Method and apparatus for personal identification
First Claim
1. In a personal identification system of the type wherein a user is provided with a device generating a unique, time-varying, nonpredictable code, with a nonsecret identifying code and with a secret PIN, the nonpredictable code at a given instant and the PIN being provided to a central verification computer to effect verification;
- apparatus for providing improved security of the PIN comprising;
means for mixing the nonpredictable code generated by the device at a given time with the PIN to generate a combined coded value;
means for separately communicating the nonsecret identifying code and the coded value form said means for mixing to the central verification computer; and
wherein the central verification computer includes means for utilizing the nonsecret identifying code to retrieve the PIN and appropriate nonpredictable code for the individual, means for stripping the PIN from the coded value from said means for communicating, the nonpredictable code remaining after the stripping of the PIN, and means for utilizing the retrieved PIN, and appropriate nonpredictable code, the stripped PIN and remaining nonpredictable code for performing a verification operation.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for providing improved security for a personal identification number (PIN) in a personal identification and verification system of the type wherein a time dependent nonpredictable code is generated at a device in the possession of the individual, which code is unique to the individual and this code is communicated to, and compared with a nonpredictable code generated at, a central verification computer. In this system, the PIN is mixed with the nonpredictable code before transmission of these values to the central verification computer. a nonsecret code is previously transmitted to the central verification computer and is used to retrieve the PIN and the appropriate nonpredictable code for the user. These values are used to strip the PIN from the transmitted nonpredictable code and the stripped PIN and remaining nonpredictable code are compared with the corresponding retrieved values in order to determine verification.
251 Citations
15 Claims
-
1. In a personal identification system of the type wherein a user is provided with a device generating a unique, time-varying, nonpredictable code, with a nonsecret identifying code and with a secret PIN, the nonpredictable code at a given instant and the PIN being provided to a central verification computer to effect verification;
- apparatus for providing improved security of the PIN comprising;
means for mixing the nonpredictable code generated by the device at a given time with the PIN to generate a combined coded value; means for separately communicating the nonsecret identifying code and the coded value form said means for mixing to the central verification computer; and wherein the central verification computer includes means for utilizing the nonsecret identifying code to retrieve the PIN and appropriate nonpredictable code for the individual, means for stripping the PIN from the coded value from said means for communicating, the nonpredictable code remaining after the stripping of the PIN, and means for utilizing the retrieved PIN, and appropriate nonpredictable code, the stripped PIN and remaining nonpredictable code for performing a verification operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- apparatus for providing improved security of the PIN comprising;
-
9. A method for identifying an individual comprising the steps of:
-
utilizing a device int he possession of the individual to generate a unique time-varying, nonpredictable code; mixing the nonpredictable code generated at a given time with a secret PIN for the individual to generate a combined code; and communicating a nonsecret identifying code for the individual and the combined code to a central verification computer; the verification computer utilizing the nonsecret identifying code to retrieve the PIN and appropriate nonpredictable code for the individual, stripping the PIN from the communicated combined code, and utilizing the retrieved PIN and nonpredictable code, the stripped PIN and the remaining nonpredictable code to perform a verification operation. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
Specification