System and method for improving restrictiveness on accessing software applications
First Claim
1. A method for improving restrictiveness on using a software application, wherein access to the software application is restricted by requesting a personal identification number (PIN) from a user, comprising:
- using a device having a memory, wherein the software application is stored in the memory;
requesting, from the user, to enter an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory;
using the original PIN as a seed number to create a true encryption key;
using the true encryption key to encrypt an application secret data into a ciphertext;
storing, in the memory, the ciphertext, wherein the ciphertext is never transmitted to a server; and
wherein;
any time the software application is accessed by any person, a PIN is requested from the accessing person, and the requested PIN is not validated by the software application;
the requested PIN, without any validation, is used as the seed number to create an encryption key;
the encryption key is used to decrypt the ciphertext;
using the decrypted ciphertext to compute a one-time-password, even if the requested PIN does not match the original PIN; and
using the one-time-password to access a targeted software application.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for improving the restrictiveness on accessing software applications on mobile devices, such as cell phones, are disclosed. In accordance with an exemplary embodiment, a computer-implemented system and method for improving the restrictiveness on accessing software applications comprises using a device having a memory, wherein the software application is stored in the memory and requesting, from the user, an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory. The invention further comprises using the original PIN as a seed number to create a true encryption key, using the true encryption key to encrypt an application secret data into a ciphertext and storing, in the memory, the ciphertext. The invention further comprises requesting a PIN from an accessing person that is accessing the targeted software application, wherein the requested PIN is not validated by the software application, using the requested PIN, without any validation, as the seed number to create an encryption key, and using the encryption key to decrypt the ciphertext.
-
Citations
13 Claims
-
1. A method for improving restrictiveness on using a software application, wherein access to the software application is restricted by requesting a personal identification number (PIN) from a user, comprising:
-
using a device having a memory, wherein the software application is stored in the memory; requesting, from the user, to enter an original PIN, wherein the original PIN is not stored in the memory and any information about the original PIN is not stored in the memory; using the original PIN as a seed number to create a true encryption key; using the true encryption key to encrypt an application secret data into a ciphertext; storing, in the memory, the ciphertext, wherein the ciphertext is never transmitted to a server; and wherein; any time the software application is accessed by any person, a PIN is requested from the accessing person, and the requested PIN is not validated by the software application; the requested PIN, without any validation, is used as the seed number to create an encryption key; the encryption key is used to decrypt the ciphertext; using the decrypted ciphertext to compute a one-time-password, even if the requested PIN does not match the original PIN; and using the one-time-password to access a targeted software application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification