NL1007409C1 - Authentication system for electronic transactions - Google Patents
Authentication system for electronic transactions Download PDFInfo
- Publication number
- NL1007409C1 NL1007409C1 NL1007409A NL1007409A NL1007409C1 NL 1007409 C1 NL1007409 C1 NL 1007409C1 NL 1007409 A NL1007409 A NL 1007409A NL 1007409 A NL1007409 A NL 1007409A NL 1007409 C1 NL1007409 C1 NL 1007409C1
- Authority
- NL
- Netherlands
- Prior art keywords
- local
- authentication
- code
- terminal
- server
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
Description
Authenticatiesysteem ACHTERGROND VAN DE UITVINDINGBACKGROUND OF THE INVENTION
De uitvinding heeft betrekking op een authenticatiesysteem, waarbij een gebruiker van een systeem zich authenticeert tegenover dat systeem door middel van het bij dat systeem invoeren van een 5 authenticatiecode, welke door het systeem op geldigheid wordt onderzocht.The invention relates to an authentication system, in which a user of a system authenticates himself against that system by entering an authentication code into that system, which is checked for validity by the system.
Een dergelijk authenticatiesysteem is van algemene bekendheid. Vaak worden voor authenticatie alfanumerieke "passwords" gebruikt, die door de gebruiker worden ingetoetst. Als een vast password wordt gebruikt, 10 heeft dat het bezwaar dat het password ontvreemd of gecopieerd en daarna misbruikt kan worden. Om die reden bestaan er ook "one time password" (OTP) systemen, waarbij een password slechts één keer wordt gebruikt.Such an authentication system is generally known. Often alphanumeric "passwords" are used for authentication, which are entered by the user. If a fixed password is used, this has the drawback that the password can be stolen or copied and subsequently misused. For that reason there are also "one time password" (OTP) systems, where a password is only used once.
15 SAMENVATTING VAN DE UITVINDING15 SUMMARY OF THE INVENTION
De uitvinding voorziet in een OTP systeem waarbij het OTP, dat door een OTP generator gegenereerd wordt, enerzijds aan het systeem wordt overgedragen dat om athenticatie vraagt, en dat anderzijds aan de gebruiker wordt overgedragen, waarbij het OTP wordt geadresseerd aan 20 een uniek gebruikersadres. Uiteraard dient het overdrachtsmedium "intruder proof" te zijn. Bij voorkeur wordt gebruik gemaakt van een strikt persoonlijke gebruikersterminal, zoals een (GSM) terminal die is voorzien van een "Security & Identification Module" (SIM).The invention provides an OTP system in which the OTP generated by an OTP generator is transferred on the one hand to the system requesting authentication and on the other hand is transferred to the user, the OTP being addressed to a unique user address. Naturally, the transfer medium must be "intruder proof". Preferably, use is made of a strictly personal user terminal, such as a (GSM) terminal which is provided with a "Security & Identification Module" (SIM).
De uitvinding zal hierna aan de hand van een uitvoeringsvoorbeeld 25 nader worden uiteengezet.The invention will be explained in more detail below with reference to an exemplary embodiment.
UITVOERINGSVOORBEELDIMPLEMENTATION EXAMPLE
Figuur 1 toont zeer schematisch een uitvoeringsvoorbeeld van de uitvinding. Op een voor IP geschikt netwerk 1 (internet) is een 30 terminal 2 aangesloten, een server 3 en een authenticatieserver 4. Op een voor GSM geschikt netwerk 6 is een "Short Message Service" (SMS) server 5 aangesloten en een basisstation 7, die verbinding kan maken met een GSM terminal 8. Uiteraard zijn er in werkelijkheid veel meer terminals, servers etc.Figure 1 shows very schematically an embodiment of the invention. A terminal 2 (internet) is connected to an IP-capable network 1, a server 3 and an authentication server 4. A "Short Message Service" (SMS) server 5 and a base station 7 are connected to a GSM-capable network 6, that can connect to a GSM terminal 8. Obviously there are in reality many more terminals, servers etc.
35 De werking van het authenticatiesysteem volgens de uitvinding, uitgevoerd in het in figuur 1 getoonde stelsel is als volgt.The operation of the authentication system according to the invention, implemented in the system shown in figure 1 is as follows.
1007409 21007409 2
Een gebruiker maakt via terminal 2 en het internet 1 verbinding met server 3 om daar van een service gebruik te maken waarvoor authenticatie nodig is. De server 3 stuurt daartoe een HTML gecodeerd bericht naar de terminal, waarin de gebruiker verzocht wordt het 5 telefoonnummer van haar mobiele telefoon 8 in te voeren. De server 3 verstuurt een verzoek naar authenticatieserver 4 om een (random) authenticatiecode te genereren en naar de gebruiker te doen uitzenden. Daarna zendt de server 3 aan de gebruiker het verzoek om te wachten op een op haar mobiele telefoontoestel te ontvangen SMS-bericht met de 10 gevraagde authenticatiecode. Intussen wordt die code door server 4 gegenereerd en naar zowel SMS server 5 als naar server 3 verstuurd. De SMS server 5 verzendt de code, in de vorm van een SMS-bericht, naar het mobiele telefoontoestel 8, dat de ontvangen code op het beeldschermpje toont. De gebruiker leest dat en geeft de code via haar 15 terminal aan de server 3 door. Deze vergelijkt de van de terminal 2 ontvangen code met de (direct) van de server 4 ontvangen code. Bij overeenstemming wordt de door de gebruiker gevraagde service vrij gegeven.A user connects to server 3 via terminal 2 and the internet 1 to use a service that requires authentication. To this end, the server 3 sends an HTML coded message to the terminal, in which the user is requested to enter the telephone number of her mobile telephone 8. The server 3 sends a request to authentication server 4 to generate a (random) authentication code and have it broadcast to the user. The server 3 then sends the user the request to wait for an SMS message to be received on her mobile telephone with the requested authentication code. In the meantime, that code is generated by server 4 and sent to both SMS server 5 and server 3. The SMS server 5 sends the code, in the form of an SMS message, to the mobile telephone 8, which shows the received code on the screen. The user reads that and passes the code to the server 3 via its 15 terminal. This compares the code received from the terminal 2 with the code received directly from the server 4. By agreement, the service requested by the user is released.
Opgemerkt wordt dat de links tussen de servers 3, 4 en 5 wel veilig 20 dienen te zijn. Het kunnen (anders dan de figuur aangeeft) verbindingen buiten het IP net zijn of wel via het IP net gerealiseerd zijn, maar dan beveiligd, bijvoorbeeld door "firewalls" etc. Server 4 kan ook geïncorporeerd zijn in server 3, hetgeen de veiligheid eveneens verhoogt.It is noted that the links between the servers 3, 4 and 5 must be secure. It can (other than the figure indicates) connections outside the IP network or realized via the IP network, but then secured, for example by "firewalls" etc. Server 4 can also be incorporated in server 3, which also increases security .
25 In plaats van een telefoontoestel, kan ook gebruik gemaakt worden van andere soorten ontvangers, bijvoorbeeld een paging-ontvanger. Dit soort ontvangers is heden ten dage echter minder "intruder-proof" dan de huidige GSM-terminals. Ook is het niet persé nodig om van een radio-ontvanger gebruik te maken: elk medium is geschikt, mits de 30 "link" van de codegenerator (authenticatieserver) naar de ontvanger bij de gebruiker voldoende veilig is. In principe kan als medium hetzelfde medium worden gebruikt als waarmee de terminal verbinding heeft met de server (3) die om authenticatie vraagt. Als medium kan bijvoorbeeld een beveiligd virtueel kanaal of een "Virtual Private 35 Network" (VPN) worden gebruikt.Instead of a telephone, other types of receivers can also be used, for example a paging receiver. However, these types of receivers are less "intruder-proof" today than the current GSM terminals. Nor is it necessarily necessary to use a radio receiver: any medium is suitable, provided that the link from the code generator (authentication server) to the receiver is sufficiently secure with the user. In principle, the same medium can be used as the medium with which the terminal has a connection to the server (3) requesting authentication. As a medium, for example, a secure virtual channel or a "Virtual Private 35 Network" (VPN) can be used.
In het bovenstaande wordt voorgesteld dat de gebruiker de ontvangen authenticatiecode afleest (van het scherm van haar GSM toestel) en aan de server 3 doorgeeft door die code via haar toetsenbord over te 1007409 3 typen. Op zich is het natuurlijk fraaier om de op de gebruikerlocatie ontvangen authenticatiecode direct naar de server 3 te verzenden zonder die te hoeven overtypen. Bijvoorbeeld zou dat kunnen door een lokale, directe dataverbinding te gebruiken tussen de GSM-ontvanger en 5 de dataterminal 2. De dataterminal kan --via een daartoe geëigend applicatieprogramma-- de ontvangen authenticatiecode inlezen en aan server 3 doorgeven. Ook kan de authenticatiecode-ontvanger 8 in de terminal 2 geïncorporeerd worden. Vanneer hetzelfde medium zou worden gebruikt als voor de verbinding tussen de terminal 2 en de server 3, 10 in casu het internet 1, ligt een dergelijke directe doorgifte van de lokaal ontvangen authenticatiecode nog meer voor de hand. Het proces is dan: - server 3 vraagt terminal 2 om authenticatiecode; - server 3 verzoekt server 4 om een authenticatiecode te genereren; 15 - server 4 genereert een authenticatiecode en zendt die naar server 3 en naar een gebruikersterminal: in het voorgaande dus via GSM-SMS (server 5, netwerk 6 en radioverbinding 7-8), of, als alternatief, via een "secure" verbinding via het IP netwerk 1, naar de terminal 2; - de lokale gebruiker neemt de ontvangen authenticatiecode over en 20 zendt die naar server 3; bij een directe lokale koppeling wordt de authenticatiecode lokaal ontvangen, via GSM of via IP, en nadien door de terminal 2 naar server 3 gezonden; in dat laatste geval hoeft de gebruiker dus niets te doen; zelfs kan het authenticatieproces voor de gebruikere "onder water” plaatshebben.In the above it is proposed that the user reads the received authentication code (from the screen of her GSM device) and passes it on to the server 3 by typing that code via her keyboard 1007409 3. In itself it is of course nicer to send the authentication code received at the user location directly to the server 3 without having to retype it. For example, this could be done by using a local, direct data connection between the GSM receiver and the data terminal 2. The data terminal can - via an appropriate application program - read in the received authentication code and pass it on to server 3. Also, the authentication code receiver 8 can be incorporated in the terminal 2. If the same medium were to be used as for the connection between the terminal 2 and the server 3, 10 in this case the Internet 1, then such a direct transmission of the locally received authentication code is even more obvious. The process is then: - server 3 asks terminal 2 for authentication code; server 3 requests server 4 to generate an authentication code; 15 - server 4 generates an authentication code and sends it to server 3 and to a user terminal: in the foregoing therefore via GSM-SMS (server 5, network 6 and radio connection 7-8), or, alternatively, via a "secure" connection via the IP network 1, to the terminal 2; - the local user takes over the received authentication code and sends it to server 3; with a direct local link, the authentication code is received locally, via GSM or via IP, and then sent by terminal 2 to server 3; in the latter case, the user therefore does not have to do anything; even the authentication process for the user may take place "underwater".
10074091007409
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
NL1007409A NL1007409C1 (en) | 1997-10-31 | 1997-10-31 | Authentication system for electronic transactions |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
NL1007409A NL1007409C1 (en) | 1997-10-31 | 1997-10-31 | Authentication system for electronic transactions |
NL1007409 | 1997-10-31 |
Publications (1)
Publication Number | Publication Date |
---|---|
NL1007409C1 true NL1007409C1 (en) | 1997-11-18 |
Family
ID=19765926
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
NL1007409A NL1007409C1 (en) | 1997-10-31 | 1997-10-31 | Authentication system for electronic transactions |
Country Status (1)
Country | Link |
---|---|
NL (1) | NL1007409C1 (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1999023617A3 (en) * | 1997-11-04 | 1999-07-15 | Gilles Kremer | Method for transmitting data and implementing server |
WO2000003316A1 (en) * | 1997-05-28 | 2000-01-20 | Telefonaktiebolaget Lm Ericsson (Publ) | A method for securing access to a remote system |
WO2000078009A2 (en) * | 1999-06-16 | 2000-12-21 | Olivier Lenoir | Method and system for securely accessing a computer server |
FR2795897A1 (en) * | 1999-06-30 | 2001-01-05 | Schlumberger Systems & Service | Secure transaction system for Internet purchases uses link to mobile phone for confirmation of transaction payment |
WO2001059569A2 (en) * | 2000-02-09 | 2001-08-16 | Apriva, Inc. | Communication systems, components, and methods with programmable wireless devices |
WO2001080525A1 (en) * | 2000-04-14 | 2001-10-25 | Sun Microsystems, Inc. | Network access security |
WO2001092999A2 (en) * | 2000-05-26 | 2001-12-06 | Citrix Systems, Inc. | Secure exchange of an authentication token |
WO2002011082A1 (en) * | 2000-08-01 | 2002-02-07 | Mega-Tel Ag | Electronic payment transaction via sms |
US6430407B1 (en) | 1998-02-25 | 2002-08-06 | Telefonaktiebolaget Lm Ericsson (Publ) | Method, apparatus, and arrangement for authenticating a user to an application in a first communications network by means of a mobile station communicating with the application through a second communications network |
GB2382423A (en) * | 2001-11-22 | 2003-05-28 | Roke Manor Research | An e-commerce system using SMS order confirmation |
FR2835129A1 (en) * | 2002-01-23 | 2003-07-25 | Sagem | TWO-FACTOR AUTHENTICATION PROCESS WITH SINGLE-USE EPHEMERIC PASSWORD |
EP1361771A1 (en) * | 2002-05-06 | 2003-11-12 | Siemens Aktiengesellschaft | Method and radio communication system for transmission of user information as a service to multiple user terminals |
US6928420B1 (en) * | 2000-03-30 | 2005-08-09 | Fujitsu Limited | Automated transaction apparatus |
US6986040B1 (en) | 2000-11-03 | 2006-01-10 | Citrix Systems, Inc. | System and method of exploiting the security of a secure communication channel to secure a non-secure communication channel |
US7020773B1 (en) | 2000-07-17 | 2006-03-28 | Citrix Systems, Inc. | Strong mutual authentication of devices |
US7283820B2 (en) * | 2004-08-04 | 2007-10-16 | Lenovo Singapore Pte. Ltd. | Secure communication over a medium which includes a potentially insecure communication link |
WO2008007162A1 (en) * | 2006-07-11 | 2008-01-17 | Ultra Proizvodnja Elektronskih Naprav D.O.O | Customer identification and authentication procedure for online internet payments using mobile phones |
US7702915B2 (en) * | 2000-09-22 | 2010-04-20 | Roke Manor Research Limited | Access authentication system |
US10567385B2 (en) | 2010-02-25 | 2020-02-18 | Secureauth Corporation | System and method for provisioning a security token |
-
1997
- 1997-10-31 NL NL1007409A patent/NL1007409C1/en not_active IP Right Cessation
Cited By (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000003316A1 (en) * | 1997-05-28 | 2000-01-20 | Telefonaktiebolaget Lm Ericsson (Publ) | A method for securing access to a remote system |
WO1999023617A3 (en) * | 1997-11-04 | 1999-07-15 | Gilles Kremer | Method for transmitting data and implementing server |
EP1107203A3 (en) * | 1997-11-04 | 2001-11-14 | Magicaxess | Method for data transmission and implementing server |
EP1104921A3 (en) * | 1997-11-04 | 2001-11-14 | Magicaxess | Method for transmitting data and implementing server |
EP1058872B2 (en) † | 1998-02-25 | 2011-04-06 | TELEFONAKTIEBOLAGET LM ERICSSON (publ) | Method, arrangement and apparatus for authentication through a communications network |
US6430407B1 (en) | 1998-02-25 | 2002-08-06 | Telefonaktiebolaget Lm Ericsson (Publ) | Method, apparatus, and arrangement for authenticating a user to an application in a first communications network by means of a mobile station communicating with the application through a second communications network |
WO2000078009A2 (en) * | 1999-06-16 | 2000-12-21 | Olivier Lenoir | Method and system for securely accessing a computer server |
WO2000078009A3 (en) * | 1999-06-16 | 2001-06-28 | Olivier Lenoir | Method and system for securely accessing a computer server |
FR2795897A1 (en) * | 1999-06-30 | 2001-01-05 | Schlumberger Systems & Service | Secure transaction system for Internet purchases uses link to mobile phone for confirmation of transaction payment |
US9480038B2 (en) | 2000-02-09 | 2016-10-25 | Apriva, Llc | System and method for deploying application program components |
US8295835B2 (en) | 2000-02-09 | 2012-10-23 | Apriva, Llc | System and method for registration for application program deployment |
US7822410B2 (en) | 2000-02-09 | 2010-10-26 | Appsware Wireless, Llc | System and method for deploying application program components having an application server |
WO2001059569A3 (en) * | 2000-02-09 | 2002-07-04 | Apriva Inc | Communication systems, components, and methods with programmable wireless devices |
US7254390B2 (en) | 2000-02-09 | 2007-08-07 | Appsware Wireless, Llc | System and method for deploying application programs having a browser |
US7817981B2 (en) | 2000-02-09 | 2010-10-19 | Appsware Wireless, Llc | System and method for deploying application programs |
US9301275B2 (en) | 2000-02-09 | 2016-03-29 | Apriva, Llc | System and method for deploying application programs |
US9008638B2 (en) | 2000-02-09 | 2015-04-14 | Apriva, Llc | System and method for deploying application program components having a service sector to wireless devices |
US8989723B2 (en) | 2000-02-09 | 2015-03-24 | Apriva, Llc | System and method for deploying a payment application on a wireless device |
US7203485B2 (en) | 2000-02-09 | 2007-04-10 | Appsware Wireless, Llc | System and method for deploying application program components having a service sector |
US7203477B2 (en) | 2000-02-09 | 2007-04-10 | Appsware Wireless, Llc | System and method for deploying application programs |
US6934532B2 (en) | 2000-02-09 | 2005-08-23 | Apriva, Inc. | Communication systems, components, and methods operative with programmable wireless devices |
US7962137B2 (en) | 2000-02-09 | 2011-06-14 | Apriva, Llc | System and method for developing an application program for wireless devices |
WO2001059569A2 (en) * | 2000-02-09 | 2001-08-16 | Apriva, Inc. | Communication systems, components, and methods with programmable wireless devices |
US6928420B1 (en) * | 2000-03-30 | 2005-08-09 | Fujitsu Limited | Automated transaction apparatus |
WO2001080525A1 (en) * | 2000-04-14 | 2001-10-25 | Sun Microsystems, Inc. | Network access security |
WO2001092999A2 (en) * | 2000-05-26 | 2001-12-06 | Citrix Systems, Inc. | Secure exchange of an authentication token |
WO2001092999A3 (en) * | 2000-05-26 | 2002-06-06 | Citrix Systems Inc | Secure exchange of an authentication token |
US7020773B1 (en) | 2000-07-17 | 2006-03-28 | Citrix Systems, Inc. | Strong mutual authentication of devices |
US7293176B2 (en) | 2000-07-17 | 2007-11-06 | Citrix Systems, Inc. | Strong mutual authentication of devices |
WO2002011082A1 (en) * | 2000-08-01 | 2002-02-07 | Mega-Tel Ag | Electronic payment transaction via sms |
US7702915B2 (en) * | 2000-09-22 | 2010-04-20 | Roke Manor Research Limited | Access authentication system |
US6986040B1 (en) | 2000-11-03 | 2006-01-10 | Citrix Systems, Inc. | System and method of exploiting the security of a secure communication channel to secure a non-secure communication channel |
GB2382423A (en) * | 2001-11-22 | 2003-05-28 | Roke Manor Research | An e-commerce system using SMS order confirmation |
WO2003063411A1 (en) * | 2002-01-23 | 2003-07-31 | Sagem Sa | Two-factor authentication method with a one-time password |
FR2835129A1 (en) * | 2002-01-23 | 2003-07-25 | Sagem | TWO-FACTOR AUTHENTICATION PROCESS WITH SINGLE-USE EPHEMERIC PASSWORD |
US7177625B2 (en) | 2002-05-06 | 2007-02-13 | Siemens Aktiengesellschaft | Method and radio communication system for transmitting useful information as a service for several user stations |
WO2003094560A1 (en) * | 2002-05-06 | 2003-11-13 | Siemens Aktiengesellschaft | Method and radio communication system for the transmission of useful information as a service for several user stations |
EP1361771A1 (en) * | 2002-05-06 | 2003-11-12 | Siemens Aktiengesellschaft | Method and radio communication system for transmission of user information as a service to multiple user terminals |
US7283820B2 (en) * | 2004-08-04 | 2007-10-16 | Lenovo Singapore Pte. Ltd. | Secure communication over a medium which includes a potentially insecure communication link |
WO2008007162A1 (en) * | 2006-07-11 | 2008-01-17 | Ultra Proizvodnja Elektronskih Naprav D.O.O | Customer identification and authentication procedure for online internet payments using mobile phones |
US10567385B2 (en) | 2010-02-25 | 2020-02-18 | Secureauth Corporation | System and method for provisioning a security token |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
NL1007409C1 (en) | Authentication system for electronic transactions | |
JP5231433B2 (en) | System and method for authenticating remote server access | |
KR101116806B1 (en) | Method And System For The Authentication Of A User Of A Data Processing System | |
EP1504561B1 (en) | Methods and systems for secure transmission of information using a mobile device | |
US7949603B1 (en) | Secure online transaction system and method | |
CA2665961C (en) | Method and system for delivering a command to a mobile device | |
EP1766847B1 (en) | Method for generating and verifying an electronic signature | |
US20200265438A1 (en) | Systems and methods for estimating authenticity of local network of device initiating remote transaction | |
US20160057137A9 (en) | Multi-factor authentication techniques | |
CN101897166A (en) | Systems and methods for establishing a secure communication channel using a browser component | |
WO2001080525A1 (en) | Network access security | |
JPH10506744A (en) | Method for securing a connection from a station to at least one server, and apparatus using this method | |
JP2000148685A (en) | Method and device for keeping certificate information of proxy server for radio user agent | |
CA2724856A1 (en) | Method for authentication | |
CN107534664A (en) | For the multifactor mandate for the network for enabling IEEE 802.1X | |
US20070028105A1 (en) | Apparatus and method for providing security in computing and communication environments | |
KR20040083272A (en) | Method and System for Authentication of User on Web and/or Wireless Network by Using Mobile Terminal Loaded a Challenge/Response Based Mobile One-Time Password Module | |
CN103095721A (en) | A method and terminal and system for establishing secure connection | |
AU2014276890B2 (en) | Method for addressing, authentication, and secure data storage in computer systems | |
KR20210003529A (en) | Authentication method and telecommunication server using IP address and SMS | |
KR20010067759A (en) | One Time Identification Service | |
US20040152448A1 (en) | Method and arrangement for authenticating terminal equipment | |
JP2003504773A (en) | Method and system for authenticating a mobile communication device | |
CN114726907A (en) | Access method, system, equipment and storage medium of mobile terminal product | |
CN116961965A (en) | Automatic login method, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
TD | Modifications of names of proprietors of patents |
Owner name: KONINKLIJKE KPN N.V. |
|
VD1 | Lapsed due to non-payment of the annual fee |
Effective date: 20030501 |