WO2009149723A1 - Method and system for executing online transactions - Google Patents

Method and system for executing online transactions Download PDF

Info

Publication number
WO2009149723A1
WO2009149723A1 PCT/EP2008/004628 EP2008004628W WO2009149723A1 WO 2009149723 A1 WO2009149723 A1 WO 2009149723A1 EP 2008004628 W EP2008004628 W EP 2008004628W WO 2009149723 A1 WO2009149723 A1 WO 2009149723A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
internet
capable device
transaction party
party
Prior art date
Application number
PCT/EP2008/004628
Other languages
French (fr)
Inventor
Pierre Imai
Bernd Lamparter
Original Assignee
Nec Europe, Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nec Europe, Ltd. filed Critical Nec Europe, Ltd.
Priority to PCT/EP2008/004628 priority Critical patent/WO2009149723A1/en
Publication of WO2009149723A1 publication Critical patent/WO2009149723A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Definitions

  • the present invention relates to a method for executing online transactions between a first transaction party, in particular a financial institution, and a second transaction party, in particular an end-user, wherein said second transaction party employs a first Internet-capable device for establishing a connection with said first transaction party and for initiating the transaction by transferring transaction data to said first transaction party.
  • the present invention relates to a system for executing online transactions between a first transaction party, in particular a financial institution, and a second transaction party, in particular an end-user, the system comprising a first Internet-capable device employed by said second transaction party for establishing a connection with said first transaction party and for initiating the transaction by transferring transaction data to said first transaction party.
  • online monetary transactions like online banking are under constant attack by internationally acting groups. Many of them have high knowledge of the protection schemes of the banks/payments sites of PC security. This allows them to launch sophisticated attacks against consumer PCs. These attacks include the stealing of user credentials by phishing, Man-in-the-Middle attacks or the infection with Trojans or viruses.
  • a security enhancement has been achieved with the introduction of TANs (Transaction Authentication Numbers).
  • TANs Transaction Authentication Numbers
  • the user is provided a list of TANs from e.g. a bank and he chooses an arbitrary number out of that list to authenticate a transaction.
  • phishing of one single TAN by an attacker is sufficient to authenticate any arbitrary transaction.
  • improvement is achieved by employing numbered TANs. In that case, a specific number out of the list is required to authenticate a specific transaction.
  • numbered TANs enhance the security, they still do not offer protection against Man-in-the-Middle attacks, meaning that Trojan infection or website spoofing suffices to authenticate an arbitrary transaction.
  • numbered TANs enhance the security, they still do not offer protection against Man-in-the-Middle attacks, meaning that Trojan infection or website spoofing suffices to authenticate an arbitrary transaction.
  • if several TANs are stolen, arbitrary transactions can be initiated. In this context it
  • a still further alternative related to TANs consists in the integration of the transmission channel SMS, called mobile TAN or mTAN.
  • SMS mobile TAN
  • the user has to register his cell phone number.
  • the user gets the relevant transaction parameters including a TAN via SMS.
  • the user has to enter the received TAN on the Internet to verify and authenticate the transaction. Due to the limited period of validity, a redirection of the transaction to another account by means of a Man-in-the-Middle attack upon the home banking website can be averted.
  • the phishing for mTANs is useless.
  • SMS can be spoofed as neither users nor banks can reliably check whether the registered cell phone number is authentic.
  • HBCI Home Banking Computer Interface
  • HBCI Home Banking Computer Interface
  • a special hardware a HBCI chip card
  • the PIN/TAN itself cannot be retrieved by an attacker, but the user can be tricked into authenticating an arbitrary transaction.
  • an attacker could manipulate the banking program employed by the user in such a way that it signs and transmits a transaction to the bank which is not the one initiated by the user and indicated to him. Consequently, performing transactions by means of HBCI can only be considered secure under the assumption that the transaction program running on the user's PC has not been manipulated by any attacks.
  • the aforementioned object is accomplished by a method comprising the features of claim 1.
  • a method comprising the features of claim 1.
  • said first transaction party transmits the transaction data to a second Internet-capable device which is operated by said second transaction party and which is registered with said first transaction party, and that said second transaction party employs said second Internet-capable device for authenticating the transaction using authentication data provided by said first transaction party.
  • a system comprising the features of independent claim 19.
  • the system further comprises a second Internet-capable device which is operated by said second transaction party and which is registered with said first transaction party, said second Internet-capable device being configured to receive the transaction data forwarded by said first transaction party and being further configured to authenticate the transaction using authentication data provided by said first transaction party.
  • the second transaction party which, for the sake of simplicity, in the following is referred to as end-user, transfers transaction data to the first transaction party, which, for the sake of simplicity, in the following is referred to as bank, by means of a first Internet-capable device.
  • the end-user operates a second Internet-capable device, which is registered with the bank, and to which the bank forwards the transaction data. After having received the transaction data on his second Internet-capable device, the end-user can check the correctness of the transaction data and authenticates the transaction by using authentication data provided by the bank.
  • the method and the system according to the invention enable users/customers to conduct business even in an insecure environment. Even if one of the two separate devices employed by the user is compromised, only privacy of the transaction can no longer be guaranteed. However, security of the transaction is not affected. Moreover, the method according to the invention is easy to use, as customers can use their browsers and devices they are familiar with. Customers can even switch their devices without having to inform their transaction counterpart, as no device specific information has to be registered with the other transaction party.
  • the first Internet-capable device may be a personal computer, a laptop, a client computer system or a workstation or any other device that allows for running a web browser that communicates with the bank's transaction server.
  • the first Internet-capabledevice will be referred to as PC.
  • the second Internet-capable device may be a device which is configured to allow for wireless Internet communication.
  • the second Internet-capable device may be a mobile phone, a PDA (Personal Digital Assistant), or a Smart phone, or any other device which can communicate independently of the PC with the bank.
  • the second Internet-capable device will be referred to as mobile phone.
  • the bank provides two sets of authentication data.
  • Data from the first set of authentication data is used by the PC (or, more general, the first Internet-capable device) for logging onto the banks banking website, whereas data from the second set of authentication data may be employed by the end-user's mobile phone (or, more general, the second Internet- capable device) for authenticating the transaction.
  • the two sets of authentication data may be either handed out to an end-user directly at the bank office or may be sent separately by e.g. a postal mail service.
  • the link between the bank or, more precisely, a bank transaction server and the PC employed by the end-user it may be provided that for transaction setup or initiation the transaction data are transferred from the PC to the bank via an Internet data connection.
  • the Internet data connection will be SSL (Secure Socket Layer) secured.
  • the communication between the bank and the second Internet-capable device operated by the end-user is performed via an encrypted channel.
  • PKI Public Key Infrastructure
  • the PKI certificates contain the bank's public key and the end- user's private key and may be installed on the user's mobile phone in a setup phase.
  • the encrypted channel between the bank and the second Internet-capable device operated by the end-user may be realized by means of wireless telephony technology. For instance, a 2G/3G network connection may be realized.
  • the channel between the bank and the end-user's mobile phone may be secured by means of SSL.
  • the communication between the bank and the end-user's mobile phone may be performed via the PC employed by the end-user by means of a tunnel.
  • the tunnel may be established in form of a tunnelled SSL secured data connection.
  • the realisation of such tunnelled connection has the advantage that only one physically channel is required for the communication of the end-user with the bank.
  • NFC Near Field Communication
  • RFID Radio Frequency IDentification
  • Bluetooth Bluetooth
  • Infrared technology may be used as well.
  • the devices include an appropriate interface for communication with each other.
  • both the PC employed by the end-user and the end-user's mobile phone will include an NFC reader.
  • the transaction authentication is additionally secured by means of (numbered) TANs, OTP (One-Time-Password) or any other similar means provided by the bank.
  • the transaction data may be displayed on the end-user's mobile phone, thereby enabling the end-user to carefully check all important transaction information before authenticating the transaction.
  • the transaction data may include at least an identification of the recipient of the transfer, the account numbers of the involved parties and the amount of money to be transferred.
  • the bank After having received the transaction authentication from the end-user's mobile phone, it may be provided that the bank authorizes the transaction. To further increase the security it may be provided that the bank sends a message to the PC employed by the end-user for transaction initiation as well as to the end-user's mobile phone informing them about the transaction authorization.
  • Fig. 1 illustrates a first embodiment of an application scenario of the method according to the invention
  • Fig. 2 illustrates a second embodiment of an application scenario of the method according to the invention.
  • Fig. 3 schematically illustrates the trust relationships between the parties/devices involved in the embodiments of the invention shown in Fig. 1 and Fig. 2.
  • Fig. 1 illustrates schematically a first embodiment of a method according to the invention for executing online transactions between a first transaction party 1 and a second transaction party 2.
  • the first transaction party is a bank and the second transaction party is an end-user, i.e. a customer of the bank.
  • the bank Before executing any online transactions, in a setup phase the bank has given two sets of authentication information to the user. Data from the first set of authentication information is intended to perform log-in onto the bank's banking website and initiating a transaction. Data from the second set of authentication information is intended to be employed for authenticating a transaction. It is assumed that the two sets of authentication information have been handed out to the user directly at a bank office or have been sent to him separately by postal mail service.
  • the end-user employs a first Internet-capable device 3 which in the case illustrated in Fig. 1 is a PC 4.
  • the PC 4 may be, for instance, an Internet cafe's PC on a public hotspot which might be infected with viruses, Trojans, etc.
  • the end-user operates a second Internet-capable device 5, which in the case illustrated in Fig. 1 is a mobile phone 6.
  • a first step of a transaction phase the user employs the PC 4 to establish a connection with the bank.
  • the web browser running on the PC 4 which may be any conventional web browser.
  • the user employs data from a first set of login/authentication information received from the bank to log into the banking website.
  • the user employs the web browser of his mobile phone 6 to log into the banking authentication website.
  • the online transaction which may be e.g. a money transfer from the end-user's bank account to the bank account of a recipient, can be initiated by using the PC 4 to transfer the transaction data via the Internet to the bank.
  • the transaction data transfer between the end-user's PC 4 and the bank may be performed via an https (HyperText Transfer Protocol Secure) Internet data connection.
  • the bank After having received the transaction data, the bank sends the transaction data to the end-user's mobile phone 6 for authentication.
  • An https 3G network connection may be established between the bank and the end user's mobile phone 6 and the channel may be secured by employing PKI certificates.
  • the mobile phone 6 displays the transaction, i.e. all important transaction information including (in case of a money transfer) the recipient, the amount and the account numbers.
  • the end-user can authenticate the transaction on his mobile phone 6.
  • the transaction authentication is again performed via an encrypted channel under employment of PKI certificates.
  • an https 3G network channel is established between the bank transaction server and the user's mobile phone 6.
  • OTPs or similar means may be offered by the bank and may be employed for securing the transaction authentication.
  • the bank After having received the user's acknowledgement, the bank authorizes the transaction and informs both the user's mobile phone 6 and the PC 4 employed by the user for transaction initiation. Both the mobile phone 6 and the PC 4 inform the user that the transaction completed successfully.
  • Fig. 2 illustrates another embodiment according to the invention in which only one physical channel is established between the two transaction parties 1 , 2.
  • Like numerals are used for like components with respect to the embodiment of Fig. 1.
  • the bank gives two sets of login/authentication information to the user: the first set of information is intended for transaction initiation with the PC 4 employed by the user, whereas the second set of information is intended for transaction authentication. Again, these sets of information are to be either handed out directly at the bank office or sent separately by postal mail service.
  • the second set of authentication information includes PKI certificates, one containing the bank's public key and another one containing the user's private key. These certificates are to be installed on the user's mobile device 6. Again, instead of a mobile device 6 any device can be used as long as it supports an interface for communication with the PC 4 as described in more detail below. No device specific information has to be registered with the bank.
  • a PC 4 e.g. a PC in an Internet-Cafe.
  • the user may employ any other device which is enabled to establish a connection with the banking website, for instance a laptop on a public hotspot.
  • the device employed by the user for transaction initiation might be affected by viruses, Trojans, windows, etc.
  • the user employs a separate device, i.e. his mobile phone 6, for transaction authentication.
  • a separate device i.e. his mobile phone 6, for transaction authentication.
  • the connection between the user's mobile phone 6 and the bank is realized in a different way by using only one physical channel.
  • both the PC 4 employed by the user and the user's mobile device 6 support NFC technology and include each an NFC reader 7.
  • NFC technology is preferred compared to Bluetooth, Infrared or similar technologies, as NFC offers a minimal, well-defined interface over which infection is unlikely.
  • the interaction between the user's mobile device 6 and the PC 4 employed by the user by means of NFC technologies is very simple and can be secured easily, as NFC technology can only be used within a distance in the centimetre range.
  • the user After logging onto the banking website with the PC 4, the user places his mobile device 6 in a close vicinity to the PC's 4 NFC reader 7.
  • the PC 4 offers the mobile device 6 connectivity, allowing it to connect to the banking website and set up a secured tunnel. More specifically, a tunnelled https NFC connection is established between the user's mobile device 6 and the PC 4 and a tunnelled https data connection is established between the PC 4 and the bank.
