| 发明名称 |
Mobile device-based keypad for enhanced security |
| 摘要 |
An authentication channel is established between a mobile device and a transaction terminal that uses a keypad for access control. The terminal keypad is assumed to be untrusted, whereas the mobile device has a trusted interface that only the device user can access and use. The transaction terminal includes a short-range communication device, and a keypad interface application configured to communicate with an external keypad device in lieu of the transaction terminal's own keypad. The mobile device includes a mobile app. In response to detecting a user access request, a handshake protocol is performed between the keypad interface application in the transaction terminal and the keypad interface function in the mobile device. If the handshake protocol succeeds, the user is notified that the transaction terminal is trusted. The user then enters his or her password and/or PIN on the mobile device in lieu of direct entry via the terminal keypad. |
| 申请公布号 |
US9413534(B2) |
申请公布日期 |
2016.08.09 |
| 申请号 |
US201514834607 |
申请日期 |
2015.08.25 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Pieczul Olgierd Stanislaw;Celi, Jr. Joseph;McGloin Mark |
| 分类号 |
H04L9/32;H04W12/06;H04M1/725;H04W4/00;H04W12/04 |
主分类号 |
H04L9/32 |
| 代理机构 |
|
代理人 |
Woycechowsky David B.;Judson David H. |
| 主权项 |
1. A method, operative in a mobile device having a display and a hardware processor, the method operative in association with a transaction terminal, the transaction terminal having a physical keypad adapted to receive a user credential to enable an authorized access to the transaction terminal, the physical keypad being untrusted, comprising:
upon detecting an access request and without requiring a trust relationship to be established in advance between the mobile device and the transaction terminal, attempting to establish an authentication channel between the mobile device and the transaction terminal; responsive to successful establishment of the authentication channel between the mobile device and the transaction terminal, providing a notification to a user of the mobile device that the transaction terminal is trusted irrespective of the physical keypad being untrusted; and providing a representation of the physical keypad on the mobile device display, the representation being a virtual keypad that corresponds to the physical keypad and is trusted; receiving data input to the mobile device via the representation of the physical keypad, the data being at least part of the user credential and being received in lieu of direct entry via the physical keypad; and forwarding the data to the transaction terminal for verification of the authorized access; wherein the data is a first portion of the user credential, the first portion being associated with a second portion of the user credential whose entry at the physical keypad is also required for verification of the authorized access; wherein each operation is implemented in software executing in the hardware processor. |
| 地址 |
Armonk NY US |
