Method and apparatus for secure entry of access codes in a computer environment
US6209102A · kind A · utility
Assignee
Inventor
Key dates
| Filing date | Feb 12, 1999 |
| Grant date | Mar 27, 2001 |
| Priority date | — |
| Expiry date | Feb 12, 2019 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/34
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A user inputting his access code (e.g., PIN or password) into an computing environment to access a transaction is at risk of losing the access code to an attacker who has physical or electronic access to the computing environment. To minimize this risk, the access code can be entered via a plurality of user-selectable fields, each of which takes on a series of values, the initially displayed values of which are established in a random or otherwise unpredictable manner. The user then uses a mouse, keyboard, or other input device to increment each of the selectable fields until the access code is correctly entered. Because of the randomization of the initial state, an attacker tracking the locations or number of mouse clicks or other navigation actions can not determine the finally entered access code by, e.g., computing an offset from a known initial state.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.