NZ568588A - Authenticating a user and providing a secure electronic communication link - Google Patents

Authenticating a user and providing a secure electronic communication link

Info

Publication number
NZ568588A
NZ568588A NZ568588A NZ56858806A NZ568588A NZ 568588 A NZ568588 A NZ 568588A NZ 568588 A NZ568588 A NZ 568588A NZ 56858806 A NZ56858806 A NZ 56858806A NZ 568588 A NZ568588 A NZ 568588A
Authority
NZ
New Zealand
Prior art keywords
base station
indication
data
identification
algorithm
Prior art date
Application number
NZ568588A
Inventor
Nabil Magdi
Original Assignee
Future Internet Security Ip Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2005906717A external-priority patent/AU2005906717A0/en
Application filed by Future Internet Security Ip Pty Ltd filed Critical Future Internet Security Ip Pty Ltd
Publication of NZ568588A publication Critical patent/NZ568588A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method of authenticating activity data (2160) received by a base station (20), wherein the activity data requests the performance of an activity. In this method the base station receives data including a first algorithm selected from a plurality of algorithms by a device (2150) in data communication with the base station, and a request to generate and transfer a first indication of the activity data (2170) is also received by the base station. A response is then generated, using the first algorithm, indicative of a first indication of the activity data received by the base station. This response is transferred to the device, wherein the device then transfers the first indication to a user station (30) thereby allowing determination of the authenticity of the activity data. The user station then transfers to the device a second indication (2180) indicating the authenticity of the activity data and the base station receives, from the device, this second indication of the determination of authenticity and, in response to a positive authentication, performs the activity.

Description

WO 21)07/062479 AUTHENTICATION AND IDENTIFICATION SYSTEM AND METHOD Background of the invention The present invention relates to an identification system for authenticating a user. The 5 present invention also relates to authenticating data transferred relating to an activity.
Description of the Prior Art The reference in this specification to any prior publication (or information derived 'from it), or to' any matter which is known, is not, and should not be taken as an acknowledgment or 10 admission or any form of suggestion that that prior publication (or information derived from it) or known matter forms part of the common general knowledge in, the field of endeavour to which this specification relates.
Whenever computers are used to perform various personal and commercial activities, 15 secure access is a major area of concern in virtually all applications. A number of disaster stories exist related to "hackers" gaining unauthorised access to various computer systems,, and therefore private and confidential data.
With the exponential growth of the Internet in recent years, the security problem has 20 compounded due to a significant number of commercial services available to users. A major issue is that most users, who are not technically minded, do not understand the intricacies of communication, protocols and network architectures, therefore leaving them vulnerable to attacks from hackers.
With the growing number of attacks and security breaches taking place on a regulai b-isi the existing Internet environment lias significantly undermined any public confidence in the security of Internet access to private information such as banking activities.
Over the past few years, financial institutions have strategically focused on the Internet as 30' a means of customer access to reduce their branch service costs. They have spent significant, funds to upgrade their gateways and security software. This trend, coupled with continued, significant, publicised Internet security breaches within the current environment, mdicates that there continues to exist a very strong need for a cost effective process that can be implemented to facilitate a "hacker" proof communication link between institutions and their customers.
Most solutions currently in place rely on user names/personal identification numbers and passwords, however, these are not completely effective, because "hackers" continue to find ways through the use of elaborate techniques, such as "phantom, cookies" and "keyloggers", to emulate software functionality and record keystroke entries, 1.0 In the majority of applications, once the entry of a user name/personal identification number and password is received and authenticated by the host system,, complete access is granted, regardless of whether the person entering this information is the genuine customer or a "hacker" who has obtained the information through fraudulent, means. Furthermore, in most cases, it is only when a customer discovers the existence of unknown transfers of 1.5 funds that the fraud becomes evident. By then the damage has already been done.
The tools and schemes devised to date continue to rely upon sophisticated and costly processes that require downloaded software, or devices that generate keys that must be synchronised with a host system. Other behavioural and physical identification devices are 20 also available such as signature recorders and verifiers, fingerprint recorders and verifiers, and retinal recorders and verifiers.
The above devices are extremely sophisticated, complex to set up, costly to maintain and upgrade, and require elaborate support software. Unless both recording and verification 25 functions are set up at the individual. PC level for these devices, they require transmission, of recordings for verification and therefore are also open to interception by hackers who can record and emulate identical transmissions.
Only when institutions provide each customer with, devices such as hand held electronic 30 PIN/Password generators, can secure entry be ensured. However, establishing and. maintaining such devices is extremely costly to all concerned and can only be used, on a one-on-one basis. Therefore, if a customer has accounts with multiple institutions that apply the same identifying technique, they would need multiple PIN/Password generators.
Although there is a multitude of options available to confirm individual identification, the 5 effective solutions that are currently available are both complex and costly to implement and maintain. Further, personal computing skill levels of Internet customers vary significantly where there are extreme ranges of competency ranging from novice to expert. As a consequence, financial institutions have adopted the use of the user names/personal identification numbers and passwords as it is the simplest and least costly solution 10 available. Unfortunately, it is also the least effective solution.
Another problem that exists once the user's identity is authenticated and access is granted is that data transferred between a user and another entity can be altered, by a malicious entity, before the data is being received by the other entity.
For example, a user may obtain access to an Internet banking web Mit allowing transactions to be performed. When a transaction, such, as a transfer of funds from the user account to another account is performed, a Trojan or a keylogger can maliciously detect the transaction before it is transferred, and can alter the data. Therefore, the transaction is 20 incorrect as the incorrect funds or the incorrect account has been specified in the data transferred to the other entity. Other examples,, not related to Internet banking, include eavesdropping by other entities on a discussion over a communication medium., such as a telephone or a chat program on. a computer.
There exists a need for a device, method and system, to securely authenticate a user. Furthermore, there exists a need for a device, method and system to securely authenticate activities relating to the transfer of data.
Summary of the Invention The present invention seeks to provide a device,, system and, method which overcomes one or more drawbacks of the prior art.
In some'embodiments, the present invention seeks to provide a device, system and method which enables a higher degree of "hacker" proof communication between users and a base station, such as, but not limited to, a financial institution.
In some embodiments, the present invention also seeks to provide a device, system and method for authenticating the identity of a user at a user station when communicating with a base station, typically a financial institution, by using an identification device having plurality of device codes, which is connected to a user station and appropriately identified when establishing a communication link with the base station, In a first broad form the present invention provides a method of a user obtaining access to secure information stored on a base station using an identification device,, the identification device includes: a store including: code data; and, at least one predetermined rale; and,' a processor; the method including, in the identification device: determining at least one algorithm; ' receiving, from the base station, request data indicative of at least one parameter; generating, modified code data using: 'the at least one algorithm; the at. least one parameter; and, the code data; generating ordered data using: the at least one predetermined rule; the at least one parameter; and, the modified code data; transferring, to the base station indicating, data at least partially indicative of the 30 ordered data, thereby allowing the base station to authenticate the user using the indicating data.
WO 21)07/062479 PCT/AU2006/001825 Optionally the method includes: generating the modified code data by ordering the modified code data according to the at least one predetermined rule using the at least one parameter.
Optionally the method includes receiving, from the base station, the request data further indicative of the at least one algorithm.
Optionally the identification device includes in the store the at least one algorithm, wherein the method includes: ' retrieving from the store the at least one algorithm; transferring, to the base station, the indicating data being further indicative of identity data to thereby allow the base station to determine the at least one algorithm stored in the identification device.
Optionally the identification device includes in the store at least one second algorithm, wherein the method includes: receiving, from the base station, the request data further indicative of the at least one algorithm; retrieving, from the store, the at least one second algorithm; generating the modified data using the at least one second algorithm; and, transferring, to the base station, the indicating data being further indicative of identity data to thereby allow the base station to determine the at least one second algorithm stored in the identification device.
Optionally the identification device includes in the store at least one third algorithm, wherein the method includes: generating the ordered data by using the at least one third algorithm; and transferring, to the base station, the at least one third algorithm.
Optionally the method includes, in the identification device: transferring the indicating data being partially indicative of the identity data, wherein the identity data includes: WO 21)07/062479 an device identity of the identification device; a. generation identity of the identification device; and, a grouping identity of the identification device, Optionally the method includes, in the identification device: coupling the identification device to a user station; receiving, via the user station, the request data; and, transferring, via the user station, the indicating data, Optionally the identification device includes driver software, wherein the method includes, in the identification device: recognising the coupled user station; installing the driver software on the user station, Optionally the method includes, in the identification device: updating, from, the base station, the driver software.
Optionally the identification device includes a temperature sensor, wherein the method, includes: sensing a temperature of the identification device; and comparing the sensed temperature to a minimum threshold and a maximum threshold stored in the store; if the sensed temperature is below the minimum threshold, deleting the data in the store; and; if the sensed temperature is above the maximum threshold, deleting the data in the store.
Optionally the identification device includes an encryption module, wherein the method, includes, in the identification device: encrypting, using the encryption module, the indicating data.
WO 21)07/062479 Optionally the method includes, in the identification device, generating a key which is used for encrypting the response data.
Optionally the method includes,, in the identification device: generating a key; and, encrypting, using the key and the encryption module, the indicating data.
Optionally the method includes: embedding the key in the encrypted indicating data, Optionally the method includes generating the key using electronic interference.
Optionally the identification device includes a decryption module, and wherein the method includes, in the identification device: receiving the request data from the base station; and, decrypting., using the decryption module, the request data.
Optionally the 'method includes, in the identification device: decrypting the request data using at least one of: ' a key stored in the identification device store; and, a key generated by the identification device.
Optionally the method includes, in the identification device; identifying a false identification request; and, generating a false identification response.
Optionally the method includes, in the identification device: generating a random, number; using the random number to generate the false identification response, Optionally the method includes generating the random number using electronic interference.
WO 21)07/062479 In a second broad form the present invention provides an identification device used by a user to obtaining access to secure information stored on a base station, the identification device includes; a store including; code data; and, at least one predetermined rule; and, a processor; the identification device processor being adapted to: determine at least one algorithm; receive, from the base station, request data indicative of at least one parameter; generate modified code data using: the at least one algorithm; the at least one parameter; and, the code data; generate ordered data using: the at least one predetermined rule; the at least one parameter; and, the modified code data; 'transfer, to the base station indicating data at least partially indicative of the ordered data, thereby allowing the base station to authenticate the user using the indicating data.
In a third broad form the present invention provides a method of a base station 25 authenticating a user using an identification device for obtaining access to secure information stored on the base station, the identification device includes: a store including; code data; and, at least one predetermined rule; and, a processor; the base station includes: a processor; and, a data store including; the at least one predetermined rule; at least one parameter; the method including, in the base station; transferring, to the user station, request data at indicative of the at least one parameter; receiving, from the user station, indicating data generated fay the identification device by: generating modified code data using: at least one algorithm; the at least one parameter; and, the code data; generating ordered data using: the at least one predetermined rule; the at least one parameter; and, the modified code data; determining the at least one algorithm used by the identification device; reversely applying the at least one algorithm to the indicating data using the at least one predetermined rule and the at least one parameter to generate the code data, thereby 20 allowing the base station to authenticate the user.
Optionally the method includes, in the base station; generating the code data by reversely applying the at least one predetermined rule to the modified data using the at least one parameter to reorder the modified code data.
Optionally the method includes in the base station, transfening the request data further indicative of the at least one algorithm stored in the base station's data store.
Optionally the method includes, selecting the at least one algorithm from a plurality of first 30 algorithms.
WO 21)07/062479 PCT/AU2006/001825 Optionally the Identification device includes in the store the at least one algorithm, wherein the method includes: receiving, from the identification device, the indicating data being further indicative of identity data to thereby allow the base station to determine the at least one algorithm 5 stored in the identification device.
Optionally the base station's data store includes the at least one algorithm, and the identification device's store includes at least one second algoritlim, wherein the method includes: transferring, from the base station, the request data further indicative of the at least one algorithm; receiving, from the identification device, the indicating data, being further indicative of identity data, the indicating data being further generated by the identification device by applying the at least one second algorithm.; determining, using the identity data the at least one second algorithm, stored, in the identification device; and; reversely applying the at least one second algorithm to the indicating data.
Optionally the identification device includes in the store at least one third algorithm, 20 wherein the method includes, in the base station: receiving, from the identification device, the indicating data being further indicative of the at least one third algorithm, wherein the indicating data is further generated, by the identification device by applying the at least one third algorithm to the ordered data.
Optionally the method includes, in the base station: receiving the indicating data being partially indicative of the identity data, wherein the identity data includes: an device identity of the identification device; a generation identity of the identification device; and, a grouping identity of the identification device.
' WO 21)07/062479 PCT7AIJ2006/001825 Optionally prior to transferring the request data to the identification device, the method includes, in the base station: • receiving an access request from the user; comparing the access request to data in the data store.
Optionally the method includes: providing a web page requesting the access request.
Optionally the access request includes a username and a password, wherein the method, includes, in the base station: comparing the username and the password to data in the data store.
Optionally the method includes in the base station: in the event of a successful comparison, transferring the request data to the identification device; and, in the event of an unsuccessful, comparison, issuing a denial of access.
Optionally the identification device is coupled to a user station, wherein the method includes, in the base station: transferring the request data to the identification device, via the user station; and, receiving the indicating data from, the identification device, via the user station.
Optionally the method includes, in the base station: transferring, from the base station, the updated driver software.
Optionally the method includes, in the base station: requesting the identification device to transfer indicating data at random intervals during the grant of access.
Optionally the method includes, in the base station: requesting the identification device to transfer indicating data at regular intervals during the grant of access.
WO 21)07/062479 Optionally the base station includes an encryption module, wherein the method includes, in the identification device; encrypting, using the encryption module, the request data, Optionally the method includes, in the base station: encrypting the request data using at least one of: a key stored in the identification store and base station store; and, a key generated by, and received from, the identification, device.
Optionally the identification, device includes a decryption module, and wherein the method includes, in the identification device; receiving encrypted indicating data from, the identification device; and, decrypting, using the decryption module, the request data.
Optionally the method, includes: decrypting the response data using a key generated by the identification, device.
Optionally the identification device transfers indicating data including an, embedded key to decrypt the encrypted indicating data, wherein the method includes, in the base station: extracting the embedded key in the encrypted indicating data; and, decrypting, using the extracted key and decryption, module, the encrypted, indicating data.
In a fourth broad from the present invention provides a base station used for authenticating a user using an identification device for obtaining access to secure information stored, on the base station, the identification device includes; a processor; and, a store including: code data; and, at least one predetermined rule; the base station includes: WO 21)07/062479 ' - 13 - a processor; and, at least one data store including: the at least one predetermined rule; and, at least one parameter; the base station processor being adapted to; transfer,, to the user station, request data at indicative of the at least one parameter; receive, from the user station, indicating data generated by the identification device by: generating modified code data using; the at least one algorithm; the at least one parameter; and, the code data; generating ordered data using; the at least one predetermined rule; the at least one parameter; and, the modified code data; determine the at least one algorithm used by the identification device; reversely apply the at least one algorithm to the indicating data using the at least one predetermined rule and the at least one parameter to generate the code data, thereby 20 allowing the base station to authenticate the user.
In a fifth broad form the present invention provides a method of a user obtaining access to secure information stored on. a base station using an identification device coupled to a station, the identification device includes; a plurality of device codes; and, an order rule for ordering a plurality of identification code portions to generate an identification code; the method including, in the identification device: receiving, via the user station, an identification request from, the base station, 30 wherein, the identification request includes an identification code algorithm and a plurality of parameters; generating the plurality of identification code portions using: WO 21)07/062479 the Identification code algorithm; the plurality of parameters; and,, the plurality of device codes; generating the identification code using: the ordering rule; the plurality of parameters; and, the plurality of identification code portions; generating an identification, response including the generated identification code; and, thereby allowing the base station to authenticate and grant access to the user.
In a sixth broad from the present invention provides a method of a user obtaining access to secure information stored on a base station using an identification, device coupled to a user 15 station, the identification device includes: an identification, code algorithm for generating a plurality of identification code portions; a plurality of device codes; and, an order rule for ordering a plurality of identification, code portions to generate an 20 identification code; the method including, in the identification device: .receiving, via the user station, an identification request from, the base station, wherein the identification request includes a plurality of parameters; generating the plurality of identification code portions using: 25 the identification code algorithm; 1.0 transferring, via the user station, the identification response; the plurality of parameters; and, the plurality of device codes; generating the identification code using: the ordering rule; the plurality of parameters; and, the plurality-' of identification code portions; gen.erati.ng an identification response including the generated identification code and identity data indicative of the identity of the identification device; and, transferring, via the user station, the identification response; thereby allowing the base station to authenticate and grant access to the user.
In a seventh broad form the present invention provides a method of a user obtaining access to secure information stored on a base station using an identification device coupled to a user station, the base station, includes a first identification code algorithm and the identification device includes: a second identification code algorithm; a plurality of device codes; and, an order rule for ordering a plurality of identification code portions to generate a second identification code; the method including., in the identification device: receiving, via the user station, an identification request from a base station, wherein the identification request includes the first identification code algorithm and a plurality of random numbers; generating the plurality of identification code portions using: the first identification code algorithm; the second identification code algorithm; the plurality of random numbers; and, ' the plurality of device codes; generating the identification code using: the ordering rule; the plurality of parameters; and, the plurality of identification code portions; generating an identification response including the generated identification code and identity data, indicative of the identity of the identification device; and, transferring, via the user station, the identification response to the base staii m thereby allowing the base station to authenticate and grant access to the user.
In an. eighth broad form the present invention provides a method of a user obtaining access to secure information stored on a base station using an identification device coupled to a user station, the base station includes a first identification code algorithm and the identification device includes; a second identification code algorithm; a third identification code algorithm; a plurality of device codes; and, an order rule for ordering a plurality of identification code portions to generate a second identification code; the method including, in the identification device: receiving, via the user station, an identification request from a base station, wherein the identification request includes the first identification code algorithm and a plurality of parameters; generating the plurality of identification code portions using: 15 the first identification code algorithm; the second identification code algorithm; the third identification code algorithm; the plurality of parameters; and, the plurality of device codes; generating the identification code using: the ordering rule; the plurality of parameters; and, the plurality of identification code portions; generating an identification response including the generated identification code, 25 the third identification code algorithm and identity data indicative of the identity of the identification device; and, transferring, via the user station, the identification response to the base station; thereby allowing the base station to authenticate and grant access to the user, In a ninth broad form, the present invention provides a base station, used for authenticating activity data received by the base station, wherein the activity data relates to an activity, wherein the base station includes a processing system configured to: generate a first indication of the activity data received by the base station; transfer the first indication to a device, thereby allowing determination of the authenticity of the activity data; receive, from the device, a second indication of the determination; and 5 in .response to a positive authentication, perform, the activity.
Preferably, the base station generates a first indication which represents at least some of the activity data received.
Preferably, the base station receives a request for the base station to generate and transfer the first indication, Preferably, the base station transfers the first indication to a device coupled to a user station.
Preferably, the request includes a first data transfer algorithm, wherein the base station generates the first indication in accordance with the first data transfer algorithm.
Preferably, the .request is encrypted, wherein the base station uses a current encryption key 20 to decrypt the request.
Preferably, the request includes a new encryption key, wherein when the request has been decrypted, the current encryption key is updated with the new encryption key..
Preferably, the first indication is encrypted using the new encryption key.
Preferably, the new encryption key is embedded in the request, wherein the base station extracts the new encryption key from the request.
Preferably, the base station randomly generates or selects a second data transfer algorithm which is included with the first indication.
Preferably, the base station embeds the second data transfer algoritlim in the first indication.
Preferably, the base station encrypts the first indication with the new encryption key and 5 first data transfer algorithm.
Preferably, the second indication is encrypted, wherein the base station uses the current encryption key to decrypt the second indication, Preferably, the second indication includes a new encryption key, wherein the base station extracts the new encryption key and updates the current encryption key.
Preferably, the base station performs the activity related to the activity data.
In one embodiment, the activity is a bank transaction, wherein the base station performs the bank transaction in response to a positive authentication.
In one embodiment, once the second indication is received, the base station generates a challenge to determine whether the device is coupled to the user station, Preferably, if a response to the challenge is not received indicating the device is not coupled to the user station, the activity is not performed.
Preferably, if a response to the challenge is received indicating the device is coupled to the 25 user station, the activity is performed..
Preferably, the base station waits for a predetermined time for the response to the challenge, wherein if the response is not received within the predetermined time, the activity is not performed, WO 21)07/062479 Preferably, if a smart card is coupled to the device and the activity data is related to the smart card, the base station generates smart card data in response to the positive authentication, wherein the smart card data is to be transferred to the smart card, Preferably, the smart card data is encrypted using the current encryption key.
Preferably, the base station receives a response from the smart card indicating the smart card data was received and stored in the smart card, Preferably, the base station uses electrical interference to generate random numbers, wherein the random numbers are used to randomly select or generate the second data transfer algorithm.
In a tenth broad form, the present invention provides a method of authenticating activity 15 data received by a base station, wherein the activity data relates to an activity, wherein the method includes, in the base station: generating a first indication of the activity data received by the base station; transferring the first indication to a device, thereby allowing determination of the authenticity of the activity data; receiving, from the device, a second indication of the determination; and in response to a positive authentication., performing the activity.
In one form, the method includes the base station generating the first indication which represents at least some of the activity data received, In another form, the method includes the base station receiving a request to generate and transfer the first indication.
Optionally the method includes receiving the request which is indicative of a first 30 algorithm, wherein the base station generates the first indication using the first algorithm.
In an optional form, the method includes the base station; selecting or generating a second algorithm; generating the first indication, wherein the first indication is indicative of the second algorithm In one embodiment the method includes: receiving an identification response from the device, wherein the identification response is indicative of a first algorithm; and using the first algorithm to generate the first indication, ' In another embodiment, the method includes the base station, transferring the first indication to the device via a. user station, wherein the device is coupled to the user station.
In one form, after the second indication is received, the method includes the base station generating a challenge to determine whether the device is coupled, to the user station, and 15 transferring the challenge to the device.
In one embodiment, the request is encrypted, wherein the method includes the base station using a current encryption key to decrypt the request.
In another embodiment, the request includes a new encryption key, wherein when the request has been decrypted, the method includes the base station, updating the current encryption key with, the new encryption key.
In an optional form, the method, includes the base station encrypting the first indication 25 using the new encryption key.
In one form, the new encryption key is embedded in the request, wherein the method includes the base station extracting the new encryption key from the request.
In another form., the method, includes the base station using the current encryption key to decrypt the second indication.
In another optional form, the second indication includes a new encryption key, wherein the method includes the base station extracting the new encryption key and updating the current encryption key.
\ In a further form., if a smart card is coupled to the device and the activity data is related, to the smart card, the method includes the base station generating smart card data in. response to the positive aiithenticationj wherein the smart card data is to be transferred, to the smart card.
In one embodiment, the method includes the base station encrypting the smart card data using the current encryption, key.
In another embodiment, the base station receives a response from the smart, card indicating the smart card data was received and stored in the smart card, In an eleventh broad form, the present invention provides a user station for authenticating activity data received by the base station and relating to an activity,, wherein, the user station includes a processing system configured to: receive, from a base station, a first indication of the activity data received by the 20 base station; determine an authenticity of the activity data based on the first indication; transfer, to the base station, a second indication of the determination of the authenticity of the activity data, wherein in response to a positive authentication, the activity is performed, Preferably, the user station receives the first indication which represents at least some of the activity data received by the base station.
Preferably, the user station transfers a request for the base station, to generate and transfer 30 the first indication.
Preferably, the user station generates the request for the base station to generate and transfer the first indication, Alternatively, a device is coupled to the user station,, wherein the device is instructed by 5 the user station to generate the request for the first indication, and wherein the device transfers the request via the user station, to the base station.
Preferably, the first indication is received by the user station from the base station, wherein the user station forwards the first indication to the device.
Preferably, the first indication received by the base station, in encrypted.
Preferably, the user station, receives a decrypted first indication, wherein the user station determines, using the decrypted first indication, the authenticity of the activity data 15 received by the base station.
Preferably, the user station uses an output device to provide an output of the first indication. 201 Preferably, the output device is a display of the user station., wherein the display is used to output the first indication to a user at the user station.
Preferably, the user station, receives an indication, from an input device indicating the authenticity of the activity data received by the base station,.
In one embodiment, the user station generates the second indication indicating the authenticity of the activity data..
Preferably,, the user station transfers the second indication, to the base station.
Alternatively, the user station instructs the device to generate the second indication, wherein the user station forwards the indication of authenticity to the device for generating the second indication, Preferably, the second indication generated by the device is transferred to the base station via the user station.
Preferably, the second indication is encrypted.
In one embodiment, the user station receives a challenge from the base station requesting that the device generate a response to the challenge, wherein the user station transfers the challenge to the device.
Preferably, the user station forwards a response to the challenge from the device to the 15 . base station to indicate the device is coupled to the user station.
In another embodiment, the user station receives smart card data, wherein the user station transfers the smart card data to a smart card coupled to the device.
In a twelfth broad form, the present invention provides a method of authenticating activity data received by a base station and relating to an activity, wherein the method includes, in a user station: receiving, from a base station, a first indication of the activity dti-t ieceived by the base station; determining an authenticity of the activity data based on the first indication; transferring, to the base station, a second, indication of the determination of the authenticity of the activity data, wherein in response to a positive authentication, the activity is performed.
In a thirteenth broad form, the present invention provides a. device for authenticating activity data received by a base station from a. user station and relating to an activity, wherein the device includes a processor configured to: receive, from a base station, an encrypted first indication of the activity data received by a base station; decrypt the encrypted first indication, thereby allowing determination of the authenticity of the activity data; and 5 transfer, to the base station, an encrypted second indication of the determination,, wherein in response to a positive authentication, the activity is performed.
Preferably, the device generates a request for the first indication.
Preferably, the device encrypts the request.
Preferably,, the device generates a new encryption key, and embeds the new encryption key in the request.
Preferably, the device updates a current encryption key with the new encryption, key after encrypting the request.
Preferably, the device generates the request which includes a first data transfer algoritlim. which is used by the base station to generate the first indication, Preferably, the device randomly selects the first data transfer algorithm from a plurality of predetermined data transfer algorithms.
Alternatively, the device randomly generates the first data transfer algorithm.
Preferably, the device uses electrical interference to generate random numbers which are used to randomly generate or randomly select the first data transfer algorithm.
Preferably, the device is coupled to a user station, wherein the request is transferred to the 30' base station via the user station.
WO 21)07/062479 Preferably, the device includes a third data transfer algorithm, wherein the third data transfer algorithm is used to generate the second indication.
Preferably,, the encrypted first indication includes a second data transfer algorithm, wliciuu 5 device extracts the second data transfer algorithm and generates the second indication using the second data transfer algorithm.
Preferably, the device decrypts the encrypted first indication using the current encryption key, ' Preferably, the device receives from the user station an indication of authenticity, wherein the device generates the second indication indicative of the authenticity of the activity data.
Preferably, the device combines the second data transfer algorithm and third data transfer 15 algorithm to generate the second indication.
Preferably, the device sequentially applies the second data transfer algoritlim and third data transfer algorithm to generate the second indication, Preferably, the device encrypts the second indication using the current encryption key.
Preferably, the device generates a new encryption key, embeds the new encryption key in the second indication, and after encrypting the second indication the device updates the current encryption key with the new encryption key.
In one embodiment, the device receives a challenge requesting a response from the device indicating that, the device is coupled to the user station, and wherein the device generates a response to the challenge indicating the device is coupled to the user station.
Preferably, the first, second, and third data transfer algorithms are encryption algorithms.
Preferably, the first, second and third data transfer algorithms use the current encryption key in the device and base station.
Preferably? the device is the identification device.
In one enibodimeiit, the device is uncoupled from the user station to indicate a negative authenticity of the activity data.
In a fourteenth broad form, the present invention provides a method of authenticating 10 activity data received from a user station and relating to an activity, wherein the method includes, in a device: receiving, from a base station, an encrypted first indication of the activity data received by a base station; decrypting the encrypted first indication, thereby allowing determination of the 15 authenticity of the activity data; transferring, to the base station, an encrypted second indication of the determination, wherein in response to a positive authentication, the activity is performed.
In one form, the method includes the device generating a request for the first indication, 20 and transferring the request to the base station.
In another form, the method includes the device generating the request which is indicative of a first algorithm which is used by the base station to generate the first indication.
In an. optional form, the method includes one of: the device randomly selecting the first algorithm from a plurality of predetermined first algorithms; the device randomly generating the first algorithm.
In another optional form, the method includes the device using electrical interference to randomly generate or select the first algorithm.
WO 21)07/062479 In one embodiment, the method includes: the device receiving the first indication from the base station, wherein the first indication is indicative of a second algorithm; and the device using the second, algorithm to generate the second indication, In another embodiment, the method includes the device receiving the first, indication and. transferring the second indication to the base station via a user station, wherein the device is coupled to the user station, In one optional embodiment, the device is coupled to a user station, wherein the method includes the device receiving a challenge, from the base station, requesting a response from the device indicating that the device is coupled to the user station, and wherein the device generates a response to the challenge indicating the device is coupled to the user station, In another optional embodiment, the method includes the device encrypting the request.
Optionally, the method includes the device generating a new encryption, key, and embedding the new encryption key in the request, In one form, the device updates a current encryption key with the new encryption key after encrypting the request.
In another form, the device includes a third data transfer algorithm, wherein the method includes the device using the third, data transfer algoritlim to generate the second 25 indication.
In one embodiment, the method includes the device decrypting the encrypted first indication using the current encryption key.
In another embodiment,, the device receives from the user station an indication of authenticity, wherein the device generates the second indication, indicative of the authenticity of the activity data, WO 21)07/062479 Optionally, the method includes the device combining the second transfer algorithm and third transfer algorithm to generate the second indication, In a fifteenth broad form, the present invention provides a method of authenticating activity data received by a base station and relating to an activity, wherein the method Includes: transferring, from a base station to a device, an encrypted first indication of the activity data received by the base station; decrypting, in the device, the encrypted first indication; transferring, from the device to a user station, the first indication,, thereby allowing determination of the authenticity of the activity data; transferring, from the user station to the device, a second indication indicating the determination; encrypting, in the device, the second indication; transferring, from the device to the base station; decrypting, in the base station, the second indication, wherein in response to a positive authentication, the activity is performed, In a sixteenth broad form, the present invention, provides a system for authenticating activity data, received from a user station and relating to an activity, wherein the system, includes: a base station including a processing system configured to: transfer, to the device, an encrypted first indication of the activity data received by the base station; decrypt an encrypted second indication received from the device; a device including a processor configured to: decrypt the encrypted first indication; transfer the first indication to the user station; encrypt a second indication of a determination of the authenticity of the activity data; and, transfer the encrypted second indication to the base station; and; a user station including a processor configured to: determine an authenticity of the activity data based on the first indication; transfer, to the device, the second indication of the determination; wherein in response to a positive authentication., the activity is performed.
In another form, the present invention provides a method of a user obtaining access to secure information stored on a base station using an identification device, the identification device includes a store including code data, the method including, in the identification device: receiving, from the base station, request data indicative of at least one parameter and at least one algorithm; generating indicating data using; the at least one algorithm; the at least one parameter; and, the code data; and transferring, to the base station, the indicating data, thereby allowing the base station to authenticate the user using the indicating data.
In another broad, form, the present invention provides an identification device used by a user to obtaining access to secure information, stored on a base station, the identification device includes a store including code data, the identification device being adapted to; receive, from the base station, request data indicative of at least one parameter and at least one algorithm; generate indicating data using: the at least, one algorithm; the at least one parameter; and, the code data; and transfer, to the base station, the indicating data, thereby allowing the base station to authenticate the user using the indicating data.
In another broad form, the present invention provides a method of a base station authenticating a user using an identification device for obtaining access to secure information stored on the base station, wherein the method includes, in the base station: transferring, to the identification device, request data indicative of the at least one 5 parameter and at least one algorithm,; receiving, from the identification device indicating data generated by using the at least one parameter, the at least one algorithm, and code data stored, in the identification device; and reversely applying the at least one algorithm to the indicating data using the at least 10 one parameter to generate the code data, thereby allowing the base station to authenticate the user.
In another broad form, the present invention provides a base station used, for authenticating a user using an identification device for obtaining access to secure information stored on 15 the base station, wherein the base station is adapted to: transfer, to the identification device, request data indicative of the at least one parameter and at least one algorithm; receive, from the identification device indicating data generated by using the at least one parameter, the at least one algorithm and code J si stored in the identification 20: device; and reversely apply the at least one algorithm to the indicating data using the at least one parameter to generate the code data, thereby allowing the base station to authenticate the user.
In another broad aspect there is provided a method of authenticating activity data received by a base station, wherein the activity data relates to an activity,, wherein the method includes, in the base station: receiving data including a first algorithm, selected from a plurality of algorithms by a device in data communication with the base station, and a request to generate and 30 transfer a first indication of the activity data received, by the base station; generating a response, using the first algorithm, indicative of a first indication of the activity data received by the base station; RECEIVED at IPONZ on 12 September 2011 - 30A - transferring the response to the device, wherein the device transfers the first indication to a user station thereby allowing determination of the authenticity of the activity data, and wherein the user station transfers to the device a request to generate a second indication indicating the authenticity of the activity data; receiving, from the device, the second indication of the determination; and in response to a positive authentication, performing the activity.
In another broad aspect there is provided a base station used for authenticating activity data received by the base station, wherein the activity data relates to an activity, wherein the base station includes a processing system configured to: receive data including a first algorithm selected from a plurality of algorithms by a device in data communication with the base station, and a request to generate and transfer a first indication of the activity data received by the base station; generate a response, using the first algorithm, indicative of a first indication of the activity data received by the base station; transfer the response to the device, wherein the device transfers the first indication to a user station thereby allowing determination of the authenticity of the activity data, and wherein the user station transfers to the device a request to generate a second indication indicating the authenticity of the activity data; receive, from the device, the second indication of the determination; and in response to a positive authentication, perform the activity.
In another broad aspect there is provided a method of authenticating activity data received by a base station, wherein the activity data relates to an activity, wherein the method 25 includes, in a device: generating data including a first algorithm selected from a plurality of algorithms by the device, and a request for a first indication of the activity data; transferring the data to the base station; receiving, from the base station, a response including the first indication of the 30 activity data received by the base station, wherein the first indication is encrypted; decrypting the encrypted first indication, RECEIVED at IPONZ on 17 October 2011 -30B- transferring the first indication to a user station thereby allowing determination of the authenticity of the activity data; receiving, from the user station, a request to generate a second indication indicating the authenticity of the activity data; generating the second indication; encrypting the second indication; and transferring, to the base station, the encrypted second indication, wherein in response to a positive authentication, the activity is performed.
In another broad aspect there is provided a device for authenticating activity data received by a base station, wherein the activity data relates to an activity, wherein the device includes a processor configured to: generate data including a first algorithm selected from a plurality of algorithms by the device, and a request for a first indication of the activity data; transfer the data to the base station; receive, from a base station, a response including the first indication of the activity data received by the base station, wherein the first indication is encrypted; decrypt the encrypted first indication; transfer the first indication to a user station thereby allowing determination of the 20 authenticity of the activity data; receive, from the user station, a request to generate a second indication indicating the authenticity of the activity data; generating the second indication; encrypting the second indication; and 25 transfer, to the base station, the encrypted second indication, wherein in response to a positive authentication, the activity is performed.
Brief Description of the Drawings The present invention will become more fully understood from the following detailed 30 description of preferred but non-limiting embodiments thereof, described in connection with the accompanying drawing(s), wherein: Fig. 1A shows an example of the identification system; Fig. IB shows an example of a method of using the identification system; WO 21)07/062479 Fig. 3A to 3C shows an example flowchart outlining a method of authenticating a user using the identification, system of Fig 2A; Fig. 4A. to 4D shows a more detailed example of the method shown in Figs 3A to 3C; Fig. 5A to 5C shows an example flowchart outlining a method of authenticating a 5 user using the identification system of Fig 2B; Fig. 6A to 6D shows a more detailed example of the method shown in Figs 5A to 5C; Fig. 7A to 7D shows an example flowchart outlining a method of authenticating a user using the identification system of Fig 2C; Fig. 8A to 8E shows a more detailed example of the method shown, in Figs 7A. to 7D; Fig. 9 shows an example of generating of an identification code; Fig. 10 shows an example of the system for authenticating data; Fig. 1.1 shows an example flowchart outlining a method of authenticating activity data received by a base station; Fig. 1.2A to 12C shows a more detailed example of the method of Figure .11; Fig. 13 shows an alternate detailed example of part of the method of Figure 11; and Fig. 14A to 14B shows an example flowchart outlining a method of transferring data to a smart card.
Detailed Description of the Preferred Embodiments Throughout the drawings, like numerals will be used to identify similar features, except where expressly otherwise indicated.
Fig. I shows an example of an identification system 1 including an identification device 10, a base station 20, optionally a user station 30 and a communications network 70.
Shown in Fig. 1A, the identification device 10 and user station 30 may be interconnected via a identification device coupling element 15, The base station 20 and user station 30 may be interconnected via the communications network 70. It will be appreciated that as the user station 30 is optional, the base station. 20 and identification device 10 may be interconnected, by the communication network 70. It is preferable that one or more gateways may be positioned on the communication network 70 between each user station WO 21)07/062479 and base station 20, interconnecting various networks and different communication protocols.
It is noted that the base station 20 can be a financial institution, wherein the user station. 30 5 is a customer performing transactions over a network 70. However, the identification system 1 is not limited to this use, and can be used in various other applications such as loyalty point schemes, purchase of products and services, access of private health information, access of private taxation' information, access of private company information, voting, and any other systems that require authentication of a user, The identification device 10 is preferably a compact electronic personal identification device that couples to a user station 30, such that it seeks to identify the user or owner.
The identification device 10 includes a processor 11, a store 12 including code data (also 15 known as device codes) and an order rule. Preferably,, the identification device 10 includes a coupling element 15 to optionally couple the identification device 10 to the user station 30, an encryption module 13 and a decryption, module 14.
Accordingly, it will be appreciated that the identification device processor 11 may be any 20 form of processor suitably programmed to perform, the method, as will be described in more detail, below.
The base station 20 includes a processor 21 and a store 22 including an order rule and at least one parameter. Preferably the processor 21 may be adapted to perform encryption and 25 decryption. However, optionally the base station 20 may include an encryption module 23 and a decryption module 24.
The user station 30 is a processing system suitable for performing a method of relaying data between, the base station 20 and the identification device 10. In particular, the user 30 station 30 generally includes at least a processor 31, a memory 32. and an input device 33, such as a keyboard, an output device 34, such, as a display, an. external interface 35, such, as a port, coupled together via a bus as shown. The user station 30 can be any type of computer device including workstations, personal computers, network conriectable information-processing devices, digital home electric appliances, ATM, portable terminals for instance, and cellular phones.
An example of a method of using the identification system, of Figure 1A will now be described with reference to Figure IB.
In particular, at step 100, the identification, device 10 receives, from the base station 2.0,' request data. 50 indicative of at least one parameter. At step 110, the identification device 10 10 determines at least one algorithm.
At step 120, the identification device 10 generates modified code data using the determined at least one algorithm, the received at least one parameter and the code data in the identification device store 12. At step 130, the identification device 1.0 generates 15 ordered data using the order rule, the at least one parameter, and the generated modified code data.
At step 140, the identification device 10 transfers, to the base station 20, response data 60 at least partially indicative of the modified code data. At step 150, the base station 20 20 authenticates the user of the identification device 10 using the response data 60.
An example of the identification system showing the flow of data between the identification device 10 and the base station 20 will now be described with reference to Figure 2A.
In particular, the identification system 1 includes the base station 20 and the identification device 10 interconnected, by a communications network 70. It will he appreciated that a user station 30 may be interconnected between the base station 20 and identification device 10 for relaying data. The base station 20 includes a store 22 including at least one 30 parameter and at least one algorithm. The identification device 10 includes a store 12 including code data. The base station. 20 transfers the at least one parameter and the at least one algorithm to the identification device 10, The identification device 10 transfers a generated identification code to the base station. 20 to be authenticated.
An example of a method of a user being authenticated using the identification system 1 5 described in Figure 2A will now be described with reference to Figures 3A to 3C.
In particular, at step 300 the user couples the identification device 10 to the user station 30. At step 305 the user station 30 transfers an access request 40 to the base station 20.
At step 310, the base station 20 compares the access request 40 to data in. the data, store 22, At step 315, the base station 20 determines the success of the comparison. If the comparison was unsuccessful, the base station 20 denies access to the user station 30 at step 320. If the comparison was successful, the method, continues on to step 325, At step 325, the base station 20 generates an identification request 50 including an identification code algorithm and plurality of parameters. Preferably the parameters are random numbers used by the identification device 10 for generating a plurality of Identification code portions, and for ordering the plurality of identification code portions into a string to generate an identification code, At step 330, the base station 20 encrypts the identification request 50 using the base station's encryption module 23, and at step 335 the base station 20 transfers the identification request 50 to the identification, device 10, via the user station. 30.
At step 340, the identification device 10 decrypts the identification request 50 using the identification device's decryption module 14. At step 345, the identification device 10 generates an identification response 60, The identification, response 60 includes an identification code. The identification code is generated using the received identification, code algorithm, the plurality of device codes, and the plurality of parameters, At step 350, the identification response 60 is encrypted using the identification device's encryption module 13 and at step 355 the identification device 10 transfers the identification response 60 to the base station 20, via the user station 30.
At step 360, the base station. 20 decrypts the received, identification response 60 including the identification, code. At step 365, the base station 20 reversely applies the sent identification code algorithm using the identification code and the sent plurality of parameters so as to determine the identification device's plurality of device codes. The plurality of parameters are used to reorder the identification code and also to regenerate the 10 device codes.
At step 370, the base station 20 generates an identification check code using the determined plurality of device codes, At step 375. the base station 20 compares the generated identification check code to data in the data store 22. At step 380, the base 15 station 20 determines the success of the comparison. If the comparison, is unsuccessful, the base station 20 denies access at step 385. If the comparison is successful, the base station 20 grants access to the user using the user station 30 at step 390.
A more detailed example of the method described in Figures 3A to 3C will now be described with reference to Figures 4.A to 4D.
In particular, at step 400 the user couples the identification device 10 to the user station 30. The identification, device 10 may include a coupling element 15 which couples with an. external interface 35 such as a user station port. The port 35 may be a universal serial bus 25 (USB), used to couple to the identification device's coupling element 15, Accordingly, the identification device 10 preferably includes USB/USB2 communications compatibilities. Alternatively,, the identification device 1.0 may include other forms of coupling elements 15 which could be used, to couple to other ports 35 such as parallel ports, serial ports, firewire, RS232, RS485 and the like. Optionally, the identification device 10 may include 30 more than one coupling element 15 allowing the identification, device 10 to be used, on variety of user stations 30 that includes various types of ports 35.
WO 21)07/062479 At step 410, the identification device 10 recognises that the Identification device 10 has been coupled to the user station 30, and therefore installs driver software on the user station 30, It will be appreciated that the driver software may be installed each time the identification device 10 is coupled to the user station 30, as will be described in more detail 5 later. Alternatively, it will also be appreciated that the driver software may only require being installed the initial time the identification device 10 is coupled to the user station 30. The driver software is used by the user station 30 to control the data transfer between the base station 20 and the identification device 10 via the user station 30, and may also be used by the user station 30 to control, the identification device 10.
At step 420 the user station 30 transfers an access request 40 to the base station. 20, The access request 40 includes a user's username and a password. For example, the user may open a financial institution's web page on the internet using the user station 30, The web page prompts the user for the username and the password. An access request 40 including 15 the username and the password is then transferred to the base station 20. It will be appreciated that the access request 40 including the username and the password may be encrypted.
At step 430 the base station 20 compares the received access request 40 to data, in the data 20 store 22, and at step 440, the base station 20 determines the success of the comparison.. For example, the base station 20 may decrypt the access request 40 including the username and. the password, and. compare 'the unencrypted user name and password to data in the data store 22. If the comparison is unsuccessful (ie. the unencrypted username and password does not exist in the database) then, the base station 20 denies access the user using the user 25 station 30 at step 450, If the comparison, is successful, the method moves on to step 460. The base station 20 may transfer data to the identification device 10 indicating the success of the comparison.
At step 460, the base station .20 generates an identification, request 50 including an 30 identification code algorithm and plurality of parameters, wherein the plurality of parameters are preferably random values. The identification code algorithm ma}' include a number of sub-algorithms, wherein each sub-algorithm is applied to an individual device codc in the identification device 10, as will be discussed in further detail later. The identification code algorithm uses both the plurality of random values and the device codes to generate an identification code, as will also be discussed in more detail later. The identification code algorithm and the plurality of random numbers are stored in the base 5 station's data store 22 with the associated received access request 40.
The plurality of random numbers are preferably generated by measuring electronic interference (also known as "white noise") so as to generate real random numbers rather than pseudo-random numbers. The identification code algorithm is selected by the base 10 station 20 at random, from a plurality of identification, code algorithms stored in the base station's data store 22. Similarly, the base station 20 may select the identification code algorithm from the plurality of identification code algorithms using a random number.
At step 470, the base station 20 encrypts the identification request 50 using the base 15 station's encryption module 23 and a key stored in the base station store 22. The identification request 50 may be unencrypted using a similar key stored in the identification device store 12. At step 480 the base station transfers the identification request 50 to the identification device 10, via the user station 30.
At step 490, the identification device 10 decrypts the identification request 50 using the identification, device decryption module 14. As has been previously indicated, the identification device's decryption module 14 uses a key stored in the identification device store 12 to decrypt the identification request 50.
At step 500, the identification device 10 applies the identification code algorithm to the plurality of device codes to generate an identification code. As earlier indicated, the identification algorithm includes a number of sub-algorithms, wherein each sub-algorithm is applied to the each device code stored in the identification device's store 12. When each sub-algorithm is applied, to each respective device code, one of the plurality of the random 30 numbers is used in order to produce a portion of the identification code.
Each sub-algorithm manipulates a respective device code using one of the random numbers from the received plurality of random, numbers. For example, as shown in Figure 9, the first sub-algorithm 2060 is indicative of adding the value of the random number to the value of the device code 2030. Other forms of manipulation., which a sub-algorithm 5 may be indicative of, may include multiplying or subtracting one of the random numbers from the device code, as shown in Figure 9. It will be appreciated that these are simplified examples and that more complex sub-algorithms are possible.
At step 510, the identification, code is generated by concatenating each generated 10 identification code portion to other identification code portions using an order rule and the values of the received plurality of random numbers, such as to generate an identification code.
For example, as shown in Figure 9, the plurality of random numbers 2000, 2010, 2020 15 received in the identification request 50 include a first random number 2000 having a value of'1S*3 a second random number 2010 having a value of '19', and a third random number 2020 having a value of '5'. The first random number 2000 is used with the first sub-algoritlim. 2060 and applied to the first register 2030 including the first device code. The result of the first sub-algorithm 2060 produces a first identification code portion 2100, 20 Similarly, the second and third random numbers 2010, 2020 are used with, the second and third sub-algorithms 2070, 2080 and applied to second and third registers 2040, 2050 respectively, producing the second and third identification code portions 2110,2120.
The identification, device 10 includes an order rale 2130, which for example specifies that 25 the identification code portions 2100, 2110, 2120 are to be concatenated together in an ascending order of the value of each random numbers 2000, 2010, 2020 applied. Therefore, the third random, number 2020 with a value of five is the smallest, followed by the first, random number 2000 with a value of thirteen, and then the second, random, number 2010 with a value of nineteen. Therefore, the order rule 2130 generates an identification 30 code 2140 by concatenating the identification code portions 2100, 2110, 2120 which includes the third identification code portion 2100, followed by the first identification code portion 2110, followed by the second identification code portion 2120, as shown in Figure WO 21)07/062479 9, It will be appreciated that other order rules 2130 could be applied, for example, concatenating the identification code portions 2100,2110, 2120 in descending order.
At step 520, the identification device 10 generates an identification response 60', The 5 identification response 60 includes the generated identification code.
At step 530, the identification response 60 is encrypted using the identification device's encryption module 13, The identification device 10 uses a randomly generated key to encrypt the identification response 60. The identification device 10 may measure electronic 10 Interference to generate a random key to be used by the encryption module 13 to encrypt the identification response 60, Typically, the encryption module is a Triple DES encryption module. The encryption module 13 and decryption module 14 may be hardware, software, or a combination of hardware and software, At step 540, the identification device 10 embeds the generated random key used to encrypt the identification response 60, in the identification response 60, As such, when the base station receives the identification response, the base station extracts the randomly generated key in order to decrypt the identification response 60. However, it will be appreciated that other forms of exchanging the randomly generated key are possible such 20 as using session keys. It is preferable that encrypted data transfer between the identification device 10 and the base station 20 after step 540 use the randomly generated key. For example, if data is transferred after access is granted, the encryption modules 13, 23 and decryption modules 14, 24 use the randomly generated key in order to encrypt and decrypt data transferred, At step 550, the identification device 10 transfers the identification response 60 to the base station 20, via the user station 30.
At step 560, the base station. 20 extracts the random, key embedded in the received 30 identification response 60. The base station 20 may extract the random key from the identification response 60 at predetermined locations in the identification response 60.
WO 21)07/062479 At step 570, the base station 20 decrypts the received identification response 60 using the base station's decryption module 24 and the extracted random key. Typically, the base station's decryption module 24 is a. software module however it will be appreciated that the decryption module 24 may be a Triple DES decryption module. The decryption module 24 5 may be hardware, software, or a combination of hardware and software. The decrypted identification response 60 includes the identification code generated by the identification device 10.
At step 580, the base station 20 retrieves from the base station's data store 22 the plurality 10 of random numbers sent to the identification, device 10 in the identification request 50. At step 590, the base station 20 uses the plurality of random numbers to reorder the identification code portions. Therefore, the base station 20 determines, using the plurality of random numbers, which identification, code portion was generated for which device code in the identification device 10.
At step 600, the base station 20 retrieves from the base station's data store 22 the sent identification code algorithm. At step 610, the base station. 20 reversely applies each sub-algorithm to the determined identification code portions using the plurality of random numbers. Thus, by reversely applying the sub-algorithms, the plurality of device codes, 20 stored in. the identification device 10, are re-generated by the base station.
At step 620, the base station 20 generates an identification check code using the regenerated device codes. The base station may include an identification code converter (not. shown) that uses the re-generated device codes to produce an identification check code. 25 The identification code converter may be any one or combination of a software program or hardware to perform the task of converting the plurality of re-generated device codes to an identification, check code 18.
Preferably the identification check code includes less digits compared to the plurality of 30 device codes such that the base station's data store 22 does not have to record large numbers,, and slow down the comparison process performed, in step 630. It will be appreciated that the plurality of regenerated device codes are purged from, the base station's .41 - memory 22 such that the only record of the plurality of device codes in the identification system 1 is in the Identification device 10, At step 630;, the base station 20 compares the generated identification check code to data in 5 the data store 22, The comparison Includes comparing that the identification check code matches the associated user name and password compared earlier at step 430.
At step 640, the base station 20 determines the success of the comparison of the identification check code. At step 650, if the comparison Is unsuccessful, the base station 10 20 denies access. If the comparison is successful, the base station 20 grants access to the user using the user station 30 at step 660. Access may be granted by creating a secure sockets layer (SSL) link between the base station 20 and user station 30, Another example of an identification system will now be described with reference to 15 Figure 2B.
In particular, the base station includes a store 22 including at least one parameter, and a lookup table including identity data associated with a plurality of identification code algorithms. The identification device 10 includes a store 12 Including code data and at least 20 one algorithm. The base station. 20 transfers the at least one parameter to the identification device 10. The identification device 10 transfers a generated Identification code and identity data to the base station 20 to be authenticated.
An example of a method of a using the identification system described in Figure 2B will 25 now be described with reference to Figures 5A to 5C.
In particular, at step 700 the user couples the identification device 10 to the user station 30. At step 710 the user station 30 transfers an access request 40 to the base station 20.
At step 720, the base station 20 compares the access request 40 to data in the data store 22. At step 730, the base station 20 determines the success of the comparison. If the WO 21)07/062479 comparison was unsuccessful, the base station 20 denies access to the user station 30 at step 740, If the comparison was successful, the method continues onto step 750, At step 750, the base station 20 generates an identification request 50 including a plurality 5 of random numbers. At step 760, the base station 20 encrypts the identification request 50 using the base station's encryption module 23> and at step 770 the base station 20 transfers the identification request 50 to the identification device 10, via the user station 30, At step 780, the identification device 10 decrypts the identification request 50 using the 10 identification device decryption module 14, At step 790, the identification device 10 generates an identification code. The identification code is generated using the identification code algorithm stored in the identification device store 12. The identification code algorithm stored in the identification device 10 uses the plurality of device codes, and the received plurality of random numbers to generate the identification device code, At step 800, the identification device 10 generates an identification response 60 including the identification code and identity data. At step 810, the identification response 60 is encrypted using the identification device's encryption module 13 and at step 820 the identification device 10 transfers the identification response 60 to the base station 20, via 20 the user station. 30.
At step 830, the base station 20 decrypts the received identification response 60 including the identification code and identity data. At step 840, the base station 20 uses the identity data to determine, using data stored in the data store 22, the identification code algorithm 25 used by and stored in the identification device 10, At step 850, the base station 20 reversely applies the determined identification code algorithm using 'the identification code and. the sent plurality of random values to determine the identification device's plurality of device codes.
At step 860, the base station 20 generates an identification check, code using the determined plurality of device codes. At step 870, the base station 20 compares the generated identification check code to data in the data store 22, At step 880, the base station 20 determines the success of the comparison. At step 890, if the comparison is unsuccessful,, the base station 20 denies access. If the comparison is successful, the base station 20 grants access to the user using the user station 30 at step 895.
A more detailed example of the method described in Figures 5A to 5C will now be described with reference to Figures 6A to 6D.
In particular steps 900 to 950 are performed similarly to steps 400 to 450.
At step 960, the base station 20 generates an identification request 50 including a plurality of random numbers. The plurality of random numbers are used by the identification, device 10 in the identification code algorithm to generate a plurality of identification code portions. The plurality of random numbers may also be used with the order rale to determine an order which the plurality of generated identification code portions are to be concatenated, as previously described. The plurality of random numbers are generated, and stored in the base station's data, store 22 prior to being sent to the identification device 10.
Steps 970 to 990 are performed similarly to steps 470 to 490.
At step 1000, the identification device 10 applies the stored identification code algorithm, to the plurality of device codes to generate an identification code. The plurality of random numbers are also used by the identification code algorithm., as shown in Figure 9.
Step 1100 is performed similarly to step 510.
At step 1020, the identification device 10 generates an. identification response 60. The identification response 60 includes the generated identification, code and identity data. The identity data includes a device identity to uniquely identify the identification device 10. 30 The identity data may also include a grouping number and a version number. The grouping number may be used by the base station. 20 to determine the identification code algorithm stored, in the identification device 10. The version number may be indicative of the version WO 21)07/062479 of the identification device 10. For example version '1.0' may include two hundred and fifty six device codes, whereas version '1.1' may include five hundred and twelve device codes, Steps 1030 to 1060 are performed similarly to steps 530 to 560, At step 1070., the base station 20 decrypts the identification response 60, similarly to step 570. The decrypted identification response 60 includes the identification code and the identity data.
Steps 1080 and 1090 are performed similarly to step 580 and 590, At step 1100, the base station 20 retrieves, from the base station's data store 22, the identification, code algorithm used by the identification device 10. The base station 20 15 determines the identification code used by the identification device 10 using the received identity data. Thus the identity data is used as a pointer in a lookup table (or matrix) which includes the identification code algorithms for a plurality of identification devices 10.
Once the identification code algorithm, is retrieved, using identity data, the base station 20 20 performs step 111.0 to 1160 similarly to step 610 to 660 so as to authenticate the user of the user station 30 and grant access if a successful authentication occurs.
Another example of an identification system will now be described with reference to Figure 2C. in particular, the base station 20 includes a store 22 including at least, one parameter, at least one first algorithm. The identification device 10 includes a store 12 including code data and at least one second algorithm. The base station 20 transfers the at least one parameter and first algorithm to the identification device 10. The identification, device 10 30 transfers a generated identification code and identity data to the base station 20 to be authenticated, WO 21)07/062479 An example of a method using the identification system described in Figure 2C will now be described with reference to Figures 7A to 7D.
In particular, at step 1200 the user couples the identification device 10 to the user station 5 30, At step 1210 the user station 30 transfers an access request 40 to the base station 20.
At step 1220, the base station 20 compares the access request 40 to data in the data store 22. At step 1230, the base station 20 determines the success of the comparison. If the comparison was unsuccessful, the base station 20 denies access to the user station 30 at 10 step 1240, If the comparison was successful, the method continues on to step 1250.
At step 1250, the base station 20 generates an identification request 50 including a plurality of random values and a first identification code algorithm. At step 1260, the base station 20 encrypts the identification request 50 using the base station's encryption module 23, and at 15 step 1270 the base station 20 transfers the identification request 50 to the identification device 10, via the user station 30.
At step 1280, the identification device 10 decrypts the identification request 50 using the identification device decryption module 14, At step 1290, a first identification code is 20 generated by applying the first identification code algorithm, using the plurality of device codes and received, plurality of random, numbers. At step 1300, a second identification code is generated by applying the second identification code algorithm, stored in the identification device store 12, using the first identification code and the received plurality of random numbers, At step 1310, the identification device 1.0 generates an identification response 60 including the second identification code and the identity data.
At step 1320, the identification, response 60 is encrypted using the identification device's 30 encryption module 13 and at step 1330 the identification device 10 transfers the identification response 60 to the base station 20, via the user station 30.
At step 1340, the base station 20 decrypts the received identification response 60 including the identification code. At step 1350, the base station 20 uses the identity data to determine, using data stored in the data store 22, the second identification code algorithm used by the identification device 10.
At step 1360, the base station 20 reversely applies the determined second identification code algorithm using the second identification code and. the sent plurality of random values so as to regenerate the first identification code.
At. step 1370,. the base station 20 reversely applies the first identification code algorithm to the regenerated first identification code algorithm using the plurality of random numbers so as to regenerate the identification device's plurality of device codes.
At step 1380, the base station 20 generates an identification check, code using the determined plurality of device codes. At step 1390, the base station 20 compares the generated identification check code to data in the data store 22. At step 1400, the base station. 20' determines the success of the comparison. At step 1410, if the comparison Is unsuccessful, the base station 20 denies access. If the comparison is successful, the base station 20 grants access to the user using the user station 30 at step 1420.
A more detailed example of the method described in Figures 7A to 7D will now be described with, reference to Figures 8A to 8B, In particular, steps 1500 to 1550 are performed similarly to steps 400 to 450.
At step 1.560, the base station 20 generates an identification request 50 including the first identification code algoritlim. and the plurality of random, numbers. The first identification code algorithm is selected randomly from the plurality of first identification code algorithms stored in the data store 22.
Steps 1570 to 1590 are performed similarly to steps 470 to 490.
At step 1600, the identification device 10 applies the first identification code algorithm to the device codes using the plurality of random numbers to generate a plurality of first identification code portions.
At step 1610, the identification device 10 applies the second identification code algorithm to generate, using the plurality of first identification code portions and the plurality of random, numbers, the second plurality of identification code portions. It will be appreciated that the first and. second algorithms are two segments of a total algorithm that is applied to the device codes, as will be described in more detail later.
Step 1.620 is performed similarly to step 510 except, the second, plurality of identification, code portions are concatenated to generate the identification code.
At step 1.630, the identification device 10 generates an identification response 60. The 15 identification response 60 includes the generated identification code and identity data. The identity data includes a device identity and may include a version number, and. a grouping number, as has been described in previous examples, Steps 1740 to 1800 are performed similarly to steps 530 to 590.
At step 1.710, the base station 20 retrieves, from, the base station's data store 22, the second identification code algorithm used by the identification device 10, The base station 20 determines the identification code algorithm used by the identification device 10 using the received identity data. Thus the identity data is used as a pointer to a lookup table (or 25 matrix) which, includes the identification code algorithms for a plurality of identification devices 10.
At step 1720, the base station 20 reversely applies the retrieved second identification, code algorithm, using the received second plurality of identification code portions and the sent 30 plurality of random numbers so as to regenerate the fust identification code.
WO 21)07/062479 At step 1730, the base station reversely applies the retrieved first identification code algorithm to the regenerated first identification code so as to regenerate the plurality of device codes, Steps 1740 to 1780 are performed similarly to steps 620 to 660 so as to authenticate the user of the user station 30 and grant access if a successful authentication occurs.
It is preferable that an identification device distributor distributes the identification devices 10 to the base stations 20. The distributor performs a distribution method including loading 10 systemic components including databases and software required to support the identification system 1 onto one or more base stations 20, loading systemic components required to support the particular base stations 20 onto a identification system 1 central site computer and supplier central databases, custom tailoring the relevant base station software/systems to accommodate the new identification information requirements, e.g. the 15 customer system, the internet gateway system, etc., custom tailoring the relevant base station databases to accommodate the new identification information requirements, establishing relevant support procedures at the base station offices and branches, and, performing QA on all procedures and systems affected.
It is preferable that an ongoing operational process occurs between the identification device distributor and each base station 20 included in the identification system. 1. The ongoing operational processes that provide support for the identification system 1 are expected to be conducted daily by the identification device distributor and. each base station 20 on a one-on-one basis. Typically such processes would include supply of the 25 physical identification device 10 stocks by the identification device distributor to the relevant base station 20, registering the identification devices 10 sent onto the supplier's central, databases, registering the identification devices 10 received onto the base station 20 database. It is also perceived, that such processes would include distributing the identification devices 10 to the relevant base stations 20 wherein the base station 20 can. 30 redistribute the identification devices 10 to their customers, performing daily batch processes to prepare transmission files on. each base station 20, transmitting identification device 10 activity data to the identification device 10 supplier's central site computer.
WO 21)07/062479 PCT7AU2006/001825 Additionally, these processes could include processing on the identification device supplier's central site computer daily identification device 10 activity received from each base station 20 in order to summarise all activities, and, transmitting report files, and warnings to each base station 3.
It is preferable that there is a registration process for a user to obtain an identification, device 10. This registration process is only expected to occur once, unless the customer has, damaged, or reported the identification device 10 as lost or stolen, Typically, a customer visits a base station 20 and applies to use an identification device 10, the base station 20 provides the customer with a "conditions of use" contract, the customer reads the "conditions of use" contract, signs, and returns it to the base station 20. The base station 20 detaches the identification check code tag attached to the identification device 10, and provides the customer with an identification device 10, 15 relevant software such as device drivers or useful software such as internet browsers, and instructions. The base station 20 enters the identification check code 18 printed on the identification check code tag into the customer database , and, the base station 20 then destroys the tag containing the identification check code, as it is no longer required.
An example of a system for authenticating activity data received by the base station 20 will now be described with reference to Figure 10.
Fig. 10 shows an example of a system 4000 including a device 2150, a base station 20, optionally a user station 30 and a communications network 70.
The device 2150 and user station 30 may be interconnected via a device coupling element 2165. The base station 20 and user station 30 may be interconnected via the communications network 70. It will be appreciated that as the user station 30 is optional, the base station 20 and device 2150 may be interconnected by the communication network 30 70. It is preferable that one or more gateways may be positioned on the communication network 70 between each user station 30 and base station 20, interconnecting various networks and different communication, protocols.
WO 21)07/062479 As has previously been noted, the base station 20 can be a financial institution wherein the user station 30 is a customer performing transactions over a network 70, However, the system is not limited to this use, and can. be used in various other applications, as 5 previously described.
The device 2150 is preferably the identification device 10 described earlier. As such, a user can be identified using the identification device 10 and authenticate activity data 2160 received by the base station 20 using the identification device 10, However, it is possible 10 that the identification device 10 can be used for obtaining access to a session, and a separate device 2150 can be used for authenticating activity data. 21.60 received by the base station 20. The device 2150 may physically couple to a user station 30. However, it will be appreciated that the device 2150 may use wireless communication to transfer and receive data to and from the user station 30, The device 2150 includes a processor 2151, a store 2152 including code data (also known as device codes) and an order rule. Preferably, the device 2150 includes a coupling element 2155 to optionally couple the device 2150 to the user station 30, an encryption module 2153 and a decryption module 2154, It will be appreciated that parts of the device 2150 20 may be interchanged with similar parts of the identification device 10 previously described.
Furthermore, it will be appreciated that the device's processor 2151 may be any form of processor suitably programmed to perform the method, as will be described in more detail, 25 below.
The base station, 20 and, user station 30 are similar to those described in the identification system.
An example of a method for authenticating activity data 2160 received by the base station 20 will now be described with reference to Figure 11.
WO 21)07/062479 In particular, at step 2500, the base station 20 generates a first indication 2170 of activity data 2160 received. At step 2510, the base station 20 transfers the first indication 2170 to the device 2150, At step 2520, the device 2150 determines authenticity of the activity data 2160 transferred to' the base station 20, based on the first indication 2170, At step 2530, the 5 device 2150 transfers, to the base station 20, a second indication 2180 indicative of the determination. At step 2540, the base station 20 performs the related activity in response to a positive authentication.
The activity data 2160 can be data related to any activity, such as a financial transaction, 10 For example, the activity data 2160 may indicate that the user attempted to transfer one-hundred dollars to a particular bank account. However, it will be appreciated that any activity may be represented by the activity data 2160. Furthermore, the activity data 2160 received by the base station 20 may be data received from the device 2150 or the user station 30.
A more detailed example of the method described with reference to Figure 10 will now be described with reference to Figures 12A to 12C.
In particular, a user obtains access to information at a base station 20 at step 3000, This 20 step preferably includes the authentication process described in Figures 2 to 9 in order to authenticate the user at the user station 30 to the base station 20, At step 3010, the user inputs activity data 2160 using the user station 30. The activity data 2160 may relate to a financial transaction, which is entered by the user using one or more 25 input devices of the user station 30, At step 3020, the device 2150 encrypts the activity data 2160. The device 2150 may encrypt the activity data 2160 by the user station 30 transferring the activity data 2160 to the device 2150, wherein the device 2150 subsequently encrypts the activity data 2160, 30 The encryption of the activity data 2160 may be performed similarly to encryption processes described earlier for the identification method and system. Therefore, the device 2150 may encrypt the activity data 2160 using an encryption key that the base station 20 has a stored copy thereof. Optionally, a new encryption key to be used in a subsequent data transfer may be embedded in the activity data 2160, such that the base station 20 may update the current encryption key, This process has previously been described in detail earlier in this document.
At step 3030, the encrypted activity data 2160 is transferred to the base station 20. This transfer may include transferring the encrypted activity data 2160 from the device 2150 to the base station 20 via the user station 30. However, as will be appreciated, it may be possible that wireless communication may be possible such that the encrypted activity data 2160 may bypass the user station 30 and be transferred to the base station 20 directly.
At step 3040, the base station 20 decrypts die encrypted activity data 2160 received from the device 2150, typically via the user station. 30. As has previously been mentioned, the base station. 20 may use a current encryption key that was updated from previous data received from the device 2150, Preferably, when the activity data 2160 is being decrypted, the embedded encryption key is extracted, and the current encryption key stored by the base station 20 is updated with the extracted encryption key. Any further encryption or decryption performed by the base station 20 uses the updated current encryption key.
At step 3050, the user determines whether an. indication of the activity received by base station 20' is required. If the user does not require an indication at this stage, the user continues to enter further activity data 2160 at step 3010. If the user requires an indication of activity data 2160, the method continues to step 3060. Details of the indication, of activity data 21.60 will be described in more detail below.
At step 3060, the user indicates a request is to be transferred to the base station 20'. Generally, the user indicates that the request is to be transferred using the user station 30. This may be in the form of clicking a button provided on a user interface of the user station 30 to request that an indication of the activity data 2160 is required. However, it will be appreciated that a default request can be transferred to the base station 20 without the user being required to provide an indication.
WO 21)07/062479 At step 3070, the request is transferred to the base station 20. This transfer of the request may be performed by the user station 30, the device 2150, or a combination of both. The request may be encrypted, wherein the base station 20 decrypts the request using the current encryption key.
If the request is encrypted by the device 2150, it is possible that a new encryption key is embedded in the encrypted request, and as such the base station 20 may update the current encryption key after the request is decrypted.
Alternatively, if the request is encrypted by the user station 30, the base station 20 may request that an updated encryption key is sent to the base station 20 from the device 2150, such that the indication of the activity data 2160 is transferred securely. In this case, once the base station 20 receives the request, the base station 20 optionally generates a request for an updated encryption key from the device 2150 at step 3080.
The request is transferred to the device 2150 at step 3085, It will be appreciated that the request may be encrypted using the current encryption key stored by the base station 20. At step 3090 the device 2150 generates a new encryption key and then at step 3095 the device 2150 transfers the new encryption key to the base station 20, The encryption key may be encrypted or it is possible that the encryption key is embedded in the encrypted response. The base station 20 updates the current encryption key with the extracted key received in the response at step 3100. This preferably includes the base station 20 decrypting the response received from the device 2150, At step 3110, the base station 20 generates a first indication 2170 of the activity data 2160 received by the base station 20, The first indication 2170 may represent at least some of the activity data 2160 received or the entire activity data 2160 received.
The base station 20 then encrypts the first indication 2170 with the current encryption key at step 3120, At step 3130, the base station 20 transfers the encrypted first indication 2170 to the device 2150. This transfer of the encrypted first indication 2170 may occur via the PC17AU2006/001825 user station 30 if direct 'transfer of the first indication 2170 to the device 2150 is not possible.
At step 3140, the device 2150 decrypts the encrypted first indication 2170 received from 5 the base station 20, At step 3150, the device 2150 preferably transfers the first indication 2170 to the user station 30, such that the first indication 2170 can be presented to the user at the user station 30. However, it will be appreciated that the first indication 2170 may be presented by the 10 device 2150, At step 3160, the user station 30 presents the first indication 2170 to user. This may include displaying the first indication 2170 on the user station's display 34. Optionally, the first indication 2170 may include information warning if the first indication 2170 displayed 15 is incorrect, a malicious entity may exist on the user station 30, and that it is strongly advisable that the user station 30 be formatted, and any other precautionary steps taken to ensure the user's account, identity, or activities are not compromised.
At step 3170, the user determines whether the activity data 2160 received by the base 20 station 20 is correct based on the first indication. 2170 presented by the user station 30. If a Trojan or key logger has been maliciously used to alter the activity data 2160 sent from the user station 30 to the base station 20, the first indication 2170 can be used to indicate that the activity data 2160 received has been compromised, If the user-believes that the activity data 2160 has been altered or is not correct, the user may uncouple the device 2150 from the user station. 30 at step 3180, At step 3190, the user logs off the session. This can involve data being sent to the base station 20 indicating that the user has indicated that the session has been terminated. At step 3200, the base station 20 transfers a challenge to the device 21.50 to determine if the device 21.50 is coupled to 30 the user station 30. At step 3210, the base station 20 determines that the device 2150 has been uncoupled from the user station 30, This may include a time-out period, wherein a response from the device 2150 has not been received, indicating that the device 2150 has been uncoupled. As the activity data 2160 was not authenticated by the user (indicated by the user uncoupling the device 2150 from the user station 30) the activity related to the activity data 2160 is not performed, as indicated by step 3220. For example, a transaction related to transaction data may not be performed due to the transaction data being altered 5 or incorrect.
In the event that the user determines that the activity data 2160 received by the base station 20 is authentic and correct based on the presented first indication 2170, the user indicates that the activity data 2160 is correct at step 3230. This may include pressing a confirmation 10 button using an input device on a user interface of the user station 30.
At step 3240, the user station 30 may transfer, to the base station 20, a second indication 2180 indicative of the confirmation. Preferably, the second indication 2180 is encrypted by the user station 30 and decrypted by the base station 20. The user then logs off the session 15 at step 3250.
At step 3260, the base station 20 generates and transfers a challenge to the device 2150 to ensure that the device 2150 is coupled to the user station 30. At step 3270 the device 2150 responds to the challenge indicating the device 2150 is coupled to 'the user station 30. At 20 step 3280, the related activity is performed, based on the positive authenticity Indicated in the second indication 2180 and the response received from the device 2150.
An alternate example will now be discussed with respect to Figure 13.
Steps 3000 to 3280 are performed similarly to those described in respect of Figures 12A to 12C. If the user decides at step 3280 that the activity data 2160 received by the base station 20 Is correct based on the first indication 2170 presented, the user station 30 transfers a request to the device 2150 to generate a second indication 2180 indicating positive authenticity of the activity data 2160 at step 3300, However, if the user determines that the 30 activity data 2160 is incorrect, the user station 30 transfers a request to the device 2150 to generate a second indication 2180 indicating negative authenticity at step 3310, WO 21)07/062479 At step 3320, the device 2150 generates the second indication 2180 representing the authenticity of the activity data 2160 presented to the user. It is possible that the device 2150 generates a false (incorrect) second indication 2180 to indicate negative authenticity of the activity data 2160 presented, Similarly, the device 2150 may generate a correct 5 second indication 2180 to indicate positive authenticity of the activity data 2160 presented.
At step 3330, the device 2150 encrypts the second indication 21S0. Preferably, the device 2150 embeds a new encryption key in the encrypted second indication 2180.
At step 3340, the device 2150 transfers the encrypted second indication 2180 to the base station 20. It will be appreciated that this may include transferring the encrypted second indication 2180 via the user station 30 if direct communication with the base station 20 is not available or appropriate.
At step 3350, the base station 20 decrypts the encrypted second indication 2180. Preferably, the embedded encryption key is extracted from the encrypted second indication 2180 and the current encryption key is updated after the encrypted second indication 2180 is decrypted.
At step 3360, the base station 20 determines, based on the second indication 2180, whether the activity data 2160 received was authentic. If the second indication 2180 indicates a positive authentication, the 'related activity is performed at step 3370. If the second indication 2180' indicates negative authenticity, the related activity is not performed, as indicated at step 3380.
An example of securely transferring data to a smart card coupled to the device 2150 will now be described with, reference to Figures 14A and 14B.
As shown in. Figure 14A, once the second indication 2180 indicating positive authenticity 30 is sent at step 3260 (which is also shown in Figure 12B), the base station 20 generates smart card data at step 3400. This for example, may be a value indicating funds transfer from the user account to the smart card.
WO 21)07/062479 At step 3410, the base station 20 encrypts the smart card data. At step 3420 the base station 20 transfers encrypted smart card data to the device 2150. At step 3430, the device 2150 decrypts the encrypted smart card data, and at step 3440, the device 2150 transfers the 5 smart, card data to the coupled smart card.
At step 3450, the smart card stores the smart card data. At step 3460, the device 2150 generates a response indicating the smart card data has been transferred and stored in the smart card. At step 3470, the device 2150 encrypts the response. At step 3480, the device 10 2150 transfers the response to the base station 20. At step 3490, the user logs out of the session. The log out using the user station 30 may result in a signal being sent to the base station 20 indicating the session has been completed, At optional steps 3500, 3510 and 3520 (as indicated by dotted outlines), the base station 20 may transfer a challenge to the device 2150 to' determine whether the device 2150 is still coupled to the user station 30, 15 and if the device 2150 is still coupled, respond to the challenge.
Variations Referring to Figure 2D, the identification device 10 may include a third identification code algorithm stored in. the identification device's memory 12, which is transferred from, the 20 identification device 10 to the base station 20, Thus, referring now to Figures 7A to 7D and 8A to 8E, once the second identification code algorithm has been applied and generates the second identification code, the second identification device code is used by the third identification code algorithm, thus generating a third identification code. The identification device 10 then generates the identification response including the third identification, code 25 algorithm, the third identification code, and. the identity data. When the base station 20 receives the identification response 60, the base station 20 reversely applies the third identification code algorithm to obtain the second identification code. Once the base station 20 obtains the second identification code, the base station 20 can apply the first and second identification code algorithms as per Figures 7A to 7D and 8A to 8E so as to 30 regenerate the plurality of device codes.
The first and second and third identification, code algorithms may be separate segments of a total algorithm. Therefore, the identification device 10 may combines the separate segments of the algorithms in order to generate a total algorithm, so as to generate an identification code.
The base station 20 may transfer in the identification request 50 an indicator indicative of an incorrect sub-algorithm. As such, the identification device 10 applies the plurality of sub-algorithms correctly except for the specified sub-algorithm. As such, when the base station 20 regenerates the device codes and creates an identification check code, the 10 identification check code shall be partially incorrect. If the identification check code is partially incorrect, access is granted. If the base station 20 requested a partially incorrect identification check code and the identification check code is correct, access is denied.
It is preferable that the identification device 10 is a lightweight device that typically 15 weighs less than ten grams, perhaps most preferably between five and. ten grams. The identification device 10 may optionally include a hook such that it can be easily attached to a key ring carried by a user. The identification, device 10 is able to fit in a pocket of a person's clothing or a purse/wallet.
The identification device 10 is ideally enclosed in a casing, wherein the casing is substantially difficult to open. The casing prevents hackers from opening the identification device 10 and copying the device codes in an. attempt to reproduce a mimic device. The casing could be welded tight, or include a one-piece moulding. The casing could be made from a rigid material, making it substantially difficult for a hacker to open, and copy the 25 device codes. The casing can. include a self-destruct mechanism such that when the casing is opened, the device codes are damaged or deleted from memory substantially preventing a hacker copying the identification device 10.
The identification device 10 may include a serial number imprinted on the outside of the 30 case. The serial number is a reference number that the base station 20 can use to identify the device. The serial number may be recorded in the base station's data store 22 such that WO 21)07/062479 a record is kept by the base station 20 as to which user possesses a particular identification device 10, It is preferable that the identification device 10 includes security juou-Uion against false 5 identification, requests. A hacker may attempt to send a false identification request to the identification device 10 to determine the device codes. The false properties of the identification request 50 may be determined from time and date stamps, incorrect formatting, or any other properties included in the identification request 50, which cm indicate to the identification device 10 that a false request has been received. As such, the 10 identification device 10 detects the false identification request 50 and produces a false identification response 60, therefore providing the hacker with no indication as to whether the identification request 50 was correct, and also providing the hacker with incorrect information. The identification device 10 may generate a random number, preferably using electronic interference (as previously discussed), in order to generate a false identification. 15 code. When the identification device 10 is coupled to a user station 30, a data log is sent to the base station 20 to record tampering with the identification device 10. This can preferably be used as input for changing the identification algorithm codes. It is preferable that the base station 20 can. indicate to the identification device 10 that the log is to be cleared from the identification device store 12, This may be performed by the base station 20 20 transferring data to the identification, device 10 indicative of clearing the log from the identification device store 12. The base station 20 may transfer data, indicative of requesting the identification device 10' to clear the store 12 of the data log at the discretion of the base station 20.
The identification device's memory 12 (also known as the store) may have a capacity that varies between a few bytes up to a number of gigabytes.
Preferably, the identification device 10 includes an internal power source to power the identification device 10. Whilst the identification device 10 is coupled to the user station 30 30, the power supply may recharge. Alternatively, the identification device 10 may be a passive device, wherein the identification device 1.0 is powered whilst coupled to the user station 30.
WO 21)07/062479 When the identification device 10 recognises that it has been coupled to a user station 30, the identification device 10 may install driver software included on the identification device 10 onto the user station 30. This helps prevent previously installed driver software 5 from being tampered with and being used by the identification, device 10, The identification device 10 may also update the driver software whilst coupled to the user station 30. This may include the base station 20 recognising that a new version of driver software exists and transfers, via the user station 30, the updated driver software to the 10 identification device 10.
The plurality of random numbers generated by the base station 20 may be formatted in a particular order prior to being transferred to the identification device 10. For example, the base station 20 may require that the third random number is not larger than the first 15 random number.
Optionally, two or more identification devices 10 may be coupled to a user station 30 in order to authenticate associated users simultaneously. For example, a business may require two or more identifications in order to perform a. transaction. Therefore, two or more 20 identification devices 10 may be coupled to the user station 30 and each identification code requires authentication before the transaction is allowed to continue.
The identification device 10 may preferably include a smart card, port to couple with smart cards or similar devices.
The identification device 10 optionally includes continual session authentication, wherein a plurality of identification requests are received throughout the session whilst the base station provides granted access. The base station 20 may request authentication that the identification device 10 is still coupled to the user station 30 preventing the removal of the 30 identification device 10 from the user station 30 during the granted access. This feature also prevents a connection to the base station 20 being left open, liable for security attacks. Therefore, if the identification device 10 is uncoupled from the user station 30, the granted access from the base station 20 is terminated. Failure of the identification device 10 to transfer an identification response to the base station 20 within a time period may result in the granted access being terminated.
The identification device 10 may include a temperature sensor to measure the temperature of the identification device 10, If the temperature measured using the sensor is determined to be outside a predefined temperature range including a minimum and maximum threshold, the device codes are deleted or damaged in the identification device 10, It is preferable that the authentication of the username and the password occur prior to the authentication of the identification device 10, However, it is appreciated that the authentication process could occur at substantially the same time or in a reverse order.
Optionally, if the user station 30 or identification device 10 is idle for a particular period of 15 time whilst access is granted, the session may be terminated by the base station 20, thus authentication may again be required.
The identification system, 1 is not limited to internet access, as it equally applies to any form of network access authorisation such as complementing an. existing customer card. 20 personal identification number utilised for Automatic Teller Machines or EFTPOS devices.
The identification, system 1 optionally includes multiple base stations 20, The secure information, stored on each base station 20 may be different to information stored on other base stations 20 in the network. However, all base stations 20 in the network share records 25 including the identification check code, such that a single identification device 10 can be used for different base stations 20.
Optionally, other information may be recorded in the base station's data store 22. This may include information indicative of particular states of the identification device 10 such as if 30 it has been issued, lost, damaged, or stolen, with associated, dates and. times may also be stored. Other details that are recorded may include login details such as times of authentication, session periods, transfer of data,, processes carried out.
WO 21)07/062479 It Is preferable that the identification system 1 includes a backup server able to backup information stored in the base station 20. Preferably the data is backed up daily, such that if the data becomes corrupted, the data can be restored in a timely manner.
Optionally, the base station 20 may include software that generates and transmits reports containing activity details, activity warnings, general warnings and details of suspected fraudulent activities as well as statistical and management information. It is also preferable that the base station 20 includes software that summarises all activities by a base station 20 10 for a particular time period.
It is preferable that each base station 20 generates different identification check codes for a user. Therefore, each identification check code converter may be different at each base station 20 as it uses a different algorithm to generate the identification check code for a 15 particular customer. Thus, if one particular base station's records is compromised, other base station's records are not compromised as a different algorithm is used at each base station to generate the identification check code.
Referring to Figures 10, 11, 12A to' 12C, 13A to 13B, and 14, the method of encrypting 20 data and decrypting data is preferably similar to that used for determining the identity of the user using the identification device 10. As such, the methods used in Figures 2A to 2D can be used when encrypting and decrypting activity data 2160 transferred between the user station 30, base station 20 and device 2150 such as to create a more secure transfer of activity data 2160 during the session of data, As the encryption method of the identification method and system can be used for the authentication method and system, it will be appreciated that data transferred from the device 2150 to the base station may include a first data transfer algorithm, such that the base station 20 can generate a response in accordance 'with the first data transfer algorithm. 30 The first data transfer algorithm may be randomly selected by the device 2150 from a plurality of predetermined algorithms. Alternatively, the device 2150 may randomly generate a first data transfer algorithm each time data is to be transferred to the base station 20.
The device 2150 may randomly select or generate the first data transfer algorithm, by 5 measuring electronic interference (also known as "white noise") so as to generate real random numbers rather than, pseudo-random numbers. The real random numbers are then used to either randomly select the first data transfer algorithm from a plurality of stored algorithms, or alternatively generate, based on the real random numbers, the first data transfer algorithm. The first data transfer algorithm may be embedded in the data to be 10 transferred and the data, including the algorithm, is encrypted, prior to being transferred. Thus, once the base station .20 extracts the first data transfer algorithm, the base station 20 uses the first data transfer algorithm to generate a response.
The device 2150 may include in the store a second data transfer algorithm similar to the second identification code algorithm described above, wherein, the device 2150 generates the data to be transferred to the base station 20 in accordance with, the second data transfer algorithm. The device includes an identity which is included in the data sent to the base station 20, wherein the base station uses the device's identity and records stored at the base station store to determine the second data transfer algorithm used by the device. Once the 20 base station determines, using the device's identity and base station records, the second algorithm used by the device 2150, the base station 20 reversely applies the determined second data transfer algorithm to decode the data sent from the device 2150..
The base station 20 may additionally or alternatively randomly select or generate a third 25 data transfer algorithm and. embed this in the response which, is to be sent to back to the device 2150, The second, and third data transfer algorithms may operate as segments which are combined and then applied to the data to be transferred to generate a response to be sent to the base station 20. Alternatively, the second, and third data transfer algorithms may be applied sequentially by the device 2150 to the data before being transferred to the base 30 station. 20. Therefore, when the device 21.50 receives a response from the base station 20, the third, data transfer algorithm is extracted, and when any further data is to be transferred WO 21)07/062479 to the base station 20, the device 2150 uses the second and third data transfer algorithms to generate the data to be transferred to the base station 20, Alternatively, if the device does not include a stored second data transfer algorithm, the 5 received third data transfer algorithm may be used by itself to generate the data, to be transferred to the base station 20. It will be appreciated that the first, second, and third data transfer algorithms may be encryption algorithms.
The transfer of first and third data transfer algorithms allows for a more secure method of 10 transferring data. If an observer determines the set of algorithms used in one request or response, the observer may not be able to reapply the determined set of algorithms for a. subsequent request or response as the set of algorithms used has randomly changed. Furthermore, the security of the authentication is increased due to new encryption keys being generated and transferred by the device 2150 to the base station 20 when data is 15 being transferred.
It will be appreciated that the generation and transfer of the first and third identification, code algorithms and the application of the first, second and third identification code algorithms for the identification device 10 and system 1 discussed above can be similarly 20 applied for generating and transferring the first and third data transfer algorithms and. for applying the first, second and third data transfer algorithms for the device 2150 and authentication method, and system.
It will also be appreciated that if the identification device 10 is the device 2150, the method 25 and system of generating the first and second algorithms discussed above for the identification method and system can. also be used for generating and transferring the first and third data transfer algorithms, and applying the first, second and third data transfer algorithms.
It will also be appreciated that the base station may randomly select or generate the third, data transfer algorithm using electrical interference similar to that used by the device 2150 and the identification device 10.
WO 21)07/062479 As would be clear from the above examples, it will also be appreciated that each response transferred from the identification, device 10 or device 21.50 includes a new embedded encryption key, wherein when the base station. 20 extracts the new embedded encryption 5 key, the current encryption key stored in the base station 20 is updated, such that, any further encryption or decryption performed by the base station .20 uses of the new encryption key.
In another form, when the identification, device 10 transfers the identification response 60, 10 the device 10 embeds the first data transfer algoritlim in the identification response 60. The first data transfer algorithm is extracted by the base station 20, and stored in memory. When the base station 20 generates the first indication 2170, the base station. 20 generates the first, indication 2170 in accordance with the first data transfer algorithm which was extracted from the identification, response 60. Additionally or alternatively, the 15 identification response 60 may be embedded with an encryption key, which the base station extracts, such that when the first indication is generated, the extracted, encryption key is used to encrypt the first indication 2170.
Although, the present invention has been, described in. terms of the presently preferred 20 embodiments, it is to be understood that the disclosure is not to be interpreted as limiting. Various alterations and modifications will no doubt become apparent to those skilled in the art after having read the above disclosure. All such alterations and modifications should be considered, within the spirit and scope of the invention as broadly herein before described.

Claims (40)

RECEIVED at IPONZ on 12 September 2011 C:WRP«1bRDCC\HFSU73182^i.tX>C-7*W20! I - 66 -CLAIMS
1. A method of authenticating activity data received by a base station, wherein the activity data relates to an activity, wherein the method includes, in the base station: 5 receiving data including a first algorithm, selected from a plurality of algorithms by a device in data communication with the base station, and a request to generate and transfer a first indication of the activity data received by the base station; generating a response, using the first algorithm, indicative of a first indication of the activity data received by the base station; 10 transferring the response to the device, wherein the device transfers the first indication to a user station, thereby allowing determination of the authenticity of the activity data, and wherein the user station transfers to the device a request to generate a second indication indicating the authenticity of the activity data; receiving, from the device, the second indication of the determination; and 15 in response to a positive authentication, performing the activity.
2, The method according to claim 1, wherein the method includes the base station generating the first indication which represents at least some of the activity data received. 20
3. The method according to claim. 1 or 2, wherein the request is encrypted, wherein the method includes the base station using a current encryption key to decrypt the request.
4. The method according to claim 3, wherein the request includes a new encryption key, wherein when the request has been decrypted, the method includes the base station 25 updating the current encryption key with the new encryption key.
5. The method according to claim 4, wherein the method includes the base station encrypting the first indication using the new encryption key. 30
6. The method according to claim 5, wherein the new encryption key is embedded in the request, wherein the method includes the base station extracting the new encryption key from the request. RECEIVED at IPONZ on 17 October 2011 C :\NRPonbi\DCC\HF S\3928599_ I. DOC -12/10/2011 -67-
7. The method according to any one of claims 4 to 6, wherein the method includes the base station using the current encryption key to decrypt the second indication.
8. The method according to claim 7, wherein the second indication includes a further 5 new encryption key, wherein the method includes the base station extracting the further new encryption key and updating the current encryption key.
9. The method according to any one of claims 1 to 8, wherein the method includes the base station: 10 selecting or generating a second algorithm; and generating the response, wherein the response is indicative of the second algorithm.
10. The method according to any one of claims 1 to 9, wherein the method includes the base station transferring the first indication to the device via the user station, wherein the 15 device is coupled to the user station.
11. The method according to claim 10, wherein after the second indication is received, the method includes the base station generating a challenge to determine whether the device is coupled to the user station, and transferring the challenge to the device. 20
12. The method according to any one of claims 3 to 11, wherein a smart card is coupled to the device and the activity data is related to the smart card, the method includes the base station generating smart card data in response to the positive authentication, wherein the smart card data is to be transferred to the smart card. 25
13. The method according to claim 12, wherein the method includes the base station encrypting the smart card data using the current encryption key.
14. The method according to claim 13, wherein the base station receives a response 30 from the smart card indicating the smart card data was received and stored in the smart card. RECEIVED at IPONZ on 17 October 2011 * C:\NRPortbl\DCC\HFS\3928599_l DOC-12/10/2011 -68-
15. The method according to any one of claims 1 to 14, wherein the method includes: receiving an identification response from the device, wherein the identification response is indicative of the first algorithm; and 5 using the first algorithm to generate the first indication.
16. A base station used for authenticating activity data received by the base station, wherein the activity data relates to an activity, wherein the base station includes a processing system configured to: receive data including a first algorithm selected from a plurality of algorithms by a device in data communication with the base station, and a request to generate and transfer a first indication of the activity data received by the base station; generate a response, using the first algorithm, indicative of a first indication of the activity data received by the base station; transfer the response to the device, wherein the device transfers the first indication to a user station thereby allowing determination of the authenticity of the activity data, and wherein the user station transfers to the device a request to generate a second indication indicating the authenticity of the activity data; receive, from the device, the second indication of the determination; and in response to a positive authentication, perform the activity.
17. The base station according to claim 16, wherein the base station is adapted to perform the method of any one of claims 1 to 15. 25 18. A method of authenticating activity data received by a base station, wherein the activity data relates to an activity, wherein the method includes, in a device: generating data including a first algorithm selected from a plurality of algorithms by the device, and a request for a first indication of the activity data; transferring the data to the base station; 30 receiving, from the base station, a response including the first indication of the activity data received by the base station, wherein the first indication is encrypted; decrypting the encrypted first indication, 15
RECEIVED at IPONZ on 12 September 2011
C: WotMJCCWRTO S1 KM J D0C-M»ffl) i 1 - 69 - transferring the first indication to a user station thereby allowing determination of the authenticity of the activity data; receiving, from the user station, a request to generate a second indication indicating the authenticity of the activity data; 5 generating the second indication; encrypting the second indication; and transferring, to the base station, the encrypted second indication, wherein in response to a positive authentication, the activity is performed. 10 19, The method according to claim 18, wherein the method includes the device generating a request for the first indication, and transferring the request to the base station,
20, The method according to claim 18 or 19, wherein the method includes one of: the device randomly selecting the first algorithm from a plurality of predetermined 15 first algorithms; the device randomly generating the first algorithm.
21, The method according to claim 20, wherein the method includes the device using electrical interference to randomly generate or select the first algorithm. 20
22, The method according to any one of claims 18 to 21, wherein the method includes: the device receiving the response from the base station, wherein the response is indicative of a second algorithm; and the device using the second algorithm to generate data indicative of the second 25 indication.
23, The method according to any one of claims. 18 to 22, wherein the method includes the device receiving the first indication and transferring the second indication to the base station via a user station, wherein the device is coupled to the user station,
24. The method according to claim 23, wherein the device is coupled to a user station, wherein the method includes the device receiving a challenge, from the base station. RECEIVED at IPONZ on 17 October 2011 * * C:\HRPortbl\DCC\HFS\3928599_l.DOC'12/10/2011 -70- requesting a response from the device indicating that the device is coupled to the user station, and wherein the device generates a response to the challenge indicating the device is coupled to the user station. 5
25. The method according to any one of claims 19 to 24, wherein the method includes the device encrypting the request.
26. The method according to claim 25, wherein the method includes the device generating a new encryption key, and embedding the new encryption key in the request. 10
27. The method according to claim 26, wherein the device updates a current encryption key with the new encryption key after encrypting the request.
28. The method according to claim 22, wherein the device includes a third data transfer 15 algorithm, wherein the method includes the device using the third data transfer algorithm to generate data indicative of the second indication.
29. The method according to claim 27, wherein the method includes the device decrypting the encrypted first indication using the current encryption key. 20
30. The method according to claim 23, wherein the device receives from the user station an indication of authenticity, wherein the device generates the second indication indicative of the authenticity of the activity data, 25
31. The method according to claim 28, wherein the method includes the device combining the second transfer algorithm and third transfer algorithm to generate the second indication.
32. A device for authenticating activity data received by a base station, wherein the 30 activity data relates to an activity, wherein the device includes a processor configured to: RECEIVED at IPONZ on 17 October 2011 C :\NRPortbl\DCC\HFS\3928599. 1 DOC-12/10/2011 -71 - generate data including a first algorithm selected from a plurality of algorithms by the device, and a request for a first indication of the activity data; transfer the data to the base station; receive, from a base station, a response including the first indication of the activity 5 data received by the base station, wherein the first indication is encrypted; decrypt the encrypted first indication; transfer the first indication to a user station thereby allowing determination of the authenticity of the activity data; receive, from the user station, a request to generate a second indication indicating 10 the authenticity of the activity data; generating the second indication; encrypting the second indication; and transfer, to the base station, the encrypted second indication, wherein in response to a positive authentication, the activity is performed. 15
33. The device according to claim 32, wherein the device is adapted to perform the method of any one of claims 18 to 31.
34. A method of authenticating activity data by a system including a base station and a 20 device, wherein the method includes: the base station performing the method of any one of claims 1 to 15; and the device performing the method of any one of claims 18 to 31.
35. A system for authenticating activity data, wherein the system includes: 25 a base station according to claim 16 or 17; and a device according to claim 32 or 33.
36. A method of authenticating activity data by a base station, the method being substantially hereinbefore described with reference to the accompanying drawings. 30
37. A method of authenticating activity data by a device, the method being RECEIVED at IPONZ on 12 September 2011 C:UWonbnDCttHF!KP5ia24. J.DOC»7JQW20J I - 72 - substantially hereinbefore described with reference to the accompanying drawings.
38. A base station for authenticating activity data, the base station being substantially hereinbefore described with reference to the accompanying drawings. 5
39. A device for authenticating activity data, the device being substantially hereinbefore described with reference to the accompanying drawings.
40. A system of authenticating activity data, the system being substantially 10 hereinbefore described with reference to the accompanying drawings.
NZ568588A 2005-11-30 2006-11-30 Authenticating a user and providing a secure electronic communication link NZ568588A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2005906717A AU2005906717A0 (en) 2005-11-30 Authentication and identification system and method
PCT/AU2006/001825 WO2007062479A1 (en) 2005-11-30 2006-11-30 Authentication and identification system and method

Publications (1)

Publication Number Publication Date
NZ568588A true NZ568588A (en) 2011-11-25

Family

ID=38091808

Family Applications (1)

Application Number Title Priority Date Filing Date
NZ568588A NZ568588A (en) 2005-11-30 2006-11-30 Authenticating a user and providing a secure electronic communication link

Country Status (2)

Country Link
NZ (1) NZ568588A (en)
WO (1) WO2007062479A1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11122240A (en) * 1997-10-17 1999-04-30 Fuji Xerox Co Ltd Decoder, decoding method, access right authentication system and method therefor
US6760711B1 (en) * 1999-01-11 2004-07-06 Microsoft Corporation Merchant owned, ISP-hosted online stores with secure data store
US6779115B1 (en) * 2000-02-18 2004-08-17 Digital5, Inc. Portable device using a smart card to receive and decrypt digital data
US6678821B1 (en) * 2000-03-23 2004-01-13 E-Witness Inc. Method and system for restricting access to the private key of a user in a public key infrastructure

Also Published As

Publication number Publication date
WO2007062479A1 (en) 2007-06-07

Similar Documents

Publication Publication Date Title
US8156548B2 (en) Identification and authentication system and method
US20210226798A1 (en) Authentication in ubiquitous environment
ES2599985T3 (en) Validation at any time for verification tokens
US7254706B2 (en) System and method for downloading of files to a secure terminal
EP2143028B1 (en) Secure pin management
US7366916B2 (en) Method and apparatus for an encrypting keyboard
US7676430B2 (en) System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset
US7526652B2 (en) Secure PIN management
CN101512959B (en) Information processing apparatus and information management method
CN100533459C (en) Data safety reading method and safety storage apparatus thereof
US20080195858A1 (en) Method and Apparatus For Accessing an Electronic Device by a Data Terminal
US20110302646A1 (en) System and methods for online authentication
KR20030074483A (en) Service providing system in which services are provided from service provider apparatus to service user apparatus via network
CN101334915A (en) Biometric authentication apparatus, terminal device and automatic transaction machine
CN1954345B (en) Smart card data transaction system and method for providing storage and transmission security
CN1333610A (en) Method for identifying user
Freundenthal et al. Personal security environment on palm pda
WO2011058629A1 (en) Information management system
AU2006319761B2 (en) Authentication and identification system and method
AU2005246892B2 (en) Identification system and method
EP1757110A1 (en) Identification system and method
Bakker Mutual authentication with smart cards
NZ568588A (en) Authenticating a user and providing a secure electronic communication link
KR20190004250A (en) Method for Providing Non-Faced Transaction by using Appointed Terminal
KR101471006B1 (en) Method for Operating Certificate

Legal Events

Date Code Title Description
PSEA Patent sealed
RENW Renewal (renewal fees accepted)
RENW Renewal (renewal fees accepted)

Free format text: PATENT RENEWED FOR 3 YEARS UNTIL 30 NOV 2016 BY CPA GLOBAL

Effective date: 20131018

LAPS Patent lapsed