User terminal for password-based authentication, and password-based trading terminal, system, and method

US 9,722,994 B2
Filed: 05/11/2012
Issued: 08/01/2017
Est. Priority Date: 04/12/2012
Status: Active Grant

First Claim

Patent Images

1. A user terminal for password-based authentication, comprising a password generation module, a first near field communication module, a first password management module, a user interface, a non-transitory computer readable storage medium, and a hardware processor performing instructions stored in the non-transitory computer readable storage medium;

the hardware processor performing following steps using the instructions;

displaying information, which indicates “

input password”

, to a user through the user interface, after receiving a password input by the user, generating the password by the password generation module,converting, by the first near field communication module, the password into near field communication label data, and then sending to a password-based trading terminal through near field communication;

sending, by the password generation module, a trigger signal to the first password management module after the password is generated;

setting, by the first password management module, a valid time of the password and beginning to time under the trigger of the password generation module, and detecting whether the first near field communication module finishes sending the near field communication label data when the valid time is reached, if the first near field communication module does not finish sending the near field communication label data within the valid time, then notifying the first near field communication module to delete the near field communication label data not sent to the password-based trading terminal, and triggering the password generation module to regenerate the password; and

before the password generation module regenerates the password, displaying information, which indicates “

input the password again”

, to the user through the user interface, and waiting to receive the password input by the user;

wherein the hardware processor further performs following steps using the instructions;

when detecting that the first near field communication module finishes sending the near field communication label data when the valid time is reached, judging, by the first password management module, whether the password generation module stores the generated password, and deleting the stored password if the generated password is stored;

wherein the user terminal is comprised in a password-based authentication system comprising a password-based trading terminal, wherein the password-based trading terminal comprises a second near field communication module, a password authorization module, and a second non-transitory computer readable storage medium, and a second hardware processor performing instructions stored in the non-transitory second computer readable storage medium;

the second hardware processor performing following steps using the instructions of the non-transitory second computer readable storage medium;

restoring, by the second near field communication module, near field communication label data sent by the user terminal through near field communication to the password and then sending to the password authorization module; and

verifying, by the password authorization module, validity of the password from the second near field communication module;

the password-based trading terminal further comprises a second password management module, wherein the second hardware processor further performs the following step using the instructions;

after knowing that the password authorization module finishes a verification, deleting, by the second password management module, the verified password stored in the password authorization module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user terminal, a password-based trading terminal, a system and a method for password-based authentication are provided. Wherein, the user terminal comprises a password generation module and a first near field communication module. The password generation module is configured to generate a password. The first near field communication module is configured to convert the generated password into near field communication label data, and then send the data to a password-based trading terminal through near field communication. The present application effectively ensures password security during the password-based authentication.

Citations

3 Claims

1. A user terminal for password-based authentication, comprising a password generation module, a first near field communication module, a first password management module, a user interface, a non-transitory computer readable storage medium, and a hardware processor performing instructions stored in the non-transitory computer readable storage medium;
- the hardware processor performing following steps using the instructions;
  
  displaying information, which indicates “
  
  input password”
  
  , to a user through the user interface, after receiving a password input by the user, generating the password by the password generation module,converting, by the first near field communication module, the password into near field communication label data, and then sending to a password-based trading terminal through near field communication;
  
  sending, by the password generation module, a trigger signal to the first password management module after the password is generated;
  
  setting, by the first password management module, a valid time of the password and beginning to time under the trigger of the password generation module, and detecting whether the first near field communication module finishes sending the near field communication label data when the valid time is reached, if the first near field communication module does not finish sending the near field communication label data within the valid time, then notifying the first near field communication module to delete the near field communication label data not sent to the password-based trading terminal, and triggering the password generation module to regenerate the password; and
  
  before the password generation module regenerates the password, displaying information, which indicates “
  
  input the password again”
  
  , to the user through the user interface, and waiting to receive the password input by the user;
  
  wherein the hardware processor further performs following steps using the instructions;
  
  when detecting that the first near field communication module finishes sending the near field communication label data when the valid time is reached, judging, by the first password management module, whether the password generation module stores the generated password, and deleting the stored password if the generated password is stored;
  
  wherein the user terminal is comprised in a password-based authentication system comprising a password-based trading terminal, wherein the password-based trading terminal comprises a second near field communication module, a password authorization module, and a second non-transitory computer readable storage medium, and a second hardware processor performing instructions stored in the non-transitory second computer readable storage medium;
  
  the second hardware processor performing following steps using the instructions of the non-transitory second computer readable storage medium;
  
  restoring, by the second near field communication module, near field communication label data sent by the user terminal through near field communication to the password and then sending to the password authorization module; and
  
  verifying, by the password authorization module, validity of the password from the second near field communication module;
  
  the password-based trading terminal further comprises a second password management module, wherein the second hardware processor further performs the following step using the instructions;
  
  after knowing that the password authorization module finishes a verification, deleting, by the second password management module, the verified password stored in the password authorization module.

