Methods and systems for secure transmission of information using a mobile device

US 6,880,079 B2
Filed: 04/25/2002
Issued: 04/12/2005
Est. Priority Date: 04/25/2002
Status: Expired due to Term

First Claim

Patent Images

1. A method for secure transmission of information, comprising the steps of:

(a) sending, from a client to a server, a request, at least one unique identifier and an encryption key;

(b) generating, at the server, a reply to the request;

(c) encrypting the reply, at the server, using the encryption key sent from the client to the server, to thereby produce an encrypted reply;

(d) identifying, at the server, a mobile device to which to send the encrypted reply, based on the at least one unique identifier;

(e) sending the encrypted reply from the server to the mobile device, wherein the mobile device does not have the encryption key sent from the client to the server; and

(f) decrypting the encrypted reply, at the client, in response to the encrypted reply being transferred from the mobile device to the client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for secure transmission of information are provided. In accordance with a method of the present invention, a client sends to a server, a request, at least one unique identifier and an encryption key. The server generates a reply to the request and identifies a mobile device (based on the at least one unique identifier) to which to send the reply. The server also encrypts the reply, using the encryption key, to thereby produce an encrypted reply. The encrypted reply is then sent from the server to the mobile device (e.g., a mobile phone). Once received by the mobile device, the encrypted reply is available for transfer (automatically or manually) from the mobile device to the client. Once provided to the client, the client can decrypt the encrypted reply using the encryption key. The decrypted reply is then available for use at (e.g., by) the client.

Citations

48 Claims

1. A method for secure transmission of information, comprising the steps of:
- (a) sending, from a client to a server, a request, at least one unique identifier and an encryption key;
  
  (b) generating, at the server, a reply to the request;
  
  (c) encrypting the reply, at the server, using the encryption key sent from the client to the server, to thereby produce an encrypted reply;
  
  (d) identifying, at the server, a mobile device to which to send the encrypted reply, based on the at least one unique identifier;
  
  (e) sending the encrypted reply from the server to the mobile device, wherein the mobile device does not have the encryption key sent from the client to the server; and
  
  (f) decrypting the encrypted reply, at the client, in response to the encrypted reply being transferred from the mobile device to the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising the following step, between steps (e) and (f):
    - sending the encrypted reply from the mobile device to the client.
  - 3. The method of claim 1, further comprising the following step, between steps (e) and (f):
    - displaying the encrypted reply on a display of the mobile device.
  - 4. The method of claim 3, wherein the decrypting in step (f) occurs in response to the encrypted reply being manually entered into the client by an end user that has viewed the encrypted reply on the display of the mobile device.
  - 5. The method of claim 1, wherein, following step (f), the reply is available for use by the client.
  - 6. The method of claim 1, further comprising the step of generating the encryption key.
  - 7. The method of claim 1, wherein the request comprises a request for information.
  - 8. The method of claim 1, wherein the request comprises a request for a one-time password.
  - 9. The method of claim 1, wherein the request comprises a request for access to information.
  - 10. The method of claim 1, wherein the request comprises an authentication request.

11. A method for secure transmissions of one-time passwords (OTP) using mobile devices, comprising the steps of:
- (a) sending, from a client to a server, a request for a OTP, at least one unique identifier and an encryption key;
  
  (b) generating, at the server, the OTP;
  
  (c) encrypting the OTP, at the server, using the encryption key sent from the client to the server, to thereby produce an encrypted OTP;
  
  (d) identifying, at the server, a mobile device to which to send the encrypted OTP, based on the at least one unique identifier;
  
  (e) sending the encrypted OTP from the server to the mobile device, wherein the mobile device does not have the encryption key sent from the client to the server; and
  
  (f) decrypting the encrypted OTP, at the client, in response to the encrypted reply being transferred from the mobile device to the client.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, further comprising the following step, between steps (c) and (f):
    - sending the encrypted OTP from the mobile device to the client.
  - 13. The method of claim 11, further comprising the following step, between steps (e) and (f):
    - sending the encrypted OTP from the mobile device to the client.
  - 14. The method of claim 11, further comprising the following step, between steps (e) and (f):
    - displaying the encrypted OTP on a display of the mobile device.
  - 15. The method of claim 14, wherein the decrypting in step (f) occurs in response to the encrypted OTP being manually entered into the client by an end user that has viewed the encrypted OTP on the display of the mobile device.
  - 16. The method of claim 11, wherein, following step (f), the OTP is available for use by the client.
  - 17. The method of claim 11, further comprising the step of generating the encryption key.

18. A method for secure transmission of information with a client that has or can generate an encryption key, the method comprising the steps of:
- (a) receiving, from the client, a request, at least one unique identifier and an encryption key;
  
  (b) generating a reply to the request;
  
  (c) encrypting the reply using the encryption key that was received from the client, to thereby produce an encrypted reply;
  
  (d) identifying a mobile device to which to send the encrypted reply, based on the at least one unique identifier; and
  
  (e) sending the encrypted reply to the mobile device, which does not have the encryption key;
  
  wherein the encrypted reply, once received by the mobile device, is available for transfer from the mobile device to the client, where the encrypted reply can be decrypted using the encryption key.

