Field programmable smart card terminal and token device
First Claim
1. A handheld electronic smart card terminal capable of acting as a token device for allowing secure communication between a user and a remote application provided by a service provider, said handheld terminal comprising:
- a smart card reader adapted to receive and communicate with a smart card having data stored thereon;
a processor including a firewall to protect said smart card and configured to implement a token personality logic that is initially generic and to personalize the token personality logic with a token device personality subsequent to insertion of said smart card in said smart card reader, said token device personality dependent on said stored data;
a display for communicating a dynamic credential derived from said token device personality to said user for transmission to said remote application provided by a service provider;
a memory device storing at least one terminal application capable of being loaded and executed by said processor; and
an interface configured to transmit secured data from said terminal to a connected device, wherein said at least one terminal application includes a connected mode application that configures said token device in a connected mode such that said token device acts as a slave to a computer connected to said interface.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention defines a digital programmable smart card terminal device and token collectively known as the token device. The token device comprises a field programmable token device which accepts a users smart card. The combination of token device and smart card may then be used for a variety of applications that include user authentication, secure access, encryption. One specific application is that of an electronic wallet. The token device can be used both in connected and unconnected modes. In one embodiment, the invention comprises a field programmable electronic smart card terminal for allowing secure communication between a user and a host service, service provider, or application, comprising a token personality logic; and, a smart card reader adapted to receive and communicate with a smart card having stored thereon a user identification data, wherein with a smart card received by said smart card reader said token personality logic can generate a token device personality using said user authentication data; and, a communications mechanism for communicating an element of said token device personality to a service or application. Since the smart card terminal only gains its token personality when a smart card is inserted, manufacture and distribution of the terminal on a wide scale is possible.
49 Citations
81 Claims
-
1. A handheld electronic smart card terminal capable of acting as a token device for allowing secure communication between a user and a remote application provided by a service provider, said handheld terminal comprising:
-
a smart card reader adapted to receive and communicate with a smart card having data stored thereon; a processor including a firewall to protect said smart card and configured to implement a token personality logic that is initially generic and to personalize the token personality logic with a token device personality subsequent to insertion of said smart card in said smart card reader, said token device personality dependent on said stored data; a display for communicating a dynamic credential derived from said token device personality to said user for transmission to said remote application provided by a service provider; a memory device storing at least one terminal application capable of being loaded and executed by said processor; and an interface configured to transmit secured data from said terminal to a connected device, wherein said at least one terminal application includes a connected mode application that configures said token device in a connected mode such that said token device acts as a slave to a computer connected to said interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 33, 34, 35, 36, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80)
-
-
14. A handheld electronic smart card terminal capable of acting as a token device for allowing secure communication between a user and a remote application provided by a service provider, said handheld terminal comprising:
-
a smart card reader adapted to receive and communicate with a smart card having data stored thereon; an interface transmitting secured data from said terminal to a connected device; a processor configured to implement a token personality logic that is initially generic and to personalize the token personality logic with a token device personality subsequent to insertion of said smart card in said smart card reader, said token device personality dependent on said stored data, the processor including a firewall protecting said smart card; a display for communicating a dynamic credential derived from said token device personality to said user for transmission to said remote application provided by a service provider; and
,a memory device storing a least one terminal application capable of being loaded and executed by said processor; wherein said at least one application supports an electronic wallet. - View Dependent Claims (15)
-
-
16. A method of accessing a remote secure application, comprising:
-
receiving a handheld generic smart card terminal, wherein said handheld generic smart card terminal includes; a generic token personality logic; a smart card reader adapted to receive and communicate with a smart card; and a display for communicating token data derived from a token device personality to a user for transmission to said remote secure application; receiving at said smart card reader said smart card having data stored thereon; generating the token device personality based on said data stored on the smart card; deriving the token data from the generated token device personality; and accessing said remote secure application using said token data derived from said token device personality; wherein said terminal remains generic until said smart card is received and communicated with by said smart card reader, includes a clock, and said token data derived from said token device personality is also dependent on said clock. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 37, 38, 39, 40, 41, 42, 43, 44, 60, 61, 62, 63, 64, 65)
-
-
27. A method of providing a user, among a plurality of users, with secure access to a remote application of a service provider, comprising:
-
distributing to said plural users a different one of a plurality of generic handheld smart card terminals, wherein each of said generic handheld smart card terminals includes; a generic token personality logic; a smart card reader adapted to receive and communicate with a smart card; a display for communicating token data derived from a token device personality for said service provider remote application; and an interface, said interface for communicating with a client computer; a processor providing a firewall to protect said smart card; wherein any of said generic smart card terminals, in use, perform the following steps; receiving said smart card in said smart card reader, said smart card having data stored thereon; following said receiving at said smart card reader said smart card generating said token device personality using said stored data; deriving the token data from the generated token device personality; and assisting said user in accessing said secure remote application provided by said service provider by providing said token data derived from said token device personality to said user for said secure remote application; wherein said terminal remains generic until said smart card is received and has communicated with said smart card reader and wherein said token data derived from said token device personality comprises a one-time password. - View Dependent Claims (28, 29, 30, 31, 32, 45, 46, 47, 48, 49, 50, 51, 66, 67)
-
-
52. A method of accessing a secure remote application of a service provider, comprising:
-
receiving a handheld generic smart card terminal, wherein said handheld generic smart card terminal includes; a smart card reader adapted to receive and communicate with a smart card; a display for communicating data useful in accessing said secure remote application to a user of said handheld smart card terminal; and a clock; receiving said smart card; inserting said smart card into said smart card reader; following said inserting, generating said data useful in accessing said remote application by initiating operations within said smart card and obtaining smart card data by the terminal from the smart card, said generated data being also dependent on said clock; and accessing said secure remote application using said generated data. - View Dependent Claims (53, 54, 55, 56, 57, 58)
-
-
59. A method of providing a user, among a plurality of users, with secure access to a remote application of a service provider, comprising:
-
distributing to said plural users a different one of a plurality of generic handheld smart card terminals, wherein each of said generic handheld smart card terminals includes; a generic token personality logic; a smart card reader adapted to receive and communicate with a smart card; a display for communicating token data derived from a token device personality for said service provider remote application; wherein any of said generic smart card terminals, in use, perform the following steps; receiving said smart card in said smart card reader, said smart card having data stored thereon; following said receiving at said smart card reader said user smart card; generating said token device personality using said stored data; deriving the token data from the generated token device personality; and assisting said user in accessing said secure remote application provided by said service provider by providing said token data derived from said token device personality to said user for said secure remote application; wherein said terminal remains generic until said smart card is received and has communicated with said smart card reader and in which said terminal includes a clock and in which said token data derived from said token device personality is also dependent on said clock.
-
-
68. A method of accessing a remote secure application, comprising:
-
receiving a handheld generic smart card terminal, wherein said handheld generic smart card terminal includes; a generic token personality logic; a smart card reader adapted to receive and communicate with a smart card; a display for communicating token data derived from a token device personality to a user for transmission to said remote secure application; and an interface, said interface communicating with a client computer; receiving at said smart card reader said smart card having data stored thereon; generating the token device personality based on said data stored on the smart card; deriving the token data from the generated token device personality; and accessing said remote secure application using said token data derived from said token device personality; wherein said terminal remains generic until said smart card is received and communicated with by said smart card reader includes a processor providing a firewall to protect said smart card. - View Dependent Claims (81)
-
Specification