Authentication token
First Claim
1. An authentication token comprising a smart card having a processor for executing a software application that is responsive to a user input to generate a one-time password as an output.
3 Assignments
0 Petitions
Accused Products
Abstract
An authentication token using a smart card that an organisation would issue to its customer, the smart card having a processor for executing a software application that is responsive to a user input to generate a one-time password as an output. The smart card co-operates with an interface device for inputting the user input and displaying the one-time password. The authentication token may be used in combination with a remote authentication server for validation of the password and hence authentication of the user.
151 Citations
64 Claims
- 1. An authentication token comprising a smart card having a processor for executing a software application that is responsive to a user input to generate a one-time password as an output.
- 26. A method of authenticating a user using a smart card, the smart card receiving a user input and executing a software application in response to the user input to generate a one-time password as an output.
-
45. A method for personalising an authentication token comprising a smart card having a processor for executing a software application that is responsive to a user input to generate a one-time password as an output, comprising the steps:
-
establishing an encrypted session with a separate personalisation device; and
,initialising a key stored in a memory on the smart card for subsequent use by a code portion of the software application in generating a one-time password. - View Dependent Claims (46, 47, 48, 49, 50)
-
-
51. A method for generating a one-time password comprising the steps:
-
concatenating a monotonically increasing register with a dynamic variable to produce a payload;
encrypting the payload using a cryptographic algorithm in dependence on a key to produce a temporary variable;
generating a first integer using the least significant bits of the temporary variable;
generating a second integer by concatenating the two least significant bits of the dynamic variable with the least significant bit of the monotonically increasing register;
combining the first integer with the second integer to produce the one-time password;
executing a key generation algorithm using the monotonically increasing register, the key and a seed to generate a new key and a new seed;
replacing the key with the new key;
replacing the seed with the new seed; and
,incrementing the monotonically increasing register. - View Dependent Claims (52, 53, 54)
-
- 55. An interface device for a smart card authentication token, the interface device comprising a smart card interface, a user input device, a user output device, and an executable software application that, when a smart card is coupled to the smart card interface, is operative to co-operate with the smart card to generate a one-time password in response to a unique consumer code input via the user input device, the one-time password being communicated to a user via the user output device.
Specification