User authentication method and apparatus

US 5,668,876 A
Filed: 06/24/1994
Issued: 09/16/1997
Est. Priority Date: 06/24/1994
Status: Expired due to Term

First Claim

Patent Images

1. A method for authenticating a prospective user of an electronic service associated with a service node, the user having a personal unit, said method comprising the steps of:

transmitting a challenge code generated from an authentication center, which is either separate from or integral in the service node, over a network that is independent of the type of electronic service being selected;

receiving said challenge code in said personal unit;

generating, in said personal unit, a response code based on an algorithm having at least said challenge code and a user input as variables;

generating, in said personal unit, an output code comprising said response code for either transmission from the personal unit to the authentication center or input to a terminal, said terminal being linked to said electronic service;

comparing by the authentication center or the service node said response code with an expected response code; and

permitting access to said electronic service only when a result of said comparison step is accepted.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authorization for a user to use a service is provided by a modified pager which calculates a unique response code to a transmitted challenge code based on the challenge code, an input personal identification number, and an internal key. The response code is input to a simple terminal, such as a telephone and if the unique response code is acceptable, the user may access the desired service, such as cashless transactions or long distance phone service.

Citations

37 Claims

1. A method for authenticating a prospective user of an electronic service associated with a service node, the user having a personal unit, said method comprising the steps of:
- transmitting a challenge code generated from an authentication center, which is either separate from or integral in the service node, over a network that is independent of the type of electronic service being selected;
  
  receiving said challenge code in said personal unit;
  
  generating, in said personal unit, a response code based on an algorithm having at least said challenge code and a user input as variables;
  
  generating, in said personal unit, an output code comprising said response code for either transmission from the personal unit to the authentication center or input to a terminal, said terminal being linked to said electronic service;
  
  comparing by the authentication center or the service node said response code with an expected response code; and
  
  permitting access to said electronic service only when a result of said comparison step is accepted.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method according to claim 1, further comprising the step of:
    - requesting access to said electronic service before said challenge code is received, wherein said challenge code is transmitted and received in response to said access request.
  - 3. A method according to claim 1, further comprising the steps of:
    - storing one or more received challenge codes in said personal unit; and
      
      requesting access to said electronic service after said challenge code is received and stored, wherein said algorithm uses at least one of said stored challenge codes and a user input as variables in generating a response code.
  - 4. A method according to claim 1, further comprising the steps of:
    - receiving said user input through a keypad.
  - 5. A method according to claim 1, further comprising the steps of:
    - receiving said user input through a character recognition device.

6. A personal unit comprising:
- a receiver for receiving a challenge code;
  
  an input means for inputting a user input;
  
  a response code generating means, linked to said receiver and said input means, for generating a response code in accordance with a received challenge code and a user input;
  
  an output means for generating an output code comprising said response code for input to a terminal connected to an external electronic service, said personal unit being physically separate from said terminal and said terminal being at the location of the user.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 7. A personal unit according to claim 6, wherein said receiver includes a radio wave receiver.
  - 8. A personal unit according to claim 7, wherein said receiver includes conventional pager circuitry.
  - 9. A personal unit according to claim 6, wherein said user input is a personal identification number.
  - 10. A personal unit according to claim 6, wherein said input means includes a keypad.
  - 11. A persona/unit according to claim 6, wherein said input means includes a character recognition device.
  - 12. A personal unit according to claim 6, wherein said output means includes a display.
  - 13. A personal unit according to claim 6, wherein said output means includes an acoustic generator.
  - 14. A personal unit according to claim 13, wherein said acoustic generator includes a dual tone multi-frequency generator.
  - 15. A personal unit according to claim 6, wherein said output means includes an optical generator.
  - 16. A personal unit according to claim 15, wherein said optical generator includes at least one of a infrared generator, a visible light generator, and a ultraviolet light generator.
  - 17. A personal unit according to claim 6, wherein said output means includes at least one electrically inductive coupler.
  - 18. A personal unit according to claim 17, wherein said at least one electrically inductive coupler includes at least one induction coils.
  - 19. A personal unit according to claim 6, wherein said output means includes a radio transmitter.
  - 20. A personal unit according to claim 6, wherein said response code generator means calculates a response code in accordance with an algorithm wherein said received challenge code, said user input and a secret key stored in said personal unit are variables in the algorithm.
  - 21. A personal unit according to claim 6, further comprising:
    - means for storing one or more received challenge codes in said personal unit, wherein said response code generating means generates a response code after said challenge code is received and stored, and wherein an algorithm uses at least one of said stored challenge codes and a user input as variables in generating a response code.

