BRPI0803444A2 - In-person or non-digitally signed authentication system and identification of fake interfaces through bi-directional communication with mutual-cobam authentication - Google Patents

Abstract

The present invention relates to a system which aims to construct an authentication code, which is a digital signature of user data + business data, enabling secure authentication of any transaction by a user, whether present or present. no, by any existing device on the market, without geographical limitation, for payments, withdrawals, authenticity, approval of qualifications and new products 1 services, valid exclusively for that specific transaction, with those characteristics, without repudiation. It also includes COBAM, which is an unprecedented tool with strong and superior digital security to identify a fake interface and interrupt the provision of sensitive data by the user, before the capture of this sensitive data by a fraudster.

Description

"AUTHENTICATION SYSTEM WITH DIGITALPRESENTIAL SIGNATURE OR NOT AND FAULT INTERFACE IDENTIFICATION SYSTEM WITH MUTUAL-COBAM AUTHENTICATION"

This system aims to build a final code, which is a digital signature, allowing a secure authentication of any transaction made by a user, whether present or not, through any device in the market, without geographical limitation, for payments, withdrawals, authenticity and new products.

The generated final code is valid for a single transaction, reflects both the service user's personal data, as well as all the attributes and values of the transaction that are unauthorized and limited by the service, validating for time, sequence and other attributes as needed.

DIFFERENTIALS

- face-to-face or non-face transactions (access to websites, taxis, delivery, general entertainment, money transfers, authority approvals,

identification / authenticity in the delivery of goods, identification for access to physical locations, payments on Internet sites with credit cards remotely with authentication (without repudiation) followed or not by authorization, among others.

- In the same transaction, additional tasks may be performed by the DNA service provider company, without the need to burden or change the transactional flow of the final service it already offers.

request of sensitive user data, linking business information in the generation of the final code (digital signature). Token, the Password Card are currently used, but they do not solicit sensitive user data as anyone who has it in hand can use it;

Due to the process / protocol of construction of this authentication code it reveals itself as a new solution in digital security, which can be offered domestically or internationally, allowing to make available various products / services and perform various operations, besides creating new ones, optimizing the company's investment in an unattended solution to serve your diverse types of customers and businesses.

- It also has the advantage that it can be informed openly, without secrecy, thus allowing the user to have the security to be doing and concluding exactly what was transacted (negotiated) and also that all his data and the reported data of that transaction are fully secure. and protected;

We have added to this system an innovative digital security tool, which we call COBAM that enables anyone who is entering their sensitive data (password ...) into a data entry interface (InternetBanking screen, for example) of a company / provider. service, the identification of a fake interface as this data enters, allowing the rest of the typing to be interrupted before completion of the capture of this sensitive data by a fraudster.

DESCRIPTION OF TECHNICAL STATE

Currently, in the authentication business, we have a range of solutions, such as static password typing, passphrases, code cards (passwords calledTATA codes) and token keychains that generate dynamic OTP (One Code) passwords. -Time-Password), among others.

These systems that require code entry, static passwords, typing passphrases or keying codes and passwords contained in cartouche (TAM Codes Calls) are released by a simple check. Also, there are tokens, which generate dynamic codes / passwords which have as one of their operating characteristics the synchronization by time or sequence in access.

Thus, we can cite some examples of why the authentication systems currently practiced are unsaturated, unable to satisfactorily supply the market demand, aiming to optimize it:

Need to look for alternatives to expand, decrease fraud (mainly non-presence), increase revenues and decrease costs;

- Extremely competitive and focused mostly on face-to-face fixed cost transactions (solutions that maintain the legacy without cannibalization are necessary, given any investment already made redundant);

Transactions through the Internet continue to grow more than in other channels, favoring user friendliness, potentially increasing investments and fraud;

- Therefore, there is a high rate of fraud in remote areas (Bank Portals, Online Purchases, among others), contributing to the financial loss of institutions, hindering business expansion and negatively affecting their image;

- The financial goals of the institutions are increasingly challenging. The exploited segments are already saturated, resulting in competitive stress (internal and external), excessive pressure from the commercial area and results less and less proportional to the effort demanded;

- Solutions for the B2B market are increasingly attractive due to their high added value, greater control and low transaction cost, which requires strong and secure authentication without repudiation;

Risk / cost / return management remains a major concern of institutions;

- Customer loyalty increasingly depends on the quality, differentiation, reliability and convenience offered to them;

Many institutions are convinced of the need to create increasingly effective authentication mechanisms to reduce financial loss, gain greater user confidence and therefore add value to the brand;

On the user side, there is a need for process flexibility and convenience, added to operational simplicity, "security" and equally low cost;

On the institutions side, there is a continuous need for positioning in relation to its competitors and return to shareholders;

- For reference, the 3 existing authentication factors are: Something you know (Ex .: Password); Something you have (eg Credit Card); Something you are (eg, biometrics).

BRIEF DESCRIPTION OF THE FIGURES

Figure 1 is a first flow chart of the object system of the present invention;

Figure 2 is a second flow chart of the object system of the present invention;

Figure 3 is a third flow chart of the object system of the present invention;

Figure 4 is a fourth flow chart of the system object of the present invention;

Figure 5 is a fifth flow chart of the system object of the present invention;

Figure 6 is a sixth flow chart of the system object of the present invention;

Figure 7 is a seventh flow chart of the system object of the present invention;

Figure 8 is a flow diagram of a bi-directional prior art communication;

Figure 9 is a flowchart of bi-directional communication, object of the present invention; and

Figure 10 is a second flow diagram of bi-directional communication, object of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

As can be seen from Figure 1, the DNA PASS CODE invention is a solution for authenticating the most diverse types of transactional needs (website access, taxi payment, delivery, general entertainment, money transfers, authority approvals, ID confirmation / authenticity in the delivery of goods, identification for access to physical locations, payments on Internet sites with credit cards remotely with authentication, without repudiation, whether or not followed by authorization, among others.

It differs from what currently exists in the market by having additional functionality to the generated code, adding value to it, offering greater security than common tokens for the most diverse transactional needs, by generating a code with electronic signature of business and user information, rather than a simple one. OTP dynamic code can be a remote or face-to-face authentication system in which, through any existing fixed or mobile device marketed, its functionality can be expanded to additional tasks, for example authorizations, not restricted to authentication. In the same transaction, additional tasks can be performed by the service provider company, without the need to burden or change the transactional flow of the final service it is already offering.

Additional tasks to the authentication process that may be performed by the Service Provider: Financial Authorization, Money Transfer, Cell Phone Credit Release, among others, serving the business as a method.

Token, the Password Card are currently used, but they do not solicit sensitive user data (anyone who has it in hand can use it) and display business information in the generation of the final code (digital signature).

There are products that operate on the code-only generation side, signing the code information, not fulfilling the user's authentication function, validating or authorizing the transaction with the DNA service provider's server (for example, the post office employee, a credit card business establishment ..).

Such a system has emerged to meet the need for remote or face-to-face authentication with strong and superior security and digital signature of transaction data and user sensitive data, resulting in code that can be openly informed (not a secret) and only valid for that transaction. specifies, with no repudiation, for whoever should authenticate did so wherever he is.

This makes it possible, for example:

- Purchase on Internet sites with authentications without repudiation, domestically or internationally.

Approval of authority where the approver is not present and a particular operation requires his "signature", but this would only serve the attributes / information that he linked in the generation of the code, such as in a bank transfer transaction: branch, deposit account, value.

- Delivery of goods with consignee "authentication".

- Use of POS (Point of Sale) of credit card companies that can traffic this code, enabling a remote transaction (mobile) with authentication. Ex.: Bearer in your house generating a code for the value X, and passing to a pizza parlor, via telephone or other means, your card number and DNA code, which would be entered in commerce through a POS along with the transaction value, resulting in an authorization of the financial transaction, but with bearer authentication that is not present, in addition to ensuring that the adorner is tampered with, as it was part of the code generation (there will be no repudiation).

Among several others, financial and non-financial.

The system, object of the present invention, offers yet another tool to combat the varied and frequent forms of violation of the authentication system, whether the interested party (user and / or commerce) is present or not, and can safely attend the authentications, authorizations or other additional tasks ( through the connectors, particularity of each company and business), with low cost and flexibility for various businesses.

It all ends with a digital signature, which is a code that may be publicly known (not a secret) and that only applies to that specific transaction, and cannot be later challenged by its originator.

