Method for Authenticating and Securing Transactions Using RF Communication

US 20070011728A1
Filed: 07/06/2006
Published: 01/11/2007
Est. Priority Date: 07/06/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method operating on an embedded system, comprising;

receiving a request for a stored encrypted token;

transmitting the stored encrypted token;

receiving a plaintext token;

comparing the received plaintext token to a stored plaintext token; and

, performing an action responsive to the comparison.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided for authenticating and securing product transactions. An integrated circuit is attached to a target, such as an optical disc or electronic device. The integrated circuit has an RF transceiver that is capable of establishing communication with an associated reading device. The integrated circuit also has a hidden memory, which can not be read externally, and a user memory. The hidden memory stores an authentication message, while the user memory stores readable authentication information. The hidden authentication message and the authentication information are related through a cryptographic process. However, even though the integrated circuit benefits from the cryptographic security, the integrated circuit only operates relatively simple logic operations. In this way, a highly secure transaction is enabled without requiring significant processing power or time at the integrated circuit. When the integrated circuit is placed near the reader, the reader reads the authentication information, and with the cooperation of a network operation center, uses the authentication information to derive an activation code. The reader passes the activation code to the integrated circuit, which compares the activation code to its hidden activation message. If they have a proper relationship, the communication has been authenticated, and the integrated circuit proceeds to perform an action.

Citations

44 Claims

1. A method operating on an embedded system, comprising;
- receiving a request for a stored encrypted token;
  
  transmitting the stored encrypted token;
  
  receiving a plaintext token;
  
  comparing the received plaintext token to a stored plaintext token; and
  
  , performing an action responsive to the comparison.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the stored encrypted token is related to the stored plaintext token through a cryptographic algorithm.
  - 3. The method of claim 1, wherein the action performed is activating a target.
  - 4. The method of claim 1, wherein the action performed is terminating a target.
  - 5. The method of claim 1, wherein the comparison step includes matching the received plaintext token to the stored plaintext token.
  - 6. The method of claim 1, wherein the comparison step includes finding the received plaintext token does not match the stored plaintext token.
  - 7. The method of claim 1, wherein the comparison step includes using logical steps in comparing the received plaintext token to the stored plaintext token.
  - 8. The method of claim 1, further comprising the steps of;
    - receiving a request for a stored identifier for a public/private key pair; and
      
      , transmitting the stored identifier for the public/private key pair.
  - 9. The method of claim 1, further comprising the steps of;
    - receiving a request for a stored identifier for a manufacturer; and
      
      , transmitting the previously stored identifier for the manufacturer.
  - 10. The method of claim 1, further comprising the steps of;
    - receiving a request for a stored identifier for a merchant; and
      
      , transmitting the stored identifier for the merchant.
  - 11. The method of claim 1, further comprising the steps of;
    - receiving a request for a stored identifier for an embedded system; and
      
      , transmitting the stored identifier for the embedded system.

12. A method operating on an embedded system, comprising:
- receiving a plaintext token;
  
  storing the plaintext token in a hidden memory location;
  
  receiving an encrypted token; and
  
  , storing the encrypted token in a user memory location.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12 wherein the plaintext token and the encrypted token are related through a cryptographic algorithm.
  - 14. The method of claim 12, further comprising the steps of;
    - receiving an identifier for a public/private key pair; and
      
      , storing the identifier for the public/private key pair in another user memory location.
  - 15. The method of claim 12, further comprising the steps of;
    - receiving an identifier for a manufacturer; and
      
      , storing the identifier for the manufacturer in another user memory location.
  - 16. The method of claim 12, further comprising the steps of;
    - receiving an identifier for a merchant; and
      
      , storing the identifier for the merchant in another user memory location.
  - 17. The method of claim 12, further comprising the steps of;
    - receiving an identifier for an embedded system; and
      
      , storing the identifier for the embedded system in another user memory location.

