Secure Transaction Systems and Methods

US 20140282974A1
Filed: 03/12/2014
Published: 09/18/2014
Est. Priority Date: 03/12/2013
Status: Active Grant

First Claim

Patent Images

1. A method performed by a trusted system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed, cause the system to perform the method, the method comprising:

receiving, at an interface of the trusted system from an authentication device, a first challenge response generated by a secure tag;

generating, based on challenge information and secret information stored by the trusted system, a second challenge response;

comparing the first challenge response with the second challenge response;

determining that the first challenge response and the second challenge response match; and

sending, via the interface of the trusted system to the authentication device, a response authenticating the secure tag.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described that use tag authentication and presence verification techniques in connection with a variety of transactions. In certain embodiments, an authentication device may verify the authenticity of a secure tag by determining whether the secure tag stores secret information provisioned by a trusted authority. In some embodiments, such an authentication process may be performed without exposing the secret information to the authentication device, thereby maintaining integrity of the secure tag. In other embodiments, insecure tags and/or tags that do not include secret information are used.

86 Citations

View as Search Results

13 Claims

1. A method performed by a trusted system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed, cause the system to perform the method, the method comprising:
- receiving, at an interface of the trusted system from an authentication device, a first challenge response generated by a secure tag;
  
  generating, based on challenge information and secret information stored by the trusted system, a second challenge response;
  
  comparing the first challenge response with the second challenge response;
  
  determining that the first challenge response and the second challenge response match; and
  
  sending, via the interface of the trusted system to the authentication device, a response authenticating the secure tag.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the method further comprises:
    - generating the challenge information; and
      
      sending, via the interface of the trusted system, the challenge information to the authentication device.
  - 3. The method of claim 1, wherein the method further comprises:
    - receiving, at an interface of the trusted system from the authentication device, the challenge information.
  - 4. The method of claim 1, wherein the challenge information comprises a randomly generated value.
  - 5. The method of claim 1, wherein the challenge information comprises a cryptographic nonce.
  - 6. The method of claim 1, wherein the secure tag comprises a secure near field communication (“
    - NFC”
      
      ) tag.
  - 7. The method of claim 1, wherein generating the second challenge response comprises:
    - computing a result of a cryptographic function based on the challenge information and the secret information stored by the trusted system.
  - 8. The method of claim 7, wherein the cryptographic function comprises digitally signing the challenge information with the secret information stored by the trusted system.
  - 9. The method of claim 7, wherein the cryptographic function comprises hashing the challenge information based on the secret information stored by the trusted system.
  - 10. The method of claim 1, wherein the secret information comprises a secret key.
  - 11. The method of claim 1, wherein generating the second challenge response further comprises:
    - retrieving, using identification information associated with the secure tag included in the first challenge response, the secret information stored by the trusted system,wherein the secret information stored by the trusted system is associated with the secure tag.
  - 12. The method of claim 1, wherein the response authenticating the secure tag further comprises information relating to a product associated with the secure tag.
  - 13. The method of claim 12, wherein the information relating to the product is retrieved by the trusted system based on identification information associated with the secure tag included in the first challenge response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
MAHER, David P., CHAVANNE, Pierre, NAGAO, Yutaka, MANENTE, Michael

Granted Patent

US 9,807,069 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

H04L 2209/466   Electronic auction

H04L 63/0492   by using a location-limited...

H04L 63/08   for authentication of entit...

H04L 9/3271   using challenge-response

Secure Transaction Systems and Methods

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

86 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Transaction Systems and Methods

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links