Patent · US Active

Integrity protected smart card transaction

US8504838B2 · kind B2 · utility

0Cited by

5References

18Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Stefan Thom · Snohomish, US
Erik Holt · Sammamish, US
Shivaram H. Mysore · Kirkland, US
Valerie Kathleen Bays · Redmond, US
Carl M. Ellison · Portland, US

Key dates

Filing date	Mar 26, 2011
Grant date	Aug 6, 2013
Priority date	—
Expiry date	Sep 3, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L9/0897
WIPO fieldIT methods for management
WIPO sectorElectrical engineering

Abstract

Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN′ value based on a user-specified PIN and a modifier and using the PIN′ value for unlocking the smart card.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.