Entity authentication in eletronic communications by providing verification status of device

US 20040005051A1
Filed: 02/03/2003
Published: 01/08/2004
Est. Priority Date: 08/04/2000
Status: Active Grant

First Claim

Patent Images

3. A method of providing a verification status regarding an entity authentication, comprising the steps of:

(a) receiving within a device input comprising verification data of an entity;

(b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of the verification data and data prestored within the device, one of the predefined verification statuses being representative of the verification data being the same as the prestored data, and at least one other verification status being representative of the verification data being different from the prestored data; and

(c) independent of the verification status identified, outputting from the device an indicator of said identified verification status.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A current verification status of a device (256) is identified out of a plurality of predefined verification data input (250) into the device (256) and data prestored within the device.(254) The indicator (272) reveals neither the prestored data nor the verification data. One of the predefined verification statuses is representative of the verification data being the same as the prestored data, and another verification status is representative of the verification data being different from the prestored data. An identified verification status is used by one entity in determining risk regarding an electronic communication from another entity, especially where the electronic communication comprises a request. The prestored data is for a Secret or a biometric characteristic of the first entity.

Citations

314 Claims

3. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) receiving within a device input comprising verification data of an entity;
  
  (b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of the verification data and data prestored within the device, one of the predefined verification statuses being representative of the verification data being the same as the prestored data, and at least one other verification status being representative of the verification data being different from the prestored data; and
  
  (c) independent of the verification status identified, outputting from the device an indicator of said identified verification status.
- View Dependent Claims (16, 24, 230)
- - 16. The method of claim 3, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 24. The method of claim 3, further comprising receiving and evaluating a request based on said output indicator.
  - 230. The method of claims 24, 26, 42, 43, 44, or 45, wherein the request is inherent in receipt of the indicator.

4. A method of authenticating a first entity to a second entity, comprising the steps of:
- (a) within a verification component of a device, (i) storing data of the first entity during a personalization of the verification component, (ii) later receiving verification data input within the device, and (iii) identifying as a function of the verification data and prestored data a current verification status out of a plurality of predefined verification statuses of the device, including one verification status representative of the verification data being the same as the prestored data, and at least one other verification status representative of the verification data being different from the prestored data; and
  
  (b) independent of the verification status identified, communicating said identified verification status to the second entity.
- View Dependent Claims (5, 17, 25)
- - 5. The method of claim 4, wherein said step of communicating said identified verification status to the second entity comprises the steps of outputting from the verification component an indicator of said identified verification status and transmitting said output indicator to the second entity.
  - 17. The method of claim 4, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 25. The method of claim 4, further comprising receiving and evaluating a request based on said communicated verification status.

6. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) maintaining within a device prestored data of an entity for identifying a verification status of the device as a function of the prestored data and verification data later input into the device;
  
  (b) identifying within the device a current verification status of the device representing the lack of input of any verification data during a predefined period of time; and
  
  (c) outputting from the device an indicator of said identified verification status for evaluation thereof.
- View Dependent Claims (7, 8, 18, 26, 27)
- - 7. The method of claim 6, further comprising the steps of, (a) receiving within the device input comprising verification data;
    - (b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device by comparing said received verification data with the prestored data; and
      
      (c) again outputting from the device an indicator of said identified verification status for evaluation thereof, the second indicator revealing said identified verification status based on said comparison.
  - 8. The method of claim 7, wherein one verification status out of the plurality of predefined verification statuses of the device is representative of the verification data being the same as the prestored data, and at least one other predefined verification status is representative of the verification data being different from the prestored data.
  - 18. The method of claim 7, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 26. The method of claim 6, further comprising receiving and evaluating a request based on said output indicator.
  - 27. The method of claim 7, further comprising receiving and evaluating a request based on said output indicator.

28. A method of providing a verification status of a device, comprising the steps of:
- (a) identifying within a device a current verification status out of a plurality of verification statuses of the device as a function of biometric verification data input into the device and biometric data prestored within the device; and
  
  (b) independent of the verification status identified, transmitting an indicator of said identified verification status to an electronic apparatus external to the device, the indicator revealing said identified verification status without revealing either of the verification data or the prestored data.
- View Dependent Claims (29, 33, 34, 38, 42)
- - 29. The method of claim 28, further comprising outputting from the device the indicator of said identified verification status.
  - 33. The method of claims 28, 30, 31, or 32, wherein one verification status out of the plurality of predefined verification statuses of the device is representative of the verification data being the same as the prestored data, and at least one other predefined verification status is representative of the verification data being different from the prestored data.
  - 34. The method of claim 28, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to the predefined verification statuses.
  - 38. The method of claims 34, 35, 36, or 37, wherein the identification marker is assigned a value representing the type of biometric data.
  - 42. The method of claim 28, further comprising evaluating with business logic incorporated within the electronic apparatus a request based on said identified verification status.

30. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) receiving within a device input comprising biometric verification data of an entity;
  
  (b) identifying within the device a current verification status out of a plurality of verification statuses of the device as a function of the verification data and biometric data prestored within the device; and
  
  (c) independent of the verification status identified, outputting from the device an indicator of said identified verification status, the indicator revealing said identified verification status without revealing either of the verification data or the prestored data.
- View Dependent Claims (35, 39, 40, 41, 43)
- - 35. The method of claim 30, wherein said step of identifying including assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to the predefined verification statuses.
  - 39. The method of claims 35 or 37, wherein the identification marker is assigned a value equated with a successful verification, and wherein the indicator comprises said assigned value of the identification marker.
  - 40. The method of claim 39, wherein the device generates digital signatures.
  - 41. The method of claim 40, wherein said assigned value further represents whether a digital signature was generated by the device since verification data was last input into the device.
  - 43. The method of claim 30, further comprising receiving and evaluating a request based on said output indicator.

31. A method of authenticating a first entity to a second entity, comprising the steps of:
- (a) within a verification component of a device, (i) storing biometric data of the first entity during a personalization of the verification component, (ii) later receiving biometric verification data input within the device, and (iii) identifying as a function of the verification data and the prestored data a current verification status out of a plurality of verification statuses of the device; and
  
  (b) independent of the verification status identified, communicating said identified verification status to the second entity by outputting from the verification component an indicator of said identified verification status and transmitting said output indicator to the second entity, the indicator revealing said identified verification status without revealing either of the verification data or the prestored data.
- View Dependent Claims (36, 44)
- - 36. The method of claim 31, wherein said step of identifying including assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to the predefined verification statuses.
  - 44. The method of claim 31, further comprising receiving and evaluating a request based on said communicated verification status.

32. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) maintaining within a device prestored biometric data of an entity for identifying a verification status of the device as a function of the prestored data and biometric verification data later input into the device;
  
  (b) identifying within the device a current verification status of the device representing the lack of input of any verification data during a predefined period of time;
  
  (c) outputting from the device an indicator of said identified verification status for evaluation thereof;
  
  (d) receiving within the device input comprising verification data;
  
  (e) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device by comparing said received verification data with the prestored data; and
  
  (f) again outputting from the device an indicator of said identified verification status for evaluation thereof, the second indicator revealing said identified verification status based on said comparison but neither revealing the verification data nor the prestored data.
- View Dependent Claims (37, 45)
- - 37. The method of claim 32, wherein said step of identifying including assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to the predefined verification statuses.
  - 45. The method of claim 32, further comprising receiving and evaluating a request based on said output indicator.

46. A method of providing a verification status of a device, comprising the steps of:
- (a) identifying within a device that generates a digital signature a current verification status out of a plurality of predefined verification statuses of the device;
  
  (b) generating within the device a digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status of the device, said generated digital signature comprising an indicator of said identified verification status; and
  
  (c) transmitting said generated digital signature to an electronic apparatus external to the device.
- View Dependent Claims (47, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 108, 109, 110, 111, 112, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245)
- - 47. The method of claim 46, wherein said step of identifying the current verification status is a function of verification data input into the device and data prestored within the device.
  - 52. The method of claims 46, 48, 49, or 51, wherein said step of generating the digital signature further includes encrypting within the device said modified data using a private key of a public-private key pair.
  - 53. The method of claims 46, 48, 49, or 51, wherein said step of generating the digital signature includes encrypting within the device using a private key of a public-private key pair a message digest calculated within the device for said modified data.
  - 54. The method of claims 46, 48, 49, and 51, further comprising outputting from the device the digital signature for said modified data, but not outputting said modified data.
  - 55. The method of claim claims 46, 48, 49, or 50, wherein the data representing the message comprises a hash value of the message.
  - 56. The method of claims 46, 48, 49, or 50, wherein the data representing the message comprises a message digest for the message.
  - 57. The method of claims 46, 48, 49, or 50, wherein the data representing the message is stored within the device.
  - 58. The method of claims 46, 48, 49, or 50, wherein the message is composed within the device by a user of the device.
  - 59. The method of claims 46, 48, 49, or 50, wherein a portion of the message is composed within an I/O support element external to the device which, in turn, transmits input representing the portion of the message into the device through an interface of the device.
  - 60. The method of claim 59, wherein a remaining portion of the message is composed within the device.
  - 61. The method of claims 46, 48, 49, or 50, wherein the message is composed within an I/O support element external to the device which, in turn, transmits the input representing the message into the device through an interface of the device.
  - 62. The method of claim 61, wherein the I/O support element comprises a point of sale terminal.
  - 63. The method of claim 61, wherein the I/O support element comprises a biometric scanner.
  - 64. The method of claim 61, wherein the I/O support element comprises a card reader.
  - 65. The method of claim 61, wherein the I/O support element comprises a computer.
  - 66. The method of claim 61, further comprising the step of displaying the message on a display screen of the device for review and approval by a user.
  - 67. The method of claims 46, 48, 49, or 51, further comprising the step of requiring verification data to be input into the device following a predefined period of time after a last successful verification.
  - 68. The method of claims 46, 48, 49, or 51, further comprising the step of requiring verification data to be input into the device for each one of a particular type of message.
  - 69. The method of claim 68, wherein the particular type of message is a request for a financial transaction.
  - 70. The method of claim 68, further comprising not requiring verification data to be input into the device for other types of messages.
  - 71. The method of claims 46, 48, 49, or 51, further comprising not requiring verification data to be input into the device for a predefined period of time.
  - 72. The method of claim 71, wherein the predefined period of time comprises the time between approval of a request embodied in a message and a powering off of the device.
  - 73. The method of claims 46, 48, 49, or 51, further comprising the step of authenticating the message using said generated digital signature, including the steps of, (a) modifying data representing the message embodying the request as a function of a suspected verification status of the device, (b) calculating a message digest as a function of said modified data, (c) decrypting said generated digital signature using the public key of the public-private key pair, and (d) concluding the verification status of the device as being the suspected verification status of the device when said calculated message digest matches said decrypted digital signature.
  - 74. The method of claims 47, 48, 49, or 51, wherein one verification status out of the plurality of predefined verification statuses of the device is representative of the verification data being the same as the prestored data, and at least one other predefined verification status is representative of the verification data being different from the prestored data.
  - 75. The method of claims 47, 48, 49, or 51, wherein the indicator of said identified verification status neither reveals the prestored data nor the verification data.
  - 76. The method of claims 46, 48, 49, or 50, wherein the message is for the performance of a financial transaction.
  - 77. The method of claims 46, 48, 49, or 50, wherein the message is for the performance of a legal action.
  - 78. The method of claims 46, 48, 49, or 50, wherein the message is predetermined and static.
  - 79. The method of claims 46, 48, 49, or 50, wherein the message is prestored within the device.
  - 80. The method of claims 46, 48, 49, or 50, wherein the message is the verification data.
  - 81. The method of claims 46, 48, 49, or 50, wherein the message is a request for access to a physical space.
  - 82. The method of claims 46, 48, 49, or 50, wherein the message is a request for access to a web site.
  - 83. The method of claims 46, 48, 49, or 50, wherein the message is a request for access to a database.
  - 84. The method of claims 46, 48, 49, or 50, wherein the message is a request for access to a computer program.
  - 85. The method of claim 46, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 86. The method of claim 85, wherein said step of identifying the current verification status is a function of verification data input into the device and data prestored within the device.
  - 90. The method of claims 85, 87, 88, or 89, wherein said step of generating the digital signature includes encrypting within the device using a private key of a public-private key pair a message digest calculated within the device for said modified data.
  - 91. The method of claims 86, 87, or 88, wherein said step of identifying the current verification status as a function of the verification data and the prestored data includes comparing the verification data with the prestored data.
  - 92. The method of claims 86, 87, 88, or 89, wherein one verification status out of the plurality of predefined verification statuses of the device is representative of the verification data being the same as the prestored data, and at least one other predefined verification status is representative of the verification data being different from the prestored data.
  - 93. The method of claims 86, 87, 88, or 89, wherein the prestored data comprises a Secret.
  - 94. The method of claims 86, 87, 88, or 89, wherein the prestored data and verification data comprises biometric data.
  - 95. The method of claim 94, wherein the identification marker is assigned a value representing the type of biometric data.
  - 96. The method of claims 85, 87, 88, or 89, wherein said step of modifying comprises embedding said assigned value of the identification marker within the data representing the message.
  - 97. The method of claims 85, 87, 88, or 89, wherein said step of modifying comprises appending said assigned value of the identification marker to the data representing the message.
  - 98. The method of claim 97, wherein said step of modifying comprises appending said assigned value of the identification marker to the beginning of the data representing the message.
  - 99. The method of claim 97, wherein said step of modifying comprises appending said assigned value of the identification marker to the end of the data representing the message.
  - 100. The method of claims 86, 87, 88, or 89, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether a digital signature was generated since verification data was last input into the device.
  - 101. The method of claim 100, wherein said generated digital signature comprises the indicator.
  - 102. The method of claim 46, further comprising evaluating with business logic incorporated within the electronic apparatus a request based on said generated digital signature.
  - 103. The method of claim 102, wherein said step of identifying the current verification status is a function of verification data input into the device and data prestored within the device.
  - 108. The method of claims 102, 104, 105, or 107, wherein said step of generating the digital signature further includes encrypting within the device said modified data using a private key of a public-private key pair.
  - 109. The method of claims 102, 104, 105, or 107, wherein said step of generating the digital signature includes encrypting within the device using a private key of a public-private key pair a message digest calculated within the device for said modified data.
  - 110. The method of claim 109, wherein the verification status identified as the current verification status represents a relational correspondence between the verification data and the prestored data without revealing either of the verification data or the prestored data.
  - 111. The method of claims 102, 104, 105, or 106, wherein the prestored data comprises a Secret.
  - 112. The method of claims 102, 104, 105, or 106, wherein the prestored data comprises biometric data.
  - 231. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein said step of evaluating the request includes the step of considering a level of assurance of the device identifying the verification status.
  - 232. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is for the performance of a legal action.
  - 233. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is predetermined and static.
  - 234. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is for access to a physical space.
  - 235. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is for access to a web site.
  - 236. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is for access to a database.
  - 237. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is for access to a computer program.
  - 238. The method of claims 23, 24, 25, 26, 42, 43, 44, 45, 102, 104, 105, or 106, wherein the request is received in an electronic communication.
  - 239. The method of claim 238, wherein the request is implicit in said reception of the electronic communication.
  - 240. The method of claim 239, wherein the request is embodied in a message.
  - 241. The method of claims 23, 24, 25, 27, 42, 43, 44, 45, 103, 104, 105, or 107, further comprising the step of requiring verification data to be input into the device for each one of a particular type of request.
  - 242. The method of claims 23, 24, 25, 27, 42, 43, 44, 45, 103, 104, 105, or 107, further comprising the steps of requiring verification data to be input into the device for a particular type of request, but only until a said evaluation of a request results in an approval, and then not requiring verification data to be input into the device for additional requests of such type during a predefined period of time thereafter.
  - 243. The method of claim 242, wherein the particular type of request is for the performance of a financial transaction.
  - 244. The method of claim 242, further comprising not requiring verification data to be input into the device for other types of requests.
  - 245. The method of claim 242, wherein the predefined period of time comprises the time between the approval of the request and a resetting of the device.

48. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) receiving within a device that generates a digital signature input comprising verification data of an entity;
  
  (b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of the verification data and data prestored within the device;
  
  (c) generating within the device a digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status of the device, said generated digital signature comprising an indicator of said identified verification status; and
  
  (d) outputting from the device said generated digital signature.
- View Dependent Claims (87, 104, 164)
- - 87. The method of claim 48, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 104. The method of claim 48, further comprising receiving and evaluating a request based on said generated digital signature.
  - 164. The method of claims 2, 3, 5, 6, 28, 30, 31, 32, 47, 48, 49, 51, 85, 87, 88, 89, 104, 105, 106, or 107, wherein the indicator points definitively to a single verification status of the device.

49. A method of authenticating a first entity to a second entity, comprising the steps of:
- (a) within a verification component of a device that generates a digital signature, (i) storing data of the first entity during a personalization of the verification component, (ii) later receiving verification data input within the device, (iii) identifying a current verification out of a plurality of predefined verification statuses of the device as a function of the verification data and prestored data within the device, (iv) generating within the device a digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status of the device, said generated digital signature comprising an indicator of said identified verification status, and (v) outputting from the verification component said generated digital signature; and
  
  (b) communicating said identified verification status to the second entity by transmitting said generated digital signature to the second entity.
- View Dependent Claims (88, 105)
- - 88. The method of claim 49, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 105. The method of claim 49, further comprising receiving and evaluating the request based on said generated digital signature.

50. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) maintaining within a device prestored data of an entity for identifying a verification status of the device as a function of the prestored data and verification data later input into the device;
  
  (b) identifying within the device a current verification status of the device representing the lack of input of any verification data during a period of time;
  
  (c) generating within the device a digital signature for a message using a private key of a public-private key pair, said generated digital signature comprising an indicator of said identified verification status; and
  
  (d) outputting from the device said generated digital signature for evaluation thereof.
- View Dependent Claims (51, 89, 106, 107, 154, 155, 156)
- - 51. The method of claim 50, further comprising the steps of, (a) receiving within the device input comprising verification data;
    - (b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of said received verification data and the prestored data;
      
      (c) generating within the device another digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status of the device, said second generated digital signature comprising an indicator of said identified verification status; and
      
      (d) outputting from the device said second generated digital signature for evaluation thereof.
  - 89. The method of claim 51, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 106. The method of claim 51, further comprising receiving and evaluating the request based on said generated digital signature.
  - 107. The method of claim 106, further comprising the steps of, (a) receiving within the device input comprising verification data;
    - (b) identifying within the device a current verification status out of a plurality of predefined verification statuses of the device as a function of said received verification data and the prestored data;
      
      (c) generating within the device another digital signature for a message as a function of said identified verification status, including modifying within the device data representing the message as a function of said identified verification status of the device, said second generated digital signature comprising an indicator of said identified verification status;
      
      (d) outputting from the device said second generated digital signature; and
      
      (e) evaluating the request based on said second generated digital signature.
  - 154. The method of claims 6, 32, 51, 89, or 107, wherein the predefined period of time comprises the time since a last successful verification.
  - 155. The method of claims 6, 32, 51, 89, or 107, wherein the predefined period of time comprises a fixed time interval following a successful verification.
  - 156. The method of claims 6, 32, 51, 89, or 107, wherein the predefined period of time comprises the time since a resetting of the device.

113. A method of providing a verification status of a device, comprising the steps of:
- (a) identifying within a device that generates a digital signature a verification status out of a plurality of verification statuses of the device as a function of prestored data and verification data later input into the device, including, (i) comparing verification data representing a Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (b) generating within the device a digital signature for a message, including modifying within the device data representing the message as a function of said assigned values for the first and second comparison markers, said generated digital signature comprising an indicator of said identified verification status; and
  
  (c) transmitting said generated digital signature to an electronic apparatus external to the device.
- View Dependent Claims (119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153)
- - 119. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of generating the digital signature further includes encrypting within the device said modified data using a private key of a public-private key pair.
  - 120. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of generating the digital signature includes encrypting within the device using a private key of a public-private key pair a message digest calculated within the device for said modified data.
  - 121. The method of claims 113, 114, 115, 116, 117, or 118, wherein the first comparison marker is assigned a value equated with a successful verification when said comparison results in a match, including an exact match.
  - 122. The method of claim 121, wherein said assigned value further represents whether a digital signature was generated since verification data representing the Secret was last input into the device.
  - 123. The method of claim 121, wherein the first comparison marker is assigned a value representing whether any verification data representing the Secret was input into the device within a predefined time period.
  - 124. The method of claim 123, wherein the predefined period of time comprises the time since the last successful verification.
  - 125. The method of claim 123, wherein the predefined period of time comprises the time since a resetting of the device.
  - 126. The method of claims 113, 114, 115, 116, 117, or 118, wherein the second comparison marker is assigned a value equated with a successful verification when said comparison results in a match, but not an exact match.
  - 127. The method of claim 126, wherein said assigned value further represents whether a digital signature was generated subsequent to said comparison resulting in a match.
  - 128. The method of claims 113, 114, 115, 116, 117, or 118, wherein the first comparison marker is assigned a value representing a difference determined from said comparison between the verification data representing the Secret and the prestored data.
  - 129. The method of claims 113, 114, 115, 116, 117, or 118, wherein the second comparison marker is assigned a value representing a degree of match between the verification data representing the biometric data and the prestored data.
  - 130. The method of claim 129, wherein the value is equated with a percentage of match between the verification data representing the biometric data and the prestored data.
  - 131. The method of claim 129, wherein the second comparison marker is assigned a value further representing the type of biometric data input into the device.
  - 132. The method of claims 113, 114, 115, 116, 117, or 118, wherein the second comparison marker is assigned a value equated with an unsuccessful verification when said comparison results in an exact match.
  - 133. The method of claims 113, 114, 115, 116, 117, or 118, wherein the second comparison marker is assigned a value equated with a successful verification when said comparison results in a proximate match.
  - 134. The method of claim 133, wherein said assigned value further represents whether a digital signature was generated subsequent to said comparison resulting in a proximate match.
  - 135. The method of claim 133, wherein said assigned value further represents whether a digital signature was generated since verification data representing the biometric data was last input into the device.
  - 136. The method of claim 133, wherein said assigned value further represents whether any verification data representing the biometric data was input into the device within a predetermined time period.
  - 137. The method of claim 136, wherein the predefined period of time comprises the time since the last successful verification.
  - 138. The method of claim 136, wherein the predefined period of time comprises the time since a resetting of the device.
  - 139. The method of claims 113, 114, 115, 116, 117, or 118, further comprising the step of outputting said assigned value of the first comparison marker.
  - 140. The method of claims 113, 114, 115, 116, 117, or 118, further comprising the step of outputting said assigned value of the second comparison marker.
  - 141. The method of claims 113, 114, 115, 116, 117, or 118, further comprising the step of outputting said assigned value of the first and second comparison markers.
  - 142. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of modifying comprises embedding said assigned value of the first comparison marker within the data representing the message.
  - 143. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the data representing the message.
  - 144. The method of claim 143, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the beginning of the data representing the message.
  - 145. The method of claim 143, wherein said step of modifying comprises appending said assigned value of the first comparison marker to the end of the data representing the message.
  - 146. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of modifying comprises embedding said assigned value of the second comparison marker within the data representing the message.
  - 147. The method of claims 113, 114, 115, 116, 117, or 118, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the data representing the message.
  - 148. The method of claim 147, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the beginning of the data representing the message.
  - 149. The method of claim 147, wherein said step of modifying comprises appending said assigned value of the second comparison marker to the end of the data representing the message.
  - 150. The method of claims 113, 114, or 115, wherein said step of modifying comprises embedding said assigned value of the first and second comparison markers within the data representing the message.
  - 151. The method of claims 113, 114, or 115, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the data representing the message.
  - 152. The method of claim 151, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the beginning of the data representing the message.
  - 153. The method of claim 151, wherein said step of modifying comprises appending said assigned value of the first and second comparison markers to the end of the data representing the message.

114. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) receiving within a device that generates a digital signature input comprising verification data of an entity, the verification data representing both a Secret and biometric data;
  
  (b) identifying within the device a verification status out of a plurality of verification statuses of the device as a function of data prestored within the device and the, including, (i) comparing verification data representing the Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (c) generating within the device a digital signature for a message, including modifying within the device data representing the message as a function of said assigned values for the first and second comparison markers, said generated digital signature comprising an indicator of said identified verification status; and
  
  (d) outputting from the device said generated digital signature.

115. A method of authenticating a first entity to a second entity, comprising the steps of:
- (a) within a verification component of a device that originates a digital signature, (i) storing data of the first entity during a personalization of the verification component, the prestored data representing both a Secret and biometric data of the first entity;
  
  (ii) later receiving verification data input within the device;
  
  (iii) identifying a current verification status out of a plurality of verification statuses of the device as a function of the prestored data and verification data, including, (A) comparing verification data representing the Secret with data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (B) comparing verification data representing biometric data with data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (iv) generating within the device a digital signature for a message, including modifying within the device data representing the message as a function of said assigned values for the first and second comparison markers, said generated digital signature comprising an indicator of said identified verification status; and
  
  (v) outputting from the verification component said generated digital signature; and
  
  (b) communicating said identified verification status to the second entity by transmitting said generated digital signature to the second entity.

116. A method of providing a verification status of a device, comprising the steps of:
- (a) identifying within a device that generates a digital signature a verification status out of a plurality of verification statuses of the device as a function of prestored data and verification data later input into the device, including, (i) comparing verification data representing a Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (b) generating within the device a digital signature for a message, including modifying within the device data representing the message as a function of only one of said assigned values for the first and second comparison markers, said generated digital signature comprising an indicator of said identified verification status; and
  
  (c) transmitting to an electronic apparatus external to the device said generated digital signature and the other of said assigned values for the first and second comparison markers.

117. A method of providing a verification status regarding an entity authentication, comprising the steps of:
- (a) receiving within a device that generates a digital signature input comprising verification data of an entity, the verification data representing both a Secret and biometric data;
  
  (b) identifying within the device a verification status out of a plurality of verification statuses of the device as a function of data prestored within the device and verification data later input into the device, including, (i) comparing verification data representing the Secret with the data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (ii) comparing verification data representing biometric data with the data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (c) modifying within the device data representing a message as a function of only one of said assigned values for the first and second comparison markers;
  
  (d) generating within the device a digital signature for the message by encrypting said modified data such that said generated digital signature comprises an indicator of said identified verification status; and
  
  (e) outputting from the device said generated digital signature and the other of said assigned values for the first and second comparison markers.

118. A method of authenticating a first entity to a second entity, comprising the steps of:
- (a) within a verification component of a device that originates a digital signature, (i) storing data of the first entity during a personalization of the verification component, the prestored data representing both a Secret and biometric data of the first entity;
  
  (ii) later receiving verification data input within the device;
  
  (iii) identifying a current verification status out of a plurality of verification statuses of the device as a function of the prestored data and verification data, including, (A) comparing verification data representing the Secret with data prestored within the device and assigning, based on said comparison, a first comparison marker within the device equal to a value out of a set of predefined values, and (B) comparing verification data representing biometric data with data prestored within the device and assigning, based on said comparison, a second comparison marker within the device equal to a value out of a set of predefined values;
  
  (iv) modifying within the device data representing a message as a function of only one of said assigned values for the first and second comparison markers;
  
  (v) generating within the device a digital signature for the message by encrypting said modified data such that said generated digital signature comprises an indicator of said identified verification status; and
  
  (vi) outputting from the verification component said generated digital signature and the other of said assigned values for the first and second comparison markers; and
  
  (b) communicating said identified verification status to the second entity by transmitting said generated digital signature to the second entity.

255. A method of determining a current verification status of a device that generates a digital signature, comprising the steps of:
- (a) receiving a digital signature;
  
  (b) decrypting the digital signature using a public key of a public-private key pair;
  
  (c) for each one of a plurality of predefined verification statuses of the device, modifying data representing a message as a function of the predefined verification status; and
  
  (d) identifying the current verification status of the device as being the predefined verification status for which said modified data matches said decrypted digital signature.
- View Dependent Claims (258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, 295, 296, 297)
- - 258. The method of claims 255 or 256, further comprising receiving the data representing the message in addition to receiving the digital signature.
  - 259. The method of claims 255 or 256, wherein the message is predefined.
  - 260. The method of claims 255 or 256, wherein each one of the verification statuses represents a relational correspondence between verification data input into the device and data prestored within the device.
  - 261. The method of claim 260, wherein each verification status does not reveal either of verification data or prestored data of the device for which the current verification status is determined.
  - 262. The method of claims 255 or 256, wherein said current verification status is associated with a request.
  - 263. The method of claim 262, wherein the request is for the performance of a financial transaction.
  - 264. The method of claim 262, wherein the request is for the performance of a legal action.
  - 265. The method of claim 262, wherein the request is predetermined and static.
  - 266. The method of claim 262, wherein the request is for access to a physical space.
  - 267. The method of claim 262, wherein the request is for access to a web site.
  - 268. The method of claim 262, wherein the request is for access to a database.
  - 269. The method of claim 262, wherein the request is for access to a computer program.
  - 270. The method of claim 262, further comprising the steps of receiving the request and evaluating the request based on the current verification status.
  - 271. The method of claim 270, wherein said step of evaluating the request includes the step of considering a level of assurance of the device.
  - 272. The method of claim 270, wherein the request is implicit in said receipt of the digital signature.
  - 273. The method of claim 270, wherein the request is communicated over an electronic communications medium.
  - 274. The method of claim 273, wherein the electronic communications medium comprises a computer network.
  - 275. The method of claims 255 or 256, wherein one of the predefined verification statuses represents an unsuccessful verification.
  - 276. The method of claims 255 or 256, wherein one of the predefined verification statuses represents a successful verification.
  - 277. The method of claim 276, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 278. The method of claim 277, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 279. The method of claim 278, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 280. The method of claim 279, wherein the predefined period of time comprises the time since a last successful verification.
  - 281. The method of claim 279, wherein the predefined period of time comprises the time since a resetting of the device.
  - 282. The method of claims 255 or 256, wherein one of the predefined verification status represents a difference between verification data input into the device and data prestored within the device.
  - 283. The method of claims 255 or 256, wherein one of the predefined verification statuses represents a degree of match between biometric verification data input into the device and biometric data prestored within the device.
  - 284. The method of claim 283, wherein one of the predefined verification statuses additionally represents a percentage of match between biometric verification data input into the device and biometric data prestored within the device.
  - 285. The method of claim 283, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated by the device since verification data was last input into the device.
  - 286. The method of claim 283, wherein one of the predefined verification statuses additionally represents whether a digital signature has been generated subsequent to a comparison of verification data input into the device with data prestored within the device.
  - 287. The method of claim 283, wherein one of the predefined verification statuses additionally represents whether any verification data has been input into the device within a predetermined time period.
  - 288. The method of claim 287, wherein the predefined period of time comprises the time since a last successful verification.
  - 289. The method of claim 287, wherein the predefined period of time comprises the time since a resetting of the device.
  - 290. The method of claims 255 or 256, wherein the device is a personal device of a user.
  - 291. The method of claims 255 or 256, wherein the device is a handheld device.
  - 292. An electronic apparatus comprising a computer-readable medium including computer-executable instructions that perform the steps of the method of claims 255 or 256.
  - 293. An electronic apparatus comprising circuitry for performing the steps of the method of claims 255 or 256.
  - 294. An electronic apparatus comprising means for performing the steps of the method of claims 255 or 256.
  - 295. The method of claims 255 or 257, wherein said digital signature is generated using a digital signature algorithm, and further comprising using said received digital signature as a random number in an application requiring a random number.
  - 296. The method of claim 295, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 297. The method of claim 295, further comprising the step of using the digital signature to generate a session key for encrypted communications.

256. A method of determining a current verification status of a device that generates a digital signature, comprising the steps of:
- (a) receiving a digital signature;
  
  (b) decrypting the digital signature using a public key of a public-private key pair;
  
  (c) for each one of a plurality of predefined verification statuses of the device, (i) modifying data representing a message as a function of the predefined verification status, and (ii) calculating a message digest as a function of the modified data; and
  
  (d) identifying the current verification status of the device as being the predefined verification status for which said calculated message digest matches said decrypted digital signature.
- View Dependent Claims (257)
- - 257. The method of claim 256, wherein said step of calculating a message digest as a function of the modified data comprises calculating a hash value for the modified data.

298. A method of generating a digital signature within a computer chip, comprising receiving data representing a message and generating a digital signature for the message by:
- (a) modifying the message data with additional data, and (b) then encrypting said modified message data using a private key of a public-private key pair stored within the computer chip.
- View Dependent Claims (300, 301, 302, 303, 304, 305)
- - 300. The method of claims 298 or 299, wherein said step of modifying comprises appending the additional data to the message data.
  - 301. The method of claims 298 or 299, wherein said step of modifying comprises embedding the additional data within the message data.
  - 302. The method of claims 298 or 299, wherein the additional data comprises data prestored within memory of the computer chip.
  - 303. The method of claims 298 or 299, wherein the message data includes a field identifier corresponding to a field of data prestored within the memory of the computer chip, the field identifier having a null value, and wherein said step of modifying the message data comprises retrieving the value stored in the memory location identified by the field identifier and embedding said retrieved value in the message data with the field identifier.
  - 304. The method of claim 303, wherein the memory of the computer chip in which the additional data is stored is content searchable memory.
  - 305. The method of claim 303, wherein the message data comprises XML formatting.

299. A method of generating a digital signature within a computer chip, comprising receiving data representing a message and generating a digital signature for the message by:
- (a) modifying the message data by appending additional data thereto, (b) calculating a hash value of said modified message, and (c) then encrypting said calculated hash value using a private key of a public-private key pair.

306. A method for extracting user information from a computer chip, the computer chip including content searchable memory in which different fields of data are prestored, comprising transmitting an identifier of a particular field of data prestored within the computer chip together with a null value therefor.
- View Dependent Claims (307)
- - 307. The method of claim 306, wherein the identifier and null value therefor transmitted to the computer chip comprise XML formatting.