This authentication adds a high value to the concept OTP (One Time Password), which today only generates a code, because we can link to the generation of this code a password and / or user key, as well as business data.

This makes it possible to carry out the most diverse types of transactions, with greater security than existing, preventing the non-recognition of the transaction or business by those involved. By adding several functionalities in the same offer, the market gains new business possibilities, from the moment the establishment / service provider has the ability to authenticate the non-present user, linking the transaction information to their informed sensitive data, resulting in a code that is the "digital signature" of the set (the user ID + user password + key / certificate digital user + data provided by the business) = generation of the authentication code (which we now call DNA). "

It reveals a secure authentication system, without further open dispute, a new solution in digital security, which can be offered domestically or internationally, allowing to make available several

products / services and perform various operations, as well as creating new ones, optimizing the company's investment in a non-plastered solution to serve its various types of customers and businesses.

OPERATION

Firstly, the user and the establishment / service provider company register with the company that will offer the DNA service, enabling the same, obtaining an ID (identification number generated at the same criteria that will be linked to a unique digital key / certificate, per register ), plus the password that will later be used as data to generate the final authentication code, which we call DNA.

The user contacts the establishment / service provider through any mobile or fixed device available on the market (eg TV, phone, mobile phone, video game, computer, etc.) and makes their request / request.

The merchant / service provider defines which business data is required for that specific, non-confidential transaction and informs the user. (Ex: if it is a bank transfer, bank number, branch, checking account, amount; if it is the receipt of an order via post office, person to person, the recipient's identification, for delivery).

Then the user enters his PASSWORD (first secret / factor authentication factor, which only he knows).

When he enters the personal password, together with the key / digital certificate (second authentication factor, something he has) that is tied to his ID, plus the business data provided by the establishment / service provider, he gets a code (DNA ), which is not confidential and serves only for the specific transaction.

This code was generated by the sum of the user's sensitive data + the information that the establishment / service provider gave him / her (This information will always depend directly on the specificity of each business. Ex: a purchase = value, date ...; a transfer of values = number from the bank, branch, c / c ...; receiving an order = authentication of the recipient's identification ..., etc ...).

NOTE: This code was generated within the device used by the user or one that interfaces with a device with this capability. If the user is roaming the Internet (device used as an interface, for example), this key may be with itself or stored on the device on the other side.

The establishment / company providing services possessing the information sent by the user complements, if necessary, with other information, sending to the DNA service provider company, for validation or not of the authentication code, and may also carry out the authorization of the transaction as well as other additional tasks, regardless of connectivity. It is used (internet, telephone, physical environment, wireless, gprs ...).

When the DNA service provider company authenticates the information received from the establishment / service provider company, it can check through the IDs of the company (the confidential information or not). + The business data passed by the establishment / service provider company, validating the code received , based on the specific datransaction data.

The company providing the DNA service ends the operation with authentication and / or authorization, which is an extension of its functionality and will depend on the business needs of each establishment / service company).

SYSTEM DESIGN

Trigger Question: With these known needs, why do we not yet have viable solutions for various authentication (eg payments, accesses, approved approval, digital signature on shipping and receiving goods and / or services (eg post office), Internet purchases, among others? ), taking into account their consequent benefits?

Analysis: Mapping the basic needs of each process entity, expectations, barriers, fears, markets, which resulted in the identification of 4 items that we should focus on which we call CASS: cost, accessibility, safety and simplicity;

Action: Aiming to comply with CASS, we elaborate the process flow and develop a higher than existing authentication, capable of processing additional tasks, according to the specific need of bank, directed to secure transactions, ensuring the non-alteration of transaction attributes, with authentication of these and the user (DNA PassCode = Digital Transaction Signature), which meets, besides the presential demand (fixed), the non-present demand (mobile), for both (User and / or establishment / service provider company).

It contemplates the offer, development and utilization of several different products, sharing available technologies, keeping the flow simple, increasing the capillarity of the companies, without geographic delimitation for the business, with the speed and efficiency required by the globalized market.

Invention: DNA PassCode and COBAM

It is an authentication consisting of 4 modules (DNAGenerator, DNA Transaction, DNA CoreServer and DNA COBAM). The first three enable an extremely secure, simple, low-cost transaction, providing authentication for all parties involved in the transaction (Users / Customers and

Payees / Customers), which is born mobile, for everyday use, with transaction attribute restriction functionality, through digital signing (authentication) and with the ability to perform additional tasks pertinent to each business and the innovative digital security module, DNA COBAM enables user identification of fake interfaces / displays.