19. A subsystem for providing secure transmission of information with a client that has or can generate an encryption key, the subsystem comprising:
- means for generating a reply to a request received from the client;
  
  means for encrypting the reply using an encryption key received from the client, to thereby produce an encrypted reply; and
  
  means for identifying a mobile device to which to send the encrypted reply, based on at least one unique identifier received from the client;
  
  wherein the mobile device does not have the encryption key; and
  
  wherein the encrypted reply, once received by the mobile device, is available for transfer from the mobile device to the client, where the encrypted reply can be decrypted using the encryption key.
- View Dependent Claims (20)
- - 20. The subsystem according to claim 19, further comprising:
    - means for receiving, from the client, the request, the at least one unique identifier and the encryption key; and
      
      means for sending the encrypted reply to the mobile device.

21. A subsystem for providing secure transmission of information with a client that has or can generate an encryption key, the subsystem comprising:
- a receive communications interface to receive a request, at least one unique identifier and an encryption key from the client;
  
  a processor to produce a reply to the request, encrypt the reply using an encryption key received from the client, to thereby produce an encrypted reply, and identify a mobile device to which to send the encrypted reply, based on the at least one unique identifier; and
  
  a transmit communications interface to send the encrypted reply to the identified mobile device;
  
  wherein the identified mobile device does not have the encryption key; and
  
  wherein the encrypted reply, once received by the identified mobile device, is available for transfer from the mobile device to the client, where the encrypted reply can be decrypted using the encryption key.
- View Dependent Claims (22)
- - 22. The subsystem according to claim 21, wherein the receive communications interface and the transmit communications interface comprise the same interface.

23. A system for secure transmission of information, comprising:
- a client;
  
  a server; and
  
  a plurality of mobile devices;
  
  wherein the client is configured to send a request, at least one unique identifier and an encryption key to the server; and
  
  wherein the server is configured to generate a reply to the request, encrypt the reply using the encryption key sent from the client, to thereby produce an encrypted reply, identify a specific mobile device, of the plurality of mobile devices, to which to send the encrypted reply, and send the encrypted reply to the specific mobile device;
  
  wherein none of the mobile devices have the encryption key;
  
  wherein the encrypted reply, once received by the specific mobile device, is available for transfer from the specific mobile device to the client; and
  
  wherein the client is further configured to decrypt the encrypted reply, using the encryption key, once the encrypted reply is transferred from the specific mobile device to the client.
- View Dependent Claims (24, 25, 26)
- - 24. The system of claim 23, wherein one or more of the mobile devices includes a display to display an encrypted reply.
  - 25. The system of claim 24, wherein the client includes an input mechanism into which an encrypted reply can be entered, and wherein the client is configured to decrypt the encrypted reply in response to encrypted reply being provided using the input mechanism.
  - 26. The system of claim 23, wherein one or more of the mobile devices includes a means for transmitting a message to the client, the means for transmitting being configured to send the encrypted reply to the client.

27. A method for secure transmission of information, comprising the steps of:
- (a) sending, from a client to an information server, a request for information;
  
  (b) sending, from the client to an authentication server, an authentication request, at least one unique identifier and an encryption key;
  
  (c) generating, at the authentication server, an authentication reply;
  
  (d) encrypting the authentication reply, at the server, using the encryption key sent from the client to the authentication server to thereby produce an encrypted authentication reply;
  
  (e) identifying, at the authentication server, a mobile device to which to send the encrypted authentication reply, based on the at least one unique identifier; and
  
  (f) sending the encrypted authentication reply from the authentication server to the mobile device, wherein the mobile device does not have the encryption key sent from the client to the authentication server; and
  
  (g) decrypting the encrypted authentication reply, at the client, in response to the encrypted authentication reply being transferred from the mobile device to the client.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34)
- - 28. The method of claim 27, further comprising the steps of:
    - (h) sending, from the client to the information server, the decrypted authentication reply and the at least one unique identifier;
      
      (i) sending, from the information server to the authentication server, the decrypted authentication reply and the at least one unique identifier;
      
      (j) determining, at the authentication server, an authentication result;
      
      (k) sending, from authentication server to the information server, the authentication result;
      
      (l) producing, at the information server, an information reply to the information request, in response to receiving the authentication result; and
      
      (m) sending, from the information server to the client, the information reply.
  - 29. The method of claim 28, further comprising the following step, between steps (f) and (g):
    - sending the encrypted reply from the mobile device to the client.
  - 30. The method of claim 28, further comprising the following step, between steps (f) and (g):
    - displaying the encrypted reply on a display of the mobile device.
  - 31. The method of claim 30, wherein the decrypting in step (g) occurs in response to the encrypted reply being manually entered into the client by an end user that has viewed the encrypted reply on the display of the mobile device.
  - 32. The method of claim 27, further comprising the step of generating the encryption key.
  - 33. The method of claim 27, wherein the request for information comprises a request for information stored on the information server.
  - 34. The method of claim 33, wherein the authentication request comprises a request for a one-time password.