308. A method of obtaining a random number for utilization in an application requiring a random number, comprising generating a digital signature using a digital signature algorithm, and then using said generated digital signature as the random number in the application.
- View Dependent Claims (1, 2, 9, 10, 11, 12, 13, 14, 15, 19, 20, 21, 22, 23, 157, 158, 159, 160, 161, 162, 163, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 246, 247, 248, 249, 250, 251, 252, 253, 254, 309, 310, 311, 312, 313, 314)
- - 1. A method of providing a verification status of a device, comprising the steps of:
    - (a) identifying within a device a current verification status out of a plurality of predefined verification statuses of the device as a function of verification data input into the device and data prestored within the device, one of the predefined verification statuses being representative of the verification data being the same as the prestored data, and at least one other verification status being representative of the verification data being different from the prestored data; and
      
      (b) independent of the verification status identified, transmitting said identified verification status to an electronic apparatus external to the device.
  - 2. The method of claim 1, further comprising outputting from the device an indicator of said identified verification status.
  - 9. The method of claim 2, 3, 5, or 7, further comprising the steps of generating a digital signature for the indicator and outputting the digital signature from the device.
  - 10. The method of claims 2, 3, 5, or 6, wherein the prestored data comprises a Secret.
  - 11. The method of claims 2, 3, 5, or 6, wherein the prestored data comprises biometric data.
  - 12. The method of claims 1, 3, 4, or 7, wherein the verification status identified as the current verification status represents a relational correspondence between the verification data and the prestored data without revealing either of the verification data or the prestored data.
  - 13. The method of claims 1, 3, 4, or 6, wherein the prestored data comprises biometric data.
  - 14. The method of claims 1, 3, 4, or 6, wherein the device prestores data for a plurality of users of the device.
  - 15. The method of claim 1, wherein said step of identifying includes assigning an identification marker within the device equal to a value out of a set of predefined values corresponding to said predefined verification statuses.
  - 19. The method of claims 15, 16, 17, or 18, further comprising the steps of generating a digital signature within the device and outputting the digital signature and the value of the identification marker from the device.
  - 20. The method of claim 19, wherein the digital signature is generated based on the value of the identification marker.
  - 21. The method of claim 19, wherein the digital signature is output from the device separately from the value of the identification marker.
  - 22. The method of claims 15, 16, 17, or 18, wherein said prestored data comprises biometric data, wherein the identification marker is assigned a value representing the type of biometric data.
  - 23. The method of claim 1, further comprising evaluating with business logic incorporated within the electronic apparatus a request based on said identified verification status.
  - 157. The method of claims 1, 3, 4, 28, 30, 31, 47, 48, 49, 103, 104, or 105, wherein said step of identifying the current verification status as a function of the verification data and the prestored data includes comparing the verification data with the prestored data.
  - 158. The method of claims 2, 3, 5, 7, 28, 30, or 31, further comprising the steps of generating a digital signature within the device and outputting the digital signature from the device.
  - 159. The method of claim 158, wherein said generated digital signature comprises the indicator.
  - 160. The method of claims 2,3,5,7, 28, 30, 31, or 32, further comprising the steps of, (a) modifying within the device data representing a message as a function of said identified verification status of the device, (b) calculating within the device a message digest for said modified data, and (c) encrypting within the device said calculated message digest using a private key of a public-private key pair to generate a digital signature for the message, said generated digital signature comprising the indicator of said identified verification status.
  - 161. The method of claim 160, wherein the device generates a digital signature in response to an external inquiry received by the device.
  - 162. The method of claim 160, wherein the device generates a digital signature in response to receipt of data representing the message.
  - 163. The method of claim 160, wherein the device generates a digital signature in response to receipt of input comprising the verification data.
  - 165. The method of claim 2, 3, 5, 6, 28, 30, 31, 32, 47, 48, 49, 51, 86;
    - 87, 88, or 89, wherein the indicator reveals said identified verification status without revealing either of the verification data or the prestored data.
  - 166. The method of claims 1, 3,4, 7, 28, 30, 31, 32, 47, 48, 49, or 51, wherein verification data input into the device is not exportable from the device.
  - 167. The method of claims 1, 3, 4, 7, 28, 30, 31, 32, 47, 48, 49, or 51, further comprising receiving the verification data within an I/O support element external to the device and transmitting the input comprising the verification data from the I/O support element into the device.
  - 168. The method of claim 167, wherein the I/O support element comprises a point of sale terminal.
  - 169. The method of claim 167, wherein the I/O support element comprises a biometric scanner.
  - 170. The method of claim 167, wherein the I/O support element comprises a card reader.
  - 171. The method of claim 167, wherein the I/O support element comprises a computer.
  - 172. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 47, 48, 49, or 50, wherein the prestored data is not exportable from the device.
  - 173. The method of claim 172, wherein the prestored data represents a digitized fingerprint.
  - 174. The method of claim 172, wherein the prestored data represents a digitized handprint or hand geometry.
  - 175. The method of claim 172, wherein the prestored data represents a digitized retina.
  - 176. The method of claim 172, wherein the prestored data represents a digitized iris.
  - 177. The method of claim 172, wherein the prestored data represents a digitized voice print.
  - 178. The method of claim 172, wherein the prestored data represents a digitized facial scan.
  - 179. The method of claim 172, wherein the prestored data represents a digitized written signature.
  - 180. The method of claim 172, wherein the prestored data represents a digitized DNA sample.
  - 181. The method of claim 172, wherein the device includes a biometric scanner for inputting of the verification data.
  - 182. The method of claim 172, wherein the device prestores data for a plurality of different types of biometric data.
  - 183. The method of claim 182, wherein the different types of the biometric data are for a single user of the device.
  - 184. The method of claim 182, wherein the different types of the biometric data are respectively for different users of the device.
  - 185. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 47, 48, 49, or 50, wherein the prestored data are for an authorized user of the device.
  - 186. The method of claim 185, wherein the device is a personal device of the user.
  - 187. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, 50, 85, 87, 88, or 89, wherein the verification status of the device is identified in response to an external inquiry received by the device.
  - 188. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device includes a device interface.
  - 189. The method of claim 188, wherein the device interface comprises an alphanumeric keypad.
  - 190. The method of claim 188, wherein the device interface comprises an electrical contact.
  - 191. The method of claim 188, wherein the device interface comprises a touch screen display.
  - 192. The method of claim 188, wherein the device interface comprises a standard electronic interface with a computer bus.
  - 193. The method of claim 188, wherein the device interface comprises an antenna.
