CN106233689B - 用于保护移动应用的方法和设备 - Google Patents

用于保护移动应用的方法和设备 Download PDF

Info

Publication number
CN106233689B
CN106233689B CN201480074247.6A CN201480074247A CN106233689B CN 106233689 B CN106233689 B CN 106233689B CN 201480074247 A CN201480074247 A CN 201480074247A CN 106233689 B CN106233689 B CN 106233689B
Authority
CN
China
Prior art keywords
nfc
user
transmitting device
dynamic
dynamic credential
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201480074247.6A
Other languages
English (en)
Chinese (zh)
Other versions
CN106233689A (zh
Inventor
迪尔克·马里恩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wansi Ban North America Co
Original Assignee
Vasco Data Security International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vasco Data Security International Inc filed Critical Vasco Data Security International Inc
Publication of CN106233689A publication Critical patent/CN106233689A/zh
Application granted granted Critical
Publication of CN106233689B publication Critical patent/CN106233689B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephone Function (AREA)
CN201480074247.6A 2013-12-31 2014-12-23 用于保护移动应用的方法和设备 Active CN106233689B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201361922215P 2013-12-31 2013-12-31
US61/922,215 2013-12-31
PCT/US2014/072102 WO2015103031A1 (en) 2013-12-31 2014-12-23 A method and apparatus for securing a mobile application

Publications (2)

Publication Number Publication Date
CN106233689A CN106233689A (zh) 2016-12-14
CN106233689B true CN106233689B (zh) 2019-09-20

Family

ID=52350373

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480074247.6A Active CN106233689B (zh) 2013-12-31 2014-12-23 用于保护移动应用的方法和设备

Country Status (6)

Country Link
US (1) US9510192B2 (https=)
EP (1) EP3090521B1 (https=)
JP (2) JP6556145B2 (https=)
KR (1) KR101706173B1 (https=)
CN (1) CN106233689B (https=)
WO (1) WO2015103031A1 (https=)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9954578B2 (en) * 2011-09-08 2018-04-24 Yubico Inc. Devices and methods for identification, authentication and signing purposes
GB2516686B (en) * 2013-07-30 2018-02-07 Paxton Access Ltd Communication method and system
JP6556145B2 (ja) * 2013-12-31 2019-08-07 ヴァスコ データ セキュリティ インターナショナル ゲゼルシャフト ミット ベシュレンクテル ハフツング モバイルアプリケーションの安全性を確保する方法および装置
US10216366B2 (en) * 2014-11-19 2019-02-26 Imprivata, Inc. Location-based anticipatory resource provisioning
US20160261588A1 (en) * 2015-03-04 2016-09-08 Tapcentive, Inc. Secure nfc token supporting escalating authentication of nfc exchanges
KR200478493Y1 (ko) * 2015-04-09 2015-10-14 (주)예원조경건설 스마트 안내표지판
US9998181B1 (en) * 2015-04-09 2018-06-12 Cellotape, Inc. Method, system and apparatus for selectively accessing content at a device
RU2018114639A (ru) * 2015-09-21 2019-10-23 УанСпэн Интернэшнл ГмбХ Многопользовательский строгий аутентификационный маркер
US10817593B1 (en) * 2015-12-29 2020-10-27 Wells Fargo Bank, N.A. User information gathering and distribution system
WO2017117520A1 (en) * 2015-12-30 2017-07-06 Vasco Data Security, Inc. A method, system and apparatus using forward-secure cryptography for passcode verification
SG10201600192TA (en) * 2016-01-11 2017-08-30 Mastercard Asia Pacific Pte Ltd A Method For Dynamic Authentication Of An Object
FR3049414A1 (fr) * 2016-03-25 2017-09-29 Orange Enregistrement de service dans un reseau local
CN105915541A (zh) * 2016-06-07 2016-08-31 惠州Tcl移动通信有限公司 基于nfc的移动终端密码保存与恢复处理方法及系统
US20230360023A1 (en) * 2016-06-15 2023-11-09 Capital One Services, Llc Techniques to process contactless card functions in a multiple banking system environment
KR102526959B1 (ko) * 2016-10-27 2023-05-02 삼성전자주식회사 전자 장치 및 그의 동작 방법
JP2019067348A (ja) * 2017-10-02 2019-04-25 聡子 荻原 ワンタイムパスワード自動送信機
EP3502998A1 (en) * 2017-12-19 2019-06-26 Mastercard International Incorporated Access security system and method
CN108810836B (zh) 2018-06-12 2020-06-16 飞天诚信科技股份有限公司 一种向用户提供近场通信设备信息的方法及系统
EP3582166A1 (en) * 2018-06-15 2019-12-18 Thales Dis France SA Method and system to create a trusted record or message and usage for a secure activation or strong customer authentication
EP3671498B1 (fr) * 2018-12-20 2023-08-09 EM Microelectronic-Marin SA Procede d'authentification securisee d'un transpondeur en communication avec un serveur
DE102019108049A1 (de) * 2019-03-28 2020-10-01 Pilz Gmbh & Co. Kg Zugriffssteuerungssystem zur Steuerung eines Zugriffs eines Nutzers auf eine oder mehrere Betriebsfunktionen einer technischen Anlage
US11521213B2 (en) * 2019-07-18 2022-12-06 Capital One Services, Llc Continuous authentication for digital services based on contactless card positioning
US11455617B2 (en) * 2019-10-04 2022-09-27 Visa International Service Association Type 4 NFC tags as protocol interface
US11432149B1 (en) 2019-10-10 2022-08-30 Wells Fargo Bank, N.A. Self-sovereign identification via digital credentials for selected identity attributes
US10733283B1 (en) * 2019-12-23 2020-08-04 Capital One Services, Llc Secure password generation and management using NFC and contactless smart cards
JP7669029B2 (ja) * 2021-04-12 2025-04-28 株式会社アクアビットスパイラルズ アクション制御システム、アクション制御サーバ及びアクション制御方法
SE544638C2 (en) * 2021-06-07 2022-10-04 Total Security Stockholm Ab System and method for taking an access control decision based on a virtual key
CN115695064A (zh) * 2021-07-28 2023-02-03 佛山市顺德区美的电子科技有限公司 一种家电设备配网方法、配网装置和家电设备
CN115278630A (zh) * 2022-07-29 2022-11-01 上海千随信息技术有限公司 基于近场通信的信息交互方法、装置、系统及存储介质
US20240346130A1 (en) * 2023-04-11 2024-10-17 Capital One Services, Llc Random password generation and update for digital service authentication
US20240381080A1 (en) * 2023-05-10 2024-11-14 Capital One Services, Llc Systems and methods for secure authentication information retrieval
US20250190972A1 (en) * 2023-12-08 2025-06-12 Capital One Services, Llc Systems and techniques to perform card functions in a computer environment
TWI875546B (zh) * 2024-03-28 2025-03-01 奧圖碼股份有限公司 顯示裝置、顯示系統及解除顯示裝置鎖定狀態的方法

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013034681A1 (en) * 2011-09-08 2013-03-14 Ehrensvaerd Jakob Devices and methods for identification, authentication and signing purposes

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7791451B2 (en) * 2006-10-17 2010-09-07 International Business Machines Corporation Methods, systems, and computer program products for providing mutual authentication for radio frequency identification (RFID) security
US8494959B2 (en) * 2007-08-17 2013-07-23 Emc Corporation Payment card with dynamic account number
EP2201543A1 (en) * 2007-09-21 2010-06-30 Wireless Dynamics, Inc. Wireless smart card and integrated personal area network, near field communication and contactless payment system
KR20100058527A (ko) * 2007-09-27 2010-06-03 인사이드 컨택트리스 비접촉 데이터 송신 또는 수신에 대한 응답으로 nfc 시스템 내에서 애플리케이션 데이터를 관리하는 방법 및 장치
WO2010043974A1 (en) * 2008-10-16 2010-04-22 Christian Richard System for secure contactless payment transactions
CA2742694C (en) * 2008-11-04 2016-06-14 Securekey Technologies Inc. System and methods for online authentication
US8412928B1 (en) * 2010-03-31 2013-04-02 Emc Corporation One-time password authentication employing local testing of candidate passwords from one-time password server
US8453226B2 (en) * 2010-07-16 2013-05-28 Visa International Service Association Token validation for advanced authorization
JP2012073955A (ja) * 2010-09-29 2012-04-12 Fujitsu Ltd 送受信体及び認証システム
US20120167194A1 (en) * 2010-12-22 2012-06-28 Reese Kenneth W Client hardware authenticated transactions
US8789146B2 (en) * 2011-04-14 2014-07-22 Yubico Inc. Dual interface device for access control and a method therefor
EP2680526A1 (en) * 2012-06-26 2014-01-01 Certicom Corp. Methods and devices for establishing trust on first use for close proximity communications
US9594896B2 (en) * 2012-12-21 2017-03-14 Blackberry Limited Two factor authentication using near field communications
US9104853B2 (en) * 2013-05-16 2015-08-11 Symantec Corporation Supporting proximity based security code transfer from mobile/tablet application to access device
JP6556145B2 (ja) * 2013-12-31 2019-08-07 ヴァスコ データ セキュリティ インターナショナル ゲゼルシャフト ミット ベシュレンクテル ハフツング モバイルアプリケーションの安全性を確保する方法および装置

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013034681A1 (en) * 2011-09-08 2013-03-14 Ehrensvaerd Jakob Devices and methods for identification, authentication and signing purposes

Also Published As

Publication number Publication date
EP3090521A1 (en) 2016-11-09
KR20160128997A (ko) 2016-11-08
US9510192B2 (en) 2016-11-29
CN106233689A (zh) 2016-12-14
JP6629952B2 (ja) 2020-01-15
JP2019083536A (ja) 2019-05-30
WO2015103031A1 (en) 2015-07-09
KR101706173B1 (ko) 2017-02-27
JP2017503427A (ja) 2017-01-26
US20150189505A1 (en) 2015-07-02
JP6556145B2 (ja) 2019-08-07
EP3090521B1 (en) 2020-04-01

Similar Documents

Publication Publication Date Title
CN106233689B (zh) 用于保护移动应用的方法和设备
US10177816B2 (en) Devices and methods for identification, authentication and signing purposes
US9647840B2 (en) Method for producing a soft token, computer program product and service computer system
US11539399B2 (en) System and method for smart card based hardware root of trust on mobile platforms using near field communications
CN102768744B (zh) 一种远程安全支付方法和系统
JP2017503427A5 (https=)
JP2010539813A (ja) 追加要素での移動体装置のアップデート
CN106157025A (zh) 基于身份证的移动终端安全支付方法及系统
US9361566B2 (en) Method for reading an RFID token, RFID card and electronic device
JP2016500173A (ja) モバイル装置および電源付きディスプレイカードを用いた、安全な遠隔アクセスおよび遠隔支払いのためのシステムおよび方法。
US10176314B2 (en) Authentication system and method
CN110876144A (zh) 一种身份凭证的移动应用方法、装置及系统
CN120226031A (zh) 使用无线通信执行验证操作的系统和技术
CN119948509A (zh) 使用硬件加密狗确保浏览器扩展加密钱包安全
KR20110005615A (ko) 사용자 매체를 이용한 무선 오티피 운영 방법 및 시스템과 이를 위한 무선단말 및 기록매체
EP4405780B1 (en) Icc reader
CN108665267A (zh) 安全认证装置及系统
KR101078953B1 (ko) 공인 인증서 원격 폐기 중계처리 방법 및 시스템과 이를 위한 기록매체
Kunning Strong Authentication Protocol using PIV Card with Mobile Devices
CN119271595A (zh) 一种接口转换装置和系统
KR20100136301A (ko) 생체 인식과 연동하는 복수 인증 방식의 오티피 출력 방법 및 시스템과 이를 위한 휴대폰 및 기록매체
KR20100136138A (ko) 사용자 매체와 연동하는 이중 코드 생성 방식의 오티피 출력 방법 및 시스템과 이를 위한 기록매체

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: Zurich

Patentee after: VASCO DATA SECURTY, Inc.

Address before: Swiss Glatt Brygge

Patentee before: VASCO DATA SECURITY, Inc.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20250910

Address after: U.S.A.

Patentee after: Wansi Ban North America Co.

Country or region after: U.S.A.

Address before: Swiss Glatt Brygge

Patentee before: VASCO DATA SECURTY, Inc.

Country or region before: Switzerland