Mobile smartcard based authentication
First Claim
1. A method for processing authentication information in a smartcard reader, said method comprising:
- receiving, by the smartcard reader, a challenge from an authentication server via a first computing device connected to the authentication server via a network;
after said receiving the challenge, said smartcard reader transferring the challenge to a smartcard;
after said transferring the challenge to the smartcard, said smartcard reader receiving a response to the challenge from the smartcard, said response comprising an encryption of the challenge, said response comprising a first part and a second part, said encryption of the challenge having been generated through use of a private authentication key of a user;
in response to the smartcard reader having received the response from the smartcard, said smartcard reader sending the first part of the response to the authentication server via the first computing device;
after said sending the first part of the response to the authentication server, said smartcard reader obtaining the challenge from the authentication server via a second computing device connected to the authentication server via the network, said second computing device and said first computing device being different computing devices;
after said obtaining the challenge, said smartcard reader providing the challenge to the smartcard;
after said providing the challenge to the smartcard, said smartcard reader obtaining the response from the smartcard;
in response to the smartcard reader having obtained the response from the smartcard, displaying the second part of the response to the user via a user interface at the smartcard reader.
1 Assignment
0 Petitions
Accused Products
Abstract
In an authentication server, information representing a first part of a response to a challenge is received during the authentication preparation phase. The challenge and the first part of the response are stored for further use. The challenge is resent and information representing a second part of the response to the challenge is received during a modified authentication phase. The first and second parts of the response are checked against the challenge for authenticating the user. In a smartcard reader, the response received from the smartcard is sent to a computing device, when the smartcard reader received the challenge via an interface to the computing device during normal authentication. In response to the smartcard reader having received the challenge via the interface to the computing device during an authentication preparation phase, the smartcard reader sends the first part of the response to the computing device. In response to the smartcard reader having received the challenge via a user interface, it presents at least the second part of the response to a user via the user interface.
10 Citations
18 Claims
-
1. A method for processing authentication information in a smartcard reader, said method comprising:
-
receiving, by the smartcard reader, a challenge from an authentication server via a first computing device connected to the authentication server via a network; after said receiving the challenge, said smartcard reader transferring the challenge to a smartcard; after said transferring the challenge to the smartcard, said smartcard reader receiving a response to the challenge from the smartcard, said response comprising an encryption of the challenge, said response comprising a first part and a second part, said encryption of the challenge having been generated through use of a private authentication key of a user; in response to the smartcard reader having received the response from the smartcard, said smartcard reader sending the first part of the response to the authentication server via the first computing device; after said sending the first part of the response to the authentication server, said smartcard reader obtaining the challenge from the authentication server via a second computing device connected to the authentication server via the network, said second computing device and said first computing device being different computing devices; after said obtaining the challenge, said smartcard reader providing the challenge to the smartcard; after said providing the challenge to the smartcard, said smartcard reader obtaining the response from the smartcard; in response to the smartcard reader having obtained the response from the smartcard, displaying the second part of the response to the user via a user interface at the smartcard reader. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product, comprising a computer readable physically tangible storage device having computer readable program code stored therein, said program code configured to be executed by at least one processor of a data processing system to implement a method for processing authentication information in a smartcard reader comprised by the data processing system, said method comprising:
-
receiving, by the smartcard reader, a challenge from an authentication server via a first computing device connected to the authentication server via a network; after said receiving the challenge, said smartcard reader transferring the challenge to a smartcard; after said transferring the challenge to the smartcard, said smartcard reader receiving a response to the challenge from the smartcard, said response comprising an encryption of the challenge, said response comprising a first part and a second part, said encryption of the challenge having been generated through use of a private authentication key of a user; in response to the smartcard reader having received the response from the smartcard, said smartcard reader sending the first part of the response to the authentication server via the first computing device; after said sending the first part of the response to the authentication server, said smartcard reader obtaining the challenge from the authentication server via a second computing device connected to the authentication server via the network, said second computing device and said first computing device being different computing devices; after said obtaining the challenge, said smartcard reader providing the challenge to the smartcard; after said providing the challenge to the smartcard, said smartcard reader obtaining the response from the smartcard; in response to the smartcard reader having obtained the response from the smartcard, displaying the second part of the response to the user via a user interface at the smartcard reader. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A data processing system comprising at least one processor, a computer readable memory unit coupled to the processor, and a physically tangible storage device coupled to the processor, said storage device storing program code configured to be executed by the at least one processor via the memory unit to implement a method for processing authentication information in a smartcard reader comprised by the data processing system, said method comprising:
-
receiving, by the smartcard reader, a challenge from an authentication server via a first computing device connected to the authentication server via a network; after said receiving the challenge, said smartcard reader transferring the challenge to a smartcard; after said transferring the challenge to the smartcard, said smartcard reader receiving a response to the challenge from the smartcard, said response comprising an encryption of the challenge, said response comprising a first part and a second part, said encryption of the challenge having been generated through use of a private authentication key of a user; in response to the smartcard reader having received the response from the smartcard, said smartcard reader sending the first part of the response to the authentication server via the first computing device; after said sending the first part of the response to the authentication server, said smartcard reader obtaining the challenge from the authentication server via a second computing device connected to the authentication server via the network, said second computing device and said first computing device being different computing devices; after said obtaining the challenge, said smartcard reader providing the challenge to the smartcard; after said providing the challenge to the smartcard, said smartcard reader obtaining the response from the smartcard; in response to the smartcard reader having obtained the response from the smartcard, displaying the second part of the response to the user via a user interface at the smartcard reader. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification