Personal authorisation device

US 7,571,468 B1
Filed: 04/06/2004
Issued: 08/04/2009
Est. Priority Date: 04/06/2004
Status: Active Grant

First Claim

Patent Images

1. A personal authorisation device wearable by a user, comprising:

a memory;

an input operable to receive user authentication data for authenticating the user, wherein the personal authorisation device is configured to generate validation information from said user authentication data by transforming said user authentication data via a one-way transformation, wherein said validation information comprises a result of said one-way transformation, wherein said user authentication data is not stored within said memory;

wherein the memory stores an authorisation code and said validation information generated from the user authentication data, wherein said personal authorisation device is configured to encrypt said authorisation code with an encryption key to generate an encrypted authorisation code, wherein said encryption key comprises said validation information generated from said user authentication data; and

an output operable to provide said encrypted authorisation code to an other device configured to protect a resource, wherein said personal authorisation device is configured to enable the user to gain access to the protected resource, wherein to enable the user to gain access to the protected resource comprises providing said encrypted authorisation code to the other device through said output, wherein said other device and said resource are external to the personal authorisation device; and

a tamper detector configured to trigger if the personal authorisation device is removed from said user, wherein in response to said triggering the tamper detector is configured to disable use of the personal authorisation device, wherein to disable use of the personal authorisation device comprises preventing output of said encrypted authorisation code subsequent to said triggering.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A personal authorisation device wearable by a user includes an input operable to receive data for authenticating a user, a memory operable to store validation information derived from the user authentication data, and an output operable to provide an authorisation code. The device further includes a tamper detector that triggers if the device is removed from its wearer. Triggering of the tamper detector serves to disable use of the device.

61 Citations

View as Search Results

34 Claims

1. A personal authorisation device wearable by a user, comprising:
- a memory;
  
  an input operable to receive user authentication data for authenticating the user, wherein the personal authorisation device is configured to generate validation information from said user authentication data by transforming said user authentication data via a one-way transformation, wherein said validation information comprises a result of said one-way transformation, wherein said user authentication data is not stored within said memory;
  
  wherein the memory stores an authorisation code and said validation information generated from the user authentication data, wherein said personal authorisation device is configured to encrypt said authorisation code with an encryption key to generate an encrypted authorisation code, wherein said encryption key comprises said validation information generated from said user authentication data; and
  
  an output operable to provide said encrypted authorisation code to an other device configured to protect a resource, wherein said personal authorisation device is configured to enable the user to gain access to the protected resource, wherein to enable the user to gain access to the protected resource comprises providing said encrypted authorisation code to the other device through said output, wherein said other device and said resource are external to the personal authorisation device; and
  
  a tamper detector configured to trigger if the personal authorisation device is removed from said user, wherein in response to said triggering the tamper detector is configured to disable use of the personal authorisation device, wherein to disable use of the personal authorisation device comprises preventing output of said encrypted authorisation code subsequent to said triggering.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The personal authorisation device of claim 1, wherein the personal authorisation device is configured to compare the validation information to PIN information stored in the personal authorisation device to determine whether the validation information is the same as the PIN information stored in the personal authorisation device, wherein the personal authorisation device comprises a status indication that indicates whether the validation information is the same as the PIN information stored in the personal authorisation device.
  - 3. The personal authorisation device of claim 1, wherein the tamper detector disables use of the personal authorisation device by deleting the validation information stored in the memory.
  - 4. The personal authorisation device of claim 1, further comprising a timer, wherein the personal authorisation device is configured prevent output of said encrypted authorisation code in response to expiry of the timer.
  - 5. The personal authorisation device of claim 4, wherein the timer disables use of the personal authorisation device by deleting the validation information stored in the memory.
  - 6. The personal authorisation device of claim 4, wherein the timer is reset when new user authentication data is received at the input.
  - 7. The personal authorisation device of claim 4, wherein the timer has a duration of approximately one day.
  - 8. The personal authorisation device of claim 1, wherein the personal authorisation device stores one or more other authorisation codes.
  - 9. The personal authorisation device of claim 2, wherein the personal authorisation device stores one or more other authorisation codes, wherein said personal authorisation device is operable to encrypt each of said one or more other authorisation codes with said encryption key to generate respective encrypted authorisation codes, wherein the personal authorisation device is configured to provide one of the respective encrypted authorisation codes as output in response to determining that said status indication indicates that said validation information is the same as the PIN information stored in the personal authorisation device.
  - 10. The personal authorisation device of claim 8, wherein said personal authorisation device is operable to:
    - encrypts a particular one of said one or more other authorisation codes with said encryption key to generate a corresponding encrypted authorisation code; and
      
      provide said corresponding encrypted authorisation code to the other device through said output.
  - 11. The personal authorisation device of claim 8, wherein different ones of said one or more other authorisation codes are associated with different account types, and wherein the personal authorisation device is configured to:
    - determine a particular account type specified by a terminal to which the personal authorisation device is communicatively coupled;
      
      select a particular authorisation code of said one or more other authorisation codes, wherein the particular one of said different account types to which the particular authorisation code is associated is the same as said particular account type specified by said terminal;
      
      encrypt said particular authorisation code with said encryption key to generate a particular encrypted authorisation code; and
      
      provide said particular encrypted authorisation code to said terminal via said output.
  - 12. The personal authorisation device of claim 1, further comprising a timer that is set whenever user authentication data is received at the input, and wherein the tamper detector is inoperable to disable use of the personal authorisation device until expiry of the timer.
  - 13. The personal authorisation device of claim 12, wherein said timer has an expiry period of a few seconds.
  - 14. The personal authorisation device of claim 1, wherein said personal authorisation device comprises a necklace.
  - 15. The personal authorisation device of claim 1, wherein said personal authorisation device comprises a bracelet.
  - 16. The personal authorisation device of claim 1, wherein said personal authorisation device comprises a wristwatch.
  - 17. The personal authorisation device of claim 16, wherein said input comprises a set of buttons on the wristwatch.
  - 18. The personal authorisation device of claim 1, wherein said input comprises a wireless interface.
  - 19. The personal authorisation device of claim 1, wherein the tamper detector includes an electric circuit, and wherein the tamper detector is configured to trigger when the electric circuit is broken to remove the personal authorisation device from the wearer.
  - 20. The personal authorisation device of claim 19, wherein the electric circuit is arranged to loop around the wearer'"'"'s wrist.

21. A method of providing an authorisation code from a personal authorisation device wearable by a user, comprising:
- receiving user authentication data;
  
  generating validation information from said user authentication data by transforming said user authentication data via a one-way transformation, wherein said validation information comprises a result of said one-way transformation, wherein said user authentication data is not stored within a memory of said personal authorisation device;
  
  storing said validation information generated from the user authentication data in said memory of the personal authorisation device;
  
  accessing an authorisation code stored in said memory of the personal authorisation device and encrypting said authorisation code with an encryption key to generate an encrypted authorisation code, wherein said encryption key comprises said validation information generated from said user authentication data;
  
  enabling the user to gain access to a protected resource that is protected by an other device, wherein said enabling comprises providing said encrypted authorisation code as output from the personal authorisation device to said other device, wherein said other device and said resource are external to the personal authorisation device;
  
  detecting if the personal authorisation device is removed from the user wearing the personal authorisation device; and
  
  disabling use of the personal authorisation device in response to detecting such removal, wherein said disabling comprises preventing the output of said encrypted authorisation code.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 22. The method of claim 21, wherein the method comprises comparing the validation information to PIN information stored in the personal authorisation device to determine whether the validation information is the same as the PIN information stored in the personal authorisation device wherein the method further comprises providing a status indication that indicates whether the validation information is the same as the PIN information stored in the personal authorisation device.
  - 23. The method of claim 21, wherein said disabling use of the personal authorisation device comprises deleting the stored validation information from said memory.
  - 24. The method of claim 21, wherein the method further comprises:
    - providing a timer; and
      
      preventing output of said encrypted authorisation code in response to expiry of the timer.
  - 25. The method of claim 24, wherein preventing output of said encrypted authorisation code comprises deleting the stored validation information.
  - 26. The method of claim 24, further comprising resetting the timer when new user authentication data is entered.
  - 27. The method of claim 24, wherein the timer has a duration of approximately one day.
  - 28. The method of claim 21, further comprising storing one or more other authorisation codes in the personal authorisation device.
  - 29. The method of claim 22, wherein the personal authorisation device stores one or more other authorisation codes, wherein the method further comprises encrypting each of said one or more other authorisation codes with said encryption key to generate respective encrypted authorisation codes, wherein the method further comprises providing one of the respective encrypted authorisation codes as output in accordance response to determining that said status indication indicates that said validation information is the same as the PIN information stored in the personal authorisation device.
  - 30. The method of claim 28, further comprising:
    - encrypting a particular one of said one or more other authorisation codes with said encryption key to generate a corresponding encrypted authorisation code; and
      
      providing said corresponding encrypted authorisation code as output to the other device.
  - 31. The method of claim 28, wherein different ones of said one or more authorisation codes are associated with different account types, and wherein said method further comprises:
    - receiving an indication of an account type specified by a terminal;
      
      determining a particular authorisation code of the one or more other authorisation codes, wherein the particular one of said different account types to which the particular authorisation code is associated is the same as said particular account type specified by said terminal;
      
      encrypting said particular authorisation code with said encryption key to generate a particular encrypted authorisation code; and
      
      providing said particular encrypted authorisation code as output to the terminal.
  - 32. The method of claim 21, wherein the method further comprises receiving additional user authentication data, wherein the personal authorisation device further comprises a timer, wherein the method further comprises setting the timer in response to receiving said additional user authentication data, and wherein said disabling use of the personal authorisation device is not performed before expiry of the timer.
  - 33. The method of claim 32, wherein said timer has an expiry period of a few seconds.

34. A personal authorisation device wearable by a user, comprising:
- means for receiving user authentication data;
  
  means for generating validation information from said user authentication data by transforming said user authentication data via a one-way transformation, wherein said validation information comprises a result of said one-way transformation, wherein said user authentication data is not stored within said personal authorisation device;
  
  means for storing said validation information generated from the user authentication data in the personal authorisation device;
  
  means for accessing an authorisation code stored in the personal authorisation device and encrypting said authorisation code with an encryption key to generate an encrypted authorisation code, wherein said encryption key comprises said validation information generated from said user authentication data;
  
  means for enabling the user to gain access to a protected resource that is protected by an other device, wherein said enabling comprises providing said encrypted authorisation code as output from the personal authorisation device to said other device, wherein said other device and said resource are external to the personal authorisation device;
  
  means for detecting if the personal authorisation device is removed from the user wearing the personal authorisation device; and
  
  means for disabling use of the personal authorisation device in response to detecting such removal, wherein said disabling comprises preventing the output of said encrypted authorisation code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Williams, Emrys J.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
SAN JUAN, MARTINJERIKO P

Application Number

US10/818,988
Time in Patent Office

1,946 Days
Field of Search

None
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0853   using an additional device,...

H04W 12/06   Authentication

H04W 12/082   using revocation of authori...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/33   using wearable devices, e.g...

Personal authorisation device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

61 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

Personal authorisation device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others