20150113283 | PROTECTING CREDENTIALS AGAINST PHYSICAL CAPTURE OF A COMPUTING DEVICE - A method of activating credentials that are stored encrypted while inactive. In one embodiment a decryption key is retrieved from a key storage service after the device authenticates to the service by sending a passcode and/or a biometric key, a public key and a signature computed with a private key, the service verifying the signature and comparing a hash of the public key and the passcode and/or biometric key to a reference hash. | 04-23-2015 |