Secure entry of a user-identifier in a publicly positioned device
First Claim
1. A method for secure entry of authorizing data in a publicly positioned device comprising the steps of:
- establishing a private communications link between a user and the publicly positioned device, wherein the establishing step comprises;
(i) linking the publicly positioned device having a visual interface through an encoder application to active glasses having a shuttered display, said shuttered display opening and closing responsive to synchronization pulses;
(ii) synchronizing display of prompts in said visual interface with said opening and closing of said shuttered display in said active glasses;
(iii) displaying masking data in said visual interface between said display of said prompts;
the publicly positioned device presenting device generated data over the private communications link, wherein said user can be visually prompted for said device generated data and authorization data through said visual interface;
prompting said user for a combination of the device generated data and authorizing data, where the prompted combination intersperses the device generated data and the authorizing data in a manner determined by the publicly positioned device, wherein prompting step further comprises the step of;
separately prompting said user for a subset of the digits of the authorizing data followed by at least some of the digits of the device generated data, followed by additional digits of the authorizing data;
receiving a user input through a public input means of the publicly positioned device;
extracting user-provided authorizing data from the user input, wherein the user input also contains the device generated data; and
authorizing the user to utilize the publicly positioned device based upon whether the extracted authorizing data is equivalent to the authorizing data.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for secure entry of a user-identifier in a publicly positioned device can include establishing a private communications link between a user and the publicly positioned device; dividing the user-identifier into at least two portions; separately prompting the user for each portion of the user-identifier; prompting the user for a combination of random data and the user-identifier; and, discarding the random data from the combination. In the preferred embodiments, the publicly positioned device can have a visual interface through which the user can be visually prompted for the random data and the user-identifier. Alternatively, the publicly positioned device can have a telephone interface through which the user can be audibly prompted for the random data and the user-identifier. In the case of a visual display, the private communications link can be established by linking the publicly positioned device to active glasses having a shuttered display. The opening and closing of the shuttered display can be synchronized with the display of the prompts in the visual interface such that only the wearer of the active glasses can view the prompts. In the case of a telephone interface, an telephone operator system, for example an Interactive Voice Response system or a human operator, can provide the prompts audibly through the telephone interface.
-
Citations
33 Claims
-
1. A method for secure entry of authorizing data in a publicly positioned device comprising the steps of:
-
establishing a private communications link between a user and the publicly positioned device, wherein the establishing step comprises; (i) linking the publicly positioned device having a visual interface through an encoder application to active glasses having a shuttered display, said shuttered display opening and closing responsive to synchronization pulses; (ii) synchronizing display of prompts in said visual interface with said opening and closing of said shuttered display in said active glasses; (iii) displaying masking data in said visual interface between said display of said prompts; the publicly positioned device presenting device generated data over the private communications link, wherein said user can be visually prompted for said device generated data and authorization data through said visual interface; prompting said user for a combination of the device generated data and authorizing data, where the prompted combination intersperses the device generated data and the authorizing data in a manner determined by the publicly positioned device, wherein prompting step further comprises the step of; separately prompting said user for a subset of the digits of the authorizing data followed by at least some of the digits of the device generated data, followed by additional digits of the authorizing data; receiving a user input through a public input means of the publicly positioned device; extracting user-provided authorizing data from the user input, wherein the user input also contains the device generated data; and authorizing the user to utilize the publicly positioned device based upon whether the extracted authorizing data is equivalent to the authorizing data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 31, 32, 33)
-
-
16. A machine readable storage, having stored thereon a computer program for secure entry of a user-identifier in a publicly positioned device, said computer program having a plurality of code sections executable by a machine for causing the machine to perform the steps of:
-
establishing a private communications link between a user and the publicly positioned device, wherein the establishing step comprises; (i) linking the publicly positioned device having a visual interface through an encoder application to active glasses having a shuttered display, said shuttered display opening and closing responsive to synchronization pulses; (ii) synchronizing display of prompts in said visual interface with said opening and closing of said shuttered display in said active glasses; (iii) displaying masking data in said visual interface between said display of said prompts; the publicly positioned device presenting device generated data over the private communications link, wherein said user can be visually prompted for said device generated data and authorization data through said visual interface; prompting said user for a combination of the device generated data and authorizing data, where the prompted combination intersperses the device generated data and the authorizing data in a manner determined by the publicly positioned devices, wherein prompting step further comprises the step of; separately prompting said user for a subset of the digits of the authorizing data followed by at least some of the digits of the device generated data, followed by additional digits of the authorizing data; receiving a user input through a public input means of the publicly positioned device; extracting user-provided authorizing data from the user input, wherein the user input also contains the device generated data; and authorizing the user to utilize the publicly positioned device based upon whether the extracted authorizing data is equivalent to the authorizing data. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification