EP3616112A1 - Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée - Google Patents

Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée

Info

Publication number
EP3616112A1
EP3616112A1 EP18723383.8A EP18723383A EP3616112A1 EP 3616112 A1 EP3616112 A1 EP 3616112A1 EP 18723383 A EP18723383 A EP 18723383A EP 3616112 A1 EP3616112 A1 EP 3616112A1
Authority
EP
European Patent Office
Prior art keywords
user
electronic device
data
web server
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP18723383.8A
Other languages
German (de)
English (en)
Inventor
Sisto Girardi
Mario Recchia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Archimedetech Srl
Original Assignee
Archimedetech Srl
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Archimedetech Srl filed Critical Archimedetech Srl
Publication of EP3616112A1 publication Critical patent/EP3616112A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention refers to a process/method for obtaining a safety system of a reliable identification and subsequent authentication of a user; the system
  • said devices is a smartphone or a tablet or another electronic device and the other device is a passive or
  • the system can be
  • process/method of the invention provides for delivering
  • accessory item such as a passive tag, an active tag or
  • a smart device where the encrypted unique identification data of the user are stored, and a security code (pin) that can be used to block the identification/authentication in case of theft or loss of one or two of said separate electronic devices.
  • a security code pin
  • the invention relates to a method for obtaining a safety system so as to have a reliable identification and subsequent authentication of a person/user at the request of Third Parties offering activities and/or services, said system including a smartphone, a tablet or another electronic device, an accessory item such as a passive tag, an active tag (provided with an electronic circuit, a Bluetooth chip and a battery) or a smart device (provided with an electronic circuit, a Bluetooth chip, a battery and a firmware able to generate temporary random codes) , a web server (composed by a PC and/or by a software program) which manages the registration of the user by coupling the unique data identifying the user with the associated electronic device by applying an MD5 encryption, a data storage on the accessory item, a generation of the security code (pin) , a response to an identification request and a subsequent authentication of Third Parties; a software application (APP) allows the registration process.
  • a smartphone a tablet or another electronic device
  • an accessory item such as a passive tag, an active tag (
  • a Third Party can thus use the present identification/authentication system of a user by using a software application (APP) providing activities and/or services by querying the web server after sending the data contained in the accessory item, such as said passive or active tag or said smart device, and the unique identification code of the electronic device (C.I.U.D.), for example the IMEI code and/or the UUID code or whatever, for providing a control of the identity of said user; only if the above checking is positive (and the authentication is established) , the system will allow the user to continue the procedures for executing the activities and/or services provided by the Third Party.
  • APP software application
  • the software application (APP) belonging to said Third Party may also provide for using a plurality of enabling temporary random codes as further data to be verified in addition to the unique identification data of the user and of the electronic device (if said data are managed by the web server) .
  • APP software applications
  • Other systems for authenticating a user - especially during the mobile payment activities provided by financial institutions - can also use a QR CODE or biometric data of the user, such as the heartbeat, which are acquired with sensors placed on bracelets and/or smart watches (iWatch®, Gear®, etc.) connected to the smartphone, tablet or other electronic mobile device, or the image of the iris or face; said systems, however, are not totally reliable and safe, since, for example, the placement of the bracelet and/or the smart watch on different zones of the user's arm collects different values of the heartbeat of said user, as well as the reading of the iris or of the face is not possible under certain light conditions.
  • the known methods and processes involve an exchange of money between smartphone users by using software applications or social or messenger APP (the so-called “PEER TO PEER” APP) .
  • the money amounts that are handled are usually limited, but both the input of data for a user authentication (for example a certification similar to the digital signature) and the input of different codes or additional pin are however requested.
  • all said software applications or APP save or "track", on said electronic device, the sensitive data of the current account and/or the credit or debit card of the user, which thus become “accessible and usable” in case of loss or theft of the electronic device.
  • Software application or APP for providing a prior identification/authentication of a user who has an electronic device (such as a mobile phone) for activities and/or services by generating unique codes which are directly identified on the electronic device, such as for example a digital signature, and according to which the IT procedure involves the use of a web server to verify the identity of the user by comparing said unique identification codes which are sent and stored on the web server, are also known.
  • said technical solutions are effective with respect to software applications or APP that do not provide strong and safe user' s identification and authentication systems, their weak point is the possibility of loss or theft of the electronic device and a possible fraudulent use of said electronic device before activating procedures for blocking the activities and/or services.
  • said known software applications or APP need the use of many passwords and/or enabling pin that the user has difficulties to remember .
  • An object of the present invention is therefore to obviate the above-mentioned technical drawbacks and, in particular, to provide a process/method for obtaining a system for a reliable identification and subsequent authentication of the user of an electronic device and to make highly safe the activities/services offered by Third Parties to prevent fraudulent activity in case of theft or loss of the electronic device, as well as to prevent fraudulent activity in case of hacking the unique identification data of the user and the data and hardware and software tools used for said activities and/or services; practically, the present invention discloses a system comprising two electronic devices (a smartphone, tablet or other electronic device and an accessory item, such as a passive or active tag or a smart device, where some identification data of the user are stored) , an application software or ⁇ for registering the unique identification data of the user and of the electronic device, a web server for communicating with the electronic device of the user, which is also able to perform an association and a D5 encryption of the unique identification data of the user and of the electronic device, to store some of said encrypted data into the accessory
  • Another object of the present invention is to obtain an extremely safe process/method that does not require any password or pin and therefore makes it easier and faster the use of software applications or APP that allow specific activities or services offered by Third Parties .
  • a safe identification system and a relative method which comprises the following steps: - registering the user at a web server for a subsequent identification/authentication of said user through a smartphone, tablet or other electronic device in which a software application or ⁇ operates, said APP being downloaded from the web address for managing the registration procedure of the user and of the coupled electronic device and for sending unique identifying data to a web server, said data being for example the name, surname and address of the user, the phone number of the electronic device, an e-mail address and the unique identification code of the electronic device (CIUD) ;
  • an accessory item such as a passive or active tag or a smart device
  • a software application or APP operates, said APP being downloaded from the web address of said Third Party or from a webstore managing an activity and/or service, such as recharging of a financial instrument, mobile or remotely payments, accesses to private properties or places or things with prior authorization and/or identification for bureaucratic formalities, etc.;
  • FIG. 1 shows the registration phase by the user who sends his/her unique identifying data and data related to his/her electronic device to the web server, said web server being provided for creating the User Card, for encrypting the data entered in the User Card, for storing the encrypted data related to the user in the accessory item, for generating the security code (pin) and for sending the accessory item and the security code (pin) to the user who requested the registration, according to the present invention;
  • FIG. 2 shows the phase of requesting identification and safe authentication of the user by a Third Party by using a software application or APP, which acquires the encrypted identification data of the user (inserted in said accessory item) and sends said data, together with the unique identification code of the electronic device (CIUD) , to the web server; the web server, in turn, after a series of checks relating to the adequacy of said data, will ensure the identification and authentication of the user or will report a non- identification of the user, who therefore will not be authenticated; said conditions will be sent to the software application or APP of the Third Party, which may or may not allow the execution of the activity and/or service, according to the present invention.
  • a software application or APP which acquires the encrypted identification data of the user (inserted in said accessory item) and sends said data, together with the unique identification code of the electronic device (CIUD) , to the web server; the web server, in turn, after a series of checks relating to the adequacy of said data, will ensure the identification and authentication
  • the process/method for obtaining a reliable identification system of a user requires the simultaneous presence of two separate but mutually coupled electronic devices, wherein one of said devices is a smartphone, a tablet or another electronic device and the other device is a passive or active tag or a smart device;
  • the system can be used by Third Parties to carry out safe activities and/or services, such as for example recharging of a financial instrument, mobile or remotely payments, accesses to private properties or places or things with prior authorization of access and/or identifications for bureaucratic formalities, etc.
  • the system also provides for a first registration phase, according to which the person/user/owner (1) of a smartphone, tablet or other electronic device (10), by using a software application or APP (11), which is downloaded from a web portal that manages the registration procedure of the user (1) and the coupled electronic device (10), provides for sending (12) unique identification data, such as the name, surname and/or address of the user, the phone number of the device (10) , an e
  • the web server (100) Only if the web server (100) receives a related confirmation (102) to the text message by the user (1), said web server (100) is able to create (103) a User Card (200) where the unique identification data of the user (1) and of the electronic device (10) are saved (10), said data being identified by a User ID and said web server (100) also creating a link between the user (1) and the electronic device (10); the software application (21) managing said web server (100) also performs an MD5 encryption (104) of the unique data contained in said User Card (200) and subsequently stores (105) only the data (201) relating to the user (1) on an accessory item, such as a passive (50) or active tag (51) or a smart device (52), in addition to defining and writing (106) a secret code (pin) (60) to be used if the user is blocked by the web server; subsequently, the system sends directly to the address user (1) both the accessory item (50, 51, 52) and the secret code (pin) (60).
  • an accessory item such as
  • the user (1) by using the electronic device (10) with which he/she carried out his/her registration on the web server (100) , can subsequently be identified by comparing the data stored in the accessory item (50, 51, 52) and the data stored in the electronic device (10), such as the CIUD code, and the data present on the web server, said data being stored in a unique User Card (200) . Since said identifying data are encrypted unique identifying data (104) it is impossible for hackers to trace the single "nature" of said data present in the User Card (200) .
  • the encrypted unique identifying data (104) are divided on two separate electronic devices (smartphone and/or tablet 10 and a wearable accessory item 50, 51, 52) , only the simultaneous presence of said two electronic devices allows for a certain identification of the user (1); therefore, it is necessary for attackers to carry out a simultaneous theft of said two electronic devices (10, 50, 51, 52) to steal the identity of the user (1) .
  • the method of the present invention allows to activate a security procedure for sending a communication to the web server by using a password identifying the security code (pin) (60), which is available only to the user (1).
  • a Third Party that allows users (1) to perform activities and/or services by using an electronic device (10) also allows said users (1) to carry out said activities, thus having a safe identification of said users' identity through a request of identification and authentication to the web server (100) where the user (1) has carried out a registration, thus obviating frauds and thefts and without having to request the user (1) any password or additional pins.
  • the user (1) who requests a Third Party access to an activity/service that can be used with an electronic device (10) is able to use a software application or APP (21) downloaded from the web server (100) of the Third Party or by a webstore; the software application (21) asks the user (1) to be identified by requesting (22A) him/her to acquire the data (201) stored on the active or passive tag (50, 51) or by requesting (22B) to acquire the data (201) stored on the smart device (52) (and optionally a temporary random code (202)), and, once obtained (23A, 23B) , to send said data (24) to the web server (100) together with the unique identification code of the electronic device (CIUD) (10) .
  • a software application or APP (21) downloaded from the web server (100) of the Third Party or by a webstore
  • the software application (21) asks the user (1) to be identified by requesting (22A) him/her to acquire the data (201) stored on the active or passive tag (50, 51) or by requesting (22
  • a software procedure on the web server will provide for verifying (111) the equality between the unique data stored in the User Card (200) (together with a possible temporary random code (202) if a supplementary software procedure for managing temporary random codes is also provided on the web server (100)) and the data sent by the electronic device (10); if said data are equal (112), the software application (21) will also perform other security checks (113) and, only if said checks are overcome, the software application will send to the electronic device (10) a confirmation of identification/authentication (115); on the contrary, said procedure of identification and/or authentication (123) will be blocked if the data sent by the electronic device (10) are not equal (121) to the data stored in the User Card (200) or the security checks (113) are not overcome (122). Only said authentication step (115) will allow the user (1) to proceed with the execution of the related activity/service (25); if there is no authentication (123), the system provides for a blocking (26) of said activities/services.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un procédé d'obtention d'un système fiable d'identification et d'authentification d'une personne utilisatrice, ledit procédé nécessitant la présence simultanée de deux dispositifs électroniques distincts et couplés, tel qu'un téléphone intelligent ou une tablette et une étiquette ou un dispositif intelligent passif ou actif, sans avoir besoin que l'utilisateur insère de mot de passe ou de code NIP. Le système peut être utilisé par des tiers pour proposer des activités et/ou des services, tels que la recharge d'un instrument financier, des paiements mobiles ou à distance, des accès à des propriétés privées ou à des lieux ou objets avec une autorisation préalable d'accès et/ou des identifications destinées à des formalités administratives nécessitant d'identifier l'utilisateur.
EP18723383.8A 2017-03-21 2018-03-05 Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée Withdrawn EP3616112A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IT102017000030500A IT201700030500A1 (it) 2017-03-21 2017-03-21 Processo/metodo di identificazione / autenticazione certa di una persona senza password o pin utilizzando due dispositivi elettronici separati ma fra loro associati ed applicazioni software relative
PCT/IT2018/000032 WO2018173081A1 (fr) 2017-03-20 2018-03-05 Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée

Publications (1)

Publication Number Publication Date
EP3616112A1 true EP3616112A1 (fr) 2020-03-04

Family

ID=59521512

Family Applications (1)

Application Number Title Priority Date Filing Date
EP18723383.8A Withdrawn EP3616112A1 (fr) 2017-03-21 2018-03-05 Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée

Country Status (3)

Country Link
EP (1) EP3616112A1 (fr)
IT (1) IT201700030500A1 (fr)
WO (1) WO2018173081A1 (fr)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2306139C (fr) * 1997-10-14 2007-04-17 Visa International Service Association Personnalisation de cartes a puce
EP2063400A1 (fr) * 2007-11-23 2009-05-27 Gemalto SA Module d'accès de sécurité virtuel
EP2141667A1 (fr) * 2008-06-25 2010-01-06 Gemalto SA Procédé de calcul d'identifiant pour services Web
EP2579199A1 (fr) * 2011-10-06 2013-04-10 Gemalto SA Procédé de paiement d'un produit ou d'un service sur un site marchand par l'intermédiaire d'une connexion Internet et terminal correspondant

Also Published As

Publication number Publication date
IT201700030500A1 (it) 2018-09-21
WO2018173081A1 (fr) 2018-09-27

Similar Documents

Publication Publication Date Title
US11664997B2 (en) Authentication in ubiquitous environment
TWI667585B (zh) 一種基於生物特徵的安全認證方法及裝置
US11184343B2 (en) Method for carrying out an authentication
US10616198B2 (en) Apparatus, system and method employing a wireless user-device
CA2980114C (fr) Authentification dans un environnement omnipresent
CN103544599B (zh) 用于在移动终端内认证、存储和交易的嵌入式安全元件
CN204948095U (zh) 认证装置和确保应用程序和用户之间的交互的系统
CN104321777B (zh) 生成公共标识以验证携带识别对象的个人的方法
CA2857106C (fr) Methode de securisation de transactions electroniques
KR20210121307A (ko) 복수의 장치로부터 데이터에 액세스하기 위한 시스템
US20160155123A1 (en) System and method for user authentication by using a physical financial card and mobile communication terminal
JP2009510644A (ja) 安全な認証のための方法及び構成
US20150038118A1 (en) Method for verifying the identity of a user of a communicating terminal and associated system
US9692754B2 (en) Ensuring the security of a data transmission
US11620650B2 (en) Mobile authentication method and system therefor
KR20070029537A (ko) 무선단말기와 연동한 개인별고유코드를 활용한인증시스템과 그 방법
KR101294805B1 (ko) 2-채널 앱인증 방법 및 시스템
WO2018122883A1 (fr) Processus/procédé de sécurité pour envoyer et échanger un code aléatoire d'activation temporaire entre au moins trois dispositifs électroniques pour des recharges, des paiements, des accès et/ou des id de propriétaires d'un dispositif mobile, tel qu'un téléphone intelligent
US20160342996A1 (en) Two-factor authentication method
KR101187414B1 (ko) 휴대용 단말기에 발급된 카드 인증 시스템 및 방법
EP3752936B1 (fr) Processus/procédé de d'authentification d'identité par envoi et échange d'un mot de passe personnel temporaire parmi au moins quatre dispositifs électroniques destiné aux recharges, paiements, accès et/ou identifications du propriétaire d'un dispositif mobile, tel qu'un téléphone intelligent
US20140359703A1 (en) Method for securing an action that an actuating device must carry out at the request of a user
EP3616112A1 (fr) Procédé d'identification/authentification d'utilisateurs à l'aide de deux dispositifs électroniques couplés et application logicielle associée
KR101381388B1 (ko) 스마트 단말기의 실명인증 시스템
CN103814381A (zh) 用于允许访问web应用的被保护部分的方法和系统

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20190919

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

RIC1 Information provided on ipc code assigned before grant

Ipc: G06Q 20/32 20120101ALI20201111BHEP

Ipc: G06Q 20/40 20120101ALI20201111BHEP

Ipc: G06F 21/34 20130101ALI20201111BHEP

Ipc: G06Q 20/34 20120101ALI20201111BHEP

Ipc: H04W 12/06 20090101AFI20201111BHEP

Ipc: H04L 29/06 20060101ALI20201111BHEP

Ipc: G06F 21/31 20130101ALI20201111BHEP

Ipc: G07F 7/10 20060101ALI20201111BHEP

Ipc: G06Q 20/36 20120101ALI20201111BHEP

INTG Intention to grant announced

Effective date: 20201215

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20210427