Method for personalizing an authentication token
DCFirst Claim
Patent Images
1. A method for personalizing an authentication token comprising:
- entering by the authentication token into personalization mode;
requesting from the authentication token, by a personalization device in communication with the authentication token, a serial number of the authentication token;
encrypting by the personalization device the serial number using a personalization key, and forwarding the encrypted serial number to the authentication token from the personalization device;
decrypting by the authentication token of the encrypted serial number, and validating by the authentication token that the personalization key is correct;
establishing an encrypted session between the authentication token and the personalization device using a transport key;
sending to the authentication token, by the personalization device, an initial seed value and an initial secret key using the transport key to encrypt the initial seed value and the initial secret key, the initial seed value and the initial secret key for facilitating an initial interaction between the authentication token and an interface device; and
storing by the authentication token the initial seed value and the initial secret key after decryption thereof by the authentication token using the transport key, wherein, once the authentication token is personalized with the initial seed value and the initial secret key, the authentication token can no longer enter the personalization mode.
4 Assignments
Litigations
0 Petitions
Accused Products
Abstract
An authentication token using a smart card that an organization would issue to its customer, the smart card having a processor for executing a software application that is responsive to a user input to generate a one-time password as an output. The smart card co-operates with an interface device for inputting the user input and displaying the one-time password. The authentication token may be used in combination with a remote authentication server for validation of the password and hence authentication of the user.
-
Citations
4 Claims
-
1. A method for personalizing an authentication token comprising:
-
entering by the authentication token into personalization mode; requesting from the authentication token, by a personalization device in communication with the authentication token, a serial number of the authentication token; encrypting by the personalization device the serial number using a personalization key, and forwarding the encrypted serial number to the authentication token from the personalization device; decrypting by the authentication token of the encrypted serial number, and validating by the authentication token that the personalization key is correct; establishing an encrypted session between the authentication token and the personalization device using a transport key; sending to the authentication token, by the personalization device, an initial seed value and an initial secret key using the transport key to encrypt the initial seed value and the initial secret key, the initial seed value and the initial secret key for facilitating an initial interaction between the authentication token and an interface device; and storing by the authentication token the initial seed value and the initial secret key after decryption thereof by the authentication token using the transport key, wherein, once the authentication token is personalized with the initial seed value and the initial secret key, the authentication token can no longer enter the personalization mode. - View Dependent Claims (2, 3, 4)
-
Specification