| Patent application number | Description | Published |
|---|
| 20090193511 | TWO-FACTOR USB AUTHENTICATION TOKEN - The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices. By using only symmetric encryption and the low-speed USB protocol, a single low-performance processor may be used, which results in a more cost-effective solution than PKI USB tokens emulating the combination of smart cards and smart card readers or USB tokens presenting themselves to the host computer as mass storage devices. The overall security is increased by adding a second authentication factor consisting of a static password entered by the user, and by limiting the number of valid token response that can be generated or retrieved in a usage session. | 07-30-2009 |
| 20090235339 | STRONG AUTHENTICATION TOKEN GENERATING ONE-TIME PASSWORDS AND SIGNATURES UPON SERVER CREDENTIAL VERIFICATION - The invention defines a strong authentication token that remedies a vulnerability to a certain type of social engineering attacks, by authenticating the server or messages purporting to come from the server prior to generating a one-time password or transaction signature; and, in the case of the generation of a transaction signature, signing not only transaction values but also transaction context information and, prior to generating said transaction signature, presenting said transaction values and transaction context information to the user for the user to review and approve using trustworthy output and input means. It furthermore offers this authentication and review functionality without sacrificing user convenience or cost efficiency, by judiciously coding the transaction data to be signed, thus reducing the transmission size of information that has to be exchanged over the token's trustworthy interfaces | 09-17-2009 |
| 20100065646 | METHOD FOR POST-MANUFACTURING DATA TRANSFER TO AND FROM A SEALED DEVICE - The present invention is directed towards authentication tokens that are completely embedded in a non-conductive enclosure. The invention is based on the insight that it would be advantageous to separate the electronic data personalization of such tokens from the visual device personalization. The present application concerns an authentication token that allows communication with an external unit after the production of the nonconductive enclosure, in order to transmit or receive device identification data. As this communication need only take place during the manufacturing process, a low-power close-range transmission technique such as inductive coupling, capacitive coupling, or RFID communication suffices for this purpose. Accordingly, the present application discloses a method for manufacturing authentication tokens, and a token manufactured according to said method. | 03-18-2010 |
| 20110099377 | COMPACT SECURITY DEVICE WITH TRANSACTION RISK LEVEL APPROVAL CAPABILITY - The present invention relates to the field of securing electronic transactions and more specifically to methods to indicate and verify the approval of the risk level of a transaction and to apparatuses for generating transaction risk level approval codes. | 04-28-2011 |
| 20110099384 | STRONG AUTHENTICATION TOKEN USABLE WITH A PLURALITY OF INDEPENDENT APPLICATION PROVIDERS - The present invention defines a strong authentication token for generating different dynamic credentials for different application providers comprising an input interface providing an output representing an application provider indicator; a secret key storage for storing one or more secret keys; a variability source for providing a dynamic variable value; a key providing agent for providing an application provider specific key as a function of said application provider indicator using one or more keys stored in said secret key storage; a cryptographic agent for cryptographically combining said application provider specific key with said dynamic variable value using symmetric cryptography; a transformation agent coupled to said cryptographic agent for transforming an output of said cryptographic agent to produce a dynamic credential; and an output interface to output said dynamic credential. | 04-28-2011 |
