Proxy Authentication Methods and Apparatus

US 20080082452A1
Filed: 12/04/2006
Published: 04/03/2008
Est. Priority Date: 10/03/2006
Status: Active Grant

First Claim

Patent Images

1. A method for authorizing a transaction using a personal terminal, a transaction terminal and an electronic identification device having memory, the electronic identification device having been offered up to the personal terminal for communication therewith and verification information having been entered into the personal terminal, the method comprising:

the personal terminal verifying if the verification information is valid and setting a verification flag in the memory of the electronic identification device indicative of the verification information being valid, andreceiving evidence of the status of the verification flag at the transaction terminal from the electronic identification device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A proxy authentication method and apparatus is described for use in user authentication, e.g. for payment transactions.

The authentication is carried out before the transaction between a electronic, e.g. digital identification device and a person terminal. Verification information is entered at the personal terminal to authenticate the user and if this is successful a verification flag is set in the digital identification device.

The status of this flag, or an encrypted version thereof can be used by a transaction terminal of evidence that the user has been authenticated without having to transmit any secret identification information to the transaction terminal.

71 Citations

View as Search Results

24 Claims

1. A method for authorizing a transaction using a personal terminal, a transaction terminal and an electronic identification device having memory, the electronic identification device having been offered up to the personal terminal for communication therewith and verification information having been entered into the personal terminal, the method comprising:
- the personal terminal verifying if the verification information is valid and setting a verification flag in the memory of the electronic identification device indicative of the verification information being valid, andreceiving evidence of the status of the verification flag at the transaction terminal from the electronic identification device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 23, 24)
- - 2. The method of claim 1 wherein the evidence is generated by the electronic identification device by a computation of cryptographic code.
  - 3. The method of claim 2, wherein the cryptographic code is in the form of a digital signature.
  - 4. The method of claim 1, wherein the transaction terminal verifies the evidence offline.
  - 5. The method of claim 1, wherein verification of the evidence is carried out online by an authorization entity of an issuer of the digital identification device.
  - 6. The method of claim 5, wherein the evidence is a Message Authentication Code.
  - 7. The method of claim 1, wherein the verification information is a secret identification code.
  - 8. The method of claim 1, wherein the verification information is biometric data.
  - 9. The method of claim 1 further comprising storing a cryptographic authentication token in the electronic identification device, the cryptographic authentication token being evidence of the status of the verification flag.
  - 10. The method according to claim 1, wherein the transaction terminal authorizes a transaction at the transaction terminal in response to the receipt of the evidence.
  - 11. The method according to claim 10, wherein the evidence is transmitted from the transaction terminal to the authorization entity over a communications link;
    - further comprising;
      
      receiving a response from said authorization entity; and
      
      authorizing a transaction at the transaction terminal in response to said receiving step.
  - 23. A computer program product comprising code for carrying out the method of claim 1 when executed on a processing device.
  - 24. A machine readable storage medium comprising the computer program product of claim 23.

12. A system for authorizing a transaction using a personal terminal, a transaction terminal and an electronic identification device having memory, the electronic identification device having been offered up to the personal terminal for communication therewith and verification information having been entered into the personal terminal, wherein:
- the personal terminal has means for verifying if the verification information is valid and for setting a verification flag in the memory of the electronic identification device indicative of the verification information being valid, andthe transaction terminal has means for receiving evidence of the status of the verification flag at the transaction terminal from the electronic identification device.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12 wherein the electronic identification device and/or the personal terminal has means for generating the evidence as a cryptographic code.
  - 14. The system of claim 13, wherein the means for generating evidence as a cryptographic code has means for generating a digital signature.
  - 15. The system of claim 12, wherein the transaction terminal has means for verifying the evidence offline.
  - 16. The system of claim 12, wherein the system has means for verification of the evidence online by an authorization entity of an issuer of the electronic identification device.
  - 17. The system of claim 16, wherein the evidence is a Message Authentication Code.
  - 18. The system of claim 12, wherein the verification information is a secret identification code.
  - 19. The system of claim 12, wherein the electronic identification device has means for storing a cryptographic authentication token in the digital identification device, the cryptographic authentication token being evidence of the status of the verification flag.
  - 20. The system according to claim 12, wherein the transaction terminal has means to authorize a transaction at the transaction terminal in response to the receipt of the evidence.
  - 21. The system according to claim 20, wherein the transaction terminal has means for transmitting the evidence from the transaction terminal to the authorization entity over a communications link, means for receiving a response from said authorization entity;
    - and authorizing a transaction at the transaction terminal in response to said receiving step.

22. A personal terminal for use with an electronic identification device having memory, comprising means for communicating with the electronic identification device,means for entering verification information, andmeans for verifying if the verification information is valid and for sending via the means for communicating a verification flag to be set in the memory of the electronic identification device indicative of the verification information being valid.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Roberts, David Anthony, Radu, Cristian, Wankmueller, John

Granted Patent

US 8,151,335 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/18   involving self-service term...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/367   involving electronic purses...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/03   Credit; Loans; Processing t...

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

G07F 7/1025   Identification of user by a...

Proxy Authentication Methods and Apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

71 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Proxy Authentication Methods and Apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links