SE1551518A1 - Method and system for secure storage of information - Google Patents

Method and system for secure storage of information Download PDF

Info

Publication number
SE1551518A1
SE1551518A1 SE1551518A SE1551518A SE1551518A1 SE 1551518 A1 SE1551518 A1 SE 1551518A1 SE 1551518 A SE1551518 A SE 1551518A SE 1551518 A SE1551518 A SE 1551518A SE 1551518 A1 SE1551518 A1 SE 1551518A1
Authority
SE
Sweden
Prior art keywords
information
user device
user
biometric
local computing
Prior art date
Application number
SE1551518A
Other languages
Swedish (sv)
Inventor
Lundin Philip
Abidin Aysajan
Original Assignee
Authentico Tech Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Authentico Tech Ab filed Critical Authentico Tech Ab
Priority to SE1551518A priority Critical patent/SE1551518A1/en
Priority to PCT/SE2016/051158 priority patent/WO2017091133A1/en
Publication of SE1551518A1 publication Critical patent/SE1551518A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

The present invention relätes to a method for secure storage of information in a user device comprising a biometric reader; the method comprises entering information X on a user device; acquiring biometric informationfrom a user; generating a keyand a helper stringusing the biometric readingby means of a fuzzy extractor generation algorithm; storing P on the user device; encrypting X using R resulting in a cipher text C; storing C on the user device; and deletingthe biometric reading b and the key R from the user device. The method further comprises, in a local computing device, requesting X from the user device; in the user device, acquiring biometric information b' from the user; if b' is approximately equal to b, reproducing R' = R from b' and P using a fuzzy extractor reproduction algorithm; decrypting C, using R, to acquire the X; and providing the information X from the user device to the local computing device via a secure connection.Publication fig: Fig 1

Description

METHOD AND SYSTEM FOR SECURE STORAGE OF INFORMATION Field of the lnvention The present invention relates to a method and a system for securestorage of information. ln particular, the present invention relates to thesecure storage of sensitive information on a user device comprising a biometric reader.
Backqround of the lnvention When internet users perform online transactions such as an onlinepurchase or when logging in to an online service provider, they are oftenrequired to provide sensitive information to the service provider. For example,when internet users want to buy something online or pay for services online,they are often presented with two choices. Either the users have to manuallyenter personal information along with credit card information, or the users canregister themselves at the online store or service provider and save creditcard information and/or other personal information there, so that they do notneed to enter their credit card information each time they pay for the goods orservices consumed. All that is needed is to login to the website of an onlinestore or service provider.
Due to the inconvenience of manually entering information such as thecredit card information, the latter option is the most widely chosen option bythe users. ln the latter approach, however, the users need to trust that theservice providers or online stores put in place adequate security measures toprotect the credit card information in their database from being stolen, and toencrypt the information so that it stays secure even if the database iscompromised. As can be witnessed today, many service providers do not inemploy sufficient security measures to protect sensitive information like creditcard information. Or even when they do, the security measures may be easyto bypass by smart, dedicated attackers/hackers. Moreover, newvulnerabilities in security solutions believed to be secure are continuously discovered.
Accordingly, there is a need for secure storage of sensitive informationwhich is sufficiently easy to use to be attractive to the user.
Summaryln view of above-mentioned and other drawbacks of the prior art, it is an objective of the present invention to provide a method and system forsecure storage of information in user device, where the secure informationcan be requested from the user deice by a local computing device.According to a first aspect of the invention, there is provided a methodfor secure storage of information in a user device comprising a biometricreader; the method comprising the steps of: entering information X on a userdevice; acquiring biometric information b from a user using the biometricreader of the user device; generating a key R and a he|per string P using thebiometric reading b by means of a fuzzy extractor generation algorithm;storing P on the user device; encrypting the information X using the key Rresulting in a cipher text C; storing the cipher text C on the user device; anddeleting the information X, the biometric reading b and the key R from theuser device. The method further comprises, in a local computing device,requesting the information X from the user device; in the user device,acquiring biometric information b' from the user; if b' is approximately equal tob, reproducing R' = R from b' and P using a fuzzy extractor reproductionalgorithm; decrypting the cipher text C, using R, to acquire the information X;and providing the information X from the user device to the local computingdevice via a secure connection.ln the present context, the information may for example be aninformation string, such as a string of characters manually input by the useron the user device. The information may also comprise an image, a filestructure etc. located on or acquired by the user device. ln principle, thepresent invention can be applied for any type of digitally encoded information.The user device may for example be a smartphone comprising a biometric reader such as a fingerprint sensor. However, also other types of user devices comprising other types of biometric readers, such as a retinal scanner, can be used in various embodiments of the present invention. Forexample, the user device may be a card reader terminal, or a dedicated loginterminal where one or more users may enter sensitive information.
A fuzzy extractor is a method for generating strong keys from a fuzzyinput such a biometric reading. The basic principle of operation of a fuzzyextractor is that a generation algorithm converts biometric data into randomstrings, which makes it possible to apply cryptographic techniques forbiometric security, to encrypt and authenticate information with biometricinputs as a key. A first biometric reading b is stored as a biometric template.Based on a public helper string P, the encrypted information can berecovered if a second biometric reading b' is sufficiently similar to thetemplate biometric reading b using a reproduction algorithm of the fuzzyextractor. The precise amount by how much the second biometric reading b'may differ from the biometric template b for the two readings to be considereda match, i.e. b'= b, is determined by the specific fuzzy extractor algorithmsused and can be selected based on requirement of the application in whichthe fuzzy extractor is implemented. Accordingly, it is in principle sufficient thatb' is approximately similar to b for X to be extracted, hence the term “fuzzy”. ln the present context, the local computing device may for example bea stationary computer, a laptop, a tablet computer or the like.
The secure connection between the user device and the localcomputing device may be a wired connection, e.g. via USB, or a wirelessconnection such as WiFi, Bluetooth or the like, where sufficient encryption orsecure communication protocols are employed.
The present invention is based on the realization that a fuzzy extractorfunctionality in a user device comprising biometric reader can provide aconvenient way for a user to securely store sensitive information on the userdevice. As more and more handheld devices such as smartphones comeequipped with biometric readers, and in particular with fingerprint sensors,new opportunities for protecting user information arise. ln particular, the present invention provides a simple but securesolution for handling sensitive information on the user side so that the users do not have to manually perform the tedious task of entering the sensitiveinformation without resorting themselves to the potentially dangerousapproach of storing sensitive information on the service providers.
According to one embodiment of the invention, the information maycomprise credit card information enabling a purchase. Thereby, the creditcard information can be enrolled and securely stored on the user device suchthat when the credit card number is required to complete an online purchaseor online booking initiated on the local computer, the credit card number canreadily be provided to the local computer from the user device by acquiring abiometric reading from the user. ln one embodiment of the invention the information may comprisepersonal identifying information enabling an identification of a user. Forexample, the personal identifying information may be selected from the groupcomprising passport information, identification card information, DNAinformation and biometric information, which all represent types of informationthat a user may want to store securely on a user device. Accordingly, therecan be different types of information that may be used for onlineauthentication and verification. The stored information may also relate to thehealth status of a user, it may comprise passwords, bank account numbers,IP-addresses and the like. Thereby, since a user may be hesitant to allowsuch personal information to be stored in a database of a service provider,embodiments of the present invention allow safe storage on a user device forall types of sensitive personal information.
According to one embodiment of the invention, the method may furthercomprise, after the step of providing the information X from the user device tothe local computing device, deleting R and X from the user device. To ensurethat no sensitive information remains on the user device after retrieval of thestored information X, the reproduced key R'=R is deleted from the user deviceonce the information X has been retrieved and the information X is deletedfrom the user device after it has been provided to the local computing device.
According to one embodiment of the invention, the method may furthercomprise performing the following steps in the local computer: initiating an interaction with a remote server; receiving a request for the information Xfrom the remote server; requesting the information X from the user device;receiving the information X from the user device; and providing theinformation X to the remote server. The described steps performed in thelocal computer represent an online transaction which can be exemplified byan online purchase. The transaction can be initiated by a user of the localcomputing device such as a laptop by initiating a payment in an online storehandled by a remote server. Next, the remote server may request credit cardinformation from the user, where the credit card information is represented bythe information X securely stored on the user device. To retrieve the creditcard information, the users enters biometric information on the user device,using the biometric reader, thereby enabling reproduction of the credit cardnumber using the fuzzy generator reproduction algorithm as described above.Once the credit card information is reproduced by the user device, it can betransmitted securely to the local computing device, which in turn provides thecredit card information, and possibly also other required information, to theremote server to finalize the purchase. Even though the connection betweenthe local computing deice and the remote server is not within the scope of thepresent invention, it can be assumed that the connection is secured using anyknown secure protocol or encryption.
According to one embodiment of the invention, the interaction with theremote server may also comprise an online identity verification operation,where the identity of the user is verified by the remote server. For example,the interaction may be part of a login operation of a bank whereauthentication of the identity of the user is crucial. The interaction may alsorepresent logging in to any other online service provider requiring a securelogin.
However, regardless of the specific security solution used by a remoteservice provider, various embodiments of the present invention offers aconvenient and secure method of storing sensitive information on user device comprising a biometric sensor.
According to a second aspect of the invention, there is provided asyäenrbrsemueskwageofmkwmaüoncompnmngatßerdewcecompnmnga biometric reader and a storage unit, wherein said user device is configuredto: receive information X; acquire a biometric reading b from a user using thebiometric reader of the user device; generate a key R and a helper string Pusing the biometric reading b by means of a fuzzy extractor generationalgorithm; store P on a storage unit of the user device; encrypt the informationX using the key R resu|ting in a cipher text C; store the cipher text C on thestorage unit of the user device; and delete the information X, the biometricreading b and the key R from the user device; the system further comprising alocal computing device configured to: request the information X from the userdevice; wherein the user device is configured to, when requested by the localcompuflngdevme,acqukebkxneuminkfimaflonb'flomtheuserusmgthebiometric reader, and if b' is approximately equal to b, reproduce R' = R fromb' and P using a fuzzy extractor reproduction algorithm; decrypt the ciphertext C, using R, to acquire the information X; and provide the information Xfrom the user device to the local computing device via a secure connection. ln the above system, the user device may be a smartphone comprisinga fingerprint sensor, thereby enabling safe storage of sensitive informationsuch as credit card number. Accordingly, the system could be based oncommercially available products with the added functionality of encrypting thefingerprint information to provide a simple and secure way for a user tosecurely store sensitive using readily available products.
Further effects and features of the second aspect of the invention arelargely analogous to those described above in connection with the firstaspects of the invention.
Further features of, and advantages with, the present invention willbecome apparent when studying the appended claims and the followingdescription. The skilled person realizes that different features of the presentinvention may be combined to create embodiments other than thosedescribed in the following, without departing from the scope of the present invenfion.
Brief Description of the Drawinqs These and other aspects of the present invention will now be describedin more detail, with reference to the appended drawings showing an exampleembodiment of the invention, wherein: Figs. 1a-b are flow charts schematically illustrating methods accordingto embodiments of the invention; Fig. 2 is a flow chart schematically illustrating a method according to anembodiment of the invention; and Figs. 3a-b schematically illustrates a user device and a system used in embodiments of the invention.
