Secure transaction system and method utilized therein

US 5,267,314 A
Filed: 11/17/1992
Issued: 11/30/1993
Est. Priority Date: 11/17/1992
Status: Expired due to Fees

First Claim

Patent Images

1. In a system comprising a first storage means addressable using a secret predetermined address and party information associated with a party and stored in the first storage means, the party information comprising first coded authentication information previously generated by using a personal identification number (PIN) associated with the party, a method for authenticating the party comprising the steps of:

(a) receiving a (PIN) from the party to be authenticated;

(b) addressing the first storage means using the secret predetermined address to locate the party information and to retrieve the first coded authentication information;

(c) generating second coded authentication information using the received PIN;

(d) comparing at least part of the retrieved first coded authentication information to at least part of the generated second coded authentication information; and

(e) authenticating the party if said at least part of the retrieved first coded authentication information corresponds to said at least part of the generated second coded authentication information;

wherein the step of addressing the first storage means comprises the steps of;

(1) accessing a second storage means using a non-secret predetermined address to locate and to retrieve a coded address previously stored in the second storage means, the coded address having been previously generated by coding the secret predetermined address of the first storage means using the PIN;

(2) uncoding the coded address using the received PIN to generate the secret predetermined address; and

(3) accessing the first storage means using the generated secret predetermined address to retrieve the first coded authentication information.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transaction system is disclosed wherein, when a transaction, document or thing needs to be authenticated, information associated with one or more of the parties involved is coded together to produce a joint code. This joint code is then utilized to code information relevant to the transaction, document or record, in order to produce a variable authentication number (VAN) at the initiation of the transaction. This VAN is thereafter associated with the transaction and is recorded on the document or thing, along with the original information that was coded. During subsequent stages of the transaction, only parties capable of reconstructing the joint code will be able to uncode the VAN properly in order to re-derive the information. The joint code serves to authenticate the parties, and the comparison of the re-derived information against the information recorded on the document serves to authenticate the accuracy of that information.

Citations

22 Claims

1. In a system comprising a first storage means addressable using a secret predetermined address and party information associated with a party and stored in the first storage means, the party information comprising first coded authentication information previously generated by using a personal identification number (PIN) associated with the party, a method for authenticating the party comprising the steps of:
- (a) receiving a (PIN) from the party to be authenticated;
  
  (b) addressing the first storage means using the secret predetermined address to locate the party information and to retrieve the first coded authentication information;
  
  (c) generating second coded authentication information using the received PIN;
  
  (d) comparing at least part of the retrieved first coded authentication information to at least part of the generated second coded authentication information; and
  
  (e) authenticating the party if said at least part of the retrieved first coded authentication information corresponds to said at least part of the generated second coded authentication information;
  
  wherein the step of addressing the first storage means comprises the steps of;
  
  (1) accessing a second storage means using a non-secret predetermined address to locate and to retrieve a coded address previously stored in the second storage means, the coded address having been previously generated by coding the secret predetermined address of the first storage means using the PIN;
  
  (2) uncoding the coded address using the received PIN to generate the secret predetermined address; and
  
  (3) accessing the first storage means using the generated secret predetermined address to retrieve the first coded authentication information.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the coded address is extracted from a storage means which is in the possession of the party.
  - 3. The method of claim 1, wherein the first storage means is a part of a memory and wherein, prior to use of the memory, pseudo information is stored in the memory, thereby making unused portions of the memory indistinguishable from the first storage means.
  - 4. The method of claim 1, wherein the party information also comprises secret information associated with the party.

