NZ761244B2 - Method of authentication, server and electronic identity device - Google Patents
Method of authentication, server and electronic identity deviceInfo
- Publication number
- NZ761244B2 NZ761244B2 NZ761244A NZ76124420A NZ761244B2 NZ 761244 B2 NZ761244 B2 NZ 761244B2 NZ 761244 A NZ761244 A NZ 761244A NZ 76124420 A NZ76124420 A NZ 76124420A NZ 761244 B2 NZ761244 B2 NZ 761244B2
- Authority
- NZ
- New Zealand
- Prior art keywords
- identity device
- electronic identity
- visual element
- individual
- verification code
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract 16
- 230000000007 visual effect Effects 0.000 claims abstract 25
- 238000012795 verification Methods 0.000 claims abstract 24
- 238000000605 extraction Methods 0.000 claims abstract 4
- YSMRWXYRXBRSND-UHFFFAOYSA-N TOTP Chemical compound CC1=CC=CC=C1OP(=O)(OC=1C(=CC=CC=1)C)OC1=CC=CC=C1C YSMRWXYRXBRSND-UHFFFAOYSA-N 0.000 claims 2
- 238000004590 computer program Methods 0.000 claims 2
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/06009—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
- G06K19/06037—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07D—HANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
- G07D7/00—Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
- G07D7/004—Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0846—On-card display means
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/12—Card verification
- G07F7/125—Offline card verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Abstract
The invention proposes a method of authentication of an electronic identity device (1) presented by an individual, the method being characterized in that it comprises the implementation of steps of: (b) Reception by data processing means (21) of a server (2) of an acquired image of said electronic identity device (1), the image representing at least one personal visual element of the individual and a dynamic verification code that are visible on said electronic identity device (1), said dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element; (c) Extraction, by analysis of said acquired image by the data processing means (21) of the server (2), of: ? an item of candidate information representative of the appearance of said visual element as represented in the acquired image; ? the reference information representative of the expected appearance of said visual element contained in said dynamic verification code as represented in the acquired image; (d) Verification by the data processing means (21) of the server (2) that the extracted candidate information and reference information match.
Claims (15)
1. A method of authentication of an electronic identity device presented by an individual, the method comprising the implementation of steps of: (b) reception by a data processor of a server, of an acquired image of said electronic identity device, the image representing at least one personal visual element of the individual and a dynamic verification code that are visible on said electronic identity device, said dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element, said visual element visible on said electronic identity device being a graphic element, in particular a photograph or a handwritten signature of the individual, the reference information representative of an expected appearance of said graphic element being Digital Photo Seal type security data; (c) extraction by analysis of said acquired image by the data processor of the server of: - an item of candidate information representative of the appearance of said visual element as represented in the acquired image; - the reference information representative of the expected appearance of said visual element contained in said dynamic verification code as represented in the acquired image; (d) verification by the data processor of the server that the extracted item of candidate information and reference information match.
2. The method according to claim 1, comprising a step (a) of displaying by display means said dynamic verification code from said electronic identity device.
3. The method according to claim 2, wherein the step (a) comprises the preliminary generation of said dynamic verification code by a data processor of said electronic identity device based on at least said reference information representative of an expected appearance of said visual element and a one-time password, (OTP).
4. The method according to claim 3, wherein the step (a) and the step (c) each comprise the generation of said OTP, respectively by the data processor of the electronic identity device and the data processor of the server based on a shared secret;
5. The method according to claim 4, wherein said one-time password is a time-based one-time password, TOTP, the generation of said TOTP by the data processing means of the electronic identity device and the data processor of the server also being based on time information. 1004994414
6. The method according to claim 3, wherein said dynamic verification code also contains at least one descriptive data from said OTP generated by the data processor of the electronic identity device, step (c) also comprising the extraction of the descriptive data from said OTP contained in said dynamic verification code as represented in the acquired image, step (d) also comprising the verification that the OTP generated by the data processor of the server matches said descriptive data of the extracted OTP.
7. The method according to claim 2, wherein said dynamic verification code is displayed in the form of a QR code and/or an alphanumeric code.
8. The method according to claim 1, wherein said dynamic verification code also contains an electronic signature of said reference information representative of an expected appearance of said visual element, step (c) also comprising the extraction of the electronic signature contained in said dynamic verification code as represented in the acquired image, step (d) also comprising the verification that said extracted electronic signature is valid.
9. The method according to claim 1, wherein said personal visual element of the individual is printed on the electronic identity device.
10. An authentication server, comprising a data processor configured for: - receiving an acquired image of an electronic identity device presented by an individual, the image representing at least one personal visual element of the individual and a dynamic verification code that are visible on said electronic identity device, said dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element, said visual element visible on said electronic identity device being a graphic element, in particular a photograph or a handwritten signature of the individual, the reference information representative of an expected appearance of said graphic element being Digital Photo Seal type security data; - extracting, by analysis of said acquired image: - an item of candidate information representative of the appearance of said visual element as represented in the acquired image; - the reference information representative of the expected appearance of said visual element contained in said dynamic verification code as represented in the acquired image; verifying that the extracted candidate information and reference information match.
11. An electronic identity device of an individual, the electronic identity device configured to: display at least one personal visual element of said individual on said electronic identity device, 1004994414 said visual element being a graphic element that is a photograph or a handwritten signature of the individual, generate and display a dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element, the reference information representative of an expected appearance of said graphic element being Digital Photo Seal type security data.
12. The device according to claim 11, including a data processor configured for preliminarily generating a one-time password (OTP), said dynamic verification code being generated based on at least said reference information representative of an expected appearance of said visual element and of said generated OTP.
13. An authentication system comprising: an authentication server according to claim 10; at least one electronic identity device of an individual on which at least one personal visual element of said individual is visible, said visual element visible on said electronic identity device being a graphic element, in particular a photograph or a handwritten signature of the individual, wherein the electronic identity device comprises a data processor configured for generating and displaying on display means a dynamic verification code containing at least one item of reference information representative of an expected appearance of said visual element, the reference information representative of an expected appearance of said graphic element being the Digital Photo Seal type security data, and at least one client equipment comprising a scanner or camera for the acquisition of said image representing at least the personal visual element of the individual and the dynamic verification code that are visible on said electronic identity device.
14. A non-transitory computer program product comprising code instructions for the execution of a method according to claim 1 of authenticating an electronic identity device presented by an individual, when said method is executed on a computer.
15. A non-transitory storage means readable by a computer equipment on which a computer program product comprises code instructions for the execution of a method according to claim 1 of authenticating an electronic identity device presented by an individual.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1901001A FR3092414B1 (en) | 2019-02-01 | 2019-02-01 | Authentication process, server and electronic identity device |
Publications (2)
Publication Number | Publication Date |
---|---|
NZ761244A NZ761244A (en) | 2024-01-26 |
NZ761244B2 true NZ761244B2 (en) | 2024-04-30 |
Family
ID=
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11080384B2 (en) | Systems and methods for authentication using digital signature with biometrics | |
US9396383B2 (en) | System, method and computer program for verifying a signatory of a document | |
EP3223483B1 (en) | Voice print verification method and apparatus, storage medium and device | |
US20170243097A1 (en) | Method and apparatus for decoding or generating multi-layer color or code, method for recommending setting parameters in generation of multi-layer or code, and product comprising multi-layer color or code | |
WO2019075840A1 (en) | Identity verification method and apparatus, storage medium and computer device | |
US20150143483A1 (en) | Device and Method for Identity Authentication Management | |
US20160358298A1 (en) | Dynamic digital watermark | |
EP3807794B1 (en) | Age verification | |
JP2020524860A (en) | Identity authentication method and device, electronic device, computer program and storage medium | |
EP3264309B1 (en) | Information processing method and terminal, and a computer storage medium | |
Hossain et al. | Improving cloud data security through hybrid verification technique based on biometrics and encryption system | |
CN106503527A (en) | A kind of method and apparatus of electronic document fingerprint signature | |
US20180097805A1 (en) | Pharmacy Authentication Methods and Systems | |
CN112085643A (en) | Image desensitization processing method, verification method, device, equipment and medium | |
US20180124034A1 (en) | Image based method, system and computer program product to authenticate user identity | |
NZ761244B2 (en) | Method of authentication, server and electronic identity device | |
US20160306959A1 (en) | Method of authentication | |
US20160342783A1 (en) | Visual obfuscation security device, method and system | |
US20230133702A1 (en) | System, Method, and Computer Program Product for Sensitive Data Obfuscation | |
WO2018113803A1 (en) | Multi-factor authentication method | |
KR102361950B1 (en) | System and method for detecting object data for learning and applying ai | |
CN110197246B (en) | Self-anti-counterfeiting multi-dimensional bar code generation and verification method, device and system | |
EP3671503A1 (en) | Graphometric document signing method and system | |
CN115730952A (en) | Method, device, equipment and medium for embedding and authenticating invisible image identity code | |
CN115270091A (en) | Data processing method and device |