Personal digital key initialization and registration for secure transactions
First Claim
1. A method of using a programming device to initialize a personal digital key (PDK) for use in secure authentication, comprising:
- reading, with the programming device, user information from a user PDK associated with a user, the user PDK separate from the programming device;
determining, with the programming device, a status of the user PDK based at least in part on a registry including data describing the status of the user PDK;
responsive to determining that the status of the user PDK is in good standing, determining, with the programming device, that the user is authorized for initialization;
reading, with the programming device, notary information from a notary PDK;
determining, with the programming device, that the notary PDK is authorized to witness the initialization;
acquiring, with the programming device, a biometric input from the user;
receiving, with the programming device, data from the notary PDK indicating that the notary PDK witnesses acquisition of the biometric input from the user by the programming device;
responsive to the user and notary PDK being authorized, generating, with the programming device, a biometric profile that includes the biometric input; and
storing the biometric profile on the user'"'"'s PDK.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A personal digital key (PDK) is programmed using a trusted programming device to initialize and/or register the PDK for use. In one embodiment, the initialization and registration processes are administered by a specialized trusted Notary to ensure the processes follow defined security procedures. In a biometric initialization, the programming device acquires a biometric input from a user and writes the biometric data to a tamperproof memory in the PDK. In registration, the Programmer communicates to one or more remote registries to create or update entries associated with the user PDK. Once initialized and registered, the PDK can be used for various levels of secure authentication processes.
-
Citations
23 Claims
-
1. A method of using a programming device to initialize a personal digital key (PDK) for use in secure authentication, comprising:
-
reading, with the programming device, user information from a user PDK associated with a user, the user PDK separate from the programming device; determining, with the programming device, a status of the user PDK based at least in part on a registry including data describing the status of the user PDK; responsive to determining that the status of the user PDK is in good standing, determining, with the programming device, that the user is authorized for initialization; reading, with the programming device, notary information from a notary PDK; determining, with the programming device, that the notary PDK is authorized to witness the initialization; acquiring, with the programming device, a biometric input from the user; receiving, with the programming device, data from the notary PDK indicating that the notary PDK witnesses acquisition of the biometric input from the user by the programming device; responsive to the user and notary PDK being authorized, generating, with the programming device, a biometric profile that includes the biometric input; and storing the biometric profile on the user'"'"'s PDK. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for programming a user'"'"'s personal digital key (PDK) for use in secure authentication, comprising:
-
a PDK interface adapted to receive user information from a user PDK separate from the apparatus and receive notary information from a notary PDK, the user PDK associated with a user; a biometric reader, the biometric reader adapted to acquire a biometric input from the user; and a processor coupled to the PDK interface and the biometric reader, the processor adapted to determine a status of the user PDK based at least in part on a remote registry including data describing the status of the user PDK, to determine that the user is authorized for an initialization based at least in part on the user information and responsive to determining that the status of the user PDK is in good standing, to determine that the notary PDK is authorized to witness an initialization based on the notary information, to receive data from the notary PDK indicating that the notary PDK witnesses acquisition of the biometric input from the user by the biometric reader and to instruct the PDK interface to write a biometric profile including the biometric input to the user PDK responsive to authorization of the user and of the notary PDK. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
Specification