FR3003671A1 - METHOD FOR GENERATING A CODE FOR SECURING A TRANSACTION - Google Patents

Abstract

System for securing a transaction comprising: a remote server (SERV) enabling the generation of a first code to a control device (EQ1, EQ2) following receipt of a transaction request (2) comprising data authentication of a user (10); Said control equipment (EQ1, EQ2) comprising means for receiving said first code (C1) and display means for displaying a representation of said first code (C1); A receiving equipment (EQ1, EQ2) comprising: an optical detector for capturing the first code (C1); a computer for generating a digital sequence (SEQ) from the capture of the representation of said first code (C1) and; o a transmitter for generating the digital sequence (SEQ) generated to the remote server (SERV).

Description

FIELD OF THE INVENTION The field of the invention relates to methods for securing the authentication of a user wishing to perform a transaction, between a terminal and a remote server and to ensure that the authenticated user is the author of the transaction.

More particularly, the invention relates to the certification of an authentication comprising an exchange of data between a mobile terminal and a device from which a transaction to a server is initiated, said data exchange not allowing any intrusion by a third party.

STATE OF THE ART There are various solutions for securing and authenticating the author of a banking transaction from a PC connected to an Internet network. Today, during a bank payment, the author of payment indicates via a payment interface: his account number or card, and usually if it is a credit card: an expiry date and a cryptogram. The line can be secured, for example by the HTTPS protocol, however it does not prevent a theft of banking information and malicious use of this data. There are solutions to provide more information such as: name, first name, date of birth of the cardholder or other data to secure a transaction.

However, in the context of an attack on a secure line or not or an intrusion in the system of the user, the data can be pirated by a third party. There are also solutions in which, to validate the payment, a secret is transmitted from the user to the bank server, for example through a comparison of information known only to the bank data holder and the server remote. Generally, this security can only be assured if this information has been predefined during a step of defining a secret by the user. Nevertheless, this solution does not resist piracy of the equipment or the line on which the transaction is made. There is a secure solution that aims to send a code from a remote server receiving the transaction request to a phone or smartphone of the user wishing to complete his transaction. In this solution, the user copies a code on an interface of the equipment from which the transaction was initiated. This method offers a good solution for authenticating the user and for securing and authenticating the information transmitted in order to validate an online transaction. On the other hand, this solution finds a limit by a form of psychological brake encountered by a user having to copy a code too long when the latter is received on a telephone and that it must be copied on a transaction interface on his PC. As a result, the codes generally do not exceed 6 characters, in some cases they may be 8 characters long. Beyond, it is shown that the user can be dissuaded in the outcome of his transaction or strongly discouraged. A disadvantage resulting from this limitation is that securing is limited by the maximum allowable size of the transmitted code. Moreover, a code is complex and long, the more it makes it possible to benefit from a high security of the transmitted data. SUMMARY OF THE INVENTION The invention aims to overcome these disadvantages. A first object of the invention relates to a method of generating a code for securing a transaction which comprises: - an authentication of a user by the transmission of a first request from a first equipment to a remote server; - Generation of a first code by the remote server to a second device; a generation of a graphical representation of the first code on a display of the second equipment; an optical capture by the first equipment of the representation of the first code by the second equipment; - A generation of a second confirmation request by the first device to the remote server to authorize a transaction.

A second object of the invention relates to a method of generating a code for securing a transaction which comprises: - authentication of a user by sending a first request from a first device to a server remote; a generation of a first code by the remote server to a first device; a generation of a graphical representation of the first code on a display of the first equipment; an optical capture by the second equipment of the representation of the first code by the first equipment; - A generation of a second confirmation request by the second device to the remote server for authorizing a transaction.

Advantageously, the remote server compares the data of the first request and the second request so as to authorize or not a transaction. Advantageously, the optical capture is performed by means of an optical detector and by means of a computer making it possible to perform an optical recognition of the representation of the first code for the generation of a corresponding digital sequence. According to the embodiments, the graphic representation of the first code is a 2D code which can be for example a Flashcode, a QR code, a bar code or a CAPTCHA.

One advantage of using patterns is to allow complex and longer codes to be defined than codes that need to be copied manually. These allow better resistance to hacking attempts algorithms to generate these codes.

Advantageously, the generated sequence is transmitted via a first secure wireless link. This connection can be for example an HTTPS connection. Advantageously, the first code is a shared secret between the remote server and the first or the second device, a code being generated from the shared secret. Another object of the invention relates to a system for securing a transaction comprising: a remote server enabling the generation of a first code to a control device following the reception of a transaction request comprising authentication data; a user; said control equipment comprising means for receiving said first code and display means for displaying a representation of said first code; receiving equipment comprising: an optical detector enabling the first code to be captured; a calculator for generating a digital sequence from the capture of the representation of said first code and; o An issuer for generating the digital sequence generated to the remote server.

Advantageously, according to a first embodiment, the control equipment is a PC and the receiving equipment is a Smartphone, the optical detector being an integrated optics of the smartphone.

Advantageously, according to a second embodiment, the control equipment is a smartphone and the receiving equipment is a PC, the optical detector being a camera integrated in the PC.

Another object of the invention relates to an application for a smartphone. It comprises: - a configuration interface for determining a predetermined type of graphic representation from a set comprising at least two types of representations; a set of methods making it possible to generate a graphical representation for each type as a function of a received digital code, the graphical representation comprising, by a steganography method, at least one piece of information making it possible to retrieve the digital code received. The Smartphone App is a computer program used in conjunction with a calculator and Smartphone memory. In addition, the computer program defined by the application can be configured using a configuration interface.

Advantageously, at least one first representation is a QR code and a second representation is a CAPTCHA. One advantage of such an application is that it makes it possible to change the graphical representation of the code and thus to be compatible with a large number of devices. When the equipment is a third-party equipment or a payment terminal, the graphic representation can be adapted according to the software of the equipment that makes it possible to decode the code. In addition, this solution makes it possible to update applications of a Smartphone and to implement new motives. BRIEF DESCRIPTION OF THE FIGURES Other characteristics and advantages of the invention will emerge on reading the detailed description which follows, with reference to the appended figures, which illustrate: FIG. 1: the main elements used in a first embodiment embodiment of the invention; Figure 2: the main elements implemented in a second embodiment of the invention. DESCRIPTION In the remainder of the description, a graphical representation of a C code is denoted R (C), it is also called a pattern. Also called in the system of the invention, a control equipment, the equipment that allows at least to generate and display a graphical representation of a code from the receipt of a code. For example, the control equipment may be according to the embodiments of a PC or a smartphone. Figure 1 shows a first embodiment of the method of the invention. A user 10 wishing for example to make a purchase on the internet authenticates by means of a WEB application to a bank server. The authentication 1 comprises the definition of parameters known to the user 10. It may be a login and a password or it may be a credit card number and additional information such as the validity date and the name / first name on the card.

The data entered during the authentication is transmitted by means of a device, denoted first equipment EQ1 in FIG. 1. In this embodiment the equipment EQ1 is a PC equipped with an image capture means such as 'a camera. It may also include a tablet or a merchant terminal. The equipment EQ1 is connected to a first network, denoted N1 in FIG. 1. The network N1 is for example the internet network and the connection L1 of the equipment EQ1 to the network N1 can be established by an Ethernet connection or a connection without WiFi type wire for example. The equipment EQ1 sends a request 2 comprising the authentication data. These can be transmitted at the time of a secure purchase on the internet by the user 10. A remote server SERV is also connected to the network N1. In the example of FIG. 1, the remote server SERV may be a bank server intended to authenticate transmitted bank details and to certify a payment by the holder of the bank account whose details have been transmitted in the request 2. When the request 2 is sent, an EQ1 equipment web browser plugin can also start the image capture means so as to activate it. A user interface can be used to display the image capture to the user and propose if necessary to perform a validation of the acquired image or a second capture if a first was insufficient. The interface may be, for example, a pop-up window that is displayed for a limited time. In the latter case, the equipment EQ1 launches a timer from the transmission of the request 2. Beyond a time limit, if no code is detected by the image capture means, the window disappears to return to a neutral state, that is, as if the user had not initialized a transaction.

Upon receipt of the request 2, the remote server SERV is capable of interrogating a database and of retrieving so-called "telephone" data intended to associate a telephone or a smartphone with at least one authentication data transmitted by the server. EQ1 equipment. The telephone or the smartphone of the user 10 is represented in FIG. 1 by the equipment EQ2. The remote server SERV sends a request 3 to the equipment EQ2 through the network N2 which may be a GSM network. It is assumed that the user 10 is in possession of the equipment EQ2 which is therefore close to the equipment EQ1. In the example of FIG. 1, the remote server SERV is connected to the network N1 internet. A router or gateway (Gateway) 11 makes it possible to connect the network N1 to the network N2. The purpose of the request 3 is to initiate a certification procedure for user authentication 10.

According to different embodiments, the request 3 may comprise a first code C1 or a shared secret between the remote server SERV and the equipment EQ2. When it comes to a shared secret, it allows the generation of a Cl code a posteriori, that is to say generate following the receipt of the secret by the equipment EQ2 and data contained in the said EQ2 equipment.

The request 3 therefore borrows for a part of the network N2 a wireless link L2 to reach the antenna of the Smartphone. The information transmitted to the equipment EQ2 can be transmitted over a 3G or 4G connection for example in the form of an SMS or an MMS. The wireless connection L2 can also be a Wi-Fi connection, in which case the request 3 can therefore be encapsulated in an IP frame. In a simplified embodiment of the invention, upon receipt of the first code C1 or following its construction when a secret is received, the smartphone EQ2 generates a graphical representation R (C1) comprising at least one arrangement of symbols representing a coding of the first code C1. In other words, the graphic representation R (C1) is perceived as a pattern comprising a certain arrangement of symbols making it possible to form a steganographic representation of the first code C1. According to the variant embodiments, other information can be coded in the reason, such as Smartphone identity, configuration or parameterization data or useful data. The pattern may also include server data such as its IP address, port, or other data for identifying the remote server SERV. In addition, these latter data can also be included in the first code C1 and will therefore naturally be written in the pattern that is generated from the first code C1. In the example of FIG. 1, a 2D code type pattern. such as a QR code is generated. The generated 2D code is a graphical representation of the first code C1. According to other embodiments of the invention, the pattern may be a simple sequence of characters representing the first code C1 or it may be a CAPTCHA or a bar code. The graphical representation of the first code Cl is displayed on a screen of the Smartphone EQ2. In this case the control equipment is the Smartphone. According to the method of the invention, the user 10 positions the smartphone EQ2 opposite an image capture means connected to the equipment EQ1. The image capture means may be for example a webcam integrated or remote from a PC. The user must take care to respect two data specific to the positioning of the screen of his Smartphone vis-à-vis the means of image capture: - A maximum distance beyond which the detection of the pattern displayed on the screen. EQ1 equipment is no longer recognized by equipment EQ1 and; a maximum angle of difference between the image plane of the capture means and the plane comprising the screen of the smartphone. These positioning constraints remain valid for the second and third embodiments of the invention. The capture means captures the R (C1) pattern displayed on the EQ2 Smartphone. The capture may be, for example, a photograph taken by a webcam. The photograph can be triggered automatically when the Smartphone is detected in front of the capture means and when the pattern is displayed in a time interval triggered with the issuance of the request 2.

The PC, denoted EQ1 in FIG. 1, comprises a calculator making it possible to decode the pattern R (C1) and to generate the first code C1 contained in the pattern R (C1). The decrypted code of the pattern is a digital sequence denoted SEQ. If the pattern is a sequence of characters, the graphic representation of the code C1 does not require generating a complex pattern. In this case the decoding of the pattern consists of an optical character recognition operation. This variant represents a particularly advantageous implementation of the invention because it does not require shape detection means or intelligence such as an algorithm to implement specifically. Character recognition therefore allows a simpler solution to develop in the context of the system of the invention. A software loaded in the equipment EQ1 makes it possible to execute such an operation from a photo recovered from a webcam. An output format can be set so that the webcam delivers an exploitable image by a given type of OCR software from the PC. -10 It is also possible to implement a shape recognition of the pattern displayed by the display of the equipment EQ1. The recognition of form can have two objectives that can be targeted independently of one another: - A first objective is to identify a capture mark of the pattern in which the pattern will be scanned. Indeed, when the user 10 positions the Smartphone in front of the image capture means of the equipment EQ2, an orientation shift can take place considering that the plane of the display and the image plane are parallel. In addition, image correction algorithms can be applied when the offset is intended to overcome a deformation of the shape in a perspective induced by an offset of the image plane and the plane of the display. - A second objective is to enter information in the form of the motif. When the pattern is complex, two levels of information can be coded: the shape of the pattern, that is to say its outline and the pattern itself, that is to say the arrangement of symbols that the up.

An advantage of this solution is that the channel 4 which is defined between the Smartphone and the PC is inviolable in the sense that it tolerates no intrusion and no capture of the information by a third party. Channel 4 is a wireless channel, without data transmission that is unidirectional and whose information is acquired almost instantaneously by image capture. Another advantage is that typing errors are avoided. Indeed, when the user receives a code on his Smartphone, it is no longer necessary to re-enter it on the PC at the time of validation.

An advantage that is a consequence of this last mentioned advantage is that the codes can be defined by character strings exceeding the 6 or 8 characters conventionally used. Indeed, from the analysis of the solutions of the prior art, it resulted that the codes were preferentially limited in size. This limitation made it possible not to deter a user potential during a secure authentication with a code too long to re-enter. A length of string greater than 8 could slow a user to re-enter the string, which could eventually lead to abandoning the purchase. The solution of the invention is therefore compatible with a high degree of security by issuing a code with a large number of characters while avoiding typing errors when copying the code by the user. . In addition, it allows user comfort by simply handling the smartphone in front of the camera. The equipment EQ1, that is to say the PC in the example of Figure 1 acquires the image of the pattern and includes a computer for processing the image to derive the first code Cl contained in the captured pattern. For example, the image processing can be performed by digitizing the image and applying a decoding algorithm that can correspond to the inverse of the coding algorithm used for example in the equipment EQ2. When the pattern corresponds to the displayed characters of the code, optical character recognition, called OCR, is sufficient to decode the pattern. The equipment EQ1 is able to deduce the first code C1, except decoding error by the generation of a digital sequence SEQ.

The pattern may include in alternative embodiments redundancy of information or data for applying an error correction code when analyzing the captured image. It is then able to communicate to the remote server SERV the first code Cl or a shared secret deduced from the code Cl deduced from the pattern. The transmission is performed by a request 5 through the network N1 internet. The remote server SERV is able to recover the first code C1 deduced from the decoding of the image captured by the equipment EQ1 and to compare it with the first code Cl transmitted.

When the two codes C1 issued and C1 received are identical, then the transaction desired by the first user 10 can be authorized. Figure 2 shows a second embodiment of the method of the invention. A user 10 still wishing, for example, to make a purchase on the internet authenticates by means of a WEB application to a banking server. The first steps of authentication 1 are identical to the method defined in FIG.

The data entered during the authentication is transmitted by means of a device, denoted first equipment EQ1 in FIG. 2. In this embodiment the equipment EQ1 can always be a PC which comprises a display such as a screen. It may also include a tablet or a merchant terminal. The equipment EQ1 is connected to the first network N1 defined previously. The network N1 is for example the internet network and the connection Ll of the equipment EQ1 to the network N1 can be established by an Ethernet connection or a WiFi type wireless connection for example.

The equipment EQ1 sends a request 2 comprising the authentication data. These can be transmitted at the time of a secure purchase on the internet by the user 10. A remote server SERV is also connected to the network N1.

In the example of FIG. 2, the remote server SERV may be, as in the example of FIG. 1, a bank server intended to authenticate transmitted bank details and to certify a payment by the holder of the bank account whose details were transmitted in the request 2.

In this second embodiment, the remote server SERV sends directly in a request 3 'a first code C1 to the equipment EQ1 which is always a PC in the example of FIG. 2. It may also be a shared secret so as to reconstruct a first code Cl from the latter and data contained in the PC. In the same way as in the first mode, the computer of the equipment EQ1, that is to say of the PC, is capable of generating a graphic representation of the first code C1, which is also called in this embodiment R (C1) pattern. It can be any type of graphic pattern from the moment it contains information making it possible to deduce the first code C1, for example according to a particular arrangement of symbols. In this embodiment, the control equipment is PC EQ1.

The user, having noted the receipt of the first code by displaying the pattern generated from the latter, he is able to position his smartphone EQ2 in front of the display of the equipment EQ1. One advantage is that a large number of Smartphone market includes a means of capturing images such as a camera or video.

Thus the smartphone EQ2 is able to capture via a channel 4 ', the image displayed by the display of the equipment EQ1, that is to say the PC, which includes the pattern generated from the first code C1. In this embodiment, the Smartphone EQ2 includes a calculator and an application that can be initialized automatically on reading the image or initialized by the user. This last application makes it possible to decode the pattern, especially in the cases where the pattern is a CAPTCHA, a bar code, a 2D code (Flashcode or QR code) or an alphanumeric code which comprises a sequence of digits.

When the first code C1 is reconstituted by an algorithm of the equipment EQ2, the equipment EQ2 can send a request 5 'on the wireless link L2 connecting it to the network N2 of GSM type for example to the remote server SERV.

The first code Cl may include the URL address of the remote server SERV so as to properly route the request 5 '. In alternative embodiments, the Smartphone EQ2 can be configured, for example through the same application for performing the decoding of the pattern, to be able to send the request to a known SERV remote server. According to another variant, the user defines the url which is for example indicated on the equipment EQ1. The Smartphone EQ2 sends a 5 'request containing the first code Cl as well as identifying information of the Smartphone EQ2. In an alternative embodiment, the smartphone EQ2 has been pre-registered with a bank server such as a remote server SERV or another server that can be queried via the remote server SERV. An advantage of this pre-registration is that it allows to control s thereafter that the Smartphone EQ2 remounting first code Cl is the smartphone of the user 10. The information that can be transmitted with the first code Cl in the request 5 'can be a telephone number, a serial number or a name / surname or an identifier. Other information 10 can be integrated in the request 5 'such as the information that is to know if the Smartphone has been jailbroken, that is to say, cracked or hacked, or if the application to define an interface for the user that makes it possible to perform the analysis of the acquired image has been downloaded by the user 10. It is therefore possible to include information making it possible to improve the reliability of the authentication. A time stamped token can also be transmitted to the SERV remote server from the EQ2 Smartphone. The remote server SERV can then compare the first code Cl issued with the first code Cl returned by the smartphone. When the two codes are identical, the remote server SERV can authorize or not a bank transaction. The remote server SERV can also compare the identification of the smartphone EQ2 with the data recorded during the pre-registration with the remote server SERV. In a variant embodiment, when a shared secret makes it possible to generate a first code C1 with, for example, the identifier of the smartphone EQ2, it is not necessary to trace the identification information of the smartphone EQ2 to the remote server. SERV. Indeed, in this case, the comparison of the first codes is performed by the Smartphone EQ2. That is to say that a third party, in addition to using the banking information does not belong to it, should bring the smartphone EQ2 of the user 10 because another Smartphone could not generate the first code Cl to from the image capture. Depending on whether the first code or a secret is sent by the server, in both cases, the methods of the invention make it possible to prevent a third party from using the banking information without the equipment EQ2 which is associated. The identification of the Smartphone EQ2 therefore correspond to a double security which makes it possible to control that the user is the good user owner of the transmitted banking information and that he is in possession of his Smartphone EQ2. The information transmitted from the equipment EQ2 can be transmitted over a 3G or 4G connection, for example in the form of an SMS or an MMS. An advantage of SMS is that it can have 160 characters and offer the possibility to define complex and long codes by this means. In the two embodiments described in FIGS. 1 and 2, the first code C1 may be a time-stamped token which may, for example, be valid for a predefined time interval. When the remote server SERV sends a secret shared between itself and a device, EQ1 or EQ2 according to the embodiments, the latter makes it possible to generate a first code within the equipment receiving it as detailed previously. When the shared secret is sent to the EQ2 equipment, ie to the EQ2 Smartphone, this variant embodiment assumes that the Smartphone includes a function making it possible to deduce a code from an embedded algorithm and the secret received. This function can be initialized from a first connection to a SERV remote server and can be updated at regular time intervals. In a third compatible embodiment of the first two modes defined above in FIGS. 1 and 2, the first code C1 is sent to the equipment EQ1 and the equipment EQ2. One of the devices generates a pattern from the received code and displays it on a display so as to be captured by an image capture means integrated with the other equipment. In this case, one of the equipment capturing the pattern is able to deduce the first code C1 concealed in the generated pattern and to validate by a comparison operation of the two codes that the first code C1 is correct. In this case, the equipment performing the comparison does not go back the first decoded code C1 but for example information indicating the validation of the comparison test.

This third embodiment requires performing the comparison operation in one of the devices. When the Smartphone EQ2 makes the comparison, this operation can be performed by a dedicated application that can be the same as that which manages the image capture for example.

Claims (13)

REVENDICATIONS1. A method for generating a code for securing a transaction, characterized in that said method comprises: - an authentication (1) of a user (10) by the transmission of a first request (2) of a first device (EQ1) to a remote server (SERV); a generation of a first code (C1) by the remote server (SERV) destined for a second piece of equipment (EQ2); - a generation of a pattern from the first code (C1) on a display of the second equipment (EQ2) - an optical capture by the first equipment (EQ1) of the pattern displayed by the second equipment (EQ2); - A generation of a second request (5) confirmation by the first device (EQ1) to the remote server (SERV) for authorizing a transaction. 2. A method for generating a code for securing a transaction, characterized in that said method comprises: - an authentication (1) of a user (10) by the transmission of a first request (2) from a first device (EQ1) to a remote server (SERV); - Generation of a first code (C1) by the remote server (SERV) to the first device (EQ1); - generating a pattern from the first code (C1) on a display of the first device (EQ1) - an optical capture by a second device (EQ2) of the pattern displayed by the first device (EQ1); - A generation of a second request (5 ') confirmation by the second equipment (EQ2) to the remote server (SERV) for authorizing a transaction. 3. A method for generating a code for securing a transaction according to claim 1 or 2, characterized in that the remote server (SERV) compares the data of the first request (2) and the second request (5, 5 ') so as to authorize a transaction. 4. A method for generating a code for securing a transaction according to any one of claims 1 or 2, characterized in that the optical capture is performed by means of an optical detector and by means of a calculator allowing optical recognition of the pattern for the generation of a corresponding digital sequence (SEQ). 5. A method of generating a code for securing a transaction according to any one of claims 1 to 4, characterized in that the pattern is a 2D code. 6. A method for generating a code for securing a transaction according to claim 5, characterized in that the pattern is a Flash code, a QR code or a barcode. 7. A method of generating a code for securing a transaction according to any one of claims 1 to 4, characterized in that the pattern is a CAPTCHA. 8. A method for generating a code for securing a transaction according to any one of claims 1 to 4, characterized in that the pattern is a string of characters and that the optical recognition is an optical character recognition ( OCR) 9. A method for generating a code for securing a transaction according to any one of claims 4 to 8, characterized in that the generated digital sequence (SEQ) is transmitted via a first secure wireless link (L1). . 10. A method for generating a code for securing a transaction according to any one of claims 1 to 8, characterized in that the first code (C1) is a secret shared between the remote server (SERV) and the first or second equipment (EQ1, EQ2), a code (C1) being generated from the shared secret and information contained in one of the equipment (EQ1, EQ2). 11.Secure security of a transaction characterized in that it comprises: a remote server (SERV) allowing the generation of a first code to a control device (EQ1, EQ2) following the reception of a request ( 2) transaction comprising authentication data of a user (10); said control equipment (EQ1, EQ2) comprising means for receiving said first code (C1) and display means for displaying a representation of said first code (C1); a receiving equipment (EQ1, EQ2) comprising: an optical detector enabling the capture of the first code (C1); a computer for generating a digital sequence (SEQ) from the capture of the representation of said first code (C1) and; o a transmitter for generating the digital sequence (SEQ) generated to the remote server (SERV). 12. System for securing a transaction according to the preceding claim, characterized in that the control equipment is a PC and the receiving equipment is a smartphone, the optical detector is an integrated optics Smartphone. 13. System for securing a transaction according to the preceding claim, characterized in that the control equipment is a Smartphone and the receiving equipment is a PC, the optical detector being a camera integrated in PC.35. A computer program for a smartphone, characterized in that said smartphone comprises: - a configuration interface for determining a predetermined type of graphic representation from a set comprising at least two types of representations, and that said computer program allows the execution a set of methods according to any one of claims 1 to 10 for generating a graphical representation for each type according to a received digital code, the graphical representation comprising, by a steganography method, at least one information to find the digital code received. 15. Smartphone computer program according to claim 14, characterized in that at least a first representation is a QR code and a second representation is a CAPTCHA.