Method and device for secure phone banking
First Claim
Patent Images
1. A method operational on a mobile communication device, comprising:
- initiating a call to a tele-services station, wherein an authentication key has been pre-arranged between the mobile communication device and the tele-services station;
receiving a pseudorandom authentication challenge from the tele-services station in response to initiating the call;
sending an authentication response to the tele-services station, wherein the authentication response is a function of the pseudorandom authentication challenge and the authentication key;
requesting sensitive information from the tele-services station; and
receiving the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station.
1 Assignment
0 Petitions
Accused Products
Abstract
A small form-factor security device is provided that may be inserted in series with a telephone line to encrypt dual tone multi-frequency (DTMF) tones from a telephone to prevent unauthorized disclosure of sensitive information. A receiving device decrypts the encrypted DTMF tones to receive the original information sent by the telephone. The security device acts as a second factor in a two-factor authentication scheme with a tele-services security server that authenticates the security device.
23 Citations
17 Claims
-
1. A method operational on a mobile communication device, comprising:
-
initiating a call to a tele-services station, wherein an authentication key has been pre-arranged between the mobile communication device and the tele-services station; receiving a pseudorandom authentication challenge from the tele-services station in response to initiating the call; sending an authentication response to the tele-services station, wherein the authentication response is a function of the pseudorandom authentication challenge and the authentication key; requesting sensitive information from the tele-services station; and receiving the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A mobile communication device, comprising:
-
means for initiating a call to a tele-services station, wherein an authentication key has been pre-arranged between the mobile communication device and the tele-services station; means for receiving a pseudorandom authentication challenge from the tele-services station in response to initiating the call; means for sending an authentication response to the tele-services station, wherein the authentication response is a function of the pseudorandom authentication challenge and the-authentication key; means for requesting sensitive information from the tele-services station; and means for receiving the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station. - View Dependent Claims (12, 13)
-
-
14. A mobile communication device, comprising:
-
a communication module for communicating over a wireless communication network; and a processing circuit coupled to the communication module, the processing circuit configured to initiate a call to a tele-services station, wherein an authentication key has been pre-arranged between the mobile communication device and the tele-services station; receive a pseudorandom authentication challenge from the tele-services station in response to initiating the call; send an authentication response to the tele-services station, wherein the authentication response is a function of the pseudorandom authentication challenge and the-authentication key; request sensitive information from the tele-services station; and receive the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station. - View Dependent Claims (15)
-
-
16. A non-transitory machine-readable medium having one or more instructions operational on a security device for securing information transmitted by a telephone, which when executed by a processor causes the processor to:
-
initiate a call to a tele-services station, wherein an authentication key has been pre-arranged between the mobile communication device and the tele-services station; receive a pseudorandom authentication challenge from the tele-services station in response to initiating the call; send an authentication response to the tele-services station, wherein the authentication response is a function of the pseudorandom authentication challenge and the-authentication key; request sensitive information from the tele-services station; and receive the requested sensitive information from the tele-services station if the authentication response is accepted by the tele-services station. - View Dependent Claims (17)
-
Specification