Apparatus, method and system for authentication
First Claim
1. A portable, electronic device comprising a transponder with a memory unit, and means for writing user-specific information into the transponder memory unit, so that the transponder, upon reception of an interrogating signal containing a request code, generates a response signal comprising the user-specific information, the portable, electronic device further comprising calculating means for calculating an authentication code, to be included in the user-specific information, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device, and the request code.
3 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a portable, electronic device such as a mobile phone. The device is provided with a transponder and may be used for authentication purposes. The device includes means for writing user-specific information into a memory unit, included in the transponder. Thus, when an interrogating reading device stimulates the transponder, the transponder emits the user-specific information. This enables authentication of a user rather than of a device. In a preferred embodiment use is made of a user-specific key, by means of which a single-use code is generated, which is used as the emitted user-specific information. The invention also relates to a method and a system, which may work in connection with such a device.
36 Citations
18 Claims
- 1. A portable, electronic device comprising a transponder with a memory unit, and means for writing user-specific information into the transponder memory unit, so that the transponder, upon reception of an interrogating signal containing a request code, generates a response signal comprising the user-specific information, the portable, electronic device further comprising calculating means for calculating an authentication code, to be included in the user-specific information, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device, and the request code.
-
7. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the method comprising the following steps:
-
transmitting a transponder interrogating signal containing a request code to the transponder of the portable device; receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code; and determining the authenticity of the user based on the user-specific information, including the authentication code. - View Dependent Claims (8, 9)
-
-
10. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the system comprising
an interrogating apparatus, means in the interrogating apparatus for transmitting a transponder interrogating signal containing a request code to the transponder of the portable device; -
means in the interrogating apparatus for receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code; and means in the interrogating apparatus for determining the authenticity of the user based on the user-specific information. - View Dependent Claims (11, 12)
-
-
14. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the method comprising the following steps:
-
transmitting, from the interrogating apparatus, a transponder interrogating signal containing a request code to the transponder of the portable device; receiving a response signal, comprising user-specific information containing an authentication code, from the transponder to the interrogating apparatus, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder, wherein the authentication code is calculated based on a user-specific key stored in the portable, electronic device and based on the request code, determining the authenticity of the user based on the user-specific information, including the authentication code, further wherein the interrogating apparatus transmits the same request code to a server which in turn generates an authentication code based upon the same user-specific key stored in the portable, electronic device, which authentication code is transmitted back to the interrogating apparatus, and further wherein the determining the authenticity of the user based upon the user-specific information, including the authentication code received from the portable, electronic device is performed by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.
-
-
15. A method for use in an interrogating apparatus for authenticating a user, carrying a portable, electronic device having a calculating means, and a transponder with a memory unit, the portable, electronic device having a user identity information and a user-specific key stored therein, the method comprising the following steps:
-
the interrogating apparatus transmitting a first interrogating signal to the transponder of the portable, electronic device for causing the transponder to transmit to the interrogating apparatus the user identity information, the interrogating apparatus transmitting a request containing the user identity information to a server, wherein the server, based upon the user identity information, generates a request code and an authentication code that are transmitted to the interrogating apparatus, the interrogating apparatus transmitting the request code to the portable, electronic device as a second transponder interrogating signal, the portable, electronic device generating an authentication code based upon the user-specific key and the request code, the portable, electronic device transmitting the authentication code to the interrogating apparatus, and determining the authenticity of the user by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.
-
-
16. A portable, electronic device comprising a transponder with a memory unit, a calculating means, user identity information and a user-specific key and means for writing user-specific information into the transponder unit, so that the transponder, upon receipt of a first interrogating signal, generates a first response signal containing user-specific information that includes the user identity information, and upon reception of a second interrogating signal containing a request code, generates a second response signal containing user-specific information that includes an authentication code, wherein the authentication code is generated by the calculating means based on the user-specific key and the request code.
-
17. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the system further comprising
an interrogating apparatus and a server, means in the interrogating apparatus for transmitting a transponder interrogating signal containing a request code to the transponder of the portable device, means in the interrogating apparatus for receiving a response signal, comprising user specific information containing an authentication code, from the transponder, said user-specific information being written, by means in the portable, electronic device, into the memory unit of the transponder wherein the authentication code is calculated based on a user-specific key and the request code, and means in the interrogating apparatus for determining the authenticity of the user based on the user-specific information, further wherein the interrogating apparatus transmits the same request to the server which in turn generates an authentication code based upon the same user-specific key in the portable, electronic device, which authentication code is transmitted back to the interrogating apparatus, and further wherein the determining the authenticity of the user based upon the user-specific information, including the authentication code received from the portable, electronic device is performed by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.
-
18. A system for authenticating a user, carrying a portable, electronic device having a calculating means and a transponder with a memory unit, the portable, electronic device having a user identity information and a user-specific key stored therein, the system further comprising
an interrogating apparatus and a server, the interrogating apparatus having means for transmitting a first interrogating signal to the transponder of the portable, electronic device for causing the transponder to transmit to the interrogating apparatus the user identity information, the interrogating apparatus having means for transmitting a request containing the user identity information to the server, wherein the server, based upon the user identity information, generates a request code and an authentication code that are transmitted to the interrogating apparatus, the interrogating apparatus having means for transmitting the request code to the portable, electronic device as a second transponder interrogating signal, the portable, electronic device calculating means generating an authentication code based upon the user-specific key and the request code, the portable, electronic device transponder transmitting the authentication code to the interrogating apparatus, and the interrogating apparatus having means for determining the authenticity of the user by comparing the authentication code received from the portable, electronic device with the authentication code received from the server.
Specification