OTP GENERATION USING A CAMOUFLAGED KEY

US 20140040629A1
Filed: 10/14/2013
Published: 02/06/2014
Est. Priority Date: 09/04/2009
Status: Active Grant

First Claim

Patent Images

1. A method of generating a user one-time passcode (OTP) for a provider account, the method comprising:

receiving a passcode application on a user device;

receiving a cardstring on the user device, wherein;

the cardstring is defined by the provider account, andthe cardstring comprises at least one key camouflaged with a personal identification number (PIN); and

wherein the passcode application is operable to generate a passcode configured as a user OTP for the provider account using the cardstring in combination with the PIN.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for generating a one-time passcode (OTP) from a user device. The method includes providing a passcode application and a cardstring defined by a provider account to the user device. The passcode application is configured to generate a passcode configured as a user OTP for the provider account, using the cardstring. The cardstring is defined by at least one key camouflaged with a personal identification number (PIN). The key may be camouflaged by modifying and encrypting the modified key under the PIN. The key may be configured as a symmetric key, a secret, a seed, and a controlled datum. The cardstring may be an EMV cardstring; and the key may be a UDKA or UDKB. The cardstring may be an OTP cardstring, and the key may be a secret configurable to generate one of a HOTP, a TOTP, and a counter-based OTP.

4 Citations

20 Claims

1. A method of generating a user one-time passcode (OTP) for a provider account, the method comprising:
- receiving a passcode application on a user device;
  
  receiving a cardstring on the user device, wherein;
  
  the cardstring is defined by the provider account, andthe cardstring comprises at least one key camouflaged with a personal identification number (PIN); and
  
  wherein the passcode application is operable to generate a passcode configured as a user OTP for the provider account using the cardstring in combination with the PIN.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising:
    - receiving the PIN on the user device;
      
      providing the PIN to the passcode application via the user device; and
      
      generating the user OTP on the user device using the passcode application, the PIN and the cardstring to generate the user OTP.
  - 3. The method of claim 1, wherein the at least one key is defined by the provider account and modified prior to being camouflaged with the PIN.
  - 4. The method of claim 1, wherein receiving the cardstring on the passcode application further comprises:
    - receiving an activation code for the provider account on the passcode application;
      
      accessing a provisioning server using the passcode application and the activation code; and
      
      receiving the cardstring on the passcode application from the provisioning server.
  - 5. The method of claim 1, wherein:
    - the at least one key comprises a first key and a second key; and
      
      each of the first key and the second key are;
      
      defined by the provider account; and
      
      a modified key camouflaged with the PIN.
  - 6. The method of claim 1, wherein the user device is a first user device, the method further comprising:
    - receiving the passcode application and the cardstring on a second user device such that both of the first and second user devices are configured to generate the user OTP using the passcode application; and
      
      receiving the PIN on either of the first and second user devices to generate the user OTP.
  - 7. The method of claim 1, further comprising:
    - receiving a data element on the passcode application; and
      
      generating the user OTP on the user device using the data element.
  - 8. The method of claim 1,wherein the user device is configured for communication with a network;
    - the method further comprising;
      
      accessing the network using the user device; and
      
      receiving the cardstring on the user device via the network.
  - 9. The method of claim 1, wherein the cardstring is configurable as an Eurocard, MasterCard and Visa (EMV) cardstring;
    - and the key is configurable as one of a Unique DEA Key A (UDKA) and a Unique DEA Key B (UDKB) key.
  - 10. The method of claim 1, wherein cardstring is configurable as an OTP cardstring;
    - and the key is configurable as a secret configurable to generate one of a standardized counter-based OTP (HOTP), a time-based OTP (TOTP), and a counter-based OTP.
  - 11. The method of claim 1, further comprising:
    - receiving another cardstring to the passcode application, wherein the passcode application is configured to generate another passcode configured as a user OTP for another provider account using the another cardstring;
      
      wherein the another cardstring is defined by at least another key; and
      
      wherein the at least another key is camouflaged with another PIN.
  - 12. The method of claim 11, further comprising:
    - receiving the another PIN on the user device;
      
      providing the another PIN to the passcode application via the user device; and
      
      generating the another passcode using the another cardstring in combination with the another PIN.
  - 13. The method of claim 11, further comprising:
    - receiving a plurality of passcode generating algorithms to the passcode application;
      
      receiving a plurality of cardstrings on the user device, wherein;
      
      each respective one of the plurality of cardstrings is defined by a respective one of a plurality of provider accounts, andeach respective one of the plurality of cardstrings is defined by at least one respective key that is camouflaged with a respective personal identification number (PIN); and
      
      wherein the passcode application is configured to generate a respective passcode configured as a respective user one time passcode (OTP) for each respective one of the plurality of provider accounts, using at least one of the plurality of passcode generating algorithms and the respective one of the plurality of cardstrings in combination with the respective one of the PINs.
  - 14. The method of claim 13, further comprising:
    - selecting one of the plurality of provider accounts;
      
      receiving the respective PIN for the selected one of the plurality of provider accounts to the passcode application; and
      
      generating the respective user OTP for the selected one of the plurality of provider accounts on the user device using the respective one of the plurality of cardstrings, the respective one of the PINS, and the at least one of the plurality of passcode generating algorithms.

15. A system for providing a one-time passcode (OTP) for a provider account, the system comprising:
- a user device comprising a passcode application and a cardstring, and configured to receive a personal identification number (PIN);
  
  wherein the cardstring is defined by at least one key that is camouflaged with the PIN; and
  
  wherein the passcode application is configured to generate a passcode configured as a user OTP for the provider account using the cardstring and the PIN.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein:
    - the user device is configured to communicate with a network; and
      
      the cardstring is received by the user device via the network.
  - 17. The system of claim 15, wherein the user device further comprises at least one passcode generating algorithm executable by the passcode application to generate the user OTP for the provider account.
  - 18. The system of claim 15,wherein the passcode application is configured to receive a data element;
    - andwherein the passcode application uses the data element to generate the user OTP for the provider account.
  - 19. The system of claim 15, the user device further comprising a user OTP counter;
    - wherein the passcode application is configured to increment the user OTP counter; and
      
      wherein one of the user device and the passcode application is configured to reset the user OTP counter to synchronize the user OTP counter with a provider OTP counter.
  - 20. The system of claim 15, wherein the at least one camouflaged key is configured as a modified key encrypted with the PIN;
    - andwherein the key which is modified is defined by the provider account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
Hird, Geoffrey R., Varadarajan, Rammohan

Granted Patent

US 8,850,218 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/184
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0838   using one-time-passwords

H04L 9/0863   involving passwords or one-...

H04L 9/3228   One-time or temporary data,...

OTP GENERATION USING A CAMOUFLAGED KEY

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

4 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

OTP GENERATION USING A CAMOUFLAGED KEY

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

4 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links