CN100511088C - 身份确认装置和身份确认方法 - Google Patents
身份确认装置和身份确认方法 Download PDFInfo
- Publication number
- CN100511088C CN100511088C CNB200580010760XA CN200580010760A CN100511088C CN 100511088 C CN100511088 C CN 100511088C CN B200580010760X A CNB200580010760X A CN B200580010760XA CN 200580010760 A CN200580010760 A CN 200580010760A CN 100511088 C CN100511088 C CN 100511088C
- Authority
- CN
- China
- Prior art keywords
- token
- identity
- confirmation device
- identity confirmation
- sends
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本发明涉及信任令牌。一种身份确认装置包括令牌发出器(4)和认证装置(5),该令牌发出器可由中央身份提供方(2)进行编程,以发出电子商务中使用的认证令牌,由此,不需要与中央服务器进行额外的通信就可以与供应商认证交易。
Description
技术领域
本发明涉及信任令牌或身份确认装置,更具体但非排他地,涉及电子认证中使用的令牌或装置。
背景技术
任何交易都需要参与者之间的信任要素。可以沿下面的思路将这种信任的概念公式化。设想我们遇到这样一种情况,其中,一个当事方(B)可能针对某种互惠承诺而作为回报向另一当事方(A)要约了某种承诺。当事方A不能确定B会实现其承诺。如果当事方A接受来自B的要约,则其随后将假定B会实现其承诺而行动——例如,按B会为服务付费的期望而向B提供服务,或者相反地,预先为期望B会提供的服务而向B付费。如果B没有这样做,那么A可能遭受某种损失。
作为理性的机构,A将仅接受在其意识到可能的收益大于风险时B的要约,这里,“风险”考虑了B没有交付的可能性和A针对这种可能事件的成本。如果A接受,则其可以说在这次交易的背景下“信任”B。所涉及的意识到的风险的程度是关于A对B施加的信任量的测度。
当例如通过诸如“因特网”的开放式分布系统以电子方式进行交易时,在建立信任上会引发许多问题。具体地说,极有可能的是,当事方对信誉或品牌事先几乎没有或完全没有接触或了解。例如,一个当事方可以利用某种类别的在线目录找到另一当事方。确认该另一当事方的身份也是相对困难的。例如,当事方中的一方可以将自己伪装成信誉更好的一方。
在我们的待决英国专利申请No.0405623.0中公开了一种在当事方间建立信任的方法。为了提供信任认证,可以利用当事方中的一方信任的第三方来认证交易,如果另一当事方也信任该第三方,则可以建立相互信任。
交易的第三方可以被认为是对交易的当事方的身份进行认证的身份提供方。这种身份提供方可以实现为代表其全部用户(即,被认证身份的所有者)而提供身份的中央服务器或服务器群。
在公布的美国专利申请No.US2003/0140233中,公开了一种身份认证系统,其中,智能卡或其它存储装置包括限定由诸如护照局的官方机构认证的生物特征的数据,并且包括数字签名或私钥,该私钥可以与公钥结合使用以识别在销售终端场所出现的个人。
这种系统需要用户出现在与交易发生地点相同的地点。这对于电子商务或对于人机对话的用户认证,不是完全合适的设置。
在人机对话的一个示例中,例如,在需要接入多个服务器的单个符号的情况下,用户登录到其上并且“信任”用户身份的中央服务器发出令牌(该令牌对与其它服务器的对话的信任进行认证)。
发明内容
根据本发明,提供一种包括存储卡的身份确认装置,该身份确认装置包括:个人信息存储部;认证装置,其用于对从用户特征导出的数据与出现的用户进行比较;以及可写数据存储部,其用于存储限定多人身份的数据,可通过一安全服务器来对所述身份确认装置提供数字签名数据,所述身份确认装置与被设置成导出所述用户身份的读取器结合使用,并且其中,所述身份确认装置包括令牌发出器,所述令牌发出器用于发出具有可变强度的单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性,发出的令牌的强度取决于在发出该令牌时出现的个人的确认身份的数量。
与单次使用令牌相关联的所述信任值可以改变,使得信任的强度针对每个发出的连续令牌而变低。信任的强度还可以随着发出的令牌的总值增大而更快速地衰减。信任的强度还可以根据在发出令牌时确定的生物特征真实性的可信度来改变。
每个发出的令牌都可以包括时标,该时标对用于在预定时窗内使用的令牌进行认证。在所述身份确认装置的优选使用中,由此结合使用的公钥消除了用于认证目的之用的私钥的需要。
在所述系统的一个进一步的应用中,多个身份确认装置中的每一个上都存储有多人的身份,每个人的个人身份可以被分布为部分身份,认证组中的每个装置都存储有涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
根据本发明,还提供一种身份确认方法,该身份确认方法包括以下步骤:设置身份确认装置,对该身份确认装置提供限定用户身份的数据、从用户特征导出的数据和安全服务器发出的数字签名数据,对该身份确认装置进行读取以导出用户身份,比较用户特征数据与出现的用户并发出单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性;该身份确认方法还包括以下步骤:在所述身份确认装置上存储多人的身份,并且根据在发出令牌时出现的人的确认身份的数量来改变发出的令牌的强度。
附图说明
下面,仅参照附图,通过举例对根据本发明的身份确认装置进行描述,其中:
图1是初始化处理的示意性表示图;
图2是供应商与用户之间的认证过程的示意性表示图;以及
图3是示出信任关系的实体关系图。
具体实施方式
参照图1,用户1与中央身份提供方2签订协议,身份提供方2与许多供应商都有协议或者被这些供应商信任。接着,中央身份提供方向用户提供安全硬件,例如,具有板载处理器4的智能卡3。
在正常电子商务认证中,针对用户认证的标准方法是,对于通过中央身份提供方(例如2)认证身份,用户作为回报接收到作为已经认证过身份的信物而提交给服务提供方的软件令牌。
在本发明中,一旦中央身份提供方2对用户进行了认证并且向其发出了智能卡3,就可以对安全硬件进行编程以直接发出令牌,而除了中央身份提供方2的认证外不再需要该提供方的进一步干涉。这使得智能卡3能够自行确认用户1的身份和物理存在并且能够发出令牌。由此,安全处理平台4和至少具有个人信息存储部8的存储器,以及用于需要提供其它特征的数据存储部发出令牌,而不必通过因特网发送凭证。
智能卡3的令牌发出器代替了实际身份提供方2。可以在中央身份提供方2的前提下对用户硬件初始地编程,并且将其分发给用户1。然而,在随后的交易中,用户可以通过网络联系可以验证该用户存在的中央身份提供方2,并且通过安全链接来更新智能卡3的硬件。
身份验证的良好实施的本质是施用许多不相似的特征。在用户1拥有的该用户知道某些内容的物品(例如,密码和该用户1的某种可测量的生物特征)(即,智能卡3)中,在这些事物中的特征中包括至少两个不相似因素。由此,基于网络对用户1的存在和智能卡3的存在进行认证的中央身份提供方2将更新处理器4的令牌发出器部,该令牌发出器部在发出经数字签名的令牌之前将参照认证需求。可以利用例如指纹或虹膜扫描功能5进行认证,从而即使智能卡3失窃,也不会进行认证,而且不会发出安全令牌。
简要地参照图3,用户1与身份提供方2具有关系,而中央身份提供方2具有与供应商6形成的协议,从而通过中央身份提供方2认证用户1是可信任的,而形成了信任,由此,供应商6可以接受对用户1的认证。
再次参照图1,智能卡3现在代表中央身份提供方2,而由该中央身份提供方对供应商6进行了认证,使得通过网络把所有当事方连接起来只需最小通信量。因为任一方都不需要连接到身份提供方2,所以这消除了在从供应商6向用户1提供服务时的潜在薄弱环节。为了发出安全令牌,身份提供方2将连同有关信任强度7的信息和用于识别用户1的个人信息8向智能卡3的处理器4提供授权。因为发出令牌仅需要认证5和信任强度7,所以并非必需提供个人信息。应当注意到,发出的令牌只是单次使用令牌,并不存储于智能卡3自身中的任何地方,而是在使用的恰当时间生成。由此,一旦将智能卡3发给用户1,该用户就可以向供应商6提供数字签名令牌,以使得该供应商能够提供服务。
因而,参照图2,当用户1希望得到供应商6提供的服务时,该用户针对认证模块5通过输入密码或利用指纹或虹膜扫描进行识别,来认证智能卡3的存在。令牌发出器4确定认证的强度,并且根据认证的信任强度和质量来确定是否可以发出令牌。该发出的令牌可以包含或者不可以不包含来自个人信息存储部8的个人信息,接着,可以把该经数字签名的令牌作为中央身份提供方2对用户1的信任的认证发送给供应方6。
令牌发出器4可以利用许多特征来修改信任强度7。由此,每当发出一令牌时,例如,可以使可具有数值的信任强度递减。令牌发出器4可以考虑被承担交易的值,并且可以具有信任强度降低所处的阈值。例如,可以通过中央身份提供方2把信任强度设置成一值,每当发出一令牌时,将该值减1,而且对于每个例如£50的交易值,进一步递减1。
信任强度7还可以根据系统时钟递减,使得该信任强度随时间递减,由此未使用的卡或有规律地使用的卡将具有向0衰减的信任强度,在随后把智能卡3连接到安全中央服务器2时通过中央身份提供方2重设信任强度7。
在该系统的进一步发展中,中央身份提供方2可能需要几个用户出现以便允许程序发出令牌。因此,对于许多个人来说,可能需要在发出针对供应方6而使用的令牌之前向智能卡3提供认证。由此,可以在卡上存储几种身份,从而在发出令牌之前向令牌发出器4提供最少量的认证凭证,如果提供了较少的认证5,则信任强度7较弱。
因为在未连接到认证者服务器2的更安全的环境下执行处理,所以减少了令牌信息被捕获和身份欺骗的风险。
尽管身份模块在此主要被称为智能卡,但是应当理解,可以使用诸如PDA(个人数字助理)或PPC(个人便携式计算机)的其它装置。例如,只要可以对用户进行安全认证,则具有适合安全通信可能性、处理器以及数据存储部的任何装置都可以被编程,以按规定方式提供认证令牌。
处理器的程序必须安全,使得在该单元连接到中央服务提供方或者在中央服务提供方的位置处并且用户已经被认证时,可以仅发生对发出授权的令牌、信任强度以及限制值的更新。
发出的令牌必须是供应商可识别的,并且可以包括根据实际时间或系统时钟导出的时钟信息,该时钟信息随时间衰减而影响由令牌认证的信任的强度。
在此使用的术语令牌涉及用于通过与令牌发出装置进行通信的通信网络传送的数字签名认证。
Claims (18)
1、一种包括存储卡的身份确认装置,该身份确认装置包括:
个人信息存储部;
认证装置,其用于对从用户特征导出的数据与出现的用户进行比较;以及
可写数据存储部,其用于存储限定多人身份的数据,可通过一安全服务器来对所述身份确认装置提供数字签名数据,所述身份确认装置与被设置成导出所述用户身份的读取器结合使用,并且
其中,所述身份确认装置包括令牌发出器,所述令牌发出器用于发出具有可变强度的单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性,发出的令牌的强度取决于在发出该令牌时出现的个人的确认身份的数量。
2、根据权利要求1所述的身份确认装置,其中,仅存储有针对所述多人中的一人或更多人的部分身份,由此,多个装置相结合发出一令牌。
3、根据权利要求1所述的身份确认装置,其中,每个发出的令牌都具有强度可以随时间衰减的关联信任值。
4、根据权利要求1所述的身份确认装置,其中,与单次使用令牌相关联的所述信任值可以改变,使得信任的强度针对每个发出的连续令牌而变低。
5、根据权利要求1所述的身份确认装置,其中,所述信任的强度随着发出的令牌的总值增大而更快速地衰减。
6、根据权利要求1所述的身份确认装置,该身份确认装置还包括生物特征认证装置,每个令牌的信任的强度根据在发出令牌时确定的生物特征真实性的可信度而改变。
7、根据权利要求1所述的身份确认装置,其中,每个发出的令牌都包括限定时标的数据,该时标对用于在预定时窗内使用的令牌进行认证。
8、根据权利要求1所述的身份确认装置,其中,该身份确认装置与公钥相关联而结合代替使用用于认证目的之用的私钥。
9、一组身份确认装置,每个身份确认装置为如权利要求1或权利要求2所述的身份确认装置,其中,每个人的个人身份被分布为部分身份,认证组中的每个装置都存储有涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
10、一种身份确认方法,该身份确认方法包括以下步骤:设置身份确认装置,对该身份确认装置提供限定用户身份的数据、从用户特征导出的数据和安全服务器发出的数字签名数据,对该身份确认装置进行读取以导出用户身份,比较用户特征数据与出现的用户并发出单次使用令牌,该单次使用令牌确认由所述数字签名数据认证的交易的有效性;该身份确认方法还包括以下步骤:在所述身份确认装置上存储多人的身份,并且根据在发出令牌时出现的人的确认身份的数量来改变发出的令牌的强度。
11、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:仅存储针对所述多人中的一人或更多人的部分身份,由此,通过多个身份确认装置的结合来完成令牌的发出。
12、根据权利要求10或11所述的身份确认方法,该身份确认方法包括以下步骤:将每个人的个人身份分布为部分身份,在认证组中的每个身份确认装置中存储涉及相应多个用户的多个这种部分身份,由此,发出的令牌可以用于确认出现人充分结合的存在性,以认证交易。
13、根据权利要求10所述的身份确认方法,其中,每个发出的令牌都具有强度可以随时间衰减的关联信任值。
14、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:改变与单次使用令牌相关联的所述信任值,使得信任的强度针对每个发出的连续令牌而变低。
15、根据权利要求10所述的身份确认方法,其中,所述信任的强度随着发出的令牌的总值增大而更快速地衰减。
16、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:根据在发出令牌时确定的根据用户特征数据导出的数据的生物特征真实性的可信度来改变每个令牌的信任的强度。
17、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:在每个发出的令牌中都包括限定时标的数据,该时标对用于在预定时窗内使用的令牌进行认证。
18、根据权利要求10所述的身份确认方法,该身份确认方法包括以下步骤:结合身份确认装置与公钥来代替使用用于认证目的之用的私钥。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB0407369.8A GB0407369D0 (en) | 2004-03-31 | 2004-03-31 | Trust tokens |
GB0407369.8 | 2004-03-31 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1938665A CN1938665A (zh) | 2007-03-28 |
CN100511088C true CN100511088C (zh) | 2009-07-08 |
Family
ID=32247638
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB200580010760XA Expired - Fee Related CN100511088C (zh) | 2004-03-31 | 2005-03-21 | 身份确认装置和身份确认方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US7627895B2 (zh) |
EP (1) | EP1735678A1 (zh) |
CN (1) | CN100511088C (zh) |
CA (1) | CA2557414A1 (zh) |
GB (1) | GB0407369D0 (zh) |
WO (1) | WO2005096117A1 (zh) |
Families Citing this family (144)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
US11283885B2 (en) | 2004-10-19 | 2022-03-22 | Verizon Patent And Licensing Inc. | System and method for location based matching and promotion |
CN102982092B (zh) * | 2004-10-19 | 2017-06-09 | 飞扬管理有限公司 | 用于基于位置的社交网络的系统和方法 |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US8121956B2 (en) | 2007-06-25 | 2012-02-21 | Visa U.S.A. Inc. | Cardless challenge systems and methods |
US7937324B2 (en) | 2007-09-13 | 2011-05-03 | Visa U.S.A. Inc. | Account permanence |
DE102008000067C5 (de) | 2008-01-16 | 2012-10-25 | Bundesdruckerei Gmbh | Verfahren zum Lesen von Attributen aus einem ID-Token |
US8799984B2 (en) * | 2008-05-27 | 2014-08-05 | Open Invention Network, Llc | User agent to exercise privacy control management in a user-centric identity management system |
US8219489B2 (en) | 2008-07-29 | 2012-07-10 | Visa U.S.A. Inc. | Transaction processing using a global unique identifier |
CA2742963A1 (en) | 2008-11-06 | 2010-05-14 | Visa International Service Association | Online challenge-response |
US20100146608A1 (en) * | 2008-12-06 | 2010-06-10 | Raytheon Company | Multi-Level Secure Collaborative Computing Environment |
US9298902B2 (en) * | 2009-02-12 | 2016-03-29 | International Business Machines Corporation | System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record |
US8327134B2 (en) * | 2009-02-12 | 2012-12-04 | International Business Machines Corporation | System, method and program product for checking revocation status of a biometric reference template |
US8359475B2 (en) * | 2009-02-12 | 2013-01-22 | International Business Machines Corporation | System, method and program product for generating a cancelable biometric reference template on demand |
US8301902B2 (en) * | 2009-02-12 | 2012-10-30 | International Business Machines Corporation | System, method and program product for communicating a privacy policy associated with a biometric reference template |
US8289135B2 (en) * | 2009-02-12 | 2012-10-16 | International Business Machines Corporation | System, method and program product for associating a biometric reference template with a radio frequency identification tag |
US8242892B2 (en) * | 2009-02-12 | 2012-08-14 | International Business Machines Corporation | System, method and program product for communicating a privacy policy associated with a radio frequency identification tag and associated object |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US7891560B2 (en) | 2009-05-15 | 2011-02-22 | Visa International Service Assocation | Verification of portable consumer devices |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US10140598B2 (en) | 2009-05-20 | 2018-11-27 | Visa International Service Association | Device including encrypted data for expiration date and verification value creation |
US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
CA3045817A1 (en) | 2010-01-12 | 2011-07-21 | Visa International Service Association | Anytime validation for verification tokens |
US10255601B2 (en) | 2010-02-25 | 2019-04-09 | Visa International Service Association | Multifactor authentication using a directory server |
US9245267B2 (en) | 2010-03-03 | 2016-01-26 | Visa International Service Association | Portable account number for consumer payment account |
US8453212B2 (en) | 2010-07-27 | 2013-05-28 | Raytheon Company | Accessing resources of a secure computing network |
US9342832B2 (en) | 2010-08-12 | 2016-05-17 | Visa International Service Association | Securing external systems with account token substitution |
US10586227B2 (en) | 2011-02-16 | 2020-03-10 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
CN109118199A (zh) | 2011-02-16 | 2019-01-01 | 维萨国际服务协会 | 快拍移动支付装置,方法和系统 |