  • the system is configured as to allow no other data transmission between the user's mobile device 6 and the PC 4 than absolutely necessary for the process of tunnel establishment. By this means the risk of mutual infection is minimized as far as possible.
  • the user's mobile device 6 Based on the connectivity offered by the PC 4, the user's mobile device 6 opens an encrypted tunnel to the banking website which is authenticated and secured using PKI certificates installed on the user's mobile device 6 in the setup phase as described above. Once the tunnel is established via NFC and the PC's 4 Internet connection, the transaction setup/initiation can be performed.
  • the transaction initiation includes transferring the transaction data from the PC 4 via the Internet to the bank.
  • the bank sends the transaction data to the user's mobile device 6 using the secure tunnel.
  • the user's mobile device 6 displays the relevant transaction data to the user.
  • the user can check the correctness of the transaction data and can authenticate the transaction on his mobile device 6 using e.g. a TAN or any other method the bank offers.
  • the TAN is transmitted from the mobile device to the bank over the secured tunnel.
  • the bank authorizes the transaction and informs both the user's mobile device 6 and the PC 4 employed by the user. Both mobile device 6 and PC 4 inform the user that the transaction completed successfully.
  • Fig. 3 illustrates schematically the trust relationships between the components which are involved in a method according to the invention.
  • the components include on the one hand a transaction server operated by the first transaction party 1 which for the sake of simplicity is referred to as bank.
  • the components include the devices operated by the second transaction party 2 which for the sake of simplicity is referred to as user.
  • On the side of the user two components are involved, namely a first Internet-capable device 3 which is referred to as PC 4, and a second Internet-capable device 5 which is referred to as the user's mobile phone 6.
  • the first relationship to be considered is the one between the PC 4 employed by the user for transaction initiation and the user's mobile phone 6 used for transaction authentication. According to the embodiment described in connection with Fig. 1 , there is no relationship at all between these two components as they do not communicate with each other. In the embodiment described in connection with Fig. 2, the PC 4 forwards traffic between the bank and the user's mobile phone 6. The data forwarded by the PC 4 is secured in a tunnel established between the bank and the user's mobile phone 6. Consequently, the PC 4 cannot eavesdrop on the data and any change would be detected. Thus, no trust is needed on this link.
  • the next link to be considered is the one between the PC 4 employed by the user for transaction initiation and the bank or, more precisely, the bank's transaction server.
  • the web browser running on the PC 4 communicates with the bank, which should be handled in a secure way.
  • transactions are only initiated, i.e. the transaction data is transmitted from the PC 4 to the bank.
  • transaction authentication is performed with another device via a separate secured channel, even if the link between the PC 4 and the bank or the PC 4 itself was hacked only privacy is endangered, whereas the security of the transaction is not affected.
  • the link between the PC 4 and the bank can be regarded as a semi-trusted relationship.
  • the last relationship to be considered is the relationship between the bank and the user's mobile phone 6.
  • transactions are authenticated.
  • high trust is necessary and only encrypted and authenticated methods for data exchange over this link are employed.
  • the transaction initiated at the PC 4 is transmitted correctly to the bank.
  • the bank asks for authentication for the transaction.
  • An attacker can not change the transaction on the broken link; he could just block an authentication.
  • Man-in-the-Middle attacks are considered.
  • an attacker succeeded in gaining complete control over the data traffic between two communication partners, i.e. the attacker can perceive and manipulate the exchanged information.
  • the transaction communication is divided into two separate branches, an attacker would need to be situated between both channels used for communication to execute a successful Man-in-the-Middle attack. The probability of such an attack can therefore be considered negligible.
  • the attacker must acquire both sets of login/authentication information to make attacks using phished data possible.
  • the attacker must furthermore retrieve a sufficiently large amount of TANs or crack the OTP system. This can easily be avoided by the user being sufficiently careful.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method for executing online transactions between a first transaction party, in particular a financial institution, and a second transaction party, in particular an end-user, wherein said second transaction party employs a first Internet-capable device for establishing a connection with said first transaction party and for initiating the transaction by transferring transaction data to said first transaction party, is characterized in that the method comprises the following steps: said first transaction party transmits the transaction data to a second Internet-capable device which is operated by said second transaction party and which is registered with said first transaction party, and said second transaction party employs said second Internet-capable device for authenticating the transaction using authentication data provided by said first transaction party.

Description

METHOD AND SYSTEM FOR EXECUTING ONLINE TRANSACTIONS
The present invention relates to a method for executing online transactions between a first transaction party, in particular a financial institution, and a second transaction party, in particular an end-user, wherein said second transaction party employs a first Internet-capable device for establishing a connection with said first transaction party and for initiating the transaction by transferring transaction data to said first transaction party.
Furthermore, the present invention relates to a system for executing online transactions between a first transaction party, in particular a financial institution, and a second transaction party, in particular an end-user, the system comprising a first Internet-capable device employed by said second transaction party for establishing a connection with said first transaction party and for initiating the transaction by transferring transaction data to said first transaction party.
Many types of conventional commerce and monetary transactions are nowadays performed online using modern data communication networks such as the Internet. However, various vulnerabilities, like e.g. fraud or identity theft, are associated with such online transactions, thereby compromising the security of the transaction. Such security holes are particularly precarious in payment schemes, like online banking, as in these cases typically highly sensitive and confidential data are exchanged between the transaction parties.
In particular, online monetary transactions like online banking are under constant attack by internationally acting groups. Many of them have high knowledge of the protection schemes of the banks/payments sites of PC security. This allows them to launch sophisticated attacks against consumer PCs. These attacks include the stealing of user credentials by phishing, Man-in-the-Middle attacks or the infection with Trojans or viruses.
Several technologies have been developed that reduce some of the risks described above. For instance, in case of simple authentication procedures a user enters his user ID and, additionally, a password. However, authentication solely based upon a user ID and a password is highly fraught with risks as an unlimited number of transactions can be initiated and authenticated by an attacker, if one transaction is compromised.
A security enhancement has been achieved with the introduction of TANs (Transaction Authentication Numbers). The user is provided a list of TANs from e.g. a bank and he chooses an arbitrary number out of that list to authenticate a transaction. However, phishing of one single TAN by an attacker is sufficient to authenticate any arbitrary transaction. In this regard improvement is achieved by employing numbered TANs. In that case, a specific number out of the list is required to authenticate a specific transaction. Although numbered TANs enhance the security, they still do not offer protection against Man-in-the-Middle attacks, meaning that Trojan infection or website spoofing suffices to authenticate an arbitrary transaction. Additionally, if several TANs are stolen, arbitrary transactions can be initiated. In this context it has to be noted that phishing attacks requiring the user to enter 20 TANs into a spoofed webpage have been successfully carried out.
According to an alternative TAN related approach, some financial institutions transmit confirmation numbers to the user which are associated to each received TAN. However, this approach does not provide any additional security compared to numbered TANs.
A still further alternative related to TANs consists in the integration of the transmission channel SMS, called mobile TAN or mTAN. In this approach the user has to register his cell phone number. After initiating the transaction via Internet, the user gets the relevant transaction parameters including a TAN via SMS. The user has to enter the received TAN on the Internet to verify and authenticate the transaction. Due to the limited period of validity, a redirection of the transaction to another account by means of a Man-in-the-Middle attack upon the home banking website can be averted. Also, the phishing for mTANs is useless. However, mTANs are difficult to use when travelling to other countries. Furthermore, SMS can be spoofed as neither users nor banks can reliably check whether the registered cell phone number is authentic.
The securest method used at present for executing online transactions is provided by HBCI (Home Banking Computer Interface) which is an open standard defining transmission protocols, message formats and security aspects. In HBCI, a special hardware, a HBCI chip card, is attached to the user's PC, which authenticates a transaction when a correct PIN/TAN is entered. The PIN/TAN itself cannot be retrieved by an attacker, but the user can be tricked into authenticating an arbitrary transaction. To this end an attacker could manipulate the banking program employed by the user in such a way that it signs and transmits a transaction to the bank which is not the one initiated by the user and indicated to him. Consequently, performing transactions by means of HBCI can only be considered secure under the assumption that the transaction program running on the user's PC has not been manipulated by any attacks.
It is an object of the present invention to improve and further develop a method and a system for executing online transactions of the initially described type in such a way that, by employing mechanisms that are readily to implement, an improvement in terms of security is achieved.
In accordance with the invention, the aforementioned object is accomplished by a method comprising the features of claim 1. According to this claim, such a method is characterized in that said first transaction party transmits the transaction data to a second Internet-capable device which is operated by said second transaction party and which is registered with said first transaction party, and that said second transaction party employs said second Internet-capable device for authenticating the transaction using authentication data provided by said first transaction party.
Furthermore, the aforementioned object is accomplished by a system comprising the features of independent claim 19. According to this claim, such a system is characterised in that the system further comprises a second Internet-capable device which is operated by said second transaction party and which is registered with said first transaction party, said second Internet-capable device being configured to receive the transaction data forwarded by said first transaction party and being further configured to authenticate the transaction using authentication data provided by said first transaction party.
According to the invention, it has first been recognized that higher security than currently available for online transactions can be achieved by separating the transaction initiation and the transaction authentication, thereby employing two separate devices on the side of one transaction party that communicate with the other transaction party. More precisely, the second transaction party, which, for the sake of simplicity, in the following is referred to as end-user, transfers transaction data to the first transaction party, which, for the sake of simplicity, in the following is referred to as bank, by means of a first Internet-capable device. The end-user operates a second Internet-capable device, which is registered with the bank, and to which the bank forwards the transaction data. After having received the transaction data on his second Internet-capable device, the end-user can check the correctness of the transaction data and authenticates the transaction by using authentication data provided by the bank.
The method and the system according to the invention enable users/customers to conduct business even in an insecure environment. Even if one of the two separate devices employed by the user is compromised, only privacy of the transaction can no longer be guaranteed. However, security of the transaction is not affected. Moreover, the method according to the invention is easy to use, as customers can use their browsers and devices they are familiar with. Customers can even switch their devices without having to inform their transaction counterpart, as no device specific information has to be registered with the other transaction party.
According to a preferred embodiment, the first Internet-capable device may be a personal computer, a laptop, a client computer system or a workstation or any other device that allows for running a web browser that communicates with the bank's transaction server. For the sake of simplicity, in the following, the first Internet-capabledevice will be referred to as PC. On the other hand, the second Internet-capable device may be a device which is configured to allow for wireless Internet communication. In particular, the second Internet-capable device may be a mobile phone, a PDA (Personal Digital Assistant), or a Smart phone, or any other device which can communicate independently of the PC with the bank. For the sake of simplicity, in the following, the second Internet-capable device will be referred to as mobile phone.
According to a preferred embodiment, the bank provides two sets of authentication data. Data from the first set of authentication data is used by the PC (or, more general, the first Internet-capable device) for logging onto the banks banking website, whereas data from the second set of authentication data may be employed by the end-user's mobile phone (or, more general, the second Internet- capable device) for authenticating the transaction. The two sets of authentication data may be either handed out to an end-user directly at the bank office or may be sent separately by e.g. a postal mail service.
As regards the link between the bank or, more precisely, a bank transaction server and the PC employed by the end-user, it may be provided that for transaction setup or initiation the transaction data are transferred from the PC to the bank via an Internet data connection. Preferably, the Internet data connection will be SSL (Secure Socket Layer) secured.
Preferably, the communication between the bank and the second Internet-capable device operated by the end-user is performed via an encrypted channel. According to a preferred embodiment, PKI (Public Key Infrastructure) certificates are employed for encrypting the data exchange between the bank and the end user's mobile phone. The PKI certificates contain the bank's public key and the end- user's private key and may be installed on the user's mobile phone in a setup phase. In particular, the encrypted channel between the bank and the second Internet-capable device operated by the end-user may be realized by means of wireless telephony technology. For instance, a 2G/3G network connection may be realized. In addition to the deployment of PKI certificates, the channel between the bank and the end-user's mobile phone may be secured by means of SSL. According to an alternative embodiment, the communication between the bank and the end-user's mobile phone may be performed via the PC employed by the end-user by means of a tunnel. More specifically, the tunnel may be established in form of a tunnelled SSL secured data connection. The realisation of such tunnelled connection has the advantage that only one physically channel is required for the communication of the end-user with the bank.
With respect to the communication between the PC employed by the end-user and the end-user's mobile phone, a short range broadcast connection may be established. According to a preferred embodiment NFC (Near Field Communication) technology is employed, as this technology offers a cheap, secured connectivity, making mutual infection of the two end-user devices difficult. However, RFID (Radio Frequency IDentification), Bluetooth or Infrared technology may be used as well. In any case, however, the devices include an appropriate interface for communication with each other. In case of employing NFC technology, both the PC employed by the end-user and the end-user's mobile phone will include an NFC reader.
