SIMPLIFIED MULTI-FACTOR AUTHENTICATION

US 20100138666A1
Filed: 12/01/2008
Published: 06/03/2010
Est. Priority Date: 12/01/2008
Status: Active Grant

First Claim

Patent Images

1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:

receiving a biometric candidate;

generating a cryptographic key from said biometric candidate;

decrypting a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;

transmitting said decrypted character sequence to said identity verification element;

receiving, from said identity verification element, an indication of character sequence verification;

determining, from said indication, that said identity verification element has verified said decrypted character sequence; and

responsive to said determining, proceeding with said multi-factor authentication sequence.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A reader element is associated with an identity verification element. The reader element has a biometric input device and is configured, through enrollment of a biometric element is used to encrypt a character sequence associated with the identity verification element. In a verification phase subsequent to the enrollment, a user may be spared a step of providing the character sequence by, instead, providing the biometric element. Responsive to receiving the biometric element, the reader element may decrypt the character sequence and provide the character sequence to the identity verification element.

87 Citations

View as Search Results

17 Claims

1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:
- receiving a biometric candidate;
  
  generating a cryptographic key from said biometric candidate;
  
  decrypting a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;
  
  transmitting said decrypted character sequence to said identity verification element;
  
  receiving, from said identity verification element, an indication of character sequence verification;
  
  determining, from said indication, that said identity verification element has verified said decrypted character sequence; and
  
  responsive to said determining, proceeding with said multi-factor authentication sequence.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein said biometric candidate comprises a candidate fingerprint.
  - 3. The method of claim 1 wherein said identity verification element comprises a smart card.
  - 4. The method of claim 3 wherein said character sequence comprises a personal identification number associated with said smart card.
  - 5. The method of claim 1 wherein said proceeding with said multi-factor authentication sequence comprises:
    - extracting a biometric template from said identity verification element; and
      
      determining that said biometric candidate matches said biometric template.
  - 6. The method of claim 5 wherein said proceeding with said multi-factor authentication sequence further comprises:
    - receiving a random challenge from an associated device;
      
      transmitting said random challenge to said identity verification element;
      
      receiving a signed challenge from said identity verification element; and
      
      transmitting said signed challenge to said associated device.

7. A smart card reader comprising:
- a storage component interface for receiving a smart card for communication therewith;
  
  a memory for storing an encrypted character sequence associated with said smart card;
  
  a biometric input device; and
  
  a processor adapted to;
  
  receive a biometric candidate from said biometric input device;
  
  generate a cryptographic key from said biometric candidate;
  
  decrypt said encrypted character sequence, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;
  
  transmit said decrypted character sequence to said smart card;
  
  receive, from said smart card, an indication of character sequence verification;
  
  determine, from said indication, that said smart card has verified said decrypted character sequence; and
  
  responsive to said determining, proceed with said multi-factor authentication sequence.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The smart card reader of claim 7 wherein said biometric candidate comprises a candidate fingerprint.
  - 9. The smart card reader of claim 7 wherein said character sequence comprises a personal identification number associated with said smart card.
  - 10. The smart card reader of claim 7 wherein, to proceed with said multi-factor authentication sequence, said processor is further adapted to:
    - extract a biometric template from said identity verification element; and
      
      determine that said biometric candidate matches said biometric template.
  - 11. The smart card reader of claim 10 wherein, to proceed with said multi-factor authentication sequence, said processor is further adapted to:
    - receive a random challenge from an associated device;
      
      transmit said random challenge to said identity verification element;
      
      receive a signed challenge from said identity verification element; and
      
      transmit said signed challenge to said associated device.

12. A computer readable medium containing computer-executable instructions that, when performed by a processor, cause said processor to:
- receive a biometric candidate;
  
  generate a cryptographic key from said biometric candidate;
  
  decrypt a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;
  
  transmit said decrypted character sequence to said identity verification element;
  
  receive, from said identity verification element, an indication of character sequence verification;
  
  determine, from said indication, that said identity verification element has verified said decrypted character sequence; and
  
  responsive to said determining, proceed with a multi-factor authentication sequence.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The computer readable medium of claim 12 wherein said biometric candidate comprises a candidate fingerprint.
  - 14. The computer readable medium of claim 12 said identity verification element comprises a smart card.
  - 15. The computer readable medium of claim 14 wherein said character sequence comprises a personal identification number associated with said smart card.
  - 16. The computer readable medium of claim 12 wherein, to proceed with said multi-factor authentication sequence, said instructions further cause said processor to:
    - extract a biometric template from said identity verification element; and
      
      determine that said biometric candidate matches said biometric template.
  - 17. The computer readable medium of claim 16 wherein, to further proceed with said multi-factor authentication sequence, said instructions further cause said processor to:
    - receive a random challenge from an associated device;
      
      transmit said random challenge to said identity verification element;
      
      receive a signed challenge from said identity verification element; and
      
      transmit said signed challenge to said associated device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Sibley, Richard Paul, Adams, Neil Patrick, Singh, Ravi, Davis, Dinah Lea Marie

Granted Patent

US 8,370,640 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/40145   Biometric identity checks

G07F 7/0886   the card reader being porta...

G07F 7/1091   Use of an encrypted form of...

H04L 2209/80   Wireless network architectu...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3271   using challenge-response

H04W 12/06   Authentication

SIMPLIFIED MULTI-FACTOR AUTHENTICATION

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

SIMPLIFIED MULTI-FACTOR AUTHENTICATION

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links