Methods and apparatus for authenticating the download of information onto a smart card
First Claim
1. A method for an information owner to download software to an information device over a network, wherein said information device comprises a smart card, and said method comprises the steps of:
- a. the information owner delegating to a third party, download of said software from a server associated with said third party to the information device, wherein said information device is capable of downloading new instruction, update existing instructions, and overwriting existing instructions;
b. the information device computing an acknowledgment of said download of said software, wherein said acknowledgment includes a digital signature created via public key encryption;
c. the information device sending said computed acknowledgment to the information owner via said network; and
d. the information owner verifying the computed acknowledgment, wherein only the information owner can verify the computed acknowledgment.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for producing a digitally-computed acknowledgment of a delegated download event are disclosed. An information owner, such as the issuer of a smart card, delegates an information download to a third party. The information is downloaded from the third party to an information device, such as a smart card. The computed acknowledgment is a digital “seal” or signature (depending upon the type of cryptographic algorithm used). The seal or signature is preferably a cryptogram generated by the information device using cryptographic keys resident on the information device itself. This acknowledgment is then made available to the information owner, who may then test the cryptogram to determine whether the third party successfully completed the software download.
-
Citations
5 Claims
-
1. A method for an information owner to download software to an information device over a network, wherein said information device comprises a smart card, and said method comprises the steps of:
-
a. the information owner delegating to a third party, download of said software from a server associated with said third party to the information device, wherein said information device is capable of downloading new instruction, update existing instructions, and overwriting existing instructions; b. the information device computing an acknowledgment of said download of said software, wherein said acknowledgment includes a digital signature created via public key encryption; c. the information device sending said computed acknowledgment to the information owner via said network; and d. the information owner verifying the computed acknowledgment, wherein only the information owner can verify the computed acknowledgment. - View Dependent Claims (2)
-
-
3. A system for allowing a smart card issuer to securely delegate to a third party the download of an applet to a smart card over a network, said system comprising:
-
an external device associated with said third party and having said applet resident thereon, said external device capable of transferring said applet to said smart card, wherein said applet is associated with said issuer and said applet is transferred by said third party as delegated by said issuer, said information device capable of downloading new instructions, update existing instructions, and overwriting existing instructions; said smart card includes instructions configured to initiate a public-key acknowledgement process that produces a digital signature responsive to successful transfer of said applet and utilizing a cryptographic key stored on said smart card, and send said digital signature to said issuer for validation by said issuer, wherein only the issuer can validate said acknowledgement. - View Dependent Claims (4, 5)
-
Specification
-
- Resources
-
Current AssigneeLiberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
-
Original AssigneeAmerican Express Travel Related Services Company, Inc. (American Express Company)
-
InventorsPetit, Frederic
-
Primary Examiner(s)Trammell, James P.
-
Assistant Examiner(s)Abdi, Kambiz
-
Application NumberUS09/522,628Time in Patent Office1,985 DaysField of Search705/53, 705/64, 705/68, 705/77, 705/78, 707/207, 713/1, 713/2, 713/100, 717/120, 717/122, 717/168, 717/170, 717/171, 717/172, 717/173US Class Current705/53CPC Class CodesG06Q 20/085 involving remote charge det...G06Q 20/0855 involving a third partyG06Q 20/3552 Downloading or loading of p...G06Q 20/3676 Balancing accountsG06Q 20/382 insuring higher security of...G07F 7/1008 Active credit-cards provide...
