Secure entry of a user-identifier in a publicly positioned device

US 20060041758A1
Filed: 10/22/2005
Published: 02/23/2006
Est. Priority Date: 08/16/2000
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing authorizing data comprising the steps of:

identifying a device configured to receive a set of authorizing symbols through an input interface, wherein the input interface is in a publicly viewable location;

the device prompting for an initial number “

n”

of symbols from the set of authorizing symbols, where “

n”

is less than total number of symbols contained within the set of authorizing symbols;

receiving the prompted for “

n”

symbols through said input pad;

the device prompting for a number “

m”

of symbols, wherein the “

m”

symbols are not symbols of the set of authorizing symbols;

receiving the prompted for “

m”

symbols through said input pad;

the device prompting for a number “

o”

of symbols of the set of authorizing symbols;

receiving the prompted for “

o”

symbols through said input pad;

the device combining the “

n”

symbols and the “

o”

symbols to form an authorizing input, wherein the “

m”

symbols are not used to form the authorizing input; and

authorizing a user based upon whether the authorizing input is equivalent to previously established authorizing data.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure entry of a user-identifier in a publicly positioned device can include establishing a private communications link between a user and the publicly positioned device; dividing the user-identifier into at least two portions; separately prompting the user for each portion of the user-identifier; prompting the user for a combination of random data and the user-identifier; and, discarding the random data from the combination. In the preferred embodiments, the publicly positioned device can have a visual interface through which the user can be visually prompted for the random data and the user-identifier. Alternatively, the publicly positioned device can have a telephone interface through which the user can be audibly prompted for the random data and the user-identifier. In the case of a visual display, the private communications link can be established by linking the publicly positioned device to active glasses having a shuttered display. The opening and closing of the shuttered display can be synchronized with the display of the prompts in the visual interface such that only the wearer of the active glasses can view the prompts. In the case of a telephone interface, an telephone operator system, for example an Interactive Voice Response system or a human operator, can provide the prompts audibly through the telephone interface.

Citations

20 Claims

1. A computer-implemented method for providing authorizing data comprising the steps of:
- identifying a device configured to receive a set of authorizing symbols through an input interface, wherein the input interface is in a publicly viewable location;
  
  the device prompting for an initial number “
  
  n”
  
  of symbols from the set of authorizing symbols, where “
  
  n”
  
  is less than total number of symbols contained within the set of authorizing symbols;
  
  receiving the prompted for “
  
  n”
  
  symbols through said input pad;
  
  the device prompting for a number “
  
  m”
  
  of symbols, wherein the “
  
  m”
  
  symbols are not symbols of the set of authorizing symbols;
  
  receiving the prompted for “
  
  m”
  
  symbols through said input pad;
  
  the device prompting for a number “
  
  o”
  
  of symbols of the set of authorizing symbols;
  
  receiving the prompted for “
  
  o”
  
  symbols through said input pad;
  
  the device combining the “
  
  n”
  
  symbols and the “
  
  o”
  
  symbols to form an authorizing input, wherein the “
  
  m”
  
  symbols are not used to form the authorizing input; and
  
  authorizing a user based upon whether the authorizing input is equivalent to previously established authorizing data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the device is a public-access device having a visual interface, and wherein the prompting steps comprise providing visual prompts with the visual interface.
  - 3. The method of claim 1, wherein the device is a public-access telephone providing an audio interface, and wherein the prompting steps comprise providing audible prompts with the audio interface.
  - 4. The method of claim 1, wherein the device is a public-access telephone having a keypad, and wherein the steps of receiving comprise receiving data supplied by a user using the keypad.
  - 5. The method according to claim 1, further comprising generating the “
    - m”
      
      symbols randomly.
  - 6. The method of claim 5, further comprising supplying randomly generated “
    - m”
      
      symbols to the user before the step of prompting for the “
      
      m”
      
      symbols.
  - 7. The method of claim 5, wherein the step of generating comprises generating the “
    - m”
      
      symbols using a random number generator.

8. A public-access data processing system comprising:
- a visual display for displaying prompts to a system user, the prompts comprising a mix of legitimate data and masking data that appears as scrambled data;
  
  a data input unit for receiving data supplied by the system user in response to a prompt displayed by the visual display;
  
  active glasses communicatively linked to said visual interface for establishing a private communications link between a system user and said visual interface, said active glasses having a shuttered display for opening and closing in response to synchronization pulses timed to enable a wearer of the active glasses to discern legitimate data among the scrambled data.
- View Dependent Claims (9, 13, 14)
- - 9. The system of claim 8, further comprising visual output circuitry for driving the visual display and a visual display driver for commanding the visual output circuitry.
  - 13. The system of claim 8, wherein the active glasses are communicatively linked to the visual display by a wireless RF communications link.
  - 14. The system of claim 8, wherein the active glasses are communicatively linked to the visual display by a wireless infra-red link.

10. The system of 8, further comprising a display encoder for coordinating the operation of the visual display and the shuttered display of the active glasses.
- View Dependent Claims (11, 12)
- - 11. The system of claim 10, wherein the display encoder provides a display signal to the visual output circuitry, the signal comprising private data interspersed among masking data to prevent an unauthorized viewer from intelligibly viewing displayed data.
  - 12. The system of claim 11, wherein the display encoder embeds in the display signal synchronization pulses, and wherein the active glasses further include a display decoder to decode the synchronization pulses.

15. A computer-readable storage medium, the storage medium comprising computer instructions for:
- identifying a device configured to receive a set of authorizing symbols through an input interface, wherein the input interface is in a publicly viewable location;
  
  the device prompting for an initial number “
  
  n”
  
  of symbols from the set of authorizing symbols, where “
  
  n”
  
  is less than total number of symbols contained within the set of authorizing symbols;
  
  receiving the prompted for “
  
  n”
  
  symbols through said input pad;
  
  the device prompting for a number “
  
  m”
  
  of symbols, wherein the “
  
  m”
  
  symbols are not symbols of the set of authorizing symbols;
  
  receiving the prompted for “
  
  m”
  
  symbols through said input pad;
  
  the device prompting for a number “
  
  o”
  
  of symbols of the set of authorizing symbols;
  
  receiving the prompted for “
  
  o”
  
  symbols through said input pad;
  
  the device combining the “
  
  n”
  
  symbols and the “
  
  o”
  
  symbols to form an authorizing input, wherein the “
  
  m”
  
  symbols are not used to form the authorizing input; and
  
  authorizing a user based upon whether the authorizing input is equivalent to previously established authorizing data.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-readable storage medium of claim 15, wherein the device is a public-access device having a visual interface, and wherein the prompting instructions cause visual prompts to be presented with the visual interface.
  - 17. The computer-readable storage medium of claim 15, wherein the device is a public-access telephone providing an audio interface, and wherein the prompting instructions cause audible prompts to be presented with the audio interface.
  - 18. The computer-readable storage medium of claim 15, wherein the device is a public-access telephone having a keypad, and wherein the receiving instructions cause data supplied by a user to be receiving from a user-accessible keypad.
  - 19. The computer-readable storage medium of claim 15, further comprising a computer instruction to generate the “
    - m”
      
      symbols randomly.
  - 20. The computer-readable storage medium of claim 19, further comprising an instruction for providing randomly generated “
    - m”
      
      symbols to the user before prompting for the “
      
      m”
      
      symbols.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Stern, Edith H., Willner, Barry E., Dunn, James M.

Granted Patent

US 7,434,060 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

H04M 3/382   using authorisation codes o...

H04M 3/493   Interactive information ser...

H04N 13/341   using temporal multiplexing

H04N 2013/403   the images being monoscopic

Secure entry of a user-identifier in a publicly positioned device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure entry of a user-identifier in a publicly positioned device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links