throbber
Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 1 of 9
`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 1 of 9
`
`
`
`EXHIBIT 2
`EXHIBIT 2
`
`
`
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 2 of 9
`
`AIRE-SAMS-00001855
`
`a2) United States Patent
`Meister et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,205,249 B2
`Jun. 19, 2012
`
`US008205249B2
`
`(54) METHOD FOR CARRYING OUT A SECURE
`ELECTRONIC TRANSACTION USINGA
`PORTABLE DATA SUPPORT
`
`(75)
`
`Inventors: Gisela Meister, Miinchen (DE); Nigol
`Martin, Miinchen (DE)
`
`(73) Assignee: oD & Devrient GmbH, Munich
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`4,993,068 A *
`2/1991 Piosenka et al.
`6,263,447 Bl
`7/2001 French
`6,408,388 Bl
`6/2002 Fischer
`5/2003 Guthery woe 713/168
`6,567,915
`6,651,168 B1* 11/2003 Kao etal.
`713/185
`8/2004 Guthery veeceeceuseuscuseusenses 713/172
`6,779,1 13 Bl ey
`(Continued)
`
`713/186
`
`....
`
`(*) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 780 days.
`10/531,259
`
`EP
`
`FOREIGN PATENT DOCUMENTS
`1045346 A
`(Continued)
`
`OTHER PUBLICATIONS
`Russel Davis, Network Authentication Tokens, Computer Security
`Applications Conference, 1989, 5th annual, Dec. 4, 1989, pp. 234-
`238 (ISBN: 0/8186-2006-4).
`
`Doan
`
`Primary Examiner — Nathan Flynn
`Trang D
`Assistant E.
`Examiner — Trang
`ssistant
`(74) Attorney, Agent, or Firm — Bacon & Thomas, PLLC
`(67)
`ABSTRACT
`A method for effecting a secure electronic transaction on a
`terminal using a portable data carrier is proposed. According
`to the method a user (30) first authenticates himself vis-a-vis
`the portable data carrier (20). The portable data carrier (20) at
`the same time produces quality information about how
`authentication was done. The authentication is confirmed to
`the terminal (14). Then the portable data carrier (20) performs
`a security-establishing operation within the transaction, for
`example the creation of a digital signature. It attaches the
`quality information to the result of the security-establishing
`Oo eration.
`P
`
`13 Claims, 3 Drawing Sheets
`
`(21) Appl. No.:
`(22)
`Filed:
`
`(86) PCT No.:
`§ 371 (c)(1),
`(2), (4) Date:
`
`2003
`Oct.
`PCT/EP03/11761
`Apr. 24, 2006
`(87) PCT Pub. No.: WO2004/038665
`PCT Pub. Date: May 6, 2004
`
`(65)
`
`Prior Publication Data
`
`US 2006/0242691 Al
`
`Oct. 26, 2006
`(30)
`Foreign Application Priority Data
`(DE) on.eeeeeeeeeseneeetensees 102 49 801
`Oct. 24, 2002
`
`51)
`
`Int.cl
`
`ot06F 704
`
`2006.01
`
`ol,
`ene6. oN
`GO6F 12/00
`GOG6F 12/14
`6.
`wow.
`GO6F 21/00
`(52) US.CI
`705/53: 713/166
`Ree
`(58) Field of Classification Search ................ 726/9, 20;
`705/53; 713/166
`See application file for complete search history.
`
`ereee
`
`3
`
`3
`
`3
`
`20
`
`22
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 3 of 9
`
`AIRE-SAMS-00001856
`
`e01s.436
`
`U.S. PATENT DOCUMENTS
`
`soebos Carlow ofa creer
`
`......
`
`tee
`7,051,206 B1*
`713/176
`5/2006 Giest etal.
`7,162,058 B2*
`382/124
`1/2007 Mimura etal.
`382/115
`7,286,691 B1* 10/2007 Modletal.