Detailed Description of Example Embodiments ln the present detailed description, various embodiments of the methodand system according to the present invention are mainly described withreference to a smartphone comprising a fingerprint sensor for acquiringbiometric information. However, the general principles of the invention areapplicable to a wide range of user devices comprising a biometric sensor anda storage unit for secure storage of sensitive information.
Figs. 1 and 2 are flow charts outlining the general steps of methodsaccording to various embodiments of the invention. The method will bedescribed with reference to Fig. 3a illustrating a user device 300 and to Fig.3b illustrating a system 302.
Fig. 1a schematically illustrates the enrollment of an information stringX on a user device 300 in the form of a smartphone. ln the present example,the information string X can be considered to be a credit card number whichis entered manually by a user. However, the information to be stored securelyon the user device may also be input by a camera of the user device, forexample using a QR-code, or the information may be already stored on theuser device but in a clear-text form.
As a first step, the information X is entered 100 in a dedicated inputfield 304 of the user device 300. Next, the user may initiate the storage, for example by touching a corresponding icon 306. This in turn prompts the userto provide biometric information using the fingerprint sensor 308 of thesmartphone. Here, the fingerprint sensor 306 is illustrated as being integratedin the display of the smartphone 300. However, the fingerprint sensor, oranother type of biometric reader, may equally well be arranged in other partsof a user device such as on the side, on the backside, integrated in a push-button etc. Once the biometric information b is acquired 102, a key R and ahe|per string P is generated 104, using the biometric reading b, by means of afuzzy extractor generation algorithm. Note that the he|per string P does notcontain any information about R, it can only be used to recover R when amatching biometric reading is provide. The generation operation can bedenoted (R,P) <- gen(b), where gen represents the fuzzy extractor generationalgorithm.
Next, the he|per string P is stored 106 in a memory of the smartphone300. The information X is encrypted 108 using the key R resulting in a ciphertext C, where the encryption operation is denoted R, C = EncR(X). ln the following, C is stored 110 in the smartphone 300 and X, b and Rare deleted 112 from the memory of the smartphone 300. Note that X, b andR are preferably deleted permanently such that the information X, b and R isnot recoverable from the smartphone 300, since a key feature of the presentmethod is that the original sensitive information X is not stored on the device.lt is also important that the biometric information b is not stored on the userdevice, since this could be used to circumvent features requiring biometricsensor verification. Once the cipher text C and the public he|per string P arestored on the smartphone 300, the enrollment phase is completed.
Fig. 1b illustrates the following steps of the method where the localcomputing device 302, here a stationary computer 302, requests 114 theinformation Xfrom the smartphone 300. When the smartphone 300 receives116 the request for X, the user is prompted to provide a fingerprint and abiometric reading b' is acquired 118.
Using a fuzzy extractor reproduction algorithm, a key R'which is equalto the original key R can be reproduced 122, using the public he|per string P, only if b' is sufficiently similar to the original biometric template b (i.e. if b' = b),which can be denoted R' <- rep(b', P), where rep represents the fuzzyextractor reproduction algorithm. A characterizing feature of a fuzzy extractormethod is that the originally generated key R can be extracted even if thesecond biometric reading b' is not strictly identical to the biometric template b.When the key R is available, the cipher text C can be decrypted to acquire124 the information X. The decryption operation can be denoted R, X =DecR(C).
Finally, the information Xcan be provided 126 from the smartphone300 to the computer 302 via a wired or wireless secure connection.
Once the information Xhas been provided to the local computingdevice, both Xand R are deleted from the user device such that theinformation X is once again securely stored and only retrievable by means ofa successful biometric identification. lt should further be noted that the key R'is deleted from the user device even if it is not equal to R.
Fig. 2 and Fig. 3b schematically illustrates an online transaction usingthe above described securely stored information X. lt is assumed that credit card information is stored as Xon the userdevice. When the user initiates an interaction 202 with a remote server 310,for example when a user wants to pay for a product in an online web shop,the remote server requests 204 that the user provides credit card information(X) and the stationary computer 302 in turn sends a request 206 to the userdevice 300 asking for the credit card information X. The user is then promptedto provide a fingerprint reading b', and if b' matches the fingerprint template b,the credit card information Xis acquired 208 and transmitted via a secureconnection to the computer 302, which will then be provided to the computer302. The computer 302 receives 210 the credit card information X which isfon/varded to the remote server 310, preferably via a secure connection. Oncereceived 212, the credit card information can be processed by the remoteserver to complete the online purchase.
Accordingly, a simple but secure solution to handle credit cardinformation on the user side is provided so that the user does not need to manually perform the tedious task of entering the credit card information andwithout resorting to the potentially dangerous approach of storing sensitiveinformation at the service providers.
Even though the invention has been described with reference tospecific exempiifying embodiments thereof, many different aiterations,modifications and the like will become apparent for those skilled in the art.Also, it should be noted that parts of the system and method may be omitted,interchanged or arranged in various ways, the system and method yet beingable to perform the functionality of the present invention.
Additionally, variations to the disclosed embodiments can beunderstood and effected by the skilled person in practicing the claimedinvention, from a study of the drawings, the disclosure, and the appendedclaims. ln the claims, the word "comprising" does not exclude other elementsor steps, and the indefinite article "a" or "an" does not exclude a plurality. Themere fact that certain measures are recited in mutually different dependentclaims does not indicate that a combination of these measures cannot be used to advantage.

Claims (16)

1. A method for secure storage of information in a user devicecomprising a biometric reader; the method comprising the steps of: entering information X on a user device; acquiring biometric information b from a user using the biometricreader of the user device; generating a key R and a helper string P using the biometric reading bby means of a fuzzy extractor generation algorithm; storing P on the user device; encrypting the information X using the key R resu|ting in a cipher text storing the cipher text C on the user device; de|eting the information X, the biometric reading b and the key R fromthe user device; in a local computing device, requesting the information X from the userdevice; in the user device, acquiring biometric information b' from the user andif b' is approximately equal to b, reproducing R' = R from b' and P using afuzzy extractor reproduction algorithm; decrypting the cipher text C, using R, to acquire the information X; and providing the information X from the user device to the local computing device via a secure connection.
2. The method according to claim 1, wherein the information comprises credit card information enabling a purchase.
3. The method according to claim 1, wherein the information comprises personal identifying information enabling an identification ofa user.
4. The method according to claim 3, wherein the personalidentifying information is selected from the group comprising passport 12 information, identification card information, DNA information and biometric information.
5. The method according to any one of the preceding claims,further comprising, after the step of providing the information X from the userdevice to the local computing device, de|eting R and X from the user device.
6. The method according to any one of the preceding claims,further comprising the steps of, in the local computing device: initiating an interaction with a remote server; receiving a request for the information X from the remote server;requesting the information X from the user device; receiving the information X from the user device; and providing the information X to the remote server.
7. The method according to claim 6, wherein the interaction with the remote server comprises an online purchase.
8. The method according to claim 6, wherein the interaction withthe remote server comprises an online identity verification operation, where the identity of the user is verified by the remote server.
9. The method according to claim 8, wherein the online identity verification is part of a login operation of an online website.
10. device comprising a biometric reader and a storage unit, wherein said user A system for secure storage of information comprising a user device is configured to:receive information X;acquire a biometric reading b from a user using the biometric reader of the user device; 13 generate a key R and a helper string P using the biometric reading bby means of a fuzzy extractor generation algorithm; store P on a storage unit of the user device; encrypt the information X using the key R resu|ting in a cipher text C; store the cipher text C on the storage unit of the user device; and delete the information X, the biometric reading b and the key R fromthe user device; the system further comprising a local computing deviceconfigured to: request the information X from the user device; wherein the user device is configured to, when requested by the localcomputing device, acquire biometric information b' from the user using thebiometric reader, and if b' is approximately equal to b, reproduce R' = R fromb' and P using a fuzzy extractor reproduction algorithm; decrypt the ciphertext C, using R, to acquire the information X; and provide the information X from the user device to the local computing device via a secure connection.
11. The system according to claim 10, wherein the user device is asmartphone.
12. The system according to claim 10 or 11, wherein the biometric reader is a fingerprint sensor.
13. user device comprises a wireless communication module configured to The system according to any one of claims 10 to 12, wherein the communicate securely with a wireless communications module of said local computing device. 14. local computing device is a stationary computer, a laptop or a tablet The system according to any one of claims 10 to 13, wherein the computer.
14
15. The system according to any one of claims 10 to 14, furthercomprising a remote server, wherein the remote sever is configured torequest the information X from the local computing device in response to auser interaction initiated from the local computing device; wherein the localcomputing device is configured to: request the information X from the user device; receive the information X from the user device; and provide the information X to the remote server.
16. The system according to c|aim 15, wherein the remote server isa web host for an online website.
SE1551518A 2015-11-23 2015-11-23 Method and system for secure storage of information SE1551518A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
SE1551518A SE1551518A1 (en) 2015-11-23 2015-11-23 Method and system for secure storage of information
PCT/SE2016/051158 WO2017091133A1 (en) 2015-11-23 2016-11-23 Method and system for secure storage of information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE1551518A SE1551518A1 (en) 2015-11-23 2015-11-23 Method and system for secure storage of information

Publications (1)

Publication Number Publication Date
SE1551518A1 true SE1551518A1 (en) 2017-05-24

Family

ID=58763797

Family Applications (1)

Application Number Title Priority Date Filing Date
SE1551518A SE1551518A1 (en) 2015-11-23 2015-11-23 Method and system for secure storage of information

Country Status (2)

Country Link
SE (1) SE1551518A1 (en)
WO (1) WO2017091133A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110710156A (en) * 2017-07-17 2020-01-17 赫尔实验室有限公司 Practical reusable fuzzy extractor based on learning hypothesis with errors and random prediction
US20190268158A1 (en) * 2018-02-23 2019-08-29 General Dynamics Information Technology, Inc. Systems and methods for providing mobile identification of individuals
WO2022122130A1 (en) * 2020-12-08 2022-06-16 Telefonaktiebolaget Lm Ericsson (Publ) Authentication device and method for authenticating a user

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2329423B1 (en) * 2008-09-26 2018-07-18 Koninklijke Philips N.V. Authenticating a device and a user
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
WO2015153559A1 (en) * 2014-03-31 2015-10-08 Wi-Lan Labs, Inc. System and method for biometric key management

Also Published As

Publication number Publication date
WO2017091133A1 (en) 2017-06-01

Similar Documents

Publication Publication Date Title
US11743041B2 (en) Technologies for private key recovery in distributed ledger systems
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
US10341123B2 (en) User identification management system and method
AU2017204769B2 (en) Differential client-side encryption of information originating from a client
US10861009B2 (en) Secure payments using a mobile wallet application
JP6264674B2 (en) Authentication system and method using QR code
US11876911B2 (en) Blockchain based alias interaction processing
US8924711B2 (en) Hack-deterring system for storing sensitive data records
US10848304B2 (en) Public-private key pair protected password manager
CN108965222B (en) Identity authentication method, system and computer readable storage medium
US9686251B2 (en) Devices and techniques for controlling disclosure of sensitive information
WO2021249527A1 (en) Method and apparatus for implementing motopay, and electronic device
US8874912B2 (en) Systems and methods for securely transferring personal identifiers
SE1551518A1 (en) Method and system for secure storage of information
US10990982B2 (en) Authenticating a payment card
US8219826B2 (en) Secure pin character retrieval and setting
CN110909336B (en) Password management method and device based on fingerprint USB flash disk
CN111260343A (en) Information authentication method, device and system based on confirmation code
WO2015184809A1 (en) Method, mobile terminal, service provider device and system for mobile terminal payment transaction
KR101710583B1 (en) Supply Service System of Body Certification and Supply Service Method by Using This System
KR20160020314A (en) Apparatus for providing lending service and method thereof

Legal Events

Date Code Title Description
NAV Patent application has lapsed