NL1007409C1 - Authentication system for electronic transactions - Google Patents

Authentication system for electronic transactions Download PDF

Info

Publication number
NL1007409C1
NL1007409C1 NL1007409A NL1007409A NL1007409C1 NL 1007409 C1 NL1007409 C1 NL 1007409C1 NL 1007409 A NL1007409 A NL 1007409A NL 1007409 A NL1007409 A NL 1007409A NL 1007409 C1 NL1007409 C1 NL 1007409C1
Authority
NL
Netherlands
Prior art keywords
local
authentication
code
terminal
server
Prior art date
Application number
NL1007409A
Other languages
Dutch (nl)
Inventor
Sharon Christie Lesley Prins
Original Assignee
Nederland Ptt
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nederland Ptt filed Critical Nederland Ptt
Priority to NL1007409A priority Critical patent/NL1007409C1/en
Application granted granted Critical
Publication of NL1007409C1 publication Critical patent/NL1007409C1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The system includes a modem telephone link for an user access to the Internet (1) using a personal computer (2). A service provider server installation (3), an authentication server (4) and a short message service server (5) are connected to the internet. The short message service server is linked to a mobile telephone system (6,7). Authentication code details are sent to the user via a separate mobile telephone unit (8).

Description

Authenticatiesysteem ACHTERGROND VAN DE UITVINDINGBACKGROUND OF THE INVENTION

De uitvinding heeft betrekking op een authenticatiesysteem, waarbij een gebruiker van een systeem zich authenticeert tegenover dat systeem door middel van het bij dat systeem invoeren van een 5 authenticatiecode, welke door het systeem op geldigheid wordt onderzocht.The invention relates to an authentication system, in which a user of a system authenticates himself against that system by entering an authentication code into that system, which is checked for validity by the system.

Een dergelijk authenticatiesysteem is van algemene bekendheid. Vaak worden voor authenticatie alfanumerieke "passwords" gebruikt, die door de gebruiker worden ingetoetst. Als een vast password wordt gebruikt, 10 heeft dat het bezwaar dat het password ontvreemd of gecopieerd en daarna misbruikt kan worden. Om die reden bestaan er ook "one time password" (OTP) systemen, waarbij een password slechts één keer wordt gebruikt.Such an authentication system is generally known. Often alphanumeric "passwords" are used for authentication, which are entered by the user. If a fixed password is used, this has the drawback that the password can be stolen or copied and subsequently misused. For that reason there are also "one time password" (OTP) systems, where a password is only used once.

15 SAMENVATTING VAN DE UITVINDING15 SUMMARY OF THE INVENTION

De uitvinding voorziet in een OTP systeem waarbij het OTP, dat door een OTP generator gegenereerd wordt, enerzijds aan het systeem wordt overgedragen dat om athenticatie vraagt, en dat anderzijds aan de gebruiker wordt overgedragen, waarbij het OTP wordt geadresseerd aan 20 een uniek gebruikersadres. Uiteraard dient het overdrachtsmedium "intruder proof" te zijn. Bij voorkeur wordt gebruik gemaakt van een strikt persoonlijke gebruikersterminal, zoals een (GSM) terminal die is voorzien van een "Security & Identification Module" (SIM).The invention provides an OTP system in which the OTP generated by an OTP generator is transferred on the one hand to the system requesting authentication and on the other hand is transferred to the user, the OTP being addressed to a unique user address. Naturally, the transfer medium must be "intruder proof". Preferably, use is made of a strictly personal user terminal, such as a (GSM) terminal which is provided with a "Security & Identification Module" (SIM).

De uitvinding zal hierna aan de hand van een uitvoeringsvoorbeeld 25 nader worden uiteengezet.The invention will be explained in more detail below with reference to an exemplary embodiment.

UITVOERINGSVOORBEELDIMPLEMENTATION EXAMPLE

Figuur 1 toont zeer schematisch een uitvoeringsvoorbeeld van de uitvinding. Op een voor IP geschikt netwerk 1 (internet) is een 30 terminal 2 aangesloten, een server 3 en een authenticatieserver 4. Op een voor GSM geschikt netwerk 6 is een "Short Message Service" (SMS) server 5 aangesloten en een basisstation 7, die verbinding kan maken met een GSM terminal 8. Uiteraard zijn er in werkelijkheid veel meer terminals, servers etc.Figure 1 shows very schematically an embodiment of the invention. A terminal 2 (internet) is connected to an IP-capable network 1, a server 3 and an authentication server 4. A "Short Message Service" (SMS) server 5 and a base station 7 are connected to a GSM-capable network 6, that can connect to a GSM terminal 8. Obviously there are in reality many more terminals, servers etc.

35 De werking van het authenticatiesysteem volgens de uitvinding, uitgevoerd in het in figuur 1 getoonde stelsel is als volgt.The operation of the authentication system according to the invention, implemented in the system shown in figure 1 is as follows.

1007409 21007409 2

Een gebruiker maakt via terminal 2 en het internet 1 verbinding met server 3 om daar van een service gebruik te maken waarvoor authenticatie nodig is. De server 3 stuurt daartoe een HTML gecodeerd bericht naar de terminal, waarin de gebruiker verzocht wordt het 5 telefoonnummer van haar mobiele telefoon 8 in te voeren. De server 3 verstuurt een verzoek naar authenticatieserver 4 om een (random) authenticatiecode te genereren en naar de gebruiker te doen uitzenden. Daarna zendt de server 3 aan de gebruiker het verzoek om te wachten op een op haar mobiele telefoontoestel te ontvangen SMS-bericht met de 10 gevraagde authenticatiecode. Intussen wordt die code door server 4 gegenereerd en naar zowel SMS server 5 als naar server 3 verstuurd. De SMS server 5 verzendt de code, in de vorm van een SMS-bericht, naar het mobiele telefoontoestel 8, dat de ontvangen code op het beeldschermpje toont. De gebruiker leest dat en geeft de code via haar 15 terminal aan de server 3 door. Deze vergelijkt de van de terminal 2 ontvangen code met de (direct) van de server 4 ontvangen code. Bij overeenstemming wordt de door de gebruiker gevraagde service vrij gegeven.A user connects to server 3 via terminal 2 and the internet 1 to use a service that requires authentication. To this end, the server 3 sends an HTML coded message to the terminal, in which the user is requested to enter the telephone number of her mobile telephone 8. The server 3 sends a request to authentication server 4 to generate a (random) authentication code and have it broadcast to the user. The server 3 then sends the user the request to wait for an SMS message to be received on her mobile telephone with the requested authentication code. In the meantime, that code is generated by server 4 and sent to both SMS server 5 and server 3. The SMS server 5 sends the code, in the form of an SMS message, to the mobile telephone 8, which shows the received code on the screen. The user reads that and passes the code to the server 3 via its 15 terminal. This compares the code received from the terminal 2 with the code received directly from the server 4. By agreement, the service requested by the user is released.

Opgemerkt wordt dat de links tussen de servers 3, 4 en 5 wel veilig 20 dienen te zijn. Het kunnen (anders dan de figuur aangeeft) verbindingen buiten het IP net zijn of wel via het IP net gerealiseerd zijn, maar dan beveiligd, bijvoorbeeld door "firewalls" etc. Server 4 kan ook geïncorporeerd zijn in server 3, hetgeen de veiligheid eveneens verhoogt.It is noted that the links between the servers 3, 4 and 5 must be secure. It can (other than the figure indicates) connections outside the IP network or realized via the IP network, but then secured, for example by "firewalls" etc. Server 4 can also be incorporated in server 3, which also increases security .

25 In plaats van een telefoontoestel, kan ook gebruik gemaakt worden van andere soorten ontvangers, bijvoorbeeld een paging-ontvanger. Dit soort ontvangers is heden ten dage echter minder "intruder-proof" dan de huidige GSM-terminals. Ook is het niet persé nodig om van een radio-ontvanger gebruik te maken: elk medium is geschikt, mits de 30 "link" van de codegenerator (authenticatieserver) naar de ontvanger bij de gebruiker voldoende veilig is. In principe kan als medium hetzelfde medium worden gebruikt als waarmee de terminal verbinding heeft met de server (3) die om authenticatie vraagt. Als medium kan bijvoorbeeld een beveiligd virtueel kanaal of een "Virtual Private 35 Network" (VPN) worden gebruikt.Instead of a telephone, other types of receivers can also be used, for example a paging receiver. However, these types of receivers are less "intruder-proof" today than the current GSM terminals. Nor is it necessarily necessary to use a radio receiver: any medium is suitable, provided that the link from the code generator (authentication server) to the receiver is sufficiently secure with the user. In principle, the same medium can be used as the medium with which the terminal has a connection to the server (3) requesting authentication. As a medium, for example, a secure virtual channel or a "Virtual Private 35 Network" (VPN) can be used.

In het bovenstaande wordt voorgesteld dat de gebruiker de ontvangen authenticatiecode afleest (van het scherm van haar GSM toestel) en aan de server 3 doorgeeft door die code via haar toetsenbord over te 1007409 3 typen. Op zich is het natuurlijk fraaier om de op de gebruikerlocatie ontvangen authenticatiecode direct naar de server 3 te verzenden zonder die te hoeven overtypen. Bijvoorbeeld zou dat kunnen door een lokale, directe dataverbinding te gebruiken tussen de GSM-ontvanger en 5 de dataterminal 2. De dataterminal kan --via een daartoe geëigend applicatieprogramma-- de ontvangen authenticatiecode inlezen en aan server 3 doorgeven. Ook kan de authenticatiecode-ontvanger 8 in de terminal 2 geïncorporeerd worden. Vanneer hetzelfde medium zou worden gebruikt als voor de verbinding tussen de terminal 2 en de server 3, 10 in casu het internet 1, ligt een dergelijke directe doorgifte van de lokaal ontvangen authenticatiecode nog meer voor de hand. Het proces is dan: - server 3 vraagt terminal 2 om authenticatiecode; - server 3 verzoekt server 4 om een authenticatiecode te genereren; 15 - server 4 genereert een authenticatiecode en zendt die naar server 3 en naar een gebruikersterminal: in het voorgaande dus via GSM-SMS (server 5, netwerk 6 en radioverbinding 7-8), of, als alternatief, via een "secure" verbinding via het IP netwerk 1, naar de terminal 2; - de lokale gebruiker neemt de ontvangen authenticatiecode over en 20 zendt die naar server 3; bij een directe lokale koppeling wordt de authenticatiecode lokaal ontvangen, via GSM of via IP, en nadien door de terminal 2 naar server 3 gezonden; in dat laatste geval hoeft de gebruiker dus niets te doen; zelfs kan het authenticatieproces voor de gebruikere "onder water” plaatshebben.In the above it is proposed that the user reads the received authentication code (from the screen of her GSM device) and passes it on to the server 3 by typing that code via her keyboard 1007409 3. In itself it is of course nicer to send the authentication code received at the user location directly to the server 3 without having to retype it. For example, this could be done by using a local, direct data connection between the GSM receiver and the data terminal 2. The data terminal can - via an appropriate application program - read in the received authentication code and pass it on to server 3. Also, the authentication code receiver 8 can be incorporated in the terminal 2. If the same medium were to be used as for the connection between the terminal 2 and the server 3, 10 in this case the Internet 1, then such a direct transmission of the locally received authentication code is even more obvious. The process is then: - server 3 asks terminal 2 for authentication code; server 3 requests server 4 to generate an authentication code; 15 - server 4 generates an authentication code and sends it to server 3 and to a user terminal: in the foregoing therefore via GSM-SMS (server 5, network 6 and radio connection 7-8), or, alternatively, via a "secure" connection via the IP network 1, to the terminal 2; - the local user takes over the received authentication code and sends it to server 3; with a direct local link, the authentication code is received locally, via GSM or via IP, and then sent by terminal 2 to server 3; in the latter case, the user therefore does not have to do anything; even the authentication process for the user may take place "underwater".

10074091007409

Claims (8)

1. Authenticatiesysteem, waarbij een lokale gebruiker zich tegenover een systeem authenticeert door het, via een lokale terminal (2), bij dat systeem invoeren van een authenticatiecode, die door dat systeem 5 op geldigheid wordt onderzocht, met het kenmerk dat de authenticatiecode gegenereerd wordt door een codegenerator (4), die de gegenereerde code enerzijds overgedraagt aan het systeem (3) dat om athenticatie vraagt, en anderzijds adresseert en overdraagt aan een lokale code-ontvanger (8) met een eigen ontvangstadres, waarna de 10 gebruiker de aldus ontvangen authenticatiecode aan het daarom vragende systeem (3) overdraagt.1. Authentication system, in which a local user authenticates himself to a system by entering an authentication code, via a local terminal (2), into that system, which is validated by that system 5, characterized in that the authentication code is generated by a code generator (4), which on the one hand transfers the generated code to the system (3) requesting authentication, and on the other hand addresses and transfers it to a local code receiver (8) with its own receiving address, after which the user receives the thus received authentication code to the system (3) requesting it. 2. Authenticatiesysteem volgens conclusie 1, met het kenmerk dat de lokale code-ontvanger een lokale verbinding heeft met de genoemde lokale terminal (2).Authentication system according to claim 1, characterized in that the local code receiver has a local connection to said local terminal (2). 3. Authenticatiesysteem volgens conclusie 1, met het kenmerk dat de lokale code-ontvanger deel uitmaakt van de lokale terminal (2).Authentication system according to claim 1, characterized in that the local code receiver is part of the local terminal (2). 4. Authenticatiesysteem volgens conclusie 1, met het kenmerk dat voor de verbinding tussen de lokale terminal (2) 20 en de server (3) enerzijds, en de verbinding tussen de codegenerator (4) en de lokale code-ontvanger (8) anderzijds, gebruik wordt gemaakt van verschillende media (1, 6).Authentication system according to claim 1, characterized in that for the connection between the local terminal (2) and the server (3) on the one hand, and the connection between the code generator (4) and the local code receiver (8) on the other hand, different media are used (1, 6). 5. Authenticatiesysteem volgens conclusie 1, met het kenmerk dat voor de verbinding tussen de lokale terminal (2) 25 en de server (3) enerzijds, en de verbinding tussen de codegenerator (4) en de lokale code-ontvanger (8) anderzijds, gebruik wordt gemaakt van hetzelfde, gemeenschappelijke medium, zij het van verschillende kanalen binnen datzelfde medium.Authentication system according to claim 1, characterized in that for the connection between the local terminal (2) and the server (3) on the one hand, and the connection between the code generator (4) and the local code receiver (8) on the other hand, use is made of the same, common medium, albeit of different channels within the same medium. 6. Authenticatiesysteem volgens conclusie 4, met het 30 kenmerk dat de lokale code-ontvanger gevormd wordt door een mobiele spraak- of dataterminal.Authentication system according to claim 4, characterized in that the local code receiver is a mobile voice or data terminal. 7. Authenticatiesysteem volgens conclusie 6, met het kenmerk dat de lokale code-ontvanger wordt gevormd door een digitale mobiele terminal, zoals een GSM-terminal.Authentication system according to claim 6, characterized in that the local code receiver is a digital mobile terminal, such as a GSM terminal. 8. Authenticatiesysteem volgens conclusie 4, met het kenmerk dat de lokale code-ontvanger wordt gevormd door een paging-terminal. 1 0 0 7 409Authentication system according to claim 4, characterized in that the local code receiver is a paging terminal. 1 0 0 7 409
NL1007409A 1997-10-31 1997-10-31 Authentication system for electronic transactions NL1007409C1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
NL1007409A NL1007409C1 (en) 1997-10-31 1997-10-31 Authentication system for electronic transactions

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL1007409A NL1007409C1 (en) 1997-10-31 1997-10-31 Authentication system for electronic transactions
NL1007409 1997-10-31

Publications (1)

Publication Number Publication Date
NL1007409C1 true NL1007409C1 (en) 1997-11-18

Family

ID=19765926

Family Applications (1)

Application Number Title Priority Date Filing Date
NL1007409A NL1007409C1 (en) 1997-10-31 1997-10-31 Authentication system for electronic transactions

Country Status (1)

Country Link
NL (1) NL1007409C1 (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999023617A3 (en) * 1997-11-04 1999-07-15 Gilles Kremer Method for transmitting data and implementing server
WO2000003316A1 (en) * 1997-05-28 2000-01-20 Telefonaktiebolaget Lm Ericsson (Publ) A method for securing access to a remote system
WO2000078009A2 (en) * 1999-06-16 2000-12-21 Olivier Lenoir Method and system for securely accessing a computer server
FR2795897A1 (en) * 1999-06-30 2001-01-05 Schlumberger Systems & Service Secure transaction system for Internet purchases uses link to mobile phone for confirmation of transaction payment
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
WO2001080525A1 (en) * 2000-04-14 2001-10-25 Sun Microsystems, Inc. Network access security
WO2001092999A2 (en) * 2000-05-26 2001-12-06 Citrix Systems, Inc. Secure exchange of an authentication token
WO2002011082A1 (en) * 2000-08-01 2002-02-07 Mega-Tel Ag Electronic payment transaction via sms
US6430407B1 (en) 1998-02-25 2002-08-06 Telefonaktiebolaget Lm Ericsson (Publ) Method, apparatus, and arrangement for authenticating a user to an application in a first communications network by means of a mobile station communicating with the application through a second communications network
GB2382423A (en) * 2001-11-22 2003-05-28 Roke Manor Research An e-commerce system using SMS order confirmation
FR2835129A1 (en) * 2002-01-23 2003-07-25 Sagem TWO-FACTOR AUTHENTICATION PROCESS WITH SINGLE-USE EPHEMERIC PASSWORD
EP1361771A1 (en) * 2002-05-06 2003-11-12 Siemens Aktiengesellschaft Method and radio communication system for transmission of user information as a service to multiple user terminals
US6928420B1 (en) * 2000-03-30 2005-08-09 Fujitsu Limited Automated transaction apparatus
US6986040B1 (en) 2000-11-03 2006-01-10 Citrix Systems, Inc. System and method of exploiting the security of a secure communication channel to secure a non-secure communication channel
US7020773B1 (en) 2000-07-17 2006-03-28 Citrix Systems, Inc. Strong mutual authentication of devices
US7283820B2 (en) * 2004-08-04 2007-10-16 Lenovo Singapore Pte. Ltd. Secure communication over a medium which includes a potentially insecure communication link
WO2008007162A1 (en) * 2006-07-11 2008-01-17 Ultra Proizvodnja Elektronskih Naprav D.O.O Customer identification and authentication procedure for online internet payments using mobile phones
US7702915B2 (en) * 2000-09-22 2010-04-20 Roke Manor Research Limited Access authentication system
US10567385B2 (en) 2010-02-25 2020-02-18 Secureauth Corporation System and method for provisioning a security token

Cited By (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000003316A1 (en) * 1997-05-28 2000-01-20 Telefonaktiebolaget Lm Ericsson (Publ) A method for securing access to a remote system
WO1999023617A3 (en) * 1997-11-04 1999-07-15 Gilles Kremer Method for transmitting data and implementing server
EP1107203A3 (en) * 1997-11-04 2001-11-14 Magicaxess Method for data transmission and implementing server
EP1104921A3 (en) * 1997-11-04 2001-11-14 Magicaxess Method for transmitting data and implementing server
EP1058872B2 (en) 1998-02-25 2011-04-06 TELEFONAKTIEBOLAGET LM ERICSSON (publ) Method, arrangement and apparatus for authentication through a communications network
US6430407B1 (en) 1998-02-25 2002-08-06 Telefonaktiebolaget Lm Ericsson (Publ) Method, apparatus, and arrangement for authenticating a user to an application in a first communications network by means of a mobile station communicating with the application through a second communications network
WO2000078009A2 (en) * 1999-06-16 2000-12-21 Olivier Lenoir Method and system for securely accessing a computer server
WO2000078009A3 (en) * 1999-06-16 2001-06-28 Olivier Lenoir Method and system for securely accessing a computer server
FR2795897A1 (en) * 1999-06-30 2001-01-05 Schlumberger Systems & Service Secure transaction system for Internet purchases uses link to mobile phone for confirmation of transaction payment
US9480038B2 (en) 2000-02-09 2016-10-25 Apriva, Llc System and method for deploying application program components
US8295835B2 (en) 2000-02-09 2012-10-23 Apriva, Llc System and method for registration for application program deployment
US7822410B2 (en) 2000-02-09 2010-10-26 Appsware Wireless, Llc System and method for deploying application program components having an application server
WO2001059569A3 (en) * 2000-02-09 2002-07-04 Apriva Inc Communication systems, components, and methods with programmable wireless devices
US7254390B2 (en) 2000-02-09 2007-08-07 Appsware Wireless, Llc System and method for deploying application programs having a browser
US7817981B2 (en) 2000-02-09 2010-10-19 Appsware Wireless, Llc System and method for deploying application programs
US9301275B2 (en) 2000-02-09 2016-03-29 Apriva, Llc System and method for deploying application programs
US9008638B2 (en) 2000-02-09 2015-04-14 Apriva, Llc System and method for deploying application program components having a service sector to wireless devices
US8989723B2 (en) 2000-02-09 2015-03-24 Apriva, Llc System and method for deploying a payment application on a wireless device
US7203485B2 (en) 2000-02-09 2007-04-10 Appsware Wireless, Llc System and method for deploying application program components having a service sector
US7203477B2 (en) 2000-02-09 2007-04-10 Appsware Wireless, Llc System and method for deploying application programs
US6934532B2 (en) 2000-02-09 2005-08-23 Apriva, Inc. Communication systems, components, and methods operative with programmable wireless devices
US7962137B2 (en) 2000-02-09 2011-06-14 Apriva, Llc System and method for developing an application program for wireless devices
WO2001059569A2 (en) * 2000-02-09 2001-08-16 Apriva, Inc. Communication systems, components, and methods with programmable wireless devices
US6928420B1 (en) * 2000-03-30 2005-08-09 Fujitsu Limited Automated transaction apparatus
WO2001080525A1 (en) * 2000-04-14 2001-10-25 Sun Microsystems, Inc. Network access security
WO2001092999A2 (en) * 2000-05-26 2001-12-06 Citrix Systems, Inc. Secure exchange of an authentication token
WO2001092999A3 (en) * 2000-05-26 2002-06-06 Citrix Systems Inc Secure exchange of an authentication token
US7020773B1 (en) 2000-07-17 2006-03-28 Citrix Systems, Inc. Strong mutual authentication of devices
US7293176B2 (en) 2000-07-17 2007-11-06 Citrix Systems, Inc. Strong mutual authentication of devices
WO2002011082A1 (en) * 2000-08-01 2002-02-07 Mega-Tel Ag Electronic payment transaction via sms
US7702915B2 (en) * 2000-09-22 2010-04-20 Roke Manor Research Limited Access authentication system
US6986040B1 (en) 2000-11-03 2006-01-10 Citrix Systems, Inc. System and method of exploiting the security of a secure communication channel to secure a non-secure communication channel
GB2382423A (en) * 2001-11-22 2003-05-28 Roke Manor Research An e-commerce system using SMS order confirmation
WO2003063411A1 (en) * 2002-01-23 2003-07-31 Sagem Sa Two-factor authentication method with a one-time password
FR2835129A1 (en) * 2002-01-23 2003-07-25 Sagem TWO-FACTOR AUTHENTICATION PROCESS WITH SINGLE-USE EPHEMERIC PASSWORD
US7177625B2 (en) 2002-05-06 2007-02-13 Siemens Aktiengesellschaft Method and radio communication system for transmitting useful information as a service for several user stations
WO2003094560A1 (en) * 2002-05-06 2003-11-13 Siemens Aktiengesellschaft Method and radio communication system for the transmission of useful information as a service for several user stations
EP1361771A1 (en) * 2002-05-06 2003-11-12 Siemens Aktiengesellschaft Method and radio communication system for transmission of user information as a service to multiple user terminals
US7283820B2 (en) * 2004-08-04 2007-10-16 Lenovo Singapore Pte. Ltd. Secure communication over a medium which includes a potentially insecure communication link
WO2008007162A1 (en) * 2006-07-11 2008-01-17 Ultra Proizvodnja Elektronskih Naprav D.O.O Customer identification and authentication procedure for online internet payments using mobile phones
US10567385B2 (en) 2010-02-25 2020-02-18 Secureauth Corporation System and method for provisioning a security token

Similar Documents

Publication Publication Date Title
NL1007409C1 (en) Authentication system for electronic transactions
JP5231433B2 (en) System and method for authenticating remote server access
KR101116806B1 (en) Method And System For The Authentication Of A User Of A Data Processing System
EP1504561B1 (en) Methods and systems for secure transmission of information using a mobile device
US7949603B1 (en) Secure online transaction system and method
CA2665961C (en) Method and system for delivering a command to a mobile device
EP1766847B1 (en) Method for generating and verifying an electronic signature
US20200265438A1 (en) Systems and methods for estimating authenticity of local network of device initiating remote transaction
US20160057137A9 (en) Multi-factor authentication techniques
CN101897166A (en) Systems and methods for establishing a secure communication channel using a browser component
WO2001080525A1 (en) Network access security
JPH10506744A (en) Method for securing a connection from a station to at least one server, and apparatus using this method
JP2000148685A (en) Method and device for keeping certificate information of proxy server for radio user agent
CA2724856A1 (en) Method for authentication
CN107534664A (en) For the multifactor mandate for the network for enabling IEEE 802.1X
US20070028105A1 (en) Apparatus and method for providing security in computing and communication environments
KR20040083272A (en) Method and System for Authentication of User on Web and/or Wireless Network by Using Mobile Terminal Loaded a Challenge/Response Based Mobile One-Time Password Module
CN103095721A (en) A method and terminal and system for establishing secure connection
AU2014276890B2 (en) Method for addressing, authentication, and secure data storage in computer systems
KR20210003529A (en) Authentication method and telecommunication server using IP address and SMS
KR20010067759A (en) One Time Identification Service
US20040152448A1 (en) Method and arrangement for authenticating terminal equipment
JP2003504773A (en) Method and system for authenticating a mobile communication device
CN114726907A (en) Access method, system, equipment and storage medium of mobile terminal product
CN116961965A (en) Automatic login method, equipment and storage medium

Legal Events

Date Code Title Description
TD Modifications of names of proprietors of patents

Owner name: KONINKLIJKE KPN N.V.

VD1 Lapsed due to non-payment of the annual fee

Effective date: 20030501