`7/2008 Miyashita ....
`7,403,765 B2*
`we 455/411
`7,409,554 B2*
`wee TIB/175
`8/2008 Ishibashi et al.
`7,457,442 B2* 11/2008 Mimura etal.
`wee 382/124
`2002/0016913 Al*
`we 713/170
`2/2002 Wheeler etal.
`7/2002 Foleyetal.
`.. 713/202
`2002/0087894
`713/186
`7/2002 Doyleetal.
`2002/0095587 A1l*
`2002/0128969 Al*
`705/42
`9/2002 Parmelee et al.
`713/180
`9/2002 Parmeleeetal.
`2002/0129256 Al*
`2002/0141586 A1* 10/2002 Margalitetal.
`380/270
`10/2002 Mimura et al.
`2002/0150283 Al
`2003/0005310 Al*
`1/2003 Shinzaki
`.........ccccccee 713/186
`380/270
`2003/0012382 Al*
`1/2003 Ferchichi etal.
`
`US 8,205,249 B2
`Page 2
`
`2003/0014372 Al*
`1/2003 Wheeler etal. oc... 705/71
`3/2003 Leydier etal.
`713/186
`2003/0046554
`5/2003 Russo etal.
`TIB/L85
`2003/0101348
`2003/0115142 Al*
`6/2003 Brickell etal.
`705/51
`2004/0005051 Al*
`1/2004 Wheeleretal.
`380/28
`2007/0076925 Al*
`4/2007 Mimuraetal. occ... 382/124
`2007/0276754 Al* 11/2007 Parmelee et al.
`705/43
`
`.....
`
`...
`
`FOREIGN PATENT DOCUMENTS
`
`ib
`
`Laine
`
`3001344213
`wo
`0074001 Al
`0187190 A
`wo
`wo
`02067091 A
`wo
`02073341 A2
`* cited by examiner
`
`oot
`
`12/2000
`11/2001
`8/2002
`9/2002
`
`.
`
`.
`
`..
`
`....
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 4 of 9
`
`AIRE-SAMS-00001857
`
`U.S. Patent
`
`Jun. 19, 2012
`
`Sheet 1 of3
`
`US 8,205,249 B2
`
`Fig. 1
`
`12 >
`
`~
`
`18
`
`16
`
`40
`
`LIA
`Ne”
`
`20
`
`22
`
`*
`
`a
`
`~ \
`
`25
`
`26
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 5 of 9
`
`AIRE-SAMS-00001858
`
`U.S. Patent
`
`Jun. 19, 2012
`
`Sheet2of3
`
`US 8,205,249 B2
`
`Fig. 2
`
`100
`
`Electronic document
`
`102
`
`104
`
`106
`
`y
`Start signature application
`
`Present card
`
`Mutual authentication
`
`108
`
`Negotiate session keys
`
`110
`
`PIN authentication?
`
`yes
`
`112
`
`Disable biometric method
`
`114 | Enter PIN
`
`116| Verify PIN
`
`117
`
`Confirm PIN verification
`
`118
`
`Perform signature!
`
`120
`
`Sign with secret key
`
`122 | Send back signature
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 6 of 9
`
`AIRE-SAMS-00001859
`
`U.S. Patent
`
`Jun. 19, 2012
`
`Sheet 3 of3
`
`US 8,205,249 B2
`
`Fig. 3
`
`130
`
`Biometrics
`
`132
`
`Disable PIN check method
`
`134
`
`Present fingerprint to terminal
`
`136
`
`138
`
`Extract feature
`
`Features to card
`
`140
`
`Verify fingerprint
`
`142
`
`Confirm verification
`
`144
`
`Perform signature!
`
`146
`
`Sign with secret key
`
`148
`
`Form quality inf. on biomet. authent
`
`150
`
`Send back quality inf. + signed doc
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 7 of 9
`
`AIRE-SAMS-00001860
`
`US 8,205,249 B2
`
`1
`METHOD FOR CARRYING OUT A SECURE
`ELECTRONIC TRANSACTION USING A
`PORTABLE DATA SUPPORT
`
`BACKGROUND
`
`A. Field
`
`This invention relates to secure authentication of a user of
`a portable data carrier communicating with a terminal.
`This invention starts out from a method exemplified, for
`example, by the method according to “Handbuch der Chip-
`karten” (herein-after “Chip card manual’), W. Rankl, W. Eff-
`ing, 3rd edition, 1999, pp. 692 to 703, under the title “Digital
`signature”. For performing a legally binding electronic sig-
`nature, a digital signature card containing a secret signature
`key is accordingly to be used. A signature is performed on a
`suitable terminal from which the card receives in electronic
`form a document to be signed. To be able to perform a signa-
`ture, the user of the card must establish proof of his identity
`through the terminal. This proof is regularly furnished by
`entering a PIN (person identification number) which is com-
`pared with a reference PIN stored in the card. In future it is
`planned to perform user authentication by checking a biomet-
`ric feature, e.g. a fingerprint. When an electronic document
`has been signed with the help of a signature card after suc-
`cessful authentication of the user, the document can then be
`passed on in any way. The electronic signature makes it
`possible to effect particularly security-critical transactions,
`e.g. the placing of service orders involving costs, by elec-
`tronic channels.
`The intended introduction of biometric features for user
`authentication obtains a further improvement of the trustwor-
`thiness of an electronic signature compared to the hitherto
`usual PIN authentication, because it guarantees that the sig-
`nature card can only be used in the presence of a definite
`person entitled to do so.
`the thereby realized quality difference with
`However,
`regard to user authentication is hitherto not reflected in the
`usability of the particular electronic signature produced.
`It is the problem of the invention to specify a method for
`effecting a secure electronic transaction using a portable data
`carrier which takes account of the quality of the user authen-
`tication performed.
`According to the invention, when user authentication is
`being performed the performing data carrier produces quality
`information about
`the authentication method used. This
`voucher is attached to the result of a security-establishing
`operation subsequently performed by the portable data car-
`rier. The recipient of a thus formed message can therefore
`clearly recognize how a user has authenticated himselfbefore
`effecting the security-establishing operation. This gives the
`recipient the possibility of making the effecting of a secure
`transaction contingent on the quality of user authentication.
`For example, in a purse application it can be provided that an
`amount of money below a limiting value can be withdrawn
`from an account after PIN authentication, while amounts of
`money above the limiting value can only be withdrawn after
`authentication by means of a biometric feature.
`The inventive method is used particularly advantageously
`in connection with the electronic signature.
`SUMMARY
`
`Ina preferred embodiment, the implementation ofthe vari-
`ous possible user authentication methods is so designed that
`the intermediate execution results of the lower-quality
`method cannot be converted ina simple way into intermediate
`execution results of a higher-quality method. This achieves
`the result that itis impossible to tamper with an authentication
`voucher even when an unauthorized user has access to both a
`
`10
`
`15
`
`20
`
`30
`
`35
`
`40
`
`45
`
`55
`
`60
`
`65
`
`2
`portable data carrier and associated, low-order authentication
`information, i.e. when an unauthorized user has for example
`a portable data carrier together with an associated PIN.
`It is further advantageous if the particular authentication
`methods not used in performing a user authentication are
`disabled for the duration of the authentication.
`
`DESCRIPTION OF THE DRAWINGS
`
`An embodiment of the invention will hereinafter be
`explained in more detail with reference to the drawing.
`Drawing
`FIG. 1 shows the structure of a system for performing a
`digital signature,
`FIGS. 2, 3 show the process ofperforming a digital signa-
`ture as a flow chart.
`FIG.1 illustrates the basic structure of a transaction system
`for effecting a secure electronic transaction. Essential ele-
`ments of the structure with regard to the invention are a
`background system 10 connected to a terminal 14 via a data
`network 12, a portable data carrier 20 which is carried by a
`user 30 and set up to perform a security-establishing opera-
`tion within a transaction, and a data record 40 which is to be
`handled securely within a transaction to be effected.
`The secure electronic transaction will hereinafter be
`assumed to be a transaction requiring the production of a
`digital signature on the part of the user 30. Such a transaction
`can be e.g. the effecting of a banking transaction by which the
`account of the user 30 is debited. However, the described
`solution is not restricted to transactions requiring a digital
`signature but is fundamentally usable in any application in
`which a portable data carrier 20 processes data records 40
`supplied from a terminal 14 and gives back them to the
`terminal 14.
`The background system 10 is representative ofa device that
`effects the actual transaction, e.g. the movement of money
`between two accounts or the initiation of a delivery of goods
`following an order. The background system 10 can accord-
`ingly be a complex system comprising a plurality of indi-
`vidual components or, in extreme cases, be completely omit-
`ted. Ifthe transaction is an account movement application, the
`background system 10 is typically formed by a central bank
`office.
`The data network 12 serves to exchange data between a
`terminal 14 and the background system 10. It can have any
`physical form and be realized for example by the Internet or
`a mobile phone network.
`The terminal 14 constitutes the user-side interface of the
`transaction system and has for this purpose display means 16,
`typically in the form of a display screen, and input means 18,
`in the form of a keyboard. The terminal 14 can be a
`e.g.
`publicly accessible terminal, e.g. a device set up in a bank, or
`a device situated in the private area of a user 30, e.g. a PC or
`mobile telephone. The data network 12, thus a background
`system 10, can have connected thereto one or more terminals
`14 which can be of different design. The terminal 14 has an
`interface 19 for communication with a portable data carrier
`20. The interface 19 can be of any physical design, in particu-
`lar of contact-type or non-contact type.
`The terminal 14 further has a sensor device 15, referred to
`hereinafter as the sensor, for detecting a biometric feature of
`a user 30. The sensor 15 can be capable of detecting physi-
`ological features, such as facial features, features ofthe eye or
`fingerprints, or behavior-based features, such as speech or
`writing sequences expressed by the voice or by writing opera-
`tions. FIG. 1 indicates a fingerprint sensor as the sensor 15.
`The sensor 15 can be formed for sensing a plurality of differ-
`ent biometric features. The sensor 15 further contains means
`for pre-evaluating a sensed biometric feature. The sensed
`information is thereby reduced to certain, characteristic pri-
`mary features. The different types and the implementation of
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 8 of 9
`
`AIRE-SAMS-00001861
`
`US 8,205,249 B2
`
`3
`biometric authentication methods are described for example
`in the abovementioned “Chip card manual”, chapter 8.1.2.
`The portable data carrier 20 is for example a chip card as
`likewise described in detail in the “Chip card manual”. FIG. 1
`indicates for the portable data carrier 20 in particular a con-
`tact-type chip card with a contact pad 22 constituting an
`interface corresponding to the terminal-side interface 19. Via
`the interfaces 22, 19 the communication between chip card 20
`and terminal 14 is effected. Apart from the shape of a chip
`card, the portable data carrier 20 can have any other shapes,
`being realized for example in an article of clothing worn by
`the user 30 or an article of daily use carried by the user 30.
`The portable data carrier 20 has an integrated circuit 24
`which has all elements of a usual computer, in particular a
`microprocessor 25 and storage means 26. The microproces-
`sor 25 is set up to perform a security-establishing operation.
`For example, it is set up to subject a supplied data record 40,
`referred to hereinafter as an electronic document 40, to a
`cryptographic algorithm, whereby it uses at least one secret
`key stored in the storage means 26. The microprocessor 25 is
`also set up to realize further functionalities according to pro-
`grams stored in the storage means 26.
