Method and apparatus for user authentication

US 20070050618A1
Filed: 08/31/2005
Published: 03/01/2007
Est. Priority Date: 08/31/2005
Status: Active Grant

First Claim

Patent Images

1. An apparatus for user authentication comprising:

an authentication device;

at least one communication device for communicating with a remote server and the authentication device, the at least one communication device comprising means for receiving an authentication message from the authentication device and in response transmitting a user authentication message to the remote server;

wherein the authentication device comprises;

a data store for storing user authentication credentials;

a user authentication processor for authenticating a user of the authentication device in response to a user input;

an authentication processor for generating the authentication message if the user authentication is valid, the authentication processor implementing a cryptographic function based on the user authentication credentials; and

a transmitter for transmitting the authentication message to the at least one communication device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides for secure end-to-end user authentication by a remote server communicating with a communication device. The communication device further communicates with an authentication device, which provides a user authentication message to the communication device for forwarding to the remote server. The authentication device comprises a data store for storing user authentication credentials. A user authentication processor performs a local authentication of a user of the authentication device in response to a user input. An authentication processor generates the authentication message if the user authentication is valid. The authentication processor implements a cryptographic function based on the user authentication credentials. A transmitter then transmits the authentication message to the at least one communication device.

Citations

20 Claims

1. An apparatus for user authentication comprising:
- an authentication device;
  
  at least one communication device for communicating with a remote server and the authentication device, the at least one communication device comprising means for receiving an authentication message from the authentication device and in response transmitting a user authentication message to the remote server;
  
  wherein the authentication device comprises;
  
  a data store for storing user authentication credentials;
  
  a user authentication processor for authenticating a user of the authentication device in response to a user input;
  
  an authentication processor for generating the authentication message if the user authentication is valid, the authentication processor implementing a cryptographic function based on the user authentication credentials; and
  
  a transmitter for transmitting the authentication message to the at least one communication device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The apparatus of claim 1 wherein the authentication device and the at least one communication device are arranged to communicate using a Private Key Infrastructure.
  - 3. The apparatus of claim 1 wherein the user input is a biometric input.
  - 4. The apparatus of claim 1 wherein the user authentication device further comprises a detector for detecting a wearable status of the authentication device;
    - a state controller for entering an authenticated state in response to the authentication of the user when the wearable indication indicates that the authentication device is in a worn state, and for exiting the authenticated state in response to a detection of a disruption in the worn state of the authentication device; and
      
      the authentication device is arranged to transmit the user authentication message only if the authentication device is in the worn state.
  - 5. The apparatus of claim 1 wherein the at least one communication device is arranged to transmit an authentication request message to the authentication device;
    - and the authentication device is arranged to transmit the authenticating message in response to receiving the authentication request message.
  - 6. The apparatus of claim 5 wherein the user authentication processor is arranged to initiate the authentication of the user in response to receiving the authentication request message.
  - 7. The apparatus of claim 5 wherein the authentication request message comprises a transaction identification and the authentication processor is arranged to generate the authentication message in response to the transaction identification.
  - 8. The apparatus of claim 5 wherein the authentication device comprises a receive processor for authenticating the authentication request message.
  - 9. The apparatus of claim 8 wherein the authentication request message comprises at least some data encoded by a cryptographic function of the remote server and the receive processor is arranged to authenticate the authentication request message by decoding the data using a corresponding cryptographic function.
  - 10. The apparatus of claim 1 wherein the at least one communication device comprises a user interface for presenting transaction details and a transaction identity for a transaction to be authorised, and the authentication device comprises a user interface for presenting the transaction identity.
  - 11. The apparatus of claim 1 wherein the user authentication credentials comprise a private key.
  - 12. The apparatus of claim 10 wherein the private key is a private key for the user.
  - 13. The apparatus of claim 1 wherein the authentication device further comprises a security association for the authentication device, and the authentication processor is arranged to further generate the authentication message in response to the security association.
  - 14. The apparatus of claim 1 wherein the authentication device is arranged to communicate with a plurality of communication devices over a personal access network.
  - 15. The apparatus of claim 1 wherein the communication device and the authentication device are arranged to communicate using a wireless communication link.
  - 16. The apparatus of claim 1 wherein the at least one communication device and the authentication device are arranged to communicate using a secure communication link.
  - 17. The apparatus of claim 1 wherein the at least one communication device and the authentication device are arranged to communicate using an unsecured communication link.
  - 18. The apparatus of claim 1 wherein the at least one communication device comprises means for communicating with a plurality of authentication devices over a personal access network.

19. An authentication device for user authentication comprising:
- a data store for storing user authentication credentials;
  
  a user authentication processor for authenticating a user of the authentication device in response to a user input;
  
  an authentication processor for generating the authentication message if the user authentication is valid, the authentication processor implementing a cryptographic function based on the user authentication credentials; and
  
  a transmitter for transmitting the authentication message to at least one communication device for communication with a remote server.

20. A method of user authentication in a communication system including an authentication device and at least one communication device for communicating with a remote server and the authentication device, the method comprising:
- the authentication device storing user authentication credentials;
  
  the authentication device authenticating a user of the authentication device in response to a user input;
  
  the authentication device generating the authentication message if the user authentication is valid, the authentication processor implementing a cryptographic function based on the user authentication credentials;
  
  the authentication device transmitting the authentication message to the at least one communication device;
  
  the at least one communication device receiving the authentication message; and
  
  the at least one communication device forwarding a user authentication message in response to the authentication message to the remote server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Motorola Solutions, Inc.
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Roux, Pierre, Nakhjiri, Madjid, Fratti, Marco

Granted Patent

US 7,725,717 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/321   involving a third party or ...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3273   for mutual authentication n...

Method and apparatus for user authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for user authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links