MX2017008651A - Metodo y aparato de aseguramiento de aplicacion movil. - Google Patents

Metodo y aparato de aseguramiento de aplicacion movil.

Info

Publication number
MX2017008651A
MX2017008651A MX2017008651A MX2017008651A MX2017008651A MX 2017008651 A MX2017008651 A MX 2017008651A MX 2017008651 A MX2017008651 A MX 2017008651A MX 2017008651 A MX2017008651 A MX 2017008651A MX 2017008651 A MX2017008651 A MX 2017008651A
Authority
MX
Mexico
Prior art keywords
securing
mobile application
token
personalizing
systems
Prior art date
Application number
MX2017008651A
Other languages
English (en)
Inventor
Claes Mathias
Coulier Frank
Original Assignee
Vasco Data Security Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vasco Data Security Inc filed Critical Vasco Data Security Inc
Publication of MX2017008651A publication Critical patent/MX2017008651A/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Power Engineering (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Se describen métodos, aparatos y sistemas para la personalización de un autentificador o autentificador de software que utiliza una credencial dinámica (tal como una contraseña de una-vez o una firma electrónica) generada por un autentificador de hardware.
MX2017008651A 2014-12-29 2015-12-29 Metodo y aparato de aseguramiento de aplicacion movil. MX2017008651A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201462097376P 2014-12-29 2014-12-29
PCT/US2015/067784 WO2016190903A2 (en) 2014-12-29 2015-12-29 Method and apparatus for securing a mobile application

Publications (1)

Publication Number Publication Date
MX2017008651A true MX2017008651A (es) 2018-04-26

Family

ID=56165583

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2017008651A MX2017008651A (es) 2014-12-29 2015-12-29 Metodo y aparato de aseguramiento de aplicacion movil.

Country Status (7)

Country Link
US (2) US9525550B2 (es)
EP (2) EP3605997B1 (es)
JP (1) JP6514337B2 (es)
CN (1) CN107409049B (es)
ES (1) ES2971859T3 (es)
MX (1) MX2017008651A (es)
WO (1) WO2016190903A2 (es)

Families Citing this family (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10581834B2 (en) * 2009-11-02 2020-03-03 Early Warning Services, Llc Enhancing transaction authentication with privacy and security enhanced internet geolocation and proximity
US8806592B2 (en) 2011-01-21 2014-08-12 Authentify, Inc. Method for secure user and transaction authentication and risk management
US10182099B2 (en) * 2015-04-09 2019-01-15 Omron Corp. Web enabled interface for an embedded server
US9614845B2 (en) 2015-04-15 2017-04-04 Early Warning Services, Llc Anonymous authentication and remote wireless token access
US10218510B2 (en) * 2015-06-01 2019-02-26 Branch Banking And Trust Company Network-based device authentication system
US10084782B2 (en) 2015-09-21 2018-09-25 Early Warning Services, Llc Authenticator centralization and protection
DE102015220228B4 (de) * 2015-10-16 2019-03-21 Volkswagen Aktiengesellschaft Verfahren und System zur Absicherung einer erstmaligen Kontaktaufnahme eines Mobilgeräts mit einem Gerät
US20170201550A1 (en) * 2016-01-10 2017-07-13 Apple Inc. Credential storage across multiple devices
US10325430B2 (en) * 2016-11-04 2019-06-18 Gilbert Eid Methods and systems for operating door locks using mobile devices
CN108234113B (zh) * 2016-12-15 2020-11-27 腾讯科技(深圳)有限公司 身份验证方法、装置与系统
US11544710B2 (en) 2017-06-02 2023-01-03 Apple Inc. Provisioning credentials on multiple electronic devices
US11769144B2 (en) * 2017-06-02 2023-09-26 Apple Inc. Provisioning credentials for an electronic transaction on an electronic device
JP6896940B2 (ja) * 2017-06-14 2021-06-30 タレス ディアイエス フランス エスアー 第1のアプリケーションと第2のアプリケーションとの間の対称型相互認証方法
KR102364656B1 (ko) * 2017-08-02 2022-02-21 한국전자통신연구원 Hmac 기반의 동적 can id 생성 및 운용 장치, 및 그 방법
US10944566B2 (en) * 2017-11-15 2021-03-09 International Business Machines Corporation Methods and systems for supporting fairness in secure computations
US20200036705A1 (en) * 2018-07-27 2020-01-30 Jasper Chee Pang LEE Strong password by convention methods and systems
WO2020036931A1 (en) * 2018-08-13 2020-02-20 Visa International Service Association Token keys to generate cryptograms for token interactions
US10764752B1 (en) 2018-08-21 2020-09-01 HYPR Corp. Secure mobile initiated authentication
US10939295B1 (en) 2018-08-21 2021-03-02 HYPR Corp. Secure mobile initiated authentications to web-services
US11178148B2 (en) * 2018-08-21 2021-11-16 HYPR Corp. Out-of-band authentication to access web-service with indication of physical access to client device
US11057366B2 (en) 2018-08-21 2021-07-06 HYPR Corp. Federated identity management with decentralized computing platforms
CN109547196B (zh) * 2018-11-16 2021-11-02 飞天诚信科技股份有限公司 一种手表令牌系统的实现方法及手表令牌系统和装置
DE102018220284A1 (de) * 2018-11-26 2020-05-28 Infineon Technologies Ag Gesicherte recheneinrichtung
US11469894B2 (en) * 2019-05-20 2022-10-11 Citrix Systems, Inc. Computing system and methods providing session access based upon authentication token with different authentication credentials
CN110312054B (zh) * 2019-06-28 2021-08-27 浙江大华技术股份有限公司 图像的加解密方法、及相关装置、存储介质
US11496302B2 (en) * 2019-07-03 2022-11-08 International Business Machines Corporation Securely processing secret values in application configurations
KR102644767B1 (ko) * 2019-07-12 2024-03-06 에도패스, 엘엘씨 데이터 보호 및 복구 시스템 및 방법
US11347411B2 (en) 2019-07-17 2022-05-31 Ubs Business Solutions Ag Secure storing and processing of data
US20210204116A1 (en) 2019-12-31 2021-07-01 Payfone, Inc. Identity verification platform
JP2021135734A (ja) * 2020-02-27 2021-09-13 京セラドキュメントソリューションズ株式会社 画像形成システム、画像形成装置、モバイル端末装置、およびプレビュー支援プログラム
US11336438B2 (en) * 2020-03-31 2022-05-17 EMC IP Holding Company LLC Remote approval and execution of restricted operations
US11449585B2 (en) 2020-04-01 2022-09-20 International Business Machines Corporation Dynamic management of user identifications
US11451373B2 (en) 2020-04-01 2022-09-20 International Business Machines Corporation Dynamic management of user identifications
JP6956233B1 (ja) * 2020-07-08 2021-11-02 Tis株式会社 情報処理装置、情報処理方法、および情報処理プログラム
US20230344918A1 (en) * 2022-04-20 2023-10-26 Red Hat, Inc. Computing resource usage control using seed and token generation

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060039498A1 (en) * 2004-08-19 2006-02-23 De Figueiredo Rui J P Pre-distorter for orthogonal frequency division multiplexing systems and method of operating the same
US8370638B2 (en) * 2005-02-18 2013-02-05 Emc Corporation Derivative seeds
EP1811421A1 (en) * 2005-12-29 2007-07-25 AXSionics AG Security token and method for authentication of a user with the security token
EP1936531A1 (en) * 2006-12-20 2008-06-25 Thomson Licensing Methods and device for secure software installation
US9203620B1 (en) * 2008-01-28 2015-12-01 Emc Corporation System, method and apparatus for secure use of cryptographic credentials in mobile devices
CN101645775A (zh) * 2008-08-05 2010-02-10 北京灵创科新科技有限公司 基于空中下载的动态口令身份认证系统
US8312519B1 (en) * 2010-09-30 2012-11-13 Daniel V Bailey Agile OTP generation
US8812860B1 (en) * 2010-12-03 2014-08-19 Symantec Corporation Systems and methods for protecting data stored on removable storage devices by requiring external user authentication
US9143492B2 (en) * 2013-03-15 2015-09-22 Fortinet, Inc. Soft token system
US9071424B1 (en) * 2013-03-29 2015-06-30 Emc Corporation Token-based key generation

Also Published As

Publication number Publication date
CN107409049B (zh) 2020-05-29
JP2018507586A (ja) 2018-03-15
CN107409049A (zh) 2017-11-28
EP3605997B1 (en) 2024-01-31
BR112017014014A2 (pt) 2018-01-02
US20160191244A1 (en) 2016-06-30
EP3605997A1 (en) 2020-02-05
JP6514337B2 (ja) 2019-05-15
US9525550B2 (en) 2016-12-20
EP3241335B1 (en) 2019-05-01
US9525549B2 (en) 2016-12-20
EP3241335A2 (en) 2017-11-08
WO2016190903A2 (en) 2016-12-01
WO2016190903A3 (en) 2017-01-19
ES2971859T3 (es) 2024-06-10
US20160191494A1 (en) 2016-06-30

Similar Documents

Publication Publication Date Title
MX2017008651A (es) Metodo y aparato de aseguramiento de aplicacion movil.
SG10202108677WA (en) Trusted login method, server, and system
EP3731551A4 (en) IDENTITY AUTHENTICATION PROCESS AND SYSTEM AND COMPUTER DEVICE
GB201801530D0 (en) Methods, apparatus and systems for authentication
EP3532971A4 (en) SYSTEM AND METHOD FOR AUTHENTICATING AND AUTHORIZING DEVICES
GB201801526D0 (en) Methods, apparatus and systems for authentication
EP3424179A4 (en) METHOD AND SYSTEM FOR AUTHENTICED REGISTRATION WITH STATIC OR DYNAMIC CODES
PL3562114T3 (pl) Sposób, system i aparat do logowania na różnych urządzeniach
EP3259870A4 (en) Method, apparatus, and system for identity authentication
EP3525150A4 (en) METHOD, DEVICE AND IDENTITY AUTHENTICATION SYSTEM
EP3493462A4 (en) AUTHENTICATION METHOD, AUTHENTICATION APPARATUS, AND AUTHENTICATION SYSTEM
EP3190534A4 (en) Identity authentication method and apparatus, terminal and server
EP3338399A4 (en) METHOD, DEVICE, TERMINAL DEVICE AND SYSTEM FOR GENERATING A SHARED KEY
EP3592014A4 (en) METHOD FOR ADDING AUTHENTICATION ALGORITHM PROGRAM, AND ASSOCIATED DEVICE AND SYSTEM
EP3316544A4 (en) Token generation and authentication method, and authentication server
GB201506769D0 (en) Method, apparatus, and system for generating transaction-signing one-time password
EP3410669A4 (en) METHOD OF AUTHENTICATING PUNCTUAL DYNAMIC POSITIONING, SYSTEM, AND PASSWORD CHANGE METHOD
EP3262552A4 (en) Methods, apparatus, and systems for identity authentication
EP3320423A4 (en) Authentication method, apparatus, and system
TR201820719T4 (tr) Bi̇r şi̇fre ayarlama yöntemi̇ ve bunun i̇çi̇n bi̇r eki̇pman.
EP3451577A4 (en) DATA PROCESSING DEVICE, AUTHENTICATION SYSTEM AND AUTHENTICATION METHOD
WO2017117520A8 (en) A method, system and apparatus using forward-secure cryptography for passcode verification
EP3388963A4 (en) AUTHENTICATION SYSTEM FOR HANDWRITTEN SIGNATURE AND METHODS BASED ON A TIME MULTIPLEX SEGMENT BLOCK
EP3525181A4 (en) METHOD, DEVICE AND IDENTITY VALIDATION TESTING SYSTEM
EP3511853A4 (en) SECURITY AUTHENTICATION PROCEDURES, INTEGRATED CIRCUIT AND SYSTEM