`The portable data carrier 20 is further set up to perform at
`least one, but expediently a plurality of different quality user
`authentication methods. It preferably supports at least two
`authentication methods of different order with regard to the
`quality of authentication. It expediently supports at least one
`knowledge-based authentication method, e.g. a PIN check,
`and at least one biometric method, within which a biometric
`feature of the user 30 to be presented at the terminal 14 is
`checked. The biometric method inherently constitutes the
`higher-quality one here, since it presupposes the personal
`presence of the user 30; this is not ensured in the knowledge-
`based method since the knowledge can have been acquired by
`an unauthorized user. Accordingly the storage means 26 store
`at least one secret to be presented by the user 30, e.g. a
`reference PIN assigned to a user 30, and at least one biometric
`reference data record assigned to a user 30. It can expediently
`be provided that the portable data carrier 20 supports more
`than two authentication methods, in particular further bio-
`metric methods. Accordingly the storage means 26 in this
`case store further secrets and/or reference data records and the
`integrated circuit 24 is set up to perform the further authen-
`tication methods.
`Hereinafter the effecting of a secure electronic transaction
`using the structure shown in FIG. 1 will be described with
`reference to FIGS. 2 and 3. The security-establishing opera-
`tion will be the signing of an electronic document 40.
`The use is initiated by creation of an electronic document
`40 in the background system 10 or in the terminal 14, step
`100. As arule, said creation is preceded by an initiation dialog
`between a user 30 and the background system 10 via the
`terminal 14. At the latest when an electronic document 40 is
`present in the terminal 14, this causes the start ofthe signature
`application, step 102. This start can be caused automatically
`by the terminal 14 or the background system 10, or initiated
`by the user 30 after the terminal 14 has asked him to do so by
`means of a suitable display on the display device 16.
`After the signature application has been started, the user 30
`presents a suitable portable data carrier 20 to the terminal 40,
`step 104. The portable data carrier 20 will hereinafter be taken
`to have the form of a contact-type chip card. Further, it will
`hereinafter be assumed that the chip card 20 supports two
`authentication methods, namely a PIN check as a knowledge-
`based, inherently low-quality method, and a fingerprint check
`as a biometric, inherently higher-quality method.
`When the terminal 14 has recognized the presence ofa chip
`card 20, it first performs mutual authentication therewith, step
`106, whereby the chip card 20 first proves its authenticity to
`the terminal 14 and then the terminal 14 to the chip card 20.
`Ifauthentication is successful, terminal 14 and chip card 20
`negotiate dynamic session keys to permit further communi-
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`cation to be conducted securely in the so-called secure mes-
`saging mode, step 108. For details on the concept of secure
`messaging and dynamic sessionkeys, reference is again made
`to the “Chip card manual”.
`Then, authentication of the user 30 vis-a-vis the chip card
`20 is effected. First the terminal 14 checks how authentication
`is to be effected—knowledge-based, i.e. by input of a PIN, or
`biometrically, i.e. by presentation of a fingerprint, step 110.
`Specification of an authentication method can be effected
`automatically by the terminal 14 on the basis of information
`transmitted with the electronic document 40, but it can also be
`presented to the user 30 as a decision request via the display
`device 16. In the latter case the user 30 makes a decision by
`means of the input means 18.
`If authentication of the user 30 is to be knowledge-based,
`i.e. effected by input of a PIN, the chip card 20 disables the
`further possible authentication methods, i.e. the fingerprint
`check, step 112, and asks the user 30 via the display device 16
`to enter his PIN via the input means 18.
`The user 30 thereupon enters the PIN via the input means
`18 and the terminal 14 passes it on directly or in modified
`form via the interface 19, 22 to the chip card 20, step 114.
`Transmission of the PIN, or the information derived there-
`from, and subsequent communication with the chip card is
`additionally secured using the negotiated session keys. The
`total communication between terminal 14 and chip card 20 is
`expediently effected in the secure messaging mode.
`The card checks the transmitted PIN and confirms correct-
`ness to the terminal 14 in the no-error case, or terminates the
`procedure if the PIN was checked as false, step 116.
`Ifthe no-error case is given, the terminal 14 causes the chip
`card 20 by corresponding instructions to perform the secu-
`rity-establishing operation,
`the digital signature, and
`ie.
`transmits the electronic document 40 to be signed to the chip
`card 20, step 118.
`The chip card 20 signs the supplied electronic document 40
`with the secret key stored in the storage means 22, step 120,
`and sends the electronic signature 40 back to the terminal 14,
`step 122, which uses it to continue the initiated electronic
`transaction.
`If the check in step 110 shows that authentication of the
`user 30 is not to be knowledge-based but biometric, the ter-
`minal 14 initiates authentication against presentation of a
`biometric feature and makes a corresponding report to the
`chip card 20, step 130. The chip card 20 thereupon disables
`the further authentication methods not used, i.e. the knowl-
`edge-based PIN check, step 132.
`Subsequently the user 30 presents to the terminal 14 a
`biometric feature according to the authentication method
`used, i.e. a fingerprint, step 134. The request to present the
`fingerprint is preferably effected by a corresponding display
`on the display device 16 of the terminal 14. The fingerprint is
`detected by the sensor 15 provided on the terminal 14.
`The detected biometric feature, i.e. the fingerprint of the
`user 30, is subjected by the terminal 14 to pre-processing in
`which it extracts certain identifying features from the signal
`obtained on the sensor 15, step 136. If a fingerprint is used,
`primary features of the “Henry classification method” are
`determined, for example, as described in the “Chip card
`manual”.
`The extracted features are transmitted by the terminal 14
`via the interface 19, 22 to the portable data carrier 20, step
`138.
`When the data carrier receives them it performsa verifica-
`tion of the transmitted extracted features, step 140. The inte-
`grated circuit 24 thereby compares the received extracted
`features with the reference features stored in the storage
`means and checks whether a sufficient match is present. Ifthis
`is the case, the portable data carrier 20 confirms to the termi-
`nal 14 the successful verification ofthe transmitted biometric
`the portable data carrier 20
`feature, step 142. Further,
`
`

`

`Case 6:21-cv-01101-ADA Document 31-2 Filed 05/19/22 Page 9 of 9
`
`AIRE-SAMS-00001862
`
`US 8,205,249 B2
`
`5
`switches itself ready to execute the intended security-estab-
`lishing operation, i.e. perform a digital signature.
`After receiving the confirmation of successful verification
`ofauthentication, the terminal 14 causes the data carrier 20 by
`corresponding instructions to perform the digital signature,
`step 144. Together with the instructions the terminal 14 trans-
`mits to the portable data carrier 20 the electronic document 40
`to be signed, or at least parts thereof.
`The integrated circuit 24 of the portable data carrier 20
`thereupon performs the operations required for creating a
`digital signature, step 146. It typically forms a hash value over
`the received part of the electronic document 40 and encrypts
`it with a secret key, stored in the storage means 26, of an
`asymmetrical key pair consisting of a secret key and public
`key.
`Furthermore, the integrated circuit 24 forms quality infor-
`mation, step 148, which acknowledges that authentication of
`the user 30 was done using a biometric feature. Said quality
`information is thereuponjoined firmly with the created digital
`signature to form a security message; expediently within the
`secure messaging mechanism using the previously negotiated
`session keys.
`The thus formed security message consisting of digital
`signature and quality information is sent by the portable data
`carrier 20 back to the terminal 14, step 150. From here the
`transmitted security message is passed on within the effected
`secure electronic transaction to the recipient involved in the
`transaction, e.g. a background system 10.
`In addition to the security-establishing operation per-
`formed by the portable data carrier 20, the recipient of the
`security message at the same time receives through the qual-
`ity information contained therein a statement on the quality of
`the performed authentication of the user 30.
`In the above-described example, quality information was
`created only upon use of a biometric authentication method,
`not upon use of a knowledge-based method. Thus, the lack of
`quality information already signals the use of a lower-quality
`method. However, it can of course be provided that quality
`information is always formed, i.e. regardless of whether a
`knowledge-based or biometric method was chosen for
`authentication.
`While retaining the basic idea of attaching quality infor-
`mation about the quality of the previously performed user
`authentication to the result of a security-establishing opera-
`tion executed by a portable data carrier, the above-described
`concept allows further embodiments and variations. This
`applies to the design of the system used in effecting a trans-
`action, which can comprise more components and compo-
`nents of a different type. The described procedure can also
`comprise further steps, e.g. intermediate steps.
`The invention claimed is:
`1.A method for effecting a secure electronic transaction on
`a terminal using a portable data carrier arranged to perform
`different quality user authentication methods, wherein the
`portable data carrier performs a user authentication using one
`of said different user authentication methods, the portable
`data carrier confirms the proof of authentication to the termi-
`nal, and the portable data carrier then performs a security-
`establishing operation within the electronic transaction, com-
`prising the
`steps of creating authentication quality
`information by the portable data carrier about said user
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`6
`authentication method used and attaching said authentication
`quality information to the result of the security-establishing
`operation, wherein the difference in quality of said user
`authentication methods varies between an inherently rela-
`tively lower quality and an inherently relatively higher quality
`from a security perspective.
`2. The method according to claim 1, wherein the security-
`establishing operation performed by the portable data carrier
`comprises creating a digital signature.
`3. The method according to claim 1, wherein the authenti-
`cation of the user is performed by presentation of a biometric
`feature.
`4. The method according to claim 3, wherein the authenti-
`cation of the user is performed by presentation of a physi-
`ological or behavior-based feature characteristic of a user.
`5. The method according to claim 1, wherein the authenti-
`cation of the user is performed by proof of knowledge of a
`secret.
`6. The method according to claim 1, wherein at least two
`different authentication methods of different quality are
`offered for authentication of the user.
`7. The method according to claim 6, wherein the particular
`authentication methods not used are disabled.
`8. The method according to claim 6, wherein no quality
`information is produced for an authentication method.
`9. The method according to claim 1, whereina user is asked
`to select an authentication method.
`portable data carrier for performing a security-estab-
`lishing operation within a secure electronic transaction and
`arranged to perform different quality user authentication
`methods, wherein the difference in quality of said user
`authentication methods varies between an inherently rela-
`tively lower quality and an inherently relatively higher quality
`from a security perspective, comprising: the portable data
`carrier is arranged to perform a user authentication using one
`of said implemented user authentication methods and the
`portable data carrier is arranged to confirm the authentication
`to aterminal, and wherein the data carrier is arranged to create
`quality information about said user authentication method
`used and to attach such quality information to the result ofthe
`security establishing operation.
`11. The data carrier according to claim 10, wherein the
`portable data carrier is set up to create a digital signature.
`12. The data carrier according to claim 10, wherein the data
`carrier supports at least two qualitatively different authenti-
`cation methods.
`13. A terminal for use in connection with a portable data
`carrier, said terminal including a device arranged to cause a
`user to select one of at least two possible different quality
`authentication methods, wherein the portable data carrier is
`arranged to perform a user authentication using one of the at
`least two possible different quality authentication methods
`and to confirm the authentication to the terminal, and the data
`carrier is arranged to create quality information about the
`authentication method used and to attach such quality infor-
`mation to the result of a security establishing operation, the
`difference in quality of said authentication methods varies
`between an inherently relatively lower quality and an inher-
`ently relatively higher quality from a security perspective.
`
`*
`
`*
`
`*
`
`*
`
`*
`
`

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket