SYSTEM AND METHOD FOR ENCRYPTED SMART CARD PIN ENTRY
First Claim
1. An authentication method, comprising:
- receiving, at a mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key;
transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and
receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card.
4 Assignments
0 Petitions
Accused Products
Abstract
A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers.
-
Citations
20 Claims
-
1. An authentication method, comprising:
-
receiving, at a mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key; transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for providing authentication information to a smart card, the method comprising:
-
receiving, at a mobile communication device from the smart card via a smart card reader over a wireless communication link, a challenge comprising a public key; and transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge, wherein the response is verifiable by the smart card by decrypting the encrypted user authentication information using a private key corresponding to the public key and matching the user authentication information thus decrypted with predetermined authentication information stored at the smart card. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An authentication method, comprising:
-
transmitting, from a smart card to a mobile communication device via a smart card reader communicating with the mobile communication device over a wireless communication link, a challenge comprising a public key; receiving, at the smart card from the mobile communication device via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; decrypting the user authentication information thus encrypted using a private key corresponding to the public key; and transmitting a verification signal from the smart card to the mobile communication device via the smart card reader upon determination that user authentication information thus decrypted matches predetermined authentication information stored at the smart card. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer program product comprising a non-transitory computer-readable medium comprising code which, when executed, causes a mobile communication device to carry out the method of:
-
receiving, at the mobile communication device from a smart card via a smart card reader over a wireless communication link, a challenge comprising a public key; transmitting, from the mobile communication device to the smart card over the wireless communication link via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; and receiving a verification signal at the mobile communication device over the wireless communication link from the smart card, upon determination that user authentication information obtained by decrypting, using a private key corresponding to the public key, the encrypted user authentication information thus transmitted, matches predetermined authentication information, wherein the private key and the predetermined authentication information are stored in secure memory in the smart card.
-
-
20. A computer program product comprising a non-transitory computer-readable medium comprising code which, when executed, causes a mobile communication device to carry out the method of:
-
transmitting, from a smart card to a mobile communication device via a smart card reader communicating with the mobile communication device over a wireless communication link, a challenge comprising a public key; receiving, at the smart card from the mobile communication device via the smart card reader, a response to the challenge, the response comprising user authentication information encrypted using the challenge; decrypting the user authentication information thus encrypted using a private key corresponding to the public key; and transmitting a verification signal from the smart card to the mobile communication device via the smart card reader upon determination that user authentication information thus decrypted matches predetermined authentication information stored at the smart card.
-
Specification