News Column

"Cryptographic Expansion Device and Related Protocols" in Patent Application Approval Process

August 19, 2014



By a News Reporter-Staff News Editor at Information Technology Newsweekly -- A patent application by the inventor Huxham, Horatio Nelson (Kenridge, ZA), filed on July 20, 2012, was made available online on August 7, 2014, according to news reporting originating from Washington, D.C., by VerticalNews correspondents.

This patent application has not been assigned to a company or institution.

The following quote was obtained by the news editors from the background information supplied by the inventors: "In developing countries and rural areas, less than 10% of the population may have access to banking services from traditional brick-and-mortar banks. In such areas, a bank may be physically located too far away for a majority of the population to travel to. And even if a bank is nearby, it may be the only bank location in the vicinity of a vast region covering a large number of the population. The brick-and-mortar bank may not have the resources and capacity to adequately support such a large number of customers, resulting in long wait times and inconvenience for the bank's customers. In most developing countries, building additional bank branches and/or installing automated teller machines (ATMs) at various locations are often not a viable solution due to the high costs of the complex infrastructure involved. Even in developed countries where there are more bank branches and ATM locations available, customers may still have limited access to banking services such as services that are not available from ATMs during non-business hours. Furthermore, certain customers such as the elderly or customers with disabilities may still have difficulty getting to the bank branches or ATM locations.

"In recent years, the use of mobile devices in developed and developing countries has grown rapidly. As such, one way of providing these communities with access to banking services is to enable users of mobile devices to perform mobile banking transactions, such as making mobile payments or money transfers, or checking account balances or performing other account related services, directly from their mobile devices. However, security concerns are often a stumbling block that hinders the wide adoption and growth of mobile banking Most mobile devices lack the capability to securely send end-to-end encrypted communication. As a result, sensitive information, such as a Personal Identification Numbers (PINs) and Primary Account Numbers (PANs), might be sent in plaintext form, creating a vulnerability in which such sensitive information can be intercepted by malicious parties and be used for fraudulent purposes.

"While some security measures can be provided by mobile network operators, for example, to provide encryption capabilities at a base station, the protection provided by such solutions is still limited because the communication is still sent in plaintext form at some point during the transmission. Other solutions require re-provisioning of users' mobile devices, for example, by over the air (OTA) provisioning, and such solutions can be costly in terms of both deployment and operating costs. Consequently, mobile operators have to either pass this cost onto their customers or absorb it themselves. Thus, the total cost of ownership (TCO) is also often a stumbling block that prevents the uptake and growth of mobile banking Without a cost-effective and efficient way to securely send and receive communication with mobile devices, mobile banking operators are destined to incur losses or fail to roll out their mobile banking services entirely.

"Embodiments of the present invention address these and other problems individually and collectively."

In addition to the background information obtained for this patent application, VerticalNews journalists also obtained the inventor's summary information for this patent application: "Embodiments of the present invention disclose a cryptographic expansion device that can be attached to a communication component of a communication device to enable the communication device to perform cryptographic operations on communications sent to and from the communication device. When used with a communication device, the cryptographic expansion device enables the communication device to send and received end-to-end secure encrypted communications. The cryptographic expansion device according to various embodiments can be used with a communication device without requiring any changes to the internal software or hardware of the communication device and without requiring any modification to the communication protocols used by the communication device. In some embodiments, the end-to-end secure communications enabled by the cryptographic expansion device can be utilized by a user of the communication device to perform financial and/or banking transactions.

"According to at least one embodiment, the cryptographic expansion device is a cryptographic label that includes a hardware security module disposed therein. The hardware security module includes a secure processing unit and a public processing unit. The cryptographic label also includes a first set of electrical contacts disposed on the top side of the cryptographic label for interfacing to a communication device, and a second set of electrical contacts disposed on the bottom side of the cryptographic label for interfacing to a communication component. A coupling element is also provided to attach the cryptographic label to the communication component. In an exemplary embodiment, the communication device can be a mobile phone, the communication component can be a subscriber identity module (SIM) card, and the coupling element used for attaching the cryptographic label to the communication component can be an adhesive material disposed on the cryptographic label

"According to at least one embodiment, a communication system for sending secure communications includes a communication component and a cryptographic label attached to the communication component. The cryptographic label includes a cryptoprocessor disposed therein, and also a processor coupled to cryptoprocessor disposed therein. The cryptographic label also includes a set of electrical contacts that electrically couples the cryptographic label to the electrical contacts of the communication component. The cryptographic label enables a mobile device equipped with the communication component and the attached cryptographic label to send encrypted data using the cryptoprocessor in the cryptographic label. In an exemplary embodiment, the communication component can be a SIM card.

"According to at least one embodiment, a method for enabling the transmission of secure communications from a communication device using a cryptographic label attached to a communication component of the communication device includes receiving a message in the cryptographic label, and determining if the message is associated with a secure operation. A secure operation can include one or more of encryption, decryption, message authentication code generation or verification, hash generation or verification, or other functions to be performed by the cryptographic label. If it is determined that the message is associate with a secure operation, a cryptographic operation is performed, by a cryptographic processor disposed in the cryptographic label, on the data or information associated with the secure operation. The data encrypted by the cryptographic processor is sent from the cryptographic label to the communication device for transmission in a secure communication. If the message is determined to be associated with a non-secure operation, the message is passed through to the communication component. In an exemplary embodiment, the communication device can be a mobile phone, the communication component can be a SIM card, and the secure communication can be sent as a encrypted Short Message Service (SMS) message, an Unstructured Supplementary Service Data (USSD) message, a Near Filed Communication (NFC) communication, or a Radio Frequency (RF) communication.

"These and other embodiments of the invention are described in further details below.

BRIEF DESCRIPTION OF THE DRAWINGS

"FIG. 1 illustrates a cryptographic expansion device and a communication component of a communication device, according to one embodiment of the present invention.

"FIG. 2A illustrates a cross-sectional view of a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 2B illustrates a top view of a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 2C illustrates a bottom view of a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 3 illustrates a block diagram of the components of a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 4 illustrates a conceptual block diagram of the functional blocks of a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 5 illustrates a communication system for sending and receiving secure communications using a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 6 illustrates a diagram showing the process of initializing a communication component in a communication device equipped with a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 7 illustrates a diagram showing the process of installing a user menu in a communication device equipped with a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 8 illustrates a diagram showing the process of performing a non-secure operation in a communication device equipped with a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 9 illustrates a diagram showing the process of performing a secure operation in a communication device equipped with a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 10 illustrates a diagram showing the process of setting up a secure communication channel between devices using a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 11 illustrates a flow diagram of performing a secure operation with a cryptographic expansion device, according to one embodiment of the present invention.

"FIG. 12 illustrates a block diagram of a communication device, according to one embodiment of the present invention."

URL and more information on this patent application, see: Huxham, Horatio Nelson. Cryptographic Expansion Device and Related Protocols. Filed July 20, 2012 and posted August 7, 2014. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=986&p=20&f=G&l=50&d=PG01&S1=20140731.PD.&OS=PD/20140731&RS=PD/20140731

Keywords for this news article include: Patents, Legal Issues, Information Technology, Information and Data Encoding and Encryption.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel



Source: Information Technology Newsweekly


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters