WO2001084452A2 - System and method for enabling universal log-in - Google Patents

System and method for enabling universal log-in Download PDF

Info

Publication number
WO2001084452A2
WO2001084452A2 PCT/US2001/014485 US0114485W WO0184452A2 WO 2001084452 A2 WO2001084452 A2 WO 2001084452A2 US 0114485 W US0114485 W US 0114485W WO 0184452 A2 WO0184452 A2 WO 0184452A2
Authority
WO
WIPO (PCT)
Prior art keywords
payment
chip
chip card
application
card
Prior art date
Application number
PCT/US2001/014485
Other languages
French (fr)
Other versions
WO2001084452A3 (en
Inventor
John Wankmueller
Michael D. Harris
Original Assignee
Mastercard International Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Incorporated filed Critical Mastercard International Incorporated
Priority to EP01933029A priority Critical patent/EP1281149A2/en
Priority to AU5949401A priority patent/AU5949401A/en
Priority to AU2001259494A priority patent/AU2001259494B2/en
Priority to CA002408014A priority patent/CA2408014A1/en
Priority to JP2001581192A priority patent/JP2003532236A/en
Publication of WO2001084452A2 publication Critical patent/WO2001084452A2/en
Publication of WO2001084452A3 publication Critical patent/WO2001084452A3/en
Priority to HK03105054.9A priority patent/HK1052776A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data

Definitions

  • the present invention relates to digital identification products and more specifically to a system and method for providing a umversal log-in to software programs and web sites.
  • digital ID products there are numerous digital ID products on the market but none take advantage of payment card specifications to provide for universal log-in capability.
  • a method for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network through the use of a local chip card reader at the user location.
  • the method preferably includes the following steps: providing the chip payment application with a payment security technique having at least one application that supports a payment dynamic data authentication function; providing at the remote host site instead of at the user location a public key infrastructure and payment chip terminal authentication software; reading by the local chip card reader the chip card; communicating by the payment chip terminal authentication software from the remote host site over the communications network and through the chip card reader with the chip payment application on the chip card; utilizing by the chip card the payment dynamic data authentication function to provide a payment response to the communication; verifying by the remote payment chip terminal authentication software, based on the payment response and through the public key infrastructure, that the chip card is authentic; allowing access to the non-payment application based on the verification.
  • the method further includes: prompting the user for a personal identification number; locally verifying by the chip card the personal identification number; and verifying, based on the local verification step, that the user is authentic.
  • the communication step further includes forwarding by the remote host site over the communications network authentication commands to the chip payment application; and the chip card contains a unique identifier utilized in the payment response.
  • Fig. 1 is a block diagram illustrating the different components preferably utilized in the remote access method of the present invention
  • Fig. 2 is a flow chart of a method for logging into a software program or web site according to an exemplary embodiment of the present invention.
  • Dynamic data authentication is the process through which authenticating software, located generally at the point of sale terminal or local card reader device, can send specific commands and data to an EMV-compliant chip card application (on a chip card capable of performing public key cryptography signing functions) and receive data from the card application in response that allows the authenticating software to cryptographically verify that the chip card performed the digital signature.
  • DOE A Dynamic data authentication
  • the present invention uses the DDA functionality specified in the EMV Specifications as the basis of a secure universal log-in function to identify an authorized user to a piece of software or a web site by virtue of the user's authorized possession of a DDA-capable chip application and a valid account number or other valid identifier (such as a primary account number for sign-on use only).
  • the present invention preferably utilizes the existing MasterCard International public key infrastructure, which has been built to support EMV applications. This public key infrastructure is described in the following documents, also incorporated herein by reference (familiarity with which is also presumed):
  • Terminal Requirements for Debit and Credit, Version 2.1 (contains MasterCard's requirements for terminals that accept MasterCard branded debit and credit chip card programs);
  • the present invention may also utilize PIN or password verification by the chip card application at the instigation of the authenticating software.
  • PIN or password verification by the chip card application at the instigation of the authenticating software.
  • other methods of cardholder verification such as biometric verification methods may be used.
  • Successful completion of such a PIN verification by the card could be communicated to the authenticating software in the data elements defined by the EMV Specifications for this purpose with the integrity of that data element being confirmed by the DDA.
  • a method for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network.
  • chip payment applications residing on a chip card communicated directly at the user site with a card reader or point-of-sale device which itself, based on authenticating software stored locally at the user site, verified, for payment purposes, the authenticity of the card and the user, the latter depending on whether a personal identification number was provided.
  • the present invention contemplates using payment applications and payment security techniques in a different manner and in a different context — not for purposes of authorizing payment transactions but instead for allowing access to non-payment applications and websites over a communications network.
  • payment chip terminal authentication software is placed not at the point of sale or at the user site but is instead placed at a remote host site location to allow for access to a non-payment application, such as a website, located remotely from the user location.
  • the remote host site stored with the authenticating software, drives the authentication process with the local chip card in accordance with a payment public key infrastructure, over a communications network, for purposes of allowing access to non-payment applications.
  • the process starts with the consumer/client at a computer moving his or her browser to a website having an access controlled area on the Internet.
  • the provider of this restricted service operates a digital identification processing component (e.g., the authentication software) at the remote host server site that will inquire regarding the capability of the client computer to perform an authentication transaction. If the client computer signals the availability of such a service, then the client side component will be activated by the server. Performing what it considers to be a payment procedure, it sends an authentication request to the service provider.
  • a digital identification processing component e.g., the authentication software
  • FIG. 1 illustrates the structural or processing components involved in the preferred method of the present invention.
  • a chip card 10 issued by an issuer contains a chip payment application 12 with a payment security technique having at least one application that preferably supports a payment dynamic data authentication function 14.
  • the chip card contains a unique identifier for the purpose of identifying the card and the issuer, and it also contains a secret key for use with the payment security technique.
  • a card reader 16 is provided at the user location (preferably attached to the user's computer) for reading (or electromechanical connection to) the card 10.
  • the electrical interface and transmission protocols should comply with the requirements in the EMV Specs.
  • the reader should also be available with RS232 or USB connection, or it can be built into the user/client computer 18, which will now be described.
  • the user/client computer 18 will provide the interface between the card reader and the merchant/service provider component.
  • the user/client software will preferably be downloaded from the web, if not already installed on the computer. It will preferably handle the following local functions: accepting the request from the remote site; prompting the cardholder to insert the card into the reader; optionally prompting the cardholder to enter his or her PIN; verifying the PIN with the application on the card; and performing the local processing in accordance with the EMV Specs.
  • PKI public key infrastructure
  • the authenticating software 22 drives the communication with the card in accordance with the flow chart depicted in Figure 2.
  • Fig. 2 is a flow chart of a method for logging into an authenticating software (e.g., a software program or web site) according to an exemplary embodiment of the present invention.
  • the term "per EMV” in Fig. 2 indicates that an operation is performed according to the EMV Specifications.
  • a card application on an integrated circuit (“IC") card is initiated by the authenticating software at the remote host site location.
  • IC integrated circuit
  • step 102 it is preferably determined if PIN verification is required for the card application. If PIN verification is required, a PIN is obtained from a user in step 104.
  • a "VERIFY PIN" command is sent to the card application.
  • step 108 the card application performs PIN verification using a stored PIN in the IC card. This is done in accordance with the EMV Specs.
  • step 110 the result of the PIN verification is stored in the IC card, and in step 112, the PIN verification result is returned to the authenticating software per the EMV Specs.
  • step 114 it is determined whether the PIN was correctly entered. If the PIN was not correctly entered, the authenticating program aborts. Alternatively, the user may be given another chance to enter the correct PIN. If the PIN was correctly entered or a PIN was not required, in step 116, a communication, including DDA command data, is prepared in accordance with the EMV Specs, and in step 118, the DDA command (with DDA command data) is sent to the card application.
  • the card via the EMV Spec payment security technique having the application which supports the payment dynamic data authentication function, processes the DDA command and data, preferably using the stored PIN result and user identifier information.
  • the user identifier information may include a payment account number.
  • the card application returns the DDA data to the authenticating software.
  • the authenticating software authenticates the returned
  • step 126 it is determined whether the returned DDA data is authentic. If the data is not authentic, the authenticating program aborts. If the returned DDA data is authentic, then log-in to the non-payment application is permitted in step 128.

Abstract

A method is provided for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network. Authentication software is provided at the remote location and it drives the authentication process over the network as if it were a payment transaction. The chip payment application supports a payment dynamic data authentication function to provide a payment response to the authentication software which verifies, through public key infrastructure, that the card is authentic based on the response. Access to the non-payment application is allowed based on the verification.

Description

SYSTEM AND METHOD FOR ENABLING UNIVERSAL LOG-IN
SPECIFICATION PRIORITY APPLICATION This application claims priority to United States provisional application serial number 60/201 ,790, filed on May 4, 2000, and entitled "SYSTEM AND METHOD FOR ENABLING UNIVERSAL LOG-IN," which is hereby incorporated by reference.
BACKGROUND OF THE INVENTION The present invention relates to digital identification products and more specifically to a system and method for providing a umversal log-in to software programs and web sites. Presently, there are numerous digital ID products on the market but none take advantage of payment card specifications to provide for universal log-in capability.
SUMMARY OF THE INVENTION It is therefore an obj ect of the present invention to use the functionality defined in a particular set of payment card specifications, namely those issued by Europay International S.A., MasterCard International Incorporated and Visa International Service Association ("the EMV specifications") in a different way to achieve a different end result, namely, identification of a cardholder to a piece of software or web site, thereby providing a universal log-in capability.
In accordance with a preferred embodiment of the invention, a method is provided for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network through the use of a local chip card reader at the user location. The method preferably includes the following steps: providing the chip payment application with a payment security technique having at least one application that supports a payment dynamic data authentication function; providing at the remote host site instead of at the user location a public key infrastructure and payment chip terminal authentication software; reading by the local chip card reader the chip card; communicating by the payment chip terminal authentication software from the remote host site over the communications network and through the chip card reader with the chip payment application on the chip card; utilizing by the chip card the payment dynamic data authentication function to provide a payment response to the communication; verifying by the remote payment chip terminal authentication software, based on the payment response and through the public key infrastructure, that the chip card is authentic; allowing access to the non-payment application based on the verification.
Preferably, the method further includes: prompting the user for a personal identification number; locally verifying by the chip card the personal identification number; and verifying, based on the local verification step, that the user is authentic.
Preferably, the communication step further includes forwarding by the remote host site over the communications network authentication commands to the chip payment application; and the chip card contains a unique identifier utilized in the payment response. BRIEF DESCRIPTION OF THE DRAWINGS
Exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings in which:
Fig. 1 is a block diagram illustrating the different components preferably utilized in the remote access method of the present invention; and Fig. 2 is a flow chart of a method for logging into a software program or web site according to an exemplary embodiment of the present invention.
While the subject invention will now be described in detail with reference to the figure, it is done so in connection with a preferred embodiment. It is intended that changes and modifications can be made to the described embodiment without departing from the true scope and spirit of the subject invention as defined by the appended claims. DETAILED DESCRIPTION
The EMV Specifications describe a set of functions which, taken together, perform a debit or credit payment function in a secure manner. One of the functions described is dynamic data authentication. Dynamic data authentication (DO A) is the process through which authenticating software, located generally at the point of sale terminal or local card reader device, can send specific commands and data to an EMV-compliant chip card application (on a chip card capable of performing public key cryptography signing functions) and receive data from the card application in response that allows the authenticating software to cryptographically verify that the chip card performed the digital signature. The following EMN specifications are hereby incorporated by reference and familiarity with the specifications is assumed:
EMV '96 Integrated Circuit Card, Terminal and Application Specifications June 30, 1998, Version 3.0
EMV '96 Integrated Circuit Card Specification for Payment Systems, Version 3.1.1, May 31, 1998 (available at http://www.emvco.com/specifications.cfrn).
EMV '96 Integrated Circuit Card Terminal Specifications for Payment Systems, Version 3.1.1, May 31, 1998 (available at http://www.emvco. com/ specifications, cfin).
EMV '96 Integrated Circuit Card Application Specification for Payment Systems, Version 3.1.1, May 31, 1998 (available at http://www.emvco.com/specifications. cfin).
EMN '96 Chip Electronic Commerce Specification, Version 1.0, December 1999 (available at http://www.emvco.com/specifications.cfm).
These publications are collectively referred to herein as the EMV
Specifications.
The present invention uses the DDA functionality specified in the EMV Specifications as the basis of a secure universal log-in function to identify an authorized user to a piece of software or a web site by virtue of the user's authorized possession of a DDA-capable chip application and a valid account number or other valid identifier (such as a primary account number for sign-on use only). The present invention preferably utilizes the existing MasterCard International public key infrastructure, which has been built to support EMV applications. This public key infrastructure is described in the following documents, also incorporated herein by reference (familiarity with which is also presumed):
1. Recommended Specifications for Debit and Credit, Version 2.1 (describes the recommended card requirements for the MasterCard chip card application to support MasterCard debit and credit programs);
2. Minimum Card Requirements for Debit and Credit, Version 2.1 (contains the minimum card requirements when implementing a MasterCard debit or credit program on a chip card);
3. Terminal Requirements for Debit and Credit, Version 2.1 (contains MasterCard's requirements for terminals that accept MasterCard branded debit and credit chip card programs);
4. Personalization Data Specifications for Debit and Credit on Chip, Version 2.1 (specifies the data elements that are needed to create an Application Load File (ALF) which is used in the first stage of the chip personalization process). These documents, collectively referred to as the MasterCard Specs, are available at http://www.mastercard.eom/emv/emvspecs02.html#emvl.
The present invention may also utilize PIN or password verification by the chip card application at the instigation of the authenticating software. Alternatively, other methods of cardholder verification such as biometric verification methods may be used. Successful completion of such a PIN verification by the card could be communicated to the authenticating software in the data elements defined by the EMV Specifications for this purpose with the integrity of that data element being confirmed by the DDA.
In accordance with a preferred embodiment of the invention, a method is provided for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network. Previously, all chip payment applications residing on a chip card communicated directly at the user site with a card reader or point-of-sale device which itself, based on authenticating software stored locally at the user site, verified, for payment purposes, the authenticity of the card and the user, the latter depending on whether a personal identification number was provided. In contrast, the present invention contemplates using payment applications and payment security techniques in a different manner and in a different context — not for purposes of authorizing payment transactions but instead for allowing access to non-payment applications and websites over a communications network. To accomplish this, payment chip terminal authentication software is placed not at the point of sale or at the user site but is instead placed at a remote host site location to allow for access to a non-payment application, such as a website, located remotely from the user location. The remote host site, stored with the authenticating software, drives the authentication process with the local chip card in accordance with a payment public key infrastructure, over a communications network, for purposes of allowing access to non-payment applications.
In accordance with the preferred embodiment of the invention, the process starts with the consumer/client at a computer moving his or her browser to a website having an access controlled area on the Internet. The provider of this restricted service operates a digital identification processing component (e.g., the authentication software) at the remote host server site that will inquire regarding the capability of the client computer to perform an authentication transaction. If the client computer signals the availability of such a service, then the client side component will be activated by the server. Performing what it considers to be a payment procedure, it sends an authentication request to the service provider.
Figure 1 illustrates the structural or processing components involved in the preferred method of the present invention. As shown, a chip card 10 issued by an issuer contains a chip payment application 12 with a payment security technique having at least one application that preferably supports a payment dynamic data authentication function 14. Preferably, the chip card contains a unique identifier for the purpose of identifying the card and the issuer, and it also contains a secret key for use with the payment security technique.
A card reader 16 is provided at the user location (preferably attached to the user's computer) for reading (or electromechanical connection to) the card 10. The electrical interface and transmission protocols should comply with the requirements in the EMV Specs. The reader should also be available with RS232 or USB connection, or it can be built into the user/client computer 18, which will now be described.
The user/client computer 18 will provide the interface between the card reader and the merchant/service provider component. The user/client software will preferably be downloaded from the web, if not already installed on the computer. It will preferably handle the following local functions: accepting the request from the remote site; prompting the cardholder to insert the card into the reader; optionally prompting the cardholder to enter his or her PIN; verifying the PIN with the application on the card; and performing the local processing in accordance with the EMV Specs.
At the remote host site, there is provided a payment public key infrastructure (PKI) 20, for instance in accordance with the MasterCard Specs, and payment chip terminal authentication software 22. The authenticating software 22 drives the communication with the card in accordance with the flow chart depicted in Figure 2.
Fig. 2 is a flow chart of a method for logging into an authenticating software (e.g., a software program or web site) according to an exemplary embodiment of the present invention. The term "per EMV" in Fig. 2 indicates that an operation is performed according to the EMV Specifications. With reference to Fig. 2, in step 100, a card application on an integrated circuit ("IC") card is initiated by the authenticating software at the remote host site location. In step 102, it is preferably determined if PIN verification is required for the card application. If PIN verification is required, a PIN is obtained from a user in step 104. In step 106, a "VERIFY PIN" command is sent to the card application. In step 108, the card application performs PIN verification using a stored PIN in the IC card. This is done in accordance with the EMV Specs. In step 110, the result of the PIN verification is stored in the IC card, and in step 112, the PIN verification result is returned to the authenticating software per the EMV Specs.
In step 114, it is determined whether the PIN was correctly entered. If the PIN was not correctly entered, the authenticating program aborts. Alternatively, the user may be given another chance to enter the correct PIN. If the PIN was correctly entered or a PIN was not required, in step 116, a communication, including DDA command data, is prepared in accordance with the EMV Specs, and in step 118, the DDA command (with DDA command data) is sent to the card application.
In step 120, the card, via the EMV Spec payment security technique having the application which supports the payment dynamic data authentication function, processes the DDA command and data, preferably using the stored PIN result and user identifier information. The user identifier information may include a payment account number. In step 122, the card application returns the DDA data to the authenticating software. In step 124, the authenticating software authenticates the returned
DDA data using the payment public key cryptography, as specified in the EMV Specifications. The present invention preferably utilizes the existing MasterCard International payment public key infrastructure 20, as described in the MasterCard Specs, which has been built to support EMV Specifications. In step 126, it is determined whether the returned DDA data is authentic. If the data is not authentic, the authenticating program aborts. If the returned DDA data is authentic, then log-in to the non-payment application is permitted in step 128.
The foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise numerous systems and methods which, although not explicitly shown or described herein, embody the principles of the invention and thus within the spirit and scope of the invention.

