Patent application number | Description | Published |
20090193511 | TWO-FACTOR USB AUTHENTICATION TOKEN - The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices. By using only symmetric encryption and the low-speed USB protocol, a single low-performance processor may be used, which results in a more cost-effective solution than PKI USB tokens emulating the combination of smart cards and smart card readers or USB tokens presenting themselves to the host computer as mass storage devices. The overall security is increased by adding a second authentication factor consisting of a static password entered by the user, and by limiting the number of valid token response that can be generated or retrieved in a usage session. | 07-30-2009 |
20090232515 | METHOD AND AN APPARATUS TO CONVERT A LIGHT SIGNAL EMITTED BY A DISPLAY INTO DIGITAL SIGNALS - The present invention provides a method and a device to convert a time varying optical pattern emitted by a display into a digital data signal. More specifically the invention allows a handheld security token to convert a time-varying light intensity pattern emitted by a source such as a computer screen into a digital signal including a sequence of coded data symbols. The invention is based on the insight that the intensity of light emitted by regions of said source can be easily sampled by a simple low-cost processor if appropriate A/D conversion hardware converts the incident light into an electrical signal which is time varying, whereby the base frequency of this electrical signal is a function of the light intensity. Intensity levels used for channel coding and symbol clock can be recovered from the signal by the receiver. The invention comprises measuring this electrical signal, transforming sets of measurements into intensity samples for a plurality of sampling windows, adaptively calculating discrete intensity levels from these intensity samples, assigning intensity levels to the sampling windows, detecting symbol period boundaries, and decoding the symbols. | 09-17-2009 |
20090322766 | Method for transmission of a digital message from a display to a handheld receiver - The invention relates to a method to efficiently transmit a digital message over a unidirectional optical link, such as the link between a computer screen and a security token equipped with photosensitive elements. It is an object of this invention to provide a source coding scheme that is optimized for transmissions of alphanumerical data containing frequent occurrences of numerals and less frequent occurrences of non-numerical data. This is achieved by using a modified Huffman code for source coding, consisting of a nibble-based prefix-free binary code. The output of the coder is efficiently mapped onto a 6B4T channel code, wherein unused ternary codewords can be used to signal data-link layer events. This efficient signalling of data-link layer events, in turn, allows for a synchronization scheme based on repeated transmissions of a finite-length message, combined with an out-of-band clock signal. | 12-31-2009 |
20110007846 | Modulation and Demodulation Circuit - The invention relates to the field of modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals and amplitude-shift-keying (ASK) signals. By judiciously coupling an analog circuit comprising one resistor and two capacitors which are judiciously dimensioned to a port of a digital component, an extremely compact envelope detector can be obtained, which achieves demodulation of a binary ASK signal for direct coupling into a digital input port. Accordingly, a very compact envelope detector may advantageously be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive coupling, capacitive coupling, or radiative coupling. An example of such a device is a credit card sized authentication token, the electrical personalization of which happens after the production of the card-like housing. The digital port may additionally be used to modulate the backscattered wave, by switching the voltage of the diode port to the system ground level. In this way, the apparatus is advantageously equipped with a wireless bidirectional half-duplex transmission system. | 01-13-2011 |
20110099377 | COMPACT SECURITY DEVICE WITH TRANSACTION RISK LEVEL APPROVAL CAPABILITY - The present invention relates to the field of securing electronic transactions and more specifically to methods to indicate and verify the approval of the risk level of a transaction and to apparatuses for generating transaction risk level approval codes. | 04-28-2011 |
20110099384 | STRONG AUTHENTICATION TOKEN USABLE WITH A PLURALITY OF INDEPENDENT APPLICATION PROVIDERS - The present invention defines a strong authentication token for generating different dynamic credentials for different application providers comprising an input interface providing an output representing an application provider indicator; a secret key storage for storing one or more secret keys; a variability source for providing a dynamic variable value; a key providing agent for providing an application provider specific key as a function of said application provider indicator using one or more keys stored in said secret key storage; a cryptographic agent for cryptographically combining said application provider specific key with said dynamic variable value using symmetric cryptography; a transformation agent coupled to said cryptographic agent for transforming an output of said cryptographic agent to produce a dynamic credential; and an output interface to output said dynamic credential. | 04-28-2011 |
20120112831 | MODULATION AND DEMODULATION CIRCUIT - The invention relates to modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals. By coupling an analog circuit to a port of a digital component, a compact envelope detector can be obtained, which achieves demodulation of AM signals for direct coupling into a digital input port. Accordingly, a compact envelope detector may be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive, capacitive, or radiative. An example of such a device is a credit card sized authentication token. | 05-10-2012 |
20120221859 | STRONG AUTHENTICATION TOKEN WITH ACOUSTIC DATA INPUT - Strong authentication tokens for generating dynamic security values having an acoustical input interface for acoustically receiving input data are disclosed. The tokens may also include an optical interface for receiving input data and may have a selection mechanism to select either the acoustical or the optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. The acoustic signal received by the token may be modulated using a frequency shift keying modulation scheme using a plurality of coding frequencies to code the acoustical signal where each coding frequency may be an integer multiple of a common base frequency. | 08-30-2012 |
20120221860 | METHOD AND APPARATUS FOR ENCODING AND DECODING DATA TRANSMITTED TO AN AUTHENTICATION TOKEN - Methods and apparatus for encoding and decoding data transmitted acoustically and/or optically to strong authentication tokens to generate dynamic security values are disclosed. The tokens may also include a selection mechanism to select either an acoustical or an optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. | 08-30-2012 |
20130198519 | STRONG AUTHENTICATION TOKEN WITH VISUAL OUTPUT OF PKI SIGNATURES - A handheld authentication device comprising a data processor and a display is adapted to: generate an input value; submit the input value to an asymmetric cryptographic operation; obtain the result of said asymmetric cryptographic operation; generate an authentication message substantially comprising the result of the asymmetric cryptographic operation; encode the authentication message into one or more images; and display these images on the display. A method for securing computer-based applications remotely accessed by a user comprises capturing images displayed on the display of an authentication device of the user whereby these images have been encoded with an authentication message generated by the authentication device and whereby the authentication message comprises the result of an asymmetric cryptographic operation on an input value; decoding the images to retrieve the authentication message; retrieving the result of the asymmetric cryptographic operation from the authentication message; verifying the authentication message. | 08-01-2013 |
20140068272 | STRONG AUTHENTICATION TOKEN WITH ACOUSTIC DATA INPUT OVER MULTIPLE CARRIER FREQUENCIES - Strong authentication tokens for generating dynamic security values having an acoustical input interface for acoustically receiving input data are disclosed. The tokens may also include an optical interface for receiving input data and may have a selection mechanism to select either the acoustical or the optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. The acoustic signal received by the token may comprise a plurality of modulated carrier frequencies whereby each carrier frequency has been modulated with a data signal representing the full input data such that the input data are redundantly emitted over more than one modulated carrier frequency. | 03-06-2014 |
20140189359 | REMOTE AUTHENTICATION AND TRANSACTION SIGNATURES - Authentication devices and methods for generating dynamic credentials are disclosed. The authentication devices include a communication interface for communicating with a security device such as a smart card. A dynamic credential such as a one-time password (OTP) or a message authentication code (MAC) may be generated by receiving from a server an encrypted initialization seed encrypted with an asymmetric encryption algorithm using a public key of a public/private key pair, submitting the encrypted initialization seed to a security device, decrypting at the security device the encrypted initialization seed with a private key of the public/private key pair, returning the decrypted initialization seed to the authentication device, deriving at the authentication device a secret credential generation key from the decrypted initialization seed, and generating the dynamic credential by combining a dynamic variable with the secret credential generation key using a symmetric cryptographic dynamic credential generation algorithm. | 07-03-2014 |
20140237242 | COMPACT SECURITY DEVICE WITH TRANSACTION RISK LEVEL APPROVAL CAPABILITY - The present invention relates to the field of securing electronic transactions and more specifically to systems to indicate and verify the approval of the risk level of a transaction and to systems for generating transaction risk level approval codes. | 08-21-2014 |