Patent · US Active

Method and system for secure authentication of a user by a host system

US8650625B2 · kind B2 · utility

7Cited by

42References

15Claims

0Family size

Assignee

Citibank Development Center, Inc. · US

Inventors

Michael Grandcolas · Santa Monica, US
Marc Guzman · West Hollywood, US
Thomas Yee · San Fernando, US
Dilip Parekh · Los Angeles, US
Yongqiang CHEN · Beijing, CN

Key dates

Filing date	Sep 21, 2012
Grant date	Feb 11, 2014
Priority date	—
Expiry date	Sep 21, 2032

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0853
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which a user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of an application server by an encryption applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.