IL185709A - Method of secure data communication - Google Patents

Method of secure data communication

Info

Publication number
IL185709A
IL185709A IL185709A IL18570907A IL185709A IL 185709 A IL185709 A IL 185709A IL 185709 A IL185709 A IL 185709A IL 18570907 A IL18570907 A IL 18570907A IL 185709 A IL185709 A IL 185709A
Authority
IL
Israel
Prior art keywords
data
authorisation
server
user
terminal
Prior art date
Application number
IL185709A
Other versions
IL185709A0 (en
Original Assignee
Tricerion Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tricerion Ltd filed Critical Tricerion Ltd
Publication of IL185709A0 publication Critical patent/IL185709A0/en
Publication of IL185709A publication Critical patent/IL185709A/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Telephonic Communication Services (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)
  • Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)
  • Storage Device Security (AREA)

Description

Description
[0001] The present invention relates to compounds of the general formula wherein R is methyl; and R1 is 4-methyl-4-oxy-piperazin-1-yl; or R is CH2OH and R1 is 4-methyl-piperazin-1 -yl or is 4-metbyl-4-oxy-piperazin-1 -yl; and to pharmaceutically acceptable acid addition salts thereof.
[0002] The compounds of formula I and their salts are characterized by valuable therapeutic properties. It has been surprisingly found that the compounds of the present invention are antagonists of the Neurokinin 1 (NK-1 , substance P) receptor. Substance P is a naturally occurring undecapeptide belonging to the tachykinin family of peptides, the latter being so-named because of their prompt contractile action on extravascular smooth muscle tissue. The receptor for substance P is a member of the superfamily of G protein-coupled receptors.
[0003] The neuropeptide receptor for substance P (NK-1 ) is widely distributed throughout the mammalian nervous system (especially brain and spinal ganglia), the circulatory system and peripheral tissues (especially the duodenum and jejunum) and are involved in regulating a number of diverse biological processes.
The central and peripheral actions of the mammalian tachykinin substance P have been associated with numerous inflammatory conditions including migraine, rheumatoid arthritis, asthma, and inflammatory bowel disease as well as mediation of the emetic reflex and the modulation of central nervous system (CNS) disorders such as Parkinson's disease (Neurosci. Res., 1996, 7, 187-214), anxiety (Can. J. Phys., 1997, 75, 612-621 ) and depression (Science, 1998, 281 ,1640-1645).
Evidence for the usefulness of tachykinin receptor antagonists in pain, headache, especially migraine, Alzheimer's disease, multiple sclerosis, attenuation of morphine withdrawal, cardiovascular changes, oedema, such as oedema caused by thermal injury, chronic inflammatory diseases such as rheumatoid arthritis, asthma/bronchial hyperreactivity and other respiratory diseases including allergic rhinitis, inflammatory diseases of the gut including ulcerative colitis and Crohn's disease, ocular injury and ocular inflammatory diseases reviewed in "Tachykinin Receptor and Tachykinin Receptor Antagonists", J. Auton. Pharmacol.,13, 23-93, 1993.
[0004] Furthermore, Neurokinin 1 receptor antagonists are being developed for the treatment of a number of physiological disorders associated with an excess or imbalance of tachykinin, in particular substance P. Examples of conditions in which substance P has been implicated include disorders of the central nervous system such as anxiety, depression and psychosis (WO 95/16679, WO 95/18124 and WO 95/23798).
[0005] The neurokinin- 1 receptor antagonists are further useful for the treatment of motion sickness and for treatment induced vomiting.
[0006] In addition, in The New England Journal of Medicine, Vol. 340, No. 3 190-195, 1999 has been described the reduction of cisplatin-induced emesis by a selective neurokinin-1 -receptor antagonist
[0007] Furthermore, US 5,972,93B describes a method fortreating a psychoimmunologic or a psychosomatic disorder by administration of a tachykinin receptor, such as NK-1 I receptor antagonist.
[0008] The most preferred indications in accordance with the present invention are those, which include disorders of the CBntral nervous system, for example the treatment or prevention of certain depressive disorders or emesis by the administration of NK-1 receptor antagonists. A major depressive episode has been defined as being a period of at least two weeks during which, for most of the day and nearly every day, there is either depressed mood or the loss of interest or pleasure in all, or nearly all activities.
[0009] Objects of the present invention are compounds of formula I, which include 2-(3,5-bis-trifluoromethyl-phenyI)-N-methyl-N-[6-^ (compound 1-1 ) 2-(3,5-bis-triftuoromethyl-phenyl)-N-[4-(2-hydroxymethyl-phenyl)-6-(4-methyl-piperazin-^yl)-pyridin-3-yl]-N-methyl-isobutyramide (compound I-2) and 2-(3,5-bis-trifluoromethyl-phenyI)-N-[4-(2-hydroxymethyl-phenyl)-S-(4-methyl-4-oxy-piperazin-1 -yl)-pyridin-3-yl]-N-methyl-isobutyrarnide (1-3), and pharmaceutically acceptable salts thereof, the preparation of the above-mentioned compounds, medicaments containing them and their manufacture as well as the use of the above-mentioned compounds in the control or prevention of illnesses, especially of illnesses and disorders of the kind referred to earlier or in the manufacture of corresponding medicaments.
Most preferred are the compounds of formulas 1-1 and I-2. It has been shown that these compounds have an improved solubility with regard to similar compounds, described in EP 1 035 115 A1 or EP 1 103 545 A1. [0010) The present compounds of formula I and their pharmaceutically acceptable salts can be prepared by methods known in the art, for example, by processes described below, which process comprises a) reacting a compound of formula with OXONE® [(potassium peroxymonosulfate) 2KHSO5'KHS04-K2S04] to a compound of formula and b) reacting a compound of formula with NaBH4 to a compound of formula and if desired, converting the compound obtained into a pharmaceutically acceptable acid addition salt
[0011] The term "pharmaceutically acceptable acid addition salts" embraces salts with inorganic and organic acids, such as hydrochloric acid, nitric acid, sulfuric acid, phosphoric acid, citric acid, formic acid, fumaric acid, maleic acid, acetic acid, succinic acid, tartaric acid, methanesulfonic acid, p-toluenesulfonic acid and the like.
[0012] The salt formation is effected at room temperature in accordance with methods which are known per se and which are familiar to any person skilled in the art. Not only salts with inorganic acids, but also salts with organic acids come into consideration. Hydrochlorides, hydrobromides, sulphates, nitrates, citrates, acetates, maleates, succinates, methan-sulphonates, p-toluenesulphonates and the like are examples of such salts.
[0013] The following schemes 1 and 2 describe the processes for preparation of compounds of formula I in more detail. The starting materials of formulae IV and fl are known compounds and may be prepared according to methods known in the art [00 4] In the schemes the following abbreviations have been used: DIPEA N-ethyldiisopropyl-amine HMDS potassium hexamethyldisilazide Scheme 1 NH, H03N 1B h, 10D"C IV _NaBH, MeOH, 1 Pd(OAc¼. (Ph),P Na-CO, A mixture of N-[4-iodo-6-(4-methyl-piper.ein-1-yl)^yridin-3-yl]-2,2-dimethyl-propionamide (synthesis described in DE10008042) in hydrochloric acid is stirred for about 18 h at 100 'C. After cooling to 0 'C the reaction mixture is purified and dried in conventional manner. Then to a suspension of 4-iodo-6-(4-methyl-piperazin-1-yl)-pyridin-3-ylamine and N, N-diisopropyl ethyl amine in dichloromethane is added 2-(3,5-bis-trifluorometbyl-phenyl)-2-methyl-propionyl chloride at O'C. The reaction mixture is stirred for about 2 h at room temperature and 2 h at reflux. After cooling to room temperature the reaction mixture is washed and dried and a solution of 2-(3,5-bis-trifluoromethyl-pheny[)-N-[4-iodo-6-(4-methyl-piperazin-1-yl)-pyridin-3-yl]-isobutyramide in Ν,Ν-dimethylfonmamide is added at O'C to a solution of potassium bis (trimethylsllyl)amide in tetrahydrofuran. After stirring at O'C iodomethane is added. The mixture is stirred for 2 days in a closed flask. The reaction mixture is concentrated and purified A mixture of the obtained 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-iodo-6-(4-methyl-pipera2in-1-yl)-pyridin-3-yl]-N-methyl-isobLityramide, aqueous sodium carbonate solution, palladium(ll) acetate, triphenylphosphine and 2-formylphenylboronic acid in dimethoxyethana is evacuated and filled with argon and stirred for about 2 h at BO'C. After cooling to room temperature the reaction mixture is diluted, washed and dried. Then to a mixture of sodium borohydride in methanol is added at 0 'C 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-(2-foiTnyl-phenyl)-&-(4-methyl-piperaz^ After stirring at O'C for 1 h brine is added at O'C. The mixture is stirred for about 30 min, dried and purified.
To a solution of 2-(3,5-bis-trifluoromethyl-phenyl)-N-methyl-N-[6-(4-methyl-p^ tyramide (synthesis described in DE10008042) and sodium hydrogen carbonate in methanol and water are added potassium monopersulfate triple salt at room temperature. After stirring for about 6 h the reaction mixture is concentrated and purified.
[0015] As mentioned earlier, the compounds of formula I and their pharmaceutically usable addition salts possess valuable pharmacological properties. It has been found that the compounds of the present invention are antagonists of the Neurokinin 1 (NK-1 , substance P) receptor.
[0016] The compounds were investigated in accordance with the tests given hereinafter. The affinity of test compounds for the NK receptor was evaluated at human N , receptors in CHO cells infected with the human N^ receptor (using the Semliki virus expression system) and radiolabelled with [3H]substance P (final concentration 0.6 nM). Binding assays were performed in HEPES buffer (50 m , pH 7.4) containing BSA (0.04 %) leupeptin (8 / ml), MnCI2 (3mM) and phosphoramidon (2 μ,Μ). Binding assays consisted of 250 μΙ of membrane suspension (1.25x10s cells / assay tube), 0.125 μ,Ι of buffer of displacing agent and 125 μ.Ι of [3H] substance P. Displacement curves were determined with at least seven concentrations of the compound. The assay tubes were incubated for 60 min at room temperature after which time the tube contents were rapidly filtered under vacuum through GF/C filters presoaked for 60 min with PEI (0.3%) with 2 x 2 ml washes of HEPES buffer (50 mM, pH 7.4). The radioactivity retained on the filters was measured by scintillation counting. All assays were performed in triplicate in at least 2 separate experiments.
[0017] The affinity to the NK-1 receptor, given as pKi is described in the table below: 2-(3,5-bis-trifluoromethyl-phenyl)-N-methyl-N-[6-(4-methyl-4-oxy-pipera2in-1 -yl)-4-o-tolyl^yridin-3- 9.0 yl]-isobutyramide (compound 1-1) 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-(2-hydroxymethyl-phenyl)-6-(4-methyl-pipera2in-1-yl)-pyridin-3-yl]-N- 9.1 methyl-isobutyramide (compound 1-2) In addition to their good affinity to the NK-1 receptor, It has been shown that compounds of formulas 1-1 and 1-2 show advantages in their pharmaceutical properties. For example, the compound of formula I-2 shows a very good solubility and permeability when compared with structure-related compounds disclosed in the prior art (EP 1 035 1 5). The following results may be provided: Solubility Method Description Equilibrium Solubility
[0016] Equilibrium solubility values were determined at pH 4.2 (0.15 M Cftrat-buffer). A known amount of drug, generally 1-2 mg, was added to 250 μ.Ι of buffer (glass tubes) and the resulting suspension was stirred for 2h (21 *C), after 5 minutes of sonificafion. The pH of the solution was checked and corrected if necessary (in case of pH correction, the solution was once more shaken and equilibrated) and after 24h the suspension was filtered through a 0.65-μ.π filter. The filtered solution was then assayed by HPLC to determine the drug concentration. In cases where the drug had completely dissolved in the buffer, the value for equilibrium solubility was assumed to be higher than the value determined by HPLC and was reported as such. Stock solutions (-1 mg/ml) in DMSO were used in the preparation of a calibration curve in the related buffer using HPLC analytics.
Results
[0019] Compound Solubility (|xg/mL) H Example 1 6.5 buffer 0.05M Phosphate EP 1 035 115 ,Ό CF, B 6.7 buffer 0.05M Phosphate Compound I-2 C , 26 4.1 buffer. 0.15 Citrate EP 1 035 115 ^N CF, 200 4.1 buffer. 0.15M Citrate Compound I-2 CF,
[0020] The solubility of the present compound I-2 is Bfold higher than of the compared compound, disclosed in EP 1035 115.
Permeability Method description:
[0021] The permeability has been searched by the PAMPA PSR4p assay, which is based on 96 well microplates. The permeability is measured using a "sandwich* construction. A filterplate is coated with phospholipids (membrane) and placed into a donor plate containing a drug buffer solution. Finally the filterplate is filled with buffer solution (acceptor). The donor concentration is measured at t-start (reference) and compared with the donor and acceptor concentration after a certain time t-end. The following setup is used for the PAMPA PSR4p assay: Donor 0.05 M MOPSO buffer at ph 6.5 + 0.5 % (w/v) Glyco cholic acid Membrane: 10 % (w/v) Egg lecithin + 0.5 % (w/v) cholesterol in dodecane Acceptor 0.05 MOPSO buffer at pH 6.5
[0022] The liquid handling is done with a TECAN RSP150 pipetting robot. The drug analysis is based on UV spectroscopy. All samples are transferred into 96 well UV plates. A SpectralMax 190 UV plate reader is used to collect the UV spectras. The pipetting steps can be divided into four parts: 1. Dilution of stock solutions and filtration, 2. Preparation of reference and PAMPA PSR4p sandwich, 3. Transfer of acceptor solutions into UV plate, 4. Transfer of donor solutions into UV plate. The PAMPA PSR4p assay contains information about the sample precipitation in the donor buffer UV spectras of the sample, read at the start of the assay (t-start: reference) and at the end (t-end: donor, acceptor) allow the determination of a sample distribution in donor, membrane and acceptor. Because of the known permeation time (t-end, t-start) a permeation constant can be retrieved. The unit of this constant is 10"6 cm/s, indicating that this is a kinetic value or in other words the permeation speed.
Results
[0023] Example Structure PE(cm/sx10" 6) Acceptor Membrane Donor EP 1 035 115 0.56 class: medium .2 49 50 CF, 1-2 1.81 class: high 3 72 26 CF,
[0024] 11 can be said that the permeation speed is three times higher of compound I-2, when compared with the corresponding compound, disclosed in EP 1035115.
[0025] Furthermore, 2-(3,5-bis-trifluoromethyl^henyl)-N-methyl-N-[6-(4-methyl-pipera2in-1 -yi)-4-o-tolyl-pyridin-3-yl]-isobutyramide (EP 1 035 115) has the potential to produce phospholipidoses (toxic effect). That is due to the fact that this compound contains a basic nitrogen atom, which may protonate under physiological conditions. The advantage for the present compound of formula 1-1 is that the N-oxide is neutral and has therefore no potential to produce phospholipidoses (Halliwell WH, Cationic amphiphilic drug-induced phospholipidosis, Toxicologic Pathology, 1997, 25(1 ), 53-60 and Lullmann H et al., Lipidosis induced by amphiphilicationic drugs, Biochem. Pharmacol., 1978, 27, 1 03-1108). In addition, it has been shown that the N-oxide (compound of formula 1-1 ) has a higher metabolic stability in vitro in microsomes in comparison with 2-(3,5-bis-trifluoromethyl-phenyl)-N-methyl-N-[6-(4-methyl-piperazin-1-yl)-4-o-tolyl-py-ridin-3-y!]-isobutyramide.
[0026] The compounds of formula I as well as their pharmaceutically usable acid addition salts can be used as medicaments, e.g. in the form of pharmaceutical preparations. The pharmaceutical preparations can be administered orally, e.g. in the form of tablets, coated tablets, dragees, hard and soft gelatine capsules, solutions, emulsions or suspensions. The administration can, however, also be effected rectally, e.g. in the form of suppositories, or parenterally, e.g. in the form of injection solutions.
[0027] The compounds of formula I and their pharmaceutically usable acid addition salts can be processed with pharmaceutically inert, inorganic or organic excipients for the production of tablets, coated tablets, dragees and hard gelatine capsules. Lactose, com starch or derivatives thereof, talc, stearic acid or its salts etc can be used as such excipients e.g. for tablets, dragees and hard gelatine capsules.
[0028] Suitable excipients for soft gelatine capsules are e.g. vegetable oils, waxes, fats, semisolid and liquid polyols etc.
[0029] Suitable excipients for the manufacture of solutions and syrups are e.g. water, polyols, saccharose, invert sugar, glucose etc.
[0030] Suitable excipients for injection solutions are e.g. water, alcohols, polyols, glycerol, vegetable oils etc.
[0031] Suitable excipients for suppositories are e.g. natural or hardened oils, waxes, fats, semi-liquid or liquid polyols etc.
[0032] Moreover, the pharmaceutical preparations can contain preservatives, solubilizers, stabilizers, wetting agents, emulsifiers, sweeteners, colorants, fiavorants, salts for varying the osmotic pressure, buffers, masking agents or antioxidants. They can also contain still other therapeutically valuable substances.
[0033] The dosage can vary within wide limits and will, of course, be fitted to the individual requirements in each particular case. In general, in the case of oral administration a daily dosage of about 10 to 1000 mg per person of a compound of general formula I should be appropriate, although the above upper limit can also be exceeded when necessary.
[0034] The following Examples illustrate the present invention without limiting it. All temperatures are given in degrees Celsius.
Example A
[0035] Tablets of the following composition are manufactured in the usual manner. mg/tablet Active substance 5 Lactose 45 Com starch 15 Macrocrystalline cellulose 34 Magnesium stearate 1 Tablet weight 100 Example B
[0036] Capsules of the following composition are manufactured: mg/capsuie Active substance 10 Lactose 155 Com starch 30 (continued) mg/capsule Talc 5 Capsule fill 200 weight
[0037] The active substance, lactose and corn starch are firstly mixed in a mixer and then in a comminuting machine. The mixture is returned to the mixer, the talc is addBd thereto and mixed thoroughly. The mixture is filled by machine into hard gelatine capsules.
Example C
[0038] Suppositories of the following composition are manufactured: mg/supp.
Active substance 15 Suppository mass 12B5 Total 1300
[0039] The suppository mass is melted in a glass or steel vessel, mixed thoroughly and cooled to 45"C. Thereupon, the finely powdered active substance is added thereto and stirred until it has dispersed completely. The mixture is poured into suppository moulds of suitable size, left to cool, the suppositories are then removed from the moulds and packed individually in wax paper or metal foil.
Example 1 2-(3,5-Bis-trifluoromethyl-phenyl)-N-methyl-N-[6-(4-me^ (compound 1-1)
[0040] [0041 ] To a solution of 2.00 g (3.46 mmol) 2-(3,5-bis-trifluoromethyl-phenyI)-N-methyl-N-[6-(4-methyl-pipera2in-1 -yl)-4-o-tolyl-pyridin-3-yl]-isobutyramide (synthesis described in DE 10008042) and 610 mg (7.26 mmol) sodium hydrogen carbonate in 40 ml methanol and S ml water were added 1.10 g (1.80 mmol) potassium monopersulfate triple salt at room temperature during 15 minutes. After stirring for 6 h at room temperature the reaction mixture was concentrated in vacuo and purified by flash chromatography to give 1.65 g (80%) of the title compound as white crystals.
MS m/e (%): 595 (M+H+, 100) Example 2 2-(3,5-Bis-trifiuoromethyl-pheny()-N-[4-(2-hydroxymeth^ isobutyramide (compound I-2)
[0042] 4-lodo-6-(4-methyl-piperazin-1 -yl)-pyridin-3-ylamine (compound V)
[0043] A mixture of 2.20 g (5.47 rnmol) N-[4-iodo-6-(4-methyl-piperazin-1 -yl)-pyridin-3-yl]-2,2-dimethyl-propionamide (synthesis described in DE1000B042) in 50 ml 3 N hydrochloric acid was stirred for 18 h at 100'C. After cooling to 0"C the reaction mixture was washed twice with ether (50 ml). The aqueous phase was treated with 50 ml dichloromethane and basified with a 1 M solution of sodium carbonate. The organic phase was separated and the aqueous phase was extracted four times with 50 ml dichloromethane. The combined organic layers were dried over sodium sulfate and concentrated in vacuo to give 1.60 g (92%) of the title compound as an off-white solid. S m e (%): 319 (M+H+, 100) 2-(3,5-Bis-trifluoromethyl-phenyl)-N-f4-iodo-e-(4-methyl-pipera2in-1-yl)pyridin-3-yl]-isobutyramide (compounds VI)
[0044] To a suspension of 1.60 g (5.03 rnmol) 4-iodo-6-(4-methyl-piperazin-1 -yl)-pyridin-3-ylamine and 975 mg (7.54 mmol) Ν,Ν-diisopropyl ethyl amine in 16 ml dichloromethane was added dropwise 1.76 g (5.53 rnmol) 2-(3,5-bis-trifluor-omethyl-phenyl)-2-methylpropionyl chloride at D"C. The reaction mixture was stirred for 2 h at room temperature and 2 h at reflux. After cooling to room temperature the reaction mixture was washed with 20 ml of a 1 M aqueous sodium carbonate solution and 20 ml water. The combined organic layers were dried over sodium sulfate and concentrated in vacuo to give 3.39 g (100%) of the crude title compound as a brown oil.
MS m/e (%): 601 (M+H+, 100) 2-(3,5-Bis rifruoromethyl-phenyl)-N-[4-iodo-6-(4-methyl-piperazin-1-yl)pyridin-3-yl]-N-methyl-isobutyrami (compound VII)
[0045] To a solution of 3.09 g (5.15 mmol) 2-(3,5-bis-trifluoromethyl-phenyI)-N-[4-iodo-6-(4-methyl-piperazin-1 -yl)-py-ridin-3-yl]-isobutyramide in 30 ml Ν,Ν-dimethylformamide were added at 0'C 6.8 ml (6.2 mmol) of a 0.91 M solution of potassium bis(trimethy!silyt)amlde in tetrahydrofuran. After stirring at 0'C for 40 min 0.352 ml (5.66 mmol) iodomethane were added. The mixture was stirred for 2 days in a closed flask. The reaction mixture was concentrated in vacuo and purified by flash chromatography to give 980 mg (31 %) of the title compound as a brown oil.
MS rn/e (%): 615 (M+H+, 100) 2-(3,5-BiB-trifluoromethyl-phenyl)-N-[4-(2-formyl-phenyl)-6-(4-m mide (compound 111)
[0046] A mixture of 900 mg (1.47 mmol) 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-iodo-6-(4-methyl-piperazin-1 -yl)-pyri-din-3-yI]-N-methyl-isobutyramide, 2.8 ml of a 1 M aqueous sodium carbonate solution, 33 mg (0.15 mmol) palladium(ll) acetate, 77 mg (0.29 mmol) triphenylphosphine and 242 mg (1.61 mmol) 2-formylphenylboronic acid in 5 ml dimethox-yethane was evacuated and filled with argon and stirred for 2 h at 80'C. After cooling to room temperature the reaction mixture was diluted with 20 ml ethyl acetate and washed with 20 ml brine. The combined organic layers were dried over sodium sulfate, concentrated and purified by flash chromatography to give 584 mg (67%) of the title compound as a light brown solid. MS m/e (%): 593 (M+H+, 100) 2-(3,5-Bis-trifluoromemyl-phenyl)-N-r4-(2-hydroxymet yl-phenyl)-6-(4-methyl-piperazin-1 -yl)-pyridin-3-yri-N-methyl-isobutyramide (compound -2)
[0047] To a mixture of 15 mg (0.41 mmol) sodium borohydride in 2 ml methanol were added at 0'C 200 mg (0.338 mmol) 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-(2-fonmyl-phenyl)-6-(4-methyl-piper3zin-1-yl)-pyridin-3-yr}-N-methyl-iso-butyramide. After stirring at 0'C for 1 h 1 ml brine was added at 0'C. The mixture was stirred for 30 min. Methanol was distilled off and the residue was diluted with 20 ml ethyl acetate and washed with 20 ml brine. The organic layer was dried over sodium sulfate, concentrated and purified by flash chromatography to give 137 mg (58%) of the title compound as a light brown solid.
MS m/e (%): 595 (M+H+, 100) Claims 1. Compounds of the formula 1S I wherein R is methyl; and R1 is 4-methyl-4-oxy-piperazin-1-yl; or R is CH2OH and R1 is 4-methyl-piperazin-1-yl or is 4-methyl-4-oxy-piperazin-1 -yl; and pharmaceutically acceptable acid addition salts thereof. so 2. A compound according to claim 1 , which is 2-(3,5-bis-trifluoromethyl-phenyl)-N-methyl-N-[6-(4-me mide (compound 1-1) or 2-(3,5-bis-trifluoromethyl-phenyl)-N-[4-(2-hydroxymethyl-phenyl)-6-(4-methyl-pipera2in-1- yl)-pyridin-3-yl]-N-methyl-isobutyramide (compound I-2). •35 3. A medicament containing one or more compounds as claimed in claim 1 or 2 and pharmaceutically acceptable excipients. 4. A medicament according to claim 3 for the treatment of diseases related to NK-1 receptor antagonists. 40 5. A medicament according to claims 3 and 4forthe treatment of inflammatory conditions including migraine, rheumatoid arthritis and asthma, emesis, Parkinson's disease, pain, headache, especially migraine, Alzheimer's disease, anxiety, depression, multiple sclerosis, attenuation of morphine withdrawal, cardiovascular changes, oedema, allergic rhinitis, Crohn's disease, psychosis, motion sickness and vomiting. « 6. A process for preparing a compound of formula I as defined in claim , which process comprises a) reacting a compound of formula so 55 II with OXONE® [(potassium peroxymonosulfate) 2KHS05KHS04K2SO4] to a compound of formula and b) reacting a compound of formula with N BH^ to a compound of formula and, if desired, converting the compound obtained into a pharmaceutically acceptable acid addition sal A compound according to claim 1 or 2, whenever prepared by a process as claimed in claim 6 or by an equivalent method.
A compound according to claim 1 or 2, for use in the treatment of diseases related to NK-1 receptor antagonists. The use of a compound according to claim 1 or 2 for the manufacture of medicaments for the treatment of diseases related to NK-1 receptor antagonists.
The useofa compound according to claim 1 or 2 for the manufacture of medicaments forthe treatment of inflammatory conditions including migraine, rheumatoid arthritis and asthma, emesis, Parkinson's disease, pain, headache, especially migraine, Alzheimer's disease, anxiety, depression, multiple sclerosis, attenuation of morphine withdrawal, cardiovascular changes, oedema, allergic rhinitis, Crohn's disease, psychosis, motion sickness and vomiting. The use of a compound according to claim 1 or 2 for the manufacture of medicaments for the treatment of emesis.
LUZZATTO & LUZZATTO A METHOD OF SECURE DATA COMMUNICATION 185709/2 FIELD OF THE INVENTION The present invention relates to a method of secure data communication and to a system employing such a method. In particular, the present invention relates to a method of communicating data between a client terminal and a remote server which prevents effective unauthorised interception of the data being communicated and in the case of encrypted data therefore presents a negligible risk of the encrypted data being decoded. The present invention is particularly well suited, but not exclusively, to financial applications such as ATMs and online banking in which authorisation data for accessing secure financial data is transmitted by client terminals over potentially nonsecure communication links to a remote server where the authorisation data is then verified.
BACKGROUND OF THE INVENTION Naturally, it is important that access to secure data is only granted to authorised personnel. However, in many fields the need for security must be balanced with the need for quick and remote access of the data. For example, the ability of a hospital 's accident and emergency team to access immediately a patient's private medical records can prove life-saving. In the case of bank customers, they now demand that they have quick and easy access to their funds without being obliged to visit a branch of the bank during normal working hours. To this end, secure systems have been developed which hold data on secure database servers and which permit access to the data via remote client terminals. - 2 - 185709/2 In such secure systems, the identity of a user is generally verified through the use of authorisation data, e.g. username, password or a personal identification number (PIN), which is sent between the client terminal and the database server. Although measures may be taken by the user of a client terminal to ensure that the authorisation data remains secret, the authorisation data may nevertheless be observed by others as it is entered by the user or it may be electronically intercepted at some point between the client terminal and the database server. Unauthorised access to financial data, such as a person's bank details, clearly carries financial rewards making it the target of increasing criminal activity. Currently, many credit or debit cards employ a magnetic strip or an electronic chip which carries part of the cardholder's authorisation data. The remainder of the authorisation data is known to the cardholder for example in the form of a PIN. When the card is inserted into an automated teller machine (ATM) or credit card "PDQ" machine, the information stored on the magnetic strip or electronic chip as well as the PIN entered by the cardholder are passed to a remote database server, or a separate authorisation server, for verification. If the authorisation data is correct, the cardholder is granted access to his financial data.
A simple form of card fraud is to observe the cardholder entering his PIN at an ATM and then to steal the card. Alternatively, rather than stealing the card which will naturally alert the cardholder, the data stored on the card may be copied using publicly-available magnetic-card readers during financial transactions. The copied card may then be used to make purchases and cash withdrawals without drawing the attention of the cardholder or bank.
Smart cards offer significant security advantages over magnetic-strip cards in that all authorisation data, including the PIN, are stored on the card in encrypted form. This makes card copying during financial transactions practically impossible. Moreover, if a card is stolen it is extremely difficult and time-consuming for criminals to access the PIN stored on the card. Nevertheless, 'card fraud is still possible by observing the cardholder entering his PIN and subsequently stealing the card. This form of card fraud is particularly relevant to smart cards in which a PIN, rather than a signature, is used for everyday electronic point-of-sale (EPOS) transactions. As a result, the chances of a cardholder's PIN being observed are increasing. - 3 - 185709/2 FR 2 819 067 describes an EPOS terminal for use with a smart card and comprises a touch-screen keypad. Each time a smart card is inserted into the EPOS terminal, a random keypad arrangement is displayed to the cardholder on the touchscreen keypad for entering his PIN. As a result, an observer is unable to determine a cardholder's PIN merely by observing the finger movement of the cardholder. Similar systems are described in US 5,949,348 and US 4,479,112. As the PIN of a smart card is stored on the card itself, EPOS transactions occur without the need to send the full authorisation data to the database or authorisation server. In particular, at no time is the PIN stored on the card communicated beyond the EPOS terminal. These publications do not therefore address the problem of others intercepting authorisation data during communications between the EPOS terminal and a remote database server.
Whilst smart cards offer one secure form of authorisation, a card reader must nevertheless be provided at every client terminal in order to read the card and confirm authorisation. Accordingly, smart cards are impractical for many applications, in particular where access to secure data is intended to be granted via the internet. For applications such as online banking, authorisation data continues to be sent between the client terminal (e.g. a home computer) and the database or authorisation server for verification. Although, the authorisation data is normally encrypted, e.g. using public-key encryption, there are concerns that it is only matter of time before methods of decrypting such data are developed.
US 2003/182558 (Lazarro) describes a method of authenticating communications between a server and a remote terminal in which the keypad displayed at the remote terminal is changed for separate transactions involving the same user. However, within a single transaction the same communication pathway is used for both the request for access issued by the remote terminal to the server and for communication of the positional data relating to the user's keystrokes when entering their authentication code (PIN number).
SUMMARY OF THE INVENTION There is therefore a need for an improved method of secure remote authorisation between a client terminal and a server, without the need for additional hardware (e.g. a smart card reader) to be provided at the client terminal. It is therefore an object of the present invention to provide a method of authorisation in which the data sent by the - 4 - 185709/2 client terminal to the server, if intercepted, cannot be used to extract the user's full authorisation data.
In addition, a relatively new trick employed by criminals to fraudulently obtain bank customers' bank authorisation data has become known as ' phishing'. This involves the sending of an email or letter to a bank's internet customers which directs the customers to a website that has the appearance of a webpage of the bank and which asks the customers to enter, in full, their authorisation data - usually on a pretext such as a routine security check. The website is, of course, false and the criminals operating the website are then able to capture and use the customers' authorisation data to arrange for funds to be transferred from the customers' accounts.
A separate further object of the present invention is therefore to provide a method of authorisation which reduces the likelihood of customers being duped by fraudulent phishing attacks.
Accordingly, in a first aspect, the present invention provides a method of secure communication between a server and a terminal remote from the server, the terminal including a user operated data input device, the secure communication method comprising the steps of: receiving an access request from said terminal for access to the server; communicating encoding data from the server to the terminal, the encoding data being specific to a communication event; generating positional data from data entered by a user using the data input device of the terminal with respect to the encoding data, the positional data consisting of identifiers for the positions of user selected characters of the data input device; communicating the positional data from the terminal to the server; and decoding the positional data received by the server using said encoding data to generate the user entered data; characterised in that said access request and said positional data are communicated over different communication pathways.
In a second aspect, the present invention provides a secure communication system comprising a server and at least one terminal remote from and in bi-directional communication with the server, the server comprising: verification means for verifying the identity of a user using the terminal to communicate with the server, an encoder for generating encoding data specific to a communication event; a communications interface for communicating the encoding data to the remote terminal and for receiving positional data from the terminal, the positional data consisting of identifiers for the positions of user selected characters and being an encoding of user entered data; and a - 5 - 185709/2 decoder for decoding positional data received from the terminal, the decoder using the encoding data of the encoder to decode the positional data, and each terminal comprising: a manually operated input device for the entry of user data that is encoded as positional data; and a terminal communications interface for receiving encoding data from the server and for communicating positional data to the server; characterised in that the communication pathway between the verification means and the terminal is separate to the communication pathway between the decoder and the terminal.
In a third aspect the present invention provides a secure communication server comprising verification means for verifying the identity of a user using a remote terminal to communicate with the server, an encoder for generating encoding data specific to a communication event; a communications interface for communicating the encoding data to a remote terminal and for receiving positional data from the remote terminal, the positional data consisting of identifiers for the positions of user selected characters and being an encoding of user entered data; and a decoder for decoding positional data received from the terminal, the decoder using the encoding data of the encoder to decode the positional data; characterised in that the communications interface provides a communication pathway between the verification means and the remote terminal which is separate to a communication pathway provided by the communications interface between the decoder and the remote terminal.
In a fourth aspect the present invention provides a method of secure communication between a server and a terminal remote from the server, the terminal including a user operated data input device and display, the secure communication method comprising the steps of: issuing a request for communication to the server from the remote terminal and providing to the server preliminary user identification data specific to the user of the terminal, identifying design data specific to the user and communicating display data from the server to the terminal based on the identified design data; and generating an image on the display of the terminal based upon the display data received from the server wherein further sensitive data is entered by a user only when the image on the display corresponds to an image previously made known to the user.
In a fifth aspect the present invention provides a secure communication system comprising a server and at least one terminal remote from and in bi-directional communication with the server, the server comprising: user design data storage in which - 6 - 185709/2 is stored display data specific to each user; and a communications interface for communicating the display data to the remote terminal and for receiving user entered data from the terminal, and each terminal comprising: a user operated data input device for the entry of user data; a display; and a terminal communications interface for receiving display data from the server and for communicating user entered data to the server.
In a sixth aspect the present invention provides a secure communication server comprising: user design data storage in which is stored display data specific to each user; and a communications interface for communicating the display data to the remote terminal and for receiving user entered data from the terminal.
BRIEF DESCRIPTION OF THE DRAWINGS In order to understand the invention and to see how it may be carried out in practice, embodiments will now be described, by way of non-limiting example only, with reference to the accompanying drawings, in which: Figure 1 illustrates an authorisation system in accordance with the present invention; Figure 2 is a simplified diagram of the data exchanges that are performed in accordance with a first embodiment of the data communication method of the present invention; Figure 3 illustrates exemplary image data generated by the security server of the authorisation system of the present invention; Figure 4 illustrates an alternative authorisation system in accordance with the present invention; Figure 5 is a simplified diagram of the data exchanges that are performed in accordance with a second embodiment of the data communication method of the present invention; Figure 6 illustrates exemplary image data employing alphanumeric characters generated by the security server of the authorisation system of Figure 4; and Figure 7 illustrates exemplary image data employing non- alphanumeric characters generated by the security server of the authorisation system of Figure 4. - 7 - 185709/2 DETAILED DESCRIPTION OF EMBODIMENTS The authorisation system of Figure 1 comprises a client terminal 1, a database server 2 and a security server 3, all three of which are in bidirectional communication with one another. With conventional authorisation systems, the security server 3 is absent and the client terminal 1 and database server 2 communicate only with each other.
The client terminal 1 is adapted either in hardware or software to access data remotely stored on the database server 2 and to make changes and / or additions to the remotely stored data. The client terminal 1 includes a display 4 and an input device 5. Suitable devices for the client terminal include, but are not limited to, personal computers, ATMs, mobile phones and PDAs. Indeed, any device capable of external communications and having a display and an input device may be adapted to function as the client terminal 1. The display 4 of the client terminal 1 may be any device capable of modifying its appearance in order to convey varying information to a user. Whilst a VDU is preferred, the display 4 could alternatively consist of modifiable legends on a keypad or keyboard such that the display 4 and input device 5 are integral. Alternatively, the display 4 and input device 5 may be integrated in the form of a touchscreen display.
The input device 5 is used to input authorisation data, such as a usemame, password and / or PIN. This authorisation data is subsequently used by the client terminal 1 to gain access to the database server 2. The client terminal 1 may additionally include means for receiving and reading a card, or other identification means, carrying partial authorisation data. For example, the client terminal 1 may be an ATM in which case the card reader of the ATM receives a card carrying the account details of the cardholder, e.g. name, bank sort code and account number. The data carried on the card, however, represents only part of the authorisation data and access to the database server 2 is only granted when additional authorisation data is entered by the user on the input device 5 of the client terminal 1.
The database server 2 stores data 10 intended to be accessed only by authorised personnel and includes means 6 for verifying the authorisation of a user attempting to access the database server 2. The verification means 6 in its simplest form comprises a look-up table containing a list of valid authorisation data. If the authorisation data received by the verification means 6 matches valid authorisation data stored in the look- - 8 - 185709/2 up table, the user is granted access to the data 10 stored on the database server 2. Preferably, the verification means 6 is adapted to determine the identity of the user from the received authorisation data such that access to the data stored on the database server 2 may be tailored according to the identity of the user, e.g. such that a patient is only able to access his own medical records, or a bank customer is only able to access his own bank details. The verification means 6 may be part of the database server 2 or it may take the form of a separate authorisation server which gates access to the database server 2 until valid authorisation data is received.
The security server 3 comprises a combination generator 7, an image generator 8 and a decoder 9. When a request is received from the database server 2, the combination generator 7 is adapted to generate a random string and an identification code specific to that random string. The random string that is generated will depend upon the content of the authorisation data to be entered by the user on the input device 5 of the client terminal 1 with randomisation occurring over the legitimate character set. For example, if the authorisation data is in the form of a PIN, i.e. if the authorisation data includes only numerals, the random string is ideally 10 characters long, e.g. 7260948135 '. Alternatively, if the authorisation data includes both numerals and uppercase letters, the random string may be up to 36 characters long corresponding to 10 numerals (0-9) and 26 letters (A-Z), e.g. 'JR6VSAPKB2G... ' The combination generator 7 communicates both the random string and the identification code to the image generator 8 and to the decoder 9, and communicates only the identification code back to the database server 2. The random string may be generated, for example, by selecting at random, e.g. using a random number generator, an entry from a look-up table of character strings, each character string having a different configuration.
The image generator 8 takes the random string received from the combination generator 7 and generates image data suitable for display on the client terminal 1. For example, where the client terminal 1 is a personal computer, the image data may consist of an image file (e.g. JPG, GIF, BMP etc) or an HTML file. The generated image comprises at least each character of the random string, wherein the position of each character in the image is determined by the order in which that character appears in the random string. So for example, the first character of the random string may be displayed at the top left of the image whilst the last character of the string is displayed on the bottom right of the image. The generated image preferably retains the same overall - 9 - 185709/2 design regardless of the random string of characters that is received, and it is only the configuration of the characters within this same overall design that changes with each random string. For example, the image generator 8 might always generate the image of a numerical keypad, in which the arrangement of the numerals on the keypad is changed according to the random string that is received. Figure 3 illustrates possible image data generated by the image generator 8 upon receiving the string "35492*0#6781".
The image data generated by the image generator 8 should be understood to be any data which the client terminal 1 can use to change the appearance of the display 4. For example, where the display 4 comprises configurable legends on a keypad, the image data might comprise nothing more than the random string received from the combination generator 7. The client terminal 1 on receiving the image data would then modify the legend of the first key of the keypad to display the first character of the random string, modify the legend of the second key to display the second character of the string and so on. The image data generated by the image generator 8 for a particular random string is assigned the same identification code as that received from the combination generator 7 for that random string. Accordingly, with each request that is received from the database server 2, the security server 3 generates image data and assigns that image data an identification code. The identification code is sent from the security server 3 to the database server, which in turn communicates the identification code to the client terminal 1.
The client terminal 1 uses the identification code to retrieve the corresponding image data generated by the image generator 8 from the security server 3. The client terminal 1 then uses the received image data to modify the appearance of the display 4 so as to present the user with a plurality of characters (e.g. numerals, letters and symbols etc) whose positions are arranged randomly. A user then enters his authorisation data by selecting the individual characters making up his authorisation data, such as a PIN, using the input device 5. The authorisation data entered by the user is recorded as positional data by the client terminal 1. This positional data may then be converted by the client terminal 1 into character data or some other form of data for sending to the security server 3. For example, if the image of Figure 3 is displayed on the client terminal 1 and the user selects the numerals "7,9,2,0", then the positional data might be 'first-row-first-column, third-row-first-column, third-row-second-column, second-row-first -column'. This positional data might then be converted to "1,7,8,4", - 10 - 185709/2 which corresponds to the arrangement of numerals on a conventional numerical keypad. Thus positional data or the character data to which it may be converted represents an encoded form of the authorisation data. This encoded authorisation data (e.g. "1,7,8,") can only be decoded by knowing either the image data or the random string specific to that identification code and the method used to generate the image data. After authorisation data has been entered by a user, the encoded authorisation data and the identification code specific to the displayed image data are sent by the client terminal 1 to the security server 3 where it is decoded by the decoder 9.
The decoder 9 stores each random string and identification code that is received from the combination generator 7. When the encoded authorisation data and the identification code are received from the client terminal 1, the decoder 9 decodes or extracts the true authorisation data using the corresponding random string, i.e. the random string having the same identification code. The decoded authorisation data is then sent from the decoder 9 of the security server 3 to the database server 2.
In use, the client terminal 1 first sends a request (SI) for access to the database server 2. This request may be performed by establishing a connection between the client terminal 1 and the database server 2. Alternatively, the user may first be required to input partial authorisation data, e.g. a username. If the partial authorisation data is valid then this constitutes a request for access. Once a valid request for access has been received by the database server 2, the database server 2 issues a request (S2) for a terminal display identification code from the security server 3. The database server 2 may also acknowledge the client terminal's request for access by communicating to the client terminal a transaction identification code specific to this access request. This transaction identification code is different from the identification code requested from the security server. The combination generator 7 then generates a random string and a terminal display identification code (S3), both of which are communicated to the image generator 8 and the decoder 9. The image generator 8 then generates image data (S4) suitable for display on the client terminal 1 and assigns the image data the same terminal display identification code.
The terminal display identification code is sent from the security server 3 to the database server 2, which in turn sends the identification code to the client terminal 1 (S5). Accordingly, the client terminal 1 receivers from the database server 2 a unique transaction identification code specific to the transaction in progress and also a terminal - 11 - 185709/2 display identification code. The client terminal 1 then uses the terminal display identification code to request image data from the security server 3 (S6). The image data generated by the image generator 8 specific to that particular identification code is then returned by the security server 3 to the client terminal 1 where it is displayed.
The user then enters his authorisation data (S7) using the image data presented on the client terminal 1. Owing to the random arrangement of characters displayed on the client terminal 1, the authorisation data entered by the user is encoded. The encoded authorisation data and the terminal display identification code are then sent (S8) from the client terminal 1 to the security server 3 where they are received by the decoder 9. The decoder 9 decodes the encoded authorisation data (S9) using the terminal display identification code to identify the corresponding random string that has been used to encode the authorisation data. Once decoded, the true authorisation data is communicated (S10) from the security server 3 to the database server 2. The true authorisation data is then checked by the verification menas 6 (S 11) and if the verification means 6 determines that the authorisation data received from the security server 3 is valid, access to the database server 2 is granted to the user (S12). Otherwise, the database server 2 communicates to the client terminal 1 that the authorisation data was invalid (S13) and in accordance with current banking practice invites the user to reenter his PIN up to a maximum of three attempts. If invalid, the database server 2 may additionally request a new terminal display identification code from the security server 3 which will also result in turn with new image data being delivered to the client terminal 1, so as to begin the process anew.
The image data retrieved from the security server 3 by the client terminal 1 serves as the code for encoding the authorisation data entered by the user. In displaying the encoding data on the terminal 1 and using this displayed data to enter user authorisation data, the data entered by the user is immediately encoded, i.e. the user in effect enters encoded authorisation data. The client terminal 1 need not therefore separately encode data entered by the user. In particular, the client terminal 1 does not receive and then encode the true authorisation data entered by the user. Instead, the user, without knowing, enters encoded authorisation data. As a result, there is no need for the client terminal 1 to include processing means to encode the authorisation unless separately required for the purposes of communication with the database server and / or the security server. Indeed, encoded authorisation data may be achieved through the use - 12 - 185709/2 of a dumb terminal, i.e. a terminal 1 comprising nothing more than display means 4 and input means 5.
Where the input means 5 of the client terminal 1 has a plurality of manually individually operable buttons or keys that are in fixed positions with respect to each other and each of which is allocated to a respective character, the security server 3 may issue to the client terminal a 'virtual map' in which the positions of specific keys of the keyboard e.g. the alphanumeric sequence, are each allocated their own identifier. Each position identifier is selected to be different to the actual character of that key on the keyboard. Thus, where the identifiers are alphanumeric symbols, in effect the virtual map swaps around characters for the individual keys of the keyboard. By employing the virtual map to communicate a user's keystrokes to the security server, although the user's keyboard remains the same and the authorisation data is entered in the usual manner, the authorisation data entered by the user which is communicated back to the security server 3 is encoded in the form of positional data with respect to the virtual map. This system is particularly suited for example to circumstances such as the use of a home pc when conducting on-line banking.
The use of identification codes enables multiple client terminals 1 to access the database server 2 and the security server 3 simultaneously. However, the use of identification codes may be omitted should the authorisation system be set-up such that only one user, or client terminal 1, is capable of accessing the database server 2 at any one time. In this case, identification codes are not needed since only one random string is generated and used by the security server 3 at any one time. Each identification code may consist of, or include, a URL to a website. The image data generated by the image generator 8 is then stored in the form of a web document, e.g. HTML or XML file or Java applet etc. Thus, a unique and temporary URL is returned to the client terminal 1 in response to a request from the client terminal 1 for access to the database server 2. The client terminal 1 uses the URL to load the contents of the relevant website to display the image data. The URL preferably includes no data that would enable spoofing.
Once the decoder 9 has decoded the encoded authorisation data received from the client terminal 1, the corresponding random string stored in the decoder 9 is preferably deleted from the security server 3. In deleting the random string from the security server 3, a person intercepting the encoded authorisation data is unable to - 13 - 185709/2 resend this encoded data to the security server 3 in order to gain access to the database server 2. Should the decoder 9 receive encoded data having a non-existent identification code, the security server 3 may be configured to issue an alert of a potential security breach. Similarly, the image data generated by the image generator 8 is also preferably deleted after the security server 3 receives the encoded authorisation data. This then prevent others, having intercepted the encoded authorisation data sent from the client terminal 1, from extracting the terminal display identification code and requesting the corresponding image data from the security server 3. Alternatively, or indeed additionally, the image data and/or random string may have a limited lifetime for example 5 minutes which is sufficient for most ATM transactions. As a result, the user may be timed-out should he take too long in entering his authorisation data.
With the authorisation system described above, the authorisation data is never sent un-encoded from the client terminal 1. Moreover, as the encoded authorisation data sent by the client terminal 1 is encoded using a random string, it is extremely difficult if not impossible for others intercepting only the encoded data to extract the authorisation data. Additionally, as the authorisation data is entered by selecting characters having a random configuration, it is significantly more difficult for a person observing a user to visually acquire the user's authorisation data.
It is intended that the communication link between the database server 2 and the security server 3 is itself secure, e.g. by means of an internal or dedicated line that is not accessible externally. Consequently, there is no need to encode the authorisation data sent between the secure server 3 and the database server 2. However, where communications between the database server 2 and the security server 3 are not secure, the decoder 9 of the security server 3 preferably re-encodes the decoded authorisation data using a one-way-hashing algorithm before sending the hashed authorisation data to the database server 2. Rather than storing a list of actual authorisation data, the verification means 6 of the database server 6 instead stores only hashed authorisation data. This additional step of hashing the authorisation data has the added security that authorisation data is never stored in un-encoded form on either the database server 2 or the security server 3. Consequently, anyone compromising the security of either server 2,3 is unable to extract authorisation data. - 14 - 185709/2 In order to further improve security, all communications within the authorisation system, i.e. between servers 2,3 and with the client terminal 1, are preferably encrypted using 128 bit SSL protocol, for example.
Importantly, by separating the various parts of the user's identification information and authorisation data, the inherent security of the system is greatly enhanced. In order to compromise the user's account an observer must capture and decode communications (i) between the client terminal 1 and the database server 2; (ii) between the client terminal 1 and the security server 3; and (iii) between the security server 3 and the database server 2. By separating the flows of data into three distinct and separate paths, and with each datapath carrying significantly less data, it becomes much more difficult if not impossible for an observer to breach the security of the system. Thus, even if an observer were to succeed in decoding one of the datastreams, without the information contained in the other two datastreams relating to the same transaction, the decoded information is useless. Moreover, as the identification data is communicated to the database server 2 in association with a transaction identification code whereas the authorisation data is communicated to the security server 3 in association with a terminal display identification code, the two datastreams have no common data to enable an observer to determine the datastreams are related to the same account.
Illicit acquisition of authorisation data by intercepting both the image data and the encoded authorisation data sent between the client terminal 1 and the security server 3 can be undermined by further improving the security of the authorisation system by encrypting the image data and the encoded authorisation data with different encryption keys. By using different encryption keys to encrypt the image data and the encoded authorisation data, the task of decrypting the data to obtain the authorisation data is more than doubled. This is because the task of decryption becomes increasingly difficult as the size of the encrypted data decreases. As the image data may comprise little more than a random string of characters (e.g. the numerals 0-9) and the encoded authorisation data may comprise little more than a few select characters (e.g. a PIN), the size of the data to be encrypted is typically only a few tens of bytes. As a result, the encrypted data is extremely resistant to brute force methods of decryption.
Separate encryption keys for the image data and encoded authorisation data is possible by employing two communication paths between the client terminal 1 and the - 15 - 185709/2 security server 3, with each communication path employing a different encryption key. For example, the security server 3 may include two servers, the first server storing the image data generated by the image generator 8 and the second server storing the encoded authorisation data received from the client terminal 1. The client terminal 1 then requests image data from the first server, which is encrypted using a first key, and sends the encoded authorisation data to the second server using a second encryption key.
Although the authorisation system preferably includes a separate database server 2 and security server 3, the combination generator 7, the image generator 8 and the decoder 9 may all form part of the database server 2. In which case, the security server 3 is omitted and the client terminal 1 communicates only with the database server 2. The database server 2, upon receiving a request for access from the client terminal 1, returns an identification code and image data to the client terminal 1. The client terminal 1 then sends the encoded authorisation data and identification code to the database server 2, whereupon the encoded authorisation data is decoded and its validity verified. As described above for the security server 3, the database server 2 may include two servers employing different encryption keys for separately communicating the image data and the encoded authorisation data. The first server is responsible for receiving a request for access from the client terminal 1 and returning the identification code and image data, whilst the second server is responsible for receiving the encoded authorisation and identification code from the client terminal 1.
Whilst reference has thus far been made to an authorisation system for gaining access to data stored on a database server 2, the authorisation system may be used in any situation in which authorisation needs to be verified remotely. For example, the authorisation system may be used to gain access to a secure building. In this case, the client terminal 1 may be a keypad adjacent a door and the database server 2 upon receiving valid authorisation data from the security server 3 sends a signal to the door to open.
With the authorisation system and method of the present invention, the authorisation of a user may be verified remotely, across potentially non- secure communications, in a more secure manner than is presently possible. In particular, the authorisation of the user may be verified without data being sent by the user which, if intercepted, could be used to extract the user's authorisation data. A further - 16 - 185709/2 development of the authorisation system and method described above is illustrated in Figure 4; the system is similar to the system illustrated in Figure 1 and like reference numerals have been used where appropriate. This further development is particularly suited for use with a client terminal 1 having a display such as an LCD, plasma or CRT display. The database server 2 additionally includes a look-up table 11 in which is stored a list of users or customers with each user assigned a design code such as an alphanumeric string which is preferably, but not necessarily, unique to an individual user. In the security server 3 a display data decoder 12 is additionally provided. The display data decoder 12 is programmed to decode the design codes of each user and to communicate the design data to the image generator 8.
The design data defines features of the image to be displayed by a client terminal when the user of the terminal is prompted to enter their authorisation data such as their PIN number. Hence, the webpage that is presented to each user is tailored and is preferably unique to each user. Moreover the same user is always presented with the same webpage but the design of the webpage varies between users. Examples of what the design data may define are: the font size of the lettering / numbering on the webpage; the background colour of the webpage; the colour of the individual selectable keys; the colour of a border around the keys; the shape of the individual keys; the shape of any border around the keys; as well as any decorative details such as patterning or additional images.
Figure 5 illustrates a webpage with a rectilinear patterned border to an alphanumeric electronic keypad. It will, of course, be apparent that the design variations of the webpage are not limited to the examples given above and that there are an extremely large number of features the design of which can vary without detracting from the function of the webpage which is to enable a user to enter their authorisation data.
With the authorisation system illustrated in Figure 4, the method of authorisation is as follows. The remote terminal 1 requests access (S20) to the database server 2. In reply the database server 2 informs the remote terminal of the session id for this communication session and prompts the remote terminal for preliminary identification of the user requesting access. This could be the user's name or their account number, for example. Once the user has entered their preliminary identification the remote terminal 1 communicates the identification information with the session id to the database server - 17 - 185709/2 1. The database server 2 then identifies from the look-up table 11 the design code for that user (21) and communicates the design code to the security server 3 with a request for a new session (S22). The security server 3 determines from the design code (23) the design features for the log-on page specific for that user. Optionally a randomised arrangement of the individual button of the keypad is generated (24), as described above with reference to Figure 2. The image generator 8 then creates a log-on page (S25) employing the user's design features and communicates the URL for that log-on page along with a separate session id specific to communication session concerning that user between the database server and the security server (S26). The database server 2 then communicates the URL to the remote terminal 1 which accesses the URL (S27) and displays the particular log-on webpage for that user. Assuming the log-on webpage is familiar to the user, the user's authorisation data is then entered (S28) and communicated by the remote terminal 1 in its encoded form as a result of the rearrangement of the keypad to the security server 3 (S29). The security server 3 subsequently decodes the positional key data (S30) to identify the user's true authorisation data which is then communicated to the database server 2 (S31) using the session id unique to the communication session between the database server and the security server. The database server 2 then compares (S32) the authorisation data received from the security server 3 with the authorisation data it already has recorded for that user. Assuming the authorisation data is correct, the database server 2 then grants access (S33) to the secure system requested by the user at the remote terminal 1 or refuses access (S34) where the authorisation data is incorrect.
Thus, it will be apparent from the above, that like the authorisation method of Figure 2, the necessary authorisation information is broken up into segments and different segments are exchanged between different communication combinations of the remote terminal, the database server and the security server. No single communication exchange contains all the identification and authorisation data. Moreover, the individual data packets, each of which is preferably encrypted, are not large enough to enable someone to crack the encryption using current code-cracking techniques. The identification and authorisation data are broken up into at least two segments with each segment employing a different session id and a different communication link. It is envisaged that a user may be given the opportunity to select their own design variations which are then stored in the look-up table 11 of the database server 2. However, this - 18 - 185709/2 would require the full range of design variations to be publicly available. It is therefore preferred that the design variations are selected by the bank so that the available permutations are kept secret.
With this system the users are encouraged to become familiar with the design of the webpage that is presented to them each time they are prompted for their authorisation data. This familiarity with their own, preferably unique, webpage means that if an attempt is made to obtain a user's authorisation data by phishing, the user will be presented with a webpage that does not include the design details with which the user has become familiar. This enables a user to distinguish between a valid webpage issued by the bank and a phishing webpage.
It will, of course, be apparent that this system which presents each user with their own, personalised, log-on webpage need not additionally involve the reorganisation of the ordering the individual keys or buttons. That is to say, the combination generator 7 is optional in Figure 4. However, even without re-ordering of the keys or buttons, the system still offers improved security over known systems as the authorisation data entered by the user is communicated to the security server 3 under a communication id unique to the transaction between the remote terminal and the security server and is separate from the communication id assigned to the communication between the client terminal 1 and the database server 2. Hence, the user identity which is communicated to the database server 2 remains separate from the authorisation data that is communicated to the security server 3. Thus, the three-way communication described above with respect to the authorisation system of Figure 1 is also provided with the authorisation system of Figure 4. Of course, where the combination generator 7 is additionally implemented in the authorisation system an even higher level of security is achievable and fully addresses concerns over the risks of phishing as well as the concerns that cards can be stolen once the entry of a PIN number has been monitored.
The authorisation system of Figure 1 was described with respect to the need for a series of individually numerically labelled keys or buttons to be displayed. However, in order to offer a further level of security the present invention envisages the option of the keys or buttons to be individually labelled with a mixture of numbers and letters as illustrated in Figure 6. With this added feature, the log-on webpage would present an arrangement of a plurality of keys, for example a 3 x 4 array, which does not include a - 19 - 185709/2 key for each possible number or letter. However, as determined by the design code stored in the look-up table 11, the webpage will include the numbers and letters the user needs to enter their authorisation code. Thus someone wishing to replicate the log-on page for the purposes of phishing must not only guess for each user the right collection of design features from a wide range of possible design permutations but must also now select from the range of ten numbers and twenty six letters (assuming English lettering) the correct sub-group of letters and numbers which includes the authorisation data for that user.
A further development of the same concept involves the use of non-alphanumeric graphics for each key. As illustrated in Figure 7 cartoons or image thumbnails of any distinguishable character can be employed with the authorisation system. Thus, in Figure 7 the keys include cartoon images of a lorry, a cloud, a flower, a cup etc. These characters are in addition to the distinctive design of the keypad as a whole which in this case involves a border of adjacent circles. The user then selects the three or four keys from the array of keys which constitute their authorisation data. In Figure 7 the authorisation data comprises 1) car, 2) raincloud, 3) sun and 4) flower-pot.
With a set of, for example, 256 different characters or symbols and an array of 12 keys, there are 6.1 x 10 possible combinations that could be displayed to a user. Also, with the same 256 different characters there are 4.2 billion different 4 character PINs. As a result, the chance of a user being able to enter their PIN, if an attempt at phishing is made, is 1 in 3.4 million.
Furthermore, it is believed that this further development of the authorisation system may offer additional advantages to users. This is because many users experience difficulties in remembering their authorisation data such as their PIN number. It is believed that users will find these images easier to recall individually and in their right order as they are more suited to recollection by means of a cognitive sequence or story. An additional benefit of the secure system of Figure 4 is that the design of the keyboard displayed to a user can be selected to accommodate sight disabilities. For example, the images displayed could be presented with a higher than normal contrast or larger than normal for those with restricted vision. It is also envisaged that the design data could incorporate audio features for users having extremely limited or no visual acuity. Particularly in the case where the remote terminal is a home computer, the individual keys of the display may be each allocated a separate sound, preferably a brief - 20 - 185709/2 description of the character of the key. A user will then be permitted to tab across the keys to hear the different sounds without the keys being selected. On hearing a key specific to the user's authorisation code, a user will then be able to select the key by pressing the enter button on their keyboard, for example. Alternatively, the system may be adapted so that keys are only selected if the same key is selected twice successively. So that the first selection of a key by the user only triggers an audio description of the key, repeating the selection thereafter would then treat the key as selected for the purposes of the user's authorisation code. It will, of course, be understood that this invention is intended to encompass alternative procedures for enabling a user to hear the different sounds associated with the keys without key selection for the purposes of entering the user's authorisation data. In this way the present invention additionally offers to users having sight disabilities the benefit of electronic access to secure data, such as home banking, previously unavailable to them.
Whilst the secure communication systems described above are concerned with communicating authorisation data, it will, of course, be apparent that the secure method of communication embodied in these systems is suitable for the communication of any sensitive information and in particular the step of checking the validity of authorisation data entered by a user is not an essential feature of the invention.
The authorisation systems of the present invention thus offer significantly improved security over known electronic log-on systems as they break up the identification and authorisation data into a plurality of segments with at least one of the segments being communicated under a different identifying session code to that of another segment and / or a different communications link. The authorisation system of Figure 4 additionally offers a significantly reduced risk that a customer or user might be misled into entering their authorisation data to a phishing site. As phishing scams are believed to have cost banks and credit-card companies losses of around $10.2 billion in 2003 the need for this security risk to be addressed is currently acute.
Although only a few exemplary embodiments or the present invention have been described in detail above, those skilled in the art will readily appreciate that many modifications are possible within the scope of this invention as defined in the following claims. - 21 - 185709/2 CLAIMS: 1. A method of secure communication between a server and a terminal remote from the server, the terminal including a user operated data input device, the secure communication method comprising the steps of: receiving an access request from said terminal for access to the server; communicating encoding data from the server to the terminal, the encoding data being specific to a communication event; generating positional data from data entered by a user using the data input device of the terminal with respect to the encoding data, the positional data consisting of identifiers for the positions of user selected characters of the data input device; communicating the positional data from the terminal to the server; and decoding the positional data received by the server using said encoding data to generate the user entered data; characterised in that said access request and said positional data are communicated over different communication pathways. 2. A method as claimed in claim 1, wherein the terminal includes a display and the method further comprises the step of displaying a plurality of characters on the display, the position of each of the characters on the display being determined with respect to said encoding data. 3. A method as claimed in claims 1 or 2, further comprising the step of generating said encoding data in response to a request from said terminal for a communication event. 4. A method as claimed in claims 2 or 3, wherein the encoding data identifies the arrangement of characters displayed.
. A method as claimed in claim 4, wherein the plurality of characters displayed includes the numerical series 0, 1, 2, 3, 4, 5, 6, 7, 8, 9. 6. A method as claimed in claim 4, wherein the plurality of characters displayed comprise a sub-group of alphanumeric characters selected from a larger group of alphanumeric characters. - 22 - 185709/2 7. A method as claimed in claim 4, wherein the plurality of characters displayed comprises non-alphanumeric user distinguishable characters. 8. A method as claimed in claim 7, wherein the encoding data includes, a sub-set of non-alphanumeric characters taken from a larger set of non-alphanumeric characters. 9. A method as claimed in claim 8, wherein the sub-set of characters to be displayed are selected from a set of alphanumeric and non-alphanumeric characters.
. A method as claimed in claim 5, wherein said encoding data comprises a string of numerals in random order. 11. A method as claimed in claim 10, wherein said step of generating encoding data comprises selecting at random a string of characters from a table of strings of characters, each string of characters in said table having a different order. 12. A method as claimed in any one of claims 2 to 9, wherein said encoding data comprises image data capable of being displayed on the display of the terminal. 13. A method as claimed in claim 12, further comprising the step of communicating to the terminal the URL of a website wherein the encoding data is embodied in said webpage and the step of displaying a plurality of characters on the display comprises displaying the contents of the website on the display. 14. A method as claimed in claim 1, wherein said input device is a keyboard and said encoding data comprises a virtual map assigning unique identifiers to each of the positions of a selected group of keys on the keyboard.
. A method as claimed in any one of the preceding claims, wherein data communicated between the server and terminal is encrypted using public-key encryption. 16. A method as claimed in any one of claims 1 to 15, wherein each one of said access request and said positional data is encrypted using a different encryption key. - 23 - 185709/2 17. A method as claimed in any one of claims 1 to 16, wherein the server comprises a first server and a security server and wherein the encoding data is generated by said security server identification for which is communicated to said first server and from said first server to said remote terminal and said positional data is communicated by the terminal to said security server where the positional data is decoded for the user entered data to be communicated from the security server to said first server. 18. A secure communication system comprising a server and at least one terminal remote from and in bi-directional communication with the server, the server comprising: verification means for verifying the identity of a user using the terminal to communicate with the server; an encoder for generating encoding data specific to a communication event; a communications interface for communicating the encoding data to the remote terminal and for receiving positional data from the terminal, the positional data consisting of identifiers for the positions of user selected characters and being an encoding of user entered data; and a decoder for decoding positional data received from the terminal, the decoder using the encoding data of the encoder to decode the positional data, and each terminal comprising: a manually operated input device for the entry of user data that is encoded as positional data; and a terminal communications interface for receiving encoding data from the server and for communicating positional data to the server, characterised in that the communication pathway between the verification means and the terminal is separate to the communication pathway between the decoder and the terminal. 19. The secure communications system as claimed in claim 18, wherein the terminal further comprises a display on which a plurality of characters are displayed, the position of each of the characters on the display being determined with respect to said encoding data.
. The secure communications system as claimed in either of claims 18 or 19, wherein the user entered data comprises authorisation data and the server further includes data storage in which valid authorisation data is stored against which authorisation data decoded by the decoder is validated. - 24 - 185709/2 21. The secure communications system of any one of claims 18 to 20, wherein the encoder includes a encoding data storage in which is stored a table of strings of characters, the characters in each string of characters having a different order, whereby the encoder generates the encoding data by randomly selecting a string of characters from the table of strings of characters. 22. The secure communications system as claimed in claims 19 or 20, wherein the server includes a user display design data storage in which is stored design data specific to each user, the design data dictating features of an image to be displayed on the terminal display. 23. The secure communications system as claimed in any one of claims 18 to 22, wherein the server and the at least one remote terminal each further comprise public-key encrypting means for encrypting communications between the server and terminal. 24. A secure communication server comprising verification means for verifying the identity of a user using a remote terminal to communicate with the server; an encoder for generating encoding data specific to a communication event; a communications interface for communicating the encoding data to a remote terminal and for receiving positional data from the remote terminal, the positional data consisting of identifiers for the positions of user selected characters and being an encoding of user entered data; and a decoder for decoding positional data received from the terminal, the decoder using the encoding data of the encoder to decode the positional data, characterised in that the communications interface provides a communication pathway between the verification means and the remote terminal which is separate to a communication pathway provided by the communications interface between the decoder and the remote terminal.
For the Applicants, WOLFF, BREGMAN AND GOLLER 1/7 Client Terminal Image Generator Combination Generator Decoder Security Server Figure 1 185709/2 WO/2006/095203 2/7 Start; : SI Client terminal requests access to ; secure database server bmabase senfer requests !new S:2. session from secunty server■ S3 m atpuanumenc string ■ ■ generate d and assigned ID code . liua e dii laji. data ^generated S4 from'alptianu^ 3-1 S5: Assigned ID code passed to client . terminal via database.server '··'.
S6: Client terminal a^sses image display dat? usi ID cpde S7 Authdriisation data entered r ' on client terminal displa S8 Encoded authorisation data passed io securi ty .server, with ID code , S9 Authorisation data decoded SIO Authorisation data communicated to database server ^^^^ Sll Authorisation data checked by database server ■ v Approved I Refused Client te minal S 12 Client teiminal gran ted access S13 denied access Figure 2.
Figure 3. 4/7 Client Terminal Display Data Decoder Image Generator 7.
Combination Generator Verification Means Encryption Decoder -r Data Security Server Lookup Table Database Server Figure 4. ■5/7 S20 Client terminal requests access to secure database server S21 Database server looks up user customisation details in lookup table S22 Database server requests new session from security server S23 Security server determines customisation parameters S24 Random pad layout generated and assigned ID code.
S25 Image display data generated from random pad and customisation parameters S26 Assigned ID code passed to client terminal via database server S27 Client terminal accesses image display data using ID code S28 Authorisation data entered op client terminal display S29 Encoded authorisation data passed to security server with ID code S30 ♦ Authorisation data decoded * S31 Authorisation data communicated to database server * S32 Authorisation data checked by database server Approved Refused Client terminal Client terminal S33 granted access S34 denied access Figure 5. 7/7
IL185709A 2005-03-07 2007-09-04 Method of secure data communication IL185709A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0504545.5A GB0504545D0 (en) 2005-03-07 2005-03-07 A method of secure data communication
PCT/GB2006/050002 WO2006095203A1 (en) 2005-03-07 2006-01-06 A method of secure data communication

Publications (2)

Publication Number Publication Date
IL185709A0 IL185709A0 (en) 2008-01-06
IL185709A true IL185709A (en) 2012-05-31

Family

ID=34451837

Family Applications (1)

Application Number Title Priority Date Filing Date
IL185709A IL185709A (en) 2005-03-07 2007-09-04 Method of secure data communication

Country Status (10)

Country Link
JP (1) JP2008537210A (en)
CN (1) CN101180662A (en)
AU (1) AU2006221804B2 (en)
BR (1) BRPI0608576A2 (en)
CA (1) CA2602861A1 (en)
EA (1) EA200701906A1 (en)
GB (1) GB0504545D0 (en)
IL (1) IL185709A (en)
IN (1) IN2014MN02389A (en)
WO (1) WO2006095203A1 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100817767B1 (en) * 2008-01-14 2008-03-31 알서포트 주식회사 Authentication method using icon password
JP2009175911A (en) * 2008-01-23 2009-08-06 Casio Comput Co Ltd Information processing apparatus, information processing control program and information processing control method
CN101316424A (en) * 2008-07-08 2008-12-03 阿里巴巴集团控股有限公司 Information transmission method, system and device
JP5563951B2 (en) * 2010-10-28 2014-07-30 株式会社日本総合研究所 Information input method, information input system, information input device, and computer program
CN102118249B (en) * 2010-12-22 2014-04-30 厦门柏事特信息科技有限公司 Photographing and evidence-taking method based on digital digest and digital signature
JP2013076846A (en) * 2011-09-30 2013-04-25 Mitsubishi Ufj Nicos Co Ltd Information encryption program, portable terminal, information protection system, and information encryption method
GB2502773B (en) * 2012-05-28 2015-03-11 Swivel Secure Ltd Method and system for secure user identification
GB201212878D0 (en) 2012-07-20 2012-09-05 Pike Justin Authentication method and system
US10108796B2 (en) * 2012-12-12 2018-10-23 BBPOS Limited System and method for PIN entry on mobile devices
KR101416542B1 (en) * 2012-12-24 2014-07-09 주식회사 로웸 Method for Apparatus for managing passcode
JP6040102B2 (en) * 2013-06-04 2016-12-07 株式会社日立製作所 Fraud information detection method and fraud information detection apparatus
US20160253510A1 (en) * 2013-09-12 2016-09-01 Gcod Innovation Co., Ltd. Method for security authentication and apparatus therefor
AU2014393629B2 (en) * 2014-05-08 2018-07-19 Thumbzup UK Limited Authentication code entry system and method
US9357388B2 (en) * 2014-05-27 2016-05-31 Lenovo (Singapore) Pte. Ltd. Symbol selection for swipe based authentication
KR101480892B1 (en) * 2014-11-13 2015-01-13 아이벡스랩 주식회사 Method for Determining Certifying Pattern and Method Using the Same
GB201520741D0 (en) 2015-05-27 2016-01-06 Mypinpad Ltd And Licentia Group Ltd Authentication methods and systems
CN106332070B (en) * 2015-06-30 2020-08-28 北京壹人壹本信息科技有限公司 Secure communication method, device and system
EP3291504B1 (en) * 2016-08-30 2020-03-11 Wacom Co., Ltd. Authentication and secure transmission of data between signature devices and host computers using transport layer security
WO2020099811A1 (en) 2018-11-15 2020-05-22 Tricerion Limited Game of chance after successfull authentication on a randomized touchscreen
US11329959B2 (en) * 2018-12-21 2022-05-10 Fortinet, Inc. Virtual routing and forwarding (VRF)-aware socket

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
AR029173A1 (en) * 1999-07-20 2003-06-18 Diebold Inc METHOD FOR THE DEVELOPMENT OF AUTOMATIC POCKETS
US7305548B2 (en) * 2001-10-22 2007-12-04 Microsoft Corporation Using atomic messaging to increase the security of transferring data across a network
US7992007B2 (en) * 2002-02-05 2011-08-02 Cardinalcommerce Corporation Dynamic pin pad for credit/debit/ other electronic transactions
US7392396B2 (en) * 2002-03-07 2008-06-24 Symbol Technologies, Inc. Transaction device with noise signal encryption
GB2387702B (en) * 2002-04-17 2005-06-01 Cellectivity Ltd Method of access control using PIN numbers

Also Published As

Publication number Publication date
IN2014MN02389A (en) 2015-08-21
AU2006221804A1 (en) 2006-09-14
GB0504545D0 (en) 2005-04-13
IL185709A0 (en) 2008-01-06
BRPI0608576A2 (en) 2010-01-12
CN101180662A (en) 2008-05-14
EA200701906A1 (en) 2008-02-28
JP2008537210A (en) 2008-09-11
CA2602861A1 (en) 2006-09-14
AU2006221804B2 (en) 2012-06-14
WO2006095203A1 (en) 2006-09-14

Similar Documents

Publication Publication Date Title
IL185709A (en) Method of secure data communication
EP1912183B1 (en) A method of secure data communication
CN105989305B (en) For receiving the security service of sensitive information by nested type inline frame
JP7387705B2 (en) Data usage method, system and its program using BCN (blockchain network)
TW201238315A (en) Method and system for abstrcted and randomized one-time use passwords for transactional authentication
US20030126439A1 (en) ABDS System Utilizing Security Information in Authenticating Entity Access
US20050187883A1 (en) Methods and apparatus for conducting electronic transactions using biometrics
JPH11224236A (en) Remote authentication system
WO2008106032A2 (en) Transactional visual challenge image for user verification
EP1314074A2 (en) Centralized identity authentication in an electronic communication network
US20070027807A1 (en) Protecting against fraud by impersonation
AU2001284721A1 (en) Method and apparatus for access authentication entity
JP2003132022A (en) User authentication system and method
CN110210245A (en) A kind of medical data machine learning privacy training method based on block chain
JP2007094874A (en) Financial service providing system
JP5981507B2 (en) How to process payments
JPH1153668A (en) Disaster information system
CN1856782B (en) The method of safe certification service
JP2002149814A (en) Personal information management system
JP2019164590A (en) API providing system, authentication server, API providing method, and program
KR100982181B1 (en) OTP authentication processing system
KR100408709B1 (en) Lending method for electron books
JP2002073572A (en) Authentication system, authentication method, authentication device and controlling method therefor
JP6928694B1 (en) Cash withdrawal method and cash withdrawal system
JP2004362329A (en) Authentication card

Legal Events

Date Code Title Description
FF Patent granted
KB Patent renewed
KB Patent renewed