| Patent application number | Description | Published |
|---|
| 20080227436 | METHOD AND SYSTEM FOR PROVIDING ENHANCED BROADCAST ADVERTISING - One example provides a broadcast device configured to display an advertisement for viewing by a user and a mobile client device configured to capture information relating to the advertisement from the broadcast device. The mobile client device determines whether the captured information is sufficient to allow the mobile client device to generate an electronic coupon. If it is, the mobile client device generates a coupon may be stored in the mobile client device and subsequently presented at a point-of-sale device as part of a transaction. If the captured information is insufficient, the mobile client device may request additional information from an advertiser server either directly or via the broadcast device. | 09-18-2008 |
| 20080229109 | HUMAN-RECOGNIZABLE CRYPTOGRAPHIC KEYS - A visual authentication scheme for websites is provided that binds an image to a website so that a user can by visually authenticate whether he/she is viewing an intended/trusted website. An authentication or cryptographic key (associated with a web page) is rendered as a unique key-identifying image or unique sequence of images. This key-identifying image(s) is then displayed to the user. The user associates this key-identifying image with the originator or source of the web page so that the user can easily recognize the originator by glancing at the key-identifying image. The association between the key-identifying image and the cryptographic/authentication key (and thereby the source of the web page) can be achieved similarly to brand awareness. | 09-18-2008 |
| 20080263117 | INITIAL SEED MANAGEMENT FOR PSEUDORANDOM NUMBER GENERATOR - A secure seeding and reseeding scheme is provided for pseudorandom number generators by using a pre-stored initialization seed. This scheme initializes a pseudorandom number generator into an unknown state even when entropy collection is unavailable. A primary seed file and a shadow seed file are maintained with initialization seed information in a secure file system. If the primary seed file is corrupted, the pseudorandom number generator is seeded with the content of the shadow seed file. Additionally, a trusted timer or clock may be mixed with the pre-stored initialization seed to add entropy even when the pre-stored seed information has been compromised. | 10-23-2008 |
| 20090003597 | Small Public-Key Based Digital Signatures for Authentication - Embodiments disclosed allow authentication between two entities having agreed on the use of a common modulus N. The authentication includes generating a pseudorandom string value; generating a public key value based on the modulus N and the pseudorandom string value; generating a private key value corresponding to the public key value; receiving a verifier's public key value; generating a shared secret value based on the modulus N, the private key value and the verifier's public key value; calculating an authentication signature value using the shared secret value; and transmitting the authentication signature value for authentication. When the authentication signature is received, the public key value and the shared value are generated to calculate an authentication signature value. Thereafter, the authentication signature values are compared and authenticated. | 01-01-2009 |
| 20090141890 | DIGITAL AUTHENTICATION OVER ACOUSTIC CHANNEL - Apparatus and method are disclosed for digital authentication and verification. In one embodiment, authentication involves storing a cryptographic key and a look up table (LUT), generating an access code using the cryptographic key; generating multiple parallel BPSK symbols based upon the access code; converting the BPSK symbols into multiple tones encoded with the access code using the LUT; and outputting the multiple tones encoded with the access code for authentication. In another embodiment, verification involves receiving multiple tones encoded with an access code; generating multiple parallel BPSK symbols from the multiple tones; converting the BPSK symbols into an encoded interleaved bit stream of the access code; de-interleaving the encoded interleaved bit stream; and recovering the access code from the encoded de-interleaved bit stream. | 06-04-2009 |
| 20090282243 | PUZZLE-BASED AUTHENTICATION BETWEEN A TOKEN AND VERIFIERS - A puzzle-based protocol is provided that allows a token and verifier to agree on a secure symmetric key for authentication between the token and verifier. A token stores a secret key and one or more puzzle-generating algorithms. The verifier independently obtains a plurality of puzzles associated with the token, pseudorandomly selects at least one of the puzzles, and solves it to obtain a puzzle secret and a puzzle identifier. The verifier generates a verifier key based on the puzzle secret. The verifier sends the puzzle identifier and an encoded version of the verifier key to the token. The token regenerates the puzzle secret using its puzzle-generating algorithms and the puzzle identifier. The token sends an encoded response to the verifier indicating that it knows the verifier key. The token and verifier may use the verifier key as a symmetric key for subsequent authentications. | 11-12-2009 |
| 20090282253 | NETWORK HELPER FOR AUTHENTICATION BETWEEN A TOKEN AND VERIFIERS - A network helper is provided that assists verifiers in executing a puzzle-based protocol for authentication of a token. A token stores a secret key and one or more puzzle-generating algorithms. The helper stores a plurality of puzzles associated with a particular token. When requested to do so by a verifier, the helper provides a plurality of pseudorandomly selected puzzles for the token to a verifier. The puzzles are encoded with information that is used between the verifier and token to establish a secured symmetric key. The verifier selects one or a few of the encoded puzzles and breaks them by a brute force attack. Because the helper does not know which puzzles have been selected, it has to break all puzzles to attempt to figure out the symmetric key. However, if a large number of puzzles are utilized, say millions, then breaking all of them becomes a computationally prohibitive task. | 11-12-2009 |
| 20100034385 | COMBINATIONAL COMBINER CRYPTOGRAPHIC METHOD AND APPARATUS - Another feature provides an efficient encryption method that safeguards the security of encrypted symbols. Each plaintext symbol is encrypted by using a separate pseudorandomly selected translation table. Rather than pre-storing every possible permutation of symbols as translation tables, the translation tables may be efficiently generated on-the-fly based on a pseudorandom number arid a symbol shuffling algorithm. A receiving device may similarly generate reverse translation tables on-the-fly to decrypt received encrypted symbols. | 02-11-2010 |
| 20100049615 | MOBILE COMMERCE AUTHENTICATION AND AUTHORIZATION SYSTEM - The mobile commerce authentication and authorization system disclosed, illustrated, and claimed allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the user of the mobile wireless communications instrument is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device. A transaction matching subsystem located in a wireless customer server hub may assist in processing the location data and the payment sum amount across the wireless communications network. | 02-25-2010 |
| 20100100933 | APPARATUS AND METHOD FOR TRANSITIONING ACCESS RIGHTS FOR ROLE-BASED ACCESS CONTROL COMPATIBILIITY - Disclosed is a method for transitioning access rights, in a remote station with role-based access control, for an unknown role having access rights defined by a central access control management module. In the method, a role capability table is maintained in the remote station specifying centrally-defined access rights of roles that are interpretable in the remote station. An access request associated with an unknown role that is not interpretable in the remote station is received. The access request includes a role transition list that relates the unknown role to other centrally-defined roles. At least one of the other centrally-defined roles is interpretable in the remote station. A role is selected, from the role transition list, that is interpretable in the remote station for interpreting the unknown role of the access request. Access is granted based on the access request associated with the unknown role using the access rights of the interpretable role selected from the role transition table. | 04-22-2010 |
| 20100198733 | Enabling Payment Using Paperless Image Of A Check - Payment or financial transactions are facilitated between two parties by utilizing mobile devices. A payor's mobile device may be adapted to generate an electronic/paperless version or image of a check. The payor may make the paperless image of a check out to a particular payee so that it can be cashed from the payor's checking account. The electronically-generated check may be in the form of an image than can be transmitted by the payor's mobile device to the recipient's mobile device. The payee then submits the received check, electronically or in paper form, to a financial institution for redemption. | 08-05-2010 |
| 20110107107 | Multisigning - A Protocol For Robust Multiple Party Digital Signatures - Embodiments describe a system and/or method for multiple party digital signatures. According to a first aspect a method comprises establishing a first validity range for a first key, establishing a first validity range for at least a second key, and determining if the validity range of the first key overlaps the first validity range of the at least a second key. A certificate is signed with the first validity range of the first key and the first validity range of the at least a second key if the validity ranges overlap. According to another embodiment, signage of the certificate is refused if the first validity range of the first key does not overlap with the first validity range of the at least a second key. | 05-05-2011 |
