ er may u ⁇ e keyboard 46 to request medical record ⁇ on at least ⁇ elected patient ⁇ , with ⁇ uch requests being tran ⁇ mitted to ho ⁇ t proce ⁇ or 60, and ho ⁇ t proce ⁇ or 60 may retrieve ⁇ uch record ⁇ from its memory 64 and transmit such records to proces ⁇ or 14 to either be displayed thereat, printed out or otherwise made available to the user.
- thi ⁇ could only be done if the token 12 i ⁇ being utilized with only a ⁇ ingle ho ⁇ t proce ⁇ or 16 or if the ho ⁇ t proce ⁇ or ⁇ 16 are ⁇ omehow networked so that each ho ⁇ t proces ⁇ or can be made aware of the current one-time code being stored at the token.
- the storing of this one-time code in the token is illu ⁇ trated by step 88.
- public code 24 i ⁇ also read from token 12 and is transmitted by token proce ⁇ or 14 to ho ⁇ t proce ⁇ or 16 (step 90).
- the transmitted public code i ⁇ received at transmitter/receiver device 60 of host proces ⁇ or 16 and i ⁇ applied to proce ⁇ or 62 which utilize ⁇ thi ⁇ public code to generate a query which may be unique for the given u ⁇ er ( ⁇ tep 92).
- the query i ⁇ then tran ⁇ mitted by device 60 of the ho ⁇ t processor ( ⁇ tep 94) and received by device 50 at the token processor (step 96).
- This respon ⁇ e i ⁇ then tran ⁇ mitted during ⁇ tep 80 to the ho ⁇ t proce ⁇ or where it i ⁇ received and applied to proce ⁇ or 62 which verifie ⁇ that the respon ⁇ e i ⁇ correct and grants acce ⁇ to the re ⁇ ource in re ⁇ pon ⁇ e to a verified re ⁇ pon ⁇ e.
- token 12 While receiving the current time-varying value during ⁇ tep 72 i ⁇ normally achieved by reading the current clock value 48, a ⁇ previou ⁇ ly discus ⁇ ed, thi ⁇ ⁇ tep may be eliminated where a one-time code i ⁇ ⁇ tored a ⁇ the ⁇ ecret u ⁇ er code 22 rather than a static secret code. It is al ⁇ o possible, in some applications, that token 12 may be u ⁇ ed with a variety of token processor, all of which are not in time synchronization. It may, in ⁇ uch situations, be preferable for token 12 to contain its own clock, which clock is read and used as a current time-varying value during ⁇ tep 72.
- token 12 may ⁇ tore a one-time time-varying value 28 which i ⁇ changed each time the token i ⁇ used, or in respon ⁇ e to the occurrence of a selected event.
- the code value may be read out for u ⁇ e when a token i ⁇ read during ⁇ tep 70 and thi ⁇ value may be modified in accordance with a predetermined algorithm, with the modified value then being ⁇ tored in area 28 of memory.
- the value may for example be changed each time a re ⁇ ource i ⁇ acce ⁇ ed during a given ⁇ e ⁇ ion with the final time-varying value being ⁇ tored in area 28 before the token is removed from token proce ⁇ or 14.
- Other technique ⁇ for generating a one-time code known in the art may al ⁇ o be utilized.
- receive-algorithm step 74 normally involve ⁇ obtaining the algorithm from the memory of proce ⁇ or 42 or from backup memory 44.
- the algorithm it may be ⁇ ecure and in ⁇ ome application ⁇ it may be ea ⁇ ier to maintain security of the tokens than of the token proce ⁇ or ⁇ .
- the ⁇ e objective ⁇ may be achieved by ⁇ toring the algorithm in token 12, for example in area 26 of it ⁇ memory, and reading the algorithm from token 12 into proce ⁇ or 42 during step 74.
- token 12 would be a "dumb token" dedicated to the function of authenticating a user
- thi ⁇ is by no mean ⁇ a limitation on the invention.
- many proce ⁇ or ⁇ now utilize a read/write device ⁇ uch a ⁇ the device 40 a ⁇ a slot in which cards containing additional functionality ⁇ uch a ⁇ a modem function, network interface, fax, or the like may be contained.
- Such card may contain extra memory and other selected hardware.
- one of the ⁇ e function cards could be used as a token by merely adding the user ' ⁇ ⁇ ecret code in ⁇ uch card and programming the token proce ⁇ or to read ⁇ uch code from the card and utilize it in the manner de ⁇ cribed above to identify/verify the u ⁇ er a ⁇ part of the initial log-on procedure.
- a token such a ⁇ that di ⁇ clo ⁇ ed in the beforementioned U.S. Patent No.
- 4,720,860 may be u ⁇ ed which i ⁇ capable of utilizing the ⁇ tored ⁇ eed and a time-varying value generated by it ⁇ own internal clock to generate a one-time nonpredictable code which i ⁇ di ⁇ played for u ⁇ e by the user.
- this token would also have a read/write element 20, permitting the seed to al ⁇ o be read into a token proces ⁇ or 14 to permit the token to al ⁇ o be u ⁇ ed in ⁇ y ⁇ tem 10.
- token proces ⁇ or 14 i ⁇ for example a telephone ⁇ uch a ⁇ tho ⁇ e currently available in airline terminal ⁇ and other public place ⁇ which contain a credit card reader and other proce ⁇ ing capabilitiesitie ⁇ .
- token 12 might contain the algorithm to be u ⁇ ed in area 26 and might al ⁇ o contain a clock or the time-varying value in area 28. The ⁇ e would be read from the token by the token reader which form ⁇ part of the telephone and would be proce ⁇ sed in the proces ⁇ or which also form ⁇ part of the telephone to produce the one-time nonpredictable code.
- the u ⁇ er could input hi ⁇ PIN on the touch key ⁇ of the telephone in re ⁇ pon ⁇ e to either a vi ⁇ ual prompt appearing on a small display which is provided with many such telephone ⁇ or in re ⁇ pon ⁇ e to an oral prompt provided to the telephone head ⁇ et.
- the "dumb" token could thu ⁇ be utilized at any location having such a telephone.
- Standard credit card verifiers could also be programmed to function a ⁇ a token proce ⁇ or with dumb token ⁇ in a ⁇ y ⁇ tem 10, and other device ⁇ either currently exi ⁇ ting or developed in the future could be utilized, provided ⁇ uch device contain ⁇ token reading capability, ⁇ ome type of input device to permit a PIN to be inputted, a proce ⁇ or which can be programmed to perform the one-time nonpredictable code generation function and at lea ⁇ t a tran ⁇ mitter for tran ⁇ mitting ⁇ uch value to a ho ⁇ t proce ⁇ or.
