×

Method and system for smartcard emulation

  • US 9,787,672 B1
  • Filed: 06/14/2013
  • Issued: 10/10/2017
  • Est. Priority Date: 03/15/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, by a security agent on a client device, a one-time password and a container PIN for a container, wherein the one-time password is generated at a device registered with the client device and entered into the security agent on the client device;

    validating, by the security agent on the client device, the container PIN;

    sending, by the security agent on the client device upon validation of the container PIN, a request to validate the one-time password to an authentication server, wherein the request comprises the one-time password, a credential ID associated with the registered device, a key ID associated with a private key, and a user ID associated with a user;

    receiving, by the security agent on the client device upon validation of the one-time password by the authentication server, a response from the authentication server, the response comprising a cloud portion of the private key identified via the key ID and an authorization to access a container portion of the private key stored locally in the container;

    combining the cloud portion of the private key with the container portion of the private key to construct the private key;

    sending, by the security agent on the client device to the authentication server, a request to validate a second one-time password, wherein validation of the second one-time password by the authentication server authorizes exportation of the container portion of the private key from the container to a second device;

    receiving, by the security agent on the client device, a response from the authentication server indicating that the second one-time password is valid, wherein exportation of the container portion of the private key to the second device is permitted upon receipt of the response; and

    exporting, from the security agent on the client device to the second device, the container portion of the private key.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×