SG193510A1 (en) | 2011-02-22 | 2013-10-30 | Visa Int Service Ass | Universal electronic payment apparatuses, methods and systems |
CN107967602A (zh) | 2011-03-04 | 2018-04-27 | 维萨国际服务协会 | 支付能力结合至计算机的安全元件 |
WO2012142045A2 (en) | 2011-04-11 | 2012-10-18 | Visa International Service Association | Multiple tokenization for authentication |
US9582598B2 (en) | 2011-07-05 | 2017-02-28 | Visa International Service Association | Hybrid applications utilizing distributed models and views apparatuses, methods and systems |
US10121129B2 (en) | 2011-07-05 | 2018-11-06 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
US9355393B2 (en) | 2011-08-18 | 2016-05-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
WO2013019567A2 (en) | 2011-07-29 | 2013-02-07 | Visa International Service Association | Passing payment tokens through an hop/sop |
US9710807B2 (en) | 2011-08-18 | 2017-07-18 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods and systems |
US10242358B2 (en) | 2011-08-18 | 2019-03-26 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
US10825001B2 (en) | 2011-08-18 | 2020-11-03 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US9165294B2 (en) | 2011-08-24 | 2015-10-20 | Visa International Service Association | Method for using barcodes and mobile devices to conduct payment transactions |
US10223730B2 (en) | 2011-09-23 | 2019-03-05 | Visa International Service Association | E-wallet store injection search apparatuses, methods and systems |
US8689310B2 (en) * | 2011-12-29 | 2014-04-01 | Ebay Inc. | Applications login using a mechanism relating sub-tokens to the quality of a master token |
US10223710B2 (en) | 2013-01-04 | 2019-03-05 | Visa International Service Association | Wearable intelligent vision device apparatuses, methods and systems |
RU2017131424A (ru) | 2012-01-05 | 2019-02-06 | Виза Интернэшнл Сервис Ассосиэйшн | Защита данных с переводом |
WO2013113004A1 (en) | 2012-01-26 | 2013-08-01 | Visa International Service Association | System and method of providing tokenization as a service |
AU2013214801B2 (en) | 2012-02-02 | 2018-06-21 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems |
US20130212007A1 (en) | 2012-02-10 | 2013-08-15 | Protegrity Corporation | Tokenization in payment environments |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
US20130297501A1 (en) | 2012-05-04 | 2013-11-07 | Justin Monk | System and method for local data conversion |
US9524501B2 (en) | 2012-06-06 | 2016-12-20 | Visa International Service Association | Method and system for correlating diverse transaction data |
US9547769B2 (en) | 2012-07-03 | 2017-01-17 | Visa International Service Association | Data protection hub |
US9846861B2 (en) | 2012-07-25 | 2017-12-19 | Visa International Service Association | Upstream and downstream data conversion |
US9256871B2 (en) | 2012-07-26 | 2016-02-09 | Visa U.S.A. Inc. | Configurable payment tokens |
US9665722B2 (en) | 2012-08-10 | 2017-05-30 | Visa International Service Association | Privacy firewall |
WO2014043278A1 (en) | 2012-09-11 | 2014-03-20 | Visa International Service Association | Cloud-based virtual wallet nfc apparatuses, methods and systems |
US10176478B2 (en) | 2012-10-23 | 2019-01-08 | Visa International Service Association | Transaction initiation determination system utilizing transaction data elements |
US9911118B2 (en) | 2012-11-21 | 2018-03-06 | Visa International Service Association | Device pairing via trusted intermediary |
WO2014087381A1 (en) | 2012-12-07 | 2014-06-12 | Visa International Service Association | A token generating component |
US10740731B2 (en) | 2013-01-02 | 2020-08-11 | Visa International Service Association | Third party settlement |
