CA2884617C - Systeme et procedes permettant une entree securisee d'un numero d'identification personnel (pin) - Google Patents

Systeme et procedes permettant une entree securisee d'un numero d'identification personnel (pin) Download PDF

Info

Publication number
CA2884617C
CA2884617C CA2884617A CA2884617A CA2884617C CA 2884617 C CA2884617 C CA 2884617C CA 2884617 A CA2884617 A CA 2884617A CA 2884617 A CA2884617 A CA 2884617A CA 2884617 C CA2884617 C CA 2884617C
Authority
CA
Canada
Prior art keywords
characters
user
credential
selection
elapsed time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CA2884617A
Other languages
English (en)
Other versions
CA2884617A1 (fr
Inventor
Bjorn Markus Jakobsson
James Roy Palmer
William Leddy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PayPal Inc
Original Assignee
PayPal Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/826,570 external-priority patent/US9390256B2/en
Application filed by PayPal Inc filed Critical PayPal Inc
Publication of CA2884617A1 publication Critical patent/CA2884617A1/fr
Application granted granted Critical
Publication of CA2884617C publication Critical patent/CA2884617C/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/306Payment architectures, schemes or protocols characterised by the use of specific devices or networks using TV related infrastructures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/321Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention concerne un système permettant de réaliser des transactions mobiles à l'aide d'un numéro d'identification personnel (PIN). Le système comprend une unité d'affichage conçue pour produire et afficher un état initial du PIN et un dispositif mobile en communication avec l'unité d'affichage. Le dispositif mobile comporte une interface utilisateur permettant de modifier l'état initial du PIN et d'indiquer un état final du PIN. De plus, le dispositif mobile est conçu pour transmettre des signaux correspondants de façon à modifier l'état initial du PIN et à indiquer l'état final du PIN à l'unité d'affichage. La présente invention concerne en outre un procédé d'entrée d'un PIN.
CA2884617A 2012-09-27 2013-09-05 Systeme et procedes permettant une entree securisee d'un numero d'identification personnel (pin) Active CA2884617C (fr)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201261706691P 2012-09-27 2012-09-27
US61/706,691 2012-09-27
US13/826,570 2013-03-14
US13/826,570 US9390256B2 (en) 2012-03-06 2013-03-14 System and methods for secure entry of a personal identification number (PIN)
PCT/US2013/058321 WO2014051961A2 (fr) 2012-09-27 2013-09-05 Système et procédés permettant une entrée sécurisée d'un numéro d'identification personnel (pin)

Publications (2)

Publication Number Publication Date
CA2884617A1 CA2884617A1 (fr) 2014-04-03
CA2884617C true CA2884617C (fr) 2022-10-04

Family

ID=50389113

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2884617A Active CA2884617C (fr) 2012-09-27 2013-09-05 Systeme et procedes permettant une entree securisee d'un numero d'identification personnel (pin)

Country Status (4)

Country Link
EP (1) EP2904558A4 (fr)
AU (1) AU2013324127B2 (fr)
CA (1) CA2884617C (fr)
WO (1) WO2014051961A2 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9779225B2 (en) 2015-04-08 2017-10-03 Google Inc. Method and system to provide access to secure features of a device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6209102B1 (en) * 1999-02-12 2001-03-27 Arcot Systems, Inc. Method and apparatus for secure entry of access codes in a computer environment
EP1285326B1 (fr) * 2000-05-16 2006-03-08 Swisscom Mobile AG Procede et terminal permettant d'entrer des instructions
CA2648523C (fr) * 2005-04-21 2018-09-04 Securedpay Solutions, Inc. Dispositif a main portable pour enregistrement de commandes et autorisation de paiement en temps reel sans fil et procedes associes
WO2008081452A2 (fr) * 2007-01-03 2008-07-10 Ron Gal-Ezer Système et procédé d'authentification d'articles
WO2011037558A1 (fr) * 2009-09-22 2011-03-31 Apple Inc. Dispositif, procédé et interface utilisateur graphique pour manipuler des objets d'interface utilisateur
US8907768B2 (en) * 2009-11-25 2014-12-09 Visa International Service Association Access using a mobile device with an accelerometer
EP2763109A1 (fr) * 2010-07-09 2014-08-06 iZettle Merchant Services AB Système de paiement sécurisé sur un réseau de communication sans fil
US8789144B2 (en) * 2010-10-06 2014-07-22 Citrix Systems, Inc. Mediating resource access based on a physical location of a mobile device

Also Published As

Publication number Publication date
WO2014051961A3 (fr) 2014-05-08
EP2904558A2 (fr) 2015-08-12
WO2014051961A2 (fr) 2014-04-03
AU2013324127B2 (en) 2016-04-28
AU2013324127A1 (en) 2015-03-19
CA2884617A1 (fr) 2014-04-03
EP2904558A4 (fr) 2016-04-13

Similar Documents

Publication Publication Date Title
US11089009B2 (en) System and methods for secure entry of a personal identification number (PIN)
US20220239644A1 (en) Systems and methods for authenticating a user based on a biometric model associated with the user
US11310226B2 (en) Gesture and motion detection using a device radar component for user authentication
US10643210B2 (en) Secure transactions using a personal device
US10860701B2 (en) Motion-based credentials using magnified motion
KR101699897B1 (ko) 데이터 교환의 개별화된 형태의 인증 및 제어를 소유하는 개인화된 다기능 액세스 디바이스
US9083532B2 (en) Physiological response PIN entry
US20170324726A1 (en) Digital authentication using augmented reality
US11171968B1 (en) Method and system for user credential security
US20210225132A1 (en) Securing a cardless atm authentication through position detection
US20150006405A1 (en) System and methods for secure entry of a personal identification number (pin) using multi-touch trackpad technologies
JP7013385B2 (ja) グラフィカルバーコード及びペイメントカードの認証読取データを使用してユーザを識別するためのシステム及び方法
CN110651268B (zh) 认证用户的方法和电子设备
CA2884617C (fr) Systeme et procedes permettant une entree securisee d'un numero d'identification personnel (pin)
JP2017534961A (ja) ユーザの認証方法及び対応端末と認証システム
WO2016038060A1 (fr) Procédé pour vérifier un code pin personnel d'un utilisateur, système correspondant, lunettes intelligentes vestimentaires et serveur de confiance
KR20240059767A (ko) 보안 qr코드

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20180905