5. A method for enrolling and authenticating a party, comprising the steps of:
- receiving a personal identification number (PIN) from the party;
  
  generating coded authentication information using the received PIN;
  
  generating first and second numbers such that the coded authentication information is derivable from the first and second numbers, the first number being secret and the second number being non-secret;
  
  storing information comprising the secret number in a first storage means addressable using a predetermined secret address;
  
  generating a coded secret address using at least part of the predetermined secret address and the received PIN; and
  
  storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 6. The method of claim 5, wherein the step of storing the information comprising the secret number in the first storage means comprises the steps of:
    - coding the information comprising the secret number using non-secret information associated with the party to generate coded information; and
      
      storing the coded information in the first storage means.
  - 7. The method of claim 6, wherein the non-secret information associated with the party is the coded secret address.
  - 8. The method of claim 5, further comprising the steps of:
    - receiving a second PIN from a party to be authenticated;
      
      generating at a first site second coded authentication information using the received second PIN;
      
      addressing the second storage means using the predetermined non-secret address to locate and retrieve the coded secret address and the non-secret number;
      
      generating at the first site a first coded number using the second coded authentication information and the coded secret address;
      
      generating the predetermined secret address using at least the received second PIN and the retrieved coded secret address;
      
      transmitting at least the first coded number and the predetermined secret address from the first site to a second site;
      
      addressing the first storage means using the generated predetermined secret address to locate and retrieve the secret number;
      
      deriving at the second site the first coded authentication information using the retrieved non-secret number and the retrieved secret number;
      
      generating at the second site a second coded number using the derived first coded authentication information and the coded secret address; and
      
      authenticating the party to be authenticated if the first coded number corresponds to the second coded number.
  - 9. The method of claim 8, further comprising the step of generating at the first site an anti-duplication variable authentication number (ADVAN) by coding at least a transmission date and time with the second coded authentication information, the transmitting step comprising the step of transmitting the first coded number, the predetermined secret address, and the ADVAN from the first site to the second site via an unsecured communication medium.
  - 10. The method of claim 9, further comprising the steps of:
    - uncoding the ADVAN at the second site using the derived first coded authentication information to regenerate the transmission date and time; and
      
      further authenticating the party to be authenticated if the regenerated transmission date and time correspond to a reception date and time.
  - 11. The method of claim 8, wherein a first semi-random number is generated at the first site using a first counter, and further comprising the step of coding the first semi-random number to generate a coded first semi-random number, and wherein the transmitting step comprises transmitting the first coded number, the predetermined secret address, and the coded first semi-random number from the first site to the second site via an unsecured communication medium.
  - 12. The method of claim 11, further comprising the steps of:
    - uncoding the coded first semi-random number at the second site to regenerate the first semi-random number;
      
      generating at the second site a second semi-random number using a second counter which is generally synchronized with the first counter; and
      
      further authenticating the party to be authenticated if the regenerated first semi-random number corresponds to the second semi-random number.
  - 13. The method of claim 8, wherein the predetermined secret address comprises one or more components combinable to form the predetermined secret address, the step of generating the coded secret address comprising the step of coding one of the components of the predetermined secret address using the received first PIN to generate the coded secret address.
  - 14. The method of claim 13, wherein the step of generating the predetermined secret address comprises the steps of:
    - uncoding the retrieved coded secret address using the received second PIN to generate said one of the components of the predetermined secret address; and
      
      generating the predetermined secret address by combining the generated said one of the components with the other components of the predetermined secret address.

15. A method for authenticating a party and for authorizing access to a storage means associated with the party, the storage means being addressable using a secret predetermined address, the method comprising the steps of:
- receiving a personal identification number (PIN) from a party to be authenticated;
  
  generating coded authentication information using the PIN, the coded authentication information being derivable from a secret number previously stored in the storage means and a non-secret number previously stored in a storage medium in possession of the party;
  
  retrieving from the storage medium at least a coded address and the non-secret number, the coded address having been previously generated by coding at least a portion of the secret predetermined address using the coded authentication information;
  
  generating said at least a portion of the secret predetermined address by uncoding the coded address using the coded authentication information;
  
  transmitting at least the generated said at least a portion of the secret predetermined address and the retrieved non-secret number from a first site to a second site over a communication link;
  
  generating at the second site the secret predetermined address using the transmitted said at least a portion of the secret predetermined address;
  
  addressing the storage means using the generated secret predetermined address to retrieve the secret number;
  
  deriving the coded authentication information using the retrieved secret number and the transmitted non-secret number; and
  
  authenticating the party and authorizing further access to the storage means by using at least the derived coded authentication information.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, further comprising the steps of:
    - retrieving from the storage medium a first transaction sequence number (TSN) previously stored therein;
      
      generating a first anti-duplication variable authentication number (ADVAN) by coding the first TSN with the coded authentication information;
      
      transmitting the first ADVAN from the first site to the second site over the communication link;
      
      addressing the storage means using the generated secret predetermined address to retrieve a second TSN previously stored therein;
      
      generating a second ADVAN by coding the second TSN with the derived coded authentication information; and
      
      authenticating the party and authorizing further access to the storage means if the second ADVAN corresponds to the first ADVAN;
      
      wherein the first and second TSNs are modified after each transaction, such that fraudulent receipt and use of messages over the communication link and fraudulent duplication of the storage medium are prevented.
  - 17. The method of claim 15, further comprising the steps of retrieving agency identification information from the storage medium and transmitting the agency identification information from the first site to the second site over the communication link, wherein the step of generating at the second site the secret predetermined address comprises the steps of using the agency identification information to retrieve other portions of the secret predetermined address and combining the transmitted said at least a portion of the secret predetermined address with the other portions to form the secret predetermined address.
  - 18. The method of claim 15, further comprising the step of revising the TSN, the secret number, and/or the coded address.
  - 19. The method of claim 15, wherein the communication link is unsecured.

20. A system for authenticating a party comprising:
- means for receiving a personal identification number (PIN) from the party;
  
  means for generating coded authentication information using the received PIN;
  
  means for generating first and second numbers such that the coded authentication information is derivable from the first and second numbers, the first number being secret and the second number being non-secret;
  
  means for storing the secret number in a first storage means addressable using a predetermined secret address;
  
  means for generating a coded secret address using at least a part of the predetermined secret address and the received PIN; and
  
  means for storing the coded secret address and the non-secret number in a second storage means addressable using a predetermined non-secret address.
- View Dependent Claims (21)
- - 21. The system of claim 20, wherein the second storage means is a storage medium in the possession of the party.

22. In a system comprising a storage means addressable using a secret predetermined address and a first coded number previously stored in the storage means and derivable from the secret predetermined address and a coded address generated by coding the secret predetermined address with first coded authentication information associated with a party to be authenticated, a method for authenticating the party comprising the steps of:
- receiving a PIN from the party to be authenticated;
  
  generating second coded authentication information using the received PIN;
  
  deriving the secret predetermined address by uncoding the coded address using the second coded authentication information;
  
  generating a second coded number by coding the derived secret predetermined address with the coded address;
  
  using the derived secret predetermined address to access the storage means and retrieve the first coded number; and
  
  authenticating the party if the retrieved first coded number corresponds to the generated second coded number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Leon Stambler
Original Assignee
Leon Stambler
Inventors
Stambler, Leon
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US07/977,385
Time in Patent Office

378 Days
Field of Search

380/23, 380/24, 380/25, 380/4
US Class Current

713/176
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/347   Passive cards

G06Q 20/3821   Electronic credentials

G06Q 20/385   using an alias or single-us...

G06Q 20/401   Transaction verification

G07F 7/08   by coded identity card or c...

G07F 7/10   together with a coded signa...

G07F 7/1016   Devices or methods for secu...

G07F 7/1066   PIN data being compared to ...

G07F 7/12   Card verification

G07F 7/125   Offline card verification

G16H 20/10   relating to drugs or medica...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3226   using a predetermined code,...

Secure transaction system and method utilized therein

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure transaction system and method utilized therein

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links