EP2836952A1 - Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet - Google Patents
Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objetInfo
- Publication number
- EP2836952A1 EP2836952A1 EP13715348.2A EP13715348A EP2836952A1 EP 2836952 A1 EP2836952 A1 EP 2836952A1 EP 13715348 A EP13715348 A EP 13715348A EP 2836952 A1 EP2836952 A1 EP 2836952A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data
- security component
- identity
- digital
- initial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012795 verification Methods 0.000 title claims description 23
- 238000004422 calculation algorithm Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 238000010200 validation analysis Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 2
- 230000010267 cellular communication Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 206010010904 Convulsion Diseases 0.000 description 1
- 230000032683 aging Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 231100000241 scar Toxicity 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
Definitions
- the present invention relates to the authentication or identification of an individual using an electronic device. It will be noted that throughout this text, when we talk about authentication or identification, the "or” is inclusive, that is, it means “and / or”, so that the present invention is applicable to both authentication and identification, or even both.
- the identification aims to make it possible to know the identity of an entity, for example using an identifier which can be a user name or a network identifier (telephone number for example).
- Authentication verifies the identity of an entity to allow access to services or resources.
- Authentication or identification regularly uses a server storing data relating to entities, ie individuals having previously undergone a so-called registration (or registration) phase with said server to be delivered, when authentication or identification, any right (issuing a driver's license, a ticket, compensation, authorization to access a room, authorization to access a service, implementation of a service, electronic payment, etc.).
- the data traditionally used for the registration of individuals with the server are personal data, most often alphanumeric, such as passwords, addresses of electronic devices used by individuals (eg IP addresses), identities and / or others.
- the data used can be relatively complex from the point of view of the individuals. For example, the longer a password contains characters, the more reliable it will be, but the more difficult it will be for an individual to memorize.
- an object communicating, smart card type, "smart phone”, tablet digital or other can be used as an identification medium. It is appropriate that this object can be used by its wearer reliably and securely, while remaining ergonomic in its use by its wearer.
- Biometric data may be used in association with a communicating object to ensure the uniqueness of the individual carrying the object.
- a biometric passport constitutes such a secure identification object.
- the registration server may contain only weak links between the biometric data of the wearer and his identity; for example, document FR-A-2 867 881 may be referred to, likewise the biometric data may be stored only in the object of the wearer without sharing with a base.
- the reading of the biometric data from the identification object is subject to mutual authentication between the security element of the object (an electronic chip for example) and a remote server via a reader of the object ( according to the EAC protocol, for "Extended Access Control" for example), which allows verification in local mode (data in the bearer object) and / or in remote mode with information sharing with a server.
- the invention thus proposes a method for generating a digital identity for an individual carrying an identification object comprising a security component, the method comprising the following steps:
- a first aspect of the invention consists of an initialization phase.
- This initialization phase aims to build a digital identity for the individual carrying an identification object.
- This initial digital identity carries the uniqueness of the carrier-object pair, that is to say that it attests to the authenticity of the identity of the wearer upon presentation of the object.
- the object of identification can not be validly used without its legitimate carrier.
- This initial digital identity is however non-significant, that is to say that it does not in any case to directly find the civil status of the wearer.
- the object of identification is thus protected against theft or misappropriation by the biometric data associated with the digital identity it bears, without these biometric data being directly related to the identity of the bearer of the object.
- the method of generating a digital identity according to the invention may furthermore comprise one or more of the following characteristics:
- the digital data can be derived from the initial biometric data by applying an algorithm stored in the security component of the object; or the initial biometric data may be transmitted to a server that calculates the reference digital data derived from the biometric data and transmits it to the identification object.
- the data generated by the security component of the object may be a Physical Unclonable Feature (PUF) produced by the security component of the object; or the data generated by the security component of the object may be a random stored in the security component of the object after printing.
- PAF Physical Unclonable Feature
- the initial digital identity can be determined by encrypting the reference digital data using a key using at least the data generated by the security component of the object; this initial digital identity can be stored in the security component of the object and / or transmitted to an authentication server.
- the invention also proposes a method for verifying the digital identity of an individual carrying an identification object, the verification method comprising the following steps:
- the data generated by the security component of the object is validated by the positive statistical comparison of the current digital identity with the initial digital identity.
- the comparison can be carried out in the identification object and / or with an authentication server.
- a second aspect of the invention consists of a verification phase of the digital identity generated according to the invention.
- the invention also relates to an electronic device comprising a security component adapted to implement the steps of the method according to the invention.
- a security component adapted to implement the steps of the method according to the invention.
- Such a device may further comprise means for entering a biometric data item.
- the invention also relates to a system for verifying the identity of a carrier of an identification object, the system comprising a device electronic device according to the invention and an authentication server comprising at least one initial digital identity stored associated with rights for the individual.
- FIG. 1 is a flowchart of an example of an initialization phase during the implementation of the method according to the invention
- FIG. 2 is a flowchart of an example of a verification phase of the authenticity of the carrier-object pair during the implementation of the method according to the invention
- FIG. 3 is a flowchart of an example of a phase of verification of the stability of the data generated by the security component of the object during the implementation of the method according to the invention
- FIG. 4 is an example of an identification object that can be used during the implementation of the method according to the invention.
- FIG. 5 is another example of an identification object that can be used during the implementation of the method according to the invention.
- FIG. 6 is a diagram showing an example of an initialization phase that can be implemented according to one embodiment of the invention.
- FIG. 7 is a diagram showing an example of a verification phase that can be implemented according to one embodiment of the invention.
- a first aspect of the invention consists of an initialization phase.
- This initialization phase is intended to build a digital identity bearing the uniqueness of the carrier-object couple to allow the individual to be subsequently issued any right (issuance of a driving license, a title of transport, compensation, authorization for access to premises, authorization to access a service, implementation of a service, electronic payment, etc.) upon presentation of the object.
- the identification object may be a smart card, a mobile phone or any other portable object having at least one security component.
- the identification object can be used as a loyalty card, a card of member to access services, an insurance card or a carrier bearing a regal identity.
- the initialization phase is illustrated in FIG.
- This initial bio biometric data of the individual is entered.
- This initial biometric data Bio may be a fingerprint, an iris print or a photo of the face, ear or other discriminating part of the body of the individual, such as a tattoo, scar, or other .
- This biometric initial biometric data of the individual is digitized and processed to create a digital reference data MO derived from the initial biometric data. Only the digital reference data MO derived from the initial biometric data is stored in the security component of the object. The initial biometric data Bio does not have to be stored in the identification object. No diversion of the biometric data of an individual can therefore be operated in case of theft or loss of the object of identification.
- a signature data P1 is generated by the security component of the object.
- This data P1 is unpredictable and depends only on the electronics of the security component of the object; it is not stored in the memory of the identification object but generated for each use as a signature of the electronic security component.
- a data P1 may be designated by the acronym PUF for "Physical Unclonable Feature”; it consists of a series of unpredictable binary values that are unavailable outside the object.
- the signature data P1 generated by the security component of the object can also be a random stored after drawing in the security component of the object.
- An initial digital identity M1 can then be determined. This initial digital identity M1 is obtained by modifying the digital reference data MO by the data P1 generated by the security component of the object.
- the initial digital identity M1 is obtained by encrypting the digital reference data MO and the value P1; for example, P1 generated by the identification object may be an entire or part of a key used to encrypt the digital reference data MO.
- the initial digital identity M1 is then stored in the memory of the identification object.
- the use of a non-reversible algorithm ensures that even in the event of theft or loss of the identification object, no information personal can not be derived from the digital identity M1 stored in the object.
- the digital identity can then also be transmitted according to several known methods to an authentication server for enrolling the individual with said server to be delivered, during a subsequent authentication, any right on presentation of the object and verification of the authenticity of the carrier-object couple.
- Verification of the authenticity of the carrier-object pair can be done by using the biometric data Bio to authenticate the carrier by comparison with the reference digital data MO, derived from the initial biometric data and stored in the security component of the object.
- the type of biometric data used being defined by the wearer himself, a first level of trust is established between bearer and object.
- a current biometric data Bio ' is entered and a derived digital data MO' is calculated. Then, this digital data MO 'derived from the current biometric data Bio' is validated internally by a comparison made in the object itself, according to a process known by the acronym MOC for "Match On Card".
- the value of the PUF ie of the data P1 generated by the security component of the object, can also change over time, because of the technology. In this case, the value of the data P1 may no longer be strictly identical to that initially generated, effectively prohibiting the deterministic calculations necessary for cryptography. It is then necessary to requalify the value of PUF or to destroy at least the sensitive functions of the product. The requalification opens the doors to an attack on the integrity of the PUF. In this case, the use of biometrics makes it possible to protect the wearer.
- FIG. 3 The phase of verification of the stability of the PUF data, with input of the biometry is illustrated in FIG. 3.
- the digital reference data MO which is derived from the biometric value and stored in the component of FIG. security of the object, can serve as a direct reference.
- This current biometric data item Bio is digitized and processed to create a new digital data item MO 'derived from the current biometric data item; the processing is preferably carried out with the same types of software as those used to create the digital reference data MO during the initialization phase. If the bearer is the legitimate bearer, the new digital data MO 'derived from the current biometric data will be considered identical by the MOC relative to the digital reference data MO. In the field considered, the term "identical" means a statistical correspondence greater than a defined threshold between two sets of digital data. The threshold value is used to set the level of requirement and security.
- P2 is again generated by the security component of the object.
- This data is always unpredictable and remains solely dependent on the electronics of the security component of the object.
- the data P2 generated during the verification phase is normally identical to the value P1 generated during the initialization phase (FIG. 1) since it represents a signature of the electronic security component of the object.
- a current digital identity M2 can then be determined, according to the same encryption process as the initial digital identity M1.
- the current digital identity M2 is then compared to the initial digital identity M1. This comparison can be done in the object itself in OMC.
- the current digital identity M2 can, if necessary, also be transmitted to an authentication server which itself compares with the digital identity. M1 initial, as will be described in more detail with reference to Figure 6.
- the comparison between the current digital identity M2 and the initial digital identity M1 is a statistical comparison. Indeed, it may be that the new value of the PUF P2 generated by the security component of the object during the verification phase is different from the value of the PUF P1 generated during the initialization phase (FIG. ) without the object being defrauded. Indeed, the electronic component of the object can evolve and some binary values of the hazard can be changed without the carrier or a third party intervened maliciously. This would result in a rebuttal of the authenticity of the carrier-object couple without any fraud having occurred.
- the new value of PUF P2 can differ by a few bits from the initial value of PUF P1.
- the difference between the value P2 and the value P1 will not be statistically significant for a qualification of the similarity of these values by a function of the MOC type performed in the security component of the object, which makes it possible to validate a drift without fraud of the PUF.
- Such a statistical comparison can use any known and appropriate biometric data comparison algorithm. Several algorithms can also be juxtaposed or combined to improve the reliability of the comparison ("Match On Card” or "Match On System”).
- the term "statistically identical" means a statistical correspondence greater than a threshold defined according to the level of security targeted.
- the identification object 10 may be a mobile phone (FIG. 4) comprising a security component 1 1 provided in a SIM card or any other embedded security element.
- the telephone 10 may comprise an image capture means 12 and / or sound and / or a fingerprint reader 13, or any other biometric data input means.
- the telephone 10 also comprises communication means 14 with a cellular network; it may also include means of communication with a local network (WiFi or BT type) or near-field communication means (NFC).
- the telephone 10 can thus communicate with an authentication server to trigger access to the rights or services required by the bearer after checking a current digital identity MV or M2 as explained above.
- the verification of the current digital identity MV or M2 can be done in the phone itself by a MOC process before transmission of said current identity MV or M2 or an attestation of identity to a server or a base station the rights or services required.
- the identification object 10 may be a smart card (FIG. 5) comprising a security element 11 in the form of an electronic chip of the card.
- the card 10 may comprise a fingerprint reader 13 or any other means for entering biometric data.
- the card 10 is also communicating by reading the data of the chip 1 1 via an appropriate reader in contact mode and / or by non-contact communication means such as the near field model (NFC) via an antenna in the card 10.
- NFC near field model
- the card 10 can thus, for example communicate with a terminal or a telephone to trigger access to rights or services required by the wearer after verification of a current digital identity M2 as explained above.
- the verification of the current digital identity M2 can be done in the card itself by a MOC process before transmission of said M2 identity or an attestation of identity to a terminal access rights or services required. According to one embodiment, all the steps of the initialization phase and / or all the steps of the verification phase can be carried out in the identification object itself.
- the biometric data Bio can be entered by the individual using the identification object itself; for example in the case where the identification object is a mobile phone equipped with a camera or a fingerprint reader as described with reference to FIG. 4.
- the biometric reference for the functions of OMC can then be derived biometric data by applying an algorithm stored in the security component of the object, for example an algorithm for creating a stable digital signature as described in document FR-A-2 925 732.
- This digital data derived from the biometric data ⁇ MO in the illustrated example) can also be encrypted, by application of a hash function for example.
- the initial numerical identities M1 and current MV, M2 can be determined in the security component of the object which can itself perform the verification by an MOC comparison as described above.
- the security component then transmits only, to a terminal or a server, a validation or a refutation of the identity of the bearer of the identification object, in the form of a certificate or a digital signature, for example.
- Such an embodiment has the advantages of limiting the exchange of sensitive data and allowing access to services via local terminals without connection to an Internet or cellular network.
- the steps of the initialization phase and / or the steps of a verification phase can be shared between the identification object and an authentication server.
- the identification object may be devoid of any means for entering biometric data. He is then able to communicate to collect a Bio biometric data input elsewhere (a card reader equipped with a biometric solution for example) or even to collect a digital data MO, MO 'derived from the biometric data on an integrated solution to a system.
- FIG. 6 shows an example implemented during an initialization phase and FIG. 7 shows an example implemented during a verification phase.
- the initial biometric data item Bio is entered by an appropriate means 20 such as a fingerprint reading terminal or a webcam installed on a PC for example.
- This initial biometric data Bio is then transmitted to a server 30 which calculates the digital reference data MO derived from the biometric data item and transmits it to the identification object 10.
- this initial biometric data Bio can be transmitted directly to the identification object 10, by communication in the NFC near field for example if the object is equipped with this function, or by cellular communication or wifi if the object is equipped with this function; the object 10 then calculates itself the reference digital data MO derived from the biometric data.
- the digital reference data MO derived from the biometric data Bio can be calculated in the input means 20 and then transmitted directly to the identification object 10, by NFC communication or by cellular communication. or wifi.
- the secure component of the identification object 10 generates a randomness P1 and calculates the initial digital identity M1 as described above; then the initial digital identity M1 is transmitted to the server 30 to be stored there with associated rights.
- the data P1 generated by the identification object 10 may be the private key of a bi-key used to encrypt the digital reference data MO.
- the public key of the key pair can then be transmitted to the identification server 30 with a request for certification of the key pair.
- the identification server generates a certificate related to the digital identity M1. This certificate is then returned to the identification object next to the key pair.
- the current biometric data item Bio ' is also entered by an appropriate means 20 and transmitted to the server 30 which calculates the digital data item MO' derived from this current biometric data item and transmits it to the object of identification 10.
- this current biometric data Bio ' can be transmitted directly to the identification object 10 which then calculates itself the digital data MO' derived from the biometric data; or digital data MO 'derived from the biometric data can be calculated in the input means 20 and then transmitted directly to the identification object 10.
- the secure component of the identification object 1 0 then generates a new PUF data, which can be the initial data P1 remained stable or a data item P2 that has evolved.
- the security component of the object then calculates the current digital identity M1 'or M2 as described above with reference to FIGS. 2 and 3; then the current digital identity M1 'or M2 is transmitted to the server 30 to be compared with the initial digital identity M1 stored. If the comparison is positive, the associated access rights are open; otherwise, the authenticity of the bearer-object pair is refuted.
- the comparison can also be carried out in the object itself by an OMC process and a validation certificate or refutation indication is sent back to the server 30. This validation or refutation attestation sent back to the server 30 can be redundant with the comparison made at the server level.
- Data transmissions - Bio, MO, M1, M2 or their derived values - can be direct or pass through one or more intermediate devices, as for example in the case where the transmission is through a communication network.
- the format of the transmitted data may be any.
- these transmissions are carried out in a secure manner.
- any appropriate procedure for securing the transmission can be envisaged, such as the use of HTTPS, SSL / TLS or other.
- a single server 30 may be used or several entities may perform respective functions; for example, an entity may be dedicated to computing or storing data from the biometric values used, and another entity may be dedicated to storing and comparing the digital identity.
- one or more personal data of the individual can be transmitted to the server 30 in the same configurations as for the initial digital identity M1.
- This personal data may include any data that may be used in connection with authentication or identification. As an illustration, they may include at least one of: a password, an email address of the identification object, an identity, or other.
- the various data relating to the individual are stored in association by or for the server 30.
- each data associated with a digital identity can be used for separate functions or services (local or remote). Note that, although the above description has been described with the assumption that only one initial biometric data is captured during the initialization phase, the invention also applies to the case where several complementary biometric data would be seizures and several initial numerical identities M1 would be determined during the initialization phase, for later comparison with current digital identities M2 during the verification phase. This increases the reliability of the authenticity of the carrier-object pair.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Collating Specific Patterns (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1252446A FR2988197B1 (fr) | 2012-03-19 | 2012-03-19 | Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet |
PCT/FR2013/050574 WO2013140078A1 (fr) | 2012-03-19 | 2013-03-18 | Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2836952A1 true EP2836952A1 (fr) | 2015-02-18 |
Family
ID=47080598
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP13715348.2A Ceased EP2836952A1 (fr) | 2012-03-19 | 2013-03-18 | Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2836952A1 (fr) |
FR (1) | FR2988197B1 (fr) |
WO (1) | WO2013140078A1 (fr) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020174348A1 (en) * | 2001-05-18 | 2002-11-21 | Imprivata, Inc. | Biometric authentication for remote initiation of actions and services |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3736882C2 (de) * | 1987-10-30 | 1997-04-30 | Gao Ges Automation Org | Verfahren zur Echtheitsprüfung eines Datenträgers mit integriertem Schaltkreis |
FR2867881B1 (fr) | 2004-03-17 | 2006-06-30 | Sagem | Procede de controle d'identification de personnes et systeme pour la mise en oeuvre du procede |
EP1832036A2 (fr) * | 2004-12-22 | 2007-09-12 | Koninklijke Philips Electronics N.V. | Procede et dispositif de generation de cles et de verification d'authenticite |
FR2925732B1 (fr) | 2007-12-21 | 2010-02-12 | Sagem Securite | Generation et utilisation d'une cle biometrique |
WO2010035202A1 (fr) * | 2008-09-26 | 2010-04-01 | Koninklijke Philips Electronics N.V. | Authentification d’un dispositif et d’un utilisateur |
