WO2001059547A2 - System and method for providing services to a remote user through a network - Google Patents
System and method for providing services to a remote user through a network Download PDFInfo
- Publication number
- WO2001059547A2 WO2001059547A2 PCT/CA2001/000185 CA0100185W WO0159547A2 WO 2001059547 A2 WO2001059547 A2 WO 2001059547A2 CA 0100185 W CA0100185 W CA 0100185W WO 0159547 A2 WO0159547 A2 WO 0159547A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- card
- pin
- identifying
- terminal
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/342—Cards defining paid or billed services or quantities
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/02—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by keys or other credit registering devices
- G07F7/025—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by keys or other credit registering devices by means, e.g. cards, providing billing information at the time of purchase, e.g. identification of seller or purchaser, quantity of goods delivered or to be delivered
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
Definitions
- the present invention relates to the field of remote operations through a network, and more particularly concerns a system and method for securely identifying a remote user and providing this user services through a network.
- Another security concern with internet and network operations is the circulation of sensitive personal information through a network, such as a credit card number or a password. Again, once this information has been accessed by a third party, it can be used to impersonate the user without his consent.
- the present invention concerns a system for providing services to a remote user through a network, including identifying means for identifying the user.
- identifying means include a user personal CD card readable in a CD reading device of a terminal, and a user personal identification number (PIN) enterable on the terminal.
- PIN personal identification number
- This two-factor identification system is based on what the user knows (PIN) and something the user has (card).
- a transmitter is provided for transmitting the PIN and card-identifying elements from the terminal to a remote server through the network.
- a matching application is provided on the server for matching the PIN and card-identifying elements to a user profile, thereby identifying the user.
- the system also includes at least one service application available to the identified user on said server.
- the present invention also concerns a method for providing services to a remote user through a network, including the steps of: A- identifying said user by performing the substeps of: a) reading a user personal CD card in a CD reading device of a terminal; b) entering a user personal identification number (PIN) on the terminal; c) transmitting the PIN and card-identifying elements from the terminal to a remote server through the network; and d) matching the PIN and card-identifying elements on to a user profile on the server, thereby identifying said user; and B- providing the identified user with access to at least one service application on said server.
- A- identifying said user by performing the substeps of: a) reading a user personal CD card in a CD reading device of a terminal; b) entering a user personal identification number (PIN) on the terminal; c) transmitting the PIN and card-identifying elements from the terminal to a remote server through the network; and d) matching the PIN and card-identifying elements on to a user profile on the
- a method for allowing a user to securely purchase goods from a merchant's web site includes the steps of: i) identifying said user according to step A described above; ii) providing a temporary credit number linked to a credit or debit account of said user, said temporary credit number being valid for a single transaction; iii) transmitting said temporary credit number to the user; and iv) entering the temporary credit number as payment for said goods on the merchant's web site.
- FIG. 1 is a schematic representation of a system according to a preferred embodiment of the invention.
- FIG. 2 is diagram showing the service application loading process of the system of FIG. 1.
- FIG. 3 Is a diagram showing the general architecture of the system of FIG.
- FIG. 4 is a flow chart illustrating a method according to a preferred embodiment of the invention.
- FIG. 5 is a schematic representation of a system and method for allowing a user to purchase goods from a merchant's web site according to another aspect of the invention.
- FIGs. 1 , 2 and 3 there is shown a system 10 for providing services to a remote user through a network according to a preferred embodiment of the invention.
- the system 10 first includes a user personal CD card 12, which is readable in a CD reading device 14 of a terminal 16.
- the CD card 12 is preferably of the universally accepted CD Card format and may be run in any CD or DVD players such as found on most personal computers today.
- the terminal may be a personal computer or a dumb terminal, as long as it is provided with a CD reading device 14 and some type of connection to a network.
- the system 10 further includes a user personal identification number, or PIN 18, which is the sole knowledge of the user, and which is to be entered on the terminal 16. As seen in FIG. 1 , the system preferably prompts the user for the PIN 18 in window box 20.
- a transmitter 22 is provided for transmitting the PIN 18 and card-identifying elements from the terminal 16 to a remote server 24 through the network.
- the transmitter 22 is preferably embodied by any appropriate manner of sending information from a computer, such as a modem and phone, cable, or satellite connection, etc.
- an encryption code is provided on the CD card for encrypting the PIN 18.
- RSA technology such as private/public key pairs are preferably used.
- the encryption code thereby defines the card-identifying elements since each CD card has a unique key pair (or other encryption characteristics).
- a matching application is provided for matching the PIN 18 and card-identifying elements to a user profile on the server, which preferably includes a database of user profiles. If both the PIN 18 and the card-identifying elements match the data of a given user, the user is positively identified. In this manner both the PIN 18 and the CD card 12 are required for identification.
- FIG. 2 illustrates an example of a service application loading process.
- the terminal 16 is a computer having an operating system 26 configured to accept Java applets, as indicated here by Java Virtual Machine 28.
- the CD card 14 has two card resident applications, a service loader application 30 for loading the Java applet 25 and an encrypting application 32 for providing the encrypting code described above.
- FIG. 3 summarizes the architecture of a system according to the present embodiment of the invention.
- the service loader application 30 run on the terminal from the CD card.
- the service loader application 30 received information in the form of applets 25 each running in its own applet sandbox 36 on the server 24.
- an applet 25 can publish itself for other applets providing its own secret key.
- Output information is either directed to the user interface 36, or encrypted by the encrypting application 32 before exiting the user terminal.
- the system according to the present invention may be used to give the user access to secure systems such as a private network, a private section of a web site, a database of user related information, etc.
- secure systems such as a private network, a private section of a web site, a database of user related information, etc.
- the user's access password or other code may be saved on the server which gives it to the system to be accessed directly once the user has been identified.
- the system to be accessed may be on the server itself or securely connected to it, so that the password information is never circulated via the internet or other unreliable network.
- the present system may also advantageously be used for financial transaction, such as a debit or credit application.
- an online merchant may provide a CD card payment icon on his web site.
- the user may simply insert his CD card in a CD player, and drag the CD card payment icon to the service loader application.
- a Java applet that encapsulates the functionality to open a connection to the card is downloaded and executes a debit or credit operation from a user account.
- a system according to the present invention may be used to provide the user with a temporary credit number. In this embodiment, the user may want to purchase goods from a merchant's web site.
- the user inserts his CD card in a CD player and identifies himself as explained above.
- a temporary and random credit number is provided linked to the user's credit account.
- the temporary credit number is valid for a single transaction.
- the user then simply enters this temporary number instead of his credit card number on the merchant's web site.
- the merchant will forward the number to the user's financial institution.
- the server will intercept the temporary number and replace it with the user's proper credit number, thereby debiting his credit account.
- the server may be provided directly as part of the financial institution's system, so that the user's actual credit information never leaves his financial institution.
- the nature and number of service applications provided to the user through the present invention may be changed with time. Since no application-related information has to be written on the card, a same card may be used for various purposes, and new service applications may be made available to a user by simply adding them to his user profile on the server. It is therefore unnecessary to replace the user's card every time or burden the user with a growing set of cards each time his needs evolve.
- the invention is said to offer multi-services functionalities.
- the present invention also provides a method 50 for providing services to a remote user through a network.
- the method 50 includes the following steps of:
- A- identifying said user by performing the substeps of:
- - reading 52 a user personal CD card in a CD reading device of a terminal; - entering 54 a user personal identification number (PIN) on the terminal; - preferably encrypting 56 the PIN with an encryption code.
- the encryption code is provided on the CD card, and therefore includes card-identifying elements.
- the encrypted PIN which therefore includes the card- identifying elements, from the terminal to a remote server through the network; and d) matching 60 the PIN and card-identifying elements on to a user profile on the server, thereby identifying said user.
- the PIN and card- identifying elements are matched to corresponding data in a user profiles database;
- a plurality of service applications may be available to the user, such as accessing a private network 66, accessing a database of user-related information 68, accessing a private section of a web site 70, or performing financial transactions 72.
- an applet linked to the given service application is transmitted 74 to the terminal.
- the present invention allows to provide a user with a variety of services.
- it provides a method and corresponding system for allowing a user to securely purchase goods from a merchant's web site.
- the method includes the following steps: i) identifying said user according to step A described above; ii) providing a temporary credit number linked to a credit account of said user, the temporary credit number being valid for a single transaction; iii) transmitting the temporary credit number to the user; and iv) entering the temporary credit number as payment for said goods on the merchant's web site.
- FIG. 5 there is shown a detailed example of embodiying the above method.
- Steps 1 and 2 The consumer having received and activated his CD card, establishes a connection to a merchant's web site. It is not necessary that the merchant's web site be modified to accept payment by the present method.
- the consumer When the consumer is asked to provide his credit card number to complete the transaction, he inserts his CD card in the CD/DVD ROM drive of his PC. It automatically starts up an application that safely connects itself to the server, identifies itself as a CD card and thus receives a dialog box that asks the consumer to type in his personal identification number (PIN).
- PIN personal identification number
- Steps 3 and 4 The consumer types his PIN which generates an encoded message (RSA).
- Step 6 The transaction proceeds regularly and the temporary number (with expiration date) is then sent to the merchant to his "Processor" which proceeds to validate the transaction.
- the issuing financial institution is identified by the first numbers of the temporary number and the transaction informations are received by the issuing financial institution by way of the "Processor".
- the temporary credit number is then sent to the server, preferably located at the financial institution, which associates the temporary number to the file of the client who has requested this number at the beginning of the transaction and pulls out the real credit card number and expiry date.
- the temporary number is then replaced by the consumer's real credit card number, before being forwarded with the transaction to be validated by the issuing financial institution.
- the temporary number is then deactivated.
- the issuing financial institution proceeds, in the regular fashion, to the validation of the client's account and returns an acceptance or refusal message for the transaction.
- the regular acceptance or refusal message is then forwarded, in the regular fashion, to the merchant's Web site to inform the consumer.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002399858A CA2399858A1 (en) | 2000-02-14 | 2001-02-14 | System and method for providing services to a remote user through a network |
AU35271/01A AU3527101A (en) | 2000-02-14 | 2001-02-14 | System and method for providing services to a remote user through a network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA2,298,379 | 2000-02-14 | ||
CA 2298379 CA2298379A1 (en) | 2000-02-14 | 2000-02-14 | System and method for secure transactions over a network |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001059547A2 true WO2001059547A2 (en) | 2001-08-16 |
WO2001059547A3 WO2001059547A3 (en) | 2001-12-06 |
Family
ID=4165302
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CA2001/000185 WO2001059547A2 (en) | 2000-02-14 | 2001-02-14 | System and method for providing services to a remote user through a network |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU3527101A (en) |
CA (1) | CA2298379A1 (en) |
WO (1) | WO2001059547A2 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004084487A1 (en) * | 2003-03-17 | 2004-09-30 | Pedro Gallego Rubio | Personal network identification method using a cd-card |
FR2890509A1 (en) * | 2005-09-07 | 2007-03-09 | Mediscs Sarl | METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING THE SAME |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS6315364A (en) * | 1986-07-05 | 1988-01-22 | Nec Corp | Preventing system for use of counterfeit cd card |
US5365046A (en) * | 1991-04-09 | 1994-11-15 | Haymann Frank V | Preventing unauthorized use of a credit card |
US5668950A (en) * | 1994-04-01 | 1997-09-16 | Fujitsu Limited | Network service system and communication unit for game machine and game machine capable of using said network service system |
US5770843A (en) * | 1996-07-02 | 1998-06-23 | Ncr Corporation | Access card for multiple accounts |
WO1998055911A1 (en) * | 1997-06-04 | 1998-12-10 | Spyrus, Inc. | Peripheral device with integrated security functionality |
-
2000
- 2000-02-14 CA CA 2298379 patent/CA2298379A1/en not_active Abandoned
-
2001
- 2001-02-14 WO PCT/CA2001/000185 patent/WO2001059547A2/en active Application Filing
- 2001-02-14 AU AU35271/01A patent/AU3527101A/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS6315364A (en) * | 1986-07-05 | 1988-01-22 | Nec Corp | Preventing system for use of counterfeit cd card |
US5365046A (en) * | 1991-04-09 | 1994-11-15 | Haymann Frank V | Preventing unauthorized use of a credit card |
US5668950A (en) * | 1994-04-01 | 1997-09-16 | Fujitsu Limited | Network service system and communication unit for game machine and game machine capable of using said network service system |
US5770843A (en) * | 1996-07-02 | 1998-06-23 | Ncr Corporation | Access card for multiple accounts |
WO1998055911A1 (en) * | 1997-06-04 | 1998-12-10 | Spyrus, Inc. | Peripheral device with integrated security functionality |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004084487A1 (en) * | 2003-03-17 | 2004-09-30 | Pedro Gallego Rubio | Personal network identification method using a cd-card |
ES2224841A1 (en) * | 2003-03-17 | 2005-03-01 | Pedro Gallego Rubio | Personal network identification method using a cd-card |
FR2890509A1 (en) * | 2005-09-07 | 2007-03-09 | Mediscs Sarl | METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING THE SAME |
WO2007028925A2 (en) * | 2005-09-07 | 2007-03-15 | Mediscs Sarl | Method for authenticating a user and device therefor |
WO2007028925A3 (en) * | 2005-09-07 | 2007-05-24 | Mediscs Sarl | Method for authenticating a user and device therefor |
Also Published As
Publication number | Publication date |
---|---|
CA2298379A1 (en) | 2001-08-14 |
WO2001059547A3 (en) | 2001-12-06 |
AU3527101A (en) | 2001-08-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2215064T3 (en) | METHODS AND APPLIANCES FOR PERFORMING ELECTRONIC TRANSACTIONS. | |
US9519894B2 (en) | Methods and apparatus for conducting electronic transactions | |
US8661520B2 (en) | Systems and methods for identification and authentication of a user | |
US7548890B2 (en) | Systems and methods for identification and authentication of a user | |
US20010034721A1 (en) | System and method for providing services to a remote user through a network | |
US7953671B2 (en) | Methods and apparatus for conducting electronic transactions | |
US20010045451A1 (en) | Method and system for token-based authentication | |
US6950942B2 (en) | Integrated circuit device with data modifying capabilities and related methods | |
RU2252451C2 (en) | Method for performing transactions, computerized method for network server protection, transaction system, electronic wallet server, computerized online shopping method (variants) and computerized access control method | |
US20030154376A1 (en) | Optical storage medium for storing, a public key infrastructure (pki)-based private key and certificate, a method and system for issuing the same and a method for using | |
JP2001084345A (en) | Smart card | |
WO2008127431A2 (en) | Systems and methods for identification and authentication of a user | |
WO2003065164A2 (en) | System and method for conducting secure payment transaction | |
WO2001059547A2 (en) | System and method for providing services to a remote user through a network | |
CA2399858A1 (en) | System and method for providing services to a remote user through a network | |
AU2004231226B2 (en) | Methods and apparatus for conducting electronic transactions | |
KR20030020906A (en) | Security system and the method for on-line banking |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2399858 Country of ref document: CA |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase in: |
Ref country code: JP |