US9741051B2 (en) | 2013-01-02 | 2017-08-22 | Visa International Service Association | Tokenization and third-party interaction |
US20140282984A1 (en) * | 2013-03-14 | 2014-09-18 | Microsoft Corporation | Service relationship and communication management |
US11055710B2 (en) | 2013-05-02 | 2021-07-06 | Visa International Service Association | Systems and methods for verifying and processing transactions using virtual currency |
WO2014186635A1 (en) | 2013-05-15 | 2014-11-20 | Visa International Service Association | Mobile tokenization hub |
US10878422B2 (en) | 2013-06-17 | 2020-12-29 | Visa International Service Association | System and method using merchant token |
EP3014803B1 (en) * | 2013-06-25 | 2019-09-25 | Nokia Technologies Oy | A method and apparatus for anonymous and trustworthy authentication in pervasive social networking |
DK2821931T3 (da) * | 2013-07-02 | 2019-08-26 | Precise Biometrics Ab | Verificeringsapplikation, fremgangsmåde, elektronisk indretning og computerapplikation. |
CA2918788C (en) | 2013-07-24 | 2020-06-16 | Visa International Service Association | Systems and methods for interoperable network token processing |
EP3025291A1 (en) | 2013-07-26 | 2016-06-01 | Visa International Service Association | Provisioning payment credentials to a consumer |
US10496986B2 (en) | 2013-08-08 | 2019-12-03 | Visa International Service Association | Multi-network tokenization processing |
CN105612543B (zh) | 2013-08-08 | 2022-05-27 | 维萨国际服务协会 | 用于为移动设备供应支付凭证的方法和系统 |
US10891610B2 (en) | 2013-10-11 | 2021-01-12 | Visa International Service Association | Network token system |
US9978094B2 (en) | 2013-10-11 | 2018-05-22 | Visa International Service Association | Tokenization revocation list |
US10515358B2 (en) | 2013-10-18 | 2019-12-24 | Visa International Service Association | Contextual transaction token methods and systems |
US10489779B2 (en) | 2013-10-21 | 2019-11-26 | Visa International Service Association | Multi-network token bin routing with defined verification parameters |
US10366387B2 (en) | 2013-10-29 | 2019-07-30 | Visa International Service Association | Digital wallet system and method |
SG10201900029SA (en) | 2013-11-19 | 2019-02-27 | Visa Int Service Ass | Automated account provisioning |
KR102293822B1 (ko) | 2013-12-19 | 2021-08-26 | 비자 인터네셔널 서비스 어소시에이션 | 클라우드-기반 트랜잭션 방법 및 시스템 |
US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
US10433128B2 (en) | 2014-01-07 | 2019-10-01 | Visa International Service Association | Methods and systems for provisioning multiple devices |
US9846878B2 (en) | 2014-01-14 | 2017-12-19 | Visa International Service Association | Payment account identifier system |
US9483640B2 (en) | 2014-04-01 | 2016-11-01 | Georgetown University | System and method for deterring malicious network attacks |
US10026087B2 (en) | 2014-04-08 | 2018-07-17 | Visa International Service Association | Data passed in an interaction |
US9608982B2 (en) | 2014-04-14 | 2017-03-28 | Trulioo Information Services, Inc. | Identity validation system and associated methods |
US9942043B2 (en) | 2014-04-23 | 2018-04-10 | Visa International Service Association | Token security on a communication device |
CN106233664B (zh) | 2014-05-01 | 2020-03-13 | 维萨国际服务协会 | 使用访问装置的数据验证 |
CN106462849B (zh) | 2014-05-05 | 2019-12-24 | 维萨国际服务协会 | 用于令牌域控制的系统和方法 |
AU2015264124B2 (en) | 2014-05-21 | 2019-05-09 | Visa International Service Association | Offline authentication |
US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
