WO2007098569A1 - Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés - Google Patents

Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés Download PDF

Info

Publication number
WO2007098569A1
WO2007098569A1 PCT/CA2006/000287 CA2006000287W WO2007098569A1 WO 2007098569 A1 WO2007098569 A1 WO 2007098569A1 CA 2006000287 W CA2006000287 W CA 2006000287W WO 2007098569 A1 WO2007098569 A1 WO 2007098569A1
Authority
WO
WIPO (PCT)
Prior art keywords
values
user
elements
program instructions
display
Prior art date
Application number
PCT/CA2006/000287
Other languages
English (en)
Inventor
Norman Frank Goertzen
Original Assignee
Norman Frank Goertzen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Norman Frank Goertzen filed Critical Norman Frank Goertzen
Priority to JP2008556618A priority Critical patent/JP2009528601A/ja
Priority to PCT/CA2006/000287 priority patent/WO2007098569A1/fr
Priority to CA2644272A priority patent/CA2644272C/fr
Priority to CN 200680054245 priority patent/CN101421737B/zh
Priority to CA002689850A priority patent/CA2689850A1/fr
Priority to EP06705241A priority patent/EP2002371A4/fr
Publication of WO2007098569A1 publication Critical patent/WO2007098569A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Definitions

  • the present invention relates generally to graphical/textual user interfaces, and more specifically, to a method and system for securing machine interface access.
  • Computer systems and dedicated devices such as automated teller machines (ATMs) increasingly provide access to interfaces that must be protected from unauthorized use.
  • ATMs automated teller machines
  • Typical security on such user interfaces is provided by a password or "personal identification number" PIN) that must be provided to the user interface via an input device prior to further access by an individual (or in some instances another machine) accessing the interface.
  • the level of security provided by a "weak" password or token such as a password or PIN is generally related to its length and arbitrariness. However, the same factor is also determinative of the difficulty for a human to remember the token. Also, the number of possible token element values, e.g., just digits versus digits plus letters is generally made larger to improve security, but the input set size increase is generally either thwarted by use of common words or numbers within the total possible space of values.
  • hints While it is possible to provide "hints" to a user that will stimulate a recollection of the token, such hints also provide a potential security breach in that the token may be discoverable via guessing once the hint is given.
  • Other systems include a secondary password that has some concrete meaning to the token owner that can be used to reveal the actual token. For example, an interface may use the users mother's maiden name or "favorite animal", etc. as a secondary token to protect the underlying access token if the user forgets .
  • Two-dimensional textual or graphical hint systems have been proposed, from systems that actually display the password in a form such as a "hidden word” puzzle to systems that use a randomized arrangement of icons that must be selected in order or a particular arrangement of icons that must be selected in a pattern in order to satisfy token entry. All of the above systems have an advantage in that they are not easily overcome by mere repetitive machine input .
  • the above objective of hiding tokens in a hint display that cannot be easily discovered through observation of token entry is achieved in a method and system.
  • the method and system displays a hint display that includes a plurality of elements each having a value and a position, which may be an array of numerical digits.
  • the method and system receive a sequence of user input corresponding to selected patterned sequence of the displayed elements combined in an algorithm using one .or more operators to perform one or more operations on the patterned sequence.
  • the method and system verifies whether or not the user knows the proper pattern and algorithm by computing a token from the hint display and comparing the user input to the token. Access to one or more resources of the system or for which access is controlled by the system is conditioned upon a match of the token to the user input.
  • the operators employed to compute the token from the pattern may be mathematical (including logical) operators or relational operators .
  • One or more of the pattern elements may be excluded from the token computation, which may be conditioned upon a relational operation or by ignoring one of the pattern elements on a fixed basis.
  • the method may be embodied in a general-purpose computer system, a browser executing within a general-purpose computer system or a dedicated terminal.
  • the method may also be embodied in a computer program product that encodes program instructions for carrying out the steps of the method.
  • a method for receiving input of a security token protecting a resource comprising: generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic; computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern; displaying said hint display to a user; receiving input from said user; comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
  • a computer system including a memory for storing program instructions and data, a processor coupled to said memory for executing said program instructions, a visual display coupled to said processor for displaying a user interface output and an input device coupled to said processor for providing a user interface input
  • said program instructions within said general-purpose computer comprise program instructions for: generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic; computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern; displaying said hint display to a user; receiving input from said user; comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
  • a computer program product comprising signal-bearing media encoding program instructions for execution within a computer system, wherein said program instructions comprise program instructions for: generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic- computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern; displaying said hint display to a user; receiving input from said user; comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
  • Figure 1 is a block diagram of a system in which an embodiment of the present invention may be practiced.
  • Figure 2 is a pictorial diagram depicting a user interface in accordance with an embodiment of the present invention .
  • Figure 3 is a flowchart depicting operation of a system as embodied in a method in accordance with an embodiment of the invention.
  • the present invention provides improved security for systems accessed through entry of a token or password via a method that is implemented by execution of program instructions .
  • the techniques are applicable to replace traditional password or PIN entry within computer systems or dedicated terminals such ATMs.
  • the present invention may be employed in the operating system of a general-purpose computing system, embedded in a dedicated application, or provided via a web page interface downloaded from a server, for example via an extensible markup language (XML) program or Java script or program.
  • XML extensible markup language
  • the present invention in general protects access to a resource, such as a login access to a system, financial information and transactional capability at an ATM, or other secured resource such as an application or database.
  • the present invention Rather than merely accepting entry of a password or token and optionally processing the token to compare it to a stored value, as traditional password systems do, the present invention effectively generates a randomized token on-the- fly.
  • the randomized token is generated via rule-based processing from a set of values that are hidden in a hint display that is presented to the user.
  • the hint display can be a randomly generated set of elements bearing no pre-defined relation to the pattern or algorithm other than the values and value ranges of the elements must be suitable for use with the particular algorithm employed and the pattern must fit the display. If the hint display is randomly generated as a signal array or other display, then the display can be generated prior to knowing the user via a user identification code or other means. The sequence is then chosen from the appropriate positions in the hint display once the user is known. Alternatively, if the user is known prior to generating the display, the sequence can be generated first and hidden at particular positions in the hint display that correspond to the positions within the above-mentioned pattern by seeding' the non-patterned locations with another randomly generated set of elements .
  • the algorithm is applied to values of the sequence of elements to generate the token, which is generally also a sequence of numbers, but may be a single number, such as a summation of all the digits in the pattern.
  • Operators can combine any number of values from the sequence and reduce them in the output sequence or expand them in the output sequence. For example, a sum of three values from the pattern elements may represent a reduction of 3:1 in the output sequence but a sum, product and "larger of" operator applied to two values in sequence would represent an expansion of 2:3 in the output sequence.
  • the operators used can be mathematical (including logical) or relational, such as "the larger of” or "the smaller of” operators applied to two numbers. In general, it is not desirable to reduce the number of elements in the output sequence that provides the access token belwo a certain level, as a short token is easier to "guess".
  • the user mimics the operation of the patterned sequence selection and the operator-based algorithm from memory and enters a token value based on the selection and mental computation.
  • the level of complexity of the mental computation required can be adjusted by selecting appropriate operators and the design of the total algorithm, which is user-settable .
  • a simple algorithm could model a horizontal line through an array of digits where the token sequence value is the lesser of each pair of digits from left to right in the line .
  • a very complex algorithm could combine apparently random positions selected sequentially from an array of values and combine them using a different mathematical operation for each value.
  • the level of security of a system can be varied in without changing the pattern and algorithm for a user.
  • the pattern can be truncated to reduce the length of a required token, changing the range of values allowed for each element, and/or fixing the clue table as a static array.
  • Each of the above techniques do not affect the underlying pattern and algorithm assigned to a user' s security mechanism, but adapt the level of security and complexity to a particular instance of an access to a system or access to a particular system.
  • the present invention also provides a mechanism for sharing access information on a one-time basis without compromising the underlying pattern and algorithm. If the owner of the access pattern and algorithm knows a particular hint display, then another person can be told the resulting input token without compromising the pattern/algorithm combination.
  • FIG. 1 a networked system within which embodiments of the present invention may be practiced is depicted in a block diagram.
  • the depicted system 10 is representative of a general class of computing devices that include a processor 16 and a memory 17 coupled to processor 16 for storing data and program instructions for execution by processor 17.
  • a graphical display 13 is coupled to system 10 and may in fact be integrated within the same housing, as will generally be the case with ATMs and portable devices such as notebook/tablet computers and personal digital assistants (PDAs).
  • a keyboard or keypad 14 is also coupled to (or integrated within) system 10 to receive user input in accordance with an embodiment of the present invention.
  • a pointing device may be used as an alternative, but as will be noted below, using a pointing device for input requires that elements for all input values be present on the screen of graphical display 13, whereas with a keyboard or keypad, the values need not be present on the screen.
  • a network connection 12 implements either a wired 15A or wireless 15B interface to processor 16 and although a network connection is not a requirement of the present invention, devices such as ATMs generally require some form of networking for financial access operations.
  • a user interface in accordance with an embodiment of the present invention is depicted as a screen 20 of graphical display 13.
  • a hint display 23 made up of four 3x3 sub-arrays 24A-D is shown.
  • Each sub-array contains a plurality of elements 26, each of which has a unique position within hint display 23.
  • Each of elements 26 also has an associated value that may or may not be unique.
  • the value is the numerical value of the digit displayed on the face of each element 26.
  • the present invention is not limited to numerical digits and the values do not have to match the displayed information on the corresponding elements .
  • graphical icons may be used instead of numbers, selection made via a pointing device and the hidden algorithm that is combined with the selection sequence may be a logical operation that combines the information provided one or more of the icons in a logical fashion.
  • use of sub-arrays provides another level of hint to the user in that the four sub-arrays shown can be presented in any arrangement on the screen 24A-D.
  • the usex determines the proper sub-array 24A-D for each element the user enters by a clue unique to each sub-array 24A-D such as a unique color of a frame around each sub-array or the color of the values (e.g., digits) displayed on the individual elements 26.
  • Screen 20 also includes fields 20,21 for entry of a username and password, as are generally found on login screens and the like.
  • entry fields are not a requirement of the present invention and screen 20 may consist solely of hint display 23, particularly when all values to be entered have corresponding elements present on screen 20, in which case a pointing device such as a mouse or touch screen may be used to implement the input device that receives the token sequence.
  • User identification field 20 is not needed if the user is known prior, if the pattern/algorithm is common to all users, or if a more relaxed security scheme is tolerable in which multiple tokens are permitted and used via matching to identify the user.
  • Elements 26 of sub-arrays 24A-D can be randomly or quasi-randomly generated to initialize the array. If so, a pattern of elements 26 is used to select a sequence of values from the elements 26 that will correspond to the correct sequence of elements known by the user. Alternatively, a sequence of elements can be generated, "seeded” in the pattern locations,- and then other randomly generated “don't care” values can be filled in the other element 26 locations in sub-arrays 24A-D. If hint display 23 is divided into sub- arrays, then the sequence must also take into account the proper placement in the correct sub-array for each element.
  • sub-arrays 24A-D are colored respectively: ⁇ red, blue, yellow, green ⁇ , and the proper element sequence known by the user is top row red, middle row blue, then the sequence according to the illustrated hint display 23 is 8,7,3,5,4,2 assuming left-to-right reading of the row.
  • the next portion of the security mechanism implemented by the present invention is the combination of the sequence values using a hidden algorithm (as opposed to the visible pattern illustrated above) .
  • the selected sequence is then operated on by at least one operator in at least one operation.
  • the operators may be mathematical operators such as addition, subtraction, multiplication and division, an identity (or "copy” or “repeat") operator that yields the value of the element, or relational operators such as "the smaller of” or “the greater of” and may operate on two or more elements or in some cases only one. Not all of the operations are identity operations, or the algorithm would not be hidden and would merely reveal the sequence above, although a system in accordance with an embodiment of the present invention can additionally implement a "non-hidden” algorithm as an option having a lowered security level.
  • a non-hidden algorithm is provided by a sequence of identity operators, one for each element in the pattern, such that the output of the algorithm is identical to the input sequence.
  • Hidden constants may also be employed in combination with the above operators, for example "add 1 to each digit" or "enter digit if > 4" and similar other rules.
  • the algorithm could be return the lowest element of each of the rows, in which case the proper token input would be 3,2.
  • the algorithm may be add the first two elements of the row for a first value and use the third element for a second value, in which case the correct token would be 15,3,9,2.
  • Operations/algorithms can extend between the sub-arrays, as well.
  • the algorithm may be multiply each element in sequence from the first sub-array with each element from the second sub-array and use those as a token string.
  • the proper token for the above example sequence would be 40,28,6.
  • FIG. 3 a flowchart illustrating a method in accordance with an embodiment of the present invention is depicted.
  • the method may be implemented by program instructions executing within a computing device such as a personal computer, workstation or dedicated terminal such as an ATM.
  • the program instructions may be embodied in a compute program product comprising media encoding said program instructions.
  • a hint display is generated using a random number generator (step 30) and the hint display is displayed (step 31) .
  • the user is then identified via the userid input field 20 and the user's pattern and algorithm are retrieved from storage (step 32) .
  • the sequence of values from the hint display are collected in accordance with the predefined pattern of elements (step 33) .
  • the token is then computed using the collected values according to the pre-defined algorithm (step 34) .
  • step 35 the sequence is compared against the token values computed in step 33 and if the input sequence matches, (decision 36) , then access to the protected resource is granted (step 37) .
  • a control panel for configuring the algorithm and pattern is also provided in accordance with another embodiment of the present invention, and may be graphically or textually implemented. Graphical control panels will generally permit selection of the pattern sequence via a pointing device and then assign rules to combinations of values or individual values from the elements in the pattern.
  • a textual control panel can accept a string that describes the pattern and algorithm, for example by using the matrix positions as subscripts, each element can be uniquely identified by a position number. Operators can be given their own symbols such as "R” for replicate, w +" for sum, "X” for multiply, “S” for "smaller of” and so forth. Any sub-arrays while arranged in their "native” order can be combined in one matrix for the purposes of encoding the string.

Abstract

L'invention concerne un procédé et un système de sécurisation d'accès interface via des motifs de schémas d'ensembles visuels associés à des opérations cachées permettant d'améliorer la sécurité de systèmes informatiques et de terminaux dédiés. On génère un affichage d'indications de manière au moins quasi aléatoire, celui-ci pouvant être un ensemble de valeurs numériques. On reçoit une entrée utilisateur qui représente une sélection de motifs d'éléments choisis sur l'affichage d'indications et est associée à un algorithme utilisant une ou plusieurs opérations mathématiques, relationnelles et/ou logiques. On utilise un motif et un algorithme prédéfinis pour produire un jeton à partir de l'affichage d'indications, ledit jeton étant comparé à l'entrée utilisateur afin de vérifier si l'utilisateur connaît lesdits motif et algorithme. Pour une utilisation plus facile, il est possible de diviser un schéma d'affichage d'indications en sous-schémas tout en fournissant une indication, telle que la couleur, pour indiquer chaque sous-schéma à l'utilisateur.
PCT/CA2006/000287 2006-03-01 2006-03-01 Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés WO2007098569A1 (fr)

Priority Applications (6)

Application Number Priority Date Filing Date Title
JP2008556618A JP2009528601A (ja) 2006-03-01 2006-03-01 隠し演算と組み合わせて視覚的配列経路を介するインタフェースアクセスを保護するためのシステム
PCT/CA2006/000287 WO2007098569A1 (fr) 2006-03-01 2006-03-01 Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés
CA2644272A CA2644272C (fr) 2006-03-01 2006-03-01 Procede et systeme de securisation d'acces interface via des chemins d'ensembles visuels associes a des operateurs caches
CN 200680054245 CN101421737B (zh) 2006-03-01 2006-03-01 用于通过可视阵列路径结合隐藏运算符保护界面访问安全的方法和系统
CA002689850A CA2689850A1 (fr) 2006-03-01 2006-03-01 Acces securise a une ressource par un utilisateur
EP06705241A EP2002371A4 (fr) 2006-03-01 2006-03-01 Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CA2006/000287 WO2007098569A1 (fr) 2006-03-01 2006-03-01 Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés

Publications (1)

Publication Number Publication Date
WO2007098569A1 true WO2007098569A1 (fr) 2007-09-07

Family

ID=38458599

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2006/000287 WO2007098569A1 (fr) 2006-03-01 2006-03-01 Procédé et système de sécurisation d'accès interface via des chemins d'ensembles visuels associés à des opérateurs cachés

Country Status (5)

Country Link
EP (1) EP2002371A4 (fr)
JP (1) JP2009528601A (fr)
CN (1) CN101421737B (fr)
CA (2) CA2689850A1 (fr)
WO (1) WO2007098569A1 (fr)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2466517A1 (fr) * 2010-12-16 2012-06-20 Research In Motion Limited Mots de passe algébriques simples et multicouches
GB2488310A (en) * 2011-02-02 2012-08-29 Winfrasoft Corp A method and system for authenticating a computer user by using an array of elements
US8631487B2 (en) 2010-12-16 2014-01-14 Research In Motion Limited Simple algebraic and multi-layer passwords
US8635676B2 (en) 2010-12-16 2014-01-21 Blackberry Limited Visual or touchscreen password entry
US8650635B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Pressure sensitive multi-layer passwords
US8650624B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Obscuring visual login
US8661530B2 (en) 2010-12-16 2014-02-25 Blackberry Limited Multi-layer orientation-changing password
US8745694B2 (en) 2010-12-16 2014-06-03 Research In Motion Limited Adjusting the position of an endpoint reference for increasing security during device log-on
US8769641B2 (en) 2010-12-16 2014-07-01 Blackberry Limited Multi-layer multi-point or pathway-based passwords
US8769668B2 (en) 2011-05-09 2014-07-01 Blackberry Limited Touchscreen password entry
US8863271B2 (en) 2010-12-16 2014-10-14 Blackberry Limited Password entry using 3D image with spatial alignment
US8931083B2 (en) 2010-12-16 2015-01-06 Blackberry Limited Multi-layer multi-point or randomized passwords
US9064104B2 (en) 2009-06-18 2015-06-23 Blackberry Limited Graphical authentication
US9135426B2 (en) 2010-12-16 2015-09-15 Blackberry Limited Password entry using moving images
GB2498350B (en) * 2012-01-09 2015-10-21 Gopalan Ketheeswaran Input device
US9223948B2 (en) 2011-11-01 2015-12-29 Blackberry Limited Combined passcode and activity launch modifier
US9258123B2 (en) 2010-12-16 2016-02-09 Blackberry Limited Multi-layered color-sensitive passwords
EP2070234B1 (fr) * 2006-09-07 2020-05-06 Orange Sécurisation de code pour entité personnelle

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101882188B (zh) * 2010-06-07 2012-11-07 天地融科技股份有限公司 增强电子签名工具数据输入安全性的方法及装置

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0667801A1 (fr) * 1992-11-09 1995-08-23 REIPUR, John Systeme de filtrage
WO1996018139A1 (fr) * 1994-12-08 1996-06-13 Philips Electronics N.V. Entree de code de securite
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
WO2001077792A2 (fr) 2000-04-07 2001-10-18 Rsa Security Inc. Systeme et procede d'authentification d'un utilisateur
US20040123151A1 (en) 2002-12-23 2004-06-24 Authenture, Inc. Operation modes for user authentication system based on random partial pattern recognition
US20050044425A1 (en) * 2001-10-30 2005-02-24 Ari Hypponen Method and apparatus for selecting a password
US20050160297A1 (en) 2002-02-13 2005-07-21 Hideharu Ogawa User authentication method and user authentication system
US20050254650A1 (en) 2002-09-12 2005-11-17 Shoji Sakurai Authentication system, authentication device, terminal device, and authentication method

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS60207956A (ja) * 1984-04-02 1985-10-19 Toshiba Corp 暗証照合方式
JPS63661A (ja) * 1986-06-19 1988-01-05 Omron Tateisi Electronics Co カ−ド処理システム
JPS6473449A (en) * 1987-09-14 1989-03-17 Hitachi Ltd Password number inputting system
US5425102A (en) * 1994-06-09 1995-06-13 Datasonix Corporation Computer security apparatus with password hints
JP4090251B2 (ja) * 2002-03-05 2008-05-28 パスロジ株式会社 認証装置、認証方法、ならびに、プログラム
US7644433B2 (en) * 2002-12-23 2010-01-05 Authernative, Inc. Authentication system and method based upon random partial pattern recognition
JP4316311B2 (ja) * 2003-07-03 2009-08-19 株式会社日立製作所 ロジカルパスワードによる認証方法、情報処理装置、プログラム、および記録媒体
WO2005038573A2 (fr) * 2003-10-14 2005-04-28 Grid Data Security, Inc. Systeme d'authentification

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0667801A1 (fr) * 1992-11-09 1995-08-23 REIPUR, John Systeme de filtrage
WO1996018139A1 (fr) * 1994-12-08 1996-06-13 Philips Electronics N.V. Entree de code de securite
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
WO2001077792A2 (fr) 2000-04-07 2001-10-18 Rsa Security Inc. Systeme et procede d'authentification d'un utilisateur
US20050044425A1 (en) * 2001-10-30 2005-02-24 Ari Hypponen Method and apparatus for selecting a password
US20050160297A1 (en) 2002-02-13 2005-07-21 Hideharu Ogawa User authentication method and user authentication system
US20050254650A1 (en) 2002-09-12 2005-11-17 Shoji Sakurai Authentication system, authentication device, terminal device, and authentication method
US20040123151A1 (en) 2002-12-23 2004-06-24 Authenture, Inc. Operation modes for user authentication system based on random partial pattern recognition

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2002371A4 *

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2070234B1 (fr) * 2006-09-07 2020-05-06 Orange Sécurisation de code pour entité personnelle
US9064104B2 (en) 2009-06-18 2015-06-23 Blackberry Limited Graphical authentication
US10325086B2 (en) 2009-06-18 2019-06-18 Blackberry Limited Computing device with graphical authentication interface
US10176315B2 (en) 2009-06-18 2019-01-08 Blackberry Limited Graphical authentication
US8661530B2 (en) 2010-12-16 2014-02-25 Blackberry Limited Multi-layer orientation-changing password
US8650624B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Obscuring visual login
EP2466517A1 (fr) * 2010-12-16 2012-06-20 Research In Motion Limited Mots de passe algébriques simples et multicouches
US8745694B2 (en) 2010-12-16 2014-06-03 Research In Motion Limited Adjusting the position of an endpoint reference for increasing security during device log-on
US8769641B2 (en) 2010-12-16 2014-07-01 Blackberry Limited Multi-layer multi-point or pathway-based passwords
US10621328B2 (en) 2010-12-16 2020-04-14 Blackberry Limited Password entry using 3D image with spatial alignment
US8863271B2 (en) 2010-12-16 2014-10-14 Blackberry Limited Password entry using 3D image with spatial alignment
US8931083B2 (en) 2010-12-16 2015-01-06 Blackberry Limited Multi-layer multi-point or randomized passwords
US8650635B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Pressure sensitive multi-layer passwords
US8631487B2 (en) 2010-12-16 2014-01-14 Research In Motion Limited Simple algebraic and multi-layer passwords
US8635676B2 (en) 2010-12-16 2014-01-21 Blackberry Limited Visual or touchscreen password entry
US9135426B2 (en) 2010-12-16 2015-09-15 Blackberry Limited Password entry using moving images
US9258123B2 (en) 2010-12-16 2016-02-09 Blackberry Limited Multi-layered color-sensitive passwords
GB2523885B (en) * 2011-02-02 2015-12-23 Winfrasoft Corp A method and system for authenticating a user of a computerised system
GB2523885A (en) * 2011-02-02 2015-09-09 Winfrasoft Corp A method and system for authenticating a user of a computerised system
GB2488310B (en) * 2011-02-02 2015-07-01 Winfrasoft Corp A method and system for authenticating a user of a computerised system
GB2488310A (en) * 2011-02-02 2012-08-29 Winfrasoft Corp A method and system for authenticating a computer user by using an array of elements
US8769668B2 (en) 2011-05-09 2014-07-01 Blackberry Limited Touchscreen password entry
US9223948B2 (en) 2011-11-01 2015-12-29 Blackberry Limited Combined passcode and activity launch modifier
GB2498350B (en) * 2012-01-09 2015-10-21 Gopalan Ketheeswaran Input device

Also Published As

Publication number Publication date
JP2009528601A (ja) 2009-08-06
CA2689850A1 (fr) 2007-09-07
EP2002371A4 (fr) 2010-05-05
CA2644272A1 (fr) 2007-09-07
CA2644272C (fr) 2011-08-16
CN101421737A (zh) 2009-04-29
CN101421737B (zh) 2011-04-20
EP2002371A1 (fr) 2008-12-17

Similar Documents

Publication Publication Date Title
CA2644272C (fr) Procede et systeme de securisation d'acces interface via des chemins d'ensembles visuels associes a des operateurs caches
CA2689853C (fr) Acces securise par un utilisateur a une ressource
US7992005B2 (en) Providing pattern based user password access
US20100199100A1 (en) Secure Access by a User to a Resource
CA2359119C (fr) Procede et appareil pour une introduction securisee de codes d'acces dans un environnement informatique
DK2856380T3 (en) PROCEDURE AND SYSTEM FOR SECURE USER IDENTIFICATION
US20130291096A1 (en) Fraud resistant passcode entry system
KR100743854B1 (ko) 관찰자에게 입력정보가 노출되는 것을 방지할 수 있는 정보입력방법
JP2005535990A (ja) セルマッチングによって入力されたパスワードを処理するための方法及びシステム
US8307424B2 (en) Password authentication apparatus and password authentication method
US7689831B2 (en) Method and system for securing interface access via visual array paths in combination with hidden operators
US8869261B1 (en) Securing access to touch-screen devices
US11010467B2 (en) Multifactor-based password authentication
JP2008040984A (ja) ソフトウェアキーボードプログラム及び情報処理端末
JP2006251985A (ja) 暗証コード入力装置及びプログラム
Ray et al. GPOD: An Efficient and Secure Graphical Password Authentication System by Fast Object Detection
Jirjees et al. RoundPIN: Shoulder Surfing Resistance for PIN Entry with Randomize Keypad
KR20210002310U (ko) 이미지와 텍스트를 이용한 다중 양식 보안 인증 시스템
KR20190086407A (ko) 이미지와 텍스트를 이용한 다중 양식 보안 인증 시스템 및 방법
KR20120033799A (ko) 비밀 번호 입력 인터페이스 제공 시스템 및 방법
KR20020086816A (ko) 비밀번호 문자의 입력시간 간격을 이용한 보안 시스템 및그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2008556618

Country of ref document: JP

Ref document number: 2644272

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 3639/KOLNP/2008

Country of ref document: IN

REEP Request for entry into the european phase

Ref document number: 2006705241

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2006705241

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2008138866

Country of ref document: RU

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 200680054245.6

Country of ref document: CN