Compact security device with transaction risk level approval capability
    1.
    发明授权
    Compact security device with transaction risk level approval capability 有权
    具有交易风险等级审批能力的紧凑型安全设备

    公开(公告)号:US08661258B2

    公开(公告)日:2014-02-25

    申请号:US12604838

    申请日:2009-10-23

    IPC分类号: H04L9/32

    摘要: The present invention relates to the field of securing electronic transactions and more specifically to methods to indicate and verify the approval of the risk level of a transaction and to apparatuses for generating transaction risk level approval codes.In a method according to the invention transactions are classified into a limited number of categories. A user submitting a transaction to a server is requested to also generate and submit a dynamic transaction category approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. In an alternative method according to the invention transactions are assigned one of a limited number of risk levels. A user submitting a transaction to a server is requested to also generate and submit a dynamic risk level approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. The received dynamic risk level approval code is verified on the server side by comparing it with the generated verification value. A security token to secure electronic transactions adapted to generate dynamic transaction category approval codes and a security token to secure electronic transactions adapted to generate dynamic risk level approval codes are also described.

    摘要翻译: 本发明涉及确保电子交易的领域,更具体地涉及指示和验证交易的风险水平的批准的方法以及用于生成交易风险等级的批准代码的装置。 在根据本发明的方法中,交易被分类为有限数量的类别。 要求向服务器提交交易的用户还要生成并提交用于提交的交易的动态交易类别批准代码。 在服务器端,为接收到的事务生成相应的验证值。 在根据本发明的替代方法中,交易被分配为有限数量的风险水平之一。 要求向服务器提交交易的用户还要为提交的交易生成并提交动态风险级别审批代码。 在服务器端,为接收到的事务生成相应的验证值。 通过将其与生成的验证值进行比较,在服务器端验证接收到的动态风险级别批准代码。 还描述了用于保护适于生成动态交易类别批准代码的电子交易的安全令牌和用于保护适于产生动态风险级别批准代码的电子交易的安全令牌。

    METHOD AND APPARATUS FOR ENCODING AND DECODING DATA TRANSMITTED TO AN AUTHENTICATION TOKEN
    2.
    发明申请
    METHOD AND APPARATUS FOR ENCODING AND DECODING DATA TRANSMITTED TO AN AUTHENTICATION TOKEN 有权
    用于编码和解码发送给认证的数据的方法和装置

    公开(公告)号:US20120221860A1

    公开(公告)日:2012-08-30

    申请号:US13404826

    申请日:2012-02-24

    IPC分类号: G06F21/20 H04L9/32

    摘要: Methods and apparatus for encoding and decoding data transmitted acoustically and/or optically to strong authentication tokens to generate dynamic security values are disclosed. The tokens may also include a selection mechanism to select either an acoustical or an optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device.

    摘要翻译: 公开了用于编码和解码声学和/或光学地传送到强认证令牌以产生动态安全性值的数据的方法和装置。 令牌还可以包括选择机制以选择声学或光学输入接口来接收数据。 可以提供通信接口以与诸如智能卡的可移除安全设备通信,并且令牌可以适于与可移除安全设备协作生成动态安全值。

    Method for transmission of a digital message from a display to a handheld receiver
    3.
    发明授权
    Method for transmission of a digital message from a display to a handheld receiver 有权
    将数字消息从显示器传输到手持式接收器的方法

    公开(公告)号:US07990292B2

    公开(公告)日:2011-08-02

    申请号:US12111125

    申请日:2008-04-28

    申请人: Dirk Marien

    发明人: Dirk Marien

    IPC分类号: H03M5/16 H03M7/12

    CPC分类号: G06F21/606

    摘要: The invention relates to a method to efficiently transmit a digital message over a unidirectional optical link, such as the link between a computer screen and a security token equipped with photosensitive elements. It is an object of this invention to provide a source coding scheme that is optimized for transmissions of alphanumerical data containing frequent occurrences of numerals and less frequent occurrences of non-numerical data. This is achieved by using a modified Huffman code for source coding, consisting of a nibble-based prefix-free binary code. The output of the coder is efficiently mapped onto a 6B4T channel code, wherein unused ternary codewords can be used to signal data-link layer events. This efficient signalling of data-link layer events, in turn, allows for a synchronization scheme based on repeated transmissions of a finite-length message, combined with an out-of-band clock signal.