US10484345B2 (en) | 2014-07-31 | 2019-11-19 | Visa International Service Association | System and method for identity verification across mobile applications |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10140615B2 (en) | 2014-09-22 | 2018-11-27 | Visa International Service Association | Secure mobile device credential provisioning using risk decision non-overrides |
SG10201810140QA (en) | 2014-09-26 | 2018-12-28 | Visa Int Service Ass | Remote server encrypted data provisioning system and methods |
US11257074B2 (en) | 2014-09-29 | 2022-02-22 | Visa International Service Association | Transaction risk based token |
US10015147B2 (en) | 2014-10-22 | 2018-07-03 | Visa International Service Association | Token enrollment system and method |
GB201419016D0 (en) | 2014-10-24 | 2014-12-10 | Visa Europe Ltd | Transaction Messaging |
US9602490B2 (en) * | 2014-11-10 | 2017-03-21 | Intel Corporation | User authentication confidence based on multiple devices |
US10325261B2 (en) | 2014-11-25 | 2019-06-18 | Visa International Service Association | Systems communications with non-sensitive identifiers |
CN113537988B (zh) | 2014-11-26 | 2024-05-28 | 维萨国际服务协会 | 用于经由访问装置的令牌化请求的方法和设备 |
US10257185B2 (en) | 2014-12-12 | 2019-04-09 | Visa International Service Association | Automated access data provisioning |
WO2016094122A1 (en) | 2014-12-12 | 2016-06-16 | Visa International Service Association | Provisioning platform for machine-to-machine devices |
US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
US10096009B2 (en) | 2015-01-20 | 2018-10-09 | Visa International Service Association | Secure payment processing using authorization request |
US11250391B2 (en) | 2015-01-30 | 2022-02-15 | Visa International Service Association | Token check offline |
WO2016126729A1 (en) | 2015-02-03 | 2016-08-11 | Visa International Service Association | Validation identity tokens for transactions |
US10977657B2 (en) | 2015-02-09 | 2021-04-13 | Visa International Service Association | Token processing utilizing multiple authorizations |
US10164996B2 (en) | 2015-03-12 | 2018-12-25 | Visa International Service Association | Methods and systems for providing a low value token buffer |
CA2977427A1 (en) | 2015-04-10 | 2016-10-13 | Visa International Service Association | Browser integration with cryptogram |
US9998978B2 (en) | 2015-04-16 | 2018-06-12 | Visa International Service Association | Systems and methods for processing dormant virtual access devices |
US10552834B2 (en) | 2015-04-30 | 2020-02-04 | Visa International Service Association | Tokenization capable authentication framework |
US11068889B2 (en) | 2015-10-15 | 2021-07-20 | Visa International Service Association | Instant token issuance |
CN113542293B (zh) | 2015-12-04 | 2023-11-07 | 维萨国际服务协会 | 用于令牌验证的方法及计算机 |
AU2017206119B2 (en) | 2016-01-07 | 2020-10-29 | Visa International Service Association | Systems and methods for device push provisioning |
WO2017136418A1 (en) | 2016-02-01 | 2017-08-10 | Visa International Service Association | Systems and methods for code display and use |
US11501288B2 (en) | 2016-02-09 | 2022-11-15 | Visa International Service Association | Resource provider account token provisioning and processing |
US11423177B2 (en) * | 2016-02-11 | 2022-08-23 | Evident ID, Inc. | Systems and methods for establishing trust online |
US10313321B2 (en) | 2016-04-07 | 2019-06-04 | Visa International Service Association | Tokenization of co-network accounts |
CN109074578A (zh) | 2016-04-19 | 2018-12-21 | 维萨国际服务协会 | 用于执行推送交易的系统和方法 |
US11250424B2 (en) | 2016-05-19 | 2022-02-15 | Visa International Service Association | Systems and methods for creating subtokens using primary tokens |
BR112018072903A2 (pt) | 2016-06-03 | 2019-02-19 | Visa International Service Association | método, e, dispositivos de comunicação e conectado. |
US11068899B2 (en) | 2016-06-17 | 2021-07-20 | Visa International Service Association | Token aggregation for multi-party transactions |
SG11201808737YA (en) | 2016-06-24 | 2018-11-29 | Visa Int Service Ass | Unique token authentication cryptogram |
SG10202110839VA (en) | 2016-07-11 | 2021-11-29 | Visa Int Service Ass | Encryption key exchange process using access device |
EP3488406A4 (en) | 2016-07-19 | 2019-08-07 | Visa International Service Association | METHOD OF DISTRIBUTING TOKENS AND MANAGING TOKEN RELATIONS |
US10509779B2 (en) | 2016-09-14 | 2019-12-17 | Visa International Service Association | Self-cleaning token vault |
CN117009946A (zh) | 2016-11-28 | 2023-11-07 | 维萨国际服务协会 | 供应到应用程序的访问标识符 |
US10915899B2 (en) | 2017-03-17 | 2021-02-09 | Visa International Service Association | Replacing token on a multi-token user device |
US10902418B2 (en) | 2017-05-02 | 2021-01-26 | Visa International Service Association | System and method using interaction token |
US11494765B2 (en) | 2017-05-11 | 2022-11-08 | Visa International Service Association | Secure remote transaction system using mobile devices |
US10491389B2 (en) | 2017-07-14 | 2019-11-26 | Visa International Service Association | Token provisioning utilizing a secure authentication system |
EP3762844A4 (en) | 2018-03-07 | 2021-04-21 | Visa International Service Association | SECURE REMOTE TOKEN RELEASE WITH ONLINE AUTHENTICATION |
US11256789B2 (en) | 2018-06-18 | 2022-02-22 | Visa International Service Association | Recurring token transactions |
EP3841498B1 (en) | 2018-08-22 | 2024-05-01 | Visa International Service Association | Method and system for token provisioning and processing |
US10938641B1 (en) * | 2018-11-09 | 2021-03-02 | Amazon Technologies, Inc. | On-demand development environment |
CN113015992B (zh) | 2018-11-14 | 2023-02-17 | 维萨国际服务协会 | 多个令牌的云令牌预配 |
US11849042B2 (en) | 2019-05-17 | 2023-12-19 | Visa International Service Association | Virtual access credential interaction system and method |
US20220021537A1 (en) * | 2020-07-14 | 2022-01-20 | Visa International Service Association | Privacy-preserving identity attribute verification using policy tokens |
US20230121420A1 (en) * | 2021-10-14 | 2023-04-20 | Twilio Inc. | Trust relationships to share client assets among client accounts in a software as a service platform |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US6366682B1 (en) | 1994-11-28 | 2002-04-02 | Indivos Corporation | Tokenless electronic transaction system |
US6070141A (en) * | 1995-05-08 | 2000-05-30 | Image Data, Llc | System and method of assessing the quality of an identification transaction using an identificaion quality score |
CN1192834A (zh) * | 1995-06-05 | 1998-09-09 | 塞特科有限公司 | 多步数字签名方法和系统 |
US6163771A (en) * | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
US6484260B1 (en) * | 1998-04-24 | 2002-11-19 | Identix, Inc. | Personal identification system |
WO2001013198A1 (en) | 1999-08-13 | 2001-02-22 | Hewlett-Packard Company | Enforcing restrictions on the use of stored data |
GB2357664B (en) * | 1999-12-22 | 2004-03-10 | Nokia Mobile Phones Ltd | Electronic commerce system |
EP1139200A3 (en) | 2000-03-23 | 2002-10-16 | Tradecard Inc. | Access code generating system including smart card and smart card reader |
US7191466B1 (en) * | 2000-07-25 | 2007-03-13 | Laurence Hamid | Flexible system and method of user authentication for password based system |
US7043760B2 (en) * | 2000-10-11 | 2006-05-09 | David H. Holtzman | System and method for establishing and managing relationships between pseudonymous identifications and memberships in organizations |
US20030140233A1 (en) * | 2002-01-22 | 2003-07-24 | Vipin Samar | Method and apparatus for facilitating low-cost and scalable digital identification authentication |
US20030140223A1 (en) * | 2002-01-23 | 2003-07-24 | Robert Desideri | Automatic configuration of devices for secure network communication |
WO2003062969A1 (en) * | 2002-01-24 | 2003-07-31 | Activcard Ireland, Limited | Flexible method of user authentication |
US20030145204A1 (en) | 2002-01-29 | 2003-07-31 | Mehrdad Nadooshan | Method and apparatus for simultaneously establishing user identity and group membership |
US7770212B2 (en) | 2002-08-15 | 2010-08-03 | Activcard | System and method for privilege delegation and control |
US7010565B2 (en) * | 2002-09-30 | 2006-03-07 | Sampson Scott E | Communication management using a token action log |
-
2004
- 2004-03-31 GB GBGB0407369.8A patent/GB0407369D0/en not_active Ceased
-
2005
- 2005-03-21 CN CNB200580010760XA patent/CN100511088C/zh not_active Expired - Fee Related
- 2005-03-21 WO PCT/GB2005/001064 patent/WO2005096117A1/en not_active Application Discontinuation
- 2005-03-21 EP EP20050729385 patent/EP1735678A1/en not_active Withdrawn
- 2005-03-21 US US10/592,757 patent/US7627895B2/en not_active Expired - Fee Related
- 2005-03-21 CA CA002557414A patent/CA2557414A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
EP1735678A1 (en) | 2006-12-27 |
GB0407369D0 (en) | 2004-05-05 |
US20070192619A1 (en) | 2007-08-16 |
WO2005096117A1 (en) | 2005-10-13 |
US7627895B2 (en) | 2009-12-01 |
CA2557414A1 (en) | 2005-10-13 |
CN1938665A (zh) | 2007-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100511088C (zh) | 身份确认装置和身份确认方法 | |
US11445364B2 (en) | Secure data communication | |
US20120032782A1 (en) | System for restricted biometric access for a secure global online and electronic environment | |
JP4960883B2 (ja) | 認証デバイスおよび/または方法 | |
US8549602B2 (en) | System and method for handling permits for user authentication tokens | |
US20060229988A1 (en) | Card settlement method using portable electronic device having fingerprint sensor | |
US20110140834A1 (en) | Secure identification, verification and authorization using a secure portable device | |
KR20080100786A (ko) | 인터넷 비지니스 보안 시스템 | |
JP2009528643A (ja) | メール注文及び電話注文における二要素認証を実施するための方法及びシステム | |
AU2009200408A1 (en) | Password generator | |
US20150235226A1 (en) | Method of Witnessed Fingerprint Payment | |
US20140270336A1 (en) | System and Method for Transaction Authentication | |
CA3154449C (en) | A digital, personal and secure electronic access permission | |
JP2007128468A (ja) | Icカード発行システム、および、icカード発行方法 | |
Gasson et al. | D3. 2: A study on PKI and biometrics | |
US20040015688A1 (en) | Interactive authentication process | |
AU2021107510A4 (en) | A method for electronic identity verification and management | |
EP3767918B1 (en) | Method and system for authenticating a purchase by a user | |
WO2022249294A1 (ja) | 認証システム、認証方法、及びプログラム | |
NL1031488C2 (nl) | Systeem alsmede werkwijze voor het toekennen van een privilege aan een chiphouder. | |
WO2023023824A1 (en) | A method for electronic identity verification and management | |
WO2002046984A1 (fr) | Procede securise de transaction entre un acheteur et un vendeur | |
Sedaghat et al. | The management of citizen identity in electronic government | |
Katta et al. | Model for Token Based Secure Transaction in ATM Networks. | |
AU2005294107A1 (en) | Authentication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090708 Termination date: 20130321 |