05721781 is referenced by 695 patents and cites 5 patents.

An authentication system includes a portable information device, such as a smart card, that is configured to store and process multiple different applications. The smart card is assigned its own digital certificate which contains a digital signature from a trusted certifying authority and a unique public key. Each of the applications stored on the smart card is also assigned an associated certificate having the digital signature of the certifying authority. The system further includes a terminal that is capable of accessing the smart card. The terminal has at least one compatible application which operates in conjunction with an application on the smart card. The terminal is assigned its own certificate which also contains the digital signature from the trusted certifying authority and a unique public key. Similarly, the application on the terminal is given an associated digital certificate. During a transactional session, the smart card and terminal exchange their certificates to authenticate one another. Thereafter, a smart card application is selected and the related certificates for both the smart card application and the terminal application are exchanged between the smart card and terminal to authenticate the applications. Additionally, the cardholder enters a unique PIN into the terminal. The PIN is passed to the smart card for use in authenticating the cardholder. The three-tiered authentication system promotes security in smart card transactions.

Title
Authentication system and method for smart card transactions
Application Number
8/531567
Publication Number
5721781
Application Date
September 13, 1995
Publication Date
February 24, 1998
Inventor
Daniel R Simon
Redmond
WA, US
Robert B Seidensticker
Woodinville
WA, US
Vinay Deo
Redmond
WA, US
Agent
Lee & Hayes PLLC
Assignee
Microsoft Corporation
WA, US
IPC
H04K 1/00
View Original Source