Method and device for making an electronic authentication
First Claim
1. A method of remotely electronically authorizing a one time transaction, initiated by a user comprising the steps of:
- inputting by the user of a PIN number to a remote device via a PIN key of the remote device;
processing the PIN number in the remote device to obtain a pseudo random SPIN number;
transmitting the SPIN number to a central checking device;
checking the SPIN number in a chip in the central checking device to identify the user and authorize the user if the user is authorized;
generating a one-time pseudo random transaction number via a TAN key of the remote device;
transmitting the one-time pseudo-random transaction number to the central checking device; and
checking the one-time pseudo-random transaction number in the chip in the central checking device to authorize the transaction if the user is identified as authorized during said step of checking the SPIN number.
2 Assignments
0 Petitions
Accused Products
Abstract
Operating procedure and device for the electronically authorized determination of an individual matter and for obtaining, in a reliably differentiating manner which is secure against forgery, the remotely authorized, individual authentication of a transaction requiring an authentication from an authorized person. The entire system is composed of two hardware components, an AIDA box which can be a pocket calculator equipped with special function keys, and an AIDA module which is a dual processor system with insertable AIDA cards containing special chips. By putting a personal identification number into the AIDA box and through the intermediary physical action on the chip, an identification number is calculated with the aid of an algorithm and displayed. An electronic signature is calculated and displayed by putting in the information to be authenticated. After transmission over a communications system, the calculated values are checked in the AIDA module.
107 Citations
26 Claims
-
1. A method of remotely electronically authorizing a one time transaction, initiated by a user comprising the steps of:
-
inputting by the user of a PIN number to a remote device via a PIN key of the remote device; processing the PIN number in the remote device to obtain a pseudo random SPIN number; transmitting the SPIN number to a central checking device; checking the SPIN number in a chip in the central checking device to identify the user and authorize the user if the user is authorized; generating a one-time pseudo random transaction number via a TAN key of the remote device; transmitting the one-time pseudo-random transaction number to the central checking device; and checking the one-time pseudo-random transaction number in the chip in the central checking device to authorize the transaction if the user is identified as authorized during said step of checking the SPIN number. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of remotely electronically authorizing a transaction initiated by a user, comprising the steps of:
-
inputting a PIN number to a remote device via a PIN key of the remote device; processing the PIN number in the remote device to obtain a pseudo random SPIN number; transmitting the SPIN number to a central checking device; checking the SPIN number in the central checking device to identify the user and authorize the user if the user is authorized; depressing an AUT key of the remote device and inputting transaction data into the remote device; processing the transaction data in the remote device to obtain a first further pseudo random number out of the transaction data and uniquely identifying the transaction; transmitting the transaction data and first further pseudo random number to the central checking device; and checking the first further pseudo random number in the central checking device by calculating a second further pseudo random number out of the transaction data and comparing the first and second further pseudo random numbers to authorize the transaction if the user is identified as authorized during said step of checking the SPIN number. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method of identifying a user of a terminal with respect to a central unit having a computer and a data memory, including the steps of
inputting a PIN to a calculator device which is independent of the terminal; -
encoding the PIN in the calculator device according to a certain algorithm to obtain a pseudo random SPIN unique to the particular user of the terminal; feeding the SPIN into the terminal; transmitting the SPIN from the terminal to the central unit; decoding the SPIN in the central unit according the certain algorithm; checking the decoded SPIN in a module associated with the central unit to identify the user; granting access to the identified user of the central unit if the central unit identifies the user as being authorized during said step of checking; replacing the PIN by a new PIN by inputting the new PIN into the calculator device following the step of granting access; encoding the new PIN in the calculator device to obtain a new SPIN; feeding the new SPIN into the terminal; transmitting the new SPIN from the terminal to the central unit; decoding the new SPIN in the central unit; and recording the decoded SPIN and thereby the new PIN in a module in the central unit. - View Dependent Claims (12, 13)
-
-
14. A method of performing a transaction, comprising the steps of:
-
inputting a PIN to a calculator device which is independent of the terminal; encoding the PIN in the calculator device according to a certain algorithm to obtain a pseudo random SPIN unique to the particular user of the terminal; feeding the SPIN into the terminal; transmitting the SPIN from the terminal to the central unit; decoding the SPIN in the central unit according the certain algorithm; checking the decoded SPIN in a module associated with the central unit to identify the user; granting access to the identified user of the central unit if the central unit identifies the user as being authorized during said step of checking; after the step of granting access to the identified user of the central unit, generating a number in the calculator device which includes the SPIN; and inputting the number into the terminal, the number being employed as a transaction number. - View Dependent Claims (15)
-
-
16. A method of performing a transaction resulting in a transfer of funds, comprising the steps of:
-
inputting a PIN to a calculator device which is independent of the terminal; encoding the PIN in the calculator device according to a certain algorithm to obtain a pseudo random SPIN unique to the particular user of the terminal; feeding the SPIN into the terminal; transmitting the SPIN from the terminal to the central unit; decoding the SPIN in the central unit according the certain algorithm; checking the decoded SPIN in a module associated with the central unit to identify the user; granting access to the identified user of the central unit if the central unit identifies the user as being authorized during said step of checking; calculating an authenticator from a receiver'"'"'s account number and an amount of funds to be transferred, in the calculator device; inputting the authenticator, account number and amount into the terminal; transmitting the authenticator, account number and amount from the terminal to the central unit; checking the authenticator in a module associated with the central unit to authenticate the transaction; transferring the funds if the transaction is authenticated during the step of checking. - View Dependent Claims (17, 18)
-
-
19. A system for performing a transaction, the system comprising:
-
a terminal; a central unit, connected with said terminal and including a computer and an associated module having a data memory; and a pocket calculator, independent of said terminal, for use by a user, said calculator including means for inputting thereinto a PIN and transaction data to be transmitted, for encoding the PIN to obtain a SPIN, for processing the transaction data therein to obtain a AUT number encoding the transaction data and uniquely identifying the transaction, and for generating a one-time TAN number, according to a certain algorithm; said terminal having means for inputting thereto and transmitting to the central unit the SPIN, the TAN number, the transaction data and the AUT number; said central unit having central means for decoding the SPIN and checking the decoded SPIN against PIN numbers stored therein to authorize the user, and for decoding and checking a selected one of the TAN number and the AUT number, after the decoded SPIN has been checked and the user authorized;
decoding of the AUT number serving to check the transaction data and authorize the transaction, checking of the TAN number authorizing a transaction to follow, said central means performing the decoding according to an algorithm the same as the certain algorithm performed in said pocket calculator.
-
-
20. A system for remotely electronically authorizing a transaction, comprising:
-
a portable calculator device having a numerical field, a display, a plurality of numerical keys associated with the numerical field, additional function keys including a PIN key, a TAN key, means for inputting a PIN number into said calculator device via said numerical keys upon contacting said PIN key, means for encoding the PIN number in calculator device to obtain a pseudo random SPIN number according to a certain algorithm, means, responsive to contacting said TAN key for generating a pseudo-random one-time transaction number according to the certain algorithm, means for displaying the SPIN number and the transaction number on said display, and electrical contacts; a module device disposable at a central checking location, including central means for checking the SPIN number when received thereby to authenticate the PIN number, for checking the transaction number when received thereby to authenticate a transaction to follow, and for granting access to a central computer device at the location when the PIN number and the transaction number have been authenticated, said central means including means for decoding the SPIN number according to the certain algorithm and processing the transaction number according to the certain algorithm; and means, connectable to said calculator device at said electrical contacts to receive numerical data, including the SPIN number and the transaction number, from the calculator device, for transmitting the numerical data to said module device, said transmitting means having means for manually inputting the numerical data thereinto for transmission to said module device. - View Dependent Claims (21)
-
-
22. An apparatus for remotely electronically authorizing a one-time transaction initiated by a user, comprising:
-
a remote device having means, including a PIN key for inputting by the user of PIN number via the PIN key to the remote device, said remote device including means for processing the PIN number to obtain a pseudo random SPIN number; a central checking device; and means for transmitting the SPIN number to said central checking device, said central checking device including a chip and means for checking the SPIN in said chip to identify the user and authorize the user if the user is authorized; said remote device including a TAN key and means for generating a one-time pseudo random transaction number via said TAN key; said transmitting means including means for transmitting the one-time pseudo-random transaction number to said central checking device; and said central checking device including means for checking the one-time pseudo-random transaction number in said chip to authorize the transaction if the user is identified as authorized by said checking device. - View Dependent Claims (23, 24, 25)
-
-
26. A system for remotely electronically authorizing a transaction initiated by a user, comprising:
-
a remote device having a PIN key, means for inputting a PIN number via said PIN key, and means for processing the PIN number in said remote device to obtain a pseudo-random SPIN number; a central checking device having means for checking the SPIN number to identify the user and authorize the user if the user is authorized; and means for transmitting the SPIN number to said central checking device; said remote device further comprising means for inputting transaction data thereto, an AUT key, and means responsive to depression of the AUT key and inputting of the transaction data for processing the transaction data to obtain a first further pseudo-random number out of the transaction data and uniquely identify the transaction; said transmitting means including means for transmitting the transaction data and the first further pseudo-random number to said central checking device; said central checking device further comprising means for checking the first further pseudo-random number by calculating a second further pseudo-random number out of the transaction data and comparing the first and second pseudo-random numbers to authorize the transaction if the user is identified as authorized upon checking of the SPIN number by said central checking device; said remote device having a numerical field, a display, a plurality of keys associated with the numerical field and additional functional keys, the additional function keys including a Kto key, and means, responsive to depression of said Kto key for displaying an account number on said display.
-
Specification