A badge user may want to use a different device, e.g., a smartphone, a smartwatch, etc., as their credential in lieu of the badge. This disclosure describes techniques to securely transfer credentials from a first device (e.g., badge) to a second device (e.g., phone) such that only one device with valid credentials exists at any time. Per the techniques, the two devices perform a cryptographic transfer to move credentials, and the credentials on the first device are destroyed. In this manner, only one credential at a time can be authenticated for the user. The techniques can operate offline, e.g., with neither device having internet access; it is just the two devices that need communicate with each other.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Mercer, David; Paik, Steve; and Hewit, Ross, "Transferring Credentials Between Devices", Technical Disclosure Commons, (August 30, 2021)