CA2193819A1 - User authentication method and apparatus - Google Patents
User authentication method and apparatusInfo
- Publication number
- CA2193819A1 CA2193819A1 CA002193819A CA2193819A CA2193819A1 CA 2193819 A1 CA2193819 A1 CA 2193819A1 CA 002193819 A CA002193819 A CA 002193819A CA 2193819 A CA2193819 A CA 2193819A CA 2193819 A1 CA2193819 A1 CA 2193819A1
- Authority
- CA
- Canada
- Prior art keywords
- response code
- service
- user
- user authentication
- authentication method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0866—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Finance (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Authorization for a user to use a service is provided by a modified pager which calculates a unique response code to a transmitted challenge code based on the challenge code, an input personal identification number, and an internal key.
The response code is input to a simple terminal, such as a telephone and if the unique response code is acceptable, the user may access the desired service, such as cashless transactions or long distance phone service.
The response code is input to a simple terminal, such as a telephone and if the unique response code is acceptable, the user may access the desired service, such as cashless transactions or long distance phone service.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/264,939 | 1994-06-24 | ||
US08/264,939 US5668876A (en) | 1994-06-24 | 1994-06-24 | User authentication method and apparatus |
PCT/SE1995/000719 WO1996000485A2 (en) | 1994-06-24 | 1995-06-14 | User authentication method and apparatus |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2193819A1 true CA2193819A1 (en) | 1996-01-04 |
CA2193819C CA2193819C (en) | 2006-09-12 |
Family
ID=36999255
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002193819A Expired - Lifetime CA2193819C (en) | 1994-06-24 | 1995-06-14 | User authentication method and apparatus |
Country Status (1)
Country | Link |
---|---|
CA (1) | CA2193819C (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004089029A1 (en) | 2003-04-02 | 2004-10-14 | Sk Telecom Co., Ltd | Method and apparatus for user authentication using infrared communication of a mobile terminal |
WO2007068099A1 (en) * | 2005-12-12 | 2007-06-21 | Entrust Limited | Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data |
US8060915B2 (en) | 2003-12-30 | 2011-11-15 | Entrust, Inc. | Method and apparatus for providing electronic message authentication |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AUPQ556600A0 (en) * | 2000-02-14 | 2000-03-02 | Ong, Yong Kin (Michael) | Electronic funds transfers-zipfund |
US9191215B2 (en) | 2003-12-30 | 2015-11-17 | Entrust, Inc. | Method and apparatus for providing authentication using policy-controlled authentication articles and techniques |
US9281945B2 (en) | 2003-12-30 | 2016-03-08 | Entrust, Inc. | Offline methods for authentication in a client/server authentication system |
US8230486B2 (en) | 2003-12-30 | 2012-07-24 | Entrust, Inc. | Method and apparatus for providing mutual authentication between a sending unit and a recipient |
US8612757B2 (en) | 2003-12-30 | 2013-12-17 | Entrust, Inc. | Method and apparatus for securely providing identification information using translucent identification member |
-
1995
- 1995-06-14 CA CA002193819A patent/CA2193819C/en not_active Expired - Lifetime
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004089029A1 (en) | 2003-04-02 | 2004-10-14 | Sk Telecom Co., Ltd | Method and apparatus for user authentication using infrared communication of a mobile terminal |
US8060915B2 (en) | 2003-12-30 | 2011-11-15 | Entrust, Inc. | Method and apparatus for providing electronic message authentication |
US8966579B2 (en) | 2003-12-30 | 2015-02-24 | Entrust, Inc. | Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data |
WO2007068099A1 (en) * | 2005-12-12 | 2007-06-21 | Entrust Limited | Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data |
Also Published As
Publication number | Publication date |
---|---|
CA2193819C (en) | 2006-09-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO1996000485A3 (en) | User authentication method and apparatus | |
MX9606515A (en) | User authentication method and apparatus. | |
EP0817518A3 (en) | Method for controlled access to a secured system | |
SG60121A1 (en) | Portable point-of-sale terminal with device for inputting security code access key | |
CA2197676A1 (en) | User Authentication in a Communications Network | |
CA2239550A1 (en) | Methods and apparatus for locking communications devices | |
WO2002054663A3 (en) | Local authentication in a communication system | |
EP1291803A4 (en) | Method for attaching authentication bar code, authentication method, apparatus for attaching authentication bar code, authentication apparatus and portable terminal | |
GB2375637B (en) | Method of conducting transactions and a method of access over a network | |
WO1998011750A3 (en) | Method of using fingerprints to authenticate wireless communications | |
WO1996005702A3 (en) | Method and apparatus for authentication in a communication system | |
AU2186095A (en) | Biometric, personal authentication system | |
CA2190045A1 (en) | Customer activation system for cellular network | |
EP1213882A3 (en) | Method, system and device for granting access to a service | |
WO1999036889A3 (en) | Transaction system | |
EP1335295A4 (en) | Authentication system, authentication agent apparatus, and terminal | |
AU4769697A (en) | Method, system and devices for authenticating persons | |
HK1066373A1 (en) | Local authentication in a communication system | |
EP0604911A3 (en) | Authentication and communication terminal and communication processing unit using the method. | |
WO2003038580A3 (en) | Enhanced privacy protection in identification in a data communications network | |
CA2221665A1 (en) | Method of mutual authentication for secure wireless service provision | |
CA2404551A1 (en) | Subscriber authentication | |
CA2193819A1 (en) | User authentication method and apparatus | |
CA2227144A1 (en) | Method for adaptively switching between pcs authentication schemes | |
CA2412148A1 (en) | Authentication system, mobile terminal, and authentication method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20150615 |