ES2224841B1 - NETWORK USER IDENTIFICATION SYSTEM. - Google Patents

NETWORK USER IDENTIFICATION SYSTEM.

Info

Publication number
ES2224841B1
ES2224841B1 ES200300689A ES200300689A ES2224841B1 ES 2224841 B1 ES2224841 B1 ES 2224841B1 ES 200300689 A ES200300689 A ES 200300689A ES 200300689 A ES200300689 A ES 200300689A ES 2224841 B1 ES2224841 B1 ES 2224841B1
Authority
ES
Spain
Prior art keywords
user
identification
card
dvd
errors
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
ES200300689A
Other languages
Spanish (es)
Other versions
ES2224841A1 (en
Inventor
Pedro Gallego Rubio
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to ES200300689A priority Critical patent/ES2224841B1/en
Priority to PCT/ES2004/000122 priority patent/WO2004084487A1/en
Publication of ES2224841A1 publication Critical patent/ES2224841A1/en
Application granted granted Critical
Publication of ES2224841B1 publication Critical patent/ES2224841B1/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/086Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by passive credit-cards adapted therefor, e.g. constructive particularities to avoid counterfeiting, e.g. by inclusion of a physical or chemical security-layer
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Storage Device Security (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Sistema de identificación de usuarios en la red. La presente invención consiste en un sistema de identificación de usuarios en la red, mediante empleo de un hardware de identificación tipo: cd-card, dvd-card, DVD o CD-Room, que dispone de una zona impresa específica donde el usuario realice sus ralladuras, escrituras o marcas que se van a interpretar como errores, para ser grabados por la organización en la base de datos del servidor que da soporte a las verificaciones electrónicas, a fin de que una vez colocado por el usuario en su equipo informático en todas sus operaciones, el sistema de la organización pueda realizar la comprobación de autenticidad, mediante intercambio de información entre la unidad externa y el servidor correspondiente, verificando que un número determinado de errores coinciden.User identification system in the network. The present invention consists of a system of identification of users in the network, using a type of identification hardware: cd-card, dvd-card, DVD or CD-Room, which has a specific printed area where the user makes their scratches, deeds or marks that are to be interpreted as errors, to be recorded by the organization in the database of the server that supports the electronic verifications, so that once placed by the user in his computer equipment in all In its operations, the organization's system can verify the authenticity, by exchanging information between the external unit and the corresponding server, verifying that a certain number of errors coincide.

Description

Sistema de identificación de usuarios en red.Network user identification system.

La invención se encuadra en el sector de las nuevas tecnologías, en concreto se trata de un procedimiento de comprobación de autoría en las operaciones realizadas a través de una red informática ya sea local o remota (internet), haciendo uso de un hardware de identificación adicional tipo: cd-card, dvd-card, DVD o CD-Rom personal que se le proporcionará a cada usuario con el alta del servido.The invention falls within the field of new technologies, specifically it is a procedure of proof of authorship in the operations carried out through a computer network either local or remote (internet), using of an additional identification hardware type: cd-card, dvd-card, DVD or Personal CD-Rom that will be provided to each user with the registration of the service.

El estado de la técnica en la materia aporta los sistemas de comprobación o verificación de usuarios que incorporan requisitos de seguridad en las operaciones que se realizan a través de Internet. En concreto, los sistemas de pago a través de Internet están basado en unos formularios donde el usuario implementa toda la información que le es requerida; nombre y apellidos, clave de usuario, número de tarjeta, fecha de caducidad, etc., en todos los casos la información viaja por la red, generalmente encriptada y el protocolo de seguridad la valida.The state of the art in the field provides the verification or verification systems of users that incorporate security requirements in operations carried out through from Internet. Specifically, payment systems over the Internet they are based on forms where the user implements all the information that is required; name and surname, password of user, card number, expiration date, etc., in all cases the information travels through the network, usually encrypted and the security protocol validates it.

Incluso algunos sistemas de seguridad solicitan una clave dinámica que puede ser consultada por el usuario en una tarjeta que le ha proporcionado el banco.Even some security systems request a dynamic key that can be consulted by the user in a card provided by the bank.

Así el "Sistema de identificación de usuarios en la red" no tiene antecedentes en el estado de la técnica y aporta respecto a la misma las siguientes venta-
jas:Thus, the "User identification system in the network" has no background in the state of the art and provides the following sales with respect to it.
jas:

Es complementario a los sistemas de seguridad convencionales aumentando la seguridad de las operaciones en Internet mediante asociación de un usuario a un hardware de identificación, periférico, que se le entrega al mismo y donde se realizan los errores, marcas o ralladuras en el soporte, que lo hacen único.Is complementary to conventional security systems increasing Internet operations security through association of a user to an identification hardware, peripheral, that is delivery to it and where errors, marks or scratches on the support, which make it unique.

Es muy sencillo de usar y, a diferencia de las tarjetas donde se consultan claves dinámicas, no incorpora ningún campo adicional en la realización de la operación.Is very simple to use and, unlike the cards where they are consulted dynamic keys, does not incorporate any additional fields in the operation completion.

El "Sistema de identificación de usuarios en la red" de aplicación en redes locales o remotas donde los usuarios puedan acceder a información personal y/o realizar operaciones en soporte electrónico, consiste en un hardware de identificación tipo: cd-card, dvd-card, DVD o CD-Rom que dispone de una zona específica donde el usuario para realizar el alta realizará su ralladuras, escrituras o marcas que lo identifican de forma unívoca en términos de errores del sistema. A continuación, se procede por la organización a su grabado en la base de datos del servidor encargado de la identificación que da soporte a la transferencia de datos. Posteriormente, el usuario puede ya realizar unaoperación en cualquier ordenador con conexión al servidor de identificación, el cual le pide una comprobación de autoría mediante la comparación entre los errores de la base de datos del servidor y los existentes en su cd-card, dvd-card, DVD o CD-Rom una vez introducido en el ordenador desde donde desea realizar la operación.The "User Identification System in the network "application in local or remote networks where users can access personal information and / or perform operations in electronic support, consists of an identification hardware Type: CD-Card, DVD-Card, DVD or CD-Rom that has a specific area where the user to register will make their scratches, deeds or brands that uniquely identify it in terms of errors of the system. Then, the organization proceeds to its recorded in the database of the server in charge of the identification that supports data transfer. Subsequently, the user can already perform an operation on any computer with connection to the identification server, the which asks for proof of authorship by comparing between server database errors and existing ones on your cd-card, dvd-card, DVD or CD-Rom once inserted into the computer from Where you want to perform the operation.

Así, mediante dicho software, cuando introducimos nuestro hardware de identificación tipo: cd-card, dvd-card, DVD o CD-Rom en el equipo informático desde donde deseamos realizar la operación y activamos el mismo, se intercambia información entre nuestro equipo informático y el servidor correspondiente, verificando que el número determinado de errores detectados en el equipo, coinciden con los de las bases de datos previamente almacenados en el servidor de identificación, con lo que se comprueba que la persona que hace la operación es quien maneja el equipo informático, y se autoriza la transacción.Thus, by means of said software, when we introduce Our hardware identification type: cd-card, dvd-card, DVD or CD-Rom on the computer IT from where we want to perform the operation and activate the same, information is exchanged between our team computer and the corresponding server, verifying that the determined number of errors detected in the device, match with those of the databases previously stored on the server  of identification, which proves that the person doing the operation is who manages the computer equipment, and is authorized the transaction.

A modo de ejemplo de realización preferente del "Sistema de identificación de usuarios en la red" se puede llevar a cabo para realizar operaciones de banca electrónica con un hardware de identificación que proporciona el banco a sus clientes usuarios de este servicio y sobre el que se indica la zona donde han de hacer la marca. Una vez rubricada por el usuario en las oficinas del banco, la entidad emisora graba en la base de datos del servidor todos los errores que se han cometido en la tarjeta del hardware del usuario, verifica su adecuación, la protege contra escritura y se la devuelve a su cliente.By way of example of preferred embodiment of "User identification system on the network" can be carry out to perform electronic banking operations with a identification hardware provided by the bank to its customers users of this service and on which the area where They have to make the mark. Once signed by the user in the Bank offices, the issuing entity records in the database of the server all the errors that have been committed on the card of the user's hardware, verify its suitability, protect it against write and return it to your client.

Así, el cliente ya puede conservarla y hacer uso de ésta cada vez que quiera realizar una operación sobre sus cuentas en soporte electrónico en condiciones óptimas de seguridad.Thus, the customer can now keep it and make use of this every time you want to perform an operation on your accounts in electronic support in optimal conditions of security.

Cuando el usuario desea realizar un pago a través de Internet, podrá hacer uso de cualquier ordenador con conexión a Internet en el que introducirá el hardware de identificación, por ejemplo un CD-Rom, y seguirá el proceso habitual de acceso al portal del banco, páginas personales e implementación de formularios.When the user wishes to make a payment to through the Internet, you can use any computer with Internet connection where you will enter the hardware of identification, for example a CD-Rom, and will follow the usual process of accessing the bank's portal, personal pages and implementation of forms.

Así, una vez se haya accedido a la operación que se desea realizar y previamente a la realización de la transacción, el servidor de identificación pedirá verificación de sectores deteriorados por la ralladura o marca superficial sobre el CD-Rom, para verificar la coincidencia con los errores que identifican al usuario en la base de datos del servidor.Thus, once the operation that it is desired to carry out and prior to the completion of the transaction, the identification server will ask for sector verification deteriorated by the scratch or surface mark on the CD-Rom, to verify the coincidence with the errors that identify the user in the database of the server.

No se considera necesario hacer más extensa esta descripción para que cualquier experto en la materia comprenda el alcance de la invención y las ventajas que de la misma se derivan. El hardware de identificación empleado para el almacenamiento de las ralladuras o marcas superficiales que identifican a cada usuario, el procedimiento de grabación de las mismas, así como el software que implementa la comprobación en cada operación, serán susceptibles de variación siempre y cuando ello no suponga una alteración en la esencialidad del invento.It is not considered necessary to extend this description so that any subject matter expert understands the scope of the invention and the advantages derived therefrom. The identification hardware used for the storage of the scratches or surface marks that identify each user, the procedure for recording them, as well as the software that implements the verification in each operation, will be susceptible of variation as long as this does not imply alteration in the essentiality of the invention.

Claims (2)

1. Sistema de identificación de usuarios en la red aplicables en Internet o Intranet donde los usuarios puedan acceder a información personal y/o realizar operaciones en soporte electrónico, caracterizado por su hardware de identificación tipo cd-card, dvd-card, DVD o CD-Rom que contiene una zona específica donde cada usuario, para realizar el alta, realiza su ralladuras, escrituras o marcas, que lo identifica de forma unívoca en términos de errores del sistema, y que una vez grabadas por la organización en su base de datos, se entrega a cada usuario para su uso en cada operación; y por un software que lo implementa, que comprueba que el usuario que realiza la consulta u operación es el que tiene el cd-card, dvd-card, DVD o CD-Rom que lo identifica como tal.1. System of identification of users in the network applicable on the Internet or Intranet where users can access personal information and / or perform operations on electronic support, characterized by their identification hardware such as cd-card, dvd-card, DVD or CD -Rom that contains a specific area where each user, to register, performs their scratches, deeds or marks, which identifies it uniquely in terms of system errors, and that once recorded by the organization in its database , is delivered to each user for use in each operation; and by a software that implements it, which verifies that the user who performs the query or operation is the one with the cd-card, dvd-card, DVD or CD-Rom that identifies it as such. 2. Sistema de identificación de usuarios en la red según reivindicación 1, caracterizado porque el usuario introduce el hardware de identificación en el ordenador conectado a internet, el cual mediante un software adecuado, y antes de activar desde cualquier ordenador con conexión al servidor del portal de la organización responsable de la identificación una consulta u operación en el mismo, va a realizar una comprobación de autoría mediante la comparación entre los errores de la base de datos del servidor que identifican al usuario y los existentes en el hardware de identificación que ha sido introducido por el usuario en el ordenador desde donde desea realizar la operación.2. User identification system in the network according to claim 1, characterized in that the user enters the identification hardware into the computer connected to the internet, which by means of suitable software, and before activating from any computer connected to the portal server of the organization responsible for the identification of a query or operation in the same, will perform a check of authorship by comparing the errors in the server database that identify the user and those existing in the identification hardware that has been entered by the user in the computer from where you want to perform the operation.
ES200300689A 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM. Expired - Fee Related ES2224841B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
ES200300689A ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.
PCT/ES2004/000122 WO2004084487A1 (en) 2003-03-17 2004-03-16 Personal network identification method using a cd-card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
ES200300689A ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.

Publications (2)

Publication Number Publication Date
ES2224841A1 ES2224841A1 (en) 2005-03-01
ES2224841B1 true ES2224841B1 (en) 2006-06-16

Family

ID=33017090

Family Applications (1)

Application Number Title Priority Date Filing Date
ES200300689A Expired - Fee Related ES2224841B1 (en) 2003-03-17 2003-03-17 NETWORK USER IDENTIFICATION SYSTEM.

Country Status (2)

Country Link
ES (1) ES2224841B1 (en)
WO (1) WO2004084487A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2890509B1 (en) * 2005-09-07 2009-10-30 Mediscs Sarl METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING THE SAME

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2298379A1 (en) * 2000-02-14 2001-08-14 Point Net Communication Inc. System and method for secure transactions over a network
GB2373091A (en) * 2002-05-29 2002-09-11 Donald Eric Butterfield Copy protection

Also Published As

Publication number Publication date
WO2004084487A1 (en) 2004-09-30
ES2224841A1 (en) 2005-03-01

Similar Documents

Publication Publication Date Title
CN110086830B (en) Searchable encrypted data
US7543741B2 (en) System, method and program product for credit card transaction validation
US7278026B2 (en) Method and system for the generation, management, and use of a unique personal identification token for in person and electronic identification and authentication
US7051929B2 (en) Secure credit card having daily changed security number
KR101460934B1 (en) Privacy enhanced identity scheme using an un-linkable identifier
US20050080730A1 (en) System and method for secure account transactions
US20090158030A1 (en) Doing business without SSN, EIN, and charge card numbers
FR2717286B1 (en) Method and device for authenticating a data medium intended to allow a transaction or access to a service or a place, and corresponding medium.
US20160086171A1 (en) Indication of Recurring Transaction for Payment Devices and Credit Cards
US9466058B2 (en) Multi-purpose transaction card and associated methods and systems
CN103310141A (en) Method and system for monitoring of certificate information security
US20040054888A1 (en) Method and system of authentication and ownership verification of collectables
CN104573442A (en) E-coupon generation method and device
US20060200674A1 (en) Method for securing rfid charge value media via cryptographic signing and block locking
CA2781425C (en) Identification card
JP2002041695A (en) Method for issuing certificate, method for confiring certificate and certificate issuing center system
US6412690B1 (en) Credit card security method and credit card
ES2224841B1 (en) NETWORK USER IDENTIFICATION SYSTEM.
CN103295169B (en) Method and system for safely supervising real estate real person registration information
JP2001338151A (en) Extra personal information storage substrate, security system for personal information storage substrate and security method for personal information storage substrate
CN100407217C (en) Anti-faking and authentication method for bill using identifying code
US8548857B2 (en) Method and system for detection of credit card fraud
KR20020041375A (en) The Method For Combined Use A Credit Card As A ID Card
KR100565546B1 (en) Finance correspondent system of security card give characteristic number for cipher algorism and method thereof, and media that can record computer program for method thereof
KR20020073717A (en) A Personal Approval System from the Off-line for Fingerprint Cognition and Smart Card and Method thereof

Legal Events

Date Code Title Description
EC2A Search report published

Date of ref document: 20050301

Kind code of ref document: A1

FG2A Definitive protection

Ref document number: 2224841B1

Country of ref document: ES

FD2A Announcement of lapse in spain

Effective date: 20180808