×

DATA CERTIFICATION METHOD AND SYSTEM

  • US 20120311321A1
  • Filed: 11/16/2011
  • Published: 12/06/2012
  • Est. Priority Date: 08/10/2001
  • Status: Active Grant
First Claim
Patent Images

1. A method of certifying electronic data supplied by a user, the method comprising:

  • receiving the data to be certified at a certifying apparatus from a source device;

    sending a request for user authentication to an authentication server via a secure tunnel from tamper resistant hardware of said certifying apparatus to tamper resistant hardware of said authentication server, wherein said secure tunnel comprises an encrypted and authenticated communication link;

    sending a user identification data request in the form of a challenge from the authentication server to said user;

    receiving a response to the user identification data request from said user at said certifying apparatus, said response being a one-time password which is an encryption of said challenge with an individual key held on a secure token, wherein said secure token shares said individual key with said authentication server and wherein said secure token is possessed by said user;

    is receiving a derived version of said one-time password from said authentication server via the secure tunnel at said certifying apparatus to validate said user;

    validating the user by comparing the one-time password which is the response to the user identification data request with the derived version of said one-time password;

    certifying the electronic data supplied by the user at the certifying apparatus with one or more elements of information secure to the certifying apparatus, said elements being unique to the user; and

    outputting the data so certified from the certifying apparatus, for passing to a recipient device;

    wherein the elements of secure information certify that the supplier of the data is the user.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×