Method, data carrier and system for authentication of a user and a terminal
First Claim
1. A method for authenticating a user of a data carrier for authorized use of the data carrier and for authenticating a data carrier terminal for authorized accessing by the data carrier terminal of memory areas of the data carrier, comprising the following steps:
- reading a secret code from the data carrier by the data carrier terminal, wherein the secret code is stored on a memory location that can be accessed only by authorized data terminals or can be decrypted correctly only by authorized data terminals;
presenting the read secret code to the user;
after receiving an indication by the user that the presented read secret code is correct, reading a biometric feature presented by the user;
comparing the read presented biometric feature with a biometric feature stored on the data carrier.
2 Assignments
0 Petitions
Accused Products
Abstract
A data carrier has stored thereon a secret code and a user'"'"'s biometric data. In using the data carrier, a data carrier terminal is first authenticated for access to data stored in the data carrier by reading a secret code from the data carrier in a manner known only to an authorized terminal, and then displaying the read secret on the data carrier terminal. If the user determines that the displayed secret code is correct, the user then presents a biometric feature which is read and compared to the biometric data stored on the data carrier. If the read biometric data matches the stored biometric data, then the user is authorized for further use of the data carrier on the data carrier terminal.
-
Citations
3 Claims
-
1. A method for authenticating a user of a data carrier for authorized use of the data carrier and for authenticating a data carrier terminal for authorized accessing by the data carrier terminal of memory areas of the data carrier, comprising the following steps:
-
reading a secret code from the data carrier by the data carrier terminal, wherein the secret code is stored on a memory location that can be accessed only by authorized data terminals or can be decrypted correctly only by authorized data terminals; presenting the read secret code to the user; after receiving an indication by the user that the presented read secret code is correct, reading a biometric feature presented by the user; comparing the read presented biometric feature with a biometric feature stored on the data carrier. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
-
Current AssigneeGiesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
-
Original AssigneeGiesecke & Devrient GmbH
-
InventorsMuller, Robert, Stephan, Elmar, Modl, Albert
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Assistant Examiner(s)HO, THOMAS
-
Application NumberUS10/030,162Time in Patent Office2,646 DaysField of Search713/169, 713/186, 726/5, 726/20, 726/169, 726/186US Class Current726/5CPC Class CodesG06F 21/32 using biometric data, e.g. ...
