Soft-token authentication system
US10263782B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 12, 2011 |
| Grant date | Apr 16, 2019 |
| Priority date | — |
| Expiry date | Feb 5, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/3273
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system for authenticating a user and his local device to a secured remote service with symmetrical keys, which utilizes a PIN from the user and a unique random value from the local device in such a way that prevents the remote service from ever learning the user's PIN, or a hash of that PIN. The system also provides mutual authentication, verifying to the user and local device that the correct remote service is being used. At the same time, the system protects against PIN guessing attacks by requiring communication with the said remote service in order to verify if the correct PIN is known. Also, the system works in such a way as to change the random value stored on the user's local device after each authentication session.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.