Trusted authentication digital signature (tads) system

US 20030014372A1
Filed: 07/03/2002
Published: 01/16/2003
Est. Priority Date: 08/04/2000
Status: Active Grant

First Claim

Patent Images

1. A method of managing accounts, each account being associated with a respective public key of public-private key pair, comprising:

(a) receiving an EC including a digital signature, (b) identifying information linked with a public key associated with one of the customer accounts by successfully authenticating a message associated with the EC using the public key, the information regarding security aspects of a device that generates digital signatures, the public key and corresponding private key having been created within an environment of manufacture of the device and the private key stored within the device prior to release of the device from the environment following its manufacture; and

(c) responding to the EC based on, (i) said identified information linked with the public key, and (ii) an indication included in the EC of a verification status out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of an entity input into the device and data prestored within the device.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Trusted entity authentication includes creating a public-private pair in a secure environment; storing the private key within a device during its manufacture in the secure environment; linking the public key with other information in the secure environment, receiving input within the device comprising verification data of an entity, identifying within the device a verification status based on the verification data and data prestored within the device; independent of the verification status identified, generating a digital signature for a message including an indication of the identified verification status using the private key; outputting the digital signature for transmission with an EC; identifying upon receipt of the EC the information linked with the public key by authenticating the message with the public key, and considering the identified information and the indicated verification status. The linked information includes device security aspects and the verification status regards entity authentication performed by the device.

326 Citations

283 Claims

1. A method of managing accounts, each account being associated with a respective public key of public-private key pair, comprising:
- (a) receiving an EC including a digital signature, (b) identifying information linked with a public key associated with one of the customer accounts by successfully authenticating a message associated with the EC using the public key, the information regarding security aspects of a device that generates digital signatures, the public key and corresponding private key having been created within an environment of manufacture of the device and the private key stored within the device prior to release of the device from the environment following its manufacture; and
  
  (c) responding to the EC based on, (i) said identified information linked with the public key, and (ii) an indication included in the EC of a verification status out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of an entity input into the device and data prestored within the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 267, 268, 269, 270, 271, 272, 274, 275, 276, 277, 278, 279)
- - 2. The method of claim 1, further comprising gauging a risk that the digital signature was generated fraudulently based on said considerations.
  - 3. The method of claim 2, further comprising accepting the entity authentication performed by the device if said gauged risk is acceptable.
  - 4. The method of claim 3, further comprising executing the instruction on the account upon said acceptance of the entity authentication performed by the device.
  - 5. The method of claim 1, wherein upon receipt of the EC, no additional entity authentication other than the entity authentication performed by the device and said authentication of said received message is required for execution of the instruction on the account.
  - 6. The method of claim 1, wherein the public-private key pair is created in the device.
  - 7. The method of claim 6, wherein only the public key of each pair is exportable from the respective device.
  - 8. The method of claim 6, wherein the private key is not exportable from the respective device.
  - 9. The method of claim 1, wherein the indication of the verification status reveals neither the verification data nor the prestored data.
  - 10. The method of claim 1, wherein the prestored data represents a biometric characteristic of the entity. The method of claim 1, wherein the prestored data represents a Secret of the entity.
  - 11. The method of claim 1, wherein the digital signature comprises the indication of the verification status of the device.
  - 12. The method of claim 1, wherein the message represents a financial transaction.
  - 13. The method of claim 1, wherein the message represents a legal action.
  - 14. The method of claim 1, wherein the message represents a request for access to information.
  - 15. The method of claim 1, wherein the message represents a request for access to a physical location.
  - 16. The method of claim 1, wherein the public key used to authenticate the message is sent with the digital signature.
  - 17. The method of claim 1, wherein independent of the verification status identified by the device, the digital signature for the message is generated and includes modifying within the device data representing the message as a function of the verification status identified by the device, the generated digital signature comprising the indication of the identified verification status.
  - 18. The method of claim 1, wherein said successfully authenticating the message using the public key of the device comprises the steps of:
    - (a) decrypting the digital signature with the public key; and
      
      (b) for each one of a plurality of predefined verification statuses of the device, (i) modifying data representing the message as a function of the predefined verification status; and
      
      (ii) comparing said decrypted digital signature with said modified data, with a successful authentication occurring when said decrypted digital signature matches said modified data.
  - 19. The method of claim 1, wherein said successfully authenticating the message using the public key of the device comprises the steps of:
    - (a) decrypting the digital signature with the public key; and
      
      (b) for each one of a plurality of predefined verification statuses of the device, (i) modifying data representing the message as a function of the predefined verification status, (ii) calculating a message digest as a function of the modified data, and (iii) comparing said decrypted digital signature with said modified data, with a successful authentication occurring when said decrypted digital signature matches said modified data.
  - 20. The method of claim 19, wherein said step of calculating a message digest as a function of the modified data comprises calculating a hash value for the modified data.
  - 21. The method of claim 1, further comprising receiving the data representing the message in addition to receiving the digital signature.
  - 22. The method of claim 1, wherein the message is predefined.
  - 23. The method of claim 1, wherein one of the predefined verification statuses represents a successful verification.
  - 24. The method of claim 23, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 25. The method of claim 23, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 26. The method of claim 25, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 27. The method of claim 26, wherein the predefined period of time comprises the time since a last successful verification.
  - 28. The method of claim 26, wherein the predefined period of time comprises the time since a resetting of the device.
  - 29. The method of claim 1, wherein one of the predefined verification status represents a difference between verification data input into the device and data prestored within the device.
  - 30. The method of claim 1, wherein one of the predefined verification statuses represents a degree of match between biometric verification data input into the device and biometric data prestored within the device.
  - 31. The method of claim 30, wherein one of the predefined verification statuses additionally represents a percentage of match between biometric verification data input into the device and biometric data prestored within the device.
  - 32. The method of claim 30, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 33. The method of claim 30, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 34. The method of claim 30, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 35. The method of claim 34, wherein the predefined period of time comprises the time since a last successful verification.
  - 36. The method of claim 34, wherein the predefined period of time comprises the time since a resetting of the device.
  - 38. The method of claim 37, wherein the message represents a financial transaction.
  - 39. The method of claim 37, wherein the message represents a legal action.
  - 40. The method of claim 37, wherein the message represents a request for access to information.
  - 41. The method of claim 37, wherein the message represents a request for access to a physical location.
  - 42. The method of claim 37, wherein the public key used to authenticate the message is sent with the digital signature.
  - 43. The method of claim 37, wherein the public-private key pair is created in the device.
  - 44. The method of claim 43, wherein only the public key of each pair is exportable from the respective device.
  - 45. The method of claim 43, wherein the private key is not exportable from the respective device.
  - 46. The method of claim 37, wherein said step of responding to the EC further comprises gauging a risk that the digital signature was generated fraudulently and accepting the entity authentication performed by the device if said gauged risk is acceptable.
  - 47. The method of claim 46, further comprising executing an instruction represented by the message upon said acceptance of the entity authentication performed by the device.
  - 48. The method of claim 47, further comprising maintaining an account with which the public key used to successfully authenticate the message is associated, and executing the instruction on the account upon said acceptance of the entity authentication performed by the device.
  - 49. The method of claim 48, wherein, upon receipt of the EC, no additional entity authentication other than the entity authentication performed by the device and message authentication performed by the recipient is required for execution of the instruction on the account.
  - 50. The method of claim 37, wherein the device is manufactured within a secure environment having a sufficient security rating at least as comparable to that of the device so as not to compromise the security level of the device manufactured therein.
  - 51. The method of claim 50, wherein the device manufactured in the secure environment meets a defined security level for secure devices.
  - 52. The method of claim 50, wherein the secure environment includes multiple physical locations.
  - 53. The method of claim 50, wherein the other information comprises a Security Profile of the device.
  - 54. The method of claim 53, wherein the secure manner of linking comprises the steps of recording together the public key with the Security Profile of the manufactured device and generating a digital signature therefor to collectively define a Security Certificate, the public key and Security Profile thereby being securely linked together;
    - and before the device is released from the secure environment, incorporating its Security Certificate into the device such that the Security Certificate is sent in the EC with the digital signature generated by the device.
  - 55. The method of claim 54, further comprising maintaining the private key used in generating the digital signature for the Security Profile in the environment having a security rating that is at least comparable to a security level of the device to which the reference pertains.
  - 56. The method of claim 37, wherein the secure manner of linking comprises recording the linked public key and Security Profile in a database and maintaining the database in an environment having a security rating at least comparable to a security level of the device.
  - 57. The method of claim 37, wherein the secure manner of linking comprises generating a digital signature for a reference including the linked public key and a Security Profile of the device, publishing the reference and digital signature therefore, and maintaining the private key used in generating the digital signature for the reference in an environment having a security rating that is at least comparable to a security level of the device to which the reference pertains.
