Authentication technique for electronic transactions

US 20010044896A1
Filed: 03/05/2001
Published: 11/22/2001
Est. Priority Date: 03/06/2000
Status: Active Application

First Claim

Patent Images

1. A method for authenticating a device in an electronic transaction, comprising the steps of:

transmitting a device signature of a first device from said first device to a second device;

verifying said device signature in said second device;

mutating said device signature to define a mutated device signature; and

communicating said mutated device signature between said first device and said second device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique for authenticating a first party to a second party is applicable to electronic transactions. In addition to employing personal passwords, and a device operational parameter fingerprint, two signatures are employed, one being characteristic of the first party, and the other being associated with the computer or communications device of the first party. The signatures mutate at random intervals, responsive to mutation requests made by the device of first party to the device employed by the second party. The mutated signatures invalidate previous signatures, and are stored in the computing or communications devices of both parties. The mutation process authenticates the computer or communication device, and may also authenticate the password holder.

109 Citations

View as Search Results

68 Claims

1. A method for authenticating a device in an electronic transaction, comprising the steps of:
- transmitting a device signature of a first device from said first device to a second device;
  
  verifying said device signature in said second device;
  
  mutating said device signature to define a mutated device signature; and
  
  communicating said mutated device signature between said first device and said second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, further comprising the step of transmitting a primary device identifier that identifies said first device, wherein said step of verifying said device signature is performed with reference to said primary device identifier.
  - 3. The method according to claim 1, further comprising the steps of:
    - transmitting a device configuration parameter fingerprint of said first device from said first device to said second device; and
      
      verifying said device configuration parameter fingerprint in said second device.
  - 4. The method according to claim 3, wherein said device configuration parameter fingerprint is encrypted.
  - 5. The method according to claim 1, wherein said step of mutating said device signature is performed by said second device.
  - 6. The method according to claim 1, wherein said step of mutating said device signature is performed by said first device.
  - 7. The method according to claim 1, further comprising the step of:
    - delaying for a random delay interval prior to performing said step of transmitting.
  - 8. The method according to claim 1, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.
  - 9. The method according to claim 1, wherein said step of mutating said device signature is performed by communicating mutation transformation parameters;
    - and applying a transformation according to said mutation transformation parameters to said device signature.

10. A method for authenticating a device in an electronic transaction, comprising the steps of:
- transmitting a device signature of a first device from said first device to a second device;
  
  transmitting a customer account signature from said first device to said second device;
  
  verifying said device signature in said second device;
  
  verifying said customer account signature in said second device;
  
  mutating said device signature to define a mutated device signature;
  
  mutating said customer account signature to define a mutated customer account signature; and
  
  communicating said mutated device signature and said mutated customer account signature between said first device and said second device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 11. The method according to claim 10, further comprising the steps of:
    - transmitting a primary device identifier that identifies said first device, wherein said step of verifying said device signature is performed with reference to said primary device identifier; and
      
      transmitting a username of a user of said first device, wherein said step of verifying said customer account signature is performed with reference to said username.
  - 12. The method according to claim 10, further comprising the steps of:
    - transmitting a device configuration parameter fingerprint of said first device from said first device to said second device; and
      
      verifying said device configuration parameter fingerprint in said second device.
  - 13. The method according to claim 12, further comprising the steps of:
    - transmitting a password of a user of said first device from said first device to said second device; and
      
      verifying said password in said second device.
  - 14. The method according to claim 12, wherein said device configuration parameter fingerprint is encrypted.
  - 15. The method according to claim 10, wherein said steps of mutating said device signature and mutating said customer account signature are performed by said second device.
  - 16. The method according to claim 10, wherein said steps of mutating said device signature and mutating said customer account signature are performed by said first device.
  - 17. The method according to claim 10, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.
  - 18. The method according to claim 10, wherein said step of mutating said customer account signature comprises randomly varying a bit representation thereof.
  - 19. The method according to claim 10, wherein said steps of transmitting said device signature and transmitting said customer account signature from said first device to said second device are performed as a response to a challenge of said second device.
  - 20. The method according to claim 10, further comprising the step of encrypting said customer account signature using a password of a user of said first device.
  - 21. The method according to claim 10, further comprising the steps of:
    - transmitting a password of a user of said first device from said first device to said second device; and
      
      verifying said password in said second device.
  - 22. The method according to claim 21, wherein said password is an encrypted password.
  - 23. The method according to claim 10, wherein said step of mutating said device signature is performed by communicating mutation transformation parameters;
    - and applying a transformation according to said mutation transformation parameters to said device signature.
  - 24. The method according to claim 10, wherein said step of mutating said customer account signature is performed by communicating mutation transformation parameters;
    - and applying a transformation according to said mutation transformation parameters to said customer account signature.

25. A computer system for conducting electronic commerce, comprising:
- a server, having a software application executing therein, wherein said server is in communication with a user device via a data network, and program instructions of said software application are read by said server, causing said server to perform the steps of;
  
  responsive to receipt of a device signature from said user device, verifying said device signature;
  
  mutating said device signature to define a mutated device signature; and
  
  communicating said mutated device signature to said user device.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 26. The system according to claim 25, wherein said step of verifying said device signature is performed with reference to a primary device identifier that identifies said user device.
  - 27. The system according to claim 25, wherein said program instructions further cause said server to further perform the steps of:
    - responsive to receipt of a device configuration parameter fingerprint from said user device, verifying said device configuration parameter fingerprint.
  - 28. The system according to claim 27, wherein said device configuration parameter fingerprint is encrypted.
  - 29. The system according to claim 25, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.
  - 30. The system according to claim 25, wherein said program instructions further cause said server to further perform the steps of:
    - responsive to receipt of a customer account signature from said user device via said data network, verifying said customer account signature;
      
      mutating said customer account signature to define a mutated customer account signature; and
      
      communicating said mutated customer account signature to said user device.
  - 31. The system according to claim 30, wherein said program instructions further cause said server to further perform the step of:
    - issuing a challenge to said user device via said data network, wherein said device signature and said customer account signature are received by said server subsequent to performing said step of issuing said challenge.
  - 32. The system according to claim 31, wherein said program instructions further cause said server to perform the steps of:
    - responsive to receipt of a password of a user of said user device, verifying said password.
  - 33. The method according to claim 32, wherein said password is an encrypted password.
  - 34. The system according to claim 30, wherein said program instructions further cause said server to perform the step of:
    - encrypting said mutated customer account signature using a password of a user of said user device.

35. A computer system for conducting electronic commerce, comprising:
- a first server, connected to a user device via a data network, wherein said first server transmits a device signature that identifies said user device on said data network, said first server operating in accordance with first program instructions, wherein said first server receives a device built-in identifier from said user device that is associated in said first server with said device signature;
  
  a second server, having a software application executing therein, wherein said second server is in communication with said first server via said data network, and second program instructions of said software application are read by said second server, causing said second server to perform the steps of;
  
  responsive to detection of said device signature, verifying said device signature;
  
  mutating said device signature to define a mutated device signature; and
  
  communicating said mutated device signature to said first server.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
- - 36. The system according to claim 35, wherein a primary device identifier that identifies said user device is further transmitted by said first server to said second server;
    - and in performing said step of verifying said device signature said second program instructions further cause said second server to associate said primary device identifier with a copy of said device signature stored therein.
  - 37. The system according to claim 36, wherein said step of verifying said device signature is performed with reference to said primary device identifier.
  - 38. The system according to claim 35 wherein said first server transmits said device signature responsive to a control signal from said user device.
  - 39. The system according to claim 35, wherein said first server generates said device signature independently of said user device.
  - 40. The system according to claim 35, wherein said device signature is transmitted to said first server by said user device.
  - 41. The system according to claim 35, wherein said first program instructions cause said first server to perform the steps of:
    - transmitting a device configuration parameter fingerprint of said user device to said second server; and
      
      wherein responsive to receipt of said device configuration parameter fingerprint from said first server said second program instructions further cause said second server to further perform the step of;
      
      verifying said device configuration parameter fingerprint.
  - 42. The system according to claim 41, wherein said device configuration parameter fingerprint is encrypted.
  - 43. The system according to claim 35, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.
  - 44. The system according to claim 35, wherein said first server comprises a random timer, and said first server transmits said device signature responsive to a signal from said random timer.
  - 45. The system according to claim 35, wherein said first program instructions cause said first server to perform the steps of:
    - transmitting a customer account signature of said user device to said second server; and
      
      wherein responsive to receipt of said customer account signature from said first server said second program instructions further cause said second server to further perform the step of;
      
      verifying said customer account signature;
      
      mutating said customer account signature to define a mutated customer account signature; and
      
      communicating said mutated customer account signature to said first server.
  - 46. The system according to claim 45, wherein said first program instructions further cause said first server to perform the step of transmitting a username of a user of said user device to said second server;
    - and said second program instructions further cause said second server to associate said username with a copy of said customer account signature in said step of verifying said customer account signature.
  - 47. The system according to claim 45, wherein said steps of transmitting said device signature and transmitting said customer account signature from said first server to said second server are performed as a response to a challenge of said second server that is issued to said first server via said data network.
  - 48. The system according to claim 45, wherein said first program instructions further cause said first server to perform the step of:
    - encrypting said customer account signature using a password of a user of said user device.
  - 49. The system according to claim 48, wherein said first program instructions further cause said first server to perform the step of transmitting said password to said second server.
  - 50. The system according to claim 45, wherein said customer account signature is stored in said first server.
  - 51. The system according to claim 45, wherein said customer account signature is stored in said user device.
  - 52. The system according to claim 35, wherein said device signature is stored in said first server.
  - 53. The system according to claim 35, wherein said device signature is stored in said user device.

54. A computer software product for authentication of a participant in an electronic transaction, comprising a computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to perform the steps of:
- receiving a device signature of a device from a transmitter;
  
  verifying said device signature;
  
  mutating said device signature to define a mutated device signature; and
  
  communicating said mutated device signature to said transmitter.
- View Dependent Claims (55, 56, 57, 58)
- - 55. The computer software product according to claim 54, wherein said step of verifying said device signature is performed with reference to a primary device identifier that identifies said device.
  - 56. The computer software product according to claim 54, wherein the computer further performs the steps of:
    - receiving a device configuration parameter fingerprint of said device; and
      
      verifying said device configuration parameter fingerprint.
  - 57. The computer software product according to claim 56, wherein said device configuration parameter fingerprint is encrypted.
  - 58. The computer software product according to claim 54, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.

59. A computer software product for authentication of a participant in an electronic transaction, comprising a computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to perform the steps of:
- receiving a device signature of a device from a transmitter;
  
  receiving a customer account signature of said device from said transmitter;
  
  verifying said device signature;
  
  verifying said customer account signature;
  
  mutating said device signature to define a mutated device signature;
  
  mutating said customer account signature to define a mutated customer account signature; and
  
  communicating said mutated device signature and said mutated customer account signature to said transmitter.
- View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68)
- - 60. The computer software product according to claim 59, wherein said step of verifying said device signature is performed with reference to a primary device identifier that identifies said device.
  - 61. The computer software product according to claim 59, wherein the computer further performs the steps of:
    - receiving a device configuration parameter fingerprint of said device; and
      
      verifying said device configuration parameter fingerprint.
  - 62. The computer software product according to claim 61, wherein said device configuration parameter fingerprint is encrypted.
  - 63. The computer software product according to claim 59, wherein said step of mutating said device signature comprises randomly varying a bit representation thereof.
  - 64. The computer software product according to claim 59, wherein said steps of receiving said device signature and receiving said customer account signature are performed as a response to a challenge issued to said transmitter.
  - 65. The computer software product according to claim 59, wherein the computer further performs the step of encrypting said customer account signature using a password of a user of said device.
  - 66. The computer software product according to claim 59, wherein the computer further performs the steps of:
    - receiving a password of a user of said device from said transmitter; and
      
      verifying said password.
  - 67. The computer software product according to claim 66, wherein said password is an encrypted password.
  - 68. The computer software product according to claim 59, wherein the computer further performs the steps of:
    - receiving a username of a user of said device from said transmitter, wherein said step of verifying said customer account signature is performed with reference to said username.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gil Schwartz, Guy Netef, Shay Granov
Original Assignee
Gil Schwartz, Guy Netef, Shay Granov
Inventors
Granov, Shay, Schwartz, Gil, Netef, Guy

Application Number

US09/799,264
Publication Number

US 20010044896A1
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 63/068   using time-dependent keys, ...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/12   Applying verification of th...

Authentication technique for electronic transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

109 Citations

68 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication technique for electronic transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

109 Citations

68 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links