Secure use of externally stored data

US 7,896,247 B2
Filed: 12/01/2008
Issued: 03/01/2011
Est. Priority Date: 12/01/2008
Status: Active Grant

First Claim

Patent Images

1. At a smart card reader, a method of making secure use of authentication data stored on a smart card read by said smart card reader, said method comprising:

receiving a response Application Protocol Data Unit (APDU) from said smart card, said response APDU including data related to a primary biometric template from said smart card, said response APDU indicating a destination;

extracting said data related to said primary biometric template from said smart card from said response APDU;

storing said data related to said primary biometric template from said smart card;

generating a filtered response APDU, wherein said filtered response APDU comprises a payload;

wherein said payload carries data related to a secondary biometric template and wherein said data related to said secondary biometric template is distinct from said data related to said primary biometric template; and

transmitting said filtered response APDU toward said destination.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card reader is adapted to extract and store authentication data from a response APDU received from a smart card before generating a filtered response APDU, wherein the filtered response APDU does not include the authentication data. Beneficially, when the smart card reader transmits the filtered response APDU toward a destination, the biometric template data is less susceptible to interception, thereby providing a more secure solution.

20 Citations

View as Search Results

12 Claims

1. At a smart card reader, a method of making secure use of authentication data stored on a smart card read by said smart card reader, said method comprising:
- receiving a response Application Protocol Data Unit (APDU) from said smart card, said response APDU including data related to a primary biometric template from said smart card, said response APDU indicating a destination;
  
  extracting said data related to said primary biometric template from said smart card from said response APDU;
  
  storing said data related to said primary biometric template from said smart card;
  
  generating a filtered response APDU, wherein said filtered response APDU comprises a payload;
  
  wherein said payload carries data related to a secondary biometric template and wherein said data related to said secondary biometric template is distinct from said data related to said primary biometric template; and
  
  transmitting said filtered response APDU toward said destination.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein said filtered response APDU comprises a header.
  - 3. The method of claim 1 wherein said data related to said primary biometric template comprises data related to a fingerprint template.
  - 4. The method of claim 1 further comprising:
    - receiving a command APDU from said destination; and
      
      generating a filtered command APDU based on said command APDU.

5. A smart card reader comprising:
- a storage component interface adapted to communicate with a smart card to receive a response Application Protocol Data Unit (APDU) from said smart card, said response APDU including data related to a primary biometric template from said smart card, said response APDU indicating a destination;
  
  a processor for executing a filter to extract said data related to said primary biometric template from said smart card from said response APDU and generate a filtered response APDU, wherein said filtered response APDU comprises a payload;
  
  wherein said payload carries data related to a secondary biometric template and wherein said data related to said secondary biometric template is distinct from said data related to said primary biometric template;
  
  memory adapted to store said data related to said primary biometric template from said smart card; and
  
  a short range communication subsystem adapted to transmit said filtered response APDU toward said destination.
- View Dependent Claims (6, 7, 8)
- - 6. The smart card reader of claim 5 wherein said filtered response APDU comprises a header.
  - 7. The smart card reader of claim 5 where said data related to said primary biometric template comprises data related to a fingerprint template.
  - 8. The smart card reader of claim 5 wherein:
    - said short range communication subsystem is further adapted to receive a command APDU from said destination; and
      
      said processor is adapted to execute a further filter to generate a filtered command APDU based on said command APDU.

9. A computer-readable medium containing computer-executable instructions that, when performed by processor in a smart card reader, cause said processor to:
- receive a response Application Protocol Data Unit (APDU) from a smart card, said response APDU including data related to a primary biometric template from said smart card, said response APDU indicating a destination;
  
  extract said data related to said primary biometric template from said smart card from said response APDU;
  
  store said data related to said primary biometric template from said smart card;
  
  generate a filtered response APDU, wherein said filtered response APDU comprises a payload;
  
  wherein said payload carries data related to a secondary biometric template and wherein said data related to said secondary biometric template is distinct from said data related to said primary biometric template; and
  
  transmit said filtered response APDU toward said destination.
- View Dependent Claims (10, 11, 12)
- - 10. The computer-readable medium of claim 9 wherein said filtered response APDU comprises a header.
  - 11. The computer-readable medium of claim 9 wherein said data related to said primary biometric template comprises data related to a fingerprint template.
  - 12. The computer-readable medium of claim 9 wherein said computer-executable instructions further cause said processor to:
    - receive a command APDU from said destination; and
      
      generate a filtered command APDU based on said command APDU.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Sibley, Richard Paul, Adams, Neil Patrick, Singh, Ravi
Primary Examiner(s)
Lee; Michael G
Assistant Examiner(s)
Mikels; Matthew

Application Number

US12/325,582
Publication Number

US 20100133342A1
Time in Patent Office

820 Days
Field of Search

None
US Class Current

235/439
CPC Class Codes

G06F 21/32 using biometric data, e.g. ...

G06F 21/34 involving the use of extern...

Secure use of externally stored data

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Secure use of externally stored data

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links