EP3058526A1 - Interface utilisateur sécurisée et écran tactile - Google Patents

Interface utilisateur sécurisée et écran tactile

Info

Publication number
EP3058526A1
EP3058526A1 EP13783626.8A EP13783626A EP3058526A1 EP 3058526 A1 EP3058526 A1 EP 3058526A1 EP 13783626 A EP13783626 A EP 13783626A EP 3058526 A1 EP3058526 A1 EP 3058526A1
Authority
EP
European Patent Office
Prior art keywords
user
transaction
payment instruction
user interface
display
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP13783626.8A
Other languages
German (de)
English (en)
Inventor
Mads Landrok
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cryptomathic Ltd
Original Assignee
Cryptomathic Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cryptomathic Ltd filed Critical Cryptomathic Ltd
Publication of EP3058526A1 publication Critical patent/EP3058526A1/fr
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • G07F7/1041PIN input keyboard gets new key allocation at each use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Definitions

  • the present invention generally relates to electronic transactions, and more particularly to systems and methods that interact with the user and summarize what it is the users will be authorizing by accepting the present transaction.
  • SSL secure socket layer
  • Interlock Protocol is a method used to counter a middle-man who might try to compromise two parties that use anonymous key agreement to secure their conversations.
  • Risks are always involved when a user authorizes financial or legal value transactions on a connected phone, a tablet, a PC, or other an open device. There is always the risk that the user will be drawn into accepting a different transaction than the one they intended to enter. A risk to the other side is that the user may try to disown or repudiate a transaction for various reasons, e.g., regret, mistake, or fraud.
  • a transaction approval system comprising: a network based payments processing system configured to receive a user transaction request and to forward such request to a transaction processor for authentication and authorization; a trusted graphical user interface private to a corresponding user and configured to present a payment instruction directly from said transaction processor to said user; a control mechanism associated with the trusted graphical user interface and configured to announce to said user that a payment instruction is then being displayed on the trusted graphical user interface and that its source has been authenticated and its integrity validated; and an approval mechanism associated with the trusted graphical user interface and control mechanism, and configured to signal back to the transaction processor that said user has approved the payment instruction then being displayed on the trusted graphical user interface.
  • the user of the transaction approval system is provided an opportunity to cancel a merchant transaction that is not being correctly described by the transaction processor in said payment instruction.
  • the trusted graphical user interface, the control mechanism, and the approval mechanism share the network communications configured to receive a user transaction request through a merchant and to forward such request to a transaction processor for authentication and authorization; and the trusted graphical user interface, the control mechanism, and the approval mechanism use encryption to secure data and message exchanges in the parts of the network communications configured to be shared, and include private resources to decode, encode, and display said payment instruction and its associated controls and approvals.
  • the trusted graphical user interface, the control mechanism, and the approval mechanism are included within a personal trusted device (PTD); the trusted graphical user interface uses at least a portion of a user graphics display to present said payment instructions; the control mechanism is implemented as an indicator and is exclusively used to annunciate when a secure payment instruction is being displayed by the trusted graphical user interface; and the approval mechanism is implemented as a momentary pushbutton, key, or scramble PIN pad and is reserved exclusively for said user to indicate a payment instruction currently being displayed by the trusted graphical user interface is approved.
  • PTD personal trusted device
  • the trusted graphical user interface, the control mechanism, and the approval mechanism are included in a second personal trusted device (PTD); the trusted graphical user interface has its own dedicated user graphics display to present said payment instructions; the control mechanism is implemented as an indicator and is exclusively used to indicate when a secure payment instruction is being displayed by the trusted graphical user interface; and the approval mechanism is implemented as a pushbutton and is exclusively used to indicate said user has approved a payment instruction currently being displayed by the trusted graphical user interface.
  • PTD personal trusted device
  • a method for preventing a user from being lured into an electronic transaction comprising: using a transaction processor to encrypt a payment instruction message for private display and viewing by a user with a mobile electronics device; configuring the mobile electronics device to forward an encrypted payment instruction from said transaction processor to decoding and display circuitry secure from other access and reserved to the display of decoded payment instructions on a private display; annunciating to said user when said private display is presenting a payment instruction from said transaction processor; enabling said user to signal back to said transaction processor that said payment instruction is approved; and completing an electronic transaction only if said user has signalled back to said transaction processor that said payment instruction is approved.
  • an embodiment provides a method of the present invention for preventing a user from being lured into an electronic transaction that is different than one they intended to launch uses a transaction processor to encrypt a payment instruction message for private display and viewing by a user mobile electronics device.
  • the mobile electronics device may be configured to forward an encrypted payment instruction from the transaction processor to decoding and display circuitry secure from other access and reserved to the display of decoded payment instructions on a private display.
  • the user may be signalled when the private display is presenting a payment instruction from the transaction processor.
  • the user may be able to signal back to the transaction processor that the payment instruction is approved.
  • Electronic transactions may only be completed if the user has signalled back to the transaction processor that the payment instruction is approved.
  • FIG. 1 is a perspective view diagram of a laptop computer showing how a portion of the display screen can be reserved for secure messages from a secure backend server to a user;
  • Fig. 2 is a functional block diagram of a user computer system includes a graphics display with a reserved area for a payment instruction (PI) from a secure backend transaction processor with access over a network;
  • PI payment instruction
  • Fig. 3 is a functional block diagram of a payment authentication system in an embodiment of the present invention similar in operation to the user computer system shown in Fig. 2, but here the payment authentication system is implemented as a cable box or module that plugs between a conventional user graphics display and a mobile computing device;
  • Fig. 4 is a functional block diagram of a another payment authentication system in an embodiment of the present invention.
  • Fig. 5 is a flowchart diagram of a method embodiment of the present invention
  • Figs. 6A-6D represent a scramble PIN pad at four different times but with the same PIN code entry causing four different coordinates results
  • Fig. 7 is a diagram of a mobile phone displaying a scramble PIN pad template on a non-touch user display, the presentation is sent in real-time and used as a guide for which hard keys to press for entry of a PIN code
  • Fig. 8 is a diagram of a middle portion of a typical soft keyboard displayed on a touchscreen for user entry of their PIN through a scramble PIN pad.
  • keyboard letters R-T-Y-F-G-H-V-B-N will be respectively interpreted by the system as user PIN numbers 3-9-1 -5-7-6-8-4-2 when touched.
  • Secure backend display embodiments of the present invention use private display hardware to guarantee to users that the message displays they see are trustworthy.
  • One method involves providing a completely separate device or new function with a secure display from a server backend. Encrypted messages are channelled so that they can only be decoded in the final stages of circuitry by private display hardware. The messages never pass in the clear through shared software or hardware like operating systems, communications sessions, display controllers or user displays. Trusted messages are never allowed to reach the provided displays.
  • Another method embodiment of the present invention reserves a small area of an existing display for the delivery of secure messages through an auxiliary controller that does its own private message decryption. Both methods allow a user to control or validate with high confidence that a secure mode is present.
  • Authenticated messages can be communicated from back-end servers over the network to user display controllers in their personal devices. Once the message authenticity and integrity has been validated through decryption, or message authentication, the local display controller makes it obvious to the user that a secure mode is established. An authenticated message from the secure back-end, e.g., a payment instruction, is presented by the display controller.
  • a laptop 100 has its lower right corner 102 of a display 104 reserved for authenticated messages (PI) from back-end servers.
  • a touchscreen type of display 104 is advantageous for the entry of PIN numbers, otherwise a hard keypad can be usefully employed. Markers along-side the screen may be used delineate the area for visual inspection by the user.
  • a control mechanism 105 accessible to the user provides a private, direct input connection to an internal display controller.
  • a separate indicator 106 has a private, direct data output connection from the display controller.
  • a user computer system 200 includes a graphics display 202 with a reserved area 204 for a payment instruction (PI) from a secure backend transaction processor with access over a network.
  • a graphic card 206 is conventional except for its ability to directly receive encrypted messages, decode them, and display the message contents in the reserved area 204.
  • a display control 207 can be embedded in a connecting cable.
  • graphic card 206 can provide a data I/O port or address in memory space that can be written by a CPU 208 over a system bus 210.
  • encrypted messages can be written to a memory 212 and graphic card 206 is signalled to collect the message.
  • Messages such as user approvals, can be encrypted into data payloads that are deposited in memory 212 for delivery by CPU 208 to the secure backend server.
  • Control mechanisms can include switches used to force secure mode exhibitions onto the display.
  • Sensitive portions of display controllers can be implemented by tamper resistant hardware that is uniquely identifiable using cryptographic techniques. For example, a public key pair in which the public key was pre-registered and that can read out from the device. The private key is only available for use inside the controller and cannot be read out or copied.
  • Display controllers can be provisioned with the public keys of trustworthy back- ends, or the root certificate of a certification authority (CA) trustworthy back-ends, or keys reserved by the device controller manufacturers.
  • CA certification authority
  • Derived or pre-shared secret symmetric key schemes may be used when asymmetric cryptographic techniques cannot be supported.
  • Embodiments of the present invention include an approval mechanism in the device, e.g., a discrete push button, display touch button, or other manually operated input with a private connection to the display controller or a soft keypad displayed on a touchscreen. Such are pressed in secure mode to indicate an approval by the user, e.g., an authenticated message is sent back over the network from the device to the secure back-end. In other cases, the user may approve the transaction messages using secondary channels like SMS.
  • an approval mechanism in the device e.g., a discrete push button, display touch button, or other manually operated input with a private connection to the display controller or a soft keypad displayed on a touchscreen.
  • Such are pressed in secure mode to indicate an approval by the user, e.g., an authenticated message is sent back over the network from the device to the secure back-end.
  • the user may approve the transaction messages using secondary channels like SMS.
  • Some embodiments of the present invention allow secondary devices to be used to validate authentication messages. Users can initiate or otherwise launch a transaction at a point of sale (POS) terminal, and the POS terminal's display may be recruited to confirm the transaction to the user.
  • POS point of sale
  • one device can be used to carry out banking transactions, while an app on another device is used to validate the particulars of those transactions.
  • confirmation messages or payment instructions related to a transaction being attempted may appear on SMS, email, interactive voice response (IVR), or other side channels.
  • IVR interactive voice response
  • a typical message to the user would say, "by keying in '43562' you acknowledge you are transferring 10,000 USD to account XYZ with SWIFT or ABA code ABC”. So if
  • the user could show their understanding with a simple OK pushbutton, or a PIN entry at a scramble PIN pad as is described in Figs. 6A-6D, 7, and 8.
  • Embodiments of the present invention all provide a trusted graphical user interface (TGUI) for reliance by the user in all transactions. All the middlemen are excluded on the back channel and so what is presented on the TGUI is straight from the transaction processor. This allows for What You See is What You Authorize, What You See is What You Sign (WYSIWYS), and What You See is What You Get (WYSIWYG) modes of operation.
  • TGUI trusted graphical user interface
  • the display controller is embedded in a connecting cable between the display and peripheral controller.
  • it is buried in tamper resistant hardware that is uniquely identifiable using cryptographic techniques preferably a public key pair of which in some embodiments the public key was certified before the device was delivered to the customer and which can read out from the device whilst the private key is available inside the controller only and cannot be read out nor copied.
  • the display controller is furnished with the public key of a trustworthy back-end or even the root certificate of a CA (certification authority) trustworthy back-ends, preferably operated by the device controller manufacturer or other trustworthy body.
  • a trustworthy back-end or even the root certificate of a CA (certification authority) trustworthy back-ends, preferably operated by the device controller manufacturer or other trustworthy body.
  • symmetric cryptographic techniques cannot be supported derived or pre-shared secret symmetric key schemes may be used.
  • Each device is fitted with an approval mechanism, e.g., a separate push button, touch button, or other form of manually operated input connected directly to the display controller.
  • an approval mechanism e.g., a separate push button, touch button, or other form of manually operated input connected directly to the display controller.
  • an authenticated message is sent over the network from the device mechanism to the back-end.
  • the user may approve the message in a number of other, such as e.g. using secondary channels or display touchscreens.
  • the user may use his device to initiate or facilitate a given transaction at a point of sales (POS) terminal and the display of the POS terminal may be used to confirm the transaction to the user.
  • POS point of sales
  • Fig. 3 represents a payment authentication system 300 in an embodiment of the present invention. While similar in operation to the user computer system 200 shown in Fig. 2, the payment authentication system 300 is implemented as a cable box or module that plugs between a conventional user graphics display 302 and a mobile computing device 304.
  • a graphics card 306 delivers encrypted messages from remote network servers that simply comprise text strings once decoded.
  • Payment authentication system 300 alone does such decoding and puts the text strings up in a reserved area 308 for private viewing by a user.
  • a payment instruction is decoded and presented in reserved area 308. Such payment instruction must make sense to the user given the activity the user is engaged in at the moment.
  • a memory 310, a bus 312, a CPU 314, and a network interface controller (NIC) 316 are conventional.
  • a payment instruction 320 can be presented directly for the user on payment authentication system 300 cable box.
  • the reserved area 308 would be unnecessary in such instance.
  • An approval mechanism 324, such as a simple pushbutton, is employed by the user to signal an approval to a remote backend server. For example, to complete a transaction.
  • Fig. 4 represents another payment authentication system in an embodiment of the present invention, referred to herein by the general reference numeral 400.
  • Payment authentication system 400 provides a secure way for a smartphone 402 engaged in a transaction with a merchant 404 over a network 406 and a payment processor 408 to complete the transaction that is intended by the user.
  • the payment processor 408 When the payment processor 408 has all the details of the proposed transaction assembled, it identifies the pre-registered user involved and sends a verification message 410 back through network 406 to a secondary device 412.
  • the user may receive a confirmation of the message attempted carried out of a different channel, such as e.g. SMS, Email, IVR, or similar. For example, "By keying in 43562 you acknowledge transferring 10,000 USD to account XYZ with SWIFT or ABA code ABC".
  • a pre-registration process conducted earlier has established that user smartphone 402 and secondary device 412 are related to the same user.
  • a payment instruction 414 is presented directly for the user.
  • a control mechanism 416 such as an indicator light, indicates when a secure message is present.
  • An approval mechanism 418 such as a simple pushbutton, is employed by the user to signal an approval to a remote backend server, e.g., payment processor 408, to complete a transaction.
  • Secondary device 412 can comprise any number of ordinary or special purpose devices intended for other applications or just this one.
  • the Pebble iPhone watch will connect to Apple iOS or Android devices via Bluetooth, while also running certain apps on its own platform.
  • Fig. 5 represents a method for preventing a user from being lured into an electronic transaction that is different than one they intended to launch, in an embodiment of the present invention herein referred to by the general reference numeral 500.
  • a step 502 uses a transaction processor to encrypt a payment instruction message for private display and viewing by a user mobile electronics device.
  • the mobile electronics device is configured to forward an encrypted payment instruction from the transaction processor to decoding and display circuitry secure from other access and reserved to the display of decoded payment instructions on a private display.
  • a step 506 annunciates to the user when the private display is presenting a payment instruction from the transaction processor.
  • a step 508 enables the user to signal back to the transaction processor that the payment instruction is approved.
  • a step 510 completes an electronic transaction only if the user has signalled back to the transaction processor that the payment instruction is approved.
  • users can be required to enter a
  • a soft PIN pad is typically presented on a touchscreen or other user display.
  • Figs. 6A-6D represent a scramble PIN pad 600 at four different times, but with the same PIN code entry, 1 -2-3-4, causing four different coordinates results.
  • the presentations are randomized.
  • a first touchscreen display 602 is presented to a user in real-time only long enough for the user to enter a PIN.
  • the soft keypads have X, Y coordinates X:0-2 and Y:0-3.
  • a PIN entry of 1 -2-3-4 will produce a coordinate string 604 comprising: 0,0; 1 ,0; 2,0; 0,1 .
  • These could be communicated in the clear since their meaning is obtuse to interception, but they could also be encrypted for improved security.
  • FIG. 6B represents a second touchscreen display 612 where the soft keypads again have X,Y coordinates X:0-2 and Y:0-3, but the same user PIN entry of 1 -2-3-4 will produce a coordinate string 614 comprising: 2,1 ; 2,2; 1 ,1 ; 0,1 .
  • Fig. 6C represents a third touchscreen display 622 where the soft keypads again have X,Y coordinates X:0-2 and Y:0-3, but a PIN entry of 1 -2-3-4 will produce a coordinate string 624 comprising: 0,0; 1 ,2; 2,0; 1 ,0.
  • 6D represents a third touchscreen display 632 where the soft keypads again have X,Y coordinates X:0-2 and Y:0-3, but a PIN entry of 1 -2-3-4 will produce a coordinate string 634 comprising: 2,1 ; 2,2; 1 ,1 ; 0,1 .
  • Fig. 7 represents a mobile phone 700 displaying a scramble PIN pad template
  • Fig. 8 represents a middle portion of a typical soft keyboard 800 displayed on a touchscreen for user entry of their PIN through a scramble PIN pad, represented by number bubbles superimposed over nine soft keys.
  • keyboard letters R-T-Y-F-G- H-V-B-N will be respectively interpreted by the system as user PIN numbers 3-9-1 -5-7- 6-8-4-2 when touched. Any key on the entire soft keyboard can be assigned a scramble PIN pad value, and those assignments should be dynamically reallocated with each session or use to maintain their value as a security feature.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

L'invention concerne un procédé pour empêcher qu'un utilisateur ne soit attiré dans une transaction électronique qui est différente de celle qu'il avait l'intention de lancer, qui utilise un processeur de transaction pour crypter un message d'instruction de paiement destiné à être affiché et visualisé d'une manière privée par un dispositif électronique mobile de l'utilisateur. Le dispositif électronique mobile est configuré pour transférer une instruction de paiement cryptée provenant du processeur de transaction à un circuit de décodage et d'affichage protégé contre un autre accès et réservé à l'affichage d'instructions de paiement décodées sur un dispositif d'affichage privé. Quand le dispositif d'affichage privé est en train de présenter une instruction de paiement en provenance du processeur de transaction, cela est signalé à l'utilisateur. L'utilisateur peut signaler en retour au processeur de transaction que l'instruction de paiement est approuvée. Des transactions électroniques ne peuvent être achevées que si l'utilisateur a signalé en retour au processeur de transaction que l'instruction de paiement était approuvée.
EP13783626.8A 2013-10-16 2013-10-16 Interface utilisateur sécurisée et écran tactile Ceased EP3058526A1 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/GB2013/052702 WO2015055973A1 (fr) 2013-10-16 2013-10-16 Interface utilisateur sécurisée et écran tactile

Publications (1)

Publication Number Publication Date
EP3058526A1 true EP3058526A1 (fr) 2016-08-24

Family

ID=49510430

Family Applications (1)

Application Number Title Priority Date Filing Date
EP13783626.8A Ceased EP3058526A1 (fr) 2013-10-16 2013-10-16 Interface utilisateur sécurisée et écran tactile

Country Status (5)

Country Link
EP (1) EP3058526A1 (fr)
AU (1) AU2013403030A1 (fr)
CA (1) CA2927724A1 (fr)
HK (1) HK1210645A1 (fr)
WO (1) WO2015055973A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB201212878D0 (en) 2012-07-20 2012-09-05 Pike Justin Authentication method and system
GB201520741D0 (en) 2015-05-27 2016-01-06 Mypinpad Ltd And Licentia Group Ltd Authentication methods and systems
CA3008571C (fr) 2015-12-28 2020-12-15 Mobeewave, Inc. Systeme et procede d'authentification d'un utilisateur sur un dispositif

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110213711A1 (en) * 2010-03-01 2011-09-01 Entrust, Inc. Method, system and apparatus for providing transaction verification

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6092202A (en) * 1998-05-22 2000-07-18 N*Able Technologies, Inc. Method and system for secure transactions in a computer system
WO2004017255A1 (fr) * 2002-08-16 2004-02-26 Fujitsu Limited Terminal de transaction et son procede de commande
TW200929974A (en) * 2007-11-19 2009-07-01 Ibm System and method for performing electronic transactions
CN102422302A (zh) * 2009-05-15 2012-04-18 赛特康姆有限公司 安全系统和方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110213711A1 (en) * 2010-03-01 2011-09-01 Entrust, Inc. Method, system and apparatus for providing transaction verification

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2015055973A1 *

Also Published As

Publication number Publication date
CA2927724A1 (fr) 2015-04-23
HK1210645A1 (en) 2016-05-13
WO2015055973A1 (fr) 2015-04-23
AU2013403030A1 (en) 2016-06-02

Similar Documents

Publication Publication Date Title
CA2969493C (fr) Systeme et procede pour permettre une authentification securisee
US20070033136A1 (en) Secured financial transaction device
AU2014222350B2 (en) Systems, methods and devices for performing passcode authentication
CN101221641B (zh) 一种联机交易的安全确认设备及联机交易方法
US20190347661A1 (en) Coordinator managed payments
US20120095919A1 (en) Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input
AU2020203182A1 (en) secure data entry and display for a communication device
CN108027855A (zh) 多用户强认证令牌
EP3058526A1 (fr) Interface utilisateur sécurisée et écran tactile
US20150348047A1 (en) Trusted user interface and touchscreen
JP5670001B1 (ja) 取引システム、取引方法、ならびに、情報記録媒体
CN106559215A (zh) 一种网银安全交易的装置和方法
CN103854172B (zh) 一种基于ic卡的数据安全处理终端及系统
WO2011060739A1 (fr) Système et procédé de sécurité
CN203812270U (zh) 一种基于ic卡的数据安全处理终端及系统
JP6336383B2 (ja) 取引システム
WO2011060738A1 (fr) Procédé de confirmation de données dans une carte cpu
US20150288684A1 (en) Device assembly for carrying out or enabling an electronic service and a method for securely inputting authorization data

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20160511

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20170209

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20190307