SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY

US 20100241867A1
Filed: 06/07/2010
Published: 09/23/2010
Est. Priority Date: 07/29/2005
Status: Active Grant

First Claim

Patent Images

1. An authentication method, comprising:

receiving, at a mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key;

transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and

receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers.

Citations

20 Claims

1. An authentication method, comprising:
- receiving, at a mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key;
  
  transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and
  
  receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising the mobile communication device receiving the user authentication information via a user interface of the mobile communication device.
  - 3. The method of claim 1, wherein the challenge comprises a nonce generated and stored at the smart card, such that the user authentication information comprised in the response is encrypted using the challenge comprising the nonce, and wherein the encrypted user authentication information thus transmitted is decrypted at the smart card using the private key and the nonce.
  - 4. The method of claim 1, further comprising authenticating a user if the encrypted user authentication information thus decrypted matches predetermined authentication information.
  - 5. The method of claim 1, further comprising providing the mobile communication device access to a further private key stored in the secure memory.
  - 6. The method of claim 1, wherein the user authentication information comprises a PIN or password.

7. A method for providing authentication information to a smart card, the method comprising:
- receiving, at a mobile communication device from the smart card via a smart card reader over a wireless communication link, a challenge comprising a public key; and
  
  transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge, wherein the response is verifiable by the smart card by decrypting the encrypted user authentication information using a private key corresponding to the public key and matching the user authentication information thus decrypted with predetermined authentication information stored at the smart card.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising the mobile communication device receiving the user authentication information via a user interface of the mobile communication device.
  - 9. The method of claim 7, wherein the challenge comprises a nonce generated and stored at the smart card, such that the user authentication information comprised in the response is encrypted using the challenge comprising the nonce, and wherein the encrypted user authentication information thus transmitted is decryptable at the smart card using the private key and the nonce.
  - 10. The method of claim 7, further comprising authenticating a user if the encrypted user authentication information thus decrypted matches predetermined authentication information.
  - 11. The method of claim 7, further comprising providing the mobile communication device access to a further private key stored in the secure memory.
  - 12. The method of claim 7, wherein the user authentication information comprises a PIN or password.

13. An authentication method, comprising:
- transmitting, from a smart card to a mobile communication device via a smart card reader communicating with the mobile communication device over a wireless communication link, a challenge comprising a public key;
  
  receiving, at the smart card from the mobile communication device via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge;
  
  decrypting the user authentication information thus encrypted using a private key corresponding to the public key; and
  
  transmitting a verification signal from the smart card to the mobile communication device via the smart card reader upon determination that user authentication information thus decrypted matches predetermined authentication information stored at the smart card.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, wherein the user authentication information is received by the mobile communication device via a user interface.
  - 15. The method of claim 13, wherein the challenge comprises a nonce generated and stored at the smart card, such that the user authentication information comprised in the response is encrypted using the challenge comprising the nonce, and wherein decrypting the user authentication information thus encrypted comprises decrypting using the private key and the nonce.
  - 16. The method of claim 13, further comprising authenticating a user if the encrypted user authentication information thus decrypted matches predetermined authentication information.
  - 17. The method of claim 13, further comprising providing the mobile communication device access to a further private key stored in the secure memory.
  - 18. The method of claim 13, wherein the user authentication information comprises a PIN or password.

19. A computer program product comprising a non-transitory computer-readable medium comprising code which, when executed, causes a mobile communication device to carry out the method of:
- receiving, at the mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key;
  
  transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and
  
  receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card.

20. A computer program product comprising a non-transitory computer-readable medium comprising code which, when executed, causes a mobile communication device to carry out the method of:
- transmitting, from a smart card to a mobile communication device via a smart card reader communicating with the mobile communication device over a wireless communication link, a challenge comprising a public key;
  
  receiving, at the smart card from the mobile communication device via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge;
  
  decrypting the user authentication information thus encrypted using a private key corresponding to the public key; and
  
  transmitting a verification signal from the smart card to the mobile communication device via the smart card reader upon determination that user authentication information thus decrypted matches predetermined authentication information stored at the smart card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Adams, Neil P., BROWN, Michael K., Little, Herbert A.

Granted Patent

US 8,332,935 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1025   Identification of user by a...

SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links