Knowledge-type authorization device and methods
First Claim
1. A mobile telephone having electronic authentication circuitry for authentication for a transaction, comprising:
- (a) a hack-proof, non-duplicatable, authenticating smart chip with a bi-directional communications port;
(b) a radio communications circuit coupled to the communications port;
(c) an input circuit that receives user input and provides it to the smart chip;
(d) a wireless power supply that powers the aforementioned elements; and
(e) a programmed logic circuit which causes the authenticating smart chip to require receipt of a knowledge token from the input circuit to achieve authentication and, upon receipt of said token, then securely report achievement of authentication via the radio communications circuit to another system to which the smart chip securely authenticates itself with bi-directional crypto communications as part of a transaction with the system;
(f) all housed in a portable housing of a mobile telephone.
2 Assignments
0 Petitions
Accused Products
Abstract
A wireless electronic authentication device with an authenticating smart chip, a local radio communication circuit, an input circuit that receives user input, and a power supply, all housed in a portable housing. Preferably, the authentication device is a mobile telephone with an authenticating smart chip. The user enters a knowledge token, such as a password stated by voice or a personal identification number input at the keyboard, to indicate that he is both in possession of the authorization device and knows the critical information. The knowledge token may be entered in advance and merely confirmed by the user pressing a key on the keypad when a confirmation is requested. A method is provided for making use of the authentication device to perform authorizations. A similar method is disclosed for use in existing systems and then achieving a gradual transition from existing systems to the new authentication device.
57 Citations
30 Claims
-
1. A mobile telephone having electronic authentication circuitry for authentication for a transaction, comprising:
-
(a) a hack-proof, non-duplicatable, authenticating smart chip with a bi-directional communications port; (b) a radio communications circuit coupled to the communications port; (c) an input circuit that receives user input and provides it to the smart chip; (d) a wireless power supply that powers the aforementioned elements; and (e) a programmed logic circuit which causes the authenticating smart chip to require receipt of a knowledge token from the input circuit to achieve authentication and, upon receipt of said token, then securely report achievement of authentication via the radio communications circuit to another system to which the smart chip securely authenticates itself with bi-directional crypto communications as part of a transaction with the system; (f) all housed in a portable housing of a mobile telephone. - View Dependent Claims (2, 3, 4)
-
-
5. A method of authenticating for a transaction a user of a mobile telephone having authentication circuitry including a hack-proof, non-duplicatable, authenticating smart chip, a user input receiver, and a radio communications circuit, comprising:
-
(a) transmitting between a radio communications access point and the mobile telephone information identifying a proposed transaction; (b) receiving at said access point via radio communications from the hack-proof, non-duplicatable, authenticating smart chip within the mobile telephone encrypted information identifying the telephone which information is crypto-verified with bi-directional radio communications between the access point and the hack-proof, non-duplicatable, authenticating smart chip within the telephone; (c) comparing said identifying information received at said access point to records in a database and determining whether there is a record indicating that said telephone is authorized and was last registered to a person with a valid account; and (d) receiving at said access point via encrypted bi-directional radio communications from the mobile telephone information indicating that the telephone is a type that requires receipt of an intentionally given knowledge token at a user input receiver on said telephone, as well as information indicating that an appropriate knowledge token has been received and verified using said hack-proof, non-duplicatable, authenticating smart chip relative to said information identifying a proposed transaction. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for authenticating for a transaction a user of a mobile telephone having authentication circuitry including a non-duplicatable smart chip, a user input receiver, and a radio communications circuit, the system comprising:
-
(a) a radio communications access point with a transmitter-receiver capable of communicating between the radio communications access point and a mobile telephone information identifying a proposed transaction; (b) a crypto-verification component that receives via the access point radio communications from a hack-proof, non-duplicatable, authenticating smart chip within the mobile telephone with encrypted information identifying the telephone and crypto-verifies the information with bi-directional radio communications between the access point and the hack-proof, non-duplicatable, authenticating smart chip within the telephone; (c) a database comparison component that compares said identifying information received at said access point to records in a database and determines whether there is a record indicating that said telephone is authorized and was last registered to a person with a valid account; and (d) a knowledge token verification component that receives via said access point via encrypted bi-directional radio communications from the hack-proof, non-duplicatable, authenticating smart chip within the mobile telephone, relative to said information identifying a proposed transaction, information indicating that the telephone is a type that requires receipt of an intentionally given knowledge token at a user input receiver on said telephone, as well as information indicating that an appropriate knowledge token has been received and verified using the hack-proof, non-duplicatable, authenticating smart chip. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification