EP2795523A1 - Authentifizierungssystem und -verfahren - Google Patents
Authentifizierungssystem und -verfahrenInfo
- Publication number
- EP2795523A1 EP2795523A1 EP13711021.9A EP13711021A EP2795523A1 EP 2795523 A1 EP2795523 A1 EP 2795523A1 EP 13711021 A EP13711021 A EP 13711021A EP 2795523 A1 EP2795523 A1 EP 2795523A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- biometric data
- identifier
- operable
- user
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Definitions
- This invention relates to an authentication system and method. More particularly, this invention relates to a mechanism for authenticating an authorised user of an electronic device.
- NFC Near Field Communication
- Such security systems do not verify user presence and only require the correct entry of the PIN or password or presentation of the RFID chip in NFC systems to allow access to the services of the smartcard or mobile phone.
- Biometric systems are available but these require the biometric data to be stored on a central server for access when authenticating data. Although such data may be encrypted it still requires a user's personal data to be stored somewhere in the remote computer server system or even in the cloud. This increases the security risk if such data is stolen, with hacker(s) having time to work to decrypt the stolen data offline, even by brute force methods with high speed CPUs and multiple computers can crack the code within a known time frame. This is unacceptable since a person's biometric data cannot be issued anew. Once stolen and decrypted (if encrypted), the biometric data is available. One cannot issue "new" biometric data, unlike a commercial bank that can issue a new bank card with a new PIN.
- the encryption of any data is only good for the time required to decrypt the sensitive data.
- the level of encryption employed for a particular task should be related to the timeframe for which the data should remain secret. This could lead to a conclusion that it is not acceptable to store personal biometric data on a regular or cloud server.
- Biometric sensors e.g. finger print readers, vein pattern readers, iris readers and other biometric data are used, mostly for physical access control. Some of the readers or sensors are enhanced , for example with finger print liveliness detection. Embodiments of the present invention use a biometric sensor and data generated from the biometric sensor.
- Sampling and sensing biometric data is not 100% accurate or reproducible mea n i ng th at va l id b iometric d ata m ay someti m es be rej ected as unrecognised. False negatives can arise. For example, if the confidence levels for validation are set too high. In whatever manner the biometric data is represented or sampled for storage or transmission, the data may differ between sensing opportunities. There will often be a delta in the biometric data.
- a standard method of logging into a secured system is the use of a static userid and a password which can change.
- An OTP (One Time Password) dongle is provided by some commercial banks which generates a one time password to get over the static password issue. It does not prevent an adversary who has access to the userid , and the physical dongle key generator who can login without the owners knowledge and complete a transaction.
- the rolling code generator system is only secure until the rollover code generator has been compromised and the rolling code sequence published on the web as has happened in the past.
- PKI Public Key Infrastructure
- Other authentication techniques such as PKI (Public Key Infrastructure) can provide transaction or access authentication.
- PKI is overly complex for this authentication , it requires receiver's public key and the users private key to encrypt and send a message and decryption requires the users public key and the entities private key, and communication over the internet.
- Such systems are more complex to operate and lack ease of use for the end user in the appl ications intended for th is invention .
- su ch a uthentication techniques lack interplay between the user and the device being operated by the user. Ease of use for the end user is a key feature of embodiments of the invention.
- EP2530552 and EP1412831 disclose physical presence digital authentication systems.
- EP22141 1 7 discloses authentication with physical unclonable functions.
- EP1914938 discloses a method of physical authentication and a digital device.
- US 7,195,154 discloses a method for generating customer secure card numbers and US 7,613,333 discloses an individual authentication system and method.
- the present invention seeks to provide an authentication system and method which ameliorates the above issues and system limitations.
- the present invention provides an authentication system and method as set out in the accompanying claims.
- FIG. 1 is a schematic block diagram of an authentication system embodying one aspect of the present invention
- FIG. 2 is a schematic representation of the two sides of a chip and PIN card incorporating an authentication system embodying the present invention
- FIG. 3 is a schematic representation of a Near Field Communication (NFC) incorporating an authentication system embodying the present invention.
- NFC Near Field Communication
- FIG. 4 is a schematic block diagram of an authentication system embodying another aspect of the present invention.
- the present invention addresses a number of technical problems. It would be preferable if a single authentication device could be used : to access ATM terminals; to authenticate online access; and to authenticate transactions at POS terminals. There are other applications where authentication of an individual user on a designated device are required. Other applications are described below in the Applications section of this description but one notable other application is in access control.
- a single device to authenticate transactions and permit access would be more efficient and provide a universal solution. If a PIN or password for secure access is not required (for example in contactless ' payment), the system should only function if the correct owner (authorised user) is physically present. Th is safeguard would increase user acceptance of modes of transaction where a PIN or password is not required .
- biometric data (bd)
- the system should not require any biometric data to be stored on a server. Biometric data should only be stored securely on the apparatus itself and the system design should guarantee that the biometric data cannot be read or over-written by an adversary.
- This invention provides apparatus that is uniquely personal to each individual user, who must be physically present with an associated or paired device for the device to give an authentication signal.
- the device is paired to a user.
- the device is capable of multi-factor authentication in that both the device, the user and their pairing with one another are being authenticated and only if all three relationships hold good will authentication be possible: 1 ) Is the user authorised? 2) Is the device identified? 3) Is the authorised user paired with the identified device?
- Embodiments of the invention are unique, uncloneable and paired to an authorised user. No transaction can take place without the respective user being physically present at the paired electronic device.
- Embodiments of this invention make use of a biometric sensor and the associated data generated from it.
- the electronic device for use in embodiments of the present invention is in its simplest form an integrated circuit (IC).
- the IC can be embodied in a larger component such as a chip of a chip and PIN card or can be embodied in a more elaborate electronic device such as a mobile telephone, a tablet, a computer, a vehicle or a house.
- One embodiment of the invention is shown in Figure 1 and comprises an authentication system (100) which may be embedded in an electronic device. Th e system (100) authenticates an authorised user at the respective electronic device.
- the IC is part of an electronic device (or in its simplest form IS the IC).
- the IC has a device-specific identifier (di)(101 ) operable to identify the respective electronic device.
- the device-specific identifier (101 ) is a characterstic specific to that IC arising from the IC's fabrication process.
- the system also incorporates a biometric data sensor (102) which is operable to sample biometric data (bd) from the authorised user of the respective device identified by the device-specific identifier (101 ) and provide reference biometric data (rb) for the authorised user.
- a biometric data sensor (102) which is operable to sample biometric data (bd) from the authorised user of the respective device identified by the device-specific identifier (101 ) and provide reference biometric data (rb) for the authorised user.
- the sytem further incorporates a storage unit (103), preferably comprising a non-volatile memory (NVM) (103), which is operable to hold the reference biometric data (rb) derived from the biometric data of the authorised user of the respective device identified by the device-specific identifier (101 ).
- NVM non-volatile memory
- the NVM (103) has a lock out function (105) which prevents the NVM (103) from being written to again or over-written.
- the system also incorporates a processor (104) to which the device identifier (d i); and the biometric data (bd/rb) are delivered .
- the processor (104) performs a one-way function F on a data pair comprising or derived from: the device identifier (di) and the biometric data (bd/rb), the one way function having an output comprising F(di, bd/rb).
- Embodiments of the invention include an electronic device having an IC. Because of the fabrication process, th is IC wil l have certain u n iq ue characteristics which make it different to all other ICs, even those produced in the same fabrication plant or from the same wafer.
- One unique characteristic of the IC is the unique Physical Uncloneable Function (PUF) identifier of the IC. This is the device-specific identifier (di) (101 ).
- PUF Physical Uncloneable Function
- the system pairs the device-specific identifier (101 ) with stored biometric data of an authorised user. This pair is put through a circuit called a one way hash, the one way hash creates a unique output for every unique input.
- the output of the one hash is a signature or authentication signal which is unique to the particu lar com bination of device identifier and biometric data .
- the authentication signal or signature signifies that the authorised user is physically present at the respective electronic device to authenticate the transaction or other process.
- the signature or authentication signal is transmitted to a controller which determines if this is the correct authentication signal or signature to allow the transaction or other process.
- the authentication signal is the output of the one way hash, i.e. the signature, and can be looked upon as the PIN/Password and User ID combined in one. Note an added security feature here is that if an adversary obtains the signature there is no mathematical way back to determine either the PUF (101 ) (device identifier) or the biometric data input, i.e. the authorised user's personal biometric data is safe and uncompromised.
- the biometric sensor (102) provides either and/or biometric data per se or generates data or derives data from the biometric data . All such data is considered in this disclosure as biometric data and includes the associated data generated from the pure biometric data.
- the system does not require any biometric data to be stored on a server, the biometric data is stored only on the apparatus itself and the system design ensures that this biometric data is robustly stored and cannot be readily read or over written by an adversary.
- the lockout functions (105) prevents the NVMs (103) from being written to again, and the optional tamper resistive circuit (106) prevents a physical attack on the device from a serious and determined adversary attack.
- This embodiment of the system does away with the need for a password and/or PIN.
- the system provides both user authentication and device authentication via the same mechanism.
- the system can do away with the need of a password and/or PIN .
- the system can also be used in conjunction with a password and/or PIN, however if the user is not physically present with the unique device, then there would be no authentication.
- Authentication may or may not be essential to allow a transaction depending on the transaction type, value or other transaction property.
- Embodiments of this invention make the rolling code device offered by some commercial backs or access controls for internet banking obsolete.
- Embodiments of the present invention incorporated in a smartcard offer greater levels of security than a Chip and PIN card or a rolling code device.
- the system can be applied to any application that requires an individual's authentication and verification that the person is present d uring the authentication process
- the system offers a high level of security. There is immediate suitability for high value clients.
- Present state of the art smartcards for example, establish a secu re loop by means of a P I N and the trend is to have a h ig h ly personalised card with multiple layers of security chosen by the card issuer. Embodiments of the invention are compliant with this trend.
- an embodiment of the invention is usable by multiple authorised users - a predetermined group of people. Multiple users would have an impact on the memory requirements of embodiments of the invention.
- the apparatus could be programmed to allow any member of the group to be physically present to be able to authenticate the device transaction.
- the apparatus can be programmed to give each person different privileges, limiting the expenditure or ability to conduct transactions or defining access limits, different for each user.
- the apparatus could also be programmed such that two members are required to be physically present for the transaction to be authenticated.
- a duress signal indicating that a transaction is not valid
- the authentic biometric data may be generated from the index finger fingerprint but a "duress" signal may be indicated from a middle finger fingerprint.
- a further example is using the thumb and index finger of the right hand are used as the input for the reader to check you are present, but the system could also be programmed such the thumb and 2 nd finger of the right hand, when paired with the PUF and processed though the hash outputs a different signal that you are under duress and being forced against you will to complete such a transaction.
- FIG. 1 A representative block diagram of a system embodying the present invention is shown in figure 1 .
- a description of each block in the system and its function is as follows:
- Some embodiments of the invention makes use of a PUF(101 ) as the mechanism for providing a device-specific identifier (101 ). Other mecahnisms which uniquely identify the electronic device can be used.
- a PUF(101 ) is a Physical Uncloneable Function.
- a PUF(101 ) is embodied as a micro-electronic circuit block that exploits the natural variations in the semi-conductor manufacturing process that make a single IC (Integrated Circuit) unique and different from all of it neighbours on the silicon wafer(s) being manufactured by the silicon foundry.
- Examples of PUF circuits are volatile memory block instances where the mismatch in the sense amps within each bitcell, allows for the volatile memory block to have a signature at initial power up that is unique to that IC prior to the volatile memory being reset.
- Another example of a micro-electronic PUF circuit is to use the phase noise of a PLL or DLL as the PUF(101 )element. If these uncloneable devices were produced in billions, it is conceivable that two devices could have the same PUF signature, but one can use a combination of two or more PUF circuits in the one IC, to uniquely identify that particular IC.
- PUF circuits under (Automatic Test) ATE test are exercised over voltage and temperature range to identify the signature over the range that is stable, so that unstable bits over the range will be dropped from the signature recognition.
- the output of the PUF (101 ) would be available for testing and characterising, later when one time enrolment phase is discussed we shall be made aware that after the enrolment phase, the output signature of the system is recorded for the challenge and response question(s) and access to the actual PUF value can be considered no longer required, and also may be selected for lockout of this signal at the end of the enrolment phase.
- PUFs Another advantage of PUFs, is that when a manufacturer of this apparatus outsources assembly of the complete system e.g. a device/Smart Card/mobile phone etc., if the PUF of the semiconductor device has changed then it is known that someone has tampered with the device during assembly.
- the PUF (101 ) provides a unique identifier which is specific to a respective IC. Storage of Biometric Data and Lockout function in the apparatus
- the biometric data is stored on a NVM (Non-volatile Memory)(103) within the system.
- NVM Non-volatile Memory
- an additional lock-out function (105) is activated, that prevents any future reprogramming of the blocks of NVM storing the biometric data.
- the lockout function (105) can be implemented in multiple ways, e.g. in a OTP (One Time Programmable) function, e.g.
- a fuse making use of electron-migration of a poly resistor is a known method
- another known method is to provide over voltage to a gate, to make the gate of the transistor permanently leaky so its state thereafter fixed.
- Such an element then can be used to block path to access programming circuit of the NVM (103) making reprogramming of your biometric data not possible.
- the lockout function (105) provides security that an adversary could never reprogram the apparatus with another set of finger prints, that would be paired with the PUF. In any case a different set of finger prints combined with the PUF, would produce a different signature coming out of the one way hash function.
- a biometric reader (102) is used to read your personal biometric data.
- the apparatus therefore requires its own biometric reading device (102).
- Many biometric readers do not have a suitable form factor that fits in a smartcard or mobile device.
- One such biometric reader that would is capacitive or CMOS readers which use capacitors and thus electrical current to form an image of the fingerprint.
- Another advantage of CMOS readers is that they are more difficult to fool than optical readers.
- Biometric data such as finger prints do not take much memory to store, so it is quite conceivable that if desired by the application of this apparatus that a full set of 10 finger prints could be stored in the NVM (103) (Non-Volatile Memory) on the SoC (System on Chip) that contains the apparatus of this invention.
- NVM Non-Volatile Memory
- the biometric data from the user is never released from the card this secures the user private data and addresses the concerns of privacy.
- the One-Way function preferably a hash function
- the output of the digital circuit that accomplishes the one-way hash value can be seen a signature, this signature is created from the two inputs to the oneway hash, namely the PUF and the biometric data. This pair gives a particular signature that is unique.
- the properties of the hash circuit design needs to be strong in order to be regarded as secure. Such properties are known for example, pre-image resistance, this is the one way property of the hash whereby it is computationally infeasible for two inputs to produce the same output.
- the second property of a strong hash is that two different inputs do not hash to the same value this is referred to as weak collision resistance. Weak collisions do exist in theory so best practice is to ensure the design does not allow this in practice.
- the third property of a strong one way hash design is referred to as collision resistance, where it is computationally infeasible to find two different inputs which give the same output.
- the one way hash function(104) assures even if the hash signal is compromised there is no way back to determine the two inputs (PUF and Biometric) data that were used to create the signature output of the hash block (104). This signature is therefore what identifies "you" and "your” presence also.
- the output of the one way function (104) is a signature which is processed in a similar manner for challenge and response purposes as a PIN would be in a chip and PIN system, for example.
- the signatures that are correct are recorded as the correct responses, for the electronic challenge and request questions later, where the answer will be a straight forward "TRUE” of "FALSE” question as is done with Chip and PIN technology today.
- this signature would be used in the similar manner to the electronic challenge and request response much as the current day systems do with a PIN.
- one embodiment of the present invention is configured as a Smart/Credit/ATM card (107) or phone.
- your finger prints would be read by the sensor (102) and recorded in the NVM (103) of the IC, the blank card would have a PUF value that is known by the issuing organisation.
- the PUF and your finger prints would be paired to create certain signals, e.g. right hand thumb and index finger for authentication of a transaction, and for example the right hand thumb and second finger could be used for a duress signal, etc.. each signal that chosen would have its own signature from the one way hash.
- the pairing of these signals is key as it identifies "you" and "your presence with the card". In this example for added security two fingers have been used, but the system works with a single biometric signal, such as a fingerprint.
- This block(106) is described as optional as it does not contribute to the Individual Unique authentication, but in practice such a block (106) would be included to increase security from a serious adversary.
- the function of the block (106) is to prevent a physical attack on the IC, where the attacker is prepared to go to considerable effort to obtain the secret(s) e.g. the PUF and biometric data, or even try to bypass the NVM lockout (105) with a FIB (Focused Ion Beam) procedure to reconnect the re-program circuit.
- a tamper resistive block (106) uses the metal stack and associated sensing circuit arrangements above the security sensitive circuits of the IC.
- Such a tamper resistive network senses when or if an attack is being or has been made, and in response the Tamper Resistive block (106) may cause the IC to shut down, or enable some other disabling function e.g. erasing of sensitive data in the NVM(103).
- Liveliness Detection Sensor (a sensor for detecting a sign-of-life when sampling biometric data):
- the liveliness sensor block (108) is described as optional as it does not contribute to the Individual Unique authentication. It is well known to trick optical finger print sensors. Various materials such as Playdoh, Gelatin, Silicone and Latex can be used to take imprints of fingerprints. Different techniques and algorithms have been applied to liveliness detection.
- a very basic liveliness sensor circuit block (108) would measure the temperature of the finger placed on the CMOS capacitive finger print reader. Sensing temperature in silicon is straight forward using well known techniques of using the Vbe and delta Vbe of the parasitic vertical pnp that occurs in a standard CMOS process. In this case there would be a range of acceptable temperature, where a window comparator would be used to measure the finger(s) temperatures are in the desired temperature range.
- the power source would be from contact grid.
- the power will come from the normal inductive coupling with the NFC reader element.
- the required power would come from the battery.
- Power for the additional circuits required for embodiments of the invention would be supplied by the existing chip and pin contact, or from the existing NFC antenna in the card for a wireless application
- the sampled biometric data will vary so the input to the one way function will vary. This means that the output of the one way function will vary meaning the output is different depending on the variance in the sampled biometric data.
- the above described embodiments can sample the biometric data (bd) and then use a biometric data validation unit (1 1 1 ) to carry out a verification that the sampled biometric data "matches" stored reference biometric data (rb). If there is a significant correlation between the sampled data and the stored reference data, then the sampled biometric data is considered a match for the stored biometric data.
- the system sends to the one way function input not the sampled biometric data (bd) but the stored reference biometric data (rb). In this manner, a consistent input is provided to the one way function input thus providing a consistent output (the device-specific identifier (101 ) input does not alter).
- the biometric sensor (102) is sufficiently reliable in quality and performance to give a robust and repetitive biometric data reading, i.e. the same output from the one way function is achieved each time the biometric data is sampled so there is no need to store the reference biometric data for presentation to the one way function.
- FIG. 4 shows the provision of a comparator (1 12) to determine if there is a match between the reference output F(di,rb) and the candidate output F(di,cb).
- this embodiment of the authentication system authenticates an authorised user at a respective electronic device and comprises: a device- specific identifier (101 ) operable to provide a device identifier (di); a biometric data sensor (102) operable to sample biometric data (bd) from a user and provide the sampled biometric data as candidate biometric data (cb); a processor (104) operable to perform a one-way function F on the device identifier (di) (101 ) and the candidate biometric data (cb) and provide a candidate output F(di,cb); a storage unit (103) holding a reference output comprising an output F(di,rb), where (rb) is reference biometric data derived from biometric data of the authorised user of the respective device identified by the device-specific identifier (101 ) and (di) is the device identifier input; and a comparator (1 12) to determine if there is a match between the reference output F(di,rb) and the candidate output F(d
- Access control includes controlled entry and controlled egress of restricted environments such as buildings, campuses, institutions and allowing or prohibiting user movement within buildings via elevators or the like. Border control is another application area with the authentication system being embodied in a passport or ID document. An y p rocess wh i ch requires user authentication can benefit from embodiments of the invention. Other examples include transport ticketing where the authentication device is used as a transit ticket, boarding pass, or driving licence.
- any process which requires a participant to have a certain level of qualification to legitimately participate can benefit from embodiments of the invention.
- certain drugs in a pharmacy environment can only be dispensed by a suitably qualified pharmacist who may perhaps have to make enquiries of th e recip ient to d ischa rge th ei r professiona l responsi bi l ities .
- the authentication system can authenticate that that user is who they say they are and is gaining access to the drugs with the smartcard embodying the present invention.
- a wider system can record from both users smartcards that the drugs were dispensed to the designated recipient thereby closing the loop on the transaction between the qualified pharmacist and the correct patient.
- USB and USB2 dongles can incorporate embodiments of the present invention so that those dongles can only be used by authorised users who are authenticated by the integrated system.
- Communication devices including smart phones and tablets can be enabled with the technology of the present invention to authenticate authorised users.
- Another example in access control is keeping track of entry and egress in a manufacturing facility/plant or secure area.
- data from the authentication system components will identify which individuals are still inside the secure area.
- the problem is particularly acute when there are thousands of personnel in a secure area. Who is in the area and who has left or been evacuated?
- An authentication signal is required to start a motor vehicle fitted with an embodiment of the invention . Only an authorised user paired with the IC (d evice) em bedd ed i n the veh icl e C P U wi l l provid e th e necessary authentication signal.
- the level of authorisation or permitted travel may be dictated by an insurance company, a road toll operator or other such controls. Only if the authorised is might be controlled
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2013/055593 WO2014146684A1 (en) | 2013-03-18 | 2013-03-18 | An authentication system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2795523A1 true EP2795523A1 (de) | 2014-10-29 |
Family
ID=47913412
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP13711021.9A Withdrawn EP2795523A1 (de) | 2013-03-18 | 2013-03-18 | Authentifizierungssystem und -verfahren |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP2795523A1 (de) |
WO (1) | WO2014146684A1 (de) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3037998B1 (de) * | 2014-12-23 | 2019-07-03 | Intel Corporation | Verfahren und System zur Bereitstellung einer sicheren und eigenständig betreibbaren biometrischen Authentifizierung |
GB2564839A (en) * | 2017-05-30 | 2019-01-30 | Zwipe As | Smartcard and method for controlling a smartcard |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6607136B1 (en) | 1998-09-16 | 2003-08-19 | Beepcard Inc. | Physical presence digital authentication system |
US6829711B1 (en) * | 1999-01-26 | 2004-12-07 | International Business Machines Corporation | Personal website for electronic commerce on a smart java card with multiple security check points |
US7441123B2 (en) * | 2001-03-23 | 2008-10-21 | Ensign Holdings | Method and apparatus for characterizing and estimating the parameters of histological and physiological biometric markers for authentication |
US7195154B2 (en) | 2001-09-21 | 2007-03-27 | Privasys, Inc. | Method for generating customer secure card numbers |
JP4836501B2 (ja) | 2005-06-20 | 2011-12-14 | 富士通株式会社 | 個人認証システム、個人認証方法、個人認証プログラム |
WO2007016867A1 (fr) | 2005-08-11 | 2007-02-15 | Beijing Watch Data System Co., Ltd. | Procede d'authentification physique et dispositif numerique |
ATE544123T1 (de) | 2007-09-19 | 2012-02-15 | Verayo Inc | Authentifizierung mit physikalisch unklonbaren funktionen |
CN102165458B (zh) * | 2008-09-26 | 2015-05-27 | 皇家飞利浦电子股份有限公司 | 认证装置和用户 |
-
2013
- 2013-03-18 EP EP13711021.9A patent/EP2795523A1/de not_active Withdrawn
- 2013-03-18 WO PCT/EP2013/055593 patent/WO2014146684A1/en active Search and Examination
Non-Patent Citations (1)
Title |
---|
See references of WO2014146684A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2014146684A1 (en) | 2014-09-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11664997B2 (en) | Authentication in ubiquitous environment | |
US11895225B2 (en) | Systems and methods for trustworthy electronic authentication using a computing device | |
US9674705B2 (en) | Method and system for secure peer-to-peer mobile communications | |
CN106576044B (zh) | 泛在环境中的认证 | |
US9589399B2 (en) | Credential quality assessment engine systems and methods | |
EP3138265B1 (de) | Verbesserte sicherheit zur registrierung von authentifizierungsvorrichtungen | |
EP2648163B1 (de) | Personalisiertes biometrisches identifikations- und nicht-zurückweisungs-system | |
US10607211B2 (en) | Method for authenticating a user to a machine | |
AU2013205396B2 (en) | Methods and Systems for Conducting Smart Card Transactions | |
US20080028230A1 (en) | Biometric authentication proximity card | |
US20140093144A1 (en) | More-Secure Hardware Token | |
WO2014146684A1 (en) | An authentication system and method | |
Singh | Multi-factor authentication and their approaches | |
TW201543253A (zh) | 身份驗證系統及方法 | |
JP2019050014A (ja) | 口座開設システム、口座開設方法、及びプログラム | |
Asani | A review of trends of authentication mechanisms for access control | |
Kiat et al. | Analysis Of OPACITY And PLAID Protocols For Contactless Smart Cards |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20140117 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
17Q | First examination report despatched |
Effective date: 20150105 |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: FILIPPI, RAYMOND |
|
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20161001 |