GB2450537A - Identity verification using a subset of identification symbols - Google Patents

Identity verification using a subset of identification symbols Download PDF

Info

Publication number
GB2450537A
GB2450537A GB0712639A GB0712639A GB2450537A GB 2450537 A GB2450537 A GB 2450537A GB 0712639 A GB0712639 A GB 0712639A GB 0712639 A GB0712639 A GB 0712639A GB 2450537 A GB2450537 A GB 2450537A
Authority
GB
United Kingdom
Prior art keywords
pin
subset
user
symbols
identification symbols
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0712639A
Other versions
GB0712639D0 (en
Inventor
Jon Gulley
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Symbian Software Ltd
Original Assignee
Symbian Software Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Symbian Software Ltd filed Critical Symbian Software Ltd
Priority to GB0712639A priority Critical patent/GB2450537A/en
Publication of GB0712639D0 publication Critical patent/GB0712639D0/en
Publication of GB2450537A publication Critical patent/GB2450537A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

A method and apparatus for verifying identity of a user which make use of a device which is may store a much longer PIN (list of symbols) than is easily humanly memorisable. Then, in order to verify the identity of a user, a subset of elements of the PIN are provided, which can be compared with the PIN issuer's copy of the PIN to perform the user authentication. In preferred embodiments, each element of the PIN is used only once, such that it is not possible for a surveilling party to monitor entry of sub-elements of the PIN, and then use the monitored information to gain unauthorised access, for example, to a bank account. In other embodiments, each element of the PIN may be used multiple times, but each subset of elements in combination may only be output once. Moreover, preferably, once a PIN has expired, for example by each element or combination of elements having been used, then the PIN may preferably be re-provisioned, either completely, or in part. To allow for easy re-provisioning, preferably the device storing the PIN is a mobile communications device such as a mobile telephone. Providing a mobile telephone to store a PIN also provides additional advantages, in terms of allowing communication of the PIN via various mechanisms, such as over the cellular link, either as a text message, or transmitted within a data packet over a data connection, carried either via the cellular link, or via short range links such as Bluetooth, infrared, or the like.

