Warren Y Tan

US Patent:

6687714, Feb 3, 2004

Filed:

Feb 29, 2000

Appl. No.:

09/515313

Inventors:

Mark Kogen - Lawndale CA
Warren Tan - Thousand Oaks CA

Assignee:

Citicorp Development Center, Inc. - Los Angeles CA

International Classification:

G06F 1730

US Classification:

707200, 707 10

Abstract:

A method and system for managing transaction card data provides distributed services for use of a transaction card, such as a smart card, on board a ship when shipboard communication with a centralized host system is unavailable. Aspects of the centralized land-based system, such as card issuance, card management, and issuer host authentication are migrated to the shipboard environment, and an on board issuance system, a distributed card management system, and a local monitoring and administration system are introduced to the shipboard environment. When the ship leaves port, an instance of the central system database data for the on board ship personnel is hosted on board the ship and stored in the distributed card management system database. Tracking data representing current transaction information for the transaction cards of the ship personnel is also stored in the distributed card management system database, and at regular intervals, when ship-to-shore communication is available, the land-based and shipboard databases are synchronized with one another.

US Patent:

7484089, Jan 27, 2009

Filed:

Nov 10, 2004

Appl. No.:

10/985414

Inventors:

Mark Kogen - Lawndale CA, US
Herve Garcia - Calabasas CA, US
Fred Pinn - Studio City CA, US
Elton Lin - New York NY, US
Warren Tan - Thousand Oaks CA, US

Assignee:

Citicorp Developmemt Center, Inc. - Cincinnati OH

International Classification:

H04L 21/00

US Classification:

713156, 713158, 713175, 726 10

Abstract:

A method and system for combining multiple access points and utilizing certificates as an access method to a system from multiple access points enables use of a certificate that is stored within a smart card to access a host system through a browser, such that when the user accesses the application on the server, the application requires that the card and certificate be present for authentication of the individual user, and concurrently allows an external system to access applications on a host server using a certificate stored on the external system for authenticating itself to the host server. A certificate for certificate-based authentication is created and distributed to a choice of storage methods, such as a microcomputer of an integrated chip card, a computer disk of a computing device disposed in a secure environment, or a Hardware Security Module (HSM) associated with the computing device. The certificate is managed over its life span at least partly via a Lightweight Directory Assistance protocol (LDAP) directory shared by a certificate authority (CA) and the host system. Access to the host system is allowed using the certificate for public key-based authentication to the host system.

US Patent:

7904946, Mar 8, 2011

Filed:

Dec 11, 2006

Appl. No.:

11/636839

Inventors:

Ronald King-Hang Chu - Los Angeles CA, US
Mark Kogen - Torrance CA, US
Warren Tan - Thousand Oaks CA, US
Simon Ma - Torrance CA, US
Yosif Smushkovich - Santa Monica CA, US
Gerry Glindro - Carson CA, US
Jeffrey William Coyte Nicholas - Los Angeles CA, US

Assignee:

Citicorp Development Center, Inc. - Los Angeles CA

International Classification:

H04L 29/00

US Classification:

726 5, 726 6, 726 7, 726 8, 726 9, 726 10

Abstract:

Methods and systems for secure user authentication utilizes OTP generation and validation techniques in which the shared secret for generating the OTP is not stored in the user's mobile device but instead is dynamically synthesized based on a PIN that activates the OTP generation and the personalized OTP data. The client software has no knowledge of what the correct PIN should be and always generates a normal looking OTP based on whatever PIN is entered, and the only way to learn whether or not the OTP is correct is to submit it during user login. By limiting the number of failed login attempts before the account is locked, brute-force attacks via the online channel will fail, and further, brute-force attacks to uncover the correct PIN for generating the correct OTP offline will also fail even if a hacker steals the user's mobile device and extracts the data inside for offline hacking, because there is nothing on the client that contains the PIN or encrypted by the PIN.

US Patent:

20110197266, Aug 11, 2011

Filed:

Feb 2, 2011

Appl. No.:

13/019333

Inventors:

Ronald King-Hang CHU - Los Angeles CA, US
Mark Kogen - Torrance CA, US
Warren Tan - Thousand Oaks CA, US
Simon Ma - Torrance CA, US
Yosif Smushkovich - Santa Monica CA, US
Gerry Glindro - Carson CA, US
Jeffrey William Coyte Nicholas - Los Angeles CA, US

International Classification:

H04L 9/32

US Classification:

726 5

Abstract:

Methods and systems for secure user authentication using a OTP involve, for example, pre-storing a OTP application on a first computing device for generating a valid OTP value for the user responsive to receiving entry of a valid PIN value of the user, no part of the valid PIN value is stored on the first computing device and pre-storing on a back-end server the valid PIN value and a valid shared secret for the user. Upon receiving entry of a purported PIN value of the user, a purported shared secret is dynamically synthesized on the first computing device by the OTP application based on the purported PIN value of the user and a purported OTP value is generated on the first computing device. When entry of the purported OTP value is received by the back-end server in an attempt to log on the back-end server from a second computing device, the back-end server cryptographically calculates a window of OTP values, and log on to the back-end server from the second computing device is allowed if the calculated window of OTP values corresponds to the received OTP value.

US Patent:

58442189, Dec 1, 1998

Filed:

Jul 16, 1996

Appl. No.:

8/683781

Inventors:

Joseph C. Kawan - Hollywood CA
Warren Yung-Hang Tan - Thousand Oaks CA

Assignee:

Transaction Technology, Inc. - Santa Monica CA

International Classification:

G06K 0500
G06F 1760

US Classification:

235380

Abstract:

A smart card for financial transactions that can be programmed to operate using a variety of applications is disclosed. The card includes an interpreter that interfaces the smart card and an automatic teller machine or merchant terminal. The card includes a plurality of application modules each of which contain application programming that can be used by the interpreter to manage the card-to-system interface. At least one of the application modules can be reprogrammed to provide application programming for the interpreter that is compatible with the locally prevalent application program used by automatic teller machines and card terminals in the area where the cardholder is traveling.

US Patent:

57683867, Jun 16, 1998

Filed:

May 31, 1996

Appl. No.:

8/655922

Inventors:

Randal H. Yokomoto - Torrance CA
Warren Yung-Hang Tan - Thousand Oaks CA
Yosif Smushkovich - Santa Monica CA
Xuan S. Bui - Culver City CA
Michael Merman - Santa Monica CA
Inas M. Dessouky - Los Angeles CA
Cuong Do - Woodland Hills CA
Stephen M. Gryte - Los Angeles CA
Phoebe Rin-Rin Hsu - Northridge CA
Robert R. Propp - Corona Del Mar CA
Michael L. Sears - Torrance CA

Assignee:

Transaction Technology, Inc. - Santa Monica CA

International Classification:

H04L 900
H04L 910

US Classification:

380 24

Abstract:

An improved touch screen encryption device and method is disclosed. The user selects information from prompts displayed on a touch screen. The improved device determines the input information based upon the location of the touch. The device encrypts the information--for example, the user's personal identification number--and sends the encrypted information to a remote processor. The device and method may be used by a financial institution (such as a bank), a postal services institution or wherever sensitive information is input through a touch screen.