  - 58. The method of claim 37, wherein the other information comprises a Security Profile, and wherein the secure manner of linking comprises recording the public key and Security Profile in a database of public keys linked with Security Profiles of devices, and maintaining the database in an environment having a security rating at least comparable to a security level of each device for which the public key thereof is linked.
  - 59. The method of claim 58, wherein each public key and its respective Security Profile are retrievable from the database based on a respective device identifier.
  - 60. The method of claim 59, wherein a device identifier comprises a public key of the device.
  - 61. The method of claim 59, wherein a device identifier comprises a serial number of the device.
  - 62. The method of claim 59, wherein a device identifier comprises an account number associated with the device.
  - 63. The method of claim 59, further comprising receiving a device identifier in association with the EC and comparing the device identifier for a match with device identifiers in the database.
  - 64. The method of claim 59, further comprising receiving a suspect device public key in association with the EC and comparing the suspect device public key for a match with the public keys in the database.
  - 65. The method of claim 37, wherein the other information is identified by a recipient of the digitally signed message.
  - 66. The method of claim 37, wherein the other information is identified to a recipient of the digitally signed message.
  - 67. The method of claim 37, wherein the other information comprises a Security Profile of the device.
  - 68. The method of claim 67, further comprising recording the public key and Security Profile of the device in a database such that public key and the Security Profile is retrievable from the database based on a device identifier assigned for the device.
  - 69. The method of claim 68, wherein the identifier for the device comprises the public key of the device.
  - 70. The method of claim 68, wherein the identifier for the devices comprises a respective serial number of the device.
  - 71. The method of claim 68, wherein the identifier for the device comprises a respective account number associated with the device.
  - 72. The method of claim 68, further comprising receiving a device identifier from a recipient of a digitally signed message and comparing for a match the device identifier with device identifiers in the database.
  - 73. The method of claim 68, further comprising receiving a suspect device public key from a recipient of the digitally signed message and comparing for a match the suspect device public key with linked public keys that are recorded in the database to which Security Profiles are indexed.
  - 74. The method of claim 67, further comprising gauging a risk that the private key was fraudulently used to digitally sign the message based at least in part on said identified Security Profile.
  - 75. The method of claim 67, wherein the Security Profile of a device comprises security characteristics of the device.
  - 76. The method of claim 67, wherein the Security Profile of the device includes an algorithm used by the device in originating digital signatures.
  - 77. The method of claim 67, wherein the Security Profile of a device comprises authentication capabilities of the device.
  - 78. The method of claim 77, wherein the authentication capabilities include whether the device performs Factor A and Factor B Entity Authentication.
  - 79. The method of claim 67, wherein the Security Profile comprises all of the security aspects of the device.
  - 80. The method of claim 67, wherein the Security Profile of a device further comprises a manufacturing history of the device.
  - 81. The method of claim 80, wherein the manufacturing history includes a batch identifier of the device.
  - 82. The method of claim 80, wherein the manufacturing history includes the identity of a manufacturer of the device.
  - 83. The method of claim 80, wherein the manufacturing history includes a part number of the device.
  - 84. The method of claim 80, wherein the manufacturing history includes the date and location of manufacture of the device.
  - 85. The method of claim 80, wherein the manufacturing history includes the linked key of the device.
  - 86. The method of claim 80, wherein the manufacturing history includes a serial number of the device.
  - 87. The method of claim 80, wherein the serial number of the manufactured device comprises to the public key of the device.
  - 88. The method of claim 37, wherein the verification data represents a Secret of the entity.
  - 89. The method of claim 37, wherein the verification data represents a biometric characteristic of the entity.
  - 90. The method of claim 37, wherein one of the predefined verification statuses is representative of the verification data being the same as the prestored data, and at least one other verification status is representative of the verification data being different from the prestored data.
  - 91. The method of claim 37, wherein the verification data represents a biometric characteristics and the indication of the verification status reveals neither the biometric verification data nor the prestored data.
  - 92. The method of claim 37, wherein said step of generating the digital signature further includes encrypting within the device said modified data using a private key of a public-private key pair.
  - 93. The method of claim 92, further comprising not outputting from the device said modified data.
  - 94. The method of claims claim 37, wherein said step of generating the digital signature includes encrypting within the device using a private key of a public-private key pair a message digest calculated within the device for said modified data.
  - 95. The method of claim 94, further comprising not outputting from the device said modified data.
  - 96. The method of claim 37, wherein the data representing the message comprises a hash value of the message.
  - 97. The method of claim 37, wherein the data representing the message comprises a message digest for the message.
  - 98. The method of claim 37, wherein the data representing the message is stored within the device.
  - 99. The method of claim 98, wherein the message is composed within the device by a user of the device.
  - 100. The method of claim 98, wherein a portion of the message is composed within an I/O support element external to the device which, in turn, transmits input representing the portion of the message into the device through an interface of the device.
  - 101. The method of claim 100, wherein a remaining portion of the message is composed within the device.
  - 102. The method of claim 37, wherein the message is composed within an I/O support element external to the device which, in turn, transmits the input representing the message into the device through an interface of the device.
  - 103. The method of claim 102, wherein the I/O support element comprises a point of sale terminal.
  - 104. The method of claim 102, wherein the I/O support element comprises a biometric scanner.
  - 105. The method of claim 102, wherein the I/O support element comprises a card reader.
  - 106. The method of claim 102, wherein the I/O support element comprises a computer.
  - 107. The method of claim 37, further comprising the step of displaying the message on a display screen of the device for review and approval by a user prior to said step of generating the digital signature.
  - 108. The method of claim 37, further comprising the step of requiring verification data to be input into the device following a predefined period of time after a last successful verification.
  - 109. The method of claim 37, further comprising the step of requiring verification data to be input into the device for each one of a particular type of message.
  - 110. The method of claim 109, wherein the particular type of message is a request for a financial transaction.
  - 111. The method of claim 109, further comprising not requiring verification data to be input into the device for other types of messages.
  - 112. The method of claim 37, further comprising not requiring verification data to be input into the device for a predefined period of time.
  - 113. The method of claim 112, wherein the predefined period of time comprises the time between approval of a request embodied in a message and a powering off of the device.
  - 114. The method of claim 37, wherein the step of authenticating the message using the public key of the device includes the steps of, (a) modifying data representing the message as a function of a suspected verification status of the device, (b) calculating a message digest as a function of said modified data, (c) decrypting said generated digital signature received in the EC with the public key, and (d) concluding the verification status of the device as being the suspected verification status of the device when said calculated message digest matches said decrypted digital signature.
  - 115. The method of claim 37, wherein the indication of said identified verification status neither reveals the prestored data nor the verification data.
  - 116. The method of claim 37, wherein the message is predetermined and static.
  - 117. The method of claim 37, wherein the message is prestored within the device.
  - 118. The method of claim 37, wherein the message comprises the verification data.
  - 119. The method of claim 37, wherein the message is a request for access to a web site.
  - 120. The method of claim 37, wherein the message is a request for access to a database.
  - 121. The method of claim 37, wherein the message is a request for access to a computer program.
  - 122. The method of claim 37, wherein said step of identifying within the device a current verification status includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 123. The method of claim 122, further comprising the step of outputting the value of the identification marker from the device.
  - 124. The method of claim 122, wherein the identification marker is assigned a value representing a difference determined from a comparison between the verification data and the prestored data.
  - 125. The method of claim 122, wherein the identification marker is assigned a value representing a degree of match between the verification data and the prestored data.
  - 126. The method of claim 122, wherein the identification marker is assigned a value equated with a percentage of match between the verification data and the prestored data.
  - 127. The method of claim 122, wherein the identification marker is assigned a value equated with a successful verification when a comparison between the verification data and the prestored data results in a match.
  - 128. The method of claim 127, wherein the match is an exact match.
  - 129. The method of claim 127, wherein the identification marker is assigned a value equated with an unsuccessful verification when said comparison does not result in an exact match.
  - 130. The method of claim 127, wherein the match is a proximate match and not an exact match.
  - 131. The method of claim 122, wherein the identification marker is assigned a value equated with an unsuccessful verification when a comparison between the verification data and the prestored data does not result in a match.
  - 132. The method of claim 122, wherein the identification marker is assigned a value representing whether any verification data was input into the device within a predefined time period.
  - 133. The method of claim 132, wherein the predefined period of time comprises the time since a last successful verification.
  - 134. The method of claim 132, wherein the predefined period of time comprises the time since a resetting of the device.
  - 135. The method of claim 122, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether an indicator was output subsequent to said successful verification.
  - 136. The method of claim 122, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether an indicator was output since verification data was last input into the device.
  - 137. The method of claim 122, wherein the prestored data represents a Secret.
  - 138. The method of claim 122, wherein the prestored data and verification data represent biometric data.
  - 139. The method of claim 138, wherein the identification marker is assigned a value representing the type of biometric data.
  - 140. The method of claim 122, wherein said step of modifying comprises embedding said assigned value of the identification marker within the data representing the message.
  - 141. The method of claim 122, wherein said step of modifying comprises appending said assigned value of the identification marker to the data representing the message.
  - 142. The method of claim 122, wherein said step of modifying comprises appending said assigned value of the identification marker to the beginning of the data representing the message.
  - 143. The method of claim 122, wherein said step of modifying comprises appending said assigned value of the identification marker to the end of the data representing the message.
  - 144. The method of claim 122, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether a digital signature was generated since verification data was last input into the device.
  - 145. The method of claim 37, wherein data prestored within the device represents a Secret and biometric characteristic of the entity.
  - 146. The method of claim 145, further comprising the steps of:
    - (a) receiving within the device input comprising verification data representing both a Secret and biometric data; and
      
      (b) identifying within the device a verification status out of a plurality of verification statuses of the device as a function of data prestored within the device and the verification data, including, (i) comparing verification data representing the Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values; and
      
      (c) wherein said step of generating a digital signature for a message comprises modifying within the device the message data as a function of said assigned values for the first and second comparison markers.
  - 147. The method of claim 145, further comprising the steps of:
    - (a) receiving within the device input comprising verification data representing both a Secret and biometric data; and
      
      (b) identifying within the device a verification status out of a plurality of verification statuses of the device as a function of data prestored within the device and the verification data, including, (i) comparing verification data representing the Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values; and
      
      (c) wherein said step of generating a digital signature for a message comprises modifying within the device the message data as a function of only one of said assigned values for the first and second comparison markers; and
      
      (d) further comprising the step of outputting the other one of said assigned values for the first and second comparison markers with said generated digital signature.
  - 148. The method of claims 146 or 147, wherein the first comparison marker is assigned a value equated with a successful verification when said comparison results in a match, including an exact match.
  - 149. The method of claim 148, wherein said assigned value further represents whether a digital signature was generated since verification data representing the Secret was last input into the device.
  - 150. The method of claim 148, wherein the first comparison marker is assigned a value representing whether any verification data representing the Secret was input into the device within a predefined time period.
  - 151. The method of claim 150, wherein the predefined period of time comprises the time since the last successful verification.
  - 152. The method of claim 150, wherein the predefined period of time comprises the time since a resetting of the device.
  - 153. The method of claims 146 or 147, wherein the second comparison marker is assigned a value equated with a successful verification when said comparison results in a match, but not an exact match.
  - 154. The method of claim 153, wherein said assigned value further represents whether a digital signature was generated subsequent to said comparison resulting in a match.
  - 155. The method of claims 146 or 147, wherein the first comparison marker is assigned a value representing a difference determined from said comparison between the verification data representing the Secret and the prestored data.
  - 156. The method of claims 146 or 147, wherein the second comparison marker is assigned a value representing a degree of match between the verification data representing the biometric data and the prestored data.
  - 157. The method of claim 156, wherein the value is equated with a percentage of match between the verification data representing the biometric data and the prestored data.
  - 158. The method of claim 156, wherein the second comparison marker is assigned a value further representing the type of biometric data input into the device.
  - 159. The method of claims 146 or 147, wherein the second comparison marker is assigned a value equated with an unsuccessful verification when said comparison results in an exact match.
  - 160. The method of claims 146 or 147, wherein the second comparison marker is assigned a value equated with a successful verification when said comparison results in a proximate match.
  - 161. The method of claim 160, wherein said assigned value further represents whether a digital signature was generated subsequent to said comparison resulting in a proximate match.
  - 162. The method of claim 160, wherein said assigned value further represents whether a digital signature was generated since verification data representing the biometric data was last input into the device.
  - 163. The method of claim 160, wherein said assigned value further represents whether any verification data representing the biometric data was input into the device within a predetermined time period.
  - 164. The method of claim 163, wherein the predefined period of time comprises the time since the last successful verification.
  - 165. The method of claim 163, wherein the predefined period of time comprises the time since a resetting of the device.
  - 166. The method of claims 146 or 147, further comprising the step of outputting said assigned value of the first comparison marker.
  - 167. The method of claims 146 or 147, further comprising the step of outputting said assigned value of the second comparison marker.
  - 168. The method of claims 146 or 147, further comprising the step of outputting said assigned value of the first and second comparison markers.
  - 169. The method of claims 146 or 147, wherein said step of modifying comprises embedding said assigned value of the first comparison marker within the data representing the message.
  - 170. The method of claims 146 or 147, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the data representing the message.
  - 171. The method of claim 170, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the beginning of the data representing the message.
  - 172. The method of claim 170, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the end of the data representing the message.
  - 173. The method of claims 146 or 147, wherein said step of modifying comprises embedding said assigned value of the second comparison marker within the data representing the message.
  - 174. The method of claims 146 or 147, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the data representing the message.
  - 175. The method of claim 174, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the beginning of the data representing the message.
  - 176. The method of claim 174, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the end of the data representing the message.
  - 177. The method of claim 146, wherein said step of modifying comprises embedding said assigned value of the first and second comparison markers within the data representing the message.
  - 178. The method of claim 146, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the data representing the message.
  - 179. The method of claim 178, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the beginning of the data representing the message.
  - 180. The method of claim 178, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the end of the data representing the message.
