Patent · US Active

Methods and systems for secure authentication of a user by a host system

US8302172B2 · kind B2 · utility

7Cited by

41References

15Claims

0Family size

Assignee

Citibank Development Center, Inc. · US

Inventors

Michael Grandcolas · Santa Monica, US
Marc Guzman · West Hollywood, US
Thomas Yee · San Fernando, US
Dilip Parekh · Los Angeles, US
Yonggiang Chen · Lake Forest, US

Key dates

Filing date	Nov 15, 2011
Grant date	Oct 30, 2012
Priority date	—
Expiry date	Nov 15, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/56
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which a user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of an application server by an encryption applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.