System and Method for Securing a Credential via User and Server Verification
First Claim
1. A method for securing a credential during an attempt to access a network service, comprising:
- transferring a credential from an authentication token to a secure processor using near field communication (NFC);
storing the credential in the secure processor;
authenticating an identity of an individual presenting the authentication token;
cryptographically authenticating a server associated with the network service; and
releasing the credential to the server if the identity of the individual is successfully authenticated and the server is successfully authenticated.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for securing a credential generated by or stored in an authentication token during an attempt to access a service, application, or resource are provided. A secure processor receives a credential from an authentication token and securely stores the credential. The secure processor then verifies the identity of the individual attempting to use the authentication token and cryptographically verifies the identity of the server being accessed. The credential is only released for transmission to the server if both the identity of the individual and the identity of the server are successfully verified. Alternatively, a secure connection is established between the secure processor and the server being accessed and a secure connection is established between the secure processor and a computing device. The establishment of the secure connections verifies the identity of the server. After the secure connections are established, the identity of the user is verified.
-
Citations
20 Claims
-
1. A method for securing a credential during an attempt to access a network service, comprising:
-
transferring a credential from an authentication token to a secure processor using near field communication (NFC); storing the credential in the secure processor; authenticating an identity of an individual presenting the authentication token; cryptographically authenticating a server associated with the network service; and releasing the credential to the server if the identity of the individual is successfully authenticated and the server is successfully authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securing a credential during an attempt to access a network service, comprising:
-
establishing a secure connection between the secure processor and a computing device; receiving, in the secure processor, a credential from an authentication token via near field communication (NFC); receiving, in the secure processor, authentication data for an individual from the computing device via the secure connection, and verifying, in the secure processor, the identity of the individual and cryptographically verifying a server hosting the network service prior to releasing the credential for transmission to the server. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system for securing a credential during an attempt to access a network service, comprising:
-
a secure processor configured to; receive a credential from an authentication token using near field communication (NFC), authenticate an identity of an individual presenting the authentication token, cryptographically authenticate a server associated with the network service, and release the credential to the server if the identity of the individual is successfully authenticated and the server is successfully authenticated; and a secure memory configured to store the credential. - View Dependent Claims (17, 18, 19, 20)
-
Specification