  - 181. The method of claim 37, wherein the device generates a digital signature in response to an external inquiry received by the device.
  - 182. The method of claim 37, wherein the device generates a digital signature in response to receipt of data representing the message.
  - 183. The method of claim 37, wherein the device generates a digital signature in response to receipt of input comprising the verification data.
  - 184. The method of claim 37, wherein the indication of the current verification status points definitively to a single verification status of the device.
  - 185. The method of claim 37, wherein verification data input into the device is not exportable by the device.
  - 186. The method of claim 37, further comprising receiving the verification data within an I/O support element external to the device and transmitting the input comprising the verification data from the I/O support element into the device.
  - 187. The method of claim 186, wherein the I/O support element comprises a point of sale terminal.
  - 188. The method of claim 186, wherein the I/O support element comprises a biometric scanner.
  - 189. The method of claim 186, wherein the I/O support element comprises a card reader.
  - 190. The method of claim 186, wherein the I/O support element comprises a computer.
  - 191. The method of claim 37, wherein the prestored data is not exportable from the device.
  - 192. The method of claim 191, wherein the prestored data represents a digitized fingerprint.
  - 193. The method of claim 191, wherein the prestored data represents a digitized handprint or hand geometry.
  - 194. The method of claim 191, wherein the prestored data represents a digitized retina.
  - 195. The method of claim 191, wherein the prestored data represents a digitized iris.
  - 196. The method of claim 191, wherein the prestored data represents a digitized voice print.
  - 197. The method of claim 191, wherein the prestored data represents a digitized facial scan.
  - 198. The method of claim 191, wherein the prestored data represents a digitized written signature.
  - 199. The method of claim 191, wherein the prestored data represents a digitized DNA sample.
  - 200. The method of claim 191, wherein the device includes a biometric scanner for inputting of the verification data.
  - 201. The method of claim 191, wherein the device prestores data for a plurality of different types of biometric data.
  - 202. The method of claim 201, wherein the different types of the biometric data are for a single user of the device.
  - 203. The method of claim 201, wherein the different types of the biometric data are respectively for different users of the device.
  - 204. The method of claim 37, wherein the prestored data is for an authorized user of the device.
  - 205. The method of claim 37, wherein the device is a personal device of the user.
  - 206. The method of claim 37, wherein the verification status of the device is identified in response to an external inquiry received by the device.
  - 207. The method of claim 37, wherein the device includes a device interface.
  - 208. The method of claim 207, wherein the device interface comprises an alphanumeric keypad.
  - 209. The method of claim 207, wherein the device interface comprises an electrical contact.
  - 210. The method of claim 207, wherein the device interface comprises a touch screen display.
  - 211. The method of claim 207, wherein the device interface comprises a standard electronic interface with a computer bus.
  - 212. The method of claim 207, wherein the device interface comprises an antenna.
  - 213. The method of claim 207, wherein the device interface comprises a port of the device.
  - 214. The method of claim 213, wherein the port is a wireless communications port.
  - 215. The method of claim 213, wherein the port is a serial port.
  - 216. The method of claim 213, wherein the port is a USB port.
  - 217. The method of claim 213, wherein the port is a parallel port.
  - 218. The method of claim 213, wherein the port is an infrared port.
  - 219. The method of claim 37, wherein the device is portable.
  - 220. The method of claim 37, wherein the device comprises a handheld device.
  - 221. The method of claim 37, wherein the device comprises a computer chip.
  - 222. The method of claim 37, wherein the device comprises an integrated circuit.
  - 223. The method of claim 37, wherein the device comprises a cell phone.
  - 224. The method of claim 37, wherein the device comprises a PDA.
  - 225. The method of claim 37, wherein the device comprises a digitized key.
  - 226. The method of claim 37, wherein the device comprises a dongle.
  - 227. The method of claim 37, wherein the device comprises a subcutaneous implant.
  - 228. The method of claim 37, wherein the device comprises jewelry.
  - 229. The method of claim 37, wherein the device comprises an integrated circuit card.
  - 230. The method of claim 37, wherein the device comprises a credit card.
  - 231. The method of claim 37, wherein the device comprises a debit card.
  - 232. The method of claim 37, wherein the device comprises a security card.
  - 233. The method of claim 37, wherein the device comprises an ID badge.
  - 234. The method of claim 37, wherein the device comprises a computer.
  - 235. The method of claim 37, further comprising the step of requiring verification data to be input into the device for each one of a particular type of message.
  - 236. The method of claim 37, wherein the device includes a computer-readable medium having computer-executable instructions that perform a said step of the method.
  - 237. The method of claim 37, wherein the device includes integrated circuitry that performs a said step of the method.
  - 238. The method of claim 37, wherein the device includes a computer chip that performs a said step of the method.
  - 239. A device comprising a computer-readable medium including computer-executable instructions that perform the steps of the method of claim 37.
  - 240. A device comprising circuitry for performing the steps of the method of claim 37.
  - 241. A device comprising means for performing the steps of the method of claim 37.
  - 242. The method of claim 37, further comprising the steps of generating a digital signature within the device using a digital signature algorithm, and then using said generated digital signature as a random number in an application requiring a random number.
  - 243. The method of claim 242, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 244. The method of claim 242, further comprising the step of using the digital signature to generate a session key for encrypted communications.
  - 245. The method of claim 37, wherein said successfully authenticating the message using the public key of the device comprises the steps of:
    - (a) decrypting the digital signature with the public key; and
      