    摘要翻译: 本发明涉及一种通过诸如计算机屏幕和装备有感光元件的安全令牌之间的链接的单向光学链路来有效地发送数字消息的方法。 本发明的一个目的是提供一种源代码编码方案,该方案针对包含频繁出现的数字的字母数字数据的传输进行优化,并且不频繁出现非数字数据。 这通过使用用于源编码的修改的霍夫曼码来实现,该编码由基于半字节的前缀无二进制码组成。 编码器的输出被有效地映射到6B4T信道码,其中未使用的三进制码字可以用于信号数据链路层事件。 数据链路层事件的这种有效的信令反过来允许基于与带外时钟信号组合的有限长度消息的重复传输的同步方案。

    COMPACT SECURITY DEVICE WITH TRANSACTION RISK LEVEL APPROVAL CAPABILITY
    4.
    发明申请
    COMPACT SECURITY DEVICE WITH TRANSACTION RISK LEVEL APPROVAL CAPABILITY 有权
    具有交易风险水平认证能力的紧急安全设备

    公开(公告)号:US20110099377A1

    公开(公告)日:2011-04-28

    申请号:US12604838

    申请日:2009-10-23

    IPC分类号: H04L9/32

    摘要: The present invention relates to the field of securing electronic transactions and more specifically to methods to indicate and verify the approval of the risk level of a transaction and to apparatuses for generating transaction risk level approval codes.In a method according to the invention transactions are classified into a limited number of categories. A user submitting a transaction to a server is requested to also generate and submit a dynamic transaction category approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. In an alternative method according to the invention transactions are assigned one of a limited number of risk levels. A user submitting a transaction to a server is requested to also generate and submit a dynamic risk level approval code for the submitted transaction. On the server side a corresponding verification value is generated for the received transaction. The received dynamic risk level approval code is verified on the server side by comparing it with the generated verification value. A security token to secure electronic transactions adapted to generate dynamic transaction category approval codes and a security token to secure electronic transactions adapted to generate dynamic risk level approval codes are also described.

    摘要翻译: 本发明涉及确保电子交易的领域,更具体地涉及指示和验证交易的风险水平的批准的方法以及用于生成交易风险等级的批准代码的装置。 在根据本发明的方法中,交易被分类为有限数量的类别。 要求向服务器提交交易的用户还要生成并提交用于提交的交易的动态交易类别批准代码。 在服务器端,为接收到的事务生成相应的验证值。 在根据本发明的替代方法中,交易被分配为有限数量的风险水平之一。 要求向服务器提交交易的用户还要为提交的交易生成并提交动态风险级别审批代码。 在服务器端,为接收到的事务生成相应的验证值。 通过将其与生成的验证值进行比较,在服务器端验证接收到的动态风险级别批准代码。 还描述了用于保护适于生成动态交易类别批准代码的电子交易的安全令牌和用于保护适于产生动态风险级别批准代码的电子交易的安全令牌。

    Modulation and demodulation circuit
    5.
    发明授权
    Modulation and demodulation circuit 有权
    调制解调电路

    公开(公告)号:US08829987B2

    公开(公告)日:2014-09-09

    申请号:US13349070

    申请日:2012-01-12

    申请人: Dirk Marien

    发明人: Dirk Marien

    摘要: The invention relates to modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals. By coupling an analog circuit to a port of a digital component, a compact envelope detector can be obtained, which achieves demodulation of AM signals for direct coupling into a digital input port. Accordingly, a compact envelope detector may be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive, capacitive, or radiative. An example of such a device is a credit card sized authentication token.

    摘要翻译: 本发明涉及调制和解调电路,例如用于解调幅度调制(AM)信号的包络检测器。 通过将模拟电路耦合到数字部件的端口,可以获得紧凑的包络检测器,其实现用于直接耦合到数字输入端口的AM信号的解调。 因此,紧凑的包络检测器可以与需要后期制造数据传输的密封装置的数据接收部分结合使用提供诸如感应,电容或辐射的电磁耦合的附加部件。 这种设备的示例是信用卡大小的认证令牌。

    Two-factor USB authentication token
    6.
    发明授权
    Two-factor USB authentication token 有权
    双因素USB认证令牌

    公开(公告)号:US08214888B2

    公开(公告)日:2012-07-03

    申请号:US12138979

    申请日:2008-06-13

    CPC分类号: G06F21/34

    摘要: The present patent application discloses a USB token that advantageously mimics a human interface device such as a keyboard in interacting with a host computer, thus removing the need for pre-installation of a dedicated device driver. This is accomplished by requiring the host computer to direct the input of the attached human interface devices of the keyboard type, including the USB token, exclusively to the program interacting with the USB token, by using cryptographic algorithms based on a shared secret, which require less data to be transferred than PKI-based algorithms, and by employing an efficient encoding scheme that minimizes the time needed to exchange information with the USB token, and minimizes the probability of generating ambiguity with input that might legitimately be generated by other attached human interface devices. By using only symmetric encryption and the low-speed USB protocol, a single low-performance processor may be used, which results in a more cost-effective solution than PKI USB tokens emulating the combination of smart cards and smart card readers or USB tokens presenting themselves to the host computer as mass storage devices. The overall security is increased by adding a second authentication factor consisting of a static password entered by the user, and by limiting the number of valid token response that can be generated or retrieved in a usage session.

    摘要翻译: 本专利申请公开了一种USB令牌,其有利地模拟诸如键盘的人机接口设备与主机交互,从而消除了对专用设备驱动程序的预安装的需要。 这是通过要求主计算机通过使用基于共享秘密的密码算法将包括USB令牌在内的键盘类型的附接的人机接口设备的输入专用于与USB令牌交互的程序来实现的,这需要 要比基于PKI的算法更少的数据传输,并且通过采用最小化与USB令牌交换信息所需的时间的有效的编码方案,并且最小化由其他附加的人机接口合法产生的输入产生歧义的概率 设备。 通过仅使用对称加密和低速USB协议,可以使用单个低性能处理器,这导致比PKI USB令牌更具成本效益的解决方案,仿真智能卡和智能卡读卡器或USB令牌的组合 自己以主机为大容量存储设备。 通过添加由用户输入的静态密码组成的第二认证因素,以及通过限制可以在使用会话中生成或检索的有效令牌响应的数量来增加总体安全性。

    Modulation and Demodulation Circuit
    7.
    发明申请
    Modulation and Demodulation Circuit 有权
    调制解调电路

    公开(公告)号:US20110007846A1

    公开(公告)日:2011-01-13

    申请号:US12501213

    申请日:2009-07-10

    申请人: Dirk Marien

    发明人: Dirk Marien

    IPC分类号: H04L25/06 H03D1/24

    摘要: The invention relates to the field of modulation and demodulation circuits, such as envelope detectors used to demodulate amplitude-modulated (AM) signals and amplitude-shift-keying (ASK) signals. By judiciously coupling an analog circuit comprising one resistor and two capacitors which are judiciously dimensioned to a port of a digital component, an extremely compact envelope detector can be obtained, which achieves demodulation of a binary ASK signal for direct coupling into a digital input port. Accordingly, a very compact envelope detector may advantageously be used in the data receiving part of a sealed device requiring post-manufacturing data transfer, in combination with additional components that provide electromagnetic coupling, such as inductive coupling, capacitive coupling, or radiative coupling. An example of such a device is a credit card sized authentication token, the electrical personalization of which happens after the production of the card-like housing. The digital port may additionally be used to modulate the backscattered wave, by switching the voltage of the diode port to the system ground level. In this way, the apparatus is advantageously equipped with a wireless bidirectional half-duplex transmission system.

    摘要翻译: 本发明涉及用于解调幅度调制(AM)信号和幅移键控(ASK)信号的包络检测器的调制和解调电路领域。 通过明智地将包括一个电阻器和两个电容器的模拟电路合理地耦合到数字部件的端口,可以获得非常紧凑的包络检测器,其实现用于直接耦合到数字输入端口的二进制ASK信号的解调。 因此,非常紧凑的包络检测器可以有利地用于需要后制造数据传输的密封装置的数据接收部分,以及提供诸如电感耦合,电容耦合或辐射耦合的电磁耦合的附加部件。 这种设备的示例是信用卡大小的认证令牌,其电气个性化在卡形外壳的生产之后发生。 数字端口可以另外用于通过将二极管端口的电压切换到系统地电平来调制后向散射波。 以这种方式,该装置有利地配备有无线双向半双工传输系统。

    Strong authentication token with acoustic data input over multiple carrier frequencies
    8.
    发明授权
    Strong authentication token with acoustic data input over multiple carrier frequencies 有权
    在多个载波频率上输入声学数据的强认证令牌

    公开(公告)号:US09184915B2

    公开(公告)日:2015-11-10

    申请号:US13599685

    申请日:2012-08-30

    IPC分类号: G06F21/00 H04L9/32 G06F21/35

    摘要: Strong authentication tokens for generating dynamic security values having an acoustical input interface for acoustically receiving input data are disclosed. The tokens may also include an optical interface for receiving input data and may have a selection mechanism to select either the acoustical or the optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. The acoustic signal received by the token may comprise a plurality of modulated carrier frequencies whereby each carrier frequency has been modulated with a data signal representing the full input data such that the input data are redundantly emitted over more than one modulated carrier frequency.