EP2417546B1 (fr) * | 2009-04-10 | 2018-01-03 | Koninklijke Philips N.V. | Authentification combinée d'un dispositif et d'un utilisateur |
JP5676592B2 (ja) * | 2009-06-24 | 2015-02-25 | コーニンクレッカ フィリップス エヌ ヴェ | 参照点を使用した及び使用しない頑強なバイオメトリック特徴抽出 |
-
2012
- 2012-03-19 FR FR1252446A patent/FR2988197B1/fr not_active Expired - Fee Related
-
2013
- 2013-03-18 EP EP13715348.2A patent/EP2836952A1/fr not_active Ceased
- 2013-03-18 WO PCT/FR2013/050574 patent/WO2013140078A1/fr active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020174348A1 (en) * | 2001-05-18 | 2002-11-21 | Imprivata, Inc. | Biometric authentication for remote initiation of actions and services |
Non-Patent Citations (3)
Title |
---|
JEAN-PAUL LINNARTZ ET AL: "New Schielding Fucntions to Enhance Privacy and Prevent Misuse of Biometric Templates", AUDIO- AND VIDEO-BASED BIOMETRIC PERSON AUTHENTICATION : 4TH INTERNATIONAL CONFERENCE, GUILDFORD, UK, JUNE 9 - 11, 2003 ; PROCEEDINGS / AVBPA 2003; [LECTURE NOTES IN COMPUTER SCIENCE ; 2688], SPRINGER-VERLAG, BERLIN [U.A.], vol. 2688, 9 June 2003 (2003-06-09), pages 393 - 402, XP002694610, ISBN: 978-3-540-40302-9 * |
PAUL KRZYZANOWSKI: "Lectures on distributed systems Cryptographic communication and authentication", 1 January 2009 (2009-01-01), XP055182910, Retrieved from the Internet <URL:https://www.cs.rutgers.edu/~pxk/rutgers/notes/content/13-crypto.pdf> [retrieved on 20150414] * |
See also references of WO2013140078A1 * |
Also Published As
Publication number | Publication date |
---|---|
FR2988197B1 (fr) | 2015-01-02 |
WO2013140078A1 (fr) | 2013-09-26 |
FR2988197A1 (fr) | 2013-09-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
FR2988196A1 (fr) | Procede d'authentification d'un individu porteur d'un objet d'identification | |
EP3238474B1 (fr) | Procédé de sécurisation de transactions sans contact | |
EP3971750A1 (fr) | Procédés et entités notamment transactionnels mettant en jeu des dispositifs sécurisés | |
EP2614458B1 (fr) | Procede d'authentification pour l'acces a un site web | |
EP3623975A1 (fr) | Procédé et système de vote électronique à identification biométrique | |
EP2891268B1 (fr) | Signature de groupe utilisant un pseudonyme | |
EP3357212A1 (fr) | Procede et dispositif d'authentification ameliores | |
FR3066666A1 (fr) | Procede de securisation d'une communication sans gestion d'etats | |
EP2568406B1 (fr) | Procédé de mise en oeuvre, a partir d'un terminal, de données cryptographiques d'un utilisateur stockées dans une base de données | |
EP2909963A1 (fr) | Procédé de signature electronique a signature ephemere | |
WO2012156648A1 (fr) | Acces protege par biometrie a des dispositifs electroniques | |
FR3035248A1 (fr) | Systeme-sur-puce a fonctionnement securise et ses utilisations | |
EP2954449B1 (fr) | Authentification de signature manuscrite numérisée | |
EP3673633B1 (fr) | Procédé d'authentification d'un utilisateur auprès d'un serveur d'authentification | |
FR3073998B1 (fr) | Procede numerique de controle d'acces a un objet, une ressource ou service par un utilisateur | |
EP2807793B1 (fr) | Procede d'authentification d'un dispositif comprenant un processeur et une carte a puce par generation d'un motif | |
EP2836952A1 (fr) | Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet | |
WO2009083527A1 (fr) | Procede et systeme pour authentifier des individus a partir de donnees biometriques | |
WO2017077211A1 (fr) | Communication entre deux éléments de sécurité insérés dans deux objets communicants | |
EP3063898B1 (fr) | Signature à pseudonyme pour carte à puce | |
FR3007929A1 (fr) | Procede d'authentification d'un utilisateur d'un terminal mobile | |
WO2016062749A1 (fr) | Evaluation d'un niveau de confiance dans la recolte d'informations par un terminal de communication par rapport des empreintes | |
WO2011003721A1 (fr) | Securisation de localisation d'un code distant a travers l'empreinte du destinataire | |
WO2002030039A1 (fr) | Procede d'authentification de document electronique |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20140916 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: IDEMIA IDENTITY & SECURITY FRANCE |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20190423 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20200608 |