METHOD AND DEVICE FOR SECURE PHONE BANKING

US 20080144787A1
Filed: 12/15/2006
Published: 06/19/2008
Est. Priority Date: 12/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method operational on a small form-factor telephone security device, comprising:

receiving dual tone multi-frequency (DTMF) tones front a telephone over a first communication interface;

encrypting the DTMF tones received from the telephone; and

sending the encrypted DTMF tones to a security server over a second communication interface.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A small form-factor security device is provided that may be inserted in series with a telephone line to encrypt dual tone multi-frequency (DTMF) tones from a telephone to prevent unauthorized disclosure of sensitive information. A receiving device decrypts the encrypted DTMF tones to receive the original information sent by the telephone. The security device acts as a second factor in a two-factor authentication scheme with a tele-services security server that authenticates the security device.

40 Citations

View as Search Results

53 Claims

1. A method operational on a small form-factor telephone security device, comprising:
- receiving dual tone multi-frequency (DTMF) tones front a telephone over a first communication interface;
  
  encrypting the DTMF tones received from the telephone; and
  
  sending the encrypted DTMF tones to a security server over a second communication interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 further comprising:
    - receiving an activation signal from the security device; and
      
      placing the security device into an active mode of operation once the activation signal is received, wherein active mode the security device is configured toencrypt DTMF tones received from the telephone are, andallow voice signals to pass through the security device unchanged.
  - 3. The method of claim 1 further comprising:
    - passing DTMF tones from the telephone through unchanged between the first communication interface to a second communication interface in a passive mode of operation.
  - 4. The method of claim 1 further comprising:
    - powering the security device upon a call being initiated between the telephone and the security server.
  - 5. The method of claim 1 further comprising:
    - receiving an authentication challenge from the security server;
      
      replying to the authentication challenge with an authentication response; and
      
      receiving a confirmation indicating that the security server has successfully authenticated the security device.
  - 6. The method of claim 1 further comprising:
    - converting a first DTMF tone received over the first communication interface into a first symbol;
      
      pseudorandomly selecting a translation table from a plurality of translation tables;
      
      translating the first symbol into a second symbol using the selected translation table;
      
      converting the second symbol into a second DTMF tone; and
      
      sending the second DTMF tone as the encrypted DTMF tone.
  - 7. The method of claim 6 further comprising:
    - obtaining a pseudorandom number from a keystream generated at the security device; and
      
      shuffling symbols in a base translation table based on the pseudorandom number to obtain the selected translation table.
  - 8. The method of claim 6 further comprising:
    - converting DTMF tones received over the first communication interface into associated symbols within a set of symbols;
      
      pseudorandomly selecting an associated translation table from a plurality of translation tables for each DTMF tone received; and
      
      translating the associated symbol for each DTMF tone received into an encrypted symbol based on its associated translation table.
  - 9. The method of claim 1 wherein the security device is positioned proximate the telephone and coupled in series between the telephone and the security server.
  - 10. The method of claim 1 further comprising:
    - detecting the telephone number called by the telephone;
      
      encrypting DTMF tones received from the telephone if the telephone number is recognized as an associated secure institution; and
      
      passing DTMF tones received from the telephone to the security server unchanged otherwise.

11. A small form-factor telephone security device, comprising:
- means for receiving dual tone multi-frequency (DTMF) tones from a telephone over a first communication interface;
  
  means for encrypting the DTMF tones received from the telephone; and
  
  means for sending the encrypted DTMF tones to a security server over a second communication interface.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The device of claim 11 further comprising:
    - means for receiving an activation signal from the security device; and
      
      means for placing the security device into an active mode of operation once the activation signal is received.
  - 13. The method of claim 11 further comprising:
    - means for passing DTMF tones through unchanged between the first communication interface to a second communication interface in a passive mode of operation.
  - 14. The device of claim 11 further comprising:
    - means for converting a first DTMF tone received over the first communication interface into a first symbol;
      
      means for pseudorandomly selecting a translation table from a plurality of translation tables;
      
      means for translating the first symbol into a second symbol using the selected translation table;
      
      means for converting the second symbol into a second DTMF tone; and
      
      means for sending the second DTMF tone as the encrypted DTMF tone.
  - 15. The device of claim 14 further comprising:
    - means for obtaining a pseudorandom number from a keystream generated at the security device; and
      
      means for shuffling symbols in a base translation table based on the pseudorandom number to obtain the selected translation table.