35. A system for secure transmission of information, comprisinga client;
- an information server;
  
  an authentication server; and
  
  a plurality of mobile devices;
  
  wherein the client is configured to send a request for information to the information server, and send an authentication request, at least one unique identifier and an encryption key to the authentication server;
  
  wherein the authentication server is configured to generate an authentication reply to the authentication request, encrypt the authentication reply using the encryption key received from the client to thereby produce an encrypted authentication reply, identify a specific mobile device, of the plurality of mobile devices, to which to send the encrypted authentication reply, based on the at least one unique identifier, and send the encrypted authentication reply to the specific mobile device;
  
  wherein none of the mobile devices have the encryption key; and
  
  wherein the client is further configured to decrypt the encrypted authentication reply in response to the encrypted authentication reply being transferred from the mobile device to the client.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The system of claim 35, wherein:
    - the client is further configured to send the decrypted authentication reply and the at least one unique identifier to the information server;
      
      the information server is configured to send the decrypted authentication reply and the at least one unique identifier to the information server;
      
      the authentication server is further configured to determine an authentication result, and to send the authentication result to the information server; and
      
      the information server is further configured to produce an information reply to the information request, in response to receiving the authentication result, and to send the information reply to the client.
  - 37. The system of claim 36, wherein the client is further configured to generate the encryption key.
  - 38. The system of claim 36, wherein one or more of the mobile devices includes a display configured to display the encrypted reply.
  - 39. The system of claim 36, wherein one or more of the mobile devices is configured to transmit an encrypted reply to a client.
  - 40. The system according to claim 35, wherein the request for information comprises a request for information stored on the information server.
  - 41. The system according to claim 35, wherein the authentication request comprises a request for a one-time password.

42. A method for secure transmission of information, comprising the steps of:
- (a) a client sending a request, at least one unique identifier and an encryption key to a server, where a reply is generated and encrypted using the encryption key to thereby produce an encrypted reply that is sent to a mobile device identifiable based on the at least one unique identifier;
  
  (b) receiving at the client the encrypted reply that was sent, in response to the request, from the server to the mobile device that was identified based on the at least one unique identifier and that does not have the encryption key that was sent to the server; and
  
  (c) the client, in response to receiving the encrypted reply that was sent from the server to the mobile device, decrypting the encrypted reply using the encryption key that was sent with the request to the server, thereby producing a decrypted reply.
- View Dependent Claims (43, 44, 45, 46)
- - 43. The method of claim 42, further comprising the step of generating the encryption key prior to step (a).
  - 44. The method of claim 42, wherein following step (c) the decrypted reply is available for use.
  - 45. The method of claim 42, wherein step (b) comprises receiving the encrypted reply from the mobile device.
  - 46. The method of claim 42, wherein step (b) comprises accepting a manual entry, of the encrypted reply, from a user viewing the encrypted reply on a display of the mobile device.

47. A computer program product for execution by a server, useful for providing secure transmission of information between the server and a client that has or can generate an encryption key, the computer program product comprising:
- computer code to generate a reply to a request received from the client;
  
  computer code to encrypt the reply using an encryption key, received from the client, to thereby produce an encrypted reply; and
  
  computer code to identify a mobile device to which to send the encrypted reply, based on at least one unique identifier received from the client;
  
  wherein the identified mobile device does not have the encryption key; and
  
  wherein the encrypted reply, once received by the identified mobile device, is available for transfer from the mobile device to the client, where the encrypted reply can be decrypted using the encryption key.

48. A processor readable storage media comprising a processor readable program code embodied on the processor readable storage medium, the processor readable program code for programming a processor to perform a method, the method comprising:
- generating a reply to a request received from a client;
  
  encrypting the reply using an encryption key, received from the client, to thereby produce an encrypted reply;
  
  indentifying a mobile device to which to send the encrypted reply, based on at least one unique identifier received from the client; and
  
  causing the encrypted reply to be sent to the identified mobile device;
  
  wherein the identified mobile device does not have the encryption key; and
  
  wherein the encrypted reply, once received by the identified mobile device, is available for transfer from the mobile device to the client, where the encrypted reply can be decrypted using the encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Onespan North America Incorporated (OneSpan, Inc.)
Original Assignee
Vasco Data Security Incorporated (OneSpan, Inc.)
Inventors
Vanderstraeten, Alain Marie Eric, Houthooft, Mario Raymond Louis, Kefford, Mark Gregory
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
Brown, Christopher J

Application Number

US10/132,048
Publication Number

US 20030204726A1
Time in Patent Office

1,083 Days
Field of Search

713/155, 713/168
US Class Current

713/155
CPC Class Codes

G06F 21/42   using separate channels for...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 9/3228   One-time or temporary data,...

H04L 9/3271   using challenge-response

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

Methods and systems for secure transmission of information using a mobile device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for secure transmission of information using a mobile device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links