According to a preferred embodiment, the transaction authentication is additionally secured by means of (numbered) TANs, OTP (One-Time-Password) or any other similar means provided by the bank.
With respect to a high ease of use and security, the transaction data may be displayed on the end-user's mobile phone, thereby enabling the end-user to carefully check all important transaction information before authenticating the transaction. In case of a remittance the transaction data may include at least an identification of the recipient of the transfer, the account numbers of the involved parties and the amount of money to be transferred. After having received the transaction authentication from the end-user's mobile phone, it may be provided that the bank authorizes the transaction. To further increase the security it may be provided that the bank sends a message to the PC employed by the end-user for transaction initiation as well as to the end-user's mobile phone informing them about the transaction authorization. There are several ways how to design and further develop the teaching of the present invention in an advantageous way. To this end, it is to be referred to the patent claim subordinate to patent claims 1 and 19 on the one hand, and to the following explanation of a preferred example of an embodiment of the invention illustrated by the drawing on the other hand. In connection with the explanation of the preferred example of an embodiment of the invention by the aid of the drawing, generally preferred embodiments and further developments of the teaching will be explained. In the drawing
Fig. 1 illustrates a first embodiment of an application scenario of the method according to the invention,
Fig. 2 illustrates a second embodiment of an application scenario of the method according to the invention, and
Fig. 3 schematically illustrates the trust relationships between the parties/devices involved in the embodiments of the invention shown in Fig. 1 and Fig. 2.
Fig. 1 illustrates schematically a first embodiment of a method according to the invention for executing online transactions between a first transaction party 1 and a second transaction party 2. In the shown embodiment, the first transaction party is a bank and the second transaction party is an end-user, i.e. a customer of the bank. Before executing any online transactions, in a setup phase the bank has given two sets of authentication information to the user. Data from the first set of authentication information is intended to perform log-in onto the bank's banking website and initiating a transaction. Data from the second set of authentication information is intended to be employed for authenticating a transaction. It is assumed that the two sets of authentication information have been handed out to the user directly at a bank office or have been sent to him separately by postal mail service. The end-user employs a first Internet-capable device 3 which in the case illustrated in Fig. 1 is a PC 4. The PC 4 may be, for instance, an Internet Cafe's PC on a public hotspot which might be infected with viruses, Trojans, etc. Furthermore, the end-user operates a second Internet-capable device 5, which in the case illustrated in Fig. 1 is a mobile phone 6.
In a first step of a transaction phase the user employs the PC 4 to establish a connection with the bank. To this end he employs the web browser running on the PC 4 which may be any conventional web browser. The user employs data from a first set of login/authentication information received from the bank to log into the banking website. In parallel, the user employs the web browser of his mobile phone 6 to log into the banking authentication website.
In a next step the online transaction, which may be e.g. a money transfer from the end-user's bank account to the bank account of a recipient, can be initiated by using the PC 4 to transfer the transaction data via the Internet to the bank. The transaction data transfer between the end-user's PC 4 and the bank may be performed via an https (HyperText Transfer Protocol Secure) Internet data connection.
After having received the transaction data, the bank sends the transaction data to the end-user's mobile phone 6 for authentication. An https 3G network connection may be established between the bank and the end user's mobile phone 6 and the channel may be secured by employing PKI certificates. The mobile phone 6 displays the transaction, i.e. all important transaction information including (in case of a money transfer) the recipient, the amount and the account numbers.
After having checked the correctness of the transaction data the end-user can authenticate the transaction on his mobile phone 6. The transaction authentication is again performed via an encrypted channel under employment of PKI certificates. According to the specific embodiment illustrated in Fig. 1 , an https 3G network channel is established between the bank transaction server and the user's mobile phone 6. To add additional security numbered TANs, OTPs or similar means may be offered by the bank and may be employed for securing the transaction authentication.
After having received the user's acknowledgement, the bank authorizes the transaction and informs both the user's mobile phone 6 and the PC 4 employed by the user for transaction initiation. Both the mobile phone 6 and the PC 4 inform the user that the transaction completed successfully.
Fig. 2 illustrates another embodiment according to the invention in which only one physical channel is established between the two transaction parties 1 , 2. Like numerals are used for like components with respect to the embodiment of Fig. 1.