  - 194. The method of claim 188, wherein the device interface comprises a port of the device.
  - 195. The method of claim 194, wherein the port is a wireless communications port.
  - 196. The method of claim 194, wherein the port is a serial port.
  - 197. The method of claim 194, wherein the port is a USB port.
  - 198. The method of claim 194, wherein the port is a parallel port.
  - 199. The method of claim 194, wherein the port is an infrared port.
  - 200. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device is portable.
  - 201. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a handheld device.
  - 202. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a computer chip.
  - 203. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises an integrated circuit.
  - 204. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a cell phone.
  - 205. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a PDA.
  - 206. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a digitized key.
  - 207. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a dongle.
  - 208. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a subcutaneous implant.
  - 209. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises jewelry.
  - 210. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises an integrated circuit card.
  - 211. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a credit card.
  - 212. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a debit card.
  - 213. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a security card.
  - 214. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises an ID badge.
  - 215. The method of claims 1, 3, 4, 6, 28, 30, 31, 32, 46, 48, 49, or 50, wherein the device comprises a computer.
  - 216. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 85, 87, 88, or 89, further comprising the step of outputting the value of the identification marker from the device.
  - 217. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 86, 87, 88, or 89, wherein the identification marker is assigned a value representing a difference determined from a comparison between the verification data and the prestored data.
  - 218. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 86, 87, 88, or 89, wherein the identification marker is assigned a value representing a degree of match between the verification data and the prestored data.
  - 219. The method of claim 218, wherein the identification marker is assigned a value equated with a percentage of match between the verification data and the prestored data.
  - 220. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 86, 87, 88, or 89, wherein the identification marker is assigned a value equated with a successful verification when a comparison between the verification data and the prestored data results in a match.
  - 221. The method of claim 220, wherein the match is an exact match.
  - 222. The method of claim 220, wherein the identification marker is assigned a value equated with an unsuccessful verification when said comparison does not result in an exact match.
  - 223. The method of claim 220, wherein the match is a proximate match and not an exact match.
  - 224. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 86, 87, 88, or 89, wherein the identification marker is assigned a value equated with an unsuccessful verification when a comparison between the verification data and the prestored data does not result in a match.
  - 225. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 86, 87, 88, or 89, wherein the identification marker is assigned a value representing whether any verification data was input into the device within a predefined time period.
  - 226. The method of claim 225, wherein the predefined period of time comprises the time since a last successful verification.
  - 227. The method of claim 225, wherein the predefined period of time comprises the time since a resetting of the device.
  - 228. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 85, 87, 88, or 89, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether an indicator was output subsequent to said successful verification.
  - 229. The method of claims 15, 16, 17, 18, 34, 35, 36, 37, 85, 87, 88, or 89, wherein the identification marker is assigned a value equated with a successful verification, and wherein said assigned value further represents whether an indicator was output since verification data was last input into the device.
  - 246. The method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 23, 24, 25, 26, 28, 30, 31, 32, 34, 35, 36, 37, 42, 43, 44, 45, 46, 48, 49, 50, 51, 85, 87, 88, 89, 102, 103, 104, 105, or 106, wherein the device includes a computer-readable medium having computer-executable instructions that perform a said step of the method.
  - 247. The method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 23, 24, 25, 26, 28, 30, 31, 32, 34, 35, 36, 37, 42, 43, 44, 45, 46, 48, 49, 50, 51, 85, 87, 88, 89, 102, 103, 104, 105, or 106, wherein the device includes integrated circuitry that performs a said step of the method.
  - 248. The method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 23, 24, 25, 26, 28, 30, 31, 32, 34, 35, 36, 37, 42, 43, 44, 45, 46, 48, 49, 50, 51, 85, 87, 88, 89, 102, 103, 104, 105, or 106, wherein the device includes a computer chip that performs a said step of the method.
  - 249. A device comprising a computer-readable medium including computer-executable instructions that perform the steps of the method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 28, 30, 31, 32, 34, 35, 36, 37, 46, 48, 49, 50, 51, 85, 87, 88, or 89.
  - 250. A device comprising circuitry for performing the steps of the method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 28, 30, 31, 32, 34, 35, 36, 37, 46, 48, 49, 50, 51, 85, 87, 88, or 89.
  - 251. A device comprising means for performing the steps of the method of claims 1, 3, 4, 6, 7, 15, 16, 17, 18, 28, 30, 31, 32, 34, 35, 36, 37, 46, 48, 49, 50, 51, 85, 87, 88, or 89.
  - 252. The method of claims 1, 3, 4, 6, 7, 28, 30, 31, 32, 46, 48, 49, 50, or 51, further comprising the steps of generating a digital signature within the device using a digital signature algorithm, and then using said generated digital signature as a random number in an application requiring a random number.
  - 253. The method of claim 252, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 254. The method of claim 252, further comprising the step of using the digital signature to generate a session key for encrypted communications.
  - 309. The method of claim 308, further comprising the step of using the digital signature as a random number to safeguard against a replay attack.
  - 310. The method of claim 308, further comprising the step of using the digital signature to generate a session key for secure electronic communications.
  - 311. The method of claim 310, wherein the digital signature is generated within the computer chip using a private key of a public-private key pair and a random number obtained from the random number generator.
  - 312. The method of claim 311, wherein an elliptical curve digital signature algorithm is utilized to generate the digital signature.
  - 313. The method of claim 312, wherein the random number generator is directly inaccessible from outside of the computer chip.
  - 314. The method of claim 312, wherein the random number generator is accessible only by a digital signature circuit.

309-1. The method of claim 308, wherein the digital signature is generated within a computer chip.

310-2. The method of claim 309, wherein the computer chip includes a random number generator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Wheeler, Anne M, Wheeler, Lynn Henry

Granted Patent

US 7,558,965 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/28
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3247   involving digital signatures

Entity authentication in eletronic communications by providing verification status of device

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

314 Claims

Specification

Solutions

Use Cases

Quick Links

Entity authentication in eletronic communications by providing verification status of device

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

314 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links