Patent · US Active

Integrity protected smart card transaction

US7934096B2 · kind B2 · utility

5Cited by

5References

9Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Stefan Thom · Snohomish, US
Erik Holt · Sammamish, US
Shivaram H. Mysore · Kirkland, US
Valerie Kathleen Bays · Redmond, US
Carl M. Ellison · Portland, US

Key dates

Filing date	Jul 27, 2007
Grant date	Apr 26, 2011
Priority date	—
Expiry date	Feb 8, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L9/0897
WIPO fieldIT methods for management
WIPO sectorElectrical engineering

Abstract

Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN′ value based on a user-specified PIN and a modifier and using the PIN′ value for unlocking the smart card.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.