Claims

1. A method for enabling universal remote access by a user of a chip payment application on a chip card to a remote non-payment application over a communications network through the use of a local chip card reader at the user location, comprising the following steps: providing said chip payment application with a payment security technique having at least one application that supports a payment data authentication function; providing at said remote host site a public key infrastructure and payment chip terminal authentication software; reading by said local chip card reader said chip card; communicating by said payment chip terminal authentication software from said remote host site over said communications network and through said chip card reader with said chip payment application on said chip card; utilizing by said chip card said payment data authentication function to provide a payment response to said communication; verifying by said remote payment chip terminal authentication software, based on said payment response and through said public key infrastructure, that said chip card is authentic; allowing access to said non-payment application based on said verification.
2. The method of claim 1, wherein said payment data authentication function is a payment dynamic data authentication function.
3. The method of claim 2, further comprising the steps of: prompting said user for a personal identification number; locally verifying by said chip card said personal identification number; and wherein said verification step further includes, based on the local verification step, verifying that said user is authentic.
4. The method of claim 3, wherein said communication step further includes forwarding by said remote host site authentication commands to said chip payment application; and wherein said payment response responds to said commands.
5. The method of claim 4 wherein said chip card contains a unique identifier and wherein said payment response utilizes said unique identifier.
PCT/US2001/014485 2000-05-04 2001-05-04 System and method for enabling universal log-in WO2001084452A2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
EP01933029A EP1281149A2 (en) 2000-05-04 2001-05-04 System and method for enabling universal log-in
AU5949401A AU5949401A (en) 2000-05-04 2001-05-04 System and method for enabling universal log-in
AU2001259494A AU2001259494B2 (en) 2000-05-04 2001-05-04 System and method for enabling universal log-in
CA002408014A CA2408014A1 (en) 2000-05-04 2001-05-04 System and method for enabling universal log-in
JP2001581192A JP2003532236A (en) 2000-05-04 2001-05-04 Universal login system and method
HK03105054.9A HK1052776A1 (en) 2000-05-04 2003-07-12 System and method for enabling universal log-in

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US20179000P 2000-05-04 2000-05-04
US60/201,790 2000-05-04

Publications (2)

Publication Number Publication Date
WO2001084452A2 true WO2001084452A2 (en) 2001-11-08
WO2001084452A3 WO2001084452A3 (en) 2002-06-27

Family

ID=22747303

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/014485 WO2001084452A2 (en) 2000-05-04 2001-05-04 System and method for enabling universal log-in

Country Status (7)

Country Link
EP (1) EP1281149A2 (en)
JP (1) JP2003532236A (en)
AU (2) AU2001259494B2 (en)
CA (1) CA2408014A1 (en)
HK (1) HK1052776A1 (en)
WO (1) WO2001084452A2 (en)
ZA (1) ZA200208825B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100492967C (en) * 2004-11-26 2009-05-27 王小矿 Sale managing method based on dynamic coding
CN100492968C (en) * 2004-11-26 2009-05-27 王小矿 Anti-fake technology based on dynamic cipher
CN100492966C (en) * 2004-11-26 2009-05-27 王小矿 Identity certifying system based on intelligent card and dynamic coding
CN102480355A (en) * 2011-03-18 2012-05-30 贾松仁 Anti-counterfeiting method and anti-counterfeiting device with dynamic token

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5578808A (en) * 1993-12-22 1996-11-26 Datamark Services, Inc. Data card that can be used for transactions involving separate card issuers
EP0807911A2 (en) * 1996-05-15 1997-11-19 RSA Data Security, Inc. Client/server protocol for proving authenticity
WO1999012086A2 (en) * 1997-09-04 1999-03-11 Citicorp Development Center, Inc. Method and system for banking institution interactive center

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6385729B1 (en) * 1998-05-26 2002-05-07 Sun Microsystems, Inc. Secure token device access to services provided by an internet service provider (ISP)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5578808A (en) * 1993-12-22 1996-11-26 Datamark Services, Inc. Data card that can be used for transactions involving separate card issuers
EP0807911A2 (en) * 1996-05-15 1997-11-19 RSA Data Security, Inc. Client/server protocol for proving authenticity
WO1999012086A2 (en) * 1997-09-04 1999-03-11 Citicorp Development Center, Inc. Method and system for banking institution interactive center

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100492967C (en) * 2004-11-26 2009-05-27 王小矿 Sale managing method based on dynamic coding
CN100492968C (en) * 2004-11-26 2009-05-27 王小矿 Anti-fake technology based on dynamic cipher
CN100492966C (en) * 2004-11-26 2009-05-27 王小矿 Identity certifying system based on intelligent card and dynamic coding
CN102480355A (en) * 2011-03-18 2012-05-30 贾松仁 Anti-counterfeiting method and anti-counterfeiting device with dynamic token
CN102546175A (en) * 2011-03-18 2012-07-04 贾松仁 Anti-counterfeiting device and anti-counterfeiting method

Also Published As

Publication number Publication date
EP1281149A2 (en) 2003-02-05
AU5949401A (en) 2001-11-12
WO2001084452A3 (en) 2002-06-27
ZA200208825B (en) 2003-05-21
JP2003532236A (en) 2003-10-28
AU2001259494B2 (en) 2006-02-02
CA2408014A1 (en) 2001-11-08
HK1052776A1 (en) 2003-09-26

Similar Documents

Publication Publication Date Title
US9760939B2 (en) System and method for downloading an electronic product to a pin-pad terminal using a directly-transmitted electronic shopping basket entry
EP3098786A1 (en) Emv transactions in mobile terminals
AU2005208908A1 (en) System and method for secure telephone and computer transactions
EP2761553A2 (en) Payment system
JP2008282408A (en) Internet business security system
WO2003065164A3 (en) System and method for conducting secure payment transaction
WO2002049255A2 (en) Method and system for verifying the identify of on-line credit card purchases through a proxy transaction
JP2005507533A (en) EMV payment processing method using IrFM
US20230065485A1 (en) System and method for processing chip-card transactions from a host computer
US20050289052A1 (en) System and method for secure telephone and computer transactions
US9152957B2 (en) System and method for downloading an electronic product to a pin-pad terminal after validating an electronic shopping basket entry
RU2644132C2 (en) Method, system and device for checking validation of transaction process
AU2001259494B2 (en) System and method for enabling universal log-in
US11880840B2 (en) Method for carrying out a transaction, corresponding terminal, server and computer program
KR20110029031A (en) System and method for authenticating financial transaction using electric signature and recording medium
AU2001259494A1 (en) System and method for enabling universal log-in
KR20110029032A (en) Method for processing issue public certificate of attestation, terminal and recording medium
KR101190745B1 (en) System for paying credit card using internet otp security of mobile phone and method therefor
KR200458538Y1 (en) System for Operating End-to-End Security Channel between Server and IC Card
KR101471006B1 (en) Method for Operating Certificate
KR101598993B1 (en) Method for Operating Certificate
KR101471000B1 (en) Method for Operating Certificate
KR101519580B1 (en) Method for Operating Certificate
KR101541539B1 (en) Method for Operating Certificate
WO2023186480A1 (en) Method for enrolling a public key on a server

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWE Wipo information: entry into national phase

Ref document number: 2408014

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2002/08825

Country of ref document: ZA

Ref document number: 200208825

Country of ref document: ZA

WWE Wipo information: entry into national phase

Ref document number: 2001259494

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 2001933029

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001933029

Country of ref document: EP