Patents Assigned to Entrust, Inc.
  • Patent number: 10165440
    Abstract: A method and apparatus provides for user authentication. In an example, the method and apparatus includes receiving a selected signal strength for smart card emulation authentication. The method and apparatus also includes receiving a signal from a portable wireless device radio transceiver. The method also includes measuring the signal strength of the signal. The method and apparatus also includes, if the signal is at or above the selected signal strength, transmitting one or more signals to the portable radio device radio transceiver requesting user authentication, and if the signal is not at or above a selected signal strength, refusing a request to authenticate by the portable radio device radio transceiver. The method and apparatus also includes receiving one or more authentication response signals from the portable radio device in response to the request for user authentication, the one or more response signals including at least authentication information unique to a user.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: December 25, 2018
    Assignee: Entrust, Inc.
    Inventors: Clayton Douglas Smith, Lindsay Martin Kent
  • Patent number: 10009378
    Abstract: A method and apparatus provides first or second factor authentication by providing selectability of a plurality of second factor authentication policies associated with a second factor authentication article. The first or second factor authentication article includes authentication information, such as a plurality of data elements in different cells or locations on the authentication article, which can be located by using corresponding location information. The method and apparatus provides second factor authentication based on the first or second factor authentication article by enforcing at least one of the plurality of selected authentication policies.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: June 26, 2018
    Assignee: Entrust, Inc.
    Inventors: Michael Chiviendacz, Steve Neville, Chris Voice, Michael Morgan
  • Patent number: 9994054
    Abstract: An apparatus and methods for generating an identity document obtain unique machine data related to an identity document generation system. The apparatus and methods obtain personalization data related to an intended holder of the identity document. The apparatus and methods generate a unique machine and personalization data object that includes values of the unique machine data and the personalization data. The apparatus and methods digitally sign the unique machine and personalization data object. The apparatus and methods incorporate the signed unique machine and personalization data object into the identity document.
    Type: Grant
    Filed: August 18, 2015
    Date of Patent: June 12, 2018
    Assignee: Entrust, Inc.
    Inventors: Mark Andrew Joynes, Gregory James Wetmore, Gordon William Coulson, Sharon Marie Boeyen
  • Patent number: 9954860
    Abstract: In one example, a proxy server acts as a gateway to a website and modifies the traffic between a web browser on a user device and the website server, as necessary to request protection by providing step-up authentication and/or transaction verification. The proxy server blocks transactions when protection is required but has not occurred (either because the authentication was not proper or due to the detection of another problem). Associated methods and systems are also provided.
    Type: Grant
    Filed: March 13, 2014
    Date of Patent: April 24, 2018
    Assignee: Entrust, Inc.
    Inventors: Christopher D. Wood, Michael Holtstrom, Roland Thomas Lockhart, Murray McCulligh, Serge Jean Maurice Mister, Greg Wetmore
  • Patent number: 9876793
    Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of one-time challenge-reply sets based on an on-line communication with a sender unit. In one example, each of the one-time challenge-reply sets includes at least a one-time challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored one-time challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit. The one-time challenge-reply sets may be associated with an article.
    Type: Grant
    Filed: March 7, 2016
    Date of Patent: January 23, 2018
    Assignee: Entrust, Inc.
    Inventors: Chris Voice, Marc Smith, Murray McCulligh, Robert Zuccherato
  • Patent number: 9767627
    Abstract: Apparatus, systems and methods are disclosed that utilize a vehicle user's input to provide logical context of legitimate vehicle usage through a remote access device to defend the vehicle from theft. As such, an additional level of security is employed and may be used in addition to other security and theft prevention technologies of the vehicle. In one example, a legitimate automobile operator signals the context of the vehicle's state to a hardware security module in the vehicle. The states include, for example, to disallow all diagnostic system access or to allow diagnostic access for servicing.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: September 19, 2017
    Assignee: Entrust, Inc.
    Inventor: Jason Aurele Soroko
  • Patent number: 9519770
    Abstract: A transaction card comprising, such as a credit card or debit card, includes transaction card serial number information that identifies the transaction card, sender authentication information identifiable by location information and location information is on the transaction card. In addition, account information is also on the transaction card.
    Type: Grant
    Filed: September 23, 2011
    Date of Patent: December 13, 2016
    Assignee: Entrust, Inc.
    Inventors: Christopher Brian Voice, Michael Chiviendacz, Edward Pillman
  • Publication number: 20160072845
    Abstract: A method and apparatus provides first or second factor authentication by providing selectability of a plurality of second factor authentication policies associated with a second factor authentication article. The first or second factor authentication article includes authentication information, such as a plurality of data elements in different cells or locations on the authentication article, which can be located by using corresponding location information. The method and apparatus provides second factor authentication based on the first or second factor authentication article by enforcing at least one of the plurality of selected authentication policies.
    Type: Application
    Filed: November 16, 2015
    Publication date: March 10, 2016
    Applicant: ENTRUST, INC.
    Inventors: Michael Chiviendacz, Steve Neville, Chris Voice, Michael Morgan
  • Patent number: 9281945
    Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of challenge-reply sets associated with an article based on an on-line communication with a sender unit. Each of the challenge-reply sets includes at least a challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit.
    Type: Grant
    Filed: September 30, 2005
    Date of Patent: March 8, 2016
    Assignee: Entrust, Inc.
    Inventors: Chris Voice, Marc Smith, Murray McCulligh, Robert Zuccherato
  • Patent number: 9191215
    Abstract: A method and apparatus provides first or second factor authentication by providing selectability of a plurality of second factor authentication policies associated with a second factor authentication article. The first or second factor authentication article includes authentication information, such as a plurality of data elements in different cells or locations on the authentication article, which can be located by using corresponding location information. The method and apparatus provides second factor authentication based on the first or second factor authentication article by enforcing at least one of the plurality of selected authentication policies.
    Type: Grant
    Filed: December 12, 2005
    Date of Patent: November 17, 2015
    Assignee: Entrust, Inc.
    Inventors: Michael Chiviendacz, Steve Neville, Chris Voice, Michael Morgan
  • Patent number: 9100194
    Abstract: A method, apparatus and/or system generates a challenge for user authentication, having a challenge data element from a stored pool of challenge data elements. The challenge is based on rule data and stored usage data associated with at least some of the challenge data elements in the stored pool of challenge data elements. The generated challenge is sent for use in an authentication of a user to a sender. A method, apparatus and/or system also generates sender authentication and corresponding location information, having a data element from a stored pool of challenge data elements. Selection of the data elements is based on rule data and stored usage data associated with at least some of the data elements in the stored pool of data elements.
    Type: Grant
    Filed: November 26, 2012
    Date of Patent: August 4, 2015
    Assignee: Entrust Inc.
    Inventors: Serge Mister, Steve Neville, Robert J. Zuccherato, Christopher Voice, Michael Morgan
  • Patent number: 8966579
    Abstract: A method, apparatus and/or system generates a challenge for user authentication, having a challenge data element from a stored pool of challenge data elements. The challenge is based on rule data and stored usage data associated with at least some of the challenge data elements in the stored pool of challenge data elements. The generated challenge is sent for use in an authentication of a user to a sender. A method, apparatus and/or system also generates sender authentication and corresponding location information, having a data element from a stored pool of challenge data elements. Selection of the data elements is based on rule data and stored usage data associated with at least some of the data elements in the stored pool of data elements.
    Type: Grant
    Filed: December 12, 2005
    Date of Patent: February 24, 2015
    Assignee: Entrust, Inc.
    Inventors: Serge Mister, Steve Neville, Robert J. Zuccherato, Chris Voice, Michael Morgan
  • Publication number: 20140373093
    Abstract: In one example, a proxy server acts as a gateway to a website and modifies the traffic between a web browser on a user device and the website server, as necessary to request protection by providing step-up authentication and/or transaction verification. The proxy server blocks transactions when protection is required but has not occurred (either because the authentication was not proper or due to the detection of another problem). Associated methods and systems are also provided.
    Type: Application
    Filed: March 13, 2014
    Publication date: December 18, 2014
    Applicant: Entrust, Inc.
    Inventors: Christopher D. Wood, Michael Holtstrom, Roland Thomas Lockhart, Murray McCulligh, Serge Jean Maurice Mister, Greg Wetmore
  • Patent number: 8769433
    Abstract: A method and apparatus for protecting communication of information through a graphical user interface displays a graphical user interface that includes a trusted interaction window. In one example, the method includes continuously determining whether information has been overlayed on top of at least a portion of the displayed trusted interaction window and then disabling an operation being requested when an overlay condition has been determined. In one example, the trusted interaction window is maintained to be the top most window when it is called by an application, for example, during an online transaction, or any other suitable action. The trusted interaction window may be generated via a browser, or operating system, or any other suitable application. As such, the trusted interaction window detects when another window is overlayed on top of it, such as a chromeless window, thereby preventing an unscrupulous party from tricking the user or obtaining sensitive information.
    Type: Grant
    Filed: May 13, 2005
    Date of Patent: July 1, 2014
    Assignee: Entrust, Inc.
    Inventor: Serge Jean Maurice Mister
  • Publication number: 20130334323
    Abstract: A secure identification information member, such as a transaction card, includes a translucent area having an information pattern representing one or more identifiers configured to overlay a portion of a display screen. In one example, a transaction card includes a first portion that contains transaction card account information and a second portion that contains a translucent identification member having a translucent area that includes one or more obscured identifiers.
    Type: Application
    Filed: August 21, 2013
    Publication date: December 19, 2013
    Applicant: Entrust, Inc.
    Inventors: Michael Chiviendacz, Edward Pillman
  • Patent number: 8612757
    Abstract: An apparatus and method for securely providing identification information generates one or more obscured identifiers for a recipient, such as one or more identifiers that are generated based on data unique to a recipient or other information as may be appropriate. In one embodiment, the method and apparatus generates a translucent identification member, such as a plastic card, sheet, film or other suitable member that has a translucent area that includes one or more obscured identifiers. When the translucent identification member is overlayed on a screen displaying a visual filtering pattern, one of one or more obscured identifiers is visually revealed for use during the particular transaction. The revealed identifier is entered into a recipient device and sent to an authenticator to be verified as an appropriate identifier for the transaction.
    Type: Grant
    Filed: December 30, 2003
    Date of Patent: December 17, 2013
    Assignee: Entrust, Inc.
    Inventors: Michael Chiviendacz, Edward Pillman
  • Patent number: 8538893
    Abstract: An electronic transaction evidence archive apparatus and method archives electronic transaction evidence, such as public key based electronic transaction evidence on behalf of a first party. The apparatus and method determines redundant electronic transaction evidence and removes the redundant electronic transaction evidence prior to archival. In one embodiment, the electronic transaction evidence archive apparatus and method indexes received electronic transaction evidence and archives the indexed data elements thereof. When a subsequent archival request is made, the apparatus and method evaluates the index data to determine redundant electronic transaction evidence and discards redundant information to save memory resources. The first party provides the electronic transaction evidence in, for example, an archive evidence bundle, which includes data elements related to a single transaction.
    Type: Grant
    Filed: October 1, 1999
    Date of Patent: September 17, 2013
    Assignee: Entrust, Inc.
    Inventor: Timothy E. Moses
  • Publication number: 20130237190
    Abstract: A method and apparatus provides for user authentication. In an example, the method and apparatus includes receiving a selected signal strength for smart card emulation authentication. The method and apparatus also includes receiving a signal from a portable wireless device radio transceiver. The method also includes measuring the signal strength of the signal. The method and apparatus also includes, if the signal is at or above the selected signal strength, transmitting one or more signals to the portable radio device radio transceiver requesting user authentication, and if the signal is not at or above a selected signal strength, refusing a request to authenticate by the portable radio device radio transceiver. The method and apparatus also includes receiving one or more authentication response signals from the portable radio device in response to the request for user authentication, the one or more response signals including at least authentication information unique to a user.
    Type: Application
    Filed: March 15, 2013
    Publication date: September 12, 2013
    Applicant: ENTRUST, INC.
    Inventors: Clayton Douglas Smith, Lindsay Martin Kent
  • Publication number: 20130183936
    Abstract: A method and apparatus provides for user authentication. In an example, the method and apparatus includes receiving a selected signal strength for smart card emulation authentication. The method and apparatus also includes receiving a signal from a portable wireless device radio transceiver. The method also includes measuring the signal strength of the signal. The method and apparatus also includes, if the signal is at or above the selected signal strength, transmitting one or more signals to the portable radio device radio transceiver requesting user authentication, and if the signal is not at or above a selected signal strength, refusing a request to authenticate by the portable radio device radio transceiver. The method and apparatus also includes receiving one or more authentication response signals from the portable radio device in response to the request for user authentication, the one or more response signals including at least authentication information unique to a user.
    Type: Application
    Filed: January 16, 2013
    Publication date: July 18, 2013
    Applicant: Entrust, Inc.
    Inventors: Clayton Douglas Smtih, Lindsay Martin Kent
  • Publication number: 20130080780
    Abstract: A method, apparatus and/or system generates a challenge for user authentication, having a challenge data element from a stored pool of challenge data elements. The challenge is based on rule data and stored usage data associated with at least some of the challenge data elements in the stored pool of challenge data elements. The generated challenge is sent for use in an authentication of a user to a sender. A method, apparatus and/or system also generates sender authentication and corresponding location information, having a data element from a stored pool of challenge data elements. Selection of the data elements is based on rule data and stored usage data associated with at least some of the data elements in the stored pool of data elements.
    Type: Application
    Filed: November 26, 2012
    Publication date: March 28, 2013
    Applicant: Entrust, Inc.
    Inventor: Entrust, Inc.