EP2758922A4 - Securing transactions against cyberattacks - Google Patents

Securing transactions against cyberattacks

Info

Publication number
EP2758922A4
EP2758922A4 EP12832873.9A EP12832873A EP2758922A4 EP 2758922 A4 EP2758922 A4 EP 2758922A4 EP 12832873 A EP12832873 A EP 12832873A EP 2758922 A4 EP2758922 A4 EP 2758922A4
Authority
EP
European Patent Office
Prior art keywords
transactions against
securing transactions
against cyberattacks
cyberattacks
securing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP12832873.9A
Other languages
German (de)
French (fr)
Other versions
EP2758922A2 (en
Inventor
Michael Stephen Fiske
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Biogy Inc
Original Assignee
Biogy Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/541,733 external-priority patent/US9858401B2/en
Application filed by Biogy Inc filed Critical Biogy Inc
Publication of EP2758922A2 publication Critical patent/EP2758922A2/en
Publication of EP2758922A4 publication Critical patent/EP2758922A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
EP12832873.9A 2011-09-25 2012-09-23 Securing transactions against cyberattacks Withdrawn EP2758922A4 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201161626485P 2011-09-25 2011-09-25
US201261659376P 2012-06-13 2012-06-13
US13/541,733 US9858401B2 (en) 2011-08-09 2012-07-04 Securing transactions against cyberattacks
PCT/US2012/056786 WO2013044192A2 (en) 2011-09-25 2012-09-23 Securing transactions against cyberattacks

Publications (2)

Publication Number Publication Date
EP2758922A2 EP2758922A2 (en) 2014-07-30
EP2758922A4 true EP2758922A4 (en) 2015-06-24

Family

ID=47915111

Family Applications (1)

Application Number Title Priority Date Filing Date
EP12832873.9A Withdrawn EP2758922A4 (en) 2011-09-25 2012-09-23 Securing transactions against cyberattacks

Country Status (2)

Country Link
EP (1) EP2758922A4 (en)
WO (1) WO2013044192A2 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10268843B2 (en) 2011-12-06 2019-04-23 AEMEA Inc. Non-deterministic secure active element machine
US9858401B2 (en) 2011-08-09 2018-01-02 Biogy, Inc. Securing transactions against cyberattacks
US9235697B2 (en) 2012-03-05 2016-01-12 Biogy, Inc. One-time passcodes with asymmetric keys
US9049226B1 (en) * 2013-03-12 2015-06-02 Emc Corporation Defending against a cyber attack via asset overlay mapping
DE102013006549A1 (en) * 2013-04-08 2014-10-09 Fiducia It Ag Method and system for cashless payment or cash withdrawal with a mobile customer terminal
US11823190B2 (en) * 2013-12-09 2023-11-21 Mastercard International Incorporated Systems, apparatus and methods for improved authentication
CN107306183B (en) * 2016-04-22 2021-12-21 索尼公司 Client, server, method and identity verification system
WO2018003919A1 (en) * 2016-06-29 2018-01-04 株式会社プロスパークリエイティブ Communications system, communications device used in same, management device, and information terminal
US20190327092A1 (en) * 2018-04-23 2019-10-24 Avago Technologies General Ip (Singapore) Pte. Ltd. Methods and systems for secure biometric authentication
GB2585010B (en) * 2019-06-24 2022-07-13 Blockstar Developments Ltd Cryptocurrency key management
CN113221128B (en) * 2020-01-21 2022-11-08 中国移动通信集团山东有限公司 Account and password storage method and registration management system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020046189A1 (en) * 2000-10-12 2002-04-18 Hitachi, Ltd. Payment processing method and system
US20090063850A1 (en) * 2007-08-29 2009-03-05 Sharwan Kumar Joram Multiple factor user authentication system
WO2010057204A1 (en) * 2008-11-17 2010-05-20 Entrust, Inc. User authentication using alternative communication channels

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL1030558C2 (en) * 2005-11-30 2007-05-31 Sdu Identification Bv Authorization document issuing device for e.g. passport issuance, has computer that communicates with clerk unit in the form of secure session that makes use of cryptographic key stored in secure application module of clerk unit
KR100645401B1 (en) * 2006-05-01 2006-11-15 주식회사 미래테크놀로지 Time sync type otp generation device in mobile phone and generation method
KR20100136269A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for managing otp with biometrics and recording medium
KR20110039947A (en) * 2009-10-13 2011-04-20 주식회사 아레오네트웍스 System and method for on-line wireless settlement and program recording medium
US20110231315A1 (en) * 2010-03-16 2011-09-22 Infosys Technologies Limited Method and system for making secure payments

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020046189A1 (en) * 2000-10-12 2002-04-18 Hitachi, Ltd. Payment processing method and system
US20090063850A1 (en) * 2007-08-29 2009-03-05 Sharwan Kumar Joram Multiple factor user authentication system
WO2010057204A1 (en) * 2008-11-17 2010-05-20 Entrust, Inc. User authentication using alternative communication channels

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2013044192A2 *

Also Published As

Publication number Publication date
WO2013044192A2 (en) 2013-03-28
EP2758922A2 (en) 2014-07-30
WO2013044192A3 (en) 2013-05-30

Similar Documents

Publication Publication Date Title
DK3424953T3 (en) Terapeutiske antistoffer
EP2755962A4 (en) Azaindazoles
EP2715659A4 (en) Überfeed
EP2754063A4 (en) Smb2 scaleout
EP2758922A4 (en) Securing transactions against cyberattacks
EP2723631A4 (en) Quadfolier
EP2724310A4 (en) Paying non-settlement transactions
AP2014007621A0 (en) 2-Thiopyrimidinones
EP2761524A4 (en) Secure display for secure transactions
EP2695208A4 (en) Micro-thermocouple
ZA201304139B (en) Combination
PL2606715T3 (en) Baler-wrapper combination
EP2679138A4 (en) Endsoscope
EP2721766A4 (en) Secure financial transactions
EP2708561A4 (en) Bio-pin
DK2770906T3 (en) Applanationstonometer
EP2684382A4 (en) Earpuff
EP2698098A4 (en) Campimeter
EP2694655A4 (en) pAVEC
EP2672969A4 (en) Combination
EP2702929A4 (en) Campimeter
GB201109024D0 (en) Can
ZA201300348B (en) Transaction authentication
AU4540P (en) BUNNAN Baloskion tetraphyllum
AU5171P (en) Sunparamiho Mandevilla xamabilis

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20140327

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20150521

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/57 20130101ALI20150515BHEP

Ipc: G06Q 20/40 20120101ALI20150515BHEP

Ipc: G06Q 20/38 20120101ALI20150515BHEP

Ipc: H04L 29/06 20060101ALI20150515BHEP

Ipc: H04L 9/32 20060101AFI20150515BHEP

Ipc: G06F 21/32 20130101ALI20150515BHEP

Ipc: G06Q 40/02 20120101ALI20150515BHEP

17Q First examination report despatched

Effective date: 20181204

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20200605

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20201016