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU19924/95A AU681500B2 (en) | 1994-03-16 | 1995-03-16 | Method and apparatus for utilizing a token for resource access |
CA002183629A CA2183629C (en) | 1994-03-16 | 1995-03-16 | Method and apparatus for utilizing a token for resource access |
KR1019960705158A KR970701956A (en) | 1994-03-16 | 1995-03-16 | METHOD AND APPARATUS FOR UTILIZING A TOKEN FOR RESOURCE ACCESS |
EP95912913A EP0750814A4 (en) | 1994-03-16 | 1995-03-16 | Method and apparatus for utilizing a token for resource access |
JP7524140A JPH09510561A (en) | 1994-03-16 | 1995-03-16 | Method and apparatus for using tokens to access resources |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/213,951 | 1994-03-16 | ||
US08/213,951 US5657388A (en) | 1993-05-25 | 1994-03-16 | Method and apparatus for utilizing a token for resource access |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1995025391A1 true WO1995025391A1 (en) | 1995-09-21 |
Family
ID=22797163
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1995/003181 WO1995025391A1 (en) | 1994-03-16 | 1995-03-16 | Method and apparatus for utilizing a token for resource access |
Country Status (7)
Country | Link |
---|---|
US (1) | US5657388A (en) |
EP (1) | EP0750814A4 (en) |
JP (1) | JPH09510561A (en) |
KR (1) | KR970701956A (en) |
AU (1) | AU681500B2 (en) |
CA (1) | CA2183629C (en) |
WO (1) | WO1995025391A1 (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1997008870A2 (en) * | 1995-08-31 | 1997-03-06 | Stefanus Alfonsus Brands | Secure cryptographic methods for electronic transfer of information |
FR2754411A1 (en) * | 1996-10-05 | 1998-04-10 | Samsung Electronics Co Ltd | USER AUTHENTICATION DEVICE AND METHOD |
EP0921700A2 (en) * | 1997-12-03 | 1999-06-09 | Toyota Jidosha Kabushiki Kaisha | Information terminal device |
FR2788154A1 (en) * | 1998-12-01 | 2000-07-07 | Philippe Baron D | Secure data exchange for electronic or internet payments |
FR2788620A1 (en) * | 1998-12-01 | 2000-07-21 | Philippe Baron D | Storage and transaction systems for secure remote payment systems |
EP1035524A2 (en) * | 1999-03-10 | 2000-09-13 | Denis Philippe Baron | IC cards and secure data exchange systems, in particular for payments |
FR2790854A1 (en) * | 1998-12-01 | 2000-09-15 | Philippe Baron D | Device for securing computer data exchanges of payment or remote payment has inaccessible area in secret memory in which primary codes of list may be used as preference for secure exchange |
WO2001023694A1 (en) * | 1999-09-27 | 2001-04-05 | Tactel Ab | Automatic locking system |
WO2001040605A1 (en) * | 1999-11-30 | 2001-06-07 | Bording Data A/S | An electronic key device, a system and a method of managing electronic key information |
WO2001082151A1 (en) * | 2000-04-24 | 2001-11-01 | Neotechkno Corporation | External device and authentication system |
WO2002013152A1 (en) * | 2000-08-08 | 2002-02-14 | Davide Martignon | Safety method and system for circulating confidential data on public-access communication means |
EP1233379A2 (en) * | 2001-02-16 | 2002-08-21 | EVVA-Werk Spezialerzeugung von Zylinder- und Sicherheitsschlössern Gesellschaft m.b.H. & Co. Kommanditgesellschaft | Method for controlling an access-check with keys and locks and device for implementing such a method |
FR2835078A1 (en) * | 2002-10-16 | 2003-07-25 | Thierry Baillietaieb | Credit card security system for secure credit card payments, uses an encryption unit which calculates a secure code from the invariant elements of the credit card and variable elements keyed in |
CN102750474A (en) * | 2012-06-04 | 2012-10-24 | 飞天诚信科技股份有限公司 | Method and device for generating dynamic password in embedded system |
WO2013054072A1 (en) * | 2011-10-12 | 2013-04-18 | Technology Business Management Limited | Id authentication |
WO2015004528A3 (en) * | 2013-07-08 | 2015-04-30 | Assa Abloy Ab | One-time-password generated on reader device using key read from personal security device |
Families Citing this family (331)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6175312B1 (en) | 1990-05-29 | 2001-01-16 | Microchip Technology Incorporated | Encoder and decoder microchips and remote control devices for secure unidirectional communication |
US6690796B1 (en) | 1995-05-17 | 2004-02-10 | The Chamberlain Group, Inc. | Rolling code security system |
DE69637072T2 (en) * | 1995-05-17 | 2008-01-10 | The Chamberlain Group, Inc., Elmhurst | ROLLING CODE SECURITY SYSTEM |
FR2739737B1 (en) * | 1995-10-09 | 1997-11-21 | Inside Technologies | MEMORY CARD IMPROVEMENTS |
US20070292006A1 (en) * | 1996-08-07 | 2007-12-20 | Johnson Alice A | Fingerprint compiler program of explanation |
JPH1079733A (en) * | 1996-09-03 | 1998-03-24 | Kokusai Denshin Denwa Co Ltd <Kdd> | Authentication method/system using ic card |
US5892902A (en) * | 1996-09-05 | 1999-04-06 | Clark; Paul C. | Intelligent token protected system with network authentication |
EP1010049B1 (en) | 1997-05-13 | 2006-05-03 | Passlogix, Inc. | Generalized user identification and authentication system |
US6070243A (en) | 1997-06-13 | 2000-05-30 | Xylan Corporation | Deterministic user authentication service for communication network |
GB2329497B (en) * | 1997-09-19 | 2001-01-31 | Ibm | Method for controlling access to electronically provided services and system for implementing such method |
US6253325B1 (en) * | 1998-04-15 | 2001-06-26 | Hewlett-Packard Company | Apparatus and method for securing documents posted from a web resource |
US6317838B1 (en) * | 1998-04-29 | 2001-11-13 | Bull S.A. | Method and architecture to provide a secured remote access to private resources |
JP4194172B2 (en) * | 1998-05-18 | 2008-12-10 | キヤノン株式会社 | Image display device and inter-device communication method |
US6057764A (en) * | 1998-08-20 | 2000-05-02 | Williams; Melvin P. | Dynamically bypassed alarm system |
US6636973B1 (en) | 1998-09-08 | 2003-10-21 | Hewlett-Packard Development Company, L.P. | Secure and dynamic biometrics-based token generation for access control and authentication |
US6257486B1 (en) * | 1998-11-23 | 2001-07-10 | Cardis Research & Development Ltd. | Smart card pin system, card, and reader |
US6343280B2 (en) * | 1998-12-15 | 2002-01-29 | Jonathan Clark | Distributed execution software license server |
US7272723B1 (en) * | 1999-01-15 | 2007-09-18 | Safenet, Inc. | USB-compliant personal key with integral input and output devices |
HUP0201309A2 (en) * | 1999-02-08 | 2002-09-28 | Siemens Ag | Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person |
EP1151369A1 (en) * | 1999-02-10 | 2001-11-07 | Vasco Data Security Inc. | Security access and authentication token with private key transport functionality |
US8538801B2 (en) | 1999-02-19 | 2013-09-17 | Exxonmobile Research & Engineering Company | System and method for processing financial transactions |
IL128720A (en) * | 1999-02-25 | 2009-06-15 | Cidway Technologies Ltd | Method for certification of over the phone transactions |
US6985583B1 (en) | 1999-05-04 | 2006-01-10 | Rsa Security Inc. | System and method for authentication seed distribution |
AU770881B2 (en) | 1999-06-24 | 2004-03-04 | Siebel Systems, Inc. | Electronic bill presentment and payment |
US7287031B1 (en) * | 1999-08-12 | 2007-10-23 | Ronald Steven Karpf | Computer system and method for increasing patients compliance to medical care instructions |
GB9920502D0 (en) * | 1999-09-01 | 1999-11-03 | Ncr Int Inc | Portable terminal |
US7889052B2 (en) | 2001-07-10 | 2011-02-15 | Xatra Fund Mx, Llc | Authorizing payment subsequent to RF transactions |
US7239226B2 (en) | 2001-07-10 | 2007-07-03 | American Express Travel Related Services Company, Inc. | System and method for payment using radio frequency identification in contact and contactless transactions |
US7837116B2 (en) | 1999-09-07 | 2010-11-23 | American Express Travel Related Services Company, Inc. | Transaction card |
US9430769B2 (en) | 1999-10-01 | 2016-08-30 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