BASE Resources Used: Strong, industry-recognized security mechanisms for operation of DNA authentication code (Ex: AES256-encryption, SHA256-hash, SSL-channel encrypted public and private key, HMAC-hashassigned, One-Time-Password (time synchronization or string), OATH-open authentication, Base64-conversion format, among others).

Core Function (CORE): is a dynamic protocol based on user password authentication (something he knows), personal key / certificate (something he has), attributes, values and information pertinent to each business / operation informed / confirmed by the user (something which restricts / authorizes), resulting in obtaining a DNA code (digital signature), valid for a single transaction, with these characteristics, as well as allowing the identification of the interface / data entry screen (something he trusts).

Due to the protocol / process of generating the DNA authentication code, it can be openly informed, not constituting a secret (as occurs in the use of OTP, viaToken), which allows the most varied uses in the mobile and fixed, in person or remotely. . DESCRIPTION OF MODULES

DNA Generator = The one who needs to authenticate and generates the DNA authentication code.

Any and all authentication operations (Ex: making payments, various access to Internet portals, ATMs, physical access to a building, approved approval, Internet Bank, fake screen authentication, financial transactions, not restricting them, etc.) .

It consists in the generation of DNA authentication code, in mobile or fixed hardware, enabling the realization of transactions and access to specific services.

DNA Transaction (service / product: It is the one that needs to carry out the business transaction with authentication).

It consists of the input of information through the use of mobile or fixed hardware, the data informed by the User (ID and Code DNA Authentication), + the transactional data of the business, for processing and authentication of the transaction with the service provider company DNA (CoreServer Server).

DNA CoreServer Server

Module belonging to the service provider company DNA Service, responsible for the steps of:

* Initialization = registration and enabling, with ID creation for customers to benefit from the service and can do business through fixed and mobile devices, with identification, authentication and authorization; face-to-face or remotely, with no geographical limit.

* Account Management = has in its base, all registered customers and their sensitive data (confidential). This data may or may not be on the server of the company offering DNA service, but this will always have access to them through connectivity.

* Transaction Management = queries and related transactions carried out by clients (eg own initialization, data provision, data type: 'Authentication', successful or rejected? Registration, etc ')

* Management of additional authentication to suit the company offering the DNA service.

The company offering the DNA Service is responsible for the following items:

* User registration and establishment / service provider company for adherence to DNA service.

* Processing of DNA code authentication for the various types of transactions offered;

* Initialization of the procedure for the validation of the user / establishment / service provider company, provision of password and issuing keys / digital certificates);

* download application to SmartClient devices (mobile) or software (PC) when applicable;

* BackOffice for administration and operation of the services / products offered (transaction visualization, audit logs, locks, key management, among others);

* Integration with the organization's legacy (eg: mainframe)e to any other product / service, through customized deconectors (Financial Authorization Process, Information Transfer, Notification / activation of other internal company system Eg: SMS sending, among others. );

* Provide transactional connectivity interface for various operations and access, through any networks, following the security standards adopted in the market, to meet various types of protocols and devices. (Ex .: Cellular access via Wap / Xhtml, Pc access via Internet, among others. )

* Time and / or sequence synchronization processes.

Innovation = bi-directional communication module with mutual authentication, which we call COBAM.

This module contemplates the invention of a superior and innovative form in digital security, which is a tool that allows anyone who is entering their sensitive data (password ...) in a data entry interface (InternetBanking screen, for example) of a company. / service provider, this identifies a fake interface as it enters this data, making it possible to interrupt the remainder of the typing before the completion of the capture of this sensitive data by a fraudster.

COBAM Operation:

The user who enters their sensitive data (eg Password) will already have knowledge of a code-finder (via a token, mobile phone or other device) that should be "bounced" on the Interface / Typing Screen as it enters. entering your password or sensitive data. For example:

Personal password that he will type = 123456Dynamic Counter Code, in the digitization sequence: AHJKOU

1 = A

2 = H

3 = J

4 = K

5 = 0

6 = U

Each digit must correspond to the pre-established counter-code. If it does not reproduce it, the user interrupts the process (False Screen).

COBAM Description:

Currently, we have made available to the user a DYNAMIC CODE (OTP) to authenticate their sensitive information with service providers (eg; Internet Banking, Service Portals, etc.). This situation is unilateral, since it does not include authentication with its user (interface, screens), which enables the continuation of attacks and theft of sensitive data by third parties, due to the weakness of this process.

This created module innovates by adding to the existing process a new code which we call dynamic countercode. For each code entered by the user, the entity sends a corresponding COUNTER-CODE, in real time, and so on, which results in a set of endorsements: Authenticated entity User (through CODE) and Authenticated User (Through COUNTER-CODE) , complementing the authentication process and consequently reducing the fragility of the operation.

Does this counter code created have flexible characteristics, providing a great variability of combinations (colors, letters, numbers, symbols, geometric shapes, sounds, voices, etc.)? making it difficult to reproduce them for actual fraudulent use.

COBAM System Key Differentials:

• Instead of having a code for dynamic user authentication (OTP) only, we have created and developed a new functionality, which we call an equally dynamic entity counter code, which enables it to authenticate itself to the user (and the user). ;

SCREEN CODE = For each two numbers entered in the user code (at the discretion), in real time, the entity's CODE is displayed, enabling the user, in the sequence of his typing, to identify a FALSE SCREEN before completing the typing. of all your sensitive data and may abort the process before being victimized;

We add to the user code and the entity's CODE, keys and different algorithms for each one of them, strengthening the security and making the use of "reflection" impossible;

The CODE is not limited to numerical values, allowing the merging with letters (upper / lower case), colors, formats, drawings, voice, sound, among others, resulting in a large number of possibilities, and consequently greater security. visually impaired access to new functionality while introducing a new security attribute in transaction authentication;

• It is not restricted to screens of Internet sites, being able to attend Electronic Terminals and any services that may be victimized with "FALSAS" Interfaces / screens.

• Allows the user to set a limit on errors in the sequential typing of each digit code (back, delete, hit), making it impossible to attempt to pick up the code counter combinations, hit and miss.

Prevents the success of the fraudulent use of information, through the use of "chupacabra" type device, at ATMs, by the impossibility of providing in the counter code associated with the user code entry;

It can be implemented in many device types and languages.

Description of the Main COBAM Processes:

1) Creation on the Server of a new process for the generation and validation of a CODE for user identity / screen authentication, which will be used in conjunction with the dynamic OTP code (currently used by the entity).

2) As the code numbers are entered by the user in the interface / screen, the server should send the corresponding counter code to the screen, real time, for user validation and so on.

3) This CODE is to be formulated with algorithms and keys different from those currently used for dynamic code (OTP), in order to prevent reflection attacks.

4) The greater the variability of combinations in the COUNTER-CODE formulation, the greater its safety. Eg: Association of Colors, Numbers, Letters, Symbols and Sounds together are indicated.

5) The dynamic COUNTER-CODE shall follow the characteristics of a One Time Password-OTP code (Expiration, limitation, etc.).

6) Incorrect entry of One TimePassword (OTP) code by the user should be limited in order to avoid automatic attacks by the attacker to obtain valid counter codes.

7) If and when the token is used, hardware modification will be necessary, creating two nodisplay lines. One for the OTP Code and one for the COUNTER-CODE.

8) In the case of the use of Cellular Device or other device, the authenticating features of OTP Code and COUNTER-CODE shall be implemented, following the security criteria adopted by the entity. There should also be a Key Issue / Certificate server with OTP time-synchronization or Sequential capability.

9) The Server shall provide, if necessary, any authenticating software for download on different platforms, store all access logs for audit purposes, provide control and issuance of keys and certificates and provide BackOffice administrative interface for management of the entire system.

MAIN BENEFITS AND DIFFERENTIALS

1 - Use of the Legacy (no cannibalization), preserving the organization's investments Ex: 24-hour cashiers, credit card machines = "POS", Electronic Funds Transfer = "TEF / Automation", data capture network (asset of a company), IT systems of organizations (bank account, customer registration), among others, as well as the market culture already consolidated with the users and the entities involved.

2 - Decrease of fraud and contestation in non-present transactions (Internet Banking, delivery, high values ...), preventing the refusal / denial of authenticated transactions through the DNA authentication code (non repudiation);

3 - International interoperability and compatibility with Visa 3DSecure eMasterCard SecureCode authentication protocols in a transparent manner, as DNA code can travel within the messaging of these systems, for example.

4 - Adherent to emerging technologies such as NFC (Near Field Communication), Contactless, among others, offering speed and convenience in face-to-face transactions. Eg: Front of a gas station with NFC POS dobby, enter the transaction value. The user will enter into his NFC-capable cell phone the data for generating the DNA authentication code; even approach the NFC POS machine, its ID and DNA code being automatically transferred (without the attendant typing) and the transfer will start automatically. The only participation will be in the value typing! 5 - Transactional flow maintained, that is, the data for the transaction is informed to the user by the establishment / service provider, through the offered means, and he authenticates himself (there is no change in the culture).

6 - Strong Authentication DNA in all user transactions, offering a higher level of security than currently practiced in the market, especially in non-face transactions.

7 - Bidirectional Challenge Response Code, which we call COBAM (Bi-Directional Communication with Mutual Authentication). Its purpose is to provide greater security for the entry of sensitive user information / data, general authentication processes in various entities (Internet, Electronic Terminals, Banking Systems and / or any restricted systems), through bi-directional communication, with mutual authentication and use of means. visual audio, significantly minimizing any damage caused by FALSE-interfaces / screens.

8 - Meets security requirement for higher risk transactions, such as: Debit transactions, Distribution (Delivery of goods between large companies X Payment), and High values (eg payment of large suppliers) due to the strong authentication mechanism.

9 - 0 The Server shall provide, if necessary, any authenticating software for download on different platforms, store all access logs for audit purposes, provide control and issuance of keys and certificates and provide BackOffice administrative interface for management of the entire system.

MAIN BENEFITS AND DIFFERENTIALS OF THE INVENTIONS

1 - Use of the Legacy (no cannibalization), preserving the organization's investments Ex: 24-hour cashiers, credit card machines = "POS", Electronic Funds Transfer = "TEF / Automation", data capture network (asset of a company), IT systems of organizations (bank account, customer registration), among others, as well as the market culture already consolidated with the users and the entities involved.

2 - Decrease of fraud and contestation in non-present transactions (Internet Banking, delivery, high values ...), preventing the refusal / denial of authenticated transactions through the DNA authentication code (non repudiation);

3 - International interoperability and compatibility with Visa 3DSecure eMasterCard SecureCode authentication protocols in a transparent manner, as DNA code can travel within the messaging of these systems, for example.

4 - Adherent to emerging technologies such as NFC (Near Field Communication), Contactless, among others, offering speed and convenience in face-to-face transactions. Eg: Front of a gas station with NFC POS dobby, enter the transaction value. The user will enter into his NFC-capable cell phone the data for generating the DNA authentication code; It will even approach the NFC POS machine, and its ID and DNA code will be automatically transferred (without the attendant typing) and the transfer will start automatically. The only participation will be in the value entry!

5 - Transactional flow maintained, that is, the data for the transaction is informed to the user by the establishment / service provider, through the offered means, and he authenticates himself (there is no change in culture).

6 - Strong Authentication DNA in all user transactions, offering a higher level of security than currently practiced in the market, especially in non-face transactions.

7 - Bidirectional Challenge Response Code, called COBAM (Mutual Authentication Bi-Directional Communication). Its purpose is to provide greater security for the entry of sensitive user information / data in general authentication processes in various entities (Internet, Electronic Terminals, Banking Systems and / or any restricted systems) through bi-directional communication, with mutual authentication and use of audio media. significantly minimizing any damage resulting from FALSE interfaces / displays.

8 - Meets security requirement for higher risk transactions, such as: Debit transactions, Distribution (Delivery of goods between large companies X Payment), and High values (eg payment of large suppliers) due to the strong authentication mechanism.

9 - Flexible to meet any type of industry in its various transaction authentication needs;

10 - Availability for the most diverse consolidated authentication transactions on the same platform, adding value to the end user, increasing the offer of products and services of companies, reducing costs and operational impacts;

11 - Capture additional customer business information, resulting in automatic reconciliation (business + financial);

12 - In the case of use of mobile handsets, it does not depend on the carrier number, and the transaction may be carried out offline, without telephone cost and signal need (SmartClient application) enhancing a flexible solution to the segment of business, maximizing its value to shareholders;

13 - Empowers the present-day capture solutions, without changing the flow, starting to transparently meet the demand of users not present, with strong authentication;

14 - Meets authenticated transactions pay / pay / collection in strategic segments such as: Distribution (B2B), Delivery, Entertainment, Door to Door, Taxi, Toll, etc;

15 - Allows managers with approval authority, the non-presence of approvals of operations / access. Eg: A Chief Financial Officer may remotely approve the execution of a large amount transfer by generating a D NA authentication code, enabling a third party to complete the transaction in a secure and authenticated manner.

Obviously it will be appreciated that while the above has been described by way of illustration of this invention, all other modifications and variations made therein, as would be apparent to those skilled in the art, are considered within the broad scope and scope of this invention as set forth below.

Claims (7)

1. "AUTHENTICATION SYSTEM WITH PRESIDENTIAL DIGITAL SIGNATURE OR NOT AND SYSTEM IDENTIFICATION SYSTEM THROUGH BI-DIRECTIONAL COMMUNICATION WITH AUTOMATIC-COBAM" characterized by the fact that it authenticates, as a digital signature, can perform additional tasks to the business. .: financial authorization), which is a code that may be public knowledge and that only applies to that specific transaction, without further disputes because it generated it, the system has four modules: DNA Generator, DNA Transaction, DNA CoreServer (Server) and COBAM DNA. 2. "SYSTEM" according to claim 1, characterized in that the resource base used is for the use of strong and recognized mechanisms in the market for the operationalization of authentication; "SYSTEM" according to claim 1, characterized in that the CORE Main Function is a dynamic user password-based authentication protocol (something he knows), personal key / certificate (something he has), attributes , values and information pertinent to the business / operation informed / confirmed by the user (something that limits / authorizes), resulting in the obtaining of a DNA code (digital signature), valid for a single transaction, with these characteristics, as well as the identification of the interface / data entry screen (something he trusts). 4. "SYSTEM" according to claim 1, characterized in that the DNA Generator is any authentication code generation operation for a specific operation obtained by processing using mobile or fixed devices, enabling transactions and access to various services. , by generating a unique DNA authentication code (user data + business data) valid only for the specific transaction. 5. "SYSTEM" according to claim 1, characterized in that DNA Transaction is the input of information through the use of mobile or fixed hardware devices, User-entered data (DNA ID and Authentication Code), + business transaction data. , to authenticate the transaction with the company providing the DNA service, and may perform additional activities according to the needs of each business. 6. "SYSTEM" according to claim 1, characterized in that it comprises COBAM - Mutual Authentication Bi-Directional Communication, which is an unprecedented security that serves as a tool for those who are entering their sensitive data (password ...) in an interface. data entry from a company / service provider, enabling the latter to identify a fake interface as it enters this data, allowing the rest of the typing to be interrupted before completion of the capture of this sensitive data by a fraudster. 7. "SYSTEM" according to claim 1, characterized by the fact that it comprises the steps of: the user and the establishment / service provider company register with the company that will offer the DNA service, enabling it, obtaining an ID , plus the password and / or digital key / certificate that will be used later as factors for generating the final authentication code, the user contacts the establishment / service provider through any commercially available mobile or fixed device and makes their request / request ; the service establishment / company defines what data is required for that particular transaction and informs the user; - the user, based on that data, enters the device of his choice, the data received from the business. - then the user enters the - when he enters the personal password (which is related to his identification number), ma is the data of the transaction informed by the establishment / service provider company, together with the user's key / certificate, obtain the authentication code (DNA); digital signature. the establishment / company providing the service, in possession of the information sent by the user, complements if necessary with other business information and sends it to the server of the company offering the DNA service, through the means of connectivity provided by the company (internet, gprs, private network ...), to validate the code and / or perform additional tasks through the connector - the DNA service provider company completes the operation with the authentication and / or execution of additional task if necessary for the business (Financial Authorization, others .. ) when the server of the DNA service provider company will authenticate VALID IS NOT ??? the information received from the establishment / service provider company, CONFERE can check the user ID, the deambos ID, the business information passed by the establishment / service provider company, validating the code received, based on the transaction data; of services terminates the operation with authentication and / or authorization (additional task using connector) depending on the business need.