CN100511088C - 身份确认装置和身份确认方法 - Google Patents

身份确认装置和身份确认方法 Download PDF

Info

Publication number
CN100511088C
CN100511088C CNB200580010760XA CN200580010760A CN100511088C CN 100511088 C CN100511088 C CN 100511088C CN B200580010760X A CNB200580010760X A CN B200580010760XA CN 200580010760 A CN200580010760 A CN 200580010760A CN 100511088 C CN100511088 C CN 100511088C
Authority
CN
China
Prior art keywords
token
identity
confirmation device
identity confirmation
sends
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB200580010760XA
Other languages
English (en)
Other versions
CN1938665A (zh
Inventor
莫里斯·梅里克·吉福德
尼古拉斯·埃克托尔·爱德华
保罗·约瑟夫·卡尼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
British Telecommunications PLC
Original Assignee
British Telecommunications PLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Telecommunications PLC filed Critical British Telecommunications PLC
Publication of CN1938665A publication Critical patent/CN1938665A/zh
Application granted granted Critical
Publication of CN100511088C publication Critical patent/CN100511088C/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明涉及信任令牌。一种身份确认装置包括令牌发出器(4)和认证装置(5),该令牌发出器可由中央身份提供方(2)进行编程,以发出电子商务中使用的认证令牌,由此,不需要与中央服务器进行额外的通信就可以与供应商认证交易。