      (b) for each one of a plurality of predefined verification statuses of the device, (i) modifying data representing the message as a function of the predefined verification status; and
      
      (ii) comparing said decrypted digital signature with said modified data, with a successful authentication occurring when said decrypted digital signature matches said modified data.
  - 246. The method of claim 37, wherein said successfully authenticating the message using the public key of the device comprises the steps of:
    - (a) decrypting the digital signature with the public key; and
      
      (b) for each one of a plurality of predefined verification statuses of the device, (i) modifying data representing the message as a function of the predefined verification status, (ii) calculating a message digest as a function of the modified data, and (iii) comparing said decrypted digital signature with said modified data, with a successful authentication occurring when said decrypted digital signature matches said modified data.
  - 247. The method of claim 246, wherein said step of calculating a message digest as a function of the modified data comprises calculating a hash value for the modified data.
  - 248. The method of claims 245 or 246, further comprising receiving the data representing the message in addition to receiving the digital signature.
  - 249. The method of claims 245 or 246, wherein the message is predefined.
  - 250. The method of claims 245 or 246, wherein one of the predefined verification statuses represents a successful verification.
  - 251. The method of claim 250, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 252. The method of claim 251, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 253. The method of claim 252, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 254. The method of claim 253, wherein the predefined period of time comprises the time since a last successful verification.
  - 255. The method of claim 253, wherein the predefined period of time comprises the time since a resetting of the device.
  - 256. The method of claims 245 or 246, wherein one of the predefined verification status represents a difference between verification data input into the device and data prestored within the device.
  - 257. The method of claims 245 or 246, wherein one of the predefined verification statuses represents a degree of match between biometric verification data input into the device and biometric data prestored within the device.
  - 258. The method of claim 257, wherein one of the predefined verification statuses additionally represents a percentage of match between biometric verification data input into the device and biometric data prestored within the device.
  - 259. The method of claim 257, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 260. The method of claim 257, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 261. The method of claim 257, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 262. The method of claim 261, wherein the predefined period of time comprises the time since a last successful verification.
  - 263. The method of claim 261, wherein the predefined period of time comprises the time since a resetting of the device.
  - 264. The method of claims 1 or 37, wherein the device is a personal device of a user.
  - 265. The method of claims 1 or 37, wherein the device is a handheld device.
  - 267. An electronic apparatus comprising circuitry for performing one of the steps of the method of claims 1 or 37.
  - 268. An electronic apparatus comprising means for performing one of the steps of the method of claims 1 or 37.
  - 269. The method of claims 1 or 37, wherein the device includes a random number generator.
  - 270. The method of claim 269, wherein a random number generator is disposed within the device for generation of the digital signature.
  - 271. The method of claim 269, wherein the random number generator is directly inaccessible from outside of the device.
  - 272. The method of claim 271, wherein the random number generator is accessible only for the generation of a digital signature.
  - 274. The method of claim 273, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 275. The method of claim 273, further comprising the step of using the digital signature to generate a session key for encrypted communications.
  - 276. The method of claim 272, wherein an elliptical curve digital signature algorithm is utilized to generate the digital signature.
  - 277. The method of claim 276, further comprising using said generated digital signature as a random number in an application utilizing a random number.
  - 278. The method of claim 277, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 279. The method of claim 277, further comprising the step of using the digital signature to generate a session key for secure electronic communications.

