US Pat. No. 9,619,637

METHOD AND APPARATUS FOR SECURE CREDENTIAL ENTRY WITHOUT PHYSICAL ENTRY

Kingston Digital, Inc., ...

1. A peripheral memory storage device comprising:
a biometric transducer configured for entering a biometric sample;
a connector configured for coupling the peripheral memory storage device to an interface of a computer system for communication
therewith, the computer system automatically executing an operating system upon boot-up, wherein a driver is initiated to
allow communication between the peripheral memory storage device and the interface;

memory storing user authorization data for populating fields within a login screen for accessing the operating system; and
a processor configured for the peripheral memory storage device to intercept a command from the operating system indicating
readiness to accept input upon boot-up of the computer system;

the processor further configured for the peripheral memory storage device to automatically respond to the command upon boot-up
of the computer system by populating the fields after physical verification of the biometric sample;

wherein the fields are populated with the user authorization data extracted from the memory of the peripheral memory storage
device and provided to the computer system via the interface, the interface enabled by the operating system prior to display
of the login screen; and

wherein the fields are populated by the operating system in cooperation with the peripheral memory storage device.

US Pat. No. 9,430,250

BOOTABILITY WITH MULTIPLE LOGICAL UNIT NUMBERS

Kingston Digital, Inc., ...

1. A method including:
booting a computer system from a first logical disk on a flash memory device having a processor and multiple logical unit
numbers indicating multiple logical disks, said first logical disk being specified by a first logical unit number, wherein
said processor reports a single logical unit number to said computer system and said computer system is initially configured
to recognize only a single logical disk such that only said single logical unit number is visible to said computer system,
said first logical disk including first software instructions for a preboot environment;

said first software instructions configuring said processor to replace said first logical unit number with a second logical
unit number of the multiple logical unit numbers, said processor exchanging values for said first logical unit number and
said second logical unit number as directed by instructions in said flash memory device, said second logical unit number indicating
a second logical disk of the multiple logical disks on the flash memory device;

said first software instructions directing said computer system to reboot, wherein only said second logical unit number is
visible and said computer system reboots from said second logical disk indicated by said second logical unit number, said
second logical disk including second software instructions for an operating environment; and

said second software instructions configuring said computer system to add one or more additional logical unit numbers of the
multiple logical numbers, the additional logical unit numbers indicating additional logical disks available on the flash memory
device;

wherein said operating environment incorporates an interpolated device driver that configures said processor to expose said
additional logical unit numbers before other device drivers are loaded by said computer system, wherein the computer system
re-queries the flash memory device with respect to how many logical unit numbers are available and the flash memory device
responds that more than one logical unit number is available.

US Pat. No. 9,454,387

METHOD AND SYSTEM FOR INSTALLING PORTABLE EXECUTABLE APPLICATIONS

Kingston Digital, Inc., ...

1. A method comprising:
providing an executable environment for application programs to be installed and executed with a peripheral storage device,
the executable environment configured for execution within an operating system environment of a host system;

providing an application for execution with the peripheral storage device, the application originally configured for fixed
system installation and execution within the operating system environment of the host system, other than being portable from
one such host system to another;

installing the application within the executable environment, wherein files and data analogous to system related files and
data of the application originally configured to be stored within the operating system environment of the host system are
stored within the peripheral storage device; and

executing the application within the executable environment, the executable environment intercepting a call made by the application
for the host system to perform a function, and further:

making an executable environment call to perform the function within the executable environment, if the intercepted call is
supported therein; and

making a system library call to the host system to perform the function, if the intercepted call is not supported by the executable
environment and the intercepted call is supported by the host system.

US Pat. No. 9,432,397

PREBOOT ENVIRONMENT WITH SYSTEM SECURITY CHECK

Kingston Digital, Inc., ...

1. A method, including:
booting a computer system into a secure preboot environment maintained at least in part in memory on a removable storage device
coupled thereto, wherein the secure preboot environment includes instructions directing a processor to perform integrity checks
against malware, the secure preboot environment configured to preventing unauthorized access to said instructions;

performing the integrity checks by executing the instructions on the processor, wherein the integrity checks include a system
file integrity check for a set of system files on the computer system and an anti-virus scan on a list of files obtained from
the system files that have passed the system file integrity check; and

upon completing the integrity checks, rebooting the computer system into a portable operating environment maintained at least
in part in the memory, wherein the portable operating environment includes operating system software for controlling the computer
system and for allowing execution of application program software maintained on the removable storage device.

US Pat. No. 9,622,278

DUAL-MODE WIRELESS NETWORKED DEVICE INTERFACE AND AUTOMATIC CONFIGURATION THEREOF

KINGSTON DIGITAL INC., F...

1. A wireless networked device comprising:
a central processing unit (CPU) executing instructions comprising a configuration function stored in a nonvolatile memory
(NVM);

a bus coupled to the CPU;
a memory/buffer coupled to the bus;
a peripheral bus interface coupled to the bus;
an upstream network module coupled to the bus:
a downstream network module coupled to the bus; and
the NVM coupled to the bus,
wherein the NVM stores the configuration function with multi-channel routing capability,
wherein the configuration function establishes a first network with a downstream portable device to enable the downstream
portable device coupled to the first network to utilize functions of the wireless networked device,

wherein the configuration function simultaneously couples to a second network with at least one access point to simultaneously
enable both a plurality of upstream portable devices coupled to the second network to utilize functions of the wireless networked
device and the downstream portable device to utilize functions of the at least one access point via the wireless networked
device,

wherein both a peer to peer IP wireless network and an access point (AP) wireless network are initially configured for the
wireless networked device using the downstream portable device and information of the peer to peer IP wireless network and
the AP wireless network as configured are stored in a database of the wireless network device.

US Pat. No. 9,544,142

DATA AUTHENTICATION USING PLURAL ELECTRONIC KEYS

Kingston Digital, Inc., ...

1. A system for data authentication using plural electronic keys, the system comprising:
memory storing N>1 cryptographic keys, each of the N>1 cryptographic keys being a private cryptographic key associated with
a sender of digital data;

a processor configured to digitally sign the data using the N>1 cryptographic keys and to transmit the digitally signed data
to a recipient system via a network;

wherein the processor receives from the recipient system an indication that a first of the cryptographic keys is compromised,
a second of the cryptographic keys being uncompromised, the processor further configured for:

generating a replacement key for the compromised cryptographic key;
encrypting the replacement key using the uncompromised cryptographic key;
transmitting the encrypted replacement key to the recipient system;
receiving from the recipient system a key replacement confirmation message digitally signed by the replacement key; and,
verifying a digital signature of the key replacement confirmation message based on the replacement key.

US Pat. No. 9,520,992

LOGICAL-TO-PHYSICAL ADDRESS TRANSLATION FOR A REMOVABLE DATA STORAGE DEVICE

Kingston Digital, Inc., ...

1. A portable storage device comprising:
memory configured to store encrypted data at physical memory addresses with different physical block numbers within the portable
storage device, the memory having a page organization wherein sector data are mapped to the physical memory addresses and
extra data are mapped adjacent the sector data;

a lookup table for mapping the physical memory addresses to logical memory addresses, the lookup table assigning different
decryption keys to different logical block address ranges corresponding to the different physical block numbers;

a processor coupled with the memory, the processor configured to decrypt the encrypted data based on the logical block address;
and

an interface coupled with the processor, the interface configured to receive the logical memory addresses and communicate
the decrypted data to a host device.

US Pat. No. 9,362,664

CONNECTING DEVICE AND ELECTRONIC DEVICE ASSEMBLY

Kingston Digital, Inc., ...

1. A connecting device, comprising:
a connector structure having a first housing, a plug connector, a plurality of first electrical contacts and a first magnetic-metal
set, wherein the first housing has a first surface on which the first electrical contacts are disposed, the first housing
is formed of magnetic metal to be used as the first magnetic-metal set, and the plug connector protrudes from the first housing
and is electrically connected to the first electrical contacts; and

a storage structure including a second housing, a data storage element within the second housing, a plurality of second electrical
contacts and a second magnetic-metal set, wherein the second housing has a second surface that faces the first surface, the
second electrical contacts and the second magnetic-metal set are disposed on the second surface, and the second electrical
contacts are electrically connected to the data storage element;

wherein the first and second magnetic-metal sets are attracted toward each other to join the first and second housings, and
thus the second electrical contacts make contact with the first electrical contacts respectively.

US Pat. No. 9,203,807

PRIVATE CLOUD SERVER AND CLIENT ARCHITECTURE WITHOUT UTILIZING A ROUTING SERVER

KINGSTON DIGITAL, INC., ...

