logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8146141 B1

PDFFull Text
Date of Patent:
Mar. 27, 2012

Filed:

Dec. 16, 2004

Method and system for secure authentication of a user by a host system

Applicants:

Michael Grandcolas, Santa Monica, CA (US);

Marc Guzman, Studio City, CA (US);

Thomas Yee, Northridge, CA (US);

Dilip Parekh, Los Angeles, CA (US);

Yongqiang Chen, Gardenia, CA (US);

Inventors:

Michael Grandcolas, Santa Monica, CA (US);

Marc Guzman, Studio City, CA (US);

Thomas Yee, Northridge, CA (US);

Dilip Parekh, Los Angeles, CA (US);

Yongqiang Chen, Gardenia, CA (US);

Assignee:

Citibank Development Center, Inc., Los Angeles, CA (US);

Attorney:

Johnson & Associates

Primary Examiner:

David Garcia Cervetti

Assistant Examiner:

Daniel Hoang

Int. Cl.
CPC ...
G06F 7/04 (2006.01);
U.S. Cl.
CPC ...
Abstract

A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which during a log on process, an encryption applet and the public key of a public/private key pair of a banking application server, the private key for which is known by a hardware security module (HSM) of the banking application, are downloaded by a user's browser. The applet contains code for generating a DES key and performing DES and PKI encryption. A user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of the application server by the applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.

Find Patent Forward Citations

Loading…