DE102012011562A1 - Method and device for identification and verification of access permissions - Google Patents
Method and device for identification and verification of access permissions Download PDFInfo
- Publication number
- DE102012011562A1 DE102012011562A1 DE102012011562A DE102012011562A DE102012011562A1 DE 102012011562 A1 DE102012011562 A1 DE 102012011562A1 DE 102012011562 A DE102012011562 A DE 102012011562A DE 102012011562 A DE102012011562 A DE 102012011562A DE 102012011562 A1 DE102012011562 A1 DE 102012011562A1
- Authority
- DE
- Germany
- Prior art keywords
- communication
- verification
- data
- bidirectional data
- communication according
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Die gezielte Zuweisung von Zugangsberechtigungen stellt sowohl in der realen als auch der digitalen Welt die Grundlage zur Sicherung von geistigem, virtuellem und realem Eigentum dar. Während für viele Elemente des realen Lebens ein einfacher Schlüssel immer noch gute Dienste leistet, kommen in der Welt der virtuellen und geistigen Güter immer ausgefeiltere Sicherungssysteme zum Einsatz, die im ständigen Wettlauf mit kriminellen Kräften wie z. B. Computer-Hackern stehen. Dem einzelnen Bürger werden dabei nicht selten Sorgfaltspflichten auferlegt, die er im täglichen Einsatz nur schwer erfüllen kann. Dass ein Bürger sein Bargeld unter Verschluss oder Aufsicht hält, ist dabei noch die einfachste und selbstverständlichste Pflicht. Doch Bargeld ist heute nicht mehr das einzige Zahlungsmittel: von der EC-Karte über Kreditkarten bis zur E-Mail steht eine Vielzahl von Instrumenten zur Verfügung, die beim täglichen Einkauf in Einkaufszentren ebenso zur Anwendung kommt wie beim Besuch eines Onlineshops. Der Besitzer einer entsprechenden Plastikkarte kann diese meist nur in Verbindung mit Sicherheitsmerkmalen wie einem Lichtbild, seiner Unterschrift oder einer mehrstelligen PIN einsetzen, um sich rechtmäßiger Eigentümer zu legitimieren. Über den Sinn oder Unsinn der auf der Karte aufgebrachten Unterschrift lässt sich zudem streiten, da ein potenzieller Kreditkartenbetrüger damit eine einfach zu nutzende Vorlage zum Üben in der Hand hält. Das Lichtbild im Miniaturformat ähnelt nicht selten sogar weiteren Menschen, die an derselben Kasse anstehen. Eine mehrstellige PIN wäre somit das einzige Sicherheitsmerkmal, das eine gewisse Zuverlässigkeit bietet und wird daher auch systemübergreifend von nahezu jedem Anbieter eingesetzt. Das Problem hierbei ist jedoch: merken können sich die meisten Menschen nur äußerst unsichere PINs mit 4 bis 5 Stellen. Und auch das ist in Frage gestellt, wenn man über mehrere Karten mit demzufolge mehreren PINs verfügt. Heutzutage gehören unzählige PINs, Usernamen und Passwörter zum Alltag wie der Hausschlüssel. Die Grenzen der Merkfähigkeit sind damit bei den meisten Menschen bereits überschritten. Und ein selbst 5-stelliger PIN-Code stellt keine Hürde für einen einigermaßen versierten Kriminellen dar. Ausgefeilte sog. Skimming-Methoden dienen dazu, die PIN-Codes direkt bei der Eingabe, z. B. am Geldautomaten durch versteckte Kameras abzugreifen.Targeted assignment of access permissions is the basis for securing intellectual, virtual and real property in both the real and digital worlds. While for many elements of real life, a simple key still serves well in the world of virtual reality and intellectual goods increasingly sophisticated security systems used in constant competition with criminal forces such. B. Computer hackers stand. It is not uncommon for the individual citizen to be subject to due diligence, which he finds difficult to fulfill in his daily work. The fact that a citizen keeps his cash under lock and key is still the simplest and most natural duty. But cash is no longer the only means of payment today: from debit cards to credit cards to e-mails, there are a multitude of instruments available that are used for daily shopping in shopping malls as well as when visiting an online shop. The owner of a corresponding plastic card can usually use this only in conjunction with security features such as a photograph, his signature or a multi-digit PIN to legitimate legitimate owner. The sense or nonsense of the signature on the card can also be argued, as a potential credit card fraudster thus an easy-to-use template for practicing holds in his hand. The photograph in miniature often resembles even more people who are at the same cash register. A multi-digit PIN would thus be the only security feature that offers a certain degree of reliability and is therefore also used across systems by almost every provider. The problem here is: most people can only remember extremely unsafe PINs with 4 to 5 digits. And that too is questioned if one has several cards with consequently several PINs. Countless PINs, usernames and passwords are now part of everyday life like the house key. The limits of memory are thus already exceeded in most people. And even a 5-digit PIN code does not pose a hurdle for a reasonably savvy criminal. Sophisticated so-called skimming methods are used to enter the PIN codes directly when entering, eg. B. at the ATM by hidden cameras tap.
Description
Aufgabenstellung:Task:
Es besteht ein umfassender und dringender Bedarf an einem neuen Verfahren und einer Vorrichtung zur Sicherung persönlicher Zugriffsberechtigungen, sei es im Bereich Kreditkarten, elektronischer Schlösser für Gebäude oder Fahrzeuge oder im weiten Feld bezahlter Online-Anwendungen wie Shops, Services, etc. Dies umfasst den Schutz vor Missbrauch, Betrug, Entwendung und Verlust sowie vor Vergessen von gemerkten PIN-Codes.There is a broad and urgent need for a new method and apparatus for securing personal access rights, whether in the area of credit cards, electronic locks for buildings or vehicles, or in the wide field of paid online applications such as shops, services, etc. This includes protection against misuse, fraud, theft and loss as well as forgetting of remembered PIN codes.
Beschreibung:Description:
Die Erfindung betrifft ein in
Findet dennoch ein Diebstahl der Karte statt oder geht diese verloren, ist ein Einsatz als Zahlungsmittel ohne die Anwesenheit des zweiten Transponders unmöglich, die Karte alleine ist ohne mindestens einen Partner-Transponder wertlos. Ein Abhören des Datenverkehrs zwischen Transpondern (
Die vorliegende Erfindung verhindert nahezu alle bekannten Betrugs- und Verlustproblematiken bei EC- oder Kreditkarten, ermöglicht sichere Tür- und Autoschlösser sowie das sichere Bezahlen per Karte über das Internet durch z. B. RFID-Tastaturen oder -Mäuse oder RFID-fähige Handys (z. B. Apple-Patent) oder durch Versand bankunabhängiger mobiler TANs.The present invention prevents almost all known fraud and loss problems with EC or credit cards, allows secure door and car locks and secure payment by card over the Internet by z. B. RFID keyboards or mice or RFID-enabled cell phones (eg Apple patent) or by shipping bank-independent mobile TANs.
Durch die Beschreibbarkeit der Transponder sind Zusatzfunktionen wie das Tracking von Fahrtzeiten bei Fahrzeugen oder die Nutzungszeiten von Geräten und Systemen einschließlich Nutzungsdaten möglich.Due to the writability of the transponders, additional functions such as the tracking of vehicle travel times or the usage times of devices and systems including usage data are possible.
In
In
Nach erfolgreichem Abgleich werden beide ID sowie die Kennungen an das Datenverarbeitungs-System (
Claims (15)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102012011562A DE102012011562A1 (en) | 2012-06-13 | 2012-06-13 | Method and device for identification and verification of access permissions |
PCT/EP2013/001746 WO2013185918A2 (en) | 2012-06-13 | 2013-06-13 | Method and device for recognising and verifying access authorisations |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102012011562A DE102012011562A1 (en) | 2012-06-13 | 2012-06-13 | Method and device for identification and verification of access permissions |
Publications (1)
Publication Number | Publication Date |
---|---|
DE102012011562A1 true DE102012011562A1 (en) | 2013-12-19 |
Family
ID=48949107
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
DE102012011562A Withdrawn DE102012011562A1 (en) | 2012-06-13 | 2012-06-13 | Method and device for identification and verification of access permissions |
Country Status (2)
Country | Link |
---|---|
DE (1) | DE102012011562A1 (en) |
WO (1) | WO2013185918A2 (en) |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2105873A1 (en) * | 2008-03-11 | 2009-09-30 | Imunant S.r.l. | System and method for performing a transaction |
WO2010004353A2 (en) * | 2008-06-25 | 2010-01-14 | Richard Gaillard | Method of combined use of electronic hardware and components for securing financial, legal, administrative, commercial and technical operations |
-
2012
- 2012-06-13 DE DE102012011562A patent/DE102012011562A1/en not_active Withdrawn
-
2013
- 2013-06-13 WO PCT/EP2013/001746 patent/WO2013185918A2/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2013185918A2 (en) | 2013-12-19 |
WO2013185918A3 (en) | 2014-02-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2949094B1 (en) | Method for authenticating a user with respect to a machine | |
DE102011100144B4 (en) | Secure wireless payment system and method of use | |
EP1254436B1 (en) | Method for controlling the identity of users | |
DE102008023914A1 (en) | Method for authenticating an RFID tag | |
DE102011116489A1 (en) | A mobile terminal, transaction terminal and method for performing a transaction at a transaction terminal by means of a mobile terminal | |
EP2528045A1 (en) | Method and service computer and system for card-less authentication | |
EP3215974B1 (en) | Method for providing an access code in a portable device, and portable device | |
WO2013093026A1 (en) | Method for making authenticated payments | |
DE102005003647A1 (en) | identification system | |
DE102013212646A1 (en) | Electronic transaction procedure and computer system | |
DE102013212627A1 (en) | Electronic transaction procedure and computer system | |
DE102012011562A1 (en) | Method and device for identification and verification of access permissions | |
EP3657750B1 (en) | Method for the authentication of a pair of data glasses in a data network | |
DE102012011103A1 (en) | Method for handling access control, entry and transfer of ownership rights of drinks and food product machine, involves updating digital code added with contact details provided by electronic device by control administrative unit | |
DE102007023003A1 (en) | Mobile paying method, involves causing paying process based on transferred data record with reference data record in server computer, where data record comprises safety information with temporally limited validation | |
DE102007053736A1 (en) | Authentication method for authentication of persons upon usage of services, involves generating authentication code and information is provided about authentication code to user | |
DE10125601A1 (en) | Device for storing and delivering goods has a box for holding the goods locked by a door device, a locking device with a lock mechanism and a release signal for unlocking and a data processor with a memory. | |
DE10222492A1 (en) | Sure and confidential transmission of personal and legal data is made using identification security card access to a network liked to processing centers | |
WO2007062888A1 (en) | Mobile chip card device and method for authenticating at least one device using a chip card | |
DE102004026933B4 (en) | System and method for authenticating a user | |
DE102005057798A1 (en) | Access authorization allocating and verifying method for e.g. computer system, involves verifying fulfillment of requirement through another requirement, and permitting access to access region of restriction region based on verification | |
EP3690687A1 (en) | Password abstractor | |
DE202022100435U1 (en) | Intelligent management security system to protect against fraud when accessing a mobile unit with authentication options | |
WO2020245043A1 (en) | Method and control device for securely checking an electronic ticket | |
DE102013022447B3 (en) | Electronic transaction process and computer system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
R082 | Change of representative |
Representative=s name: PATENTANWAELTE RUFF, WILHELM, BEIER, DAUSTER &, DE |
|
R119 | Application deemed withdrawn, or ip right lapsed, due to non-payment of renewal fee |