18. A method operating on an embedded system, comprising;
- receiving a request for a stored public key;
  
  transmitting the stored public key;
  
  receiving an authentication code;
  
  comparing the received authentication code to a stored authentication code; and
  
  , performing an action responsive to the comparison.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 20. The method of claim 18, wherein the action performed reactant to the result of the comparison is activating a target.
  - 21. The method of claim 18, wherein the action performed reactant to the result of the comparison is terminating a target.
  - 22. The method of claim 18, wherein the comparison step includes matching the received authentication code to the stored authentication code.
  - 23. The method of claim 18, wherein the comparison step includes finding the received authentication code does not match the stored authentication code.
  - 24. The method of claim 18, wherein the comparison step includes using logical steps in comparing the received authentication code to the stored authentication code.
  - 25. The method of claim 18, further comprising the steps of;
    - receiving a request for a stored identifier for a public/private key pair and, transmitting the previously stored identifier for the public/private key pair.
  - 26. The method of claim 18, further comprising the steps of;
    - receiving a request for a stored identifier for a manufacturer; and
      
      , transmitting the stored identifier for the manufacturer.
  - 27. The method of claim 18, further comprising the steps of;
    - receiving a request for a stored identifier for a merchant; and
      
      , transmitting the stored identifier for the merchant.
  - 28. The method of claim 18, further comprising the steps of;
    - receiving a request for a stored identifier for an embedded system; and
      
      , transmitting the stored identifier for the embedded system.

19. The method of claim 57, wherein the stored public key is related to the stored authentication code through a cryptographic algorithm.

29. A method operating on an embedded system, comprising:
- receiving an authentication code;
  
  storing the authentication code in a hidden memory location;
  
  receiving a public key; and
  
  , storing the public key in a user memory location.
- View Dependent Claims (30, 31, 32, 33, 34)
- - 30. The method of claim 29, wherein the authentication code and the public key are related through a cryptographic algorithm.
  - 31. The method of claim 29, further comprising the steps of;
    - receiving an identifier for a public/private key pair; and
      
      , storing the identifier for the public/private key pair in another user memory location.
  - 32. The method of claim 29, further comprising the steps of;
    - receiving an identifier for a manufacturer; and
      
      , storing the identifier for the manufacturer in another user memory location.
  - 33. The method of claim 29, further comprising the steps of;
    - receiving an identifier for a merchant; and
      
      , storing the identifier for the merchant in another user memory location.
  - 34. The method of claim 29, further comprising the steps of;
    - receiving an identifier for an embedded system; and
      
      , storing the identifier for the embedded system in another user memory location.

35. A method operating on an embedded system, comprising;
- receiving a request for authentication information;
  
  transmitting the authentication information;
  
  receiving an authentication message;
  
  comparing the received authentication message to a stored authentication message; and
  
  , performing an action responsive to the comparison.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42)
- - 36. The system of claim 35, wherein the authentication information is selected from a group consisting of;
    - an encrypted representation of the authentication message;
      
      a public key;
      
      an identifier for a public/private key pair;
      
      an identifier for a manufacturer; and
      
      , an identifier for an embedded system.
  - 37. The method of claim 35, wherein the authentication information includes a value that can be used to generate the stored authentication information.
  - 38. The method of claim 35, wherein the action performed is activating a target.
  - 39. The method of claim 35, wherein the action performed is terminating a target.
  - 40. The method of claim 35, wherein the comparison step includes matching the received plaintext token to the stored plaintext token.
  - 41. The method of claim 35, wherein the comparison step includes finding the received plaintext token does not match the stored plaintext token.
  - 42. The method of claim 35, wherein the comparison step includes using logical steps in comparing the received plaintext token to the stored plaintext token.

43. A method operating on an embedded system, comprising:
- receiving an authentication message;
  
  storing the authentication message in a hidden memory location;
  
  receiving authentication information; and
  
  , storing the authentication information in a user memory location.
- View Dependent Claims (44)
- - 44. The system of claim 43, wherein the authentication information is selected from a group consisting of;
    - an encrypted representation of the authentication message;
      
      a public key;
      
      an identifier for a public/private key pair;
      
      an identifier for a manufacturer; and
      
      , an identifier for an embedded system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
NXP B.V. (NXP Semiconductors NV)
Inventors
White, Charles

Application Number

US11/456,040
Publication Number

US 20070011728A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/08   by coded identity card or c...

G07F 7/1008   Active credit-cards provide...

G07F 7/12   Card verification

G07F 7/122   Online card verification

G07G 1/0036   Checkout procedures

G07G 1/0054   with control of supplementa...

G07G 1/009   the reader being an RFID re...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0853   using an additional device,...

H04L 9/3213   using tickets or tokens, e....

H04W 12/06   Authentication

H04W 12/47   using near field communicat...

Method for Authenticating and Securing Transactions Using RF Communication

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

Method for Authenticating and Securing Transactions Using RF Communication

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links