16. A small form-factor telephone security device, comprising:
- a first communication interface for communicating with a telephone;
  
  a second communication interface for communicating with a security server;
  
  a processing circuit coupled between the first communication interface and the second communication interface, the processing circuit configured toreceive dual tone multi-frequency (DTMF) tones from the telephone;
  
  encrypt the received DTMF tones; and
  
  send the encrypted DTMF tones to the security server.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The device of claim 16 wherein the processing circuit is further configured toreceive an activation signal from the security device;
    - andplace the security device into an active mode of operation once the activation signal is received.
  - 18. The device of claim 16 the processing circuit is further configured topass DTMF tones through unchanged between the first communication interface to a second communication interface in a passive mode of operation.
  - 19. The device of claim 16 further comprising:
    - a DTMF tone detector coupled to the processing circuit to detect when a DTMF tone is received over the first communication interface; and
      
      a DTMF encryption module coupled to the processing circuit to assist the processing circuit in converting a received DTMF tone into an encrypted DTMF tone.
  - 20. The device of claim 16 wherein the processing circuit is further configured toconvert a first DTMF tone received over the first communication interface into a first symbol;
    - pseudorandomly select a translation table from a plurality of translation tables;
      
      translate the first symbol into a second symbol by using the selected translation table;
      
      convert the second symbol into a second DTMF tone; and
      
      send the second DTMF tone as the encrypted DTMF tone.
  - 21. The device of claim 20 wherein the processing circuit is further configured toobtain a pseudorandom number from a keystream generated at the security device;
    - andshuffle symbols in a base translation table based on the pseudorandom number to obtain the selected translation table.

22. A machine-readable medium having one or more instructions operational on a security device for securing information transmitted by a telephone, which when executed by a processor causes the processor to:
- receive dual tone multi-frequency (DTMF) tones from the telephone over a first communication interface;
  
  encrypt the DTMF tones received from the telephone; and
  
  sending the encrypted DTMF tones over a second communication interface.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The machine-readable medium of claim 22 having one or more instructions which when executed by a processor causes the processor to further:
    - place the security device into an active mode of operation if an activation signal is received, wherein activation mode received DTMF tones are converted to encrypted DTMF tones; and
      
      pass DTMF tones through unchanged between the first communication interface to a second communication interface in a passive mode of operation.
  - 24. The machine-readable medium of claim 22 having one or more instructions which when executed by a processor causes the processor to further:
    - authenticate the security device with a receiving device coupled to the second communication interface.
  - 25. The machine-readable medium of claim 22 having one or more instructions which when executed by a processor causes the processor to further:
    - generate a pseudorandom number;
      
      select a translation table from a plurality of translation tables based on the pseudorandom number; and
      
      translate a first DTMF tone received from the telephone into a second DTMF tone based on the selected translation table.
  - 26. The machine-readable medium of claim 25 having one or more instructions which when executed by a processor causes the processor to further:
    - generate other pseudorandom numbers for subsequent DTMF tones received from the telephone;
      
      select a translation table from the plurality of translation tables for each subsequent DTMF tone received based on the other pseudorandom numbers; and
      
      translate each DTMF tone received from the telephone into a other DTMF tones based on their selected translation tables.

27. A method operational on a telephone security server, comprising:
- receiving a call from a dual tone multi-frequency (DTMF)-enabled telephone;
  
  sending an activation signal to a security device associated with the DTMF-enabled telephone to activate encryption of DTMF tones from the telephone;
  
  receiving encrypted DTMF tones from the security device; and
  
  decrypting the received DTMF tones to obtain information sent by the telephone.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. The method of claim 27 wherein the security device is positioned proximate the telephone and coupled in series between the telephone and the security server.
  - 29. The method of claim 27 further comprising:
    - sending an authentication challenge to the security device;
      
      receiving an authentication response from the security device; and
      
      sending a confirmation to the security device if the authentication response is valid for the authentication challenge.
  - 30. The method of claim 27 wherein decrypting a received DTMF tone results in obtaining part of a number entered by a user of the telephone.
  - 31. The method of claim 27 further comprising:
    - synchronizing a symbol encryption algorithm between the security server and the security device.
  - 32. The method of claim 27 wherein decrypting the received DTMF tones includesconverting a first DTMF tone into a first symbol;
    - translating the first symbol into a second symbol using a pseudorandomly selected symbol-to-symbol reverse translation table; and
      
      converting the second symbol into a second DTMF tone.

33. A telephone security server, comprising:
- means for receiving a call from a dual tone multi-frequency (DTMF)-enabled telephone;
  
  means for sending an activation signal to a security device associated with the DTMF-enabled telephone to activate encryption of DTMF tones from the telephone;
  
  means for receiving encrypted DTMF tones from the security device; and
  
  means for decrypting the received DTMF tones to obtain information sent by the telephone.
- View Dependent Claims (34, 35)
- - 34. The telephone security server of claim 33 further comprising:
    - means for sending an authentication challenge to the security device;
      
      means for receiving an authentication response from the security device; and
      
      means for sending a confirmation to the security device if the authentication response is valid for the authentication challenge.
  - 35. The telephone security server of claim 33 further comprising:
    - means for converting a first DTMF tone into a first symbol;
      
      means for translating the first symbol into a second symbol using a pseudorandomly selected symbol-to-symbol reverse translation table; and
      
      means for converting the second symbol into a second DTMF tone.

36. A telephone security server, comprising:
- a communication module for receiving telephone calls from dual tone multi-frequency (DTMF) enabled telephones;
  
  a DTMF decryption module for decrypting encrypted DTMF tones; and
  
  a processing circuit coupled to the communication module and the DTMF decryption module, the processing circuit configured toreceive encrypted DTMF tones from a security device associated with a DTMF-enabled telephone; and
  
  decrypt the received DTMF tones to obtain information sent by the telephone.
- View Dependent Claims (37, 38, 39)
- - 37. The server of claim 36 wherein the processing circuit is further configured toreceive a call from the DTMF-enabled telephone;
    - andsend an activation signal to the security device associated with the DTMF-enabled telephone to activate encryption of DTMF tones from the telephone.
  - 38. The server of claim 36 further comprising:
    - an authentication module to authenticate the security device.
  - 39. The server of claim 36 wherein the processing circuit is further configured toconvert a first DTMF tone into a first symbol;
    - translate the first symbol into a second symbol using a pseudorandomly selected symbol-to-symbol reverse translation table; and
      
      convert the second symbol into a second DTMF tone.

40. A machine-readable medium having one or more instructions operational on a telephone security server for securing information transmitted from a telephone as dual tone multi-frequency (DTMF) tomes, which when executed by a processor causes the processor to:
- authenticate a security device associated with the telephone;
  
  receive encrypted DTMF tones from the security device; and
  
  decrypt the received DTMF tones to obtain information sent by the telephone.
- View Dependent Claims (41, 42)
- - 41. The machine-readable medium of claim 40 having one or more instructions which when executed by a processor causes the processor to further:
    - receive a call from the telephone; and
      
      send an activation signal to a security device associated with the telephone to activate encryption of DTMF tones from the telephone.
  - 42. The machine-readable medium of claim 40 having one or more instructions which when executed by a processor causes the processor to further:
    - convert the encrypted DTMF tones into digital symbols;
      
      obtain a symbol-to-symbol reverse translation table for each of the digital symbols; and
      
      translate each digital symbol using the reverse translation table.

