Telephone tone security device
First Claim
1. An encryption device, comprising:
- a) storage means containing a first, public, key;
b) means for accepting a personal identification number (PIN) from a user;
c) means for encrypting the PIN, using the first key; and
d) means for transmitting the encrypted PIN to a receiver, located outside the device.
4 Assignments
0 Petitions
Accused Products
Abstract
An encryption device. A user wishes to identify himself to a remote party, over a telephone line. The remote party provides a Transaction Number, TN, to the user. The TN is given to the encryption device. The user gives the encryption device a Personal Identification Number, PIN. The encryption device generates a random number, combines it with the PIN and TN, to form an Authorization Number, AN, and encrypts the AN into cypher text. The cypher text is transmitted to the remote party, together with the user'"'"'s name. The remote party de-crypts the cypher text, to obtain the TN and PIN. Using the name received from the user, and a table of names, and their associated PINs, the remote party verifies whether the PIN obtained from the AN matches the PIN assigned to the name given by the user. If so, the user'"'"'s identity is considered verified, but without requirement that the user disclose a PIN, in plain text form, over a telephone.
61 Citations
20 Claims
-
1. An encryption device, comprising:
-
a) storage means containing a first, public, key; b) means for accepting a personal identification number (PIN) from a user; c) means for encrypting the PIN, using the first key; and d) means for transmitting the encrypted PIN to a receiver, located outside the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of verifying identity of a person, comprising the following steps:
-
a) receiving cyphertext and a name from the person; b) deriving a derived PIN from the cypher text; c) maintaining a table which indicates PINs which are assigned to respective names; d) ascertaining an assigned PIN which is associated with said name; and e) determining whether the derived PIN matches the assigned PIN.
-
-
10. In a transaction wherein a remote party makes contact with a person who wishes to verify identity of said remote party, the improvement comprising the following steps:
-
a) after said contact is made, making available multiple publicly available keys to the remote party; b) accepting information from the remote party which selects a public key from the multiple keys; and c) transmitting the selected key to the remote party.
-
-
11. An encryption apparatus, comprising:
-
a) first means for accepting a Transaction Number, TN, and a Personal Identification Number, PIN, from a user; b) second means for i) generating a random number; ii) combining the random number with the TN and PIN, to form an Authorization Number, AN; iii) encrypting the AN into cyphertext; and c) third means, for making the cypher text available outside the encryption apparatus. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A device for connection to a telephone which communicates on a telephone line, comprising:
-
a) first means for accepting numbers from a keypad, which are keyed in by a user; b) second means for encrypting said numbers into cyphertext; c) third means for transmitting said cyphertext on said telephone line and d) connection means for connecting to said telephone line, while allowing normal operation of said telephone. - View Dependent Claims (17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeNCR Corporation
-
Original AssigneeNCR Corporation
-
InventorsWatson, Gary E.
-
Primary Examiner(s)Gregory, Bernarr E.
-
Application NumberUS08/695,464Time in Patent Office785 DaysField of Search380/9, 380/21, 380/23, 380/24, 380/25, 380/30, 380/49, 380/50, 380/59US Class Current713/184CPC Class CodesG06Q 20/108 Remote banking, e.g. home b...G06Q 20/4012 Verifying personal identifi...H04L 2209/56 Financial cryptography, e.g...H04L 9/3226 using a predetermined code,...