    摘要翻译: 公开了用于生成具有用于声学接收输入数据的声学输入接口的动态安全值的强认证令牌。 令牌还可以包括用于接收输入数据的光学接口,并且可以具有选择机制以选择声学或光学输入接口来接收数据。 可以提供通信接口以与诸如智能卡的可移除安全设备通信,并且令牌可以适于与可移除安全设备协作生成动态安全值。 由令牌接收的声信号可以包括多个调制的载波频率,由此每个载波频率已用表示全输入数据的数据信号进行调制,使得输入数据在多于一个的调制载波频率上被冗余地发射。

    STRONG AUTHENTICATION TOKEN WITH ACOUSTIC DATA INPUT OVER MULTIPLE CARRIER FREQUENCIES
    9.
    发明申请
    STRONG AUTHENTICATION TOKEN WITH ACOUSTIC DATA INPUT OVER MULTIPLE CARRIER FREQUENCIES 有权
    通过多载波频率的声音数据输入强大的认证

    公开(公告)号:US20140068272A1

    公开(公告)日:2014-03-06

    申请号:US13599685

    申请日:2012-08-30

    IPC分类号: G06F21/00

    摘要: Strong authentication tokens for generating dynamic security values having an acoustical input interface for acoustically receiving input data are disclosed. The tokens may also include an optical interface for receiving input data and may have a selection mechanism to select either the acoustical or the optical input interface to receive data. A communication interface may be provided to communicate with a removable security device such as a smart card and the token may be adapted to generate dynamic security values in cooperation with the removable security device. The acoustic signal received by the token may comprise a plurality of modulated carrier frequencies whereby each carrier frequency has been modulated with a data signal representing the full input data such that the input data are redundantly emitted over more than one modulated carrier frequency.

    摘要翻译: 公开了用于生成具有用于声学接收输入数据的声学输入接口的动态安全值的强认证令牌。 令牌还可以包括用于接收输入数据的光学接口,并且可以具有选择机制以选择声学或光学输入接口来接收数据。 可以提供通信接口以与诸如智能卡的可移除安全设备通信,并且令牌可以适于与可移除安全设备协作生成动态安全值。 由令牌接收的声信号可以包括多个调制的载波频率,由此每个载波频率已用表示全输入数据的数据信号进行调制,使得输入数据在多于一个的调制载波频率上被冗余地发射。

    Method and an apparatus to convert a light signal emitted by a display into digital signals
    10.
    发明授权
    Method and an apparatus to convert a light signal emitted by a display into digital signals 有权
    将由显示器发射的光信号转换为数字信号的方法和装置

    公开(公告)号:US08270839B2

    公开(公告)日:2012-09-18

    申请号:US12334117

    申请日:2008-12-12

    申请人: Dirk Marien

    发明人: Dirk Marien

    IPC分类号: H04B10/00

    CPC分类号: H04B10/116 H04B10/1141

    摘要: The present invention provides a method and a device to convert a time varying optical pattern emitted by a display into a digital data signal. More specifically the invention allows a handheld security token to convert a time-varying light intensity pattern emitted by a source such as a computer screen into a digital signal including a sequence of coded data symbols. The invention is based on the insight that the intensity of light emitted by regions of said source can be easily sampled by a simple low-cost processor if appropriate A/D conversion hardware converts the incident light into an electrical signal which is time varying, whereby the base frequency of this electrical signal is a function of the light intensity. Intensity levels used for channel coding and symbol clock can be recovered from the signal by the receiver. The invention comprises measuring this electrical signal, transforming sets of measurements into intensity samples for a plurality of sampling windows, adaptively calculating discrete intensity levels from these intensity samples, assigning intensity levels to the sampling windows, detecting symbol period boundaries, and decoding the symbols.

    摘要翻译: 本发明提供一种将由显示器发射的时变光学图案转换为数字数据信号的方法和装置。 更具体地,本发明允许手持安全令牌将由诸如计算机屏幕的源发射的时变光强度图案转换为包括编码数据符号序列的数字信号。 本发明基于以下认识:如果适当的A / D转换硬件将入射光转换成时变的电信号,则可以通过简单的低成本处理器容易地对由所述源的区域发射的光的强度进行采样,由此 该电信号的基频是光强度的函数。 用于信道编码和符号时钟的强度级别可以由接收器从信号中恢复。 本发明包括测量该电信号,将测量集合转换为多个采样窗口的强度样本,自适应地计算来自这些强度样本的离散强度水平,向采样窗口分配强度水平,检测符号周期边界以及对符号进行解码。