Description

Method and Apparatus for Identity Verification
Technical Field
The present invention relates to a method and apparatus for verifying or authenticating identity, and in particular to such a method or apparatus in which a subset of symbols from a prearranged identification set of symbols is used to perform the identity verification or authentication.
Background to the Invention and Prior Art
The use of personal identification (PIN) numbers is well known in the art. For example, PIN numbers have been provided for use with magnetic stripe cards at bank ATM machines for many years.
More recently, PIN numbers have also been used to facilitate secure transactions over the Internet. For example, "Internet banking" has become common place, where a user uses a PC equipped with a web browser to access his bank's website, for the purposes of checking account balances, transferring money, or the like.
Often, as part of an Internet banking login process, a user will be asked to enter a PIN number, or, more commonly, only certain elements of a PIN number. For example, a user may be asked to enter only, for example, the first, third and last elements of their PIN. The advantage of this is, of course, that if the user is being observed in entering the PIN, whether in person, or for example, using spyware installed on the computer, then as only a subset of the PIN has been entered, the surveilling party does not obtain the full PIN. As commonly the next time a user attempts the login process different elements of the PiN will be requested the surveilling party should not be able to login to the user's account.
While such arrangements in theory provide an adequate degree of security, in practice, because a PIN number has to be memorised by the human user, its length is of necessity relatively short. For example, the HSBC Internet banking login process makes use of a six to ten digit PIN number, from which sub-elements are requested upon any particular login. However, with such a small number of elements within the PIN, necessary to make the PIN human memorisable, it does not require many login processes to be observed before a surveilling party can build up a sufficient number of elements of the PiN to then attempt an unauthorised login. Moreover, because of the relatively small number of elements in the PIN, it is possible on any two logins for the same combination of elements to be requested. When this is the case, a correct response does not necessarily indicate that the authorised user is in fact present, as the same login elements could equally be entered by a surveilling party.
Nevertheless, the use of subsets of elements of PIN numbers for authentication and identity verification is useful, but it would be useful if the above noted drawbacks could be overcome.
Summary of the Invention
is To address, at least in part, the above noted problems, embodiments of the present invention provide a method and apparatus for verifying identity of a user which make use of a device which is capable of storing a much longer PIN than is easily humanly memorisable. Then, in order to verify the identity of a user, a subset of elements of the PIN are provided, which can be compared with the PiN issuer's copy of the PIN to perform the user authentication. In preferred embodiments, each element of the PIN is used only once, such that it is not possible for a surveilling party to monitor entry of sub-elements of the PIN, and then use the monitored information to gain unauthorised access, for example, to a bank account. In other embodiments, each element of the PiN may be used multiple times, but each subset of elements in combination may only be output once. Moreover, preferably, once a PIN has expired, for example by each element or combination of elements having been used, then the PIN may preferably be reprovisioned, either completely, or in part. To allow for easy reprovisioning, preferably the device storing the PIN is a mobile communications device such as a mobile telephone. Providing a mobile telephone to store a PIN also provides additional advantages, in terms of allowing communication of the PIN via various mechanisms, such as over the cellular link, either as a text message, or transmitted within a data packet over a data connection, carried either via the cellular link, or via short range links such as Bluetooth, infrared, or the like.
In view of the above, from a first aspect the present invention provides a device for aiding verification of a user identity, comprising: memory storing a predetermined set of identification symbols; and a controller for selecting a subset of identification symbols from said predetermined set in said memory, said subset being output for verifying said user identity. By providing a device for storing the set of identification symbols such as a PIN, then a much longer PiN than has heretofore been practically used becomes possible, increasing the security of an authentication process which makes use of the PIN. Moreover, selecting only a subset of identification symbols means that an observing party which observer one authentication process will not gain much knowledge of the PIN, and will be unlikely to perform a fraudulent authentication. Providing this protection could help reduce instances of identity theft by securing any identity information associated with transaction data stored on a database or transmitted over a network such as the internet.
In one embodiment the controller is further arranged to select said subset of identification symbols such that at least one symbol in said subset has not been previously selected. This increases security, as an observing party attempting an unauthorised authentication will not have had an opportunity to observe the previously unused symbol. Moreover, it also provides for possible detection of fraudulent authentication attempts, as if symbols are provided which have all been used before, then the attempt can be identified as fraudulent.
More preferably within the embodiment the selection is such that every selected symbol in said subset has not been previously selected. This increase security even further, as an observing party will not have observed any of the sub-PIN elements.
Moreover, use of any element which has previously been used in an authentication attempt will identify the attempt as fraudulent.
In an alternative embodiment the controller is further arranged to select said subset of identification symbols such that the combination of said symbols in said subset has not previously been selected. This provides a relatively high level of security, in that the same combination of symbols may not be used as the subset. However, allowing symbols to be re-used, albeit in different combinations increases the useful life of the set of identification symbols before such symbols need to be re-provisioned.
In some embodiments the device is further provided with a screen for displaying said subset of symbols to said user. This allows the user to communicate the symbols, for example verbally to an operator during a transaction.
Further, in embodiments preferably the device is further provided with one or more control input buttons, preferably a numeric keypad, for indicating to said controller which symbols of said predetermined set of symbols should be selected for inclusion in said subset. This allows the individual elements to form the sub-set of identification symbols to be specified, and hence allows the processing load of keeping track of which symbols have been used to be moved, for example to a central authenticating server.
The device could be any device capable of communication, such as a mainframe computer connected to the internet. The mode of communication could be a serial cable connection, an JR link, Bluetooth, GSM, or any other method for transmitting data.
In a preferred embodiment, the device is a mobile telecommunications device. This allows for increased flexibility of operation, and for the mobile device's communications interfaces to be used to communicate the sub-set of ID symbols to other elements. More preferably, the subset of identification symbols are therefore output as a data message transmitted from said device. Even more preferably, the data message is encrypted by the mobile telecommunications device prior to transmission. This increases the security level of the arrangement.
Where the device is a mobile telecommunications device, this may further comprise a receiver for receiving challenge messages requesting the provision of a sub-set.
Such allows an authenticating server to request the device to provide the sub-set of ID symbols for authentication purposes. Moreover, such operation can be transparent to the device user.
Preferably the challenge message contains data specifying which symbols of the predetermined set of identification symbols should be included in the subset, said controller selecting said symbols in dependence on said data. Again, this allows the processing load of keeping track of which symbols have been used to be moved to the back-end of the system.
The challenge messages and corresponding responses could be encrypted, such that even if they are intercepted it would be difficult to derive any information relating to the identification symbols. The challenge messages and responses could also be digitally signed. Signing of the challenge messages could be used to confirm the identity of the party requesting PIN infonnation, while signing of the responses provides an extra level of security.
In particularly preferred embodiments the predetermined set of identification symbols may be reprovisioned, either completely or in part. This allows for continued security to be maintained, and will prevent an observer, over time, gaining knowledge of the presently valid set of ID symbols. Reprovisioning could be achieved by the transfer of data specifying which symbols are to be replaced and which symbols are to replace them, or which symbols are to be added to supplement those already present. Deletion of old symbols could be performed after a new set of symbols has been provided. Messages transmitted in order to accomplish the reprovisioning could also be encrypted and/or digitally signed.
Preferably, where the device is a mobile communications device, the set of identification symbols are re-provisioned by receiving, at the mobile telecommunications device, a message containing reprovisioning data specifying a replacement or part-replacement set of identification symbols. This allows for more convenient re-provisioning of the ID symbol set.
From a second aspect.the invention also provides a method for aiding verification of a user identity, comprising: storing a predetermined set of identification symbols in a storage device; and selecting a subset of identification symbols from said predetermined set, said subset being output from said device for verifying said user identity. Within the second aspect the same advantages are obtained as in the first aspect, and the same further features and advantages can also be obtained.
From a third aspect the invention also provides a method of authenticating a user, comprising the steps: a) storing a set of identification symbols associated with a user to be authenticated; and b) providing a copy of said set of identification symbols to said user in a form for storage in a storage device to be kept by said user; said method further comprising authenticating said user by performing the following steps: c) receiving a subset of identification symbols purporting to be a subset from said set of identification symbols; and d) comparing said received subset of identification symbols with corresponding symbols in said set of identification symbols, to authenticate said user.
Additionally, from a fourth aspect there is also provided a computer program or suite of computer programs arranged such that when executed by one or more processors they cause the one or more processors to operate according to any of the second or third aspect. Moreover, a fifth aspect of the invention relates to a computer readable storage medium storing a computer program or at least one of the suite of computer programs according to the fourth aspect. Such a computer readable storage medium may be any such storage medium, including solid-state memory, magnetic storage such as FDD or HDD, optical storage such as optical disks, magneto-optical storage such as magneto-optical discs, or the like.
Further features, aspects, and advantages of the present invention will be apparent from the appended claims.
Brief Description of the Drawings
Further features and advantages of the present invention will also become apparent from the following description of embodiments thereof, presented by way of example only, and by reference to the accompanying drawings, wherein like reference numerals refer to like parts, and wherein: -Figure 1 is a diagram of an apparatus according to a first embodiment of the present invention; Figure 2 is a block diagram of the apparatus of the first embodiment of the present invention; Figure 3 is a flow diagram illustrating the operation of the apparatus according to the first embodiment of the present invention; Figure 4 illustrates how a sub-PIN may be accessed from the long P[N in an embodiment of the invention; Figure 5 illustrates how a sub-PIN may be accessed from the stored long PIN in an embodiment of the invention; Figure 6 is a diagram illustrating a first use case for the first embodiment of the present invention; Figure 7 is a flow diagram illustrating steps performed by an authenticating server in the first use case of the first embodiment of the present invention; Figure 8 is a diagram of an apparatus according to a second embodiment of the invention; Figure 9 is a block diagram of the apparatus according to the second embodiment of the invention; Figure 10 is a flow diagram illustrating steps performed by the apparatus according to the second embodiment of the invention; Figure 11 is a block diagram illustrating a second use case used with the second embodiment of the present invention; Figure 12 is a flow diagram illustrating the steps performed in the second use case of Figure 11; Figure 13 is a block diagram of an apparatus according to a third embodiment of the invention.
Figure 14 is a flow diagram illustrating steps performed by a PIN management program within the third embodiment of the present invention; Figure 15 is a message flow diagram illustrating steps performed and messages passed between entities in a third use case for use with the third embodiment of the invention; Figure 16 illustrates a first technique for reprovisioning a stored long PiN in embodiments of the invention; Figure 17 shows a second technique for reprovisioning the PIN for use in embodiments of the invention; Figure 18 illustrates a third technique for reprovisioning the PIN in embodiments of the invention; Figure 19 shows a further method of authenticating a user using a sub-PIN which may be used with embodiments of the invention; and Figure 20 illustrates a technique for partially encoding PIN elements for transmission which may be used with embodiments of the invention.
Description of the Embodiments
Several embodiments of the invention will now be described. Each of the embodiments makes use of a "long PIN", being a PIN formed of a plurality of symbols, preferably a relatively large number of symbols, and which is stored within a PIN device. On operation of the device, a subset of elements of the long PIN is provided, and this subset of elements is referred to herein as a "sub-PIN". To provide a suitable level of security, the length of the long PIN is of such a length that it would not be commonly humanly memorisable. For example, suitable lengths of the long PIN may be any length over 20 symbols, although preferably any length over 50 symbols, or 100 symbols may be used. The longer the PIN which is provided, then the greater the length of time and the greater use of the PIN will be possible, before the PIN needs to be reprovisioned.
In use, within the embodiments to be described the sub-PIN is provided to an authenticating party, such as a bank server, or the like, which stores a copy of the user's long PIN. The sub-elements can then be compared against the corresponding elements of the copy of the long PIN stored at the bank server, and if the elements match, or substantially match, then authentication can be performed and the user's identity is verified.
Preferably, within the embodiments the device storing the PiN only outputs each PIN element once, or, alternatively, each combination of PIN elements once. In other embodiments each combination of PIN elements forming a sub-PIN may contain elements which have previously been used, provided at least one element has not previously been used. Such techniques provide additionally security, as if a bank's server is presented with, in the first variant, any PIN element which it has been presented with previously, or, in the second variant, any combination of PIN elements which it has been presented with previously, then it knows that the authentication attempt is being performed by an unauthorised party, for example a surveilling party who has, for example, surveilled the user, to obtain the PiN from a previous transaction. In this respect, the first variant provides a higher level of security than the second variant, as within the second variant it may be that a surveilling party can determine the individual elements of a PIN which have not together been presented in combination, but have been presented separately in other combinations. However, with the first variant of the PIN, where each element may only be used once, then any attempt to reuse any element of a PIN will identify the authentication attempt as fraudulent. The third variant described above provides a level of security between the two.
In theory, such techniques could be used with the PINs used in the prior art, and particularly those used in Internet banking login processes. However, beóause of the short length of such PINs, the security options set out above would quickly be exhausted through use of the PIN, and the PINs would have to be continually reprovisioned, causing a user to have to remember different PiNs repeatedly. By providing a device which can securely store a longer PIN, then embodiments of the invention provide for such security measures as described above to be practically implemented.
With the above in mind, Figure 1 illustrates a long PIN storage device 10 according to a first embodiment of the invention. The long PIN storage device 10 externally is provided with a case housing the electronics to store the PIN, and is provided with a screen 14 on which sub-PIN elements can be displayed. An activation button 12 is provided, which a user can press to cause the apparatus 10 to display sub-PIN elements on the screen 14.
Figure 2 is a block diagram of the internal elements of the apparatus 10. Here, it can be seen that internally the apparatus contains a controller 16 provided with appropriate software to cause the apparatus 10 to operate to display sub-PINs, as will be described later. The activation button 12 provides an input to the controller 16 to inform the controller when the apparatus is to be operated to display a sub-PIN. The controller controls the screen 14 to display sub-PIN elements on activation. The long PIN is itself stored in a secure memory 18, which can be accessed by the controller 16, when the device is activated by pressing the activation button.
More particularly, Figure 3 shows the steps perfonned by the device 10 under the control of the software controlling the controller 16. In particular, at step 3.2 the secure memory stores the long PIN allocated to the user. In this respect, the apparatus 10 would, for example, be issued to a user by an organisation to which the user is required regularly to authenticate his identity. For example, organisations such as banks, the Government, or the like may be such organisations. Such organisations will have allocated to the user a long PIN number, comprising a plurality of symbols, for example, as mentioned, preferably at least 20 symbols, or more preferably at least 30 symbols, at least 40 symbols, at least 50 symbols, or higher. To provide additional security, in other embodiments preferably 100 or more symbols may be used, such as at least 500 symbols, or at least 1000 symbols. Any number of symbols may be used, with the greater the number of symbols within a long PIN having the effect that the long-PEN will have use over a longer period of time. The secure memory 18 stores the long PIN, and is preferably arranged such that it is not possible for an unauthorised party which gains access to the device 10 to directly read the long PIN therefrom. Such secure memory is known in the art. Each symbol or element of the PIN may be any alphanumeric character, such as a number, letter, or the like.
At step 3.4, the activation button 12 is pressed by the user, and preferably, in order to avoid inadvertent operation, the activation button should be pressed by the user for a predetermined amount of time, for example, 5 seconds, or the like, or in a correct manner. Once the activation button determines that it has been pressed for the correct amount of time, or, in the correct manner (for example, a certain number of times within a certain period e.g. "double-click") then it informs the controller 16 that the device is to be activated, and a sub-PIN to be displayed on the screen 14.
Next, at step 3.6 the controller 16 accesses the secure memory 18, and at step 3.8 retrieves the elements of the sub-PIN to be displayed from the secure memory.
In this respect, there are many options as to which elements may be retrieved for display as the sub-PIN. For example, as shown in Figure 4, in one variant a continuous block of sub-PIN elements 24 of the long PiN 20 may be read from the secure memory 18, the controller then causing the screen 14 to display the sub-PIN elements, at step 3.10. Alternatively, another method is to randomly access sub-PIN elements 26 from the long PIN 20 stored in the secure memory 18, as shown in Figure 5. The randomly accessed sub-PIN elements are then displayed on the screen 14, again at step 3.10.
Moreover, as discussed previously, the controller may also select only those elements from the secure memory 18 which have not been selected previously. Here, in the case of Figure 4 where a continuous block of items is to be selected, then the controller 16 selects from the long PIN 20 a continuous block of items 24 which does not overlap with any previous block of items which have been previously selected.
Likewise, where random items are to be selected, then the subset of elements for use as the sub-PIN is selected from that subset of elements of the long PIN 20 which have not been previously selected for output.
Alternatively, in other embodiments where all that is required is that the same combination of elements of the sub-PIN is not output, then the controller 16 selects such elements, either as a continuous block, or randomly, to form a combination which has not previously been output. In this respect, the controller 16 may store within the secure memory 18 a record of which combinations of elements have previously been output.
A similar operation is performed when the selected elements are to contain at least one element which has not been used before.
Howsoever the sub-PIN is selected, it is displayed to the user on the screen at step 3.10. As shown in Figure 1, preferably the sub-PIN elements themselves are displayed, together with their position within the long PIN. For example, in Figure 1, the 23 element is displayed, being the letter "A"; the 361h element is displayed, being the letter "G"; the 12th element of the long PIN is displayed, being the letter "L"; and the 98th element of the long PIN is displayed, being the letter "C".
II
Figure 6 illustrates a first use case for the device of the first embodiment. Here, imagine a user is using his computer 60 to access, via the Internet 62, an e-commerce website hosted on a web server 64. The e-commerce web server 64 provides to the user a secure web page 66, on which the user, to complete the transaction, may enter his credit card number, the amount of the transaction, as well as a requested sub-PIN.
The user obtains the sub-PIN in the manner described previously, i.e. by pressing the activation button 12 to activate the device 10. The device 10 then displays a sub-PIN to the user, and the user types the sub-PIN into the computer 60, at the appropriate point in the web page 66. The user's web browser then submits the information via the Internet 62 to the e-commerce web server 64.
Figure 7 illustrates the steps performed at the e-commerce web server 64 on receipt of the web page information 66.
More particularly, at step 7.2 the sub-PIN information is received, and then at step 7.4 access to the stOred long PIN for the user's account is performed. For example, imagine the e-commerce server 64 is a server of a credit card company, which has issued the user with the device 10, and therefore has stored the user's long PIN. At step 7.6 the sub-PIN elements received from the user's computer 60 are compared with the corresponding elements of the stored long PIN. In this respect, because the sub-PIN information includes the number of the elements within the long PIN, as well as the element's value, then the server 64 can perform a direct comparison of the provided sub-PIN elements with the stored copy of the user's long PIN.
At step 7.8 an evaluation is then performed as to whether the elements match. If the elements do not match, then clearly the transaction attempt is fraudulent, and the PIN has not been generated by the device 10, in which case the transaction is refused, at step 7.14. In contrast, if the elements do match, then an evaluation is performed at step 7.10, as to whether the elements have been used before. As mentioned, this check may take the form as to whether any single one of the elements has been used previously, or whether the elements have been used previously together in combination. If it turns out that any single one of the elements has been used previously, or, alternatively, that the elements have been used previously together in combination, depending on the level of security required, then again it is likely that the transaction attempt is fraudulent, and the transaction is refused.. In contrast, if none of the elements have been used before, either separately, or in combination, depending on the variant, then the transaction is authorised, at step 7.12.
Thus, with the use case for the first embodiment, authentication of the user's identity by using a sub-PrN of a long PIN stored within a device 10 allows for user identity to be verified, and authentication to be performed without having to undergo any sort of challenge-response transaction. Instead, the user provides the sub-PIN automatically with his credit card information, which is then sent to the server 64, at which verification can then take place.
In a variant of the first use case described above, in this case imagine that the server 64 is an e-commerce server which does not have access to the user's long PIN, i.e., for example, the server 64 belongs to a vending website selling items, and which accepts credit card information for payment. in this case, it will not be possible for the server 64 to verify the sub-PIN provided by the user. However, in this case the server 64 can contact the credit card company servers, passing the sub-PIN information thereto. The credit card company servers can then verify the sub-PIN information, and simply pass back to the web server 64 a message that payment has been authorised. In this case, the vendor does not need to perform authentication of the user itself, but can rely upon the credit card company to perform such authentication.
A second embodiment of the invention will now be described, with respect to Figures 8 to 12. With reference to Figure 8, here.a device 80 according to a second
embodiment of the invention is provided. The device 80 comprises a case which has suitable electronics to be described therein, as well as a keyboard 82, and screen 84. The screen 84 is arranged to display in use a sub-PIN 86.
Figure 9 shows in block diagram form the internal components of the device 80.
Here it can be seen that a controller 90 is provided, controlled by suitable control software. A secure memory 88 is also provide, to store a long PIN. The screen 84 is provided as output, controlled by the controller 90, and the keyboard 82 is provided, to allow data input to the controller 90. One of the main differences between the operation of the apparatus 80 according to the second embodiment and the apparatus of the first embodiment, is that, via the provision of the keyboard 82, a user may specify to the controller 90 which of the long PIN elements are to be accessed from the secure memory 88, and displayed on the screen 84.
Thus, as shown in Figure 10, which illustrates how the controller 90 operates under the control of its control software, at steps 10.2 the secure memory stores the long PIN. As in the first embodiment, the device 80 will typically have been provided to a user by an organisation to which the user regularly has to authenticate his identity.
The organisation will have stored in the secure memory 88 a long PIN allocated to that user, and will have, in its own records, stored the user long PIN.
To use the device, at step 10.4 a user enters desired numbers of the long PIN on the keyboard 82. For example, the user may enter "23" and press Enter to obtain the 23"' element of the long PIN. Multiple numbers may be entered at the same time. When the user presses the Enter button to enter the information, at step 10.6 the controller accesses the secure memory, and at step 10.8 retrieves the desired numbers corresponding to those sub-elements entered by the user, from the secure memory 88. At step 10.10 the desired numbers are then displayed to the user on the screen 84, as the sub-PIN.
Thus, compared to the first embodiment, the second embodiment is somewhat simpler, as the controller 90 does not need to keep track of which elements of the long PIN have previously been displayed, either singly, or in combination. Instead, the decision as to which elements of the sub-PIN are displayed is left to the user, or more preferably, to the back end authentication processes provided, for example, at a bank server. For example, as will become apparent from the use case to be described next, a bank server may indicate to a user which elements of the long PIN are to be accessed, and then the user enters the element numbers on the keyboard, to retrieve the sub-PIN corresponding to the desired elements.
More particularly, consider Figure 11 which illustrates a second use case, and in particular for use with the second embodiment of the invention. Here, imagine a user 1102 is using the telephone to perform a transaction, for example, buying concert tickets, or the like. The user 1102 communicates via a telephone 1104, the public switched telephone network 1106, and a second telephone 1108, with an operator 1110 at the vendor (such as a ticket agency). Payment for the transaction is to be performed on the user's credit card. The operator 1110 is provided with a computer 1112, which communicates via a network 1114, preferably a secure network such as a VPN or the like, with a bank or credit card company server 1116, belonging to the organisation which issued the user 1102 with the device 80. The server 1116 stores or has access to the long PIN related to the user's account.
To perform the transaction the user 1102 communicates with the operator 1110, and passes the operator 1110 his credit card details. The operator 1110 uses his computer 11 12 to access the bank or credit card company server 1116, to validate the transaction. At the server 1115, the authentication request is received, arid the server communicates back to the operator's computer 1112 a request for the user to specify certain sub-PIN elements, as shown at step 12.2 of Figure 12. The operator then communicates to the user 1102 which sub-PIN elements are to be specified, and the user then enters the sub-PIN numbers into the device 80, the device 80 then displaying the sub-PIN numbers of the screen 84, as subPIN 86. The user then communicates the displayed sub-PIN 86 to the operator 1110. The operator 1110 types in the information in to the computer 1112, and submits it to the server 1116, via the network 1114.
Returning to Figure 12, at step 12.4 the server 1116 receives the sub-PIN information. It then accesses the stored long PiN for the user's account, at step 12.6.
At step 12.8 it then compares the sub-PIN elements received at step 12.4 with the corresponding elements of the long PIN that it has stored for the user. If the elements match, as determined by the evaluation at step 12.10, then the transaction is authorised at step 12. 12 and a suitable message is sent to the operator's computer 1112. Contrarily, if the elements do not match, then the transaction is refused, at step 12.14, and the corresponding message is sent to the operator's computer 1112.
Thus, in the second embodiment, the sub-PIN provided by the user can again be used to perform user identity authentication. However, in contrast to the first embodiment, the responsibility for selecting subPIN elements is passed back to the back end server 1116, which can specify the sub-PIN elements that it wishes to receive. Therefore, at step 12.2 where the sub-PIN elements are specified by the server, the server may take into account the same considerations as previously described in respect of the first embodiment. That is, the server may specify only sub-PIN elements which have not been used before, or a combination of sub-PIN elements which have not been used. Alternatively, the server 1116 may specify a combination of sub-PIN elements, with at least one of which has not been used before, the remainder of which having been used previously. In this way, the second embodiment is perhaps more preferable, as the user device 80 can be kept more simple, and hence cheaper to produce. Moreover, the back end server 1116 will typically be provided with much more memory, and can therefore, for example, more easily keep records as to which combinations of sub-PIN elements have previously be specified, as well as which sub-PIN elements have previously been used.
A third embodiment of the invention will now be described with respect to Figures 13 to 18. Within the third embodiment of the invention, the device which stores the user long PIN, and which provides sub-PINs, is a mobile communications device, such as a smart phone.
Figure 13 illustrates a mobile communications device in the form of smart phone 22.
The arrangement and configuration of smart phone 22 is generally conventional, but additional software and data is installed on the smart phone 22, to allow it to manage the long PIN data, and provide sub PINs. Figure 13 illustrates a smart phone 22 according to the third embodiment of the invention.
With reference to Figure 13, the smart phone 22 comprises RF processor hardware 32, baseband processor hardware 34, and a power regulator 36, all of which deal with the telecommunications operations of the smart phone 22, i.e. using telecommunications protocols to make, for example, voice calls, data connections, send SMS or MMS messages, and the like. The user interface and applications which run on the smart phone are run by the application processor 38, which runs the 16.
graphical user interface, as well as any applications requested by the user, and provides an interface to the telecommunications stack provided by the baseband processor. Also typically provided are secondary communication subsystems, such as, for example Bluetooth subsystem 40. An infrared subsystem may also be provided. Note that whilst within Figure 13 the baseband processor 34 and application processor 38 are shown as separate, in other embodiments the baseband and application processors can be combined onto a single IC.
The smart phone 22 is further provided with various memory, such as ROM 42, RAM 44 and user data memory, typically in the form of Flash memory, 46, The graphical user interface and any data which is required therefor, such as icon images, and the like, are stored in ROM 42. RAM 44 typically stores any applications available on the device 10, as well as associated data. User data memory 46 stores data which is accessible by the user, such as contact data, messages, images, user settings data, and the like.
In accordance with the third embodiment, stored within the RAM 44 of the smart phone 22 is long PIN data 20, being the long PIN allocated to the user of the smart phone 22 by an institution or organisation which requires the user to verify or authenticate his identity, as well as a long PIN management application, being a software application which allows the smart phone 22 to make use of the long PIN data, for example, to generate sub PINs from the long PIN data, and to allow the smart phone 22 to parse received messages relating to the long PIN data, and to compose messages to be sent containing, for example, sub-PIN data. Additionally, the RAM 44 may also store third party long PINs, being long PINs which are allocated to third parties the identity of which may need to be verified or authenticated to the user of the smart phone 22. For example, the user's bank and credit card companies may issue to the user long PiNs corresponding to themselves, which are stored as the third party long PIN data within the RAM 44.
Using a smart phone to store the user long PIN, arid to generate sub-PiNs, provides much more flexibility within the third embodiment, than the relatively simple devices provided by the first and second embodiments. Due to the flexibility of the smart phone in being able to run using its application processor almost any software required, then the operation of the smart phone in providing sub-PINs can be more advanced. For example, the ability of the smart phone to be able to communicate, for example, by SMS or MMS message, or, by forming data connections over its air interface using, for example, GPRS or 3G technology, allows sub-PINs to be generated transparently to the user in response to a challenge message automatically received from a party which wishes to verify the identity of the smart phone user.
Therefore, further usage scenarios can be developed for the use of sub-PINs as a verification and authentication tool when implemented using a smart phone 22.
Further examples will be described below.
Figure 14 is a flow diagram illustrating the basic operation of the long PIN management application stored in the RAM 44. Due to the higher level of processing possible in the smart phone 22 due to the application processor within the phone, the long PIN management application may provide various functionality, as shown in Figure 14. More particularly, the user may operate the PIN management program at step 14.2, for example to cause the PIN management program simply to provide a sub-PIN from the stored long PIN, in the same manner as previously described in respect of the first embodiment. Therefore, if the PIN management program is operated at step 14.2 such that it is simply required to provide a next PIN as shown at step 14.4, then at step 14.6 the same steps as previously described at steps 3.6 to 3.10 of Figure 3 in respect of the first embodiment can be performed. In this case the application processor, under the control of the long PIN management program, accesses the long PIN stored in the RAM 44, and retrieves particular elements of the long PIN to form a sub-PIN therefrom. The sub-PIN elements retrieved are then displayed to the user on the screen of the smart phone 22. The selection of the sub-PIN elements by the long PIN management program can take into account exactly the same factors as previously described in respect of the first embodiments, that is, for example, only those PIN elements which have not been previously selected may be retrieved, or, alternatively, PIN elements may be retrieved which have not been previously presented to the user before in combination. In a further variant, elements may be selected such that at least one or more of the elements has never previously been used. With such operation, the smart phone 22 may also be used in the first usage scenario described previously with respect to Figures 6 and 7, in exactly the same manner.
Additionally, as the smart phone will have a keypad for data entry, then it is also possible for the PIN management program to operate in the same manner as described previously in respect of the second embodiment, wherein the user enters the numbers of desired elements of the long PIN, to be provided as a sub-PIN. If, when the PIN management program is operated, the user selects this option, such that at step 14.8 the long PIN management program is to provide defined elements of the PiN as specified by the user entering data onto the smart phone keypad, then at step 14.10 steps 10.4 to 10.10 as described previously in respect of the second embodiment can be performed. That is, the long PIN management program asks the user to enter the desired numbers of the long PIN on the keyboard, and then the application processor accesses the long PIN in the RAM to retrieve the desired numbers therefrom. The desired numbers are then displayed to the user on the smart phone screen, as the sub-PIN. Preferably the display is in the same format as in the previous embodiments, with the long PIN element number being displayed, together with the symbol from the long PIN corresponding to that element.
With the above operation, then the second usage scenario for sub-PINs as described previously with respect to Figures 11 and 12 also becomes possible for the smart phone 22 of the third embodiment, with the operation being identical to that described previously.
As mentioned previously, using a smart phone 22 to store the user long PIN, and generate sub-PINs, also opens up much additional functionality, and in particular the ability for the smart phone 22, under the control of the long PIN management program, to receive, for example, automated identity verification challenge messages, and to automatically respond to such messages by generating a sub-PIN and composing a reply message including the sub-PIN which may then be sent over the phone's communications interface. Figure 14 also illustrates the steps involved in providing such operation. For example, at sthp 14.12 a user authentication message may be received over the phone's air interface. In this respect, by "air interface" it is meant either the smart phone cellular interface, or, for example, the short range communications interface, such as the Bluetooth subsystem, or IR subsystem. For the purposes of the present explanation, all of these interfaces are assumed to be equivalent.
At step 14.14 the long PIN management program parses the received message, to determine the authentication requirements, and in particular the requirements of any sub-PIN to be provided in response. For example, in one variant a message may be received which merely asks the smart phone to provide a sub-PIN in response, leaving it up to the smart phone to decide which elements of the long PIN are selected as the sub-PIN. In this case, the same considerations as described previously in respect of the first embodiment with respect to the selection of long PIN elements for use in the sub-PIN can be taken into account. In another embodiment, however, the received message may specify which elements of the sub-PIN are to be provided. In either case, at step 14.6 the long PIN management program accesses the long PIN in RAM, and at step 14.18 retrieves desired elements of the long PIN, for use as the sub-PIN. As mentioned, the elements may be specified by the long PIN management program itself, or may be elements specified in a received message. At step 14.20 a reply message is composed in accordance with a predetermined format and containing the desired elements of the long PIN.
This message is then transmitted in reply over the air interface at step 14.22. The message may preferably be encrypted, if required. Similarly, the message received at step 14.12 may also be encrypted, in which case decryption is performed as part of the parsing process at step 14.14. Any form of encryption known in the art may be used.
Using the above technique, the long PIN management program may automatically generate sub-PINs in response to received authentication requests, and respond with the sub-PIN automatically. Thus, verification of the user, or at least of the smart phone, can be performed without user intervention. Moreover, the ability to use the air interfaces of the smart phone to exchange sub-PIN information provides for additional, and more complex, usage cases, as described next with respect to Figure 15.
Figure 15 illustrates a third usage case, which may be used with the smart phone 22 of the third embodiment, and which stores a user long PIN, and uses the long PIN management application to generate and communicate sub-PINs. The usage case of Figure 15 relates to a user using his smart phone to conduct a bank transaction at an ATM machine or the like. The infrastructure required is the smart phone 22, a bank back end server which the smart phone can communicate with using its air interfaces, such as, for example, by sending an SMS message containing data thereto.
Additionally, the bank cash machine is preferably provided with a short range radio interface, such as Bluetooth, or the like, for communicating with the user phone when in range, and exchanging data therebetween.
The underlying operation of Figure 15 is that a user may conduct an ATM transaction, by sending, in advance, a data message, such as an SMS message or the like, to his bank server indicating the transaction to be performed. The server then replies with a transaction ID which is stored in the smart phone. The user then takes the smart phone to the bank ATM, and the bank ATM and smart phone communicate with each other to exchange the transaction ID, the ATM then performing the transaction, such as issuing the money. In order to provide for user authentication, a sub-PIN can be provided by the smart phone, both to authenticate the user with the bank server, and also with the bank cash machine. The procedure will be described in detail with respect to Figure 15.
Firstly, the user decides that he wishes to perform a transaction, such as withdrawing cash, from a bank ATM. In order to perform this, at step 15.2 the user sends a data message, such as an SMS message, to a number stored in the user's smart phone corresponding to a bank server belonging to his bank. The SMS contains a sub-PIN generated by the phone, as well as an additional PIN number, for example the short PINs typically memorised by users for use with for example magnetic stripe cards.
The reason for using both PINs is that "two factor" security is then obtained, in that the user phone becomes authenticated to the bank server by the provision of the sub-PIN, and the user using the user phone also confirms his identity by the provision of the memorised PIN. Additionally, the SMS sent at step 15.2 contains the amount required by the user to be withdrawn.
At step 15.4 the bank server receives the SMS, and validates the PIN/sub-PIN combination, by comparing the provided PIN and sub-PIN elements with information previously stored corresponding to the user. Provided that the server is able to validate the PIN/sub-PIN combination, then at step 15.6 the bank server replies with a data message of its own to the user phone, such as an SMS message, containing a transaction ID. The transaction ID is a unique ID number for the particular transaction, which has now been pre-validated.
At this point in time, therefore, the bank server knows that the user wishes to perform the transaction, and has pre-validated the transaction and provided the transaction ID.
However, the user, with the user phone, is not yet at the cash machine in order to complete the transaction. Therefore, at step 15.8, the user travels to a cash machine, to complete the transaction.
In order to complete the transaction, the protocol is such that the user himself will wish to authenticate the cash machine which he is approaching, in order to be sure that it is a valid cash machine belonging to his bank. As previously described, in addition to storing the user long PIN within RAM, third party long PINs can also be stored within the RAM 44 of the smart phone 22, such as, for example, a long PIN belonging to the user's bank, and which is used to verify bank equipment. As the user phone approaches the bank cash machine, therefore, it establishes a short range communications connection therewith, for example, using the Bluetooth subsystem.
An authentication request message requesting that the bank cash machine return a sub-PIN is then transmitted from the user phone to the bank cash machine, at step 15.10. This sub-PIN challenge message, may, for example, specify particular elements of the bank long PIN to be returned by the bank cash machine, or may simply be a request for a sub-PIN to be returned, as discussed previously. At step 15.12 the bank cash machine returns a data message containing its sub-PIN response and this is received at the user smart phone 22. At step 15.4 the long PIN management application parses the received message to determine the received sub-PIN data, and then validates the received sub-PIN data against the stored bank long PIN in the RAM 44. If the phone is not able to verify the sub-PIN, then an alert message is shown to the user, informing the user that the phone has been unable to verify the authenticity of the bank cash machine, and advising the user to find an alternative machine. In contrast, if the sub-PIN is able to be verified, then the transaction may proceed.
In this case, for the transaction to proceed, after the sub-PIN response has been sent by the bank cash machine, verifying that the bank cash machine is an authentic machine, it is then necessary for the user smart phone to be verified to the cash machine itself. Therefore, at step 15.16 the bank cash machine issues an authentication request message, which is received by the user phone. Steps 14.12 to 14.22 as previously described are then performed by the user phone, and a sub-PIN response message sent back to the bank cash machine, at step 15.18.
For security reasons, it is unlikely that details of the user long PIN are stored locally at each bank cash machine, instead being stored centrally at the bank server.
Therefore, in order to verify the received sub-PIN from the user phone, at step 15.20 the bank cash machine forwards the received sub-PIN in a message to the bank server, for verification thereat. If the bank server is able to verify the sub-PIN i.e. that it is a valid sub-PIN corresponding to the stored long PEN for the user, then a sub-PIN confirmation message is sent back to the bank cash machine at step 15.22.
In order to be a valid sub-PIN, then, the various variations described previously may be used i.e. it must be a sub-PIN which contains elements which have not been used previously, or at least one element which has not been used previously, or, for example, a combination of elements which has not been used previously. If the bank server is not able to verify the sub-PIN, then a sub-PIN rejection message is sent to the bank cash machine, and a transaction rejection message sent to the user phone.
However, if the sub-PIN is confirmed, then no rejection message is sent to the user phone, in which case the user phone then sends a further message at step 15.4, sending the transaction ID to the bank cash machine. The transaction ID indicates the transaction to be performed, and in particular, in this case the amount of cash to be dispensed. The bank cash machine may check with the bank server as to the transaction intended by the transaction ID (not shown), and then performs the transaction e.g. issues the amount of cash requested by the user.
The third usage scenario as described above presents several advantages. For example, it is no longer necessary for the cash machine to be provided with a screen and a keyboard and moreover the transaction at the cash machine is effectively automatic, and hence can be performed more quickly. Not requiring a user to enter a PIN number at a cash machine has many security advantages, as many crimes are often committed at cash machines, by thieves observing users entering PIN numbers, and then stealing the user's card.
Additionally, the use of the sub-PIN makes the technique secure. If a whole PIN number was used, then it would not be possible to send the SMS request message by an open network, because someone might intercept the message.
Additionally, the use of a transaction ID reduces the risk arising from phone theft to that of a single transaction. Due to the two factor security present in the original request, further transaction IDs can only be dbtained if both the phone provides a sub-PIN, and the user providestheir memorised PIN.
In addition to usage scenarios such as the third usage scenario described above, using a smart phone to store a user long PIN, and to generate sub-PINs provides further advantages over the first two embodiments described previously. For example, in the previous embodiments once all of the elements of the long PIN have been used, or used in combination, then the devices 10 and 80 become useless, and new devices will need to be issued, or the devices returned for reprovisioning with different PINs.
That is, within the previous embodiments it was not possible to reprovision the PIN easily, which is necessary to maintain security over the long term. However, because of the communications facilities of the smart phone 22, it is possible to reprovision the PIN remotely, for example by sending messages to the smart phone, with new PIN information.
Reprovisioning of the PiN may be performed under one of many conditions. For example, as mentioned. above, once all of the elements of the long PiN.have been used, or used in combination, then the long PIN will certainly need to be re-provisioned, as each of the elements has been used and hence is no longer secret. In addition, it is possible for a time stamp to be applied to a long-PIN, and for the PIN to have a certain finite lifetime before it expires, and is then re-provisioned. In this case, not all of the PiN elements need have been used before re-provisioning of the PIN takes place. Alternatively, or additionally, PIN reprovisioning may occur when a certain proportion of the PIN elements have been used, in anticipation of all of the elements being used shortly. Combinations of the above may also be used i.e. a PIN may be replaced after a certain time or once its elements have been, or will shortly have been, used.
Monitoring of the usage of the PIN and the decision to reprovision may be undertaken by the long PIN management application in the smartphone 22, in which case the application may generate an automated PIN request message to the backend PIN server asking to be sent a new PiN. Alternatively, the user may be prompted by the application to manually request a new long PIN be sent to the smart phone 22.
As a further alternative, the backend PIN server may monitor the PiN usage, and send PIN re-provision messages to the smartphone 22 to re-provision the PIN. Again, the monitoring may be conducted using any of the techniques mentioned above.
Having determined that PIN reprovision is required, Figures 16 to 18 illustrate various techniques as to how the long PiN stored in the RAM 44 may be reprovisioned.
Firstly, Figure 16 illustrates that the entire long PIN may be reprovisioned, by sending to the phone a, preferably secure, messagecontaining entirely new long PIN data 160. The long PIN data 160 is then stored within the RAM 44,as new long PIN 162. Whilst such a technique allows new long PiN data to be reprovisioned, there is a potential drawback insofar as if a surveilling party is able to intercept and decrypt the secure message containing.the new long PIN data 160, then they then have the entire user long PIN.
An improved technique is therefore shown in Figure 17. Here, a message can be sent to the smart phone 22, containing a subset of new long PIN data 170, together with information as to where the new subset of long PIN data is to be substituted in the stored long PIN. As shown, the received subset of long PIN data can then be substituted into the stored long PiN data, to give an effective new long PIN 162.
Security is increased in this case, as the received message contains only a part of the new long PIN data, and hence an intercepting party does not obtain the whole user long PIN therefrom. Moreover, multiple messages may be sent over time, to completely reprovision the stored long PIN.
A variation of the above is shown in Figure 18. Here, a message may be sent to the smart phone, containing several individual subsets of long PIN data 181 to 184 as shown, together with instructions as to where the individual subsets need to be inserted into the stored long PIN. The long PIN management application manages the long PIN by inserting the received subsets of long PiN elements into the stored long PIN, to produce a new long PIN 162 with the received subsets of data inserted at the appropriate places, as shown. Again, multiple messages containing multiple subsets of data may be sent over time, to complete the reprovision of a long PIN.
The ability to reprovision the long PIN presents significant advantages, and in particular means that security can continue to be kept at a relatively high level by ensuring that elements of the long PIN are not excessively reused, or not reused at all. Reprovisioning of the long PIN in this manner and the subsequent use of the long PIN to perform identity verification is therefore akin to the use of one time pads in cryptography, with the reprovisioning of the long PIN being equivalent to providing additional one time pads for encrypting information. As will be apparent to person the skilled in the art, one time pad ciphers are notoriously difficult to decipher.
Further variations may be made to the above described embodiments to provide further embodiments.
Figure 19 illustrates a first variation which may be applied. Here, a sub-PIN 190 is provided from a long PIN 162, the sub-PIN comprising elements taken from the long PIN. However, to provide additional security the sub-PIN elements may be padded with additional elements prior to transmission of the sub-PIN, with the original, authentic, sub-PIN elements being placed at particular points within the padded sub-PIN. The padded sub-PIN is then transmitted to the authenticating server, which examines the sub-PIN elements at the predetermined particular points to determine their authenticity. However, as an intercepting party to the sub-PIN will not know which elements of the padded sub-PIN are authentic elements, security is further increased.
An alternative technique is shown in Figure 20. Here, sub-PIN elements may be rearranged for transmission, the rearrangement occurring in a prearranged known manner. In particular, sub-PIN elements belonging to a sub-PIN 24 may be rearranged to provide a ciphered sub-PIN 28, which is then transmitted. The ciphered sub-PIN 28 is then rearranged in a reverse manner at the receiver, to provide the original sub-PIN 24. Again, as an intercepting party will not know how the sub-PIN elements have been rearranged, or that in fact they have been rearranged at all, then security is further increased, as an intercepting party will not be able to build up over time a picture of the user's long PIN.
In further embodiments sub-PIN request messages, and messages returning sub-PINs may be subject to encryption, to further increase security. Any known encryption technique may be employed, such as, for example, asymmetric encryption using Diffie-Hellmann key exchange. Where such encryption is to be performed, then the key exchanges aie performed between the smart phone 22 and authenticating server in advance of the sub-PIN request and response messages being generated.
Various further modifications and variations will be apparent to the person skilled in the art to provide further embodiments to the present invention utilising the inventive concept described herein, any and all of which further embodiments are intended to be encompassed by the appending claims.

Claims (36)

  1. Claims 1. A device for aiding verification of a user identity,
    comprising: memory storing a predetermined set of identification symbols; and a controller for selecting a subset of identification symbols from said predetermined set in said memory, said subset being output for verifying said user identity.
  2. 2. A device according to claim 1, wherein the controller is further arranged to select said subset of identification symbols such that at least one symbol in said subset has not been previously selected.
  3. 3. A device according to claim 2, wherein the selection is such that every selected symbol in said subset has not been previously selected.
  4. 4. A device according to claim 1 wherein the controller is further arranged to select said subset of identification symbols such that the combination of said symbols in said subset has not previously been selected.
  5. 5. A device according to any of the preceding claims, wherein the device is further provided with a screen for displaying said subset of symbols to said user.
  6. 6. A device according to any of the preceding claims, wherein the device is further provided with one or more control input buttons, preferably a numeric keypad, for indicating to said controller which symbols of said predetermined set of symbols should be selected for inclusion in said subset.
  7. 7. A device according to any of the preceding claims, wherein the device is a mobile telecommunications device.
  8. 8. A device according to claim 7, wherein the subset of identification symbols are output as a data message transmitted from said device.
  9. 9. A device according to claim 8, wherein the data message is encrypted by the mobile telecommunications device prior to transmission.
  10. 10. A device according to claim 7 to 9, wherein the mobile telecommunications device further comprises a receiver for receiving challenge messages requesting the provision of a sub-set.
  11. II. A device according to claim 10, wherein the challenge message contains data specifying which symbols of the predetermined set of identification symbols should be included in the subset, said controller selecting said symbols in dependence on said data.
  12. 12. A device according to any of the preceding claims, wherein the predetermined set of identification symbols may be reprovisioned, either completely or in part.
  13. 13. A device according to claim 12, when dependent on any of claims 7 to 11, wherein the set of identification symbols are re-provisioned by receiving, at the mobile telecommunications device, a message containing reprovisioning data specifying a replacement or part-replacement set of identification symbols.
  14. 14. A method for aiding verification of a user identity, comprising: storing a predetermined set of identification symbols in a storage device; and selecting a subset of identification symbols from said predetermined set, said subset being output from said device for verifying said user identity.
  15. 15. A method according to claim 14, wherein the selecting step is further arranged to select said subset of identification symbols such that at least one symbol in said subset has not been previously selected.
  16. 16. A method according to claim 15, wherein the selection is such that every selected symbol in said subset has not been previously selected.
  17. 17. A method according to claim 14 wherein the selecting step is further arranged to select said subset of identification symbols such that the combination of said symbols in said subset has not previously been selected.
  18. 18. A method according to any of claims 14-17, further comprising displaying said subset of symbols to said user.
  19. 19. A method according to any of claims 14 to 18, further comprising receiving an input,, preferably in numeric form, indicating which symbols of said predetermined set of symbols should be selected for inclusion in said subset.
  20. 20. A method according to any of claims 14 to 19, performed by a mobile telecommunications device.
  21. 21. A method according to claim 20, wherein the subset of identification symbols are output as a data message transmitted from said device.
  22. 22. A method according to claim 21, wherein the data message is encrypted by the mobile telecommunications device prior to transmission.
  23. 23. A method according to any of.claims 20 to 22, and further comprising receiving challenge messages requesting the provision of a sub-set of identification symbols.
  24. 24. A method according to claim 23, wherein the challenge message contains data specifying which symbols of the predetermined set of identification symbols should be included in the subset, said selecting step selecting said symbols in dependence on said data.
  25. 25. A method according to any of claims 13 to 24, wherein the predetermined set of identification symbols may be reprovisioned,. either completely or in part.
  26. 26. A method according to claim 25, when dependent on any of claims 20 to 24, wherein the set of identification symbols are re-provisioned by receiving a message containing reprovisioning data specifying a replacement or part-replacement set of identification symbols.
  27. 27. A method of authenticating a user, comprising the steps: a) storing a set of identification symbols associated with a user to be authenticated; and b) providing a copy of said set of identification symbols to said user in a form for storage in a storage device to be kept by said user; said method further comprising authenticating said user by performing the following steps: c) receiving a subset of identification symbols purporting to be a subset from said set of identification symbols; and d) comparing said received subset of identification symbols with corresponding symbols in said set of identification symbols, to authenticate said user.
  28. 28. A method according to claim 27, and further comprising sending a request message to said user requesting the user to provide said subset of identification symbols from said set of identification symbols stored in said user storage device.
  29. 29. A method according to claim 28, wherein said message comprises data specifying which symbols of said set of symbols should be included in said subset.
  30. 30. A method according to claim 29, wherein the symbols specified as requiring inclusion are selected such that at least one symbol in said subset has not been previously selected.
  31. 31. A method according to claim 30, wherein the selection is such that every selected symbol in said subset has not been previously selected.
  32. 32. A method according to claim 29 wherein the symbols specified as requiring inclusion are selected such that the combination of said symbols in said subset has not previously been selected.
  33. 33. A method according to any of claims 27 to 32, and further comprising sending replacement identification symbols to said user for storage in the storage device as a replacement, at least in part, set of identification symbols.
  34. 34. A method according to any of claims 27 to 33, wherein the user storage device is a mobile telecommunications device, and the sending of messages to said user comprises sending messages to said device using the communications interface thereof.
  35. 35. A computer program or suite of computer programs arranged such that when executed by one or more processors they cause the one or more processors to operate according to any of claims 14 to 34.
  36. 36. A computer readable storage medium storing a computer program or at least one of the suite of computer programs according to claim 35.
GB0712639A 2007-06-28 2007-06-28 Identity verification using a subset of identification symbols Withdrawn GB2450537A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0712639A GB2450537A (en) 2007-06-28 2007-06-28 Identity verification using a subset of identification symbols

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0712639A GB2450537A (en) 2007-06-28 2007-06-28 Identity verification using a subset of identification symbols

Publications (2)

Publication Number Publication Date
GB0712639D0 GB0712639D0 (en) 2007-08-08
GB2450537A true GB2450537A (en) 2008-12-31

Family

ID=38420937

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0712639A Withdrawn GB2450537A (en) 2007-06-28 2007-06-28 Identity verification using a subset of identification symbols

Country Status (1)

Country Link
GB (1) GB2450537A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010014167A1 (en) * 1997-03-03 2001-08-16 Maurice M Gifford Security check provision
GB2379525A (en) * 2001-09-08 2003-03-12 Int Computers Ltd Electronic payment authorisation
GB2396472A (en) * 2002-12-18 2004-06-23 Ncr Int Inc System for cash withdrawal
GB2431268A (en) * 2004-07-02 2007-04-18 Hsbc France Method for remotely authenticating a user

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010014167A1 (en) * 1997-03-03 2001-08-16 Maurice M Gifford Security check provision
GB2379525A (en) * 2001-09-08 2003-03-12 Int Computers Ltd Electronic payment authorisation
GB2396472A (en) * 2002-12-18 2004-06-23 Ncr Int Inc System for cash withdrawal
GB2431268A (en) * 2004-07-02 2007-04-18 Hsbc France Method for remotely authenticating a user

Also Published As

Publication number Publication date
GB0712639D0 (en) 2007-08-08

Similar Documents

Publication Publication Date Title
US7577616B2 (en) Method and apparatus of secure authentication and electronic payment through mobile communication tool
US5475756A (en) Method of authenticating a terminal in a transaction execution system
EP1769419B1 (en) Transaction & payment system securing remote authentication/validation of transactions from a transaction provider
CN111787530B (en) Block chain digital identity management method based on SIM card
US6877093B1 (en) System and method for secure provisioning and configuration of a transaction processing device
US9258296B2 (en) System and method for generating a strong multi factor personalized server key from a simple user password
US11108558B2 (en) Authentication and fraud prevention architecture
US20090172402A1 (en) Multi-factor authentication and certification system for electronic transactions
US20060015358A1 (en) Third party authentication of an electronic transaction
US20150040204A1 (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication
CN108476227A (en) System and method for equipment push supply
JP2000357156A (en) System and method for authentication sheet distribution
EP0722596A1 (en) Method and system for secure, decentralised personalisation of smart cards
WO2018133674A1 (en) Method of verifying and feeding back bank payment permission authentication information
US20170032360A9 (en) Systems and methods for enrolling a token in an online authentication program
DE102018005038A1 (en) Smart card as a security token
CN106330888B (en) The method and device of payment safety in a kind of guarantee the Internet line
EP3276878A1 (en) Method for the safe authentication of a request made to a remote provider and generated in a personal device with bifurcation of the transmission of an authentication means
JP5363134B2 (en) Portable wireless communication terminal, authentication system, portable wireless communication terminal authentication method, portable wireless communication terminal authentication program
EP0886248B1 (en) Method and apparatus for registration of information with plural institutions and recording medium with registration program stored thereon
JP3497936B2 (en) Personal authentication method
GB2450537A (en) Identity verification using a subset of identification symbols
KR100830969B1 (en) Method and System for Implementing Financial Transactions Using OTP
EP4250208B1 (en) Devices, methods and a system for secure electronic payment transactions
EP4250207B1 (en) Devices, methods and a system for secure electronic payment transactions

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)