Method and system for performing a transaction and for performing a verification of legitimate access to, or use of digital data

  • US 11,063,766 B2
  • Filed: 06/14/2004
  • Issued: 07/13/2021
  • Est. Priority Date: 06/13/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method for performing an electronic transaction between a first transaction party and a second transaction party using an electronic device operated by the first transaction party, the electronic device having an operating system creating a run-time environment for user applications and authentication software running in a separate operating environment, independent from and inaccessible to the operating system, the electronic device having a memory comprising storage locations, part of the memory being accessible to the operating system, part of the memory being a secure area,wherein the electronic device comprises a system for accessing a memory location in the memory, wherein the system for accessing the memory location is configured to selectively report the storage locations of the secure area, wherein the storage locations are not reported to the operating system while at the same time being reported to the authentication software running in the separate operating environment, the method comprising:

  • providing a private key in the secure area of the electronic device which private key is inaccessible to a user of the electronic device, wherein the secure area is inaccessible to the operating system of the electronic device, thereby rendering the private key inaccessible to the user;

    providing authentication software in the electronic device, the private key being accessible to the authentication software, wherein the authentication software is stored in the secure area inaccessible to the operating system;

    activating the authentication software to generate a digital signature from the private key, wherein the authentication software is run in a secure processing environment inaccessible to the operating system; and

    providing by the electronic device the digital signature to the second transaction party.

View all claims

    Thank you for your feedback