TOKEN MANAGEMENT

US 20130145173A1
Filed: 12/06/2011
Published: 06/06/2013
Est. Priority Date: 12/06/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving a user identifier and one or more encryption keys from a recovery key, the recovery key being associated with a user and enabled to generate replacement tokens;

storing the user identifier and the one or more encryption keys on a replacement token,requesting a passcode from the user;

in response to the request, receiving the passcode from the user; and

upon verification of the passcode, activating the replacement token by updating state information associated with the replacement token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for generating replacement tokens are described herein.

47 Citations

33 Claims

1. A computer-implemented method comprising:
- receiving a user identifier and one or more encryption keys from a recovery key, the recovery key being associated with a user and enabled to generate replacement tokens;
  
  storing the user identifier and the one or more encryption keys on a replacement token,requesting a passcode from the user;
  
  in response to the request, receiving the passcode from the user; and
  
  upon verification of the passcode, activating the replacement token by updating state information associated with the replacement token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein receiving the user identifier and the one or more encryption keys from the recovery key comprises receiving the user identifier and the one or more encryption keys from a memory of the recovery key.
  - 3. The method of claim 1, wherein receiving the user identifier and the one or more encryption keys from the recovery key comprises receiving the user identifier and the one or more encryption keys from a data container identified by an access code that is based in part on a unique identifier associated with the recovery key.
  - 4. The method of claim 1, further comprising:
    - receiving an encryption algorithm identification associated with each of the one or more encryption keys from the recovery key; and
      
      storing the encryption algorithm identification with the user identifier and the one or more encryption keys on the replacement token.
  - 5. The method of claim 1, further comprising:
    - prior to storing the user identifier and the one or more encryption keys on the replacement token, storing the user identifier and the one or more encryption keys in a storage location that is accessible based on a combination of a service provider identifier and a code;
      
      receiving the code from the user;
      
      combining the code with the service provider identifier; and
      
      accessing the stored user identifier and one or more encryption keys from the storage location.
  - 6. The method of claim 5, further comprising storing an encryption algorithm identifier on the replacement token.
  - 7. The method of claim 1, wherein the recovery key is prevented from performing transactions other than those associated with token and passcode management.
  - 8. The method of claim 1, further comprising installing firmware on the token prior to storing the user identifier and the one or more encryption keys on the token.
  - 9. The method of claim 1, further comprising:
    - providing a list of tokens associated with the particular user to the particular user;
      
      receiving a selection of one or more of the tokens from the list of tokens; and
      
      deactivating the selected one or more of the tokens from the list of tokens by updating state information associated with the token.
  - 10. The method of claim 1, further comprising subsequent to activating the token receiving a request from a service provider to authenticate the token and authenticating the token to enable the user and the service provider to perform a transaction.
  - 11. The method of claim 1, wherein the token comprises an electronic device configured to connect to the Internet.
  - 12. The method of claim 1, wherein the token comprises an electronic device configured to connect to a network via a host device.
  - 13. The method of claim 1, wherein the token comprises an electronic device configured to connect to the Internet via a contactless interface.
  - 14. The method of claim 1, wherein the token comprises an electronic device configured to connect to the Internet via a contact-based interface.
  - 15. The method of claim 1, wherein updating the state of the token comprises accessing a look-up table indexed by token identifiers and modifying the state of the token in the look-up table.
  - 16. The method of claim 1, wherein updating the state of the token comprises modifying a state of the token in a data container accessible based on an access code generated based on a combination of the token identifier and a service provider identifier.
  - 17. The method of claim 1, further comprising subsequent to activating the token to authenticating the user based on presentation of the token.

