Secure software authenticator data transfer between processing devices
First Claim
1. A method comprising:
- establishing a network connection between a first processing device and a second processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by a first software authenticator provisioned on the first processing device to generate one or more passcodes;
encrypting the software authenticator data;
transferring the encrypted software authenticator data from the first processing device to the second processing device, the software authenticator data being configured to provision a second software authenticator on the second processing device;
initiating re-seeding of the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device;
receiving, at the first processing device from the second processing device, a confirmation indicating a successful transfer of the software authenticator data; and
removing the first software authenticator from the first processing device responsive to receipt of the confirmation;
wherein initiating re-seeding of the second software authenticator comprises registering the second processing device with a software authenticator management server;
wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and
wherein the code is configured to enable re-seeding of the second software authenticator.
9 Assignments
0 Petitions
Accused Products
Abstract
A method comprises establishing a network connection between the first processing device and the second processing device for transfer of data associated with a software authenticator from the first processing device to the second processing device, encrypting the software authenticator data with encryption that is separate from encryption used for the network connection, and transferring the encrypted software authenticator data from the first processing device to the second processing device. Another method comprises establishing the network connection between the first processing device and the second processing device for transfer of the software authenticator data, receiving encrypted data from the first processing device, wherein the encrypted data has encryption that is separate from encryption used for the network connection, decrypting the encrypted data to obtain data associated with a software authenticator and importing the software authenticator data into a software authenticator stored in a memory of the second processing device.
-
Citations
25 Claims
-
1. A method comprising:
-
establishing a network connection between a first processing device and a second processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by a first software authenticator provisioned on the first processing device to generate one or more passcodes; encrypting the software authenticator data; transferring the encrypted software authenticator data from the first processing device to the second processing device, the software authenticator data being configured to provision a second software authenticator on the second processing device; initiating re-seeding of the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; receiving, at the first processing device from the second processing device, a confirmation indicating a successful transfer of the software authenticator data; and removing the first software authenticator from the first processing device responsive to receipt of the confirmation; wherein initiating re-seeding of the second software authenticator comprises registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory processor-readable storage medium having instruction code embodied therein which when executed by a first processing device causes the first processing device:
-
to establish a network connection with a second processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by a first software authenticator provisioned on the first processing device to generate one or more passcodes; to encrypt the software authenticator data; to transfer the encrypted software authenticator data to the second processing device, the software authenticator data being configured to provision a second software authenticator on the second processing device; to initiate re-seeding of the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; to receive, from the second processing device, a confirmation indicating a successful transfer of the software authenticator data; and to remove the first software authenticator from the first processing device responsive to receipt of the confirmation; wherein initiating re-seeding of the second software authenticator comprises registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator.
-
-
10. An apparatus comprising:
-
a first processing device comprising; network interface circuitry; a memory configured to store data associated with a first software authenticator provisioned on the first processing device; and a processor coupled to the memory; the first processing device under control of the processor being configured to; establish a network connection via the network interface circuitry between the first processing device and a second processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by the first software authenticator provisioned on the first processing device to generate one or more passcodes; encrypt the software authenticator data; transfer the encrypted software authenticator data to the second processing device, the software authenticator data being configured to provision a second software authenticator on the second processing device; initiate re-seeding of the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; receive, from the second processing device, a confirmation indicating a successful transfer of the software authenticator data; and remove the first software authenticator from the first processing device responsive to receipt of the confirmation; wherein initiating re-seeding of the second software authenticator comprises registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator. - View Dependent Claims (11, 12, 13)
-
-
14. A method comprising:
-
establishing a network connection between a first processing device and a second processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by a first software authenticator provisioned on the first processing device to generate one or more passcodes; receiving encrypted data from the first processing device; decrypting the encrypted data to obtain the software authenticator data; importing the software authenticator data into a second software authenticator stored in a memory of the second processing device; provisioning the second software authenticator on the second processing device utilizing the software authenticator data; re-seeding the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; and sending a confirmation from the second processing device to the first processing device indicating a successful transfer of the software authenticator data; wherein receipt of the confirmation causes removal of the first software authenticator from the first processing device; wherein re-seeding of the second software authenticator is initiated responsive to registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A non-transitory processor-readable storage medium having instruction code embodied therein which when executed by a second processing device causes the second processing device:
-
to establish a network connection with a first processing device for transfer of software authenticator data from the first processing device to the second processing device, the software authenticator data comprising a seed value utilized by a first software authenticator provisioned on the first processing device to generate one or more passcodes; to receive encrypted data from the first processing device; to decrypt the encrypted data to obtain the software authenticator data; to import the software authenticator data into a second software authenticator stored in a memory of the second processing device; to provision the second software authenticator on the second processing device utilizing the software authenticator data; to re-seed the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; and to send a confirmation from the second processing device to the first processing device indicating a successful transfer of the software authenticator data; wherein receipt of the confirmation causes removal of the first software authenticator from the first processing device; wherein re-seeding of the second software authenticator is initiated responsive to registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator.
-
-
21. An apparatus comprising:
-
a first processing device comprising; network interface circuitry; a memory configured to store data associated with a first software authenticator; and a processor coupled to the memory; the first processing device under control of the processor being configured to; establish a network connection via the network interface circuitry between the first processing device and a second processing device for transfer of data associated with a software authenticator from the second processing device to the first processing device, the software authenticator data comprising a seed value utilized by a second software authenticator provisioned on the second processing device to generate one or more passcodes; receive encrypted data from the second processing device; decrypt the encrypted data to obtain the software authenticator data; import the software authenticator data into the first software authenticator stored in the memory; provision the first software authenticator on the first processing device utilizing the software authenticator data; re-seed the second software authenticator responsive to a successful provisioning of the second software authenticator on the second processing device; and send a confirmation from the second processing device to the first processing device indicating a successful transfer of the software authenticator data; wherein receipt of the confirmation causes removal of the first software authenticator from the first processing device; wherein re-seeding of the second software authenticator is initiated responsive to registering the second processing device with a software authenticator management server; wherein registering the second processing device causes the software authenticator management server to generate a code which is sent to the second processing device; and wherein the code is configured to enable re-seeding of the second software authenticator. - View Dependent Claims (22, 23, 24, 25)
-
Specification