US7742967B1 (en) * | 1999-10-01 | 2010-06-22 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
US20020103675A1 (en) * | 1999-11-29 | 2002-08-01 | John Vanelli | Apparatus and method for providing consolidated medical information |
US6738901B1 (en) * | 1999-12-15 | 2004-05-18 | 3M Innovative Properties Company | Smart card controlled internet access |
JP3250557B2 (en) * | 1999-12-20 | 2002-01-28 | いわき電子株式会社 | Encryption display card |
US7720754B1 (en) | 2000-01-05 | 2010-05-18 | Uniteller Financial Services, Inc. | Money-transfer techniques |
US7870065B2 (en) * | 2000-01-05 | 2011-01-11 | Uniteller Financial Services, Inc. | Money-transfer techniques |
US6938013B1 (en) * | 2000-01-05 | 2005-08-30 | Uniteller Financial Services, Inc. | Money-transfer techniques |
US7268668B2 (en) | 2003-05-09 | 2007-09-11 | American Express Travel Related Services Company, Inc. | Systems and methods for managing multiple accounts on a RF transaction instrument |
US7172112B2 (en) | 2000-01-21 | 2007-02-06 | American Express Travel Related Services Company, Inc. | Public/private dual card system and method |
US8543423B2 (en) | 2002-07-16 | 2013-09-24 | American Express Travel Related Services Company, Inc. | Method and apparatus for enrolling with multiple transaction environments |
US8429041B2 (en) | 2003-05-09 | 2013-04-23 | American Express Travel Related Services Company, Inc. | Systems and methods for managing account information lifecycles |
US6834270B1 (en) * | 2000-02-28 | 2004-12-21 | Carlo Pagani | Secured financial transaction system using single use codes |
US7140036B2 (en) | 2000-03-06 | 2006-11-21 | Cardinalcommerce Corporation | Centralized identity authentication for electronic communication networks |
WO2001067355A2 (en) | 2000-03-07 | 2001-09-13 | American Express Travel Related Services Company, Inc. | System for facilitating a transaction |
EP1139200A3 (en) * | 2000-03-23 | 2002-10-16 | Tradecard Inc. | Access code generating system including smart card and smart card reader |
US7284125B2 (en) * | 2000-03-23 | 2007-10-16 | Tietech Co. Ltd. | Method and apparatus for personal identification |
US7814212B1 (en) | 2000-04-28 | 2010-10-12 | Chan Hark C | Data delivery system using local and remote communications |
AU2001273030A1 (en) * | 2000-06-30 | 2002-01-14 | Singhal, Tara Cland | Method and apparatus for a payment card system |
US20080147564A1 (en) * | 2001-06-26 | 2008-06-19 | Tara Chand Singhal | Security in use of bankcards that protects bankcard data from merchant systems in a payment card system |
US7392388B2 (en) * | 2000-09-07 | 2008-06-24 | Swivel Secure Limited | Systems and methods for identity verification for secure transactions |
US7058814B1 (en) | 2000-09-28 | 2006-06-06 | International Business Machines Corporation | System and method for providing time-limited access to people, objects and services |
TW548535B (en) * | 2000-10-17 | 2003-08-21 | Ericsson Telefon Ab L M | Security system |
WO2002048846A2 (en) * | 2000-12-14 | 2002-06-20 | Quizid Technologies Limited | An authentication system |
US7295999B1 (en) | 2000-12-20 | 2007-11-13 | Jpmorgan Chase Bank, N.A. | System and method for determining eligibility and enrolling members in various programs |
US7606771B2 (en) * | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
US20060269061A1 (en) * | 2001-01-11 | 2006-11-30 | Cardinalcommerce Corporation | Mobile device and method for dispensing authentication codes |
US8484710B2 (en) * | 2001-02-14 | 2013-07-09 | Pass Protect Technology, Llc | System and method for securely sending a network one-time-password utilizing a mobile computing device |
US7895098B2 (en) | 2001-03-01 | 2011-02-22 | Jpmorgan Chase Bank, N.A. | System and method for measuring and utilizing pooling analytics |
US20020129285A1 (en) * | 2001-03-08 | 2002-09-12 | Masateru Kuwata | Biometric authenticated VLAN |
US7237117B2 (en) | 2001-03-16 | 2007-06-26 | Kenneth P. Weiss | Universal secure registry |
US7219235B2 (en) * | 2001-03-22 | 2007-05-15 | Bridgepoint Systems, Inc. | Locked portal unlocking control apparatus and method |
US7133662B2 (en) * | 2001-05-24 | 2006-11-07 | International Business Machines Corporation | Methods and apparatus for restricting access of a user using a cellular telephone |
US7133971B2 (en) * | 2003-11-21 | 2006-11-07 | International Business Machines Corporation | Cache with selective least frequently used or most frequently used cache line replacement |
US7650314B1 (en) | 2001-05-25 | 2010-01-19 | American Express Travel Related Services Company, Inc. | System and method for securing a recurrent billing transaction |
US7725427B2 (en) | 2001-05-25 | 2010-05-25 | Fred Bishop | Recurrent billing maintenance with radio frequency payment devices |
GB2376116A (en) * | 2001-06-01 | 2002-12-04 | Nicholas Paul Stevens | Locking system using real-time clocks to produce release code and checking code |
US7119659B2 (en) | 2001-07-10 | 2006-10-10 | American Express Travel Related Services Company, Inc. | Systems and methods for providing a RF transaction device for use in a private label transaction |
US8294552B2 (en) | 2001-07-10 | 2012-10-23 | Xatra Fund Mx, Llc | Facial scan biometrics on a payment device |
US20040239480A1 (en) * | 2001-07-10 | 2004-12-02 | American Express Travel Related Services Company, Inc. | Method for biometric security using a transponder |
US8001054B1 (en) | 2001-07-10 | 2011-08-16 | American Express Travel Related Services Company, Inc. | System and method for generating an unpredictable number using a seeded algorithm |
US9024719B1 (en) | 2001-07-10 | 2015-05-05 | Xatra Fund Mx, Llc | RF transaction system and method for storing user personal data |
US7503480B2 (en) | 2001-07-10 | 2009-03-17 | American Express Travel Related Services Company, Inc. | Method and system for tracking user performance |
US8538863B1 (en) | 2001-07-10 | 2013-09-17 | American Express Travel Related Services Company, Inc. | System and method for facilitating a transaction using a revolving use account associated with a primary account |
US20040257197A1 (en) * | 2001-07-10 | 2004-12-23 | American Express Travel Related Services Company, Inc. | Method for biometric security using a transponder-reader |
US20050116810A1 (en) * | 2001-07-10 | 2005-06-02 | American Express Travel Related Services Company, Inc. | Method and system for vascular pattern recognition biometrics on a fob |
US7762457B2 (en) | 2001-07-10 | 2010-07-27 | American Express Travel Related Services Company, Inc. | System and method for dynamic fob synchronization and personalization |
US7805378B2 (en) | 2001-07-10 | 2010-09-28 | American Express Travel Related Servicex Company, Inc. | System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions |
US7746215B1 (en) | 2001-07-10 | 2010-06-29 | Fred Bishop | RF transactions using a wireless reader grid |
US7303120B2 (en) | 2001-07-10 | 2007-12-04 | American Express Travel Related Services Company, Inc. | System for biometric security using a FOB |
US9454752B2 (en) | 2001-07-10 | 2016-09-27 | Chartoleaux Kg Limited Liability Company | Reload protocol at a transaction processing entity |
US8635131B1 (en) | 2001-07-10 | 2014-01-21 | American Express Travel Related Services Company, Inc. | System and method for managing a transaction protocol |
US7312707B1 (en) | 2001-07-10 | 2007-12-25 | American Express Travel Related Services Company, Inc. | System and method for authenticating a RF transaction using a transaction account routing number |
US7827106B2 (en) | 2001-07-10 | 2010-11-02 | American Express Travel Related Services Company, Inc. | System and method for manufacturing a punch-out RFID transaction device |
US20040239481A1 (en) * | 2001-07-10 | 2004-12-02 | American Express Travel Related Services Company, Inc. | Method and system for facial recognition biometrics on a fob |
