HANDHELD MULTIPLE ROLE ELECTRONIC AUTHENTICATOR AND ITS SERVICE SYSTEM
First Claim
Patent Images
1. A handheld electronic multi-role identification authenticator providing a plurality of dynamic authentication codes associated with a plurality of service providers comprising:
- a keypad unit operable to receive key inputs;
a display unit operable to display codes;
a plurality of foils, each foil storing a first secret key, a first communication key, and a plurality of dynamic variables; and
a computing unit operable to generate a plurality of dynamic authentication codes in accordance with a predetermined algorithm, each dynamic authentication code generated based on the first secret key and the dynamic variables stored on one of said foils.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a handheld electronic authenticator and its service system that provide multiple dynamic authentication codes for authenticating with multiple service providers. The authenticator provides multiple dynamic authentication codes (e.g., including electronic signatures) for the multiple service providers, using an algorithm, secret key and dynamic variables chosen and maintained by the service provider.
34 Citations
41 Claims
-
1. A handheld electronic multi-role identification authenticator providing a plurality of dynamic authentication codes associated with a plurality of service providers comprising:
-
a keypad unit operable to receive key inputs; a display unit operable to display codes; a plurality of foils, each foil storing a first secret key, a first communication key, and a plurality of dynamic variables; and a computing unit operable to generate a plurality of dynamic authentication codes in accordance with a predetermined algorithm, each dynamic authentication code generated based on the first secret key and the dynamic variables stored on one of said foils. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of a service provider authenticating using a handheld electronic multi-role authenticator associated with a plurality of service providers, comprising:
-
receiving from the authenticator a first dynamic authentication code generated based on a plurality of dynamic variables and a secret key using a predetermined algorithm; generating a first dynamic verification code generated based on the dynamic variables and the secret key using the predetermined algorithm; comparing the first dynamic authentication code to the first dynamic verification code; and determining authenticity based on a result of the comparison, wherein the secret key is generated by the service provider and the plurality of dynamic variables is maintained by the service provider. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
-
27. A method of authentication for conducting a transaction using a handheld electronic multi-role authenticator associated with a plurality of service providers, comprising:
-
providing a dynamic authentication code associated with a service provider; providing a public name associated with the authentication code; identifying a server of the service provider based on the public name; and authenticating the dynamic authentication code with the identified server of the service provider. - View Dependent Claims (28, 29, 33, 34)
-
-
30. The method of 28, wherein the determining comprises:
-
a) varying the dynamic variables in a first predetermined range if the first dynamic authentication code is not identical to the first dynamic verification code; b) generating a new authentication code based on the varied dynamic variables and the secret key using the predetermined algorithm; c) comparing the first dynamic authentication code to the new dynamic verification code; d) authenticating if the first dynamic authentication code is identical to the new dynamic verification code; e) repeating steps a)-d) if the first dynamic authentication code is not identical to the new dynamic verification code; f) rejecting if the first dynamic authentication code is outside a second predetermined range; and g) requesting a second dynamic authentication code from the authenticator if the first dynamic authentication code is not identical to all new dynamic verification codes generated in the first predetermined range.
-
-
31. The method of 30, wherein the requesting comprises:
-
sending by the service provider a request for the second dynamic authentication code to the authenticators said request containing command and data for setting the dynamic variables maintained by the service provider; setting the dynamic variables in the authenticator based on the command and data contained in the request; generating the second dynamic authentication code based on the set dynamic variables and sending the new dynamic authentication code to the service provider; and determining authenticity of the second dynamic authentication code by the service provider. - View Dependent Claims (32)
-
-
35. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform a method of a service provider authenticating using a handheld electronic multi-role authenticator associated with a plurality of service providers, comprising:
-
receiving from the authenticator a first dynamic authentication code generated based on a plurality of dynamic variables and a secret key using a predetermined algorithm; generating a first dynamic verification code generated based on the dynamic variables and the secret key using the predetermined algorithm; comparing the first dynamic authentication code to the first dynamic verification code; and determining authenticity based on a result of the comparison, wherein the secret key is generated by the service provider and the plurality of dynamic variables is maintained by the service provider. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
Specification