Methods used in a mass storage device with automated credentials loading
First Claim
1. A method of accessing accounts of a user with a portable mass storage device, the method comprising:
- detecting a connecting of the portable mass storage device with a computer, the portable mass storage device comprising a portable memory card or a portable USB drive; and
thereaftercausing a connection to be established between the computer and a first entity; and
thereaftercausing a seed, to be used with a one time password generator implemented within the portable mass storage device, to be loaded into the portable mass storage device while it is connected to the computer;
launching a client application;
executing the client application using the computer;
sending a request from the client application to the portable mass storage device;
generating, in response to the request and within the portable mass storage device using the one time password generator, a one time password with the loaded seed;
causing the one time password to be transmitted to an institution along with user identifying information, thereby logging the user into one of said accounts so that the user can access his account.
3 Assignments
0 Petitions
Accused Products
Abstract
A portable mass storage device for use in two factor authentication systems and methods. A secure portable mass storage device protects content from being freely copied with security mechanisms and firmware. The security functionality also protects confidential user credentials and passwords, as well as algorithms and seeds needed for two factor authentication or asymmetric authentication methods. A client application residing in the mass storage device acts as both a password manager and an authentication manager that seamlessly performs the authentication procedures in the background while signing a user into various institutions of his choosing. A very high level of security is integrated into a mass storage device the user has for purposes other than two factor authentication, and the convenience of highly secure password management also comes in a convenient pocket sized package easy for the user to transport. This facilitates the acceptance of two factor authentication, and increases security for a wide variety of online transactions.
411 Citations
58 Claims
-
1. A method of accessing accounts of a user with a portable mass storage device, the method comprising:
-
detecting a connecting of the portable mass storage device with a computer, the portable mass storage device comprising a portable memory card or a portable USB drive; and
thereaftercausing a connection to be established between the computer and a first entity; and
thereaftercausing a seed, to be used with a one time password generator implemented within the portable mass storage device, to be loaded into the portable mass storage device while it is connected to the computer; launching a client application; executing the client application using the computer; sending a request from the client application to the portable mass storage device; generating, in response to the request and within the portable mass storage device using the one time password generator, a one time password with the loaded seed; causing the one time password to be transmitted to an institution along with user identifying information, thereby logging the user into one of said accounts so that the user can access his account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of automated credentials loading, comprising:
-
causing a portable mass storage device comprising a portable memory card or a portable USB drive to perform a one time password generation sequence that generates a one time password value, wherein causing the portable mass storage device to perform a one time password generation sequence includes launching a client application, executing the client application using a host to which the portable mass storage device is connected, sending a request from the client application to the portable mass storage device and wherein the one time password value is generated, in response to the request and within the portable mass storage device by a one time password generator implemented within the portable mass storage device; obtaining the one time password value from the portable mass storage device; retrieving one or more user credentials from a list of credentials stored in a secure memory area of the mass storage device; accessing a web site of an institution; entering into the web site of the institution the one or more user credentials and the one time password value. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A sign on method comprising:
-
inserting a portable mass storage device into a socket of a host device, said socket having electronic contacts and disposed for frequent insertion and removal of the portable mass storage device by a user of the device, the portable mass storage device comprising a portable memory card or a portable USB drive; launching a client application residing on the portable mass storage device; entering user identifying information and user secret information; selecting an institution in which to sign on; connecting to an authority; receiving, in the host device, a seed from the authority; receiving, in the host device, a device identifier from the authority; storing the seed in the mass storage device; storing the device identifier in the mass storage device; storing an institution identifier in the mass storage device; storing a count for use with the seed; and executing the client application using the host device; sending a request from the client application to the portable mass storage device; generating, in response to the request and within the portable mass storage device using a one time password generator within the portable mass storage device a one time password value based on the seed. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
46. A method of logging into an institution, comprising:
-
sensing the insertion of a portable mass storage device in a socket of a host device, said socket designed for frequent insertion and removal of the portable mass storage device by a user of the device, the portable mass storage device comprising a portable memory card or a portable USB drive; launching a client application residing on the portable mass storage device and executing the client application on the host device; retrieving a list of enrolled institutions stored in the mass storage device; selecting an institution from the list; retrieving a user identity, user secret, and an institution identifier stored in a memory of the mass storage device; sending a request from the client application to the portable mass storage device; generating, in response to the request, a one time password value within the portable mass storage device using a one time password generator implemented within the portable mass storage device; opening a user interface of the institution whose identifier was retrieved; causing the host device to enter the user identity, credentials, and the one time password value into the user interface of the institution, triggering the institution to pass a device identifier, and the one time password value to an authenticating entity, said authenticating entity thereafter passing an authentication status of the device to the institution. - View Dependent Claims (47, 48, 49, 50, 51, 52)
-
-
53. A method of logging into an institution with a portable mass storage device and a computer, the method comprising:
-
inserting the device into a receptacle of the computer; executing instructions residing in mass storage memory of the portable mass storage device, wherein the portable mass storage device comprises a portable memory card or a portable USB drive, wherein executing instructions residing in the mass storage device includes launching a client application and executing the client application using the computer, said client application causing the computer to request a one time password value from the portable mass storage device; said portable mass storage device generating, within the portable mass storage device using a one time password generator implemented within the portable mass storage device, a one time password value in response to the request from the computer, said instructions client application further causing the computer to provide a user identifier, a user secret, and the one time password value to the server to the institution, thus logging the user into the institution.
-
-
54. A method of accessing accounts of a user with a portable mass storage device, the method comprising:
-
detecting a connecting of the portable mass storage device with a computer, the portable mass storage device comprising a portable memory card or a portable USB drive; and
thereaftercausing a connection to be established between the computer and a first entity; and
thereaftercausing a seed, to be used with a one time password generator implemented within the portable mass storage device, to be loaded into the portable mass storage device while it is connected to the computer; generating within the portable mass storage device using the one time password generator, a one time password with the loaded seed; causing the one time password to be transmitted to an institution along with user identifying information, thereby logging the user into one of said accounts so that the user can access his account; and launching an application from the portable mass storage device and executing the application with the computer, wherein the application is configured to present to the user plural institutions for the user to access and wherein the one time password generator is configured to generate one time passwords for each of the institutions.
-
-
55. A method of automated credentials loading, comprising:
-
causing a portable mass storage device comprising a portable memory card or a portable USB drive to perform a one time password generation sequence that generates a one time password value, wherein the one time password value is generated within the portable mass storage device by a one time password generator implemented within the portable mass storage device; obtaining the time password value from the portable mass storage device; retrieving one or more user credentials from a list of credentials stored in a secure memory area of the mass storage device; accessing a web site of an institution; entering into the web site of the institution the one or more user credentials and the time password value; and launching an application from the portable mass storage device and executing the application on a host system to which the portable mass storage device is coupled, wherein the application is configured to present to a user plural institutions for the user to access and wherein the one time password generator is configured to generate, within the portable mass storage device, one time password values for each of the institutions.
-
-
56. A sign on method comprising:
-
inserting a portable mass storage device into a socket of a host device, said socket having electronic contacts and disposed for frequent insertion and removal of the portable mass storage device by a user of the device, the portable mass storage device comprising a portable memory card or a portable USB drive; launching an application residing on the portable mass storage device; entering user identifying information and user secret information; selecting an institution in which to sign on; connecting to an authority; receiving, in the host device, a seed from the authority; receiving, in the host device, a device identifier from the authority; storing the seed in the mass storage device; storing the device identifier in the mass storage device; storing an institution identifier in the mass storage device; storing a count for use with the seed; generating within the portable mass storage device using a one time password generator within the portable mass storage device a one time password value based on the seed; and presenting, using the application, plural institutions for a user to access and wherein the one time password generator is configured to generate, within the portable mass storage device, one time passwords for each of the institutions.
-
-
57. A method of logging into an institution, comprising:
-
sensing the insertion of a portable mass storage device in a socket of a host device, said socket designed for frequent insertion and removal of the portable mass storage device by a user of the device, the portable mass storage device comprising a portable memory card or a portable USB drive; launching an application residing on the portable mass storage device; retrieving a list of enrolled institutions stored in the mass storage device; selecting an institution from the list; retrieving a user identity, user secret, and an institution identifier stored in a memory of the mass storage device; generating a one time password value within the portable mass storage device using a one time password generator implemented within the portable mass storage device; opening a user interface of the institution whose identifier was retrieved;
causing the host device to enter the user identity, credentials, and the one time password value into the user interface of the institution,triggering the institution to pass a device identifier, and the one time password value to an authenticating entity, said authenticating entity thereafter passing an authentication status of the device to the institution; and presenting, using the application, plural institutions for the user to access and wherein the one time password generator is configured to generate, within the portable mass storage device, one time password values for each of the institutions to generate within the portable mass storage device.
-
-
58. A method of logging into an institution with a portable mass storage device and a computer, the method comprising:
-
inserting the device into a receptacle of the computer; executing instructions residing in mass storage memory of the portable mass storage device, wherein the portable mass storage device comprises a portable memory card or a portable USB drive, said instructions causing the computer to request a one time password value from the portable mass storage device; said portable mass storage device generating, within the portable mass storage device using a one time password generator implemented within the portable mass storage device, a one time password value in response to the request from the computer, said instructions further causing the computer to provide a user identifier, a user secret, and the one time password value to the server to the institution, thus logging the user into the institution; and wherein said instructions further cause the computer to present to the user plural institutions for the user to access and wherein the one time password generator is configured to generate, within the portable mass storage device, one time passwords for each of the institutions.
-
Specification