WO2014063710A1 - Identity verification - Google Patents

Identity verification Download PDF

Info

Publication number
WO2014063710A1
WO2014063710A1 PCT/DK2013/050341 DK2013050341W WO2014063710A1 WO 2014063710 A1 WO2014063710 A1 WO 2014063710A1 DK 2013050341 W DK2013050341 W DK 2013050341W WO 2014063710 A1 WO2014063710 A1 WO 2014063710A1
Authority
WO
WIPO (PCT)
Prior art keywords
entity
string
challenge
identity
communication
Prior art date
Application number
PCT/DK2013/050341
Other languages
French (fr)
Inventor
Jan Nørskov LAURSEN
Claus Ambjørn CHRISTOPHANI
Morten Djernæs
Original Assignee
Pamci Networks Denmark Aps
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Pamci Networks Denmark Aps filed Critical Pamci Networks Denmark Aps
Publication of WO2014063710A1 publication Critical patent/WO2014063710A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Definitions

  • the present invention relates to verification of identity and establishment of secure communication.
  • an improved method of identifying an entity would be advantageous, and in particular a more efficient and/or reliable verification method and system would be advantageous.
  • Examples where secure identification is needed include bank transactions, e.g. when a person wishes to conduct banking transactions via the internet or via a phone call or even in person, the bank needs to verify that the person calling or using e.g. web bank, is actually who he or she says. If the person is not who he or she says, the bank will be liable for losses and may face discredit and loss of goodwill.
  • banking transactions over the internet there are many technical ways of circumventing the security solutions. Man-in-the-middle attacks, phishing or pharming are some of the methods used by criminals for directing funds or transactions away from the intended receivers.
  • the invention is particularly, but not exclusively, advantageous for obtaining a secure validation of an entity's identity when establishing communication between two entities.
  • the above described object and several other objects are intended to be obtained in a first aspect of the invention by providing a method of verifying the identity of a first entity.
  • the method is useful when the first entity has established communication with a second entity. This could e.g. be via a public telephone network, a data network such as the internet or a dedicated data communication line or any other suitable way of communication, even when two people are facing each other, the method may be used for verifying the identity of the person.
  • the method may comprise the step of the first entity transmitting a set of identity information identifying the first entity to the second entity.
  • the method is used for verifying this identity.
  • the method may comprise the second entity requesting confirmation of the identity of said first entity by transmitting a challenge to the first entity based on the set of identity information to the first entity and a server comprising a set of records identifying at least said first entity.
  • the server may for instance be a remotely placed computer device or a locally placed computer device used by the second entity.
  • the second entity sends a request to the server along with the identity to be confirmed.
  • the server comprises an algorithm for determining a response, this response is communicated to the second entity, preferably along with or at least after, a challenge is returned to the second entity.
  • the server returns a correct response to the challenge to said second entity.
  • the challenge is then communicated to the first entity.
  • the first entity is in possession of a device comprising an input unit, a data processor and an output unit.
  • the device comprises information relating to the identity of the first entity.
  • the first entity enters the challenge via the input unit.
  • the device returns a reply in response to the challenge via the output device.
  • the method may comprise the first entity returning the reply to the challenge, i.e. to the second entity, and the second entity comparing the reply to said correct response. Provided the reply and the correct response are identical, or at least confirms that the two replies are identical within a given threshold, it is established that the first entity have provided the correct identity.
  • the method may be useful in hospitals or heath care settings where an individual is calling for a telephone consultation, the doctor answering may wish to prescribe medication or refer to other specialists and will have a need to verify the identity of the person calling.
  • the method may also be used for signing emails. This may include sending a challenge in a first email and in the reply a proper response to the challenge is included so that the receiver can verify that the replier is the correct person or entity.
  • the device may be communicational isolated. This reduces the risk of outside tampering with the device. By not having a communication device in the device, the holder of the device is not faced with the risk of other obtaining access to the data stored on the device, including any data used for establishing the response to a challenge.
  • secure communication may comprise communication via the internet.
  • the method may be used for e.g. banking transactions or email communication, or the like over the internet where there is a need for secure identification of the entity requesting the transaction.
  • the entity may be an application, e.g. run in a browser.
  • Communication may be established via SSL, HTTPS or other suitable way of data communication, even non-encrypted communication may be used.
  • the device may be been initialised with a string of characters uniquely identifying said first entity.
  • a PIN code and two salt numbers are assigned to the user.
  • the user receives these pieces of information and uses them to initiate the device.
  • the same information is stored on a server so that when a transaction is requested, a challenge is sent from the server to the requester (the second entity).
  • the user (first entity) then enters the challenge, as described elsewhere, into the device.
  • the server and the device have the same information, the same response will arise and the identity is thus verified, as described above.
  • the server may comprise the string of characters.
  • the challenge may be a string of characters.
  • the string of characters may be a string of digits and/or a string of letters and/or one word and/or a plurality of words.
  • the reply may be a string of characters.
  • the characters may be a string of digits and/or a string of letters and/or one word and/or a plurality of words.
  • the users of the method may prefer that the challenge and the reply comprise the same type of information, e.g. numbers in both cases or e.g. a mix of numbers, letter and/or other characters. Even words may be formed. Each letter may then be assigned a specific number so that a processor is able to compute proper responses.
  • the reply may be formed on the basis of a hash value.
  • the hash value is a controlled distortion of information.
  • the first entity and the second entity may communicate via a data communication and/or via vocal communication. This could include the internet via a computer.
  • the user may use a web based banking program, a dedicated program, an app on a smartphone or any other program for established communication to a bank or other entity.
  • the device may use a value from a counter when establishing the reply in response to the challenge. This adds to the randomness of the reply while doing so in a controlled manner.
  • the value from the counter causes different replies to identical challenges, provided the values of the counter in two instances are different.
  • the server may have a corresponding counter that, when being asked for a challenge, increments the counter accordingly.
  • the counter may be incremented according to a predefined schedule in both the device and the server.
  • the server may adjust its counter if case irregularities are detected.
  • a second aspect of the present invention relates to a device for use in a system for establishing the identity of an first entity, the system comprising a server including a database having a set of identity related entries, a communication line to a second entity, the device being configured to perform the steps of the method according to the first aspect.
  • the device has a size comparable to a credit card. By using this size, the device is handy and most people are used to handle cards of this size. Further, most wallets have compartments so that the user may easily carry the device around.
  • the device is distributed without any user-related information.
  • the user Upon receiving or purchasing the device, the user will have received or will receive initialisation information. This could be in the form of a PIN code and two salt numbers as discussed above.
  • the device may comprise an internal storage for storing a software implementation of the steps of the method according to the first aspect.
  • the device is isolated from communication with other devices or communication systems. This means that the device does not comprise any communication units, and therefore no communication to external devices may be established, thus machine to machine communication is avoided.
  • an input device and output device is not considered as communication devices.
  • the input device and output device are only intended to allow the user to input challenges and read results, and input initialization information.
  • the invention relates to a computer program product being adapted to enable a computer system comprising at least one computer having data storage means in connection therewith to control a system according to the second aspect of the invention.
  • This aspect of the invention is particularly, but not exclusively, advantageous in that the present invention may be accomplished by a computer program product enabling a computer system to carry out the operations of the apparatus/ system of the first aspect of the invention when downloaded or uploaded to the computer system.
  • a computer program product may be provided on any kind of computer readable medium, or through a network.
  • Fig. 1 is a schematic illustration of steps of when identity is verified
  • Fig. 2 is a schematic illustration of steps of a method
  • Fig. 3 is a schematic illustration of a device.
  • a first entity 10 establishes communication, indicated via the line 12, to a second entity 14.
  • the communication 12 includes a first indication of the identity of the entity 10.
  • the second entity 14 transmits a request 16 to a server 18.
  • the request 16 comprises the identity of the first entity 10.
  • the server 18 comprises a data base or data storage 20 comprising data relating to the identity of a set of entities If the identity of the first entity 10 is present in the database 20, the server 18 returns 22 a challenge for the second entity 14 to return 24 to the first entity 10.
  • the challenge returned 22 from the server 18 may be accompanied by an expected reply.
  • the user When the first entity 10 receives the challenge, the user enters the challenge into a device, described later.
  • the device returns a reply that is forwarded to 26 the second entity 14.
  • the second entity 14 compares 28 the returned reply to the expected result.
  • the reply is forwarded to the server where the reply is compared to the expected reply and an indication on the authenticity of the reply is provided.
  • a range of first entities may communicate with the second entity 14 as indicated by the punctured lines 30 and 32.
  • Fig. 2 schematically illustrates steps of a method 100 of verifying identity of a first entity.
  • the first entity has established communication with a second entity.
  • the method 100 comprises the step 110 of the first entity transmitting a set of identity information identifying the first entity to the second entity.
  • the method 100 comprises the step 120 of the second entity requesting confirmation of the identity of the first entity by transmitting a challenge to the first entity based on the set of identity information to the first entity and a server comprising a set of records identifying at least the first entity, the server returning a correct response to the challenge to the second entity.
  • the method 100 comprises the step 130 of the first entity to have a device comprising an input unit, a data processor and an output unit, the device comprises information relating to identity of the first entity, when the first entity receives the challenge the first entity entering the challenge via the input unit, the device returning a reply in response to the challenge via the output device.
  • the method 100 comprises the step 140 of the first entity returning the reply to the challenge.
  • the method 100 comprises the step 150.
  • the method 100 comprises the step of the second entity comparing the reply to the correct response.
  • Fig. 3 schematically illustrates a device 200.
  • the device 200 is configured to perform at least the steps of the method as described above.
  • the device 200 comprises a housing 205.
  • the housing 205 has the same outline as a credit card.
  • the device 200 comprises a display 210.
  • the display 210 has the capacity to display up to 10 numbers at once.
  • the display 210 is a LCD display as this has the lowest possible power
  • the input device 220 allows the user to input a challenge received from a second entity as described above.
  • the input device 220 may also be used when initialising the device 200.
  • the user receives initialisation information from a provider. This may e.g. be a PIN code and two salt numbers related to the user.
  • the user then inputs the information to the device 200 using the input device 220.
  • the initialisation information is provided to the user independent of the delivery of the device 200. This also allows the user to procure a device at e.g. a super market, gas station or the like, while the initialisation information is provided from a trusted source, e.g. a bank or other financial institutions.
  • the device 200 comprises a power source 230 in the form of a battery.
  • the device 200 comprises a processor 240 for processing data.
  • the processor 240 is in communication with a data storage 250.
  • the data storage 250 is configured to store, amongst other data, the initialisation information. Also, the data storage 250 is configured to hold a data program for performing cryptographic
  • controllers for controlling transfer of data to and from the processor and memory may be provided in order for the device 200 to function properly.
  • a PIN code may be used for limiting the functionally access to the device 200. The uses must then remember the PIN code in order to enter a challenge.
  • the device 200 may also comprise analogue sensors such as audio sensors, video sensors, electro resistive sensor, fingerprint sensor, thermic sensor or other suitable mechanical sensors or bio sensors.
  • the device 200 does not come into contact or communication with other systems. Thus, the device does not allow connection via cabled or wireless connection.
  • the device 200 does not comprise any communication device and is thus isolated from other devices, which improves security of the device.
  • a PIN code comprising e.g. 4 digits, such as ⁇ 8086'.
  • the user is further provided with a unique string of numbers, called saltl, which could be 20 digits, e.g. ⁇ 38978763098720987386'.
  • the user is further provided with a second unique string of digits, called salt2, which could be 6 numbers, such as '3876493'.
  • saltl a unique string of numbers
  • salt2 a second unique string of digits, called salt2 which could be 6 numbers, such as '3876493'.
  • the method of encryption, used for calculating the response to a challenge is a hash function.
  • the hash function is an irreversible distortion of data.
  • the number 6 may arise from other permutations of the string ⁇ 123' such as ⁇ 321', ⁇ 132', ⁇ 312' ⁇ 213', ⁇ 231'.
  • Based on a cryptographic hash function a large range of irreversible hash values may be established.
  • a validation authority provides a challenge such as "123456”. This string of digits is entered by the user into the device along with the PIN code. The device then calculates a reply to the challenge based on the challenge and the PIN code and the stored salt values. The result of the calculation is provided to the user in the form of a string of digits, such as "387643". This result is returned to the validation authority.
  • the validation authority provides the same challenge to a server.
  • the request comprises two elements, namely user id and challenge.
  • the server calculates a result which is returned to the validation authority, this could e.g. be "387643".
  • the validation authority compares the two results. If the two results match, the identity of the person is verified.
  • the method may be used for verifying a piece of information, #a-information, e.g. an email, so that the receiver of the information has verification of the identity of the sender and the integrity of the information.
  • the device comprises a PIN code, and two salt numbers, #a-pin, #a-saltl, #a-salt2.
  • the information could be a bank account number for the transfer of an amount of money.
  • the user, #a-user enters a PIN code and a value which result in a cryptographic hash value, #eval-l. This result is then transmitted parallel with the information, #a-information, to the receiver.
  • the receiver transmits a request to a server to obtain a result, #eval-2, on the basis of the id #a-user and the information, #a-information.
  • the server calculates a cryptographic hash value on the basis of #a-user, #a-information, and data relating to #a-user, namely: #a- pin, #a-saltl, #a-salt2.
  • the server returns #eval-2. If the #eval-2 and #eval-l are identical, it is verified that the sender's identity is known and the integrity of the data is retained.
  • the method is further improved.
  • the counter may be incremented.
  • the increment may be performed according to a predefined schedule. In this way it is ensured that the result of a reused challenge is not identical each time. As an example, a given hash value for the string '123456' will yield '384763' in one instance and the next time it is used, it will yield '847392'. The same increment is performed at the server.
  • the invention can be implemented by means of hardware, software, firmware or any combination of these.
  • the invention or some of the features thereof can also be implemented as software running on one or more data processors and/or digital signal processors.
  • the individual elements of an embodiment of the invention may be physically, functionally and logically implemented in any suitable way such as in a single unit, in a plurality of units or as part of separate functional units.
  • the invention may be implemented in a single unit, or be both physically and functionally distributed between different units and processors.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention relates to verification of identity and establishment of secure communication. The present invention relates to a method of securely establishing a verified identity of a first entity engaged in communication with a second entity. The present invention also provides a device used in such a method and a system for performing the verification of identity.

Description

TITLE
Identity verification
FIELD OF THE INVENTION
The present invention relates to verification of identity and establishment of secure communication.
BACKGROUND OF THE INVENTION In general situations where communication over non-dedicated communication lines is performed, there is a need to ensure that the person in one end of the communication is actually who he or she claims to be. The personal and business orientated communication between people is nowadays often performed over large physical distances. This distance may sometimes bring uncertainty as to the identity of the person you are in contact with and the reliability of the information exchanged.
Hence, an improved method of identifying an entity would be advantageous, and in particular a more efficient and/or reliable verification method and system would be advantageous.
OBJECT OF THE INVENTION
Therefore there is a need for an improved method, device and system for verifying the identity of an entity engaged in communication with another entity.
It is a further object of the present invention to provide an alternative to the prior art. SUMMARY OF THE INVENTION
Examples where secure identification is needed include bank transactions, e.g. when a person wishes to conduct banking transactions via the internet or via a phone call or even in person, the bank needs to verify that the person calling or using e.g. web bank, is actually who he or she says. If the person is not who he or she says, the bank will be liable for losses and may face discredit and loss of goodwill. When conducting banking transactions over the internet, there are many technical ways of circumventing the security solutions. Man-in-the-middle attacks, phishing or pharming are some of the methods used by criminals for directing funds or transactions away from the intended receivers.
The invention is particularly, but not exclusively, advantageous for obtaining a secure validation of an entity's identity when establishing communication between two entities.
Thus, the above described object and several other objects are intended to be obtained in a first aspect of the invention by providing a method of verifying the identity of a first entity. The method is useful when the first entity has established communication with a second entity. This could e.g. be via a public telephone network, a data network such as the internet or a dedicated data communication line or any other suitable way of communication, even when two people are facing each other, the method may be used for verifying the identity of the person. The method may comprise the step of the first entity transmitting a set of identity information identifying the first entity to the second entity. The identity
information may be a user name or user number, social security number, other types of a public identification number or other information that serves to establish an indication of identity of the first entity. The method is used for verifying this identity. The method may comprise the second entity requesting confirmation of the identity of said first entity by transmitting a challenge to the first entity based on the set of identity information to the first entity and a server comprising a set of records identifying at least said first entity. The server may for instance be a remotely placed computer device or a locally placed computer device used by the second entity. In a presently preferred embodiment the second entity sends a request to the server along with the identity to be confirmed. The server comprises an algorithm for determining a response, this response is communicated to the second entity, preferably along with or at least after, a challenge is returned to the second entity. Thus, the server returns a correct response to the challenge to said second entity. The challenge is then communicated to the first entity. The first entity is in possession of a device comprising an input unit, a data processor and an output unit. The device comprises information relating to the identity of the first entity. When in use and the first entity receives the challenge, the first entity enters the challenge via the input unit. The device returns a reply in response to the challenge via the output device. The method may comprise the first entity returning the reply to the challenge, i.e. to the second entity, and the second entity comparing the reply to said correct response. Provided the reply and the correct response are identical, or at least confirms that the two replies are identical within a given threshold, it is established that the first entity have provided the correct identity.
The method may be useful in hospitals or heath care settings where an individual is calling for a telephone consultation, the doctor answering may wish to prescribe medication or refer to other specialists and will have a need to verify the identity of the person calling. The method may also be used for signing emails. This may include sending a challenge in a first email and in the reply a proper response to the challenge is included so that the receiver can verify that the replier is the correct person or entity. Advantageously, the device may be communicational isolated. This reduces the risk of outside tampering with the device. By not having a communication device in the device, the holder of the device is not faced with the risk of other obtaining access to the data stored on the device, including any data used for establishing the response to a challenge.
Advantageously, secure communication may comprise communication via the internet. The method may be used for e.g. banking transactions or email communication, or the like over the internet where there is a need for secure identification of the entity requesting the transaction. In such a case, the entity may be an application, e.g. run in a browser. Communication may be established via SSL, HTTPS or other suitable way of data communication, even non-encrypted communication may be used.
Advantageously, the device may be been initialised with a string of characters uniquely identifying said first entity. This could include a PIN code and possibly salt number. In a presently preferred embodiment when a user is created in a system using the method, a PIN code and two salt numbers are assigned to the user. The user receives these pieces of information and uses them to initiate the device. The same information is stored on a server so that when a transaction is requested, a challenge is sent from the server to the requester (the second entity). The user (first entity) then enters the challenge, as described elsewhere, into the device. As the server and the device have the same information, the same response will arise and the identity is thus verified, as described above. Thus, the server may comprise the string of characters.
Advantageously, the challenge may be a string of characters. The string of characters may be a string of digits and/or a string of letters and/or one word and/or a plurality of words. Advantageously, the reply may be a string of characters. The characters may be a string of digits and/or a string of letters and/or one word and/or a plurality of words. The users of the method may prefer that the challenge and the reply comprise the same type of information, e.g. numbers in both cases or e.g. a mix of numbers, letter and/or other characters. Even words may be formed. Each letter may then be assigned a specific number so that a processor is able to compute proper responses.
Advantageously, the reply may be formed on the basis of a hash value. This is computationally advantageous in that the hash value is a controlled distortion of information. As an example, the checksum of the string λ123' is 1+2+3=6. But this value may be obtained in a number of ways. If only knowing the result, λ6', it is impossible to know if it came from the string λ132', λ213' λ321' or λ123', or any other permutation. Advantageously, the first entity and the second entity may communicate via a data communication and/or via vocal communication. This could include the internet via a computer. Using such a data communication, the user may use a web based banking program, a dedicated program, an app on a smartphone or any other program for established communication to a bank or other entity. Advantageously, the device may use a value from a counter when establishing the reply in response to the challenge. This adds to the randomness of the reply while doing so in a controlled manner. The value from the counter causes different replies to identical challenges, provided the values of the counter in two instances are different. The server may have a corresponding counter that, when being asked for a challenge, increments the counter accordingly. The counter may be incremented according to a predefined schedule in both the device and the server. The server may adjust its counter if case irregularities are detected. A second aspect of the present invention relates to a device for use in a system for establishing the identity of an first entity, the system comprising a server including a database having a set of identity related entries, a communication line to a second entity, the device being configured to perform the steps of the method according to the first aspect.
In a presently preferred embodiment, the device has a size comparable to a credit card. By using this size, the device is handy and most people are used to handle cards of this size. Further, most wallets have compartments so that the user may easily carry the device around.
Further, it is presently preferred that the device is distributed without any user- related information. Upon receiving or purchasing the device, the user will have received or will receive initialisation information. This could be in the form of a PIN code and two salt numbers as discussed above.
Advantageously, the device may comprise an internal storage for storing a software implementation of the steps of the method according to the first aspect.
Advantageously, the device is isolated from communication with other devices or communication systems. This means that the device does not comprise any communication units, and therefore no communication to external devices may be established, thus machine to machine communication is avoided. In this connection, an input device and output device is not considered as communication devices. The input device and output device are only intended to allow the user to input challenges and read results, and input initialization information. In a third aspect, the invention relates to a computer program product being adapted to enable a computer system comprising at least one computer having data storage means in connection therewith to control a system according to the second aspect of the invention.
This aspect of the invention is particularly, but not exclusively, advantageous in that the present invention may be accomplished by a computer program product enabling a computer system to carry out the operations of the apparatus/ system of the first aspect of the invention when downloaded or uploaded to the computer system. Such a computer program product may be provided on any kind of computer readable medium, or through a network.
The individual aspects of the present invention may each be combined with any of the other aspects. These and other aspects of the invention will be apparent from the following description with reference to the described embodiments.
BRIEF DESCRIPTION OF THE FIGURES
The method according to the invention will now be described in more detail with regard to the accompanying figures. The figures show one way of implementing the present invention and is not to be construed as being limiting to other possible embodiments falling within the scope of the attached claim set.
Fig. 1 is a schematic illustration of steps of when identity is verified,
Fig. 2 is a schematic illustration of steps of a method, and
Fig. 3 is a schematic illustration of a device.
DETAILED DESCRIPTION OF AN EMBODIMENT In Fig 1 a first entity 10 establishes communication, indicated via the line 12, to a second entity 14. The communication 12 includes a first indication of the identity of the entity 10. The receiver, the second entity 14, receives the communication 12. The second entity 14 transmits a request 16 to a server 18. The request 16 comprises the identity of the first entity 10. The server 18 comprises a data base or data storage 20 comprising data relating to the identity of a set of entities If the identity of the first entity 10 is present in the database 20, the server 18 returns 22 a challenge for the second entity 14 to return 24 to the first entity 10. The challenge returned 22 from the server 18 may be accompanied by an expected reply.
When the first entity 10 receives the challenge, the user enters the challenge into a device, described later. The device returns a reply that is forwarded to 26 the second entity 14.
The second entity 14 compares 28 the returned reply to the expected result.
In another embodiment the reply is forwarded to the server where the reply is compared to the expected reply and an indication on the authenticity of the reply is provided. A range of first entities may communicate with the second entity 14 as indicated by the punctured lines 30 and 32.
Fig. 2 schematically illustrates steps of a method 100 of verifying identity of a first entity. The first entity has established communication with a second entity. The method 100 comprises the step 110 of the first entity transmitting a set of identity information identifying the first entity to the second entity. The method 100 comprises the step 120 of the second entity requesting confirmation of the identity of the first entity by transmitting a challenge to the first entity based on the set of identity information to the first entity and a server comprising a set of records identifying at least the first entity, the server returning a correct response to the challenge to the second entity. The method 100 comprises the step 130 of the first entity to have a device comprising an input unit, a data processor and an output unit, the device comprises information relating to identity of the first entity, when the first entity receives the challenge the first entity entering the challenge via the input unit, the device returning a reply in response to the challenge via the output device. The method 100 comprises the step 140 of the first entity returning the reply to the challenge. The method 100 comprises the step 150. The method 100 comprises the step of the second entity comparing the reply to the correct response. Fig. 3 schematically illustrates a device 200. The device 200 is configured to perform at least the steps of the method as described above.
The device 200 comprises a housing 205. The housing 205 has the same outline as a credit card. The device 200 comprises a display 210. In the presently preferred embodiment, the display 210 has the capacity to display up to 10 numbers at once.
The display 210 is a LCD display as this has the lowest possible power
consumption.
The input device 220 allows the user to input a challenge received from a second entity as described above. The input device 220 may also be used when initialising the device 200. The user receives initialisation information from a provider. This may e.g. be a PIN code and two salt numbers related to the user. The user then inputs the information to the device 200 using the input device 220. Preferably the initialisation information is provided to the user independent of the delivery of the device 200. This also allows the user to procure a device at e.g. a super market, gas station or the like, while the initialisation information is provided from a trusted source, e.g. a bank or other financial institutions.
The device 200 comprises a power source 230 in the form of a battery. The device 200 comprises a processor 240 for processing data. The processor 240 is in communication with a data storage 250. The data storage 250 is configured to store, amongst other data, the initialisation information. Also, the data storage 250 is configured to hold a data program for performing cryptographic
calculations.
Further, controllers for controlling transfer of data to and from the processor and memory may be provided in order for the device 200 to function properly.
A PIN code may be used for limiting the functionally access to the device 200. The uses must then remember the PIN code in order to enter a challenge. The device 200 may also comprise analogue sensors such as audio sensors, video sensors, electro resistive sensor, fingerprint sensor, thermic sensor or other suitable mechanical sensors or bio sensors. The device 200 does not come into contact or communication with other systems. Thus, the device does not allow connection via cabled or wireless connection. The device 200 does not comprise any communication device and is thus isolated from other devices, which improves security of the device. When a user initialises the device, the user has received a PIN code comprising e.g. 4 digits, such as λ8086'.
The user is further provided with a unique string of numbers, called saltl, which could be 20 digits, e.g. λ38978763098720987386'. The user is further provided with a second unique string of digits, called salt2, which could be 6 numbers, such as '3876493'. In a central server or data base the identity of the user and the initialisation information is stored.
The method of encryption, used for calculating the response to a challenge, is a hash function. The hash function is an irreversible distortion of data. As an example the checksum of the string λ123' is 1+2+3=6. The number 6 may arise from other permutations of the string λ123' such as λ321', λ132', λ312' λ213', λ231'. Based on a cryptographic hash function, a large range of irreversible hash values may be established.
As an example a validation authority provides a challenge such as "123456". This string of digits is entered by the user into the device along with the PIN code. The device then calculates a reply to the challenge based on the challenge and the PIN code and the stored salt values. The result of the calculation is provided to the user in the form of a string of digits, such as "387643". This result is returned to the validation authority.
The validation authority provides the same challenge to a server. The request comprises two elements, namely user id and challenge. On the basis of these two elements, the server calculates a result which is returned to the validation authority, this could e.g. be "387643".
The validation authority compares the two results. If the two results match, the identity of the person is verified.
In an embodiment the method may be used for verifying a piece of information, #a-information, e.g. an email, so that the receiver of the information has verification of the identity of the sender and the integrity of the information. The device comprises a PIN code, and two salt numbers, #a-pin, #a-saltl, #a-salt2.
The information could be a bank account number for the transfer of an amount of money. The user, #a-user, enters a PIN code and a value which result in a cryptographic hash value, #eval-l. This result is then transmitted parallel with the information, #a-information, to the receiver. In order to verify the identity of the sender and the integrity of the information, the receiver transmits a request to a server to obtain a result, #eval-2, on the basis of the id #a-user and the information, #a-information. The server calculates a cryptographic hash value on the basis of #a-user, #a-information, and data relating to #a-user, namely: #a- pin, #a-saltl, #a-salt2. The server returns #eval-2. If the #eval-2 and #eval-l are identical, it is verified that the sender's identity is known and the integrity of the data is retained.
By including a counter in the cryptographic method, the method is further improved. Each time a challenge is provided to the device, the counter may be incremented. The increment may be performed according to a predefined schedule. In this way it is ensured that the result of a reused challenge is not identical each time. As an example, a given hash value for the string '123456' will yield '384763' in one instance and the next time it is used, it will yield '847392'. The same increment is performed at the server.
The invention can be implemented by means of hardware, software, firmware or any combination of these. The invention or some of the features thereof can also be implemented as software running on one or more data processors and/or digital signal processors. The individual elements of an embodiment of the invention may be physically, functionally and logically implemented in any suitable way such as in a single unit, in a plurality of units or as part of separate functional units. The invention may be implemented in a single unit, or be both physically and functionally distributed between different units and processors.
Although the present invention has been described in connection with the specified embodiments, it should not be construed as being in any way limited to the presented examples. The scope of the present invention is to be interpreted in the light of the accompanying claim set. In the context of the claims, the terms "comprising" or "comprises" do not exclude other possible elements or steps. Also, the mentioning of references such as "a" or "an" etc. should not be construed as excluding a plurality. The use of reference signs in the claims with respect to elements indicated in the figures shall also not be construed as limiting the scope of the invention. Furthermore, individual features mentioned in different claims, may possibly be advantageously combined, and the mentioning of these features in different claims does not exclude that a combination of features is not possible and advantageous.

Claims

Claims
1. A method of verifying the identity of a first entity, said first entity has established communication with a second entity, the method comprising :
said first entity transmitting a set of identity information identifying said first entity to said second entity,
said second entity requesting confirmation of the identity of said first entity by transmitting a challenge to said first entity based on the set of identity information to said first entity and a server comprising a set of records identifying at least said first entity, said server returning a correct response to said challenge to said second entity,
said first entity has a device comprising an input unit, a data processor and an output unit, said device comprises information relating to identity of said first entity, when said first entity receives said challenge said first entity entering via said input unit said challenge, said device returning a reply in response to said challenge via said output device,
said first entity returning said reply to said challenge, and
said second entity comparing said reply to said correct response.
2. The method according to claim 1, wherein said device is communicational isolated from other devices or communication systems.
3. The method according to claim 1, wherein said secure communication comprises communication via the internet.
4. The method according to claim 1, wherein said device has been initialised with a string of characters uniquely identifying said first entity.
5. The method according to claim 4, wherein said string of characters is a string of digits and/or a string of letters and/or one word and/or a plurality of words.
6. The method according to claim 4, wherein said server comprises said string of characters.
7. The method according to claim 1, wherein said challenge is a string of characters.
8. The method according to claim 7, wherein said characters of said challenge is a string of digits and/or a string of letters and/or one word and/or a plurality of words.
9. The method according to claim 1, wherein said reply is a string of characters.
10. The method according to claim 9, wherein said string of characters of said reply is a string of digits and/or a string of letters and/or one word and/or a plurality of words.
11. The method according to claim 1, wherein said reply is formed on the basis of a hash value.
12. The method according to claim 1, wherein the first entity and the second entity communicate via a data communication and/or via vocal communication.
13. The method according to claim 1, wherein said device uses value from a counter when establishing said reply in response to said challenge.
14. The method according to claim 13, wherein said value from said counter causes different replies to identical challenges provided said value in two cases are different.
15. A device for use in a system for establishing identity of an first entity, the system comprising a server including a database having a set of identity related entries, a communication line to a second entity, the device being configured to perform the steps of the method according to claim 1.
16. The device according to claim 15, wherein the device comprises an internal storage for storing a software implementation of the steps of the method according to claim 1.
17. The device according to claim 16 being isolated from communication with other devices or communication systems.
PCT/DK2013/050341 2012-10-26 2013-10-25 Identity verification WO2014063710A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201261718910P 2012-10-26 2012-10-26
DKPA201270661 2012-10-26
US61/718,910 2012-10-26
DKPA201270661 2012-10-26

Publications (1)

Publication Number Publication Date
WO2014063710A1 true WO2014063710A1 (en) 2014-05-01

Family

ID=50544042

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DK2013/050341 WO2014063710A1 (en) 2012-10-26 2013-10-25 Identity verification

Country Status (1)

Country Link
WO (1) WO2014063710A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110154440A1 (en) * 2009-12-22 2011-06-23 Juniper Networks, Inc. Dynamic host configuration protocol (dhcp) authentication using challenge handshake authentication protocol (chap) challenge
WO2012068462A2 (en) * 2010-11-19 2012-05-24 Aicent, Inc. Method of and system for extending the wispr authentication procedure

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110154440A1 (en) * 2009-12-22 2011-06-23 Juniper Networks, Inc. Dynamic host configuration protocol (dhcp) authentication using challenge handshake authentication protocol (chap) challenge
WO2012068462A2 (en) * 2010-11-19 2012-05-24 Aicent, Inc. Method of and system for extending the wispr authentication procedure

Similar Documents

Publication Publication Date Title
US20220321359A1 (en) Methods and systems for ownership verification using blockchain
US11736296B2 (en) Biometric verification process using certification token
US9864987B2 (en) Account provisioning authentication
EP3259877B1 (en) Methods and apparatus for secure authentication of user and mobile device
CN204948095U (en) Authenticate device and the mutual system guaranteeing between application program and user
EP3642998B1 (en) Verification and encryption scheme in data storage
CN106575326A (en) System and method for implementing a one-time-password using asymmetric cryptography
US9906525B1 (en) Systems and methods for facilitating secure authentication of third-party applications and/or websites using a biometric-enabled transitory password authentication device
SE1300499A1 (en) Secure two-party comparison transaction system
US9870560B2 (en) Online payment method and a network element, a system and a computer program product therefor
CN109496405B (en) Multi-device authentication method and system using cryptographic techniques
AU2021312370A1 (en) Quantum-safe payment system
CN113015992A (en) Cloud token provisioning of multiple tokens
US20220318805A1 (en) Detailing secure service provider transactions
WO2014063710A1 (en) Identity verification
US20240080668A1 (en) Communication, Authentication, and Validation Using LoRaWAN Protocol
US20240078530A1 (en) Validating transactions between entities using lorawan protocol
US20240080649A1 (en) System and method for determining device status using lorawan
US20240078531A1 (en) Mobile device transaction processing system and method using lorawan communications
WO2020167274A1 (en) A document signing system
WO2023144503A1 (en) Quantum-secure digital currency
WO2021262338A1 (en) Trusted identification of enrolling users based on images and unique identifiers associated with sponsoring users
CN115037484A (en) Digital collection receiving method and device and electronic equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13789481

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 13789481

Country of ref document: EP

Kind code of ref document: A1