Method for controlling independent secure transactions by means of a single apparatus
First Claim
Patent Images
1. A method for controlling independent secure transactions between a user and one of a plurality of different service providers comprising the steps of:
- the user acquiring a physical device independently of any service provider by the user, said physical device comprises a public key (Kup) and a secret key (Kus) and remains unchanged following the step of acquiring;
the user presenting of the physical device and associated identifier to said one service provider;
the service provider supplying the user with a certified digital profile by the service supplier which comprises access rights to a given service of said one service provider, the identifier which identifies the user to the service provider, and the public key of the physical device; and
initiating a secure transaction with said one service provider, by the user providing the certified digital profile to said one service provider and by the user providing authentication by encrypting a random number sent by said one service provider using the secret key of the physical device.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a procedure for controlling independent secure transactions using a single physical apparatus (11) that is the property of the user, wherein:
the user of said apparatus obtains the apparatus independently of any service provider,
on presentation by the user of said apparatus (11) to a service provider (P1, P2, P3) said service provider supplies a set of data identifying the user associated with the apparatus for access to a given service (S1, S2, S3)
the combination of the apparatus and the data enables a secure transaction to be conducted with the service.
78 Citations
5 Claims
-
1. A method for controlling independent secure transactions between a user and one of a plurality of different service providers comprising the steps of:
-
the user acquiring a physical device independently of any service provider by the user, said physical device comprises a public key (Kup) and a secret key (Kus) and remains unchanged following the step of acquiring;
the user presenting of the physical device and associated identifier to said one service provider;
the service provider supplying the user with a certified digital profile by the service supplier which comprises access rights to a given service of said one service provider, the identifier which identifies the user to the service provider, and the public key of the physical device; and
initiating a secure transaction with said one service provider, by the user providing the certified digital profile to said one service provider and by the user providing authentication by encrypting a random number sent by said one service provider using the secret key of the physical device. - View Dependent Claims (2, 3, 4, 5)
said one service provider holds a second public key and a second secret key;
on presentation by the user of the physical device, said one service provider signs or encrypts the profile of the user by means of the second secret key;
on initiation of a secure transaction with said one service provider by the user, said one service provider verifies the digital profile sent by the user by means of the second public key; and
on authentication of the user, said one service provider verifies the encrypted random number sent by the user by means of the public key of the user.
-
-
4. The method of claim 1, wherein the physical device is a smart card comprising a public key, a secret key and signature algorithm with a public signature key.
-
5. The method of claim 3, wherein the physical device is a smart card comprising a public key, a secret key and signature algorithm with a public signature key.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOrange S.A.
-
Original AssigneeOrange S.A.
-
InventorsStoffel, Laurent, Arditti, David, Campana, Mireille
-
Primary Examiner(s)Swann, Tod R.
-
Assistant Examiner(s)Smithers, Matthew
-
Application NumberUS08/888,367Time in Patent Office1,356 DaysField of Search380/24, 380/23, 380/4, 705/41, 705/64, 705/65, 705/66, 705/67, 713/202, 713/200US Class Current726/7CPC Class CodesG06Q 20/341 Active cards, i.e. cards in...G06Q 20/355 Personalisation of cards fo...G06Q 20/3576 Multiple memory zones on cardG07F 7/1008 Active credit-cards provide...