Description

身份确认装置和身份确认方法
技术领域
本发明涉及信任令牌或身份确认装置,更具体但非排他地,涉及电子认证中使用的令牌或装置。
背景技术
任何交易都需要参与者之间的信任要素。可以沿下面的思路将这种信任的概念公式化。设想我们遇到这样一种情况,其中,一个当事方(B)可能针对某种互惠承诺而作为回报向另一当事方(A)要约了某种承诺。当事方A不能确定B会实现其承诺。如果当事方A接受来自B的要约,则其随后将假定B会实现其承诺而行动——例如,按B会为服务付费的期望而向B提供服务,或者相反地,预先为期望B会提供的服务而向B付费。如果B没有这样做,那么A可能遭受某种损失。
作为理性的机构,A将仅接受在其意识到可能的收益大于风险时B的要约,这里,“风险”考虑了B没有交付的可能性和A针对这种可能事件的成本。如果A接受,则其可以说在这次交易的背景下“信任”B。所涉及的意识到的风险的程度是关于A对B施加的信任量的测度。
当例如通过诸如“因特网”的开放式分布系统以电子方式进行交易时,在建立信任上会引发许多问题。具体地说,极有可能的是,当事方对信誉或品牌事先几乎没有或完全没有接触或了解。例如,一个当事方可以利用某种类别的在线目录找到另一当事方。确认该另一当事方的身份也是相对困难的。例如,当事方中的一方可以将自己伪装成信誉更好的一方。
在我们的待决英国专利申请No.0405623.0中公开了一种在当事方间建立信任的方法。为了提供信任认证,可以利用当事方中的一方信任的第三方来认证交易,如果另一当事方也信任该第三方,则可以建立相互信任。
交易的第三方可以被认为是对交易的当事方的身份进行认证的身份提供方。这种身份提供方可以实现为代表其全部用户(即,被认证身份的所有者)而提供身份的中央服务器或服务器群。
在公布的美国专利申请No.US2003/0140233中,公开了一种身份认证系统,其中,智能卡或其它存储装置包括限定由诸如护照局的官方机构认证的生物特征的数据,并且包括数字签名或私钥,该私钥可以与公钥结合使用以识别在销售终端场所出现的个人。
这种系统需要用户出现在与交易发生地点相同的地点。这对于电子商务或对于人机对话的用户认证,不是完全合适的设置。
在人机对话的一个示例中,例如,在需要接入多个服务器的单个符号的情况下,用户登录到其上并且“信任”用户身份的中央服务器发出令牌(该令牌对与其它服务器的对话的信任进行认证)。
发明内容
根据本发明,提供一种包括存储卡的身份确认装置,该身份确认装置包括:个人信息存储部;认证装置,其用于对从用户特征导出的数据与出现的用户进行比较;以及可写数据存储部,其用于存储限定多人身份的数据,可通过一安全服务器来对所述身份确认装置提供数字签名数据,所述身份确认装置与被设置成导出所述用户身份的读取器结合使用,并且其中,所述身份确认装置包括令牌发出器,所述令牌发出器用于发出具有可变强度的单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性,发出的令牌的强度取决于在发出该令牌时出现的个人的确认身份的数量。
与单次使用令牌相关联的所述信任值可以改变,使得信任的强度针对每个发出的连续令牌而变低。信任的强度还可以随着发出的令牌的总值增大而更快速地衰减。信任的强度还可以根据在发出令牌时确定的生物特征真实性的可信度来改变。
每个发出的令牌都可以包括时标,该时标对用于在预定时窗内使用的令牌进行认证。在所述身份确认装置的优选使用中,由此结合使用的公钥消除了用于认证目的之用的私钥的需要。
在所述系统的一个进一步的应用中,多个身份确认装置中的每一个上都存储有多人的身份,每个人的个人身份可以被分布为部分身份,认证组中的每个装置都存储有涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
根据本发明,还提供一种身份确认方法,该身份确认方法包括以下步骤:设置身份确认装置,对该身份确认装置提供限定用户身份的数据、从用户特征导出的数据和安全服务器发出的数字签名数据,对该身份确认装置进行读取以导出用户身份,比较用户特征数据与出现的用户并发出单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性;该身份确认方法还包括以下步骤:在所述身份确认装置上存储多人的身份,并且根据在发出令牌时出现的人的确认身份的数量来改变发出的令牌的强度。
附图说明
下面,仅参照附图,通过举例对根据本发明的身份确认装置进行描述,其中:
图1是初始化处理的示意性表示图;
图2是供应商与用户之间的认证过程的示意性表示图;以及
图3是示出信任关系的实体关系图。
具体实施方式
参照图1,用户1与中央身份提供方2签订协议,身份提供方2与许多供应商都有协议或者被这些供应商信任。接着,中央身份提供方向用户提供安全硬件,例如,具有板载处理器4的智能卡3。
在正常电子商务认证中,针对用户认证的标准方法是,对于通过中央身份提供方(例如2)认证身份,用户作为回报接收到作为已经认证过身份的信物而提交给服务提供方的软件令牌。
在本发明中,一旦中央身份提供方2对用户进行了认证并且向其发出了智能卡3,就可以对安全硬件进行编程以直接发出令牌,而除了中央身份提供方2的认证外不再需要该提供方的进一步干涉。这使得智能卡3能够自行确认用户1的身份和物理存在并且能够发出令牌。由此,安全处理平台4和至少具有个人信息存储部8的存储器,以及用于需要提供其它特征的数据存储部发出令牌,而不必通过因特网发送凭证。
智能卡3的令牌发出器代替了实际身份提供方2。可以在中央身份提供方2的前提下对用户硬件初始地编程,并且将其分发给用户1。然而,在随后的交易中,用户可以通过网络联系可以验证该用户存在的中央身份提供方2,并且通过安全链接来更新智能卡3的硬件。
身份验证的良好实施的本质是施用许多不相似的特征。在用户1拥有的该用户知道某些内容的物品(例如,密码和该用户1的某种可测量的生物特征)(即,智能卡3)中,在这些事物中的特征中包括至少两个不相似因素。由此,基于网络对用户1的存在和智能卡3的存在进行认证的中央身份提供方2将更新处理器4的令牌发出器部,该令牌发出器部在发出经数字签名的令牌之前将参照认证需求。可以利用例如指纹或虹膜扫描功能5进行认证,从而即使智能卡3失窃,也不会进行认证,而且不会发出安全令牌。
简要地参照图3,用户1与身份提供方2具有关系,而中央身份提供方2具有与供应商6形成的协议,从而通过中央身份提供方2认证用户1是可信任的,而形成了信任,由此,供应商6可以接受对用户1的认证。
再次参照图1,智能卡3现在代表中央身份提供方2,而由该中央身份提供方对供应商6进行了认证,使得通过网络把所有当事方连接起来只需最小通信量。因为任一方都不需要连接到身份提供方2,所以这消除了在从供应商6向用户1提供服务时的潜在薄弱环节。为了发出安全令牌,身份提供方2将连同有关信任强度7的信息和用于识别用户1的个人信息8向智能卡3的处理器4提供授权。因为发出令牌仅需要认证5和信任强度7,所以并非必需提供个人信息。应当注意到,发出的令牌只是单次使用令牌,并不存储于智能卡3自身中的任何地方,而是在使用的恰当时间生成。由此,一旦将智能卡3发给用户1,该用户就可以向供应商6提供数字签名令牌,以使得该供应商能够提供服务。
因而,参照图2,当用户1希望得到供应商6提供的服务时,该用户针对认证模块5通过输入密码或利用指纹或虹膜扫描进行识别,来认证智能卡3的存在。令牌发出器4确定认证的强度,并且根据认证的信任强度和质量来确定是否可以发出令牌。该发出的令牌可以包含或者不可以不包含来自个人信息存储部8的个人信息,接着,可以把该经数字签名的令牌作为中央身份提供方2对用户1的信任的认证发送给供应方6。
令牌发出器4可以利用许多特征来修改信任强度7。由此,每当发出一令牌时,例如,可以使可具有数值的信任强度递减。令牌发出器4可以考虑被承担交易的值,并且可以具有信任强度降低所处的阈值。例如,可以通过中央身份提供方2把信任强度设置成一值,每当发出一令牌时,将该值减1,而且对于每个例如£50的交易值,进一步递减1。
信任强度7还可以根据系统时钟递减,使得该信任强度随时间递减,由此未使用的卡或有规律地使用的卡将具有向0衰减的信任强度,在随后把智能卡3连接到安全中央服务器2时通过中央身份提供方2重设信任强度7。
在该系统的进一步发展中,中央身份提供方2可能需要几个用户出现以便允许程序发出令牌。因此,对于许多个人来说,可能需要在发出针对供应方6而使用的令牌之前向智能卡3提供认证。由此,可以在卡上存储几种身份,从而在发出令牌之前向令牌发出器4提供最少量的认证凭证,如果提供了较少的认证5,则信任强度7较弱。
因为在未连接到认证者服务器2的更安全的环境下执行处理,所以减少了令牌信息被捕获和身份欺骗的风险。
尽管身份模块在此主要被称为智能卡,但是应当理解,可以使用诸如PDA(个人数字助理)或PPC(个人便携式计算机)的其它装置。例如,只要可以对用户进行安全认证,则具有适合安全通信可能性、处理器以及数据存储部的任何装置都可以被编程,以按规定方式提供认证令牌。
处理器的程序必须安全,使得在该单元连接到中央服务提供方或者在中央服务提供方的位置处并且用户已经被认证时,可以仅发生对发出授权的令牌、信任强度以及限制值的更新。
发出的令牌必须是供应商可识别的,并且可以包括根据实际时间或系统时钟导出的时钟信息,该时钟信息随时间衰减而影响由令牌认证的信任的强度。
在此使用的术语令牌涉及用于通过与令牌发出装置进行通信的通信网络传送的数字签名认证。

Claims (18)

1、一种包括存储卡的身份确认装置,该身份确认装置包括:
个人信息存储部;
认证装置,其用于对从用户特征导出的数据与出现的用户进行比较;以及
可写数据存储部,其用于存储限定多人身份的数据,可通过一安全服务器来对所述身份确认装置提供数字签名数据,所述身份确认装置与被设置成导出所述用户身份的读取器结合使用,并且
其中,所述身份确认装置包括令牌发出器,所述令牌发出器用于发出具有可变强度的单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性,发出的令牌的强度取决于在发出该令牌时出现的个人的确认身份的数量。
2、根据权利要求1所述的身份确认装置,其中,仅存储有针对所述多人中的一人或更多人的部分身份,由此,多个装置相结合发出一令牌。
3、根据权利要求1所述的身份确认装置,其中,每个发出的令牌都具有强度可以随时间衰减的关联信任值。
4、根据权利要求1所述的身份确认装置,其中,与单次使用令牌相关联的所述信任值可以改变,使得信任的强度针对每个发出的连续令牌而变低。
5、根据权利要求1所述的身份确认装置,其中,所述信任的强度随着发出的令牌的总值增大而更快速地衰减。
6、根据权利要求1所述的身份确认装置,该身份确认装置还包括生物特征认证装置,每个令牌的信任的强度根据在发出令牌时确定的生物特征真实性的可信度而改变。
7、根据权利要求1所述的身份确认装置,其中,每个发出的令牌都包括限定时标的数据,该时标对用于在预定时窗内使用的令牌进行认证。
8、根据权利要求1所述的身份确认装置,其中,该身份确认装置与公钥相关联而结合代替使用用于认证目的之用的私钥。
9、一组身份确认装置,每个身份确认装置为如权利要求1或权利要求2所述的身份确认装置,其中,每个人的个人身份被分布为部分身份,认证组中的每个装置都存储有涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
10、一种身份确认方法,该身份确认方法包括以下步骤:设置身份确认装置,对该身份确认装置提供限定用户身份的数据、从用户特征导出的数据和安全服务器发出的数字签名数据,对该身份确认装置进行读取以导出用户身份,比较用户特征数据与出现的用户并发出单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性;该身份确认方法还包括以下步骤:在所述身份确认装置上存储多人的身份,并且根据在发出令牌时出现的人的确认身份的数量来改变发出的令牌的强度。
11、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:仅存储针对所述多人中的一人或更多人的部分身份,由此,通过多个身份确认装置的结合来完成令牌的发出。
12、根据权利要求10或11所述的身份确认方法,该身份确认方法包括以下步骤:将每个人的个人身份分布为部分身份,在认证组中的每个身份确认装置中存储涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
13、根据权利要求10所述的身份确认方法,其中,每个发出的令牌都具有强度可以随时间衰减的关联信任值。
14、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:改变与单次使用令牌相关联的所述信任值,使得信任的强度针对每个发出的连续令牌而变低。
15、根据权利要求10所述的身份确认方法,其中,所述信任的强度随着发出的令牌的总值增大而更快速地衰减。
16、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:根据在发出令牌时确定的根据用户特征数据导出的数据的生物特征真实性的可信度来改变每个令牌的信任的强度。
17、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:在每个发出的令牌中都包括限定时标的数据,该时标对用于在预定时窗内使用的令牌进行认证。
18、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:结合身份确认装置与公钥来代替使用用于认证目的之用的私钥。
CNB200580010760XA 2004-03-31 2005-03-21 身份确认装置和身份确认方法 Expired - Fee Related CN100511088C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0407369.8A GB0407369D0 (en) 2004-03-31 2004-03-31 Trust tokens
GB0407369.8 2004-03-31

Publications (2)

Publication Number Publication Date
CN1938665A CN1938665A (zh) 2007-03-28
CN100511088C true CN100511088C (zh) 2009-07-08

Family

ID=32247638

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB200580010760XA Expired - Fee Related CN100511088C (zh) 2004-03-31 2005-03-21 身份确认装置和身份确认方法

Country Status (6)

Country Link
US (1) US7627895B2 (zh)
EP (1) EP1735678A1 (zh)
CN (1) CN100511088C (zh)
CA (1) CA2557414A1 (zh)
GB (1) GB0407369D0 (zh)
WO (1) WO2005096117A1 (zh)

Families Citing this family (144)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US11283885B2 (en) 2004-10-19 2022-03-22 Verizon Patent And Licensing Inc. System and method for location based matching and promotion
CN102982092B (zh) * 2004-10-19 2017-06-09 飞扬管理有限公司 用于基于位置的社交网络的系统和方法
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121956B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Cardless challenge systems and methods
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
DE102008000067C5 (de) 2008-01-16 2012-10-25 Bundesdruckerei Gmbh Verfahren zum Lesen von Attributen aus einem ID-Token
US8799984B2 (en) * 2008-05-27 2014-08-05 Open Invention Network, Llc User agent to exercise privacy control management in a user-centric identity management system
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
CA2742963A1 (en) 2008-11-06 2010-05-14 Visa International Service Association Online challenge-response
US20100146608A1 (en) * 2008-12-06 2010-06-10 Raytheon Company Multi-Level Secure Collaborative Computing Environment
US9298902B2 (en) * 2009-02-12 2016-03-29 International Business Machines Corporation System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US8327134B2 (en) * 2009-02-12 2012-12-04 International Business Machines Corporation System, method and program product for checking revocation status of a biometric reference template
US8359475B2 (en) * 2009-02-12 2013-01-22 International Business Machines Corporation System, method and program product for generating a cancelable biometric reference template on demand
US8301902B2 (en) * 2009-02-12 2012-10-30 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a biometric reference template
US8289135B2 (en) * 2009-02-12 2012-10-16 International Business Machines Corporation System, method and program product for associating a biometric reference template with a radio frequency identification tag
US8242892B2 (en) * 2009-02-12 2012-08-14 International Business Machines Corporation System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US7891560B2 (en) 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
CA3045817A1 (en) 2010-01-12 2011-07-21 Visa International Service Association Anytime validation for verification tokens
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
US8453212B2 (en) 2010-07-27 2013-05-28 Raytheon Company Accessing resources of a secure computing network
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
CN109118199A (zh) 2011-02-16 2019-01-01 维萨国际服务协会 快拍移动支付装置,方法和系统
SG193510A1 (en) 2011-02-22 2013-10-30 Visa Int Service Ass Universal electronic payment apparatuses, methods and systems
CN107967602A (zh) 2011-03-04 2018-04-27 维萨国际服务协会 支付能力结合至计算机的安全元件
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
WO2013019567A2 (en) 2011-07-29 2013-02-07 Visa International Service Association Passing payment tokens through an hop/sop
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9165294B2 (en) 2011-08-24 2015-10-20 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US8689310B2 (en) * 2011-12-29 2014-04-01 Ebay Inc. Applications login using a mechanism relating sub-tokens to the quality of a master token
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
RU2017131424A (ru) 2012-01-05 2019-02-06 Виза Интернэшнл Сервис Ассосиэйшн Защита данных с переводом
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US20130212007A1 (en) 2012-02-10 2013-08-15 Protegrity Corporation Tokenization in payment environments
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US20130297501A1 (en) 2012-05-04 2013-11-07 Justin Monk System and method for local data conversion
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
WO2014043278A1 (en) 2012-09-11 2014-03-20 Visa International Service Association Cloud-based virtual wallet nfc apparatuses, methods and systems
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
WO2014087381A1 (en) 2012-12-07 2014-06-12 Visa International Service Association A token generating component
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US20140282984A1 (en) * 2013-03-14 2014-09-18 Microsoft Corporation Service relationship and communication management
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
WO2014186635A1 (en) 2013-05-15 2014-11-20 Visa International Service Association Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
EP3014803B1 (en) * 2013-06-25 2019-09-25 Nokia Technologies Oy A method and apparatus for anonymous and trustworthy authentication in pervasive social networking
DK2821931T3 (da) * 2013-07-02 2019-08-26 Precise Biometrics Ab Verificeringsapplikation, fremgangsmåde, elektronisk indretning og computerapplikation.
CA2918788C (en) 2013-07-24 2020-06-16 Visa International Service Association Systems and methods for interoperable network token processing
EP3025291A1 (en) 2013-07-26 2016-06-01 Visa International Service Association Provisioning payment credentials to a consumer
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
CN105612543B (zh) 2013-08-08 2022-05-27 维萨国际服务协会 用于为移动设备供应支付凭证的方法和系统
US10891610B2 (en) 2013-10-11 2021-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
SG10201900029SA (en) 2013-11-19 2019-02-27 Visa Int Service Ass Automated account provisioning
KR102293822B1 (ko) 2013-12-19 2021-08-26 비자 인터네셔널 서비스 어소시에이션 클라우드-기반 트랜잭션 방법 및 시스템
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US9483640B2 (en) 2014-04-01 2016-11-01 Georgetown University System and method for deterring malicious network attacks
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9608982B2 (en) 2014-04-14 2017-03-28 Trulioo Information Services, Inc. Identity validation system and associated methods
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
CN106233664B (zh) 2014-05-01 2020-03-13 维萨国际服务协会 使用访问装置的数据验证
CN106462849B (zh) 2014-05-05 2019-12-24 维萨国际服务协会 用于令牌域控制的系统和方法
AU2015264124B2 (en) 2014-05-21 2019-05-09 Visa International Service Association Offline authentication
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
SG10201810140QA (en) 2014-09-26 2018-12-28 Visa Int Service Ass Remote server encrypted data provisioning system and methods
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US9602490B2 (en) * 2014-11-10 2017-03-21 Intel Corporation User authentication confidence based on multiple devices
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
CN113537988B (zh) 2014-11-26 2024-05-28 维萨国际服务协会 用于经由访问装置的令牌化请求的方法和设备
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
WO2016094122A1 (en) 2014-12-12 2016-06-16 Visa International Service Association Provisioning platform for machine-to-machine devices
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
WO2016126729A1 (en) 2015-02-03 2016-08-11 Visa International Service Association Validation identity tokens for transactions
US10977657B2 (en) 2015-02-09 2021-04-13 Visa International Service Association Token processing utilizing multiple authorizations
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
CA2977427A1 (en) 2015-04-10 2016-10-13 Visa International Service Association Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US11068889B2 (en) 2015-10-15 2021-07-20 Visa International Service Association Instant token issuance
CN113542293B (zh) 2015-12-04 2023-11-07 维萨国际服务协会 用于令牌验证的方法及计算机
AU2017206119B2 (en) 2016-01-07 2020-10-29 Visa International Service Association Systems and methods for device push provisioning
WO2017136418A1 (en) 2016-02-01 2017-08-10 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US11423177B2 (en) * 2016-02-11 2022-08-23 Evident ID, Inc. Systems and methods for establishing trust online
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
CN109074578A (zh) 2016-04-19 2018-12-21 维萨国际服务协会 用于执行推送交易的系统和方法
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
BR112018072903A2 (pt) 2016-06-03 2019-02-19 Visa International Service Association método, e, dispositivos de comunicação e conectado.
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
SG11201808737YA (en) 2016-06-24 2018-11-29 Visa Int Service Ass Unique token authentication cryptogram
SG10202110839VA (en) 2016-07-11 2021-11-29 Visa Int Service Ass Encryption key exchange process using access device
EP3488406A4 (en) 2016-07-19 2019-08-07 Visa International Service Association METHOD OF DISTRIBUTING TOKENS AND MANAGING TOKEN RELATIONS
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
CN117009946A (zh) 2016-11-28 2023-11-07 维萨国际服务协会 供应到应用程序的访问标识符
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
EP3762844A4 (en) 2018-03-07 2021-04-21 Visa International Service Association SECURE REMOTE TOKEN RELEASE WITH ONLINE AUTHENTICATION
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
EP3841498B1 (en) 2018-08-22 2024-05-01 Visa International Service Association Method and system for token provisioning and processing
US10938641B1 (en) * 2018-11-09 2021-03-02 Amazon Technologies, Inc. On-demand development environment
CN113015992B (zh) 2018-11-14 2023-02-17 维萨国际服务协会 多个令牌的云令牌预配
US11849042B2 (en) 2019-05-17 2023-12-19 Visa International Service Association Virtual access credential interaction system and method
US20220021537A1 (en) * 2020-07-14 2022-01-20 Visa International Service Association Privacy-preserving identity attribute verification using policy tokens
US20230121420A1 (en) * 2021-10-14 2023-04-20 Twilio Inc. Trust relationships to share client assets among client accounts in a software as a service platform

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5825880A (en) * 1994-01-13 1998-10-20 Sudia; Frank W. Multi-step digital signature method and system
US6366682B1 (en) 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US6070141A (en) * 1995-05-08 2000-05-30 Image Data, Llc System and method of assessing the quality of an identification transaction using an identificaion quality score
CN1192834A (zh) * 1995-06-05 1998-09-09 塞特科有限公司 多步数字签名方法和系统
US6163771A (en) * 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US6484260B1 (en) * 1998-04-24 2002-11-19 Identix, Inc. Personal identification system
WO2001013198A1 (en) 1999-08-13 2001-02-22 Hewlett-Packard Company Enforcing restrictions on the use of stored data
GB2357664B (en) * 1999-12-22 2004-03-10 Nokia Mobile Phones Ltd Electronic commerce system
EP1139200A3 (en) 2000-03-23 2002-10-16 Tradecard Inc. Access code generating system including smart card and smart card reader
US7191466B1 (en) * 2000-07-25 2007-03-13 Laurence Hamid Flexible system and method of user authentication for password based system
US7043760B2 (en) * 2000-10-11 2006-05-09 David H. Holtzman System and method for establishing and managing relationships between pseudonymous identifications and memberships in organizations
US20030140233A1 (en) * 2002-01-22 2003-07-24 Vipin Samar Method and apparatus for facilitating low-cost and scalable digital identification authentication
US20030140223A1 (en) * 2002-01-23 2003-07-24 Robert Desideri Automatic configuration of devices for secure network communication
WO2003062969A1 (en) * 2002-01-24 2003-07-31 Activcard Ireland, Limited Flexible method of user authentication
US20030145204A1 (en) 2002-01-29 2003-07-31 Mehrdad Nadooshan Method and apparatus for simultaneously establishing user identity and group membership
US7770212B2 (en) 2002-08-15 2010-08-03 Activcard System and method for privilege delegation and control
US7010565B2 (en) * 2002-09-30 2006-03-07 Sampson Scott E Communication management using a token action log

Also Published As

Publication number Publication date
EP1735678A1 (en) 2006-12-27
GB0407369D0 (en) 2004-05-05
US20070192619A1 (en) 2007-08-16
WO2005096117A1 (en) 2005-10-13
US7627895B2 (en) 2009-12-01
CA2557414A1 (en) 2005-10-13
CN1938665A (zh) 2007-03-28

Similar Documents

Publication Publication Date Title
CN100511088C (zh) 身份确认装置和身份确认方法
US11445364B2 (en) Secure data communication
US20120032782A1 (en) System for restricted biometric access for a secure global online and electronic environment
JP4960883B2 (ja) 認証デバイスおよび/または方法
US8549602B2 (en) System and method for handling permits for user authentication tokens
US20060229988A1 (en) Card settlement method using portable electronic device having fingerprint sensor
US20110140834A1 (en) Secure identification, verification and authorization using a secure portable device
KR20080100786A (ko) 인터넷 비지니스 보안 시스템
JP2009528643A (ja) メール注文及び電話注文における二要素認証を実施するための方法及びシステム
AU2009200408A1 (en) Password generator
US20150235226A1 (en) Method of Witnessed Fingerprint Payment
US20140270336A1 (en) System and Method for Transaction Authentication
CA3154449C (en) A digital, personal and secure electronic access permission
JP2007128468A (ja) Icカード発行システム、および、icカード発行方法
Gasson et al. D3. 2: A study on PKI and biometrics
US20040015688A1 (en) Interactive authentication process
AU2021107510A4 (en) A method for electronic identity verification and management
EP3767918B1 (en) Method and system for authenticating a purchase by a user
WO2022249294A1 (ja) 認証システム、認証方法、及びプログラム
NL1031488C2 (nl) Systeem alsmede werkwijze voor het toekennen van een privilege aan een chiphouder.
WO2023023824A1 (en) A method for electronic identity verification and management
WO2002046984A1 (fr) Procede securise de transaction entre un acheteur et un vendeur
Sedaghat et al. The management of citizen identity in electronic government
Katta et al. Model for Token Based Secure Transaction in ATM Networks.
AU2005294107A1 (en) Authentication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090708

Termination date: 20130321