Field programmable smart card terminal and token device

US 20010054148A1
Filed: 02/20/2001
Published: 12/20/2001
Est. Priority Date: 02/18/2000
Status: Active Grant

First Claim

Patent Images

1. A field programmable electronic smart card terminal capable of acting as a token device for allowing secure communication between a user and an application provided by a service provider, comprising:

a token personality logic;

a smart card reader adapted to receive and communicate with a smart card having stored thereon a user identification data, wherein with a smart card received by said smart card reader said token personality logic can generate a token device personality using said user authentication data; and

, a communications mechanism for communicating an element of said token device personality to an application provided by a service provider.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention defines a digital programmable smart card terminal device and token collectively known as the token device. The token device comprises a field programmable token device which accepts a users smart card. The combination of token device and smart card may then be used for a variety of applications that include user authentication, secure access, encryption. One specific application is that of an electronic wallet. The token device can be used both in connected and unconnected modes. In one embodiment, the invention comprises a field programmable electronic smart card terminal for allowing secure communication between a user and a host service, service provider, or application, comprising a token personality logic; and, a smart card reader adapted to receive and communicate with a smart card having stored thereon a user identification data, wherein with a smart card received by said smart card reader said token personality logic can generate a token device personality using said user authentication data; and, a communications mechanism for communicating an element of said token device personality to a service or application. Since the smart card terminal only gains its token personality when a smart card is inserted, manufacture and distribution of the terminal on a wide scale is possible.

Citations

41 Claims

1. A field programmable electronic smart card terminal capable of acting as a token device for allowing secure communication between a user and an application provided by a service provider, comprising:
- a token personality logic;
  
  a smart card reader adapted to receive and communicate with a smart card having stored thereon a user identification data, wherein with a smart card received by said smart card reader said token personality logic can generate a token device personality using said user authentication data; and
  
  , a communications mechanism for communicating an element of said token device personality to an application provided by a service provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The terminal of claim 1 wherein said token device personality is erased when the smart card is removed from the smart card reader.
  - 3. The terminal of claim 1 further comprising a unique terminal identifier associated with said smart card terminal.
  - 4. The terminal of claim 3 wherein with a smart card received by said smart card reader said token personality logic can generate a token device personality using a combination of said user authentication data and said terminal identifier.
  - 5. The terminal of claim 1 wherein said user identification data is copied to said smart card terminal.
  - 6. The terminal of claim 5 wherein said user identification data is erased when the smart card is removed from the smart card reader.
  - 7. The terminal of claim 1, further comprising:
    - a computing mechanism; and
      
      , a memory device storing at least one application provided by the service provider and capable of being loaded and executed by said computing mechanism.
  - 8. The terminal of claim 7, wherein at least one of said applications is configured to accept a PIN number from one of a set of terminal users, and maintain confidentiality and provide access to other functions and/or applications of said token device only as corresponding to the user identified by the accepted PIN.
  - 9. The token of claim 7, wherein at least one of said applications supports security paradigms, including at least one of time and/or event based passwords, challenge response, and signatures.
  - 10. The token of claim 7, further comprising at least one of a timing mechanism connected to said computing mechanism and utilized by the token or any of said applications in performing clock and/or event based security paradigms.
  - 11. The terminal of claim 7, wherein said applications include a connected mode application that configures said token in a connected mode such that said token acts as a slave to a computer connected to said token.
  - 12. The terminal of claim 1 wherein said terminal device operates physically unconnected from the service provider.
  - 13. The terminal of claim 12 wherein said communications mechanism is a display configured to communicate a PIN element of a token device personality in response to a user input.
  - 14. The terminal of claim 13 wherein the user input is data as communicated from the service provider in the form of a question to be interpreted by the token device.
  - 15. The terminal of claim 1, further comprising an output mechanism connected to said computing mechanism configured to transmit secured data from said token to a remotely connected device.
  - 16. The terminal of claim 15, wherein said output mechanism comprises at least one of an infra red device, scanning device, telephone line connection, network connection, and universal serial bus port.
  - 17. The terminal of claim 1, including a data encryptor for encrypting data wherein said encrypting data is performed via at least one of DES, Triple DES, and other encryption processes.
  - 18. The terminal of claim 1, including:
    - a computing mechanism; and
      
      , a memory device storing at least one application provided by the service provider and capable of being loaded and executed by said computing mechanism;
      
      wherein at least one of said applications supports an electronic wallet.
  - 19. The terminal of claim 18, wherein the electronic wallet application includes modules for displaying current balances, and a predetermined number of last previous transactions of the wallet.

