Abstract: Secure user authentication using a OTP involve pre-storing an application on a first device for generating a valid OTP for the user responsive to receiving entry of a valid PIN, no part of the valid PIN is stored on the first device and pre-storing on a back-end server the valid PIN and a valid shared secret for the user. Upon receiving entry of a purported PIN, a purported shared secret is dynamically synthesized on the first device by the application based on the purported PIN and a purported OTP is generated on the first device. When entry of the purported OTP is received by the server in an attempt to log on the server from a second device, the server cryptographically calculates a window of OTPs, and logs on to the server from the second device is allowed if the calculated window of OTPs corresponds to the received OTP.

Abstract: A system, method and apparatus for exchanging value using a smart card in a financial transaction is disclosed. The system includes a smart card having a contact interface and a contactless interface interactive with a closed purse application and an open purse application controlled by a microprocessor. The closed purse application contains application-specific value, while the open purse contains general value. The application-specific value and general value are each compatible within the system of the invention to perform and settle the financial transaction. The financial transaction may include the smart card communicating with a load terminal or a transaction terminal to add or change the amount of value on the smart card. Further, the present invention include auto-load functionality for adding an amount of value to the smart card. Finally, applications such as a transportation application and a loyalty application are described.

Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.

Abstract: A system, method and apparatus for exchanging value using a smart card in a financial transaction is disclosed. The system includes a smart card having a contact interface and a contactless interface interactive with a closed purse application and an open purse application controlled by a microprocessor. The closed purse application contains application-specific value, while the open purse contains general value. The application-specific value and general value are each compatible within the system of the invention to perform and settle the financial transaction. The financial transaction may include the smart card communicating with a load terminal or a transaction terminal to add or change the amount of value on the smart card. Further, the present invention include auto-load functionality for adding an amount of value to the smart card. Finally, applications such as a transportation application and a loyalty application are described.

Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.

Abstract: For secure user authentication using a one-time password (OTP) application is pre-stored on a device for generating a OTP value responsive to entry of a valid PIN, no part of the PIN is stored on the device and pre-storing on a server the PIN and a valid shared secret for the user. Upon receiving entry a purported PIN, a purported shared secret is dynamically synthesized on the device by the OTP application based on the purported PIN of the user and a purported OTP value is generated based on the purported shared secret. When entry of the purported OTP value is received by the server in an attempt to log on the server from another device, the server cryptographically calculates a purported shared secret based on the purported OTP value, and log on to the server from the other device is allowed if the calculated purported shared secret corresponds to the pre-stored shared secret.

Abstract: A system, method and apparatus for exchanging value using a smart card in a financial transaction is disclosed. The system includes a smart card having a contact interface and a contactless interface interactive with a closed purse application and an open purse application controlled by a microprocessor. The closed purse application contains application-specific value, while the open purse contains general value. The application-specific value and general value are each compatible within the system of the invention to perform and settle the financial transaction. The financial transaction may include the smart card communicating with a load terminal or a transaction terminal to add or change the amount of value on the smart card. Further, the present invention include auto-load functionality for adding an amount of value to the smart card. Finally, applications such as a transportation application and a loyalty application are described.

Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.

Abstract: Methods and systems for secure user authentication utilizes OTP generation and validation techniques in which the shared secret for generating the OTP is not stored in the user's mobile device but instead is dynamically synthesized based on a PIN that activates the OTP generation and the personalized OTP data. The client software has no knowledge of what the correct PIN should be and always generates a normal looking OTP based on whatever PIN is entered, and the only way to learn whether or not the OTP is correct is to submit it during user login. By limiting the number of failed login attempts before the account is locked, brute-force attacks via the online channel will fail, and further, brute-force attacks to uncover the correct PIN for generating the correct OTP offline will also fail even if a hacker steals the user's mobile device and extracts the data inside for offline hacking, because there is nothing on the client that contains the PIN or encrypted by the PIN.

Abstract: A method and system for combining multiple access points and utilizing certificates as an access method to a system from multiple access points enables use of a certificate that is stored within a smart card to access a host system through a browser, such that when the user accesses the application on the server, the application requires that the card and certificate be present for authentication of the individual user, and concurrently allows an external system to access applications on a host server using a certificate stored on the external system for authenticating itself to the host server. A certificate for certificate-based authentication is created and distributed to a choice of storage methods, such as a microcomputer of an integrated chip card, a computer disk of a computing device disposed in a secure environment, or a Hardware Security Module (HSM) associated with the computing device.

Abstract: A method and system for managing transaction card data provides distributed services for use of a transaction card, such as a smart card, on board a ship when shipboard communication with a centralized host system is unavailable. Aspects of the centralized land-based system, such as card issuance, card management, and issuer host authentication are migrated to the shipboard environment, and an on board issuance system, a distributed card management system, and a local monitoring and administration system are introduced to the shipboard environment. When the ship leaves port, an instance of the central system database data for the on board ship personnel is hosted on board the ship and stored in the distributed card management system database.