2. A method for password-based authentication, used for a user terminal and a password-based trading terminal, the method comprising following steps performing by the user terminal:
- displaying information, which indicates “
  
  input password”
  
  , to a user through a user interface of the user terminal;
  
  after receiving a password input by the user, generating the password; and
  
  converting the password into near field communication label data, and then sending to a password-based trading terminal through near field communication;
  
  wherein, the method further comprises following steps performing by the user terminal;
  
  setting a valid time of the password and beginning to time after the password is generated, and detecting whether sending the near field communication label data is finished after the valid time is reached;
  
  if sending the near field communication label data is not finished within the valid time, then deleting the near field communication label data not sent to the password-based trading terminal, and regenerating the password;
  
  wherein the regenerating the password comprises;
  
  displaying information, which indicates “
  
  input the password again”
  
  , to the user through the user interface, and waiting to receive the password input by the user;
  
  wherein the method further comprises following steps performing by the user terminal;
  
  when detecting that sending the near field communication label data is finished after the valid time is reached, judging whether the password is stored after the password is generated; and
  
  deleting the stored password if the password is stored after the password is generated;
  
  wherein the method further comprises following steps performing by the password-based trading terminal;
  
  restoring the near field communication label data sent by the user terminal through near field communication to the password;
  
  verifying validity of the password; and
  
  after finishing the verifying, deleting the verified password.

3. A password-based authentication system, comprising a user terminal and a password-based trading terminalwherein the user terminal comprises a password generation module, a first near field communication module, a first password management module, a user interface, a non-transitory computer readable storage medium, and a hardware processor performing instructions stored in the non-transitory computer readable storage medium;
- the hardware processor performing following steps using the instructions;
  
  displaying information, which indicates “
  
  input password”
  
  , to a user through the user interface, after receiving a password input by the user, generating the password by the password generation module,converting, by the first near field communication module, the password into near field communication label data, and then sending to a password-based trading terminal through near field communication;
  
  sending, by the password generation module, a trigger signal to the first password management module after the password is generated;
  
  setting, by the first password management module, a valid time of the password and beginning to time under the trigger of the password generation module, and detecting whether the first near field communication module finishes sending the near field communication label data when the valid time is reached, if the first near field communication module does not finish sending the near field communication label data within the valid time, then notifying the first near field communication module to delete the near field communication label data not sent to the password-based trading terminal, and triggering the password generation module to regenerate the password; and
  
  before the password generation module regenerates the password, displaying information, which indicates “
  
  input the password again”
  
  , to the user through the user interface, and waiting to receive the password input by the user;
  
  wherein the hardware processor further performs following steps using the instructions;
  
  when detecting that the first near field communication module finishes sending the near field communication label data when the valid time is reached, judging, by the first password management module, whether the password generation module stores the generated password, and deleting the stored password if the generated password is stored;
  
  wherein the password-based trading terminal comprises a second near field communication module, a password authorization module, and a second non-transitory computer readable storage medium, and a second hardware processor performing instructions stored in the second non-transitory computer readable storage medium;
  
  the second hardware processor performing following steps using the instructions of the non-transitory second computer readable storage medium;
  
  restoring, by the second near field communication module, near field communication label data sent by the user terminal through near field communication to the password and then send to the password authorization module; and
  
  verifying, by the password authorization module, validity of the near field communication label data from the second near field communication module;
  
  the password-based trading terminal further comprises a second password management module, wherein the second hardware processor further performs the following step using the instructions of the non-transitory second computer readable storage medium;
  
  after knowing that the password authorization module finishes a verification, deleting by the second password management module, the verified password stored in the password authorization module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZTE Corporation
Original Assignee
ZTE Corporation
Inventors
Wei, Pan, Yang, Jie, Fu, Qihong, Zhao, Dong, Zhu, Yuan, Zhang, Zhiping, Fan, Yong
Primary Examiner(s)
GRACIA, GARY S

Application Number

US14/391,789
Publication Number

US 20150082403A1
Time in Patent Office

1,908 Days
Field of Search

726 7
US Class Current
CPC Class Codes

G06F 21/35   communicating wirelessly

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/4012   Verifying personal identifi...

H04B 5/77   for interrogation

H04L 63/0492   by using a location-limited...

H04L 63/083   using passwords cryptograph...

H04L 63/0846   using time-dependent-passwo...

H04W 12/068   using credential vaults, e....

H04W 4/80   Services using short range ...

User terminal for password-based authentication, and password-based trading terminal, system, and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

3 Claims

Specification

Solutions

Use Cases

Quick Links

User terminal for password-based authentication, and password-based trading terminal, system, and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

3 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links