20. A method of accessing a secure application, comprising the steps of:
- providing a generic smart card reader terminal, wherein said generic smart card reader terminal includes;
  
  a generic token personality logic, a smart card reader adapted to receive and communicate with a smart card, and, a communications mechanism for communicating said token device personality to a host service;
  
  receiving at said generic smart card reader a user smart card having stored thereon a user identification data;
  
  generating a token device personality using said user authentication data; and
  
  , accessing a secure application using an element of said token device personality.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 39, 40, 41)
- - 21. The method of claim 20, further comprising the step of:
    - erasing said token device personality when the smart card is removed from the smart card reader.
  - 22. The terminal of claim 20 further comprising the step of associating a unique terminal identifier with each smart card terminal.
  - 23. The method of claim 22 wherein said step of generating includes the step of:
    - generating a token device personality using a combination of said user authentication data and said unique terminal identifier.
  - 24. The method of claim 20 further comprising the step of:
    - copying said user identification data to said smart card terminal.
  - 25. The method of claim 24 further comprising the step of:
    - erasing said identification data when the smart card is removed from the smart card reader.
  - 26. The method of claim 20 including the step of:
    - operating said terminal device unconnected from the service provider
  - 27. The method of claim 20 including the steps of:
    - receiving information from the service provider in the form of a question;
      
      entering said question into the terminal device;
      
      receiving a response to said question; and
      
      , communicating said response to the service provider.
  - 28. The method of claim 27 wherein the question is a request for a PIN.
  - 29. The method of claim 28 wherein said step of entering a question is via a keypad attached to the device, and said step of receiving a response is via a display attached to the device.
  - 30. The method of claim 20 including the step of:
    - operating said terminal device via a connection to a client computer in communication with the service provider.
  - 31. The method of claim 30 including the steps of:
    - receiving information from the service provider in the form of a question;
      
      entering said question into the terminal device;
      
      receiving a response to said question; and
      
      , communicating said response to the service provider.
  - 32. The method of claim 31 wherein the question is a request for a PIN
  - 33. The method of claim 32 wherein said steps of entering a question and receiving a response is via the client computer connected to the device.
  - 39. The method of claim 24 further comprising the step of:
    - erasing said identification data when the smart card is removed from the smart card reader.
  - 40. The method of claim 20 including the step of:
    - allowing said user to operate said terminal device unconnected from the service provider.
  - 41. The method of claim 20 including the step of:
    - allowing said user to operate said terminal device via a connection to a client computer in communication with the service provider.

34. A method of providing a user with secure access to a service provider application, comprising the steps of:
- distributing to a plurality of users a plurality of generic smart card reader terminals, wherein each of said generic smart card reader terminals includes;
  
  a generic token personality logic, a smart card reader adapted to receive and communicate with a smart card, and, a communications mechanism for communicating said token device personality to a host service;
  
  receiving at said generic smart card reader a user'"'"'s smart card having stored thereon a user identification data;
  
  allowing a user to generate a token device personality using said user authentication data; and
  
  , allowing one of said users to access a secure application provided by a service provider, using an element of said token device personality.
- View Dependent Claims (38)
- - 38. The method of claim 34 further comprising the step of:
    - copying said user identification data to said smart card terminal.

35. The method of claim 35, further comprising the step of:
- erasing said token device personality when the smart card is removed from the smart card reader.
- View Dependent Claims (36, 37)
- - 36. The method of claim 35 further comprising the step of:
    - associating a unique terminal identifier with each smart card terminal.
  - 37. The method of claim 36 wherein said step of generating includes the step of:
    - generating a token device personality using a combination of said user authentication data and said unique terminal identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Onespan North America Incorporated (OneSpan, Inc.)
Original Assignee
Vasco Data Security Incorporated (OneSpan, Inc.)
Inventors
Hoornaert, Frank, Houthooft, Mario

Granted Patent

US 8,949,608 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/172
CPC Class Codes

E21B 41/0042   characterised by sealing th...

G06F 21/34   involving the use of extern...

G06K 7/0013   by galvanic contacts, e.g. ...

G06K 7/006   the housing being a portabl...

G06Q 20/341   Active cards, i.e. cards in...

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

Field programmable smart card terminal and token device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Field programmable smart card terminal and token device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links