PERSONAL DIGITAL KEY INITIALIZATION AND REGISTRATION FOR SECURE TRANSACTIONS

US 20070260888A1
Filed: 05/05/2007
Published: 11/08/2007
Est. Priority Date: 05/05/2006
Status: Active Grant

First Claim

Patent Images

1. A method of using a programmer to initialize a personal digital key (PDK) for use in secure authentication, comprising:

reading user information from a user PDK to determine if the user is authorized for initialization;

reading notary information from a notary PDK to determine if the notary is authorized to administer the initialization; and

acquiring a biometric input from the user, wherein the acquisition is witnessed by the notary; and

responsive to the user and notary being authorized, storing a biometric profile based on the acquired biometric input to the user'"'"'s PDK.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A personal digital key (PDK) is programmed using a trusted programming device to initialize and/or register the PDK for use. In one embodiment, the initialization and registration processes are administered by a specialized trusted Notary to ensure the processes follow defined security procedures. In a biometric initialization, the programming device acquires a biometric input from a user and writes the biometric data to a tamperproof memory in the PDK. In registration, the Programmer communicates to one or more remote registries to create or update entries associated with the user PDK. Once initialized and registered, the PDK can be used for various levels of secure authentication processes.

143 Citations

View as Search Results

24 Claims

1. A method of using a programmer to initialize a personal digital key (PDK) for use in secure authentication, comprising:
- reading user information from a user PDK to determine if the user is authorized for initialization;
  
  reading notary information from a notary PDK to determine if the notary is authorized to administer the initialization; and
  
  acquiring a biometric input from the user, wherein the acquisition is witnessed by the notary; and
  
  responsive to the user and notary being authorized, storing a biometric profile based on the acquired biometric input to the user'"'"'s PDK.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein determining if the user is authorized for initialization comprises:
    - detecting the user PDK;
      
      checking a status of the user PDK in a registry; and
      
      responsive to the status being in good standing, determining that the user is authorized for initialization.
  - 3. The method of claim 2, wherein the user PDK is in good standing if the user PDK has not been reported as lost, stolen, expired, or revoked.
  - 4. The method of claim 2, wherein the user PDK is in good standing if the user PDK has never been initialized.
  - 5. The method of claim 1, wherein acquiring the biometric input comprises:
    - scanning the biometric input from a user associated with the user PDK; and
      
      performing a transformation on the biometric input to generate the biometric profile.
  - 6. The method of claim 5, further comprising:
    - checking the quality of the scanned biometric input; and
      
      responsive to the quality not being satisfactory, re-scanning the biometric input.
  - 7. The method of claim 1, further comprising storing initialization history data to the programmer, wherein initialization history data comprises at least one of a user PDK ID, a notary ID, a programmer ID, and a site ID.
  - 8. The method of claim 1, further comprising writing initialization history data to the user PDK, wherein initialization history data comprises at least one of a user PDK ID, a notary ID, a programmer ID, and a site ID.
  - 9. The method of claim 1, further comprising:
    - receiving a hardware authentication request from the user PDK;
      
      transmitting programmer information to the user PDK; and
      
      responsive to the user PDK determining that the programmer is a valid device, receiving authorization from the user PDK to continue initialization.
  - 10. The method of claim 1, wherein determining if the notary is authorized to administer initialization comprises:
    - detecting the notary PDK;
      
      checking a status of the notary PDK in a registry; and
      
      responsive to the status being in good standing, determining that the notary is authorized to use the programmer for initialization of the user PDK.
  - 11. The method of claim 10, wherein the notary PDK is in good standing if the notary PDK has not been reported as lost, stolen, expired, or revoked.
  - 12. The method of claim 1, further comprising determining if the programmer is in good standing.
  - 13. The method of claim 12, wherein the programmer is in good standing if the programmer has not been reported as lost, stolen, expired, or revoked and the programmer does not comprise altered software.
  - 14. The method of claim 1, wherein the notary administers the initialization process from a remote location.
  - 15. The method of claim 1, further comprising transmitting registry information to a remote registry to add or update a registry entry, wherein the registry information comprises at least one of a user PDK ID, purchasing information, and personal information.

16. An apparatus for programming a user'"'"'s personal digital key (PDK) for use in secure authentication, comprising:
- a PDK interface adapted to receive user information from a user PDK and receive notary information from a notary PDK;
  
  a biometric reader, the biometric reader adapted to acquire a biometric input from the user; and
  
  a processor coupled to the PDK interface and the biometric reader, the processor adapted to instruct the PDK interface to write a biometric profile based on the biometric input to the user PDK responsive to determining that the user information and the notary information are valid.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The apparatus of claim 16, further comprising a network interface coupled to the processor, the network interface adapted to transmit user PDK information to a remote registry and receive status information from the remote registry
  - 18. The apparatus of claim 17, wherein the processor is further adapted to determine that the user is authorized for initialization responsive to the remote registry indicating that the PDK has not been reported as lost, stolen, expired, or revoked.
  - 19. The apparatus of claim 17, wherein the processor is further adapted to determine the user is authorized for initialization responsive to the registry indicating that the PDK has never been initialized.
  - 20. The apparatus of claim 16, wherein the processor is further adapted to check the quality of the acquired biometric input, and responsive to the quality not being satisfactory, instructing the biometric reader to re-scan the biometric input, and responsive to the quality being satisfactory, computing the biometric profile from the acquired biometric data.
  - 21. The apparatus of claim 16, further comprising a storage module adapted to store initialization history data, the initialization history data comprising at least one of a user PDK ID, a notary ID, a programmer ID, and a site ID.
  - 22. The apparatus of claim 16, wherein the PDK interface is further adapted to write initialization history data to the user PDK, wherein initialization history data comprises at least one of a user PDK ID, a notary ID, a programmer ID, and a site ID.
  - 23. The apparatus of claim 16, wherein the biometric reader is adapted to obtain a representation of physical or behavioral characteristics derived from the individual.
  - 24. The apparatus of claim 16, wherein the biometric reader comprises at least one of a fingerprint scanner, a retinal scanner, an iris scanner, a face scanner, a palm scanner, a DNA analyzer, a signature analyzer, and a voice analyzer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Proxense, LLC
Original Assignee
Proxense, LLC
Inventors
Brown, David, Hirt, Fred, Giobbi, John

Granted Patent

US 8,412,949 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 2221/2115   Third party

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G07C 2209/12   Comprising means for protec...

G07C 9/257   electronically G07C9/26 tak...

G07C 9/26   using a biometric sensor in...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0861   using biometrical features,...

H04L 9/0866   involving user or device id...

H04L 9/3231   Biological data, e.g. finge...

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

PERSONAL DIGITAL KEY INITIALIZATION AND REGISTRATION FOR SECURE TRANSACTIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

143 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

PERSONAL DIGITAL KEY INITIALIZATION AND REGISTRATION FOR SECURE TRANSACTIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

143 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links