43. A method operational on a mobile communication device, comprising:
- initiating a call to a tele-services station;
  
  receiving a pseudorandom authentication challenge from the tele-services station;
  
  sending an authentication response to the tele-services station, wherein the authentication response is based on the pseudorandom authentication challenge and an authentication key pre-arranged by both the mobile communication device and the tele-services station;
  
  requesting sensitive information from the tele-services station; and
  
  receiving the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station.
- View Dependent Claims (44, 45, 46)
- - 44. The method of claim 43 further comprising:
    - sending a user identifier to the tele-services station, wherein the user identifier is further used to authenticate the mobile communication device.
  - 45. The method of claim 43 wherein the mobile communication device is a mobile phone and the tele-services station is associated with a financial institution.
  - 46. The method of claim 43 further comprising:
    - generating a session key based on the pseudorandom authentication challenge and the authentication response; and
      
      decrypting the sensitive information using the session key.

47. A mobile communication device, comprising:
- means for initiating a call to a tele-services station;
  
  means for receiving a pseudorandom authentication challenge from the tele-services station;
  
  means for sending an authentication response to the tele-services station, wherein the authentication response is based on the pseudorandom authentication challenge and an authentication key pre-arranged by both the mobile communication device and the tele-services station;
  
  means for requesting sensitive information from the tele-services station; and
  
  means for receiving the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station.
- View Dependent Claims (48, 49)
- - 48. The device of claim 47 further comprising:
    - means for sending a user identifier to the tele-services station, wherein the user identifier is further used to authenticate the mobile communication device.
  - 49. The device of claim 47 further comprising:
    - means for generating a session key based on the pseudorandom authentication challenge and the authentication response; and
      
      means for decrypting the sensitive information using the session key.

50. A mobile communication device, comprising:
- a communication module for communicating over a wireless communication network; and
  
  a processing circuit coupled to the communication module, the processing circuit configured toinitiate a call to a tele-services station;
  
  receive a pseudorandom authentication challenge from the tele-services station;
  
  send an authentication response to the tele-services station, wherein the authentication response is based on the pseudorandom authentication challenge and an authentication key pre-arranged by both the mobile communication device and the tele-services station;
  
  request sensitive information from the tele-services station; and
  
  receive the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station.
- View Dependent Claims (51)
- - 51. The device of claim 50 wherein the processing circuit is further configured togenerate a session key based on the pseudorandom authentication challenge and the authentication response;
    - anddecrypt the sensitive information using the session key.

52. A machine-readable medium having one or more instructions operational on a security device for securing information transmitted by a telephone, which when executed by a processor causes the processor to:
- initiate a call to a tele-services station;
  
  receive a pseudorandom authentication challenge from the tele-services station;
  
  send an authentication response to the tele-services station, wherein the authentication response is based on the pseudorandom authentication challenge and an authentication key pre-arranged by both the mobile communication device and the tele-services station;
  
  request sensitive information from the tele-services station; and
  
  receive the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station.
- View Dependent Claims (53)
- - 53. The machine-readable medium of claim 52 having one or more instructions which when executed by a processor causes the processor to further:
    - generate a session key based on the pseudorandom authentication challenge and the authentication response; and
      
      decrypt the sensitive information using the session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Gantman, Alexander, Rose, Gregory G., Choi, Jae-Hee, Noerenberg, John W.

Granted Patent

US 8,571,188 B2
Time in Patent Office

Days
Field of Search
US Class Current

379/93.03
CPC Class Codes

H04L 9/00   Cryptographic mechanisms or...

H04M 1/505   signals generated in digita...

H04M 1/68   Circuit arrangements for pr...

H04M 11/00   Telephonic communication sy...

H04M 2203/609   Secret communication

H04M 3/16   with lock-out or secrecy pr...

METHOD AND DEVICE FOR SECURE PHONE BANKING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND DEVICE FOR SECURE PHONE BANKING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links