Portable security transaction protocol
First Claim
Patent Images
1. A computer-implemented method, comprising:
- transmitting, using a programmed computer, an initiation request to a recipient;
generating, at the programmed computer, a message integrity component, wherein the message integrity component comprises a message integrity key, and wherein the message integrity component protects data against unauthorized modification;
generating, at the programmed computer, a user authentication component, wherein the user authentication component comprises a user authentication key for uniquely authenticating the recipient, and wherein the user authentication key is displayed on an external device;
encrypting, at the programmed computer, the message integrity key and the user authentication key into a key management component, wherein the entropy of the user authentication key is less than the entropy of the message integrity key, and wherein the key management component is transmitted to the recipient to securely transport the message integrity key and the user authentication key; and
uploading, using the programmed computer, transaction data to the recipient for validation, wherein validation comprises cross-referencing the uploaded transaction data with the message integrity component.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique for providing message authenticity includes accepting transaction information, accepting a first data item used for authenticating an originating user, cryptographically processing the transaction information using only a second data item, wherein the entropy of the first data item is less than the entropy of the second data item, and authenticating the originating user using the first data item. The first data item can be a sequence of digits corresponding to those displayed on an external device, such as, for example, an RSA authorization token, credit card, etc.
-
Citations
15 Claims
-
1. A computer-implemented method, comprising:
-
transmitting, using a programmed computer, an initiation request to a recipient; generating, at the programmed computer, a message integrity component, wherein the message integrity component comprises a message integrity key, and wherein the message integrity component protects data against unauthorized modification; generating, at the programmed computer, a user authentication component, wherein the user authentication component comprises a user authentication key for uniquely authenticating the recipient, and wherein the user authentication key is displayed on an external device; encrypting, at the programmed computer, the message integrity key and the user authentication key into a key management component, wherein the entropy of the user authentication key is less than the entropy of the message integrity key, and wherein the key management component is transmitted to the recipient to securely transport the message integrity key and the user authentication key; and uploading, using the programmed computer, transaction data to the recipient for validation, wherein validation comprises cross-referencing the uploaded transaction data with the message integrity component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer system, comprising:
-
a computer-readable memory; and a processor communicatively coupled to the computer-readable memory, the processor programmed to; transmit an initiation request to a recipient; generate a message integrity component, wherein the message integrity component comprises a message integrity key, and wherein the message integrity component protects data against unauthorized modification; generate a user authentication component, wherein the user authentication component comprises a user authentication key for uniquely authenticating the recipient, and wherein the user authentication key is displayed on an external device; encrypt the message integrity key and the user authentication key into a key management component, wherein the entropy of the user authentication key is less than the entropy of the message integrity key, and wherein the key management component is transmitted to the recipient to securely transport transports the message integrity key and the user authentication key; and upload transaction data to the recipient for validation, wherein validation comprises cross-referencing the uploaded transaction data with the message integrity component.
-
-
15. A non-transitory computer-readable storage medium carrying one or more sequences of instructions for implementing a method, wherein execution of the one or more sequences of instructions by one or more computers causes the one or more computers to perform the steps of:
-
transmitting an initiation request to a recipient; generating a message integrity component, wherein the message integrity component comprises a message integrity key, and wherein the message integrity component protects data against unauthorized modification; generating a user authentication component, wherein the user authentication component comprises a user authentication key for uniquely authenticating the recipient, and wherein the user authentication key is displayed on an external device; encrypting the message integrity key and the user authentication key into a key management component, wherein the entropy of the user authentication key is less than the entropy of the message integrity key, and wherein the key management component is transmitted to the recipient to securely transport the message integrity key and the user authentication key; and uploading transaction data to the recipient for validation, wherein validation comprises cross-referencing the uploaded transaction data with the message integrity component.
-
Specification