22. A system for granting access to an electronic service, comprising:
- a personal unit for receiving a challenge code, for receiving a user input, and generating a response code according to a received challenge code and said user input;
  
  a terminal linked to an authentication center, said terminal receiving said response code; and
  
  a network independent of said electronic service for sending said challenge code when access to a service is attempted;
  
  said network interconnectingcomparing means for comparing said response code generated by said personal unit to an expected response code andpermitting means for permitting access to said service only when a result of said comparison of said response code generated by said personal unit to said expected response code is accepted.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 23. A system according to claim 22, wherein said network comprises:
    - a service access network for transmitting a request to access a service;
      
      an authentication challenge network, linked to said authentication center, for transmitting said challenge code to said personal unit,said system further comprising;
      
      at least one service node for providing a service including exchanging service data with a user through said service access network and for receiving said request to access a service causing the authentication center to generate a challenge code in response to said request to access a service.
  - 24. A system according to claim 23, wherein said service access network further comprises means for transmitting said response code to said comparing means.
  - 25. A system according to claim 24, wherein said comparing means is located in said authentication center.
  - 26. A system according to claim 24, wherein said comparing means is located in said at least one service node.
  - 27. A system according to claim 23, wherein said authentication challenge network further comprises means for transmitting said response code to said comparing means.
  - 28. A system according to claim 27, wherein said comparing means is located in said authentication center.
  - 29. A system according to claim 27, wherein said comparing means is located in said at least one service node.
  - 30. A system according to claim 23, wherein said service access network includes a land-line telephone system.
  - 31. A system according to claim 23, wherein said service node offers one or more services selected from the following group of services:
    - banking services, credit card services, automatic teller machine services, account information services, general information services, security services, and long distance telephone services.
  - 32. A system according to claim 23, wherein said authentication challenge network includes a radio transmitter.
  - 33. A system according to claim 23, wherein said authentication challenge network includes a cellular telephone network.
  - 34. A system according to claim 23, wherein said authentication challenge network includes a pager network.
  - 35. A system according to claim 22, wherein said response code is generated according to an algorithm stored in said personal unit.
  - 36. A system according to claim 22, wherein said personal unit generates said response code according to said received challenge code, said user input and a secret key stored in said personal unit.
  - 37. A system according to claim 22, wherein said personal unit further comprises:
    - means for storing one or more received challenge codes in said personal unit, wherein said response code is generated after said challenge code is received and stored, and wherein an algorithm uses at least one of said stored challenge codes and a user input as variables in generating a response code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Jonsson, Bjorn Erik Rutget, Falk, Johan Per
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/264,939
Time in Patent Office

1,180 Days
Field of Search

380/4, 380/23, 380/24, 380/25, 380/28, 380/30, 380/49, 235/379, 235/380, 340/825.31, 340/825.34
US Class Current

380/271
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/43   wireless channels

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

G06Q 20/02   involving a neutral party, ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/363   with the personal data of a...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4097   using mutual authentication...

G06Q 20/425   using two different network...

G07F 7/0866   by active credit-cards adap...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 9/3226   using a predetermined code,...

H04L 9/3271 : using challenge-response

H04W 12/06 : Authentication

View All

User authentication method and apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication method and apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links