1. A method comprising:
providing a private cloud server and a smart device client within a public cloud network, wherein the private cloud server
includes a first message box and the smart device client includes a second message box; and

utilizing an authentication process to setup a client server relationship between the private cloud server and the smart device
client, wherein the authentication process comprises:

creating, by the private cloud server, an authorized client list that includes an account name and unique public account information
corresponding to the second message box of the smart device client,

transmitting, by the private cloud server, a session based invitation to the second message box of the smart device client,
wherein the session based invitation includes the address of the first message box,

transmitting, by the smart device client, a session based access request to the first message box of the private cloud server,
wherein the session based access request includes the address of the second message box, a public IP address of the smart
device client, and a private IP address of the smart device client,

determining, by the private cloud server, whether the session based access request is valid,
in response to receiving a valid session based access request, registering, by the private cloud server, the address of the
second message box and both the public and the private IP address of the smart device client, and

transmitting, by the private cloud server, a session based acknowledgment to the second message box of the smart device client,
wherein the session based acknowledgment includes both a current public and a current private IP address of the private cloud
server; and

determining, by the smart device client, that the session based acknowledgment is valid;
in response to receiving a valid session based acknowledgement, binding, by the smart device client, the public IP address
and the private IP address of the private cloud server with the registered private IP address of the smart device client.

US Pat. No. 9,792,441

PORTABLE DESKTOP DEVICE AND METHOD OF HOST COMPUTER SYSTEM HARDWARE RECOGNITION AND CONFIGURATION

Kingston Digital, Inc., ...

1. A portable device comprising:
hardware for coupling to a host system connected to a number of hardware devices; and
memory storage comprising a portable operating system for execution on the host system;
wherein:
on a first boot the host system recognizes at least one of the hardware devices and configures at least one hardware configuration
file in the memory storage, in accordance with the at least one recognized hardware device;

on the first boot, the host system sets a flag indicating that the portable device has been configured;
the host system reboots to execute the portable operating system on a second boot, wherein hardware devices which meet a security
specification are enabled and hardware devices which fall below the security specification are disabled, based on the at least
one hardware configuration file; and

on the second boot, the host system resets the flag indicating that the portable device is other than configured.

US Pat. No. 9,781,087

PRIVATE AND SECURE COMMUNICATION ARCHITECTURE WITHOUT UTILIZING A PUBLIC CLOUD BASED ROUTING SERVER

KINGSTON DIGITAL, INC., ...

1. A smart device client, comprising:
a memory storing a program that in response to being executed by a processor, enables the smart device client to establish
a communication session as a host or guest by performing operations comprising:

locate a private cloud routing server program that enables the smart device client to:
retrieve a session based invitation from a smart device client message box,
send a session based access request to a private cloud routing server message box to register a public IP address and a private
IP address of the smart device client, wherein the session based access request includes the public IP address and the private
IP address of the smart device client,

retrieve a session based acknowledgement with a public IP address and a private IP address of a private cloud routing server
from the smart device client message box,

send an access request to the private cloud routing server,
wherein the public and private IP address of the private cloud routing server and the public and private IP address of the
smart device client are registered,

wherein an outgoing route remains open waiting for a response from the private cloud routing server, and
wherein an incoming public and private IP addresses of the private cloud routing server is bound with a registered outgoing
private IP address of the smart device client;

receive an incoming request from the private cloud routing server,
establish a secure peer-to-peer communication with the private cloud routing server, and
access private network service through the private cloud routing server;
locate the private cloud routing server;
join a virtual local area network (LAN) under the private cloud routing server;
access the private cloud routing server behind a firewall with a fixed or dynamic IP address, wherein the smart device client:
requires no outside or public cloud based routing server in a wide area network (WAN),
requires no additional router setup in the virtual LAN, and
establishes a secure peer-to-peer communication with the private cloud routing server; and
conduct a private and secure chat with at least another smart device client through the private cloud routing server, comprising:
in response to starting a communication session as a host:
create and host a chat room session,
invite a chat guest,
scan for a recognizable guest, and
start a private and secure chat as the host;
in response to not starting a communication session as a host:
receive a chat invitation and join a chat session as a guest,
scan for a recognizable host,
authenticate via a log-in authentication,
join a chat room session, and
start a private and secure chat as the guest.

US Pat. No. 9,729,684

UNIFIED RETRACTABLE CASING SYSTEM FOR MOBILE DEVICES

Kingston Digital, Inc., ...

1. A casing system for a mobile device comprising:
an upper cover, comprising:
an outer upper cover, and
an inner upper cover;
a lower cover; and
a hinge mechanism providing for axial movement and radial movement of the upper cover in relation to the lower cover, the
hinge mechanism including:

a first assembly configured for an interior portion of the upper cover, the first assembly comprising:
a slider hinge, and
a plurality of guide rails configured on the outer upper cover, and
a second assembly configured on a first edge of the lower cover, the second assembly comprising:
a hinge joint being dimensionally configured to be in mechanical communication with the slider hinge and to receive a locking
bar,

wherein the first assembly and the second assembly are dimensionally arranged for the second assembly to be received by the
first assembly and secured with the locking bar.

US Pat. No. 9,702,903

CONNECTOR AND ELECTRONIC DEVICE

Kingston Digital, Inc., ...

1. A connector for connecting a testing apparatus and an electronic component, the connector comprising:
a substrate comprising a first surface, a second surface being opposite to the first surface, a plurality of first recesses
disposed on the first surface and a plurality of second recesses disposed on the second surface;

a plurality of first conductive resilient sheets disposed on the first surface, and
a plurality of second conductive resilient sheets disposed on the second surface and electrically connected with the first
conductive resilient sheets

wherein each of the first conductive resilient sheets includes an end portion sunk into one of the first recesses, and each
of the second conductive resilient sheets includes an end portion sunk into one of the second recesses;

wherein each of the first conductive resilient sheets has a receiving recess which has a circular or elliptical outline, and
the receiving recesses are disposed on the end portions of the first conductive resilient sheets respectively.

US Pat. No. 10,021,180

UNIVERSAL ENVIRONMENT EXTENDER

Kingston Digital, Inc., ...

1. A universal environment extender (UEE) system, comprising:a smart device comprising a memory and a processor coupled to the memory; and
a main control utility application running on the smart device, the main control utility application including computer-executable instructions stored in the memory of the smart device, wherein when the main control utility application is executed, the smart device operates as a UEE receiver to:
receive content location information from another smart device operating as a UEE transmitter to build a reverse content explorer onto the another smart device,
explore content stored on the smart device and in the network domain accessible to the smart device,
receive content selection from the another smart device,
pull at least a portion of the selected content to be streamed directly from the content location without utilizing resources dedicated to the transmitter,
decrypt the source content,
determine if the source content is playable on the receiver, and
play the source content,
wherein the main control utility application utilizes a virtual user interface (UI) driver to communicate with a non-native operating system of the another smart device.

US Pat. No. 9,935,930

PRIVATE AND SECURE COMMUNICATION ARCHITECTURE WITHOUT UTILIZING A PUBLIC CLOUD BASED ROUTING SERVER

Kingston Digital, Inc., ...

1. A method for setting up communications between a first smart device client and a second smart device client by a private cloud routing server (PCRS), comprising:utilizing, by the PCRS located on a public cloud network, an authentication process to setup a relationship between the PCRS and the first and second smart device client, respectively, wherein the authentication process comprises:
sending, by the PCRS, a first session based message from a message box of the PCRS to a message box of a first smart device client located on the public cloud network, wherein the first session based message includes an address of the message box of the PCRS,
receiving, by the PCRS from the first smart device client, a first session based access request in the message box of the PCRS, wherein the first session based access request includes an address of the message box of the first smart device client, a public IP address of the first smart device client, and a private IP address of the first smart device client,
determining, by the PCRS, that the first session based access request is valid and registering the address of the message box of the first smart device client and both the public and the private IP address of the first smart device client, and transmitting, by the PCRS, a session based acknowledgment to the message box of the first smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS;
in response to a determination by the first smart device client that the session based acknowledgment is valid, binding a public IP address and a private IP address of the PCRS with a registered private IP address of the first smart device client,
wherein the first smart device client connects with the PCRS by at least one connection of:
in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the first smart device client, the first smart device client directly connects to the PCRS using the private IP address of the PCRS, and
in response to the private IP address of the PCRS not being in the same first LAN as the first smart device client, the first smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS,
wherein the first smart device client and the PCRS communicate with each other after the first session based message is authenticated, and
wherein a private network service is then accessible by the first smart device client through the public cloud network based upon the authenticated first session based message;
sending, by the PCRS, a second session based message from the message box of the PCRS to a message box of the second smart client located on the public cloud network, wherein the second session based message includes the address of the message box of the PCRS;
receiving, by the PCRS from the second smart device client, a second session based access request in the message box of the PCRS, wherein the second session based access request includes an address of the message box of the second smart device client, a public IP address of the second smart device client, and a private IP address of the second smart device client;
determining, by the PCRS, that the second session based access request is valid and registering the address of the message box of the second smart device client and both the public and the private IP address of the second smart device client;
transmitting, by the PCRS, a session based acknowledgment to the message box of the second smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; and
in response to a determination by the second smart device client that the second session based acknowledgment is valid, binding the public IP address and the private IP address of the PCRS with a registered private IP address of the second smart device client,
wherein the second smart device client connects with the PCRS by at least one connection of:
in response to the private IP address of the PCRS being in a same second LAN as the second smart device client, the second smart device client directly connects to the PCRS using the private IP address of the PCRS, and
in response to the private IP address of the PCRS not being in the same second LAN as the second smart device client, the second smart device client connects through the first WAN to the public cloud network using the public IP address of the PCRS,
wherein the first smart device client and the second smart device client communicate with the PCRS after the first and second session based messages are authenticated, and
wherein the first smart device client and the second smart device client communicate with each other through the public cloud network.

US Pat. No. 9,916,444

RECOVERING FROM UNEXPECTED FLASH DRIVE REMOVAL

Kingston Digital, Inc., ...

1. A removable memory device configured for coupling to a computer, the removable memory device comprising:
memory configured for storing security information; and
a processor configured for comparing the security information to information provided by the computer, wherein the computer
is authorized to access the memory device to execute an operating environment calling a driver configured for:

recognizing that the memory device has been disconnected from the computer;
in response to recognizing that the memory device has been disconnected from the computer:
defining a termination condition as a trigger value of a removal timer; and
while the termination condition has not occurred:
intercepting read and write requests from the computer to the memory device,
caching the requests, and
presenting to other elements of the computer that the memory device is operational;
determining that the memory device has been reconnected to the computer before the termination condition has occurred;
intercepting a security protocol which the memory device attempts to conduct with the computer;
performing the security protocol in conjunction with the memory device, using the security information; and
transferring the cached requests to the memory device, wherein the computer continues to perform within the operating environment
and the memory device performs operations requested by the computer while the memory device was disconnected.

US Pat. No. 10,251,293

SMART USB MODULES AND METHOD OF MAKING

Kingston Digital, Inc., ...

1. A USB module, comprising:a printed circuit board;
a central processing unit (CPU) coupled to the printed circuit board;
a wireless device coupled to the CPU, via a bus;
a memory buffer coupled to the bus;
a USB connector coupled to the CPU; and
a USB receptacle connector coupled to the CPU, the USB receptacle connector coupling with a client USB drive to form a smart USB device that functions as both a client USB drive and a smart USB device,
wherein the wireless device establishes a wireless connection between the smart USB device and a portable device,
wherein the smart USB device functions as a smart USB device as the wireless device utilizes any of IEEE802.11, Wi-Fi, mobile broadband, and Bluetooth to establish the wireless connection between the smart USB device and the portable device, and
wherein the memory buffer is accessible to the portable device that is wirelessly connected to the smart USB device to access data stored on the memory buffer.

US Pat. No. 10,069,234

PORTABLE DATA TRANSMITTING DEVICE

Kingston Digital, Inc., ...

1. A portable data transmitting device, comprising:a storage portion, which comprises a fixed housing and a first plug connector, wherein the fixed housing includes a first side and a second side disposed oppositely, and the first plug connector is disposed on the first side; and
a movable portion, which comprises a rotatable housing, a slidable housing and a second plug connector, wherein the rotatable housing is rotatably disposed on the second side of the fixed housing, the slidable housing is slidably disposed on the rotatable housing and includes a first side facing the same direction as the first side of the fixed housing, and the second plug connector is disposed on the first side of the slidable housing;
wherein, the slidable housing is slidable to extend or decrease an overall length of the movable portion to enable the fixed housing to abut on a mobile apparatus connected to the second plug connector.

US Pat. No. 10,237,253

PRIVATE CLOUD ROUTING SERVER, PRIVATE NETWORK SERVICE AND SMART DEVICE CLIENT ARCHITECTURE WITHOUT UTILIZING A PUBLIC CLOUD BASED ROUTING SERVER

Kingston Digital, Inc., ...

1. A method for use with a public cloud network that includes a private cloud routing server, a private router, a private network service, and a smart device client, the method comprising:processing an initial setup of a private cloud routing server and a smart device client in a client server relationship, wherein the private cloud routing server is associated with a server message box located on a public cloud network separate from the private cloud routing server, and wherein the smart device client is associated with a client message box located on the public cloud network separate from the smart device client, the initial setup including:
sending, by the private cloud routing server, a session based invitation to the client message box of the smart device client,
retrieving, by the smart device client, the session based invitation of the private cloud routing server from the client message box of the smart device client,
validating, by the smart device client, the session based invitation,
in response to validating the session based invitation, transmitting, by the smart device client, a session based access request that includes a public IP address and a private IP address of the smart device client to the server message box of the private cloud routing server,
retrieving, by the private cloud routing server, the session based access request of the smart device client from the server message box,
validating, by the private cloud routine server, the session based access request;
in response to the validating the session based access request, registering, by the private cloud routing server, the public IP address and the private IP address of the smart device client to allow access to the private cloud routing server by the smart device client,
sending, by the private cloud routing server, a session based acknowledgment with a public IP address and a private IP address of the private cloud routing server to the client message box of the smart device client, and
enabling the smart device client to securely access a private network service via the public cloud network after registration of the public and private IP address of the private cloud routing server; and
connecting the private cloud routing server and smart device client by at least one connection of:
in response to the private IP address of the private cloud routing server being in a same first Local Area Network (LAN) as the smart device client, the smart device client directly connects to the private cloud routing server using the private IP address of the private cloud routing server, and
in response to the private IP address of the private cloud routine server not being in the same first LAN as the smart device client, the smart device client connects through a first WAN to the public cloud network using the public IP address of the private cloud routine server.

US Pat. No. 10,197,621

TESTING DEVICE

Kingston Digital, Inc., ...

1. A testing device for testing a chip component to be tested, the testing device comprising:a system circuit board having a surface;
a first chip component, disposed on the surface of the system circuit board and electrically connected to the system circuit board;
a supporting structure, disposed on the surface and at least surrounding the first chip component;
a circuit board, fixed on the supporting structure and being separated from the first chip component, wherein the circuit board has a connector for electrically connecting to the chip component to be tested; and
an interposer, located between the circuit board and the first chip component, wherein the circuit board is electrically connected to the first chip component via the interposer.

US Pat. No. 10,303,868

SECURE USER AUTHENTICATION FOR BLUETOOTH ENABLED COMPUTER STORAGE DEVICES

Kingston Digital, Inc., ...

1. A system for secure user authentication comprising:a portable data storage device operably coupled with a host computing device, at least one of the portable data storage device or the host computing device being Bluetooth enabled, the portable data storage device comprising memory configured to store authentication information for access thereto, wherein the portable data storage device is a removable data storage device; and
a portable Bluetooth enabled authentication device operable in a non-discoverable mode and configured to provide the authentication information to the portable data storage device via the host computing device for access to data stored on the portable data storage device through the host computing device, wherein the secure user authentication is required prior to access to the data stored on the portable data storage device;
wherein access to the data stored on the portable data storage device is permitted via Bluetooth communication of the authentication information between the portable Bluetooth enabled authentication device and the at least one Bluetooth enabled portable data storage or host computing device, when the portable Bluetooth enabled authentication device is detected within a maximum Bluetooth range of the at least one Bluetooth enabled portable data storage or host computing device;
wherein the portable Bluetooth enabled authentication device is able to receive and respond to Bluetooth requests while non-discoverable, wherein the portable Bluetooth enabled authentication device operates in the non-discoverable mode such that the portable Bluetooth enabled authentication device is not identifiable to other Bluetooth enabled devices performing discovery functions; and
wherein the Bluetooth communication of the authentication information is performed with the portable Bluetooth enabled authentication device operating in the non-discoverable mode to establish the secure user authentication absent Bluetooth pairing between the portable Bluetooth enabled authentication device and the at least one Bluetooth enabled portable data storage or host computing device.