×

User authentication system for authenticating an authorized user of an IC card

  • US 6,067,621 A
  • Filed: 10/06/1997
  • Issued: 05/23/2000
  • Est. Priority Date: 10/05/1996
  • Status: Expired due to Fees
First Claim
Patent Images

1. A system for authenticating an authorized user, comprising:

  • an integrated circuit (IC) card containing a secret key for enabling generation of a one-time password and a random number;

    a portable terminal adapted to accommodate said IC card for generating said one-time password and processing transactions conducted by a user;

    a server installed at a host institution for authenticating the one-time password generated from the portable terminal;

    said portable terminal comprising;

    a card receiver adapted to receive said IC card for determining whether said IC card is inserted therein for the first time;

    a random number memory for reading and storing, and then deleting the random number of said IC card when said IC card is inserted for the first time into said card receiver;

    a first password generator for generating the one-time password by reading the secret key of said IC card and the random number stored in said random number memory;

    a first random number changer for changing the random numbers stored in said random number memory into a predetermined value and storing the changed value in said random number memory when said one-time password is generated in said first password generator; and

    a display for displaying the processed results of said terminal and said server, and said server comprising;

    a secret key memory for storing a secret key and a predetermined random number identical to the secret key and a predetermined random number initially stored in said IC card;

    a second password generator for reading the secret key and the random number stored in said secret key memory and for generating a one-time password;

    a second random number changer for changing the random number value of said secret key memory into a value identical to the random number changer of said portable terminal, and storing the changed value in the secret key memory when the one-time password is generated by said second password generator;

    a password receiver for receiving the one-time password generated from said portable terminal through a telephone network; and

    a password verifier for verifying whether the one-time password received from said portable terminal is identical to the one-time password generated from said second password generator.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×