Personal website for electronic commerce on a smart Java card with multiple security check points
First Claim
1. A method for enabling multiple security check points during electronic transactions between a smart card and a host computer, the smart card having one or more personal Web pages stored therein, the method comprising:
- using a processing computer to establish communications between the smart card and the host computer;
receiving verification data from a user to identify the authenticity of the user;
transmitting first data from the smart card to the host computer;
the host computer processing the first data from the smart card to verify the authenticity of the smart card;
the host computer transmitting second data from the host computer to the smart card;
the smart card processing the second data from the host computer to verify the authenticity of the host computer;
providing the smart card with an encryption engine to encode data on the card and to decode data sent to the card;
if each of the user, the smart card, and the host computer is verified as authentic, then the smart card transmitting one or more of said personal Web pages to the host computer for display;
storing in the smart card user identification data and a secure key or security certificate from a given institution;
the step of transmitting first data from the smart card to the host computer including;
i) inserting the smart card into a reader, andii) sending the secure key or security certificate to the host computer when the smart card is inserted into the reader;
the step of the host computer processing the first data including the host computer combining the secure key or security certificate with the user identification data to form combined data;
the step of the host computer transmitting second data to the smart card including the host computer sending the combined data to the smart card;
the step of the smart card processing the second data including the smart card decoding the combined data to recover therefrom the user identification data, and comparing the recovered user identification data with the stored user identification data; and
displaying one or more of said personal Web pages, wherein the step of displaying includes transmitting said one or more Web pages having a link to one or more other Web sites accessible over a computer network, said one or more other Web sites having additional personal secure information associated with the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A Method and system are disclosed for accessing personal Web site or executing electronic commerce with security in a smart Java card. A personal Web site which includes personal or private information is stored in a personal smart Java card. Before a user can access the Web site stored in the smart Java card, the user is validated by any one of or in combination of PIN, facial images, hand images, eye image, voice characteristics, and finger prints. In addition, an encryption engine embedded in the smart Java card decodes and compares the entered PIN combined with a secure key or security certificate to verify the identity of the user. Before the bank account can be accessed freely by the user, the bank'"'"'s computer system checks the combined secure data to ensure the authenticity of the card and the user'"'"'s identity with multiple check points using Internet security protocols via Web browsers.
29 Citations
15 Claims
-
1. A method for enabling multiple security check points during electronic transactions between a smart card and a host computer, the smart card having one or more personal Web pages stored therein, the method comprising:
-
using a processing computer to establish communications between the smart card and the host computer; receiving verification data from a user to identify the authenticity of the user; transmitting first data from the smart card to the host computer; the host computer processing the first data from the smart card to verify the authenticity of the smart card; the host computer transmitting second data from the host computer to the smart card; the smart card processing the second data from the host computer to verify the authenticity of the host computer; providing the smart card with an encryption engine to encode data on the card and to decode data sent to the card; if each of the user, the smart card, and the host computer is verified as authentic, then the smart card transmitting one or more of said personal Web pages to the host computer for display; storing in the smart card user identification data and a secure key or security certificate from a given institution; the step of transmitting first data from the smart card to the host computer including; i) inserting the smart card into a reader, and ii) sending the secure key or security certificate to the host computer when the smart card is inserted into the reader; the step of the host computer processing the first data including the host computer combining the secure key or security certificate with the user identification data to form combined data; the step of the host computer transmitting second data to the smart card including the host computer sending the combined data to the smart card; the step of the smart card processing the second data including the smart card decoding the combined data to recover therefrom the user identification data, and comparing the recovered user identification data with the stored user identification data; and displaying one or more of said personal Web pages, wherein the step of displaying includes transmitting said one or more Web pages having a link to one or more other Web sites accessible over a computer network, said one or more other Web sites having additional personal secure information associated with the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification