Patents by Inventor Yosif Smushkovich
Yosif Smushkovich has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11917069Abstract: Secure user authentication using a OTP involve pre-storing an application on a first device for generating a valid OTP for the user responsive to receiving entry of a valid PIN, no part of the valid PIN is stored on the first device and pre-storing on a back-end server the valid PIN and a valid shared secret for the user. Upon receiving entry of a purported PIN, a purported shared secret is dynamically synthesized on the first device by the application based on the purported PIN and a purported OTP is generated on the first device. When entry of the purported OTP is received by the server in an attempt to log on the server from a second device, the server cryptographically calculates a window of OTPs, and logs on to the server from the second device is allowed if the calculated window of OTPs corresponds to the received OTP.Type: GrantFiled: June 29, 2023Date of Patent: February 27, 2024Assignee: CITICORP CREDIT SERVICES, INC. (USA)Inventors: Ronald Chu, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey Nicholas
-
Patent number: 11394553Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.Type: GrantFiled: August 15, 2017Date of Patent: July 19, 2022Assignee: CITICORP CREDIT SERVICES, INC. (USA)Inventors: Ronald Chu, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey Nicholas
-
Patent number: 9768963Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.Type: GrantFiled: February 2, 2011Date of Patent: September 19, 2017Assignee: Citicorp Credit Services, Inc. (USA)Inventors: Ronald King-Hang Chu, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey William Coyte Nicholas
-
Patent number: 9002750Abstract: For secure user authentication using a one-time password (OTP) application is pre-stored on a device for generating a OTP value responsive to entry of a valid PIN, no part of the PIN is stored on the device and pre-storing on a server the PIN and a valid shared secret for the user. Upon receiving entry a purported PIN, a purported shared secret is dynamically synthesized on the device by the OTP application based on the purported PIN of the user and a purported OTP value is generated based on the purported shared secret. When entry of the purported OTP value is received by the server in an attempt to log on the server from another device, the server cryptographically calculates a purported shared secret based on the purported OTP value, and log on to the server from the other device is allowed if the calculated purported shared secret corresponds to the pre-stored shared secret.Type: GrantFiled: April 23, 2007Date of Patent: April 7, 2015Assignee: Citicorp Credit Services, Inc. (USA)Inventors: Ronald King-Hang Chu, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey William Coyte Nicholas
-
Publication number: 20110197266Abstract: Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device.Type: ApplicationFiled: February 2, 2011Publication date: August 11, 2011Inventors: Ronald King-Hang CHU, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey William Coyte Nicholas
-
Patent number: 7904946Abstract: Methods and systems for secure user authentication utilizes OTP generation and validation techniques in which the shared secret for generating the OTP is not stored in the user's mobile device but instead is dynamically synthesized based on a PIN that activates the OTP generation and the personalized OTP data. The client software has no knowledge of what the correct PIN should be and always generates a normal looking OTP based on whatever PIN is entered, and the only way to learn whether or not the OTP is correct is to submit it during user login. By limiting the number of failed login attempts before the account is locked, brute-force attacks via the online channel will fail, and further, brute-force attacks to uncover the correct PIN for generating the correct OTP offline will also fail even if a hacker steals the user's mobile device and extracts the data inside for offline hacking, because there is nothing on the client that contains the PIN or encrypted by the PIN.Type: GrantFiled: December 11, 2006Date of Patent: March 8, 2011Assignee: Citicorp Development Center, Inc.Inventors: Ronald King-Hang Chu, Mark Kogen, Warren Tan, Simon Ma, Yosif Smushkovich, Gerry Glindro, Jeffrey William Coyte Nicholas
-
Patent number: 7039812Abstract: A method and system for authenticating the identity of a user by an authority makes use of presenting biometric data for the user in a predetermined shared secret sequence. The method and system can be augmented by requesting an additional shared secret, such as a PIN or additional credentials, to establish multiple layers of authentication. Varying the layers of authentication results in greater or lesser security, and the accuracy for any given layer can be relaxed without compromising the integrity of the entire method.Type: GrantFiled: January 25, 2001Date of Patent: May 2, 2006Assignee: Citicorp Development Center, Inc.Inventors: Joseph C. Kawan, Yosif Smushkovich, Ronald King-Hang Chu
-
Patent number: 6848050Abstract: A system and method for verifying the identification of a user and securely establishing an encryption key for a communication between the user and a verifying entity, such as a bank, which makes use of the numeric value of the user's personal identification number (PIN) known only to the user and the bank and resolves the man-in-the-middle problem. The system and method replaces a public parameter with the customer's PIN to provide an encryption mechanism that is less complex than existing protocols. Use of the protocol enables new products and improvement of existing products using a service access device and service access device interface, including, for example, self-service terminals.Type: GrantFiled: April 15, 1999Date of Patent: January 25, 2005Assignee: Citicorp Development Center, Inc.Inventors: Michael Merman, Yosif Smushkovich
-
Publication number: 20010049785Abstract: A method and system for authenticating the identity of a user by an authority makes use of presenting biometric data for the user in a predetermined shared secret sequence. The method and system can be augmented by requesting an additional shared secret, such as a PIN or additional credentials, to establish multiple layers of authentication. Varying the layers of authentication results in greater or lesser security, and the accuracy for any given layer can be relaxed without compromising the integrity of the entire method.Type: ApplicationFiled: January 25, 2001Publication date: December 6, 2001Inventors: Joseph C. Kawan, Yosif Smushkovich, Ronald King-Hang Chu
-
Patent number: 5768386Abstract: An improved touch screen encryption device and method is disclosed. The user selects information from prompts displayed on a touch screen. The improved device determines the input information based upon the location of the touch. The device encrypts the information--for example, the user's personal identification number--and sends the encrypted information to a remote processor. The device and method may be used by a financial institution (such as a bank), a postal services institution or wherever sensitive information is input through a touch screen.Type: GrantFiled: May 31, 1996Date of Patent: June 16, 1998Assignee: Transaction Technology, Inc.Inventors: Randal H. Yokomoto, Warren Yung-Hang Tan, Yosif Smushkovich, Xuan S. Bui, Michael Merman, Inas M. Dessouky, Cuong Do, Stephen M. Gryte, Phoebe Rin-Rin Hsu, Robert R. Propp, Michael L. Sears
-
Patent number: 5596371Abstract: For large screen video displays using line-doubling to reduce scan line visibility, where a video source signal in standard interlaced format such as NTSC is converted to line-doubled non-interlaced format for progressively scanned display, visible motion degradations such as edge shimmer and strobe effects due to film-sourced video material are minimized by improved motion-detection video processing taught by this invention. In advance of actual display, successive fields are monitored for motion value in a first motion-detector and microprocessor comparator/analyzer where fields having high field-motion-value are detected as H-fields. Then, for display, each H-field is modified by pixel-averaging with a selected non-H-field. The regular and averaged fields are correctly sequenced to achieve vertical pixel alignment and smooth motion transitions thus minimizing film-source edge motion degradation.Type: GrantFiled: February 2, 1995Date of Patent: January 21, 1997Assignee: DWIN Electronics Inc.Inventors: Eduard Pakhchyan, Yosif Smushkovich
-
Patent number: 4641063Abstract: For an ultra high resolution color picture tube display, a level-shifting circuit is interposed between each of the three video output amplifiers and the three picture tube cathodes receiving video drive. In the level-shifting circuit, d.c. control voltages from adjustment potentiometers are applied to a voltage-controlled current source which provides voltage-compliant control input to a current-controlled voltage source which provides the adjustable d.c. offset voltage interjected between each video output amplifier and a corresponding picture tube cathode, providing individual background adjustment and brightness tracking adjustment compensation for cutoff spreads between the three picture tube guns and providing user brightness control action all independent of operating bias point voltages in the video amplifiers, so that they can be design-optimized for maximum bandwidth to achieve ultra high resolution.Type: GrantFiled: December 10, 1985Date of Patent: February 3, 1987Inventor: Yosif Smushkovich