System and method for improving restrictiveness on accessing software applications

US 8,225,391 B2
Filed: 01/29/2007
Issued: 07/17/2012
Est. Priority Date: 01/31/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method for improving restrictiveness on using a software application, wherein access to the software application is restricted by requesting a personal identification number (PIN) from a user, comprising:

using a device having a memory, wherein the software application is stored in the memory;

requesting, from the user, to enter an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory;

using the original PIN as a seed number to create a true encryption key;

using the true encryption key to encrypt an application secret data into a ciphertext;

storing, in the memory, the ciphertext, wherein the ciphertext is never transmitted to a server; and

wherein;

any time the software application is accessed by any person, a PIN is requested from the accessing person, and the requested PIN is not validated by the software application;

the requested PIN, without any validation, is used as the seed number to create an encryption key;

the encryption key is used to decrypt the ciphertext;

using the decrypted ciphertext to compute a one-time-password, even if the requested PIN does not match the original PIN; and

using the one-time-password to access a targeted software application.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for improving the restrictiveness on accessing software applications on mobile devices, such as cell phones, are disclosed. In accordance with an exemplary embodiment, a computer-implemented system and method for improving the restrictiveness on accessing software applications comprises using a device having a memory, wherein the software application is stored in the memory and requesting, from the user, an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory. The invention further comprises using the original PIN as a seed number to create a true encryption key, using the true encryption key to encrypt an application secret data into a ciphertext and storing, in the memory, the ciphertext. The invention further comprises requesting a PIN from an accessing person that is accessing the targeted software application, wherein the requested PIN is not validated by the software application, using the requested PIN, without any validation, as the seed number to create an encryption key, and using the encryption key to decrypt the ciphertext.

Citations

13 Claims

1. A method for improving restrictiveness on using a software application, wherein access to the software application is restricted by requesting a personal identification number (PIN) from a user, comprising:
- using a device having a memory, wherein the software application is stored in the memory;
  
  requesting, from the user, to enter an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory;
  
  using the original PIN as a seed number to create a true encryption key;
  
  using the true encryption key to encrypt an application secret data into a ciphertext;
  
  storing, in the memory, the ciphertext, wherein the ciphertext is never transmitted to a server; and
  
  wherein;
  
  any time the software application is accessed by any person, a PIN is requested from the accessing person, and the requested PIN is not validated by the software application;
  
  the requested PIN, without any validation, is used as the seed number to create an encryption key;
  
  the encryption key is used to decrypt the ciphertext;
  
  using the decrypted ciphertext to compute a one-time-password, even if the requested PIN does not match the original PIN; and
  
  using the one-time-password to access a targeted software application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the PIN comprises a password.
  - 3. The method of claim 1, wherein the PIN comprises a combination of a password and a number.
  - 4. The method of claim 1, wherein the device comprises a cellular phone.
  - 5. The method of claim 4, wherein the device memory comprises an external appliance.
  - 6. The method of claim 5, wherein the external appliance comprises a subscriber identity module (SIM).
  - 7. The method of claim 5, wherein the external appliance comprises an universal serial bus (USB) connected device memory.
  - 8. The method of claim 5, wherein the external appliance comprises a wireless memory device.
  - 9. The method of claim 1, wherein the software application is configured to generate a dynamic identification code.
  - 10. The method of claim 1, wherein the software application is configured to generate a digital signature.
  - 11. The method of claim 1, wherein the software application is configured to generate an authentication code.
  - 12. The method of claim 1, wherein the software application is configured to encrypt and store data encrypted with the application secret data.
  - 13. The method of claim 1, wherein the software application is configured to establish an encrypted communication session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bouyant Holdings Limited
Original Assignee
Cidway Technologies, Ltd.
Inventors
Labaton, Isaac J
Primary Examiner(s)
MOORTHY, ARAVIND K

Application Number

US11/668,285
Publication Number

US 20070180234A1
Time in Patent Office

1,996 Days
Field of Search

726/19, 726/5, 726/7, 726/28, 726/29, 713/165, 713/168, 713/170, 713/184, 713/189, 380/255, 380/262, 380/44, 380/28
US Class Current

726/19
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0838   using one-time-passwords

H04L 9/0863   involving passwords or one-...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

System and method for improving restrictiveness on accessing software applications

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for improving restrictiveness on accessing software applications

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links