US7996324B2 (en) | 2001-07-10 | 2011-08-09 | American Express Travel Related Services Company, Inc. | Systems and methods for managing multiple accounts on a RF transaction device using secondary identification indicia |
US9031880B2 (en) | 2001-07-10 | 2015-05-12 | Iii Holdings 1, Llc | Systems and methods for non-traditional payment using biometric data |
US7154375B2 (en) | 2001-07-10 | 2006-12-26 | American Express Travel Related Services Company, Inc. | Biometric safeguard method with a fob |
US8960535B2 (en) | 2001-07-10 | 2015-02-24 | Iii Holdings 1, Llc | Method and system for resource management and evaluation |
US7228155B2 (en) * | 2001-07-10 | 2007-06-05 | American Express Travel Related Services Company, Inc. | System and method for remotely initializing a RF transaction |
US8548927B2 (en) | 2001-07-10 | 2013-10-01 | Xatra Fund Mx, Llc | Biometric registration for facilitating an RF transaction |
US20040236699A1 (en) | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for hand geometry recognition biometrics on a fob |
US7463133B2 (en) * | 2001-07-10 | 2008-12-09 | American Express Travel Related Services Company, Inc. | Systems and methods for providing a RF transaction device operable to store multiple distinct calling card accounts |
US7121471B2 (en) * | 2001-07-10 | 2006-10-17 | American Express Travel Related Services Company, Inc. | Method and system for DNA recognition biometrics on a fob |
US7249112B2 (en) | 2002-07-09 | 2007-07-24 | American Express Travel Related Services Company, Inc. | System and method for assigning a funding source for a radio frequency identification device |
US7493288B2 (en) * | 2001-07-10 | 2009-02-17 | Xatra Fund Mx, Llc | RF payment via a mobile device |
US7705732B2 (en) | 2001-07-10 | 2010-04-27 | Fred Bishop | Authenticating an RF transaction using a transaction counter |
US7360689B2 (en) | 2001-07-10 | 2008-04-22 | American Express Travel Related Services Company, Inc. | Method and system for proffering multiple biometrics for use with a FOB |
US7925535B2 (en) | 2001-07-10 | 2011-04-12 | American Express Travel Related Services Company, Inc. | System and method for securing RF transactions using a radio frequency identification device including a random number generator |
US7668750B2 (en) | 2001-07-10 | 2010-02-23 | David S Bonalle | Securing RF transactions using a transactions counter |
US7059531B2 (en) | 2001-07-10 | 2006-06-13 | American Express Travel Related Services Company, Inc. | Method and system for smellprint recognition biometrics on a fob |
US8284025B2 (en) | 2001-07-10 | 2012-10-09 | Xatra Fund Mx, Llc | Method and system for auditory recognition biometrics on a FOB |
US20030014641A1 (en) * | 2001-07-16 | 2003-01-16 | Delanghe Brad Albert | System for providing secure access to secure information |
US7590859B2 (en) * | 2001-08-24 | 2009-09-15 | Secure Computing Corporation | System and method for accomplishing two-factor user authentication using the internet |
US6908030B2 (en) * | 2001-10-31 | 2005-06-21 | Arcot Systems, Inc. | One-time credit card number generator and single round-trip authentication |
US7412720B1 (en) * | 2001-11-02 | 2008-08-12 | Bea Systems, Inc. | Delegated authentication using a generic application-layer network protocol |
US7243853B1 (en) * | 2001-12-04 | 2007-07-17 | Visa U.S.A. Inc. | Method and system for facilitating memory and application management on a secured token |
US7363494B2 (en) * | 2001-12-04 | 2008-04-22 | Rsa Security Inc. | Method and apparatus for performing enhanced time-based authentication |
US7246230B2 (en) | 2002-01-29 | 2007-07-17 | Bea Systems, Inc. | Single sign-on over the internet using public-key cryptography |
JP2003223420A (en) * | 2002-01-31 | 2003-08-08 | Fujitsu Ltd | Access control method, storage device, and information processing apparatus |
US7941533B2 (en) * | 2002-02-19 | 2011-05-10 | Jpmorgan Chase Bank, N.A. | System and method for single sign-on session management without central server |
US20030163694A1 (en) * | 2002-02-25 | 2003-08-28 | Chaing Chen | Method and system to deliver authentication authority web services using non-reusable and non-reversible one-time identity codes |
US7756896B1 (en) | 2002-03-11 | 2010-07-13 | Jp Morgan Chase Bank | System and method for multi-dimensional risk analysis |
AU2003230751A1 (en) * | 2002-03-29 | 2003-10-13 | Bank One, Delaware, N.A. | System and process for performing purchase transaction using tokens |
GB0210692D0 (en) | 2002-05-10 | 2002-06-19 | Assendon Ltd | Smart card token for remote authentication |
CA2492715C (en) * | 2002-06-12 | 2016-12-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7693783B2 (en) | 2002-06-12 | 2010-04-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US8645266B2 (en) * | 2002-06-12 | 2014-02-04 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7587756B2 (en) * | 2002-07-09 | 2009-09-08 | American Express Travel Related Services Company, Inc. | Methods and apparatus for a secure proximity integrated circuit card transactions |
US6805287B2 (en) | 2002-09-12 | 2004-10-19 | American Express Travel Related Services Company, Inc. | System and method for converting a stored value card to a credit card |
US20040064453A1 (en) * | 2002-09-27 | 2004-04-01 | Antonio Ruiz | Large-scale hierarchical identification and verification for secured ingress and egress using biometrics |
US20040139021A1 (en) | 2002-10-07 | 2004-07-15 | Visa International Service Association | Method and system for facilitating data access and management on a secure token |
US7900245B1 (en) * | 2002-10-15 | 2011-03-01 | Sprint Spectrum L.P. | Method and system for non-repeating user identification in a communication system |
US7360096B2 (en) * | 2002-11-20 | 2008-04-15 | Microsoft Corporation | Securely processing client credentials used for Web-based access to resources |
US20040110487A1 (en) * | 2002-12-09 | 2004-06-10 | International Business Machines Corporation | Wireless network access system |
TW587226B (en) * | 2002-12-26 | 2004-05-11 | Min-Jie Su | Card verification and authorization system and method thereof |
JP2006522507A (en) * | 2003-04-01 | 2006-09-28 | エントロピック・テクノロジーズ・プロプライエタリー・リミテッド | Secure communication system and secure communication method |
AU2004225193B2 (en) * | 2003-04-01 | 2009-07-30 | Entropic Technologies Pty Ltd | A system for secure communication |
US7268667B2 (en) | 2003-05-09 | 2007-09-11 | American Express Travel Related Services Company, Inc. | Systems and methods for providing a RF transaction device operable to store multiple distinct accounts |
GB0314905D0 (en) * | 2003-06-26 | 2003-07-30 | Ibm | A system for controlling access to stored data |
US7519989B2 (en) * | 2003-07-17 | 2009-04-14 | Av Thenex Inc. | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions |
US20050033995A1 (en) * | 2003-08-08 | 2005-02-10 | Paul Lin | System and method for utilizing information in publicly broadcast signals for shared secret purposes |
US7624068B1 (en) | 2003-08-18 | 2009-11-24 | Jpmorgan Chase Bank, N.A. | Method and system for dynamically adjusting discount rates for a card transaction |
JP4297836B2 (en) * | 2003-09-10 | 2009-07-15 | 三洋電機株式会社 | Consumable parts and identification device thereof |
KR100720602B1 (en) * | 2003-09-26 | 2007-05-21 | 니뽄 덴신 덴와 가부시키가이샤 | Tag privacy protection method, tag device, backend apparatus, updater, update solicitor, programs therefor and record medium carrying such programs in storage |
TWI290439B (en) * | 2005-11-09 | 2007-11-21 | Min-Chieh Su | Mobile communication terminal verification authorization system and method thereof |
US7318550B2 (en) | 2004-07-01 | 2008-01-15 | American Express Travel Related Services Company, Inc. | Biometric safeguard method for use with a smartcard |
US7185806B2 (en) * | 2004-08-12 | 2007-03-06 | Sines Randy D | Financial and similar identification cards read by magnetic swipe card readers and methods relating thereto |
US7328850B2 (en) | 2004-08-12 | 2008-02-12 | Codecard, Inc. | Financial and similar identification cards and methods relating thereto |
US7562218B2 (en) * | 2004-08-17 | 2009-07-14 | Research In Motion Limited | Method, system and device for authenticating a user |
EP1936530A3 (en) * | 2004-08-17 | 2008-08-06 | Research In Motion Limited | Method, system and device for authenticating a handheld device to a computer |
US7469291B2 (en) * | 2004-09-22 | 2008-12-23 | Research In Motion Limited | Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices |
NO20050152D0 (en) * | 2005-01-11 | 2005-01-11 | Dnb Nor Bank Asa | Method of generating security code and programmable device therefor |
NO338937B1 (en) * | 2005-01-11 | 2016-10-31 | Allclear Id Inc | Procedure for generating security code. |
US7890343B1 (en) | 2005-01-11 | 2011-02-15 | Jp Morgan Chase Bank | System and method for generating risk management curves |
US9148409B2 (en) | 2005-06-30 | 2015-09-29 | The Chamberlain Group, Inc. | Method and apparatus to facilitate message transmission and reception using different transmission characteristics |
US8422667B2 (en) | 2005-01-27 | 2013-04-16 | The Chamberlain Group, Inc. | Method and apparatus to facilitate transmission of an encrypted rolling code |
EP1850233B1 (en) * | 2005-02-17 | 2017-07-05 | Fujitsu Limited | Authentication method, authentication system, and tag device thereof, information reference client, authentication server, and information server |
CN101120351B (en) * | 2005-02-18 | 2010-10-06 | Rsa安全公司 | Derivative seeds distribution method |
KR20070119051A (en) | 2005-03-26 | 2007-12-18 | 프라이베이시스, 인크. | Electronic financial transaction cards and methods |
US8684267B2 (en) | 2005-03-26 | 2014-04-01 | Privasys | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
US8226001B1 (en) | 2010-06-23 | 2012-07-24 | Fiteq, Inc. | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
US20080308627A1 (en) * | 2005-04-07 | 2008-12-18 | Sines Randy D | Financial and similar identification cards and methods relating thereto including awards |
US7509250B2 (en) * | 2005-04-20 | 2009-03-24 | Honeywell International Inc. | Hardware key control of debug interface |
US8266441B2 (en) * | 2005-04-22 | 2012-09-11 | Bank Of America Corporation | One-time password credit/debit card |
WO2006116772A2 (en) | 2005-04-27 | 2006-11-02 | Privasys, Inc. | Electronic cards and methods for making same |
US7793851B2 (en) | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US7831837B1 (en) * | 2005-06-15 | 2010-11-09 | Emc Corporation | Encoding token commands/data within data streams for standard interfaces |
US20070033649A1 (en) * | 2005-07-20 | 2007-02-08 | Booleansoft | Secure remote access technology |
US8181232B2 (en) * | 2005-07-29 | 2012-05-15 | Citicorp Development Center, Inc. | Methods and systems for secure user authentication |
US20070061868A1 (en) * | 2005-08-03 | 2007-03-15 | Aladdin Knowledge Systems Ltd. | One-time password client |
US7849323B2 (en) * | 2005-11-09 | 2010-12-07 | Emc Corporation | Password presentation for multimedia devices |
US20070124810A1 (en) * | 2005-11-29 | 2007-05-31 | Sigalow Ian D | Method and system for securing electronic transactions |
US7904946B1 (en) | 2005-12-09 | 2011-03-08 | Citicorp Development Center, Inc. | Methods and systems for secure user authentication |
US9768963B2 (en) | 2005-12-09 | 2017-09-19 | Citicorp Credit Services, Inc. (Usa) | Methods and systems for secure user authentication |
US9002750B1 (en) | 2005-12-09 | 2015-04-07 | Citicorp Credit Services, Inc. (Usa) | Methods and systems for secure user authentication |
US7962396B1 (en) | 2006-02-03 | 2011-06-14 | Jpmorgan Chase Bank, N.A. | System and method for managing risk |
US9137012B2 (en) * | 2006-02-03 | 2015-09-15 | Emc Corporation | Wireless authentication methods and apparatus |
US11227676B2 (en) | 2006-02-21 | 2022-01-18 | Universal Secure Registry, Llc | Universal secure registry |
WO2007145687A1 (en) | 2006-02-21 | 2007-12-21 | Weiss Kenneth P | Method and apparatus for secure access payment and identification |
US8234220B2 (en) * | 2007-02-21 | 2012-07-31 | Weiss Kenneth P | Universal secure registry |
US20070203852A1 (en) * | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Identity information including reputation information |
US8104074B2 (en) * | 2006-02-24 | 2012-01-24 | Microsoft Corporation | Identity providers in digital identity system |
US8117459B2 (en) * | 2006-02-24 | 2012-02-14 | Microsoft Corporation | Personal identification information schemas |
GB2436670B (en) * | 2006-03-10 | 2010-12-22 | Michael Paul Whitlock | Computer systems |
US7707192B1 (en) | 2006-05-23 | 2010-04-27 | Jp Morgan Chase Bank, N.A. | Confidence index for assets |
US8095966B1 (en) * | 2006-06-28 | 2012-01-10 | Emc Corporation | Methods and apparatus for password management |
JP2008015877A (en) * | 2006-07-07 | 2008-01-24 | Fujitsu Ltd | Authentication system and method |
US8078880B2 (en) * | 2006-07-28 | 2011-12-13 | Microsoft Corporation | Portable personal identity information |
US9251637B2 (en) * | 2006-11-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for using at least a portion of a one-time password as a dynamic card verification value |
US8407767B2 (en) * | 2007-01-18 | 2013-03-26 | Microsoft Corporation | Provisioning of digital identity representations |
US8087072B2 (en) * | 2007-01-18 | 2011-12-27 | Microsoft Corporation | Provisioning of digital identity representations |
FR2911743B1 (en) * | 2007-01-23 | 2009-04-24 | Ncryptone Sa | PORTABLE AUTHENTICATION DEVICE. |
US8689296B2 (en) | 2007-01-26 | 2014-04-01 | Microsoft Corporation | Remote access of digital identities |
EP2034458A3 (en) | 2007-03-09 | 2009-09-02 | ActivIdentity, Inc. | One-time passwords |
US8002193B2 (en) | 2007-03-12 | 2011-08-23 | Visa U.S.A. Inc. | Payment card dynamically receiving power from external source |
US8533821B2 (en) * | 2007-05-25 | 2013-09-10 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
US7930554B2 (en) * | 2007-05-31 | 2011-04-19 | Vasco Data Security,Inc. | Remote authentication and transaction signatures |
US8667285B2 (en) | 2007-05-31 | 2014-03-04 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
US8060750B2 (en) * | 2007-06-29 | 2011-11-15 | Emc Corporation | Secure seed provisioning |
US8059814B1 (en) | 2007-09-28 | 2011-11-15 | Emc Corporation | Techniques for carrying out seed or key derivation |
US8020775B2 (en) | 2007-12-24 | 2011-09-20 | Dynamics Inc. | Payment cards and devices with enhanced magnetic emulators |
US8302167B2 (en) * | 2008-03-11 | 2012-10-30 | Vasco Data Security, Inc. | Strong authentication token generating one-time passwords and signatures upon server credential verification |
US8478637B1 (en) | 2008-04-08 | 2013-07-02 | Jpmorgan Chase Bank, N.A. | Index for assessing discount potential |
US8307210B1 (en) | 2008-05-02 | 2012-11-06 | Emc Corporation | Method and apparatus for secure validation of tokens |
US10157375B2 (en) * | 2008-06-03 | 2018-12-18 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US8762210B2 (en) | 2008-06-03 | 2014-06-24 | Cardinalcommerce Corporation | Alternative payment implementation for electronic retailers |
US7694130B1 (en) * | 2008-09-12 | 2010-04-06 | Michael Anthony Martinez | System and method to authenticate a user utilizing a time-varying auxiliary code |
US8579203B1 (en) | 2008-12-19 | 2013-11-12 | Dynamics Inc. | Electronic magnetic recorded media emulators in magnetic card devices |
CA2751138C (en) * | 2009-02-04 | 2018-06-19 | Data Security Systems Solutions Pte Ltd | Transforming static password systems to become 2-factor authentication |
EP2406749B1 (en) * | 2009-03-13 | 2018-06-13 | Assa Abloy Ab | Transfer device for sensitive material such as a cryptographic key |
US9032058B2 (en) * | 2009-03-13 | 2015-05-12 | Assa Abloy Ab | Use of SNMP for management of small footprint devices |
US20100235900A1 (en) * | 2009-03-13 | 2010-09-16 | Assa Abloy Ab | Efficient two-factor authentication |
US8474026B2 (en) * | 2009-03-13 | 2013-06-25 | Assa Abloy Ab | Realization of access control conditions as boolean expressions in credential authentications |
US8931703B1 (en) | 2009-03-16 | 2015-01-13 | Dynamics Inc. | Payment cards and devices for displaying barcodes |
US10176419B1 (en) | 2009-04-06 | 2019-01-08 | Dynamics Inc. | Cards and assemblies with user interfaces |
US8622309B1 (en) | 2009-04-06 | 2014-01-07 | Dynamics Inc. | Payment cards and devices with budgets, parental controls, and virtual accounts |
US9329619B1 (en) | 2009-04-06 | 2016-05-03 | Dynamics Inc. | Cards with power management |
US20100269162A1 (en) * | 2009-04-15 | 2010-10-21 | Jose Bravo | Website authentication |
US8393545B1 (en) | 2009-06-23 | 2013-03-12 | Dynamics Inc. | Cards deployed with inactivated products for activation |
US8511574B1 (en) | 2009-08-17 | 2013-08-20 | Dynamics Inc. | Advanced loyalty applications for powered cards and devices |
US9306666B1 (en) | 2009-10-08 | 2016-04-05 | Dynamics Inc. | Programming protocols for powered cards and devices |
US8727219B1 (en) | 2009-10-12 | 2014-05-20 | Dynamics Inc. | Magnetic stripe track signal having multiple communications channels |
US8523059B1 (en) | 2009-10-20 | 2013-09-03 | Dynamics Inc. | Advanced payment options for powered cards and devices |
US8393546B1 (en) | 2009-10-25 | 2013-03-12 | Dynamics Inc. | Games, prizes, and entertainment for powered cards and devices |
US8683609B2 (en) * | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
US8397281B2 (en) * | 2009-12-30 | 2013-03-12 | Symantec Corporation | Service assisted secret provisioning |
US8602312B2 (en) | 2010-02-16 | 2013-12-10 | Dynamics Inc. | Systems and methods for drive circuits for dynamic magnetic stripe communications devices |
US8348172B1 (en) | 2010-03-02 | 2013-01-08 | Dynamics Inc. | Systems and methods for detection mechanisms for magnetic cards and devices |
US10693263B1 (en) | 2010-03-16 | 2020-06-23 | Dynamics Inc. | Systems and methods for audio connectors for powered cards and devices |
US10504105B2 (en) | 2010-05-18 | 2019-12-10 | Dynamics Inc. | Systems and methods for cards and devices operable to communicate to touch sensitive displays |
NL2004825C2 (en) | 2010-06-04 | 2011-12-06 | Ubiqu B V | A method of authorizing a person, an authorizing architecture and a computer program product. |
US8317103B1 (en) | 2010-06-23 | 2012-11-27 | FiTeq | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
USD674013S1 (en) | 2010-07-02 | 2013-01-08 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD670759S1 (en) | 2010-07-02 | 2012-11-13 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652449S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD672389S1 (en) | 2010-07-02 | 2012-12-11 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652867S1 (en) | 2010-07-02 | 2012-01-24 | Dynamics Inc. | Multiple button interactive electronic card |
USD687094S1 (en) | 2010-07-02 | 2013-07-30 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652448S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD652075S1 (en) | 2010-07-02 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card |
USD643063S1 (en) | 2010-07-09 | 2011-08-09 | Dynamics Inc. | Interactive electronic card with display |
USD651238S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
USD651237S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
USD666241S1 (en) | 2010-07-09 | 2012-08-28 | Dynamics Inc. | Multiple button interactive electronic card with light source |
USD653288S1 (en) | 2010-07-09 | 2012-01-31 | Dynamics Inc. | Multiple button interactive electronic card |
USD792513S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD651644S1 (en) | 2010-07-09 | 2012-01-03 | Dynamics Inc. | Interactive electronic card with display |
USD792511S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD652450S1 (en) | 2010-07-09 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD792512S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD665447S1 (en) | 2010-07-09 | 2012-08-14 | Dynamics Inc. | Multiple button interactive electronic card with light source and display |
USD652076S1 (en) | 2010-07-09 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card with display |
USD665022S1 (en) | 2010-07-09 | 2012-08-07 | Dynamics Inc. | Multiple button interactive electronic card with light source |
US8322623B1 (en) | 2010-07-26 | 2012-12-04 | Dynamics Inc. | Systems and methods for advanced card printing |
US9818125B2 (en) | 2011-02-16 | 2017-11-14 | Dynamics Inc. | Systems and methods for information exchange mechanisms for powered cards and devices |
US9053398B1 (en) | 2010-08-12 | 2015-06-09 | Dynamics Inc. | Passive detection mechanisms for magnetic cards and devices |
US10055614B1 (en) | 2010-08-12 | 2018-08-21 | Dynamics Inc. | Systems and methods for advanced detection mechanisms for magnetic cards and devices |
WO2012037479A1 (en) | 2010-09-17 | 2012-03-22 | Universal Secure Registry, Llc | Apparatus, system and method employing a wireless user-device |
US10022884B1 (en) | 2010-10-15 | 2018-07-17 | Dynamics Inc. | Systems and methods for alignment techniques for magnetic cards and devices |
US8561894B1 (en) | 2010-10-20 | 2013-10-22 | Dynamics Inc. | Powered cards and devices designed, programmed, and deployed from a kiosk |
US9646240B1 (en) | 2010-11-05 | 2017-05-09 | Dynamics Inc. | Locking features for powered cards and devices |
US8567679B1 (en) | 2011-01-23 | 2013-10-29 | Dynamics Inc. | Cards and devices with embedded holograms |
US10095970B1 (en) | 2011-01-31 | 2018-10-09 | Dynamics Inc. | Cards including anti-skimming devices |
US9836680B1 (en) | 2011-03-03 | 2017-12-05 | Dynamics Inc. | Systems and methods for advanced communication mechanisms for magnetic cards and devices |
US8485446B1 (en) | 2011-03-28 | 2013-07-16 | Dynamics Inc. | Shielded magnetic stripe for magnetic cards and devices |
US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
CA2833928C (en) | 2011-04-22 | 2018-01-02 | Pepsico, Inc. | Beverage dispensing system with social media capabilities |
EP2707847A4 (en) | 2011-05-10 | 2015-04-01 | Dynamics Inc | Systems, devices, and methods for mobile payment acceptance, mobile authorizations, mobile wallets, and contactless communication mechanisms |
USD670332S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
USD670329S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
USD676904S1 (en) | 2011-05-12 | 2013-02-26 | Dynamics Inc. | Interactive display card |
USD670331S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
USD670330S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
US8628022B1 (en) | 2011-05-23 | 2014-01-14 | Dynamics Inc. | Systems and methods for sensor mechanisms for magnetic cards and devices |
US8827153B1 (en) | 2011-07-18 | 2014-09-09 | Dynamics Inc. | Systems and methods for waveform generation for dynamic magnetic stripe communications devices |
US11551046B1 (en) | 2011-10-19 | 2023-01-10 | Dynamics Inc. | Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices |
US11409971B1 (en) | 2011-10-23 | 2022-08-09 | Dynamics Inc. | Programming and test modes for powered cards and devices |
WO2013067020A1 (en) | 2011-11-01 | 2013-05-10 | Stephen Lim | Dispensing system and user interface |
US8960545B1 (en) | 2011-11-21 | 2015-02-24 | Dynamics Inc. | Data modification for magnetic cards and devices |
US9619741B1 (en) | 2011-11-21 | 2017-04-11 | Dynamics Inc. | Systems and methods for synchronization mechanisms for magnetic cards and devices |
US9064194B1 (en) | 2012-02-03 | 2015-06-23 | Dynamics Inc. | Systems and methods for spike suppression for dynamic magnetic stripe communications devices |
US9710745B1 (en) | 2012-02-09 | 2017-07-18 | Dynamics Inc. | Systems and methods for automated assembly of dynamic magnetic stripe communications devices |
US8888009B1 (en) | 2012-02-14 | 2014-11-18 | Dynamics Inc. | Systems and methods for extended stripe mechanisms for magnetic cards and devices |
US9916992B2 (en) | 2012-02-20 | 2018-03-13 | Dynamics Inc. | Systems and methods for flexible components for powered cards and devices |
US9734669B1 (en) | 2012-04-02 | 2017-08-15 | Dynamics Inc. | Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality |
US11418483B1 (en) | 2012-04-19 | 2022-08-16 | Dynamics Inc. | Cards, devices, systems, and methods for zone-based network management |
US9033218B1 (en) | 2012-05-15 | 2015-05-19 | Dynamics Inc. | Cards, devices, systems, methods and dynamic security codes |
US10140139B1 (en) * | 2012-06-19 | 2018-11-27 | Bromium, Inc. | Ensuring the privacy and integrity of a hypervisor |
US9064195B2 (en) | 2012-06-29 | 2015-06-23 | Dynamics Inc. | Multiple layer card circuit boards |
US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
USD676487S1 (en) | 2012-08-27 | 2013-02-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD828870S1 (en) | 2012-08-27 | 2018-09-18 | Dynamics Inc. | Display card |
USD730438S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with display and button |
USD687095S1 (en) | 2012-08-27 | 2013-07-30 | Dynamics Inc. | Interactive electronic card with buttons |
USD675256S1 (en) | 2012-08-27 | 2013-01-29 | Dynamics Inc. | Interactive electronic card with display and button |
USD729870S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
USD687487S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD687489S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD687490S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD687488S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD694322S1 (en) | 2012-08-27 | 2013-11-26 | Dynamics Inc. | Interactive electronic card with display buttons |
USD687887S1 (en) | 2012-08-27 | 2013-08-13 | Dynamics Inc. | Interactive electronic card with buttons |
USD695636S1 (en) | 2012-08-27 | 2013-12-17 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD688744S1 (en) | 2012-08-27 | 2013-08-27 | Dynamics Inc. | Interactive electronic card with display and button |
USD729869S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
USD730439S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with buttons |
USD729871S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD673606S1 (en) | 2012-08-27 | 2013-01-01 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD692053S1 (en) | 2012-08-27 | 2013-10-22 | Dynamics Inc. | Interactive electronic card with display and button |
US11126997B1 (en) | 2012-10-02 | 2021-09-21 | Dynamics Inc. | Cards, devices, systems, and methods for a fulfillment system |
US9094822B2 (en) * | 2012-10-18 | 2015-07-28 | Futurewei Technologies, Inc. | Seamless telephone login |
US9010647B2 (en) | 2012-10-29 | 2015-04-21 | Dynamics Inc. | Multiple sensor detector systems and detection methods of magnetic cards and devices |
US9659246B1 (en) | 2012-11-05 | 2017-05-23 | Dynamics Inc. | Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices |
US9010644B1 (en) | 2012-11-30 | 2015-04-21 | Dynamics Inc. | Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices |
US10949627B2 (en) | 2012-12-20 | 2021-03-16 | Dynamics Inc. | Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices |
US8955075B2 (en) * | 2012-12-23 | 2015-02-10 | Mcafee Inc | Hardware-based device authentication |
US8850543B2 (en) | 2012-12-23 | 2014-09-30 | Mcafee, Inc. | Hardware-based device authentication |
US9419953B2 (en) | 2012-12-23 | 2016-08-16 | Mcafee, Inc. | Trusted container |
USD765174S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with button |
USD751640S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD750166S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD750168S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and button |
USD764584S1 (en) | 2013-03-04 | 2016-08-23 | Dynamics Inc. | Interactive electronic card with buttons |
USD750167S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with buttons |
USD777252S1 (en) | 2013-03-04 | 2017-01-24 | Dynamics Inc. | Interactive electronic card with buttons |
USD765173S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with display and button |
USD751639S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD767024S1 (en) | 2013-09-10 | 2016-09-20 | Dynamics Inc. | Interactive electronic card with contact connector |
USD737373S1 (en) | 2013-09-10 | 2015-08-25 | Dynamics Inc. | Interactive electronic card with contact connector |
US10108891B1 (en) | 2014-03-21 | 2018-10-23 | Dynamics Inc. | Exchange coupled amorphous ribbons for electronic stripes |
US9430674B2 (en) | 2014-04-16 | 2016-08-30 | Bank Of America Corporation | Secure data access |
US9378384B2 (en) | 2014-04-16 | 2016-06-28 | Bank Of America Corporation | Secure endpoint file export in a business environment |
US10032049B2 (en) | 2016-02-23 | 2018-07-24 | Dynamics Inc. | Magnetic cards and devices for motorized readers |
US20170278127A1 (en) | 2016-03-28 | 2017-09-28 | Codebroker, Llc | Validating digital content presented on a mobile device |
GB2567081A (en) | 2016-07-15 | 2019-04-03 | Cardinalcommerce Coorporation | Authentication to authorization bridge using enriched messages |
US10574650B2 (en) | 2017-05-17 | 2020-02-25 | Bank Of America Corporation | System for electronic authentication with live user determination |
US10387632B2 (en) | 2017-05-17 | 2019-08-20 | Bank Of America Corporation | System for provisioning and allowing secure access to a virtual credential |
US10652743B2 (en) | 2017-12-21 | 2020-05-12 | The Chamberlain Group, Inc. | Security system for a moveable barrier operator |
US11074773B1 (en) | 2018-06-27 | 2021-07-27 | The Chamberlain Group, Inc. | Network-based control of movable barrier operators for autonomous vehicles |
US11423717B2 (en) | 2018-08-01 | 2022-08-23 | The Chamberlain Group Llc | Movable barrier operator and transmitter pairing over a network |
US10997810B2 (en) | 2019-05-16 | 2021-05-04 | The Chamberlain Group, Inc. | In-vehicle transmitter training |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3956615A (en) * | 1974-06-25 | 1976-05-11 | Ibm Corporation | Transaction execution system with secure data storage and communications |
US4123747A (en) * | 1977-05-20 | 1978-10-31 | International Business Machines Corporation | Identity verification method and apparatus |
US4856062A (en) * | 1984-11-30 | 1989-08-08 | Kenneth Weiss | Computing and indicating device |
US4998279A (en) * | 1984-11-30 | 1991-03-05 | Weiss Kenneth P | Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics |
US5168520A (en) * | 1984-11-30 | 1992-12-01 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US5237614A (en) * | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3764742A (en) * | 1971-12-23 | 1973-10-09 | Ibm | Cryptographic identification system |
US4302810A (en) * | 1979-12-28 | 1981-11-24 | International Business Machines Corporation | Method and apparatus for secure message transmission for use in electronic funds transfer systems |
US4885778A (en) * | 1984-11-30 | 1989-12-05 | Weiss Kenneth P | Method and apparatus for synchronizing generation of separate, free running, time dependent equipment |
US5367572A (en) * | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
GB8522569D0 (en) * | 1985-09-12 | 1985-10-16 | Philipsz B E | Computer security method |
WO1990003607A1 (en) * | 1988-09-26 | 1990-04-05 | Hitachi Maxell Ltd. | Data processing system using ic card |
US5097505A (en) * | 1989-10-31 | 1992-03-17 | Securities Dynamics Technologies, Inc. | Method and apparatus for secure identification and verification |
EP0566811A1 (en) * | 1992-04-23 | 1993-10-27 | International Business Machines Corporation | Authentication method and system with a smartcard |
-
1994
- 1994-03-16 US US08/213,951 patent/US5657388A/en not_active Expired - Lifetime
-
1995
- 1995-03-16 KR KR1019960705158A patent/KR970701956A/en not_active Application Discontinuation
- 1995-03-16 CA CA002183629A patent/CA2183629C/en not_active Expired - Lifetime
- 1995-03-16 JP JP7524140A patent/JPH09510561A/en active Pending
- 1995-03-16 EP EP95912913A patent/EP0750814A4/en not_active Ceased
- 1995-03-16 WO PCT/US1995/003181 patent/WO1995025391A1/en active Search and Examination
- 1995-03-16 AU AU19924/95A patent/AU681500B2/en not_active Expired
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3956615A (en) * | 1974-06-25 | 1976-05-11 | Ibm Corporation | Transaction execution system with secure data storage and communications |
US4123747A (en) * | 1977-05-20 | 1978-10-31 | International Business Machines Corporation | Identity verification method and apparatus |
US4856062A (en) * | 1984-11-30 | 1989-08-08 | Kenneth Weiss | Computing and indicating device |
US4998279A (en) * | 1984-11-30 | 1991-03-05 | Weiss Kenneth P | Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics |
US5023908A (en) * | 1984-11-30 | 1991-06-11 | Kenneth Weiss | Method and apparatus for personal identification |
US5168520A (en) * | 1984-11-30 | 1992-12-01 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US5237614A (en) * | 1991-06-07 | 1993-08-17 | Security Dynamics Technologies, Inc. | Integrated network security system |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
Non-Patent Citations (1)
Title |
---|
See also references of EP0750814A4 * |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1997008870A3 (en) * | 1995-08-31 | 1997-05-01 | Stefanus Alfonsus Brands | Secure cryptographic methods for electronic transfer of information |
WO1997008870A2 (en) * | 1995-08-31 | 1997-03-06 | Stefanus Alfonsus Brands | Secure cryptographic methods for electronic transfer of information |
FR2754411A1 (en) * | 1996-10-05 | 1998-04-10 | Samsung Electronics Co Ltd | USER AUTHENTICATION DEVICE AND METHOD |
EP0921700A3 (en) * | 1997-12-03 | 2001-05-16 | Toyota Jidosha Kabushiki Kaisha | Information terminal device |
EP0921700A2 (en) * | 1997-12-03 | 1999-06-09 | Toyota Jidosha Kabushiki Kaisha | Information terminal device |
US6336038B1 (en) | 1997-12-03 | 2002-01-01 | Toyota Jidosha Kabushiki Kaisha | Information terminal device and control method for the same |
FR2788154A1 (en) * | 1998-12-01 | 2000-07-07 | Philippe Baron D | Secure data exchange for electronic or internet payments |
FR2788620A1 (en) * | 1998-12-01 | 2000-07-21 | Philippe Baron D | Storage and transaction systems for secure remote payment systems |
FR2790854A1 (en) * | 1998-12-01 | 2000-09-15 | Philippe Baron D | Device for securing computer data exchanges of payment or remote payment has inaccessible area in secret memory in which primary codes of list may be used as preference for secure exchange |
EP1035524A2 (en) * | 1999-03-10 | 2000-09-13 | Denis Philippe Baron | IC cards and secure data exchange systems, in particular for payments |
EP1035524A3 (en) * | 1999-03-10 | 2003-12-10 | Denis Philippe Baron | IC cards and secure data exchange systems, in particular for payments |
WO2001023694A1 (en) * | 1999-09-27 | 2001-04-05 | Tactel Ab | Automatic locking system |
WO2001040605A1 (en) * | 1999-11-30 | 2001-06-07 | Bording Data A/S | An electronic key device, a system and a method of managing electronic key information |
US7012503B2 (en) | 1999-11-30 | 2006-03-14 | Bording Data A/S | Electronic key device a system and a method of managing electronic key information |
WO2001082151A1 (en) * | 2000-04-24 | 2001-11-01 | Neotechkno Corporation | External device and authentication system |
WO2002013152A1 (en) * | 2000-08-08 | 2002-02-14 | Davide Martignon | Safety method and system for circulating confidential data on public-access communication means |
EP1233379A2 (en) * | 2001-02-16 | 2002-08-21 | EVVA-Werk Spezialerzeugung von Zylinder- und Sicherheitsschlössern Gesellschaft m.b.H. & Co. Kommanditgesellschaft | Method for controlling an access-check with keys and locks and device for implementing such a method |
EP1233379A3 (en) * | 2001-02-16 | 2005-01-26 | EVVA-Werk Spezialerzeugung von Zylinder- und Sicherheitsschlössern Gesellschaft m.b.H. & Co. Kommanditgesellschaft | Method for controlling an access-check with keys and locks and device for implementing such a method |
FR2835078A1 (en) * | 2002-10-16 | 2003-07-25 | Thierry Baillietaieb | Credit card security system for secure credit card payments, uses an encryption unit which calculates a secure code from the invariant elements of the credit card and variable elements keyed in |
WO2013054072A1 (en) * | 2011-10-12 | 2013-04-18 | Technology Business Management Limited | Id authentication |
US9805364B2 (en) | 2011-10-12 | 2017-10-31 | Technology Business Management Limited | ID authentication |
CN102750474A (en) * | 2012-06-04 | 2012-10-24 | 飞天诚信科技股份有限公司 | Method and device for generating dynamic password in embedded system |
CN102750474B (en) * | 2012-06-04 | 2015-09-23 | 飞天诚信科技股份有限公司 | A kind of method and device generating dynamic password in embedded systems |
WO2015004528A3 (en) * | 2013-07-08 | 2015-04-30 | Assa Abloy Ab | One-time-password generated on reader device using key read from personal security device |
US10129248B2 (en) | 2013-07-08 | 2018-11-13 | Assa Abloy Ab | One-time-password generated on reader device using key read from personal security device |
US10826893B2 (en) | 2013-07-08 | 2020-11-03 | Assa Abloy Ab | One-time-password generated on reader device using key read from personal security device |
Also Published As
Publication number | Publication date |
---|---|
JPH09510561A (en) | 1997-10-21 |
CA2183629C (en) | 2001-05-29 |
US5657388A (en) | 1997-08-12 |
AU681500B2 (en) | 1997-08-28 |
EP0750814A4 (en) | 1997-04-09 |
EP0750814A1 (en) | 1997-01-02 |
CA2183629A1 (en) | 1995-09-21 |
AU1992495A (en) | 1995-10-03 |
KR970701956A (en) | 1997-04-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO1995025391A1 (en) | Method and apparatus for utilizing a token for resource access | |
CN1197030C (en) | Apparatus for authenticating user and method therefor | |
US5371796A (en) | Data communication system | |
US4731841A (en) | Field initialized authentication system for protective security of electronic information networks | |
US5020105A (en) | Field initialized authentication system for protective security of electronic information networks | |
US5499297A (en) | System and method for trusted path communications | |
EP0647895B1 (en) | Method for preventing inadvertent betrayal of stored digital secrets by a trustee | |
US6263446B1 (en) | Method and apparatus for secure distribution of authentication credentials to roaming users | |
CN104798083B (en) | For the method and system of authentication-access request | |
US20030101348A1 (en) | Method and system for determining confidence in a digital transaction | |
CA2273859A1 (en) | Authenticating system with microcircuit card | |
JPH1075489A (en) | Secrecy access system | |
EP0555219A1 (en) | Method and apparatus for personal identification | |
JP4612951B2 (en) | Method and apparatus for securely distributing authentication credentials to roaming users | |
JP2002519782A (en) | Apparatus and method for end-to-end authentication using biometric data | |
US20020073345A1 (en) | Secure indentification method and apparatus | |
WO1999046881A1 (en) | Transaction card security system | |
GB2267631A (en) | Data communication system | |
Park et al. | Attribute-based access control using combined authentication technologies | |
KR20030091908A (en) | A method for getting access to database permitting user's access using smart card and temporary IP | |
MXPA97003885A (en) | Securi access system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU CA JP KR |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2183629 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1995912913 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1995912913 Country of ref document: EP |
|
WWR | Wipo information: refused in national office |
Ref document number: 1995912913 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1995912913 Country of ref document: EP |
|
DPE2 | Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101) |