OTP generation using a camouflaged key

US 8,850,218 B2
Filed: 10/14/2013
Issued: 09/30/2014
Est. Priority Date: 09/04/2009
Status: Active Grant

First Claim

Patent Images

1. A method of generating a user one-time passcode (OTP) for a provider account, the method comprising:

receiving a passcode application on a user device;

receiving a cardstring on the user device, wherein;

the cardstring is defined by the provider account, andthe cardstring comprises a key camouflaged with a personal identification number (PIN);

receiving the PIN on the user device;

providing the PIN to the passcode application via the user device; and

generating, by the passcode application on the user device passcode that is a user OTP for the provider account, the generating the passcode that is the user OTP comprising using the cardstring in combination with the PIN.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for generating a one-time passcode (OTP) from a user device. The method includes providing a passcode application and a cardstring defined by a provider account to the user device. The passcode application is configured to generate a passcode configured as a user OTP for the provider account, using the cardstring. The cardstring is defined by at least one key camouflaged with a personal identification number (PIN). The key may be camouflaged by modifying and encrypting the modified key under the PIN. The key may be configured as a symmetric key, a secret, a seed, and a controlled datum. The cardstring may be an EMV cardstring; and the key may be a UDKA or UDKB. The cardstring may be an OTP cardstring, and the key may be a secret configurable to generate one of a HOTP, a TOTP, and a counter-based OTP.

33 Citations

View as Search Results

19 Claims

1. A method of generating a user one-time passcode (OTP) for a provider account, the method comprising:
- receiving a passcode application on a user device;
  
  receiving a cardstring on the user device, wherein;
  
  the cardstring is defined by the provider account, andthe cardstring comprises a key camouflaged with a personal identification number (PIN);
  
  receiving the PIN on the user device;
  
  providing the PIN to the passcode application via the user device; and
  
  generating, by the passcode application on the user device passcode that is a user OTP for the provider account, the generating the passcode that is the user OTP comprising using the cardstring in combination with the PIN.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the key is defined by the provider account and modified prior to being camouflaged with the PIN.
  - 3. The method of claim 1, wherein the receiving the cardstring on the user device further comprises:
    - receiving an activation code for the provider account on the passcode application;
      
      accessing a provisioning server using the passcode application and the activation code; and
      
      receiving the cardstring on the passcode application from the provisioning server.
  - 4. The method of claim 1, wherein the key is a first key:
    - the cardstring comprises the first key and a second key; and
      
      each of the first key and the second key are;
      
      defined by the provider account; and
      
      a modified key camouflaged with the PIN.
  - 5. The method of claim 1, wherein the user device is a first user device, the method further comprising:
    - receiving the passcode application and the cardstring on a second user device such that both of the first and second user devices are configured to generate the user OTP using the passcode application; and
      
      receiving the PIN on either the first user device or the second user device to generate the user OTP.
  - 6. The method of claim 1, further comprising:
    - receiving a data element on the passcode application on the user device; and
      
      generating the user OTP by the passcode application on the user device using the data element.
  - 7. The method of claim 1,wherein the user device is configured for communication with a network;
    - the method further comprising;
      
      accessing the network using the user device; and
      
      receiving the cardstring on the user device via the network.
  - 8. The method of claim 1, wherein the cardstring is configurable as a Eurocard, MasterCard or Visa (EMV) cardstring;
    - and the key is configurable as one of a Unique DEA Key A (UDKA) and a Unique DEA Key B (UDKB) key.
  - 9. The method of claim 1, wherein the cardstring is configurable as an OTP cardstring;
    - and the key is configurable as a secret configurable to generate one of a standardized counter-based OTP (HOTP), a time-based OTP (TOTP), or a counter-based OTP.
  - 10. The method of claim 1, further comprising:
    - receiving another cardstring to the passcode application, wherein the passcode application is configured to generate another passcode configured as a user OTP for another provider account using the another cardstring;
      
      wherein the other cardstring is defined by another key; and
      
      wherein the other key is camouflaged with another PIN.
  - 11. The method of claim 10, further comprising:
    - receiving the other PIN on the user device;
      
      providing the other PIN to the passcode application via the user device; and
      
      generating the other passcode using the other cardstring in combination with the another PIN.
  - 12. The method of claim 10, further comprising:
    - receiving a plurality of passcode generating algorithms to the passcode application;
      
      receiving a plurality of cardstrings on the user device, wherein;
      
      each respective one of the plurality of cardstrings is defined by a respective one of a plurality of provider accounts, andeach respective one of the plurality of cardstrings is defined by a respective key that is camouflaged with a respective personal identification number (PIN); and
      
      wherein the passcode application is configured to generate a respective passcode configured as a respective user one time passcode (OTP) for each respective one of the plurality of provider accounts, using at least one of the plurality of passcode generating algorithms and the respective one of the plurality of cardstrings in combination with the respective one of the PINs.
  - 13. The method of claim 12, further comprising:
    - selecting one of the plurality of provider accounts;
      
      receiving the respective PIN for the selected one of the plurality of provider accounts to the passcode application; and
      
      generating the respective user OTP for the selected one of the plurality of provider accounts on the user device using the respective one of the plurality of cardstrings, the respective one of the PINs, and the at least one of the plurality of passcode generating algorithms.

14. A user device for providing a one-time passcode (OTP) for a provider account, the device comprising:
- a memory that stores a passcode application; and
  
  a processor coupled to the memory, the processor executes the passcode application to;
  
  receive a cardstring and a personal identification number (PIN), the cardstring being defined by a key that is camouflaged with the PIN; and
  
  generate a passcode that is a user OTP for the provider account, the processor uses the cardstring in combination with the PIN to generate the passcode that is the user OTP for the provider account.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The user device of claim 14, wherein:
    - the user device is configured to communicate with a network; and
      
      the cardstring is received by the user device via the network.
  - 16. The user device of claim 14, wherein the memory further stores a passcode generating algorithm executable by the passcode application on the processor to generate the user OTP for the provider account.
  - 17. The user device of claim 14, wherein the processor, when executing the passcode application, further:
    - receives a data element; and
      
      uses the data element to generate the user OTP for the provider account.
  - 18. The user device of claim 14, wherein the memory further stores a user OTP counter, wherein the processor which when executing the passcode application further:
    - increments the user OTP counter; and
      
      resets the user OTP counter to synchronize the user OTP counter with a provider OTP counter.
  - 19. The user device of claim 14, wherein the camouflaged key is a modified key encrypted with the PIN, wherein the modified key is defined by the provider account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
Hird, Geoffrey R., Varadarajan, Rammohan
Primary Examiner(s)
Kim, Jung
Assistant Examiner(s)
Stoica, Adrian

Application Number

US14/053,097
Publication Number

US 20140040629A1
Time in Patent Office

351 Days
Field of Search

None
US Class Current

713/184
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0838   using one-time-passwords

H04L 9/0863   involving passwords or one-...

H04L 9/3228   One-time or temporary data,...

OTP generation using a camouflaged key

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

OTP generation using a camouflaged key

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links