18. A computer program product tangibly embodied in a computer readable medium comprising instructions that, when executed by a processing device, cause the processing device to:
- receive a user identifier and one or more encryption keys from a recovery key, the recovery key being associated with a user and enabled to generate replacement tokens;
  
  store the user identifier and the one or more encryption keys on a replacement token,request a passcode from the user;
  
  in response to the request, receiving the passcode from the user; and
  
  upon verification of the passcode, activate the replacement token by updating state information associated with the replacement token.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The computer program product of claim 18, wherein the instructions to receive the user identifier and the one or more encryption keys from the recovery key comprises instructions to receive the user identifier and the one or more encryption keys from a memory of the recovery key.
  - 20. The computer program product of claim 18, wherein instructions to receive the user identifier and the one or more encryption keys from the recovery key comprise instructions to receive the user identifier and the one or more encryption keys from a data container identified by an access code that is based in part on a unique identifier associated with the recovery key.
  - 21. The computer program product of claim 18, further comprising instructions to:
    - receive an encryption algorithm identification associated with each of the one or more encryption keys from the recovery key; and
      
      store the encryption algorithm identification with the user identifier and the one or more encryption keys on the replacement token.
  - 22. The computer program product of claim 18, further comprising instructions to:
    - prior to storing the user identifier and the one or more encryption keys on the replacement token, store the user identifier and the one or more encryption keys in a storage location that is accessible based on a combination of a service provider identifier and a code;
      
      receive the code from the user;
      
      combine the code with the service provider identifier; and
      
      access the stored user identifier and one or more encryption keys from the storage location.
  - 23. The computer program product of claim 22, further comprising instructions to store an encryption algorithm identifier on the replacement token.
  - 24. The computer program product of claim 18, further comprising instructions to prevent the recovery key from performing transactions other than those associated with token and passcode management.
  - 25. The computer program product of claim 18, further comprising instructions to:
    - provide a list of tokens associated with the particular user to the particular user;
      
      receive a selection of one or more of the tokens from the list of tokens; and
      
      deactivate the selected one or more of the tokens from the list of tokens by updating state information associated with the token.

26. A system comprising:
- a processing device; and
  
  a memory comprising instructions that, when executed by the processing device, cause the processing device to;
  
  receive a user identifier and one or more encryption keys from a recovery key, the recovery key being associated with a user and enabled to generate replacement tokens;
  
  store the user identifier and the one or more encryption keys on a replacement token,request a passcode from the user;
  
  in response to the request, receiving the passcode from the user; and
  
  upon verification of the passcode, activate the replacement token by updating state information associated with the replacement token.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The system of claim 26, wherein the instructions to receive the user identifier and the one or more encryption keys from the recovery key comprises instructions to receive the user identifier and the one or more encryption keys from a memory of the recovery key.
  - 28. The system of claim 26, wherein instructions to receive the user identifier and the one or more encryption keys from the recovery key comprise instructions to receive the user identifier and the one or more encryption keys from a data container identified by an access code that is based in part on a unique identifier associated with the recovery key.
  - 29. The system of claim 26, further comprising instructions to:
    - receive an encryption algorithm identification associated with each of the one or more encryption keys from the recovery key; and
      
      store the encryption algorithm identification with the user identifier and the one or more encryption keys on the replacement token.
  - 30. The system of claim 26, further comprising instructions to:
    - prior to storing the user identifier and the one or more encryption keys on the replacement token, store the user identifier and the one or more encryption keys in a storage location that is accessible based on a combination of a service provider identifier and a code;
      
      receive the code from the user;
      
      combine the code with the service provider identifier; and
      
      access the stored user identifier and one or more encryption keys from the storage location.
  - 31. The system of claim 30, further comprising instructions to store an encryption algorithm identifier on the replacement token.
  - 32. The system of claim 26, further comprising instructions to prevent the recovery key from performing transactions other than those associated with token and passcode management.
  - 33. The system of claim 26, further comprising instructions to:
    - provide a list of tokens associated with the particular user to the particular user;
      
      receive a selection of one or more of the tokens from the list of tokens; and
      
      deactivate the selected one or more of the tokens from the list of tokens by updating state information associated with the token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
WwPass Corp.
Original Assignee
WwPass Corp.
Inventors
Shablygin, Eugene, Zakharov, Vasily, Bolotov, Oleg, Scace, Eric

Granted Patent

US 8,555,079 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

G06F 21/34 involving the use of extern...

TOKEN MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

TOKEN MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links