37. A method of establishing trusted entity authentication associated with an EC including a digital signature, comprising the steps of:
- (a) for a device manufactured within a secure environment, (i) creating a public-private pair before release of the device from the secure environment, (ii) storing the private key within the device for utilization in generating a digital signature before release of the device from the secure environment, and (iii) linking within the secure environment in a secure manner the public key with other information associated with the device;
  
  (b) within the device after its manufacture, (i) receiving input comprising verification data of an entity, (ii) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of the verification data and data prestored within the device, each verification status regarding an entity authentication performed by the device, (iii) independent of the verification status identified, generating a digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status, said generated digital signature comprising an indication of the identified verification status, and (iv) outputting from the device the digital signature for transmission with the EC to a recipient; and
  
  (c) upon receipt of the EC by the recipient, (i) identifying the other information linked with the public key of the device by successfully authenticating the message using the public key of the device, and (ii) responding to the EC based on the indication of the verification status included in the EC and said identified information linked with the public key.

266. An electronic apparatus comprising a computer-readable medium including computer-executable instructions that perform one of the steps of the method of 1 or 37.

273. The method of 272, wherein said digital signature is generated using a digital signature algorithm requiring a random number, and further comprising using said received digital signature as a random number in an application requiring a random number.

280. A system in which a recipient of an EC authenticates an entity by solely conducting message authentication with respect to a received electronic communication that includes both a unique identifier associated with an account maintained by the recipient and a digital signature for a message regarding the account, comprising the steps of:
- (a) before receipt of the electronic communication, (i) associating a public key of a public-private key pair with the unique identifier by the recipient, and (ii) identifying information linked with the public key, including information regarding security aspects of the device to which the private key of the public-private key pair belongs, the public key and corresponding private key having been created within an environment of manufacture of the device and the private key having been stored within the device prior to release of the device from the environment following its manufacture; and
  
  (b) thereafter, (i) using only the digital signature in the electronic communication and the public key associated with the account identifier to the conduct message authentication, and (ii) upon successful authentication of the message, responding to the message based on, (A) said identified information linked with the public key, and (B) an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.

281. A system in which a recipient of an EC authenticates an entity by solely conducting message authentication with respect to a received electronic communication that includes both a unique identifier associated with an account maintained by the recipient and a digital signature for a message regarding the account, comprising the steps of:
- (a) before receipt of the electronic communication, (i) associating a public key of a public-private key pair with the unique identifier by the recipient, and (ii) identifying information linked with the public key, including information regarding security aspects of the device to which the private key of the public-private key pair belongs; and
  
  (b) thereafter, (i) using only the digital signature in the electronic communication and the public key associated with the account identifier to the conduct message authentication, and (ii) upon successful authentication of the message, responding to the message based on, (A) said identified information linked with the public key, and (B) an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.

282. A system in which a recipient of an EC authenticates an entity by solely conducting message authentication with respect to a received electronic communication that includes both a unique identifier associated with an account maintained by the recipient and a digital signature for a message regarding the account, comprising the steps of:
- (a) before receipt of the electronic communication, associating a public key of a public-private key pair with the unique identifier by the recipient; and
  
  thereafter (b) using only the digital signature in the electronic communication and the public key associated with the account identifier to conduct the message authentication, and upon successful authentication of the message, responding to the message based on an indication included in the EC of a verification status of the device out of a plurality of predefined verification statuses, the verification status regarding an entity authentication performed by the device as a function of verification data of the entity input into the device and data prestored within the device.

283. A system in which a recipient of an EC authenticates an entity by solely conducting message authentication with respect to a received electronic communication that includes both a unique identifier associated with an account maintained by the recipient and a digital signature for a message regarding the account, comprising the steps of:
- (a) before receipt of the electronic communication, (i) associating a public key of a public-private key pair with the unique identifier by the recipient, and (ii) identifying information linked with the public key, including information regarding security aspects of the device to which the private key of the public-private key pair belongs, the public key and corresponding private key having been created within an environment of manufacture of the device and the private key having been stored within the device prior to release of the device from the environment following its manufacture; and
  
  (b) thereafter, (i) using only the digital signature in the electronic communication and the public key associated with the account identifier to the conduct message authentication, and (ii) upon successful authentication of the message, responding to the message based on said identified information linked with the public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Wheeler, Lynn Henry, Wheeler, Anne M

Granted Patent

US 7,552,333 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06Q 20/3829   involving key management

G06Q 40/02   Banking, e.g. interest calc...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04L 9/3218   using proof of knowledge, e...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3247   involving digital signatures

Trusted authentication digital signature (tads) system

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

326 Citations

283 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted authentication digital signature (tads) system

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

326 Citations

283 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links