In a setup phase the bank gives two sets of login/authentication information to the user: the first set of information is intended for transaction initiation with the PC 4 employed by the user, whereas the second set of information is intended for transaction authentication. Again, these sets of information are to be either handed out directly at the bank office or sent separately by postal mail service. The second set of authentication information includes PKI certificates, one containing the bank's public key and another one containing the user's private key. These certificates are to be installed on the user's mobile device 6. Again, instead of a mobile device 6 any device can be used as long as it supports an interface for communication with the PC 4 as described in more detail below. No device specific information has to be registered with the bank.
In a first step of a transaction phase the user logs onto the banking website using a PC 4, e.g. a PC in an Internet-Cafe. It is again pointed out that the user may employ any other device which is enabled to establish a connection with the banking website, for instance a laptop on a public hotspot. In addition, it is again pointed out that the device employed by the user for transaction initiation might be affected by viruses, Trojans, windows, etc.
As already described in connection with the embodiment shown in Fig. 1 , the user employs a separate device, i.e. his mobile phone 6, for transaction authentication. However, in contrast to the embodiment shown in Fig. 1 the connection between the user's mobile phone 6 and the bank is realized in a different way by using only one physical channel. As shown schematically in Fig. 2, both the PC 4 employed by the user and the user's mobile device 6 support NFC technology and include each an NFC reader 7. NFC technology is preferred compared to Bluetooth, Infrared or similar technologies, as NFC offers a minimal, well-defined interface over which infection is unlikely. The interaction between the user's mobile device 6 and the PC 4 employed by the user by means of NFC technologies is very simple and can be secured easily, as NFC technology can only be used within a distance in the centimetre range.
After logging onto the banking website with the PC 4, the user places his mobile device 6 in a close vicinity to the PC's 4 NFC reader 7. The PC 4 then offers the mobile device 6 connectivity, allowing it to connect to the banking website and set up a secured tunnel. More specifically, a tunnelled https NFC connection is established between the user's mobile device 6 and the PC 4 and a tunnelled https data connection is established between the PC 4 and the bank. The system is configured as to allow no other data transmission between the user's mobile device 6 and the PC 4 than absolutely necessary for the process of tunnel establishment. By this means the risk of mutual infection is minimized as far as possible.
Based on the connectivity offered by the PC 4, the user's mobile device 6 opens an encrypted tunnel to the banking website which is authenticated and secured using PKI certificates installed on the user's mobile device 6 in the setup phase as described above. Once the tunnel is established via NFC and the PC's 4 Internet connection, the transaction setup/initiation can be performed. The transaction initiation includes transferring the transaction data from the PC 4 via the Internet to the bank.
For authentication, the bank sends the transaction data to the user's mobile device 6 using the secure tunnel. As already described in connection with Fig. 1 , the user's mobile device 6 displays the relevant transaction data to the user. The user can check the correctness of the transaction data and can authenticate the transaction on his mobile device 6 using e.g. a TAN or any other method the bank offers. The TAN is transmitted from the mobile device to the bank over the secured tunnel.
In a last step the bank authorizes the transaction and informs both the user's mobile device 6 and the PC 4 employed by the user. Both mobile device 6 and PC 4 inform the user that the transaction completed successfully.
Fig. 3 illustrates schematically the trust relationships between the components which are involved in a method according to the invention. The components include on the one hand a transaction server operated by the first transaction party 1 which for the sake of simplicity is referred to as bank. On the other hand, the components include the devices operated by the second transaction party 2 which for the sake of simplicity is referred to as user. On the side of the user two components are involved, namely a first Internet-capable device 3 which is referred to as PC 4, and a second Internet-capable device 5 which is referred to as the user's mobile phone 6.
The first relationship to be considered is the one between the PC 4 employed by the user for transaction initiation and the user's mobile phone 6 used for transaction authentication. According to the embodiment described in connection with Fig. 1 , there is no relationship at all between these two components as they do not communicate with each other. In the embodiment described in connection with Fig. 2, the PC 4 forwards traffic between the bank and the user's mobile phone 6. The data forwarded by the PC 4 is secured in a tunnel established between the bank and the user's mobile phone 6. Consequently, the PC 4 cannot eavesdrop on the data and any change would be detected. Thus, no trust is needed on this link.
The next link to be considered is the one between the PC 4 employed by the user for transaction initiation and the bank or, more precisely, the bank's transaction server. The web browser running on the PC 4 communicates with the bank, which should be handled in a secure way. However, on this link transactions are only initiated, i.e. the transaction data is transmitted from the PC 4 to the bank. As according to the invention transaction authentication is performed with another device via a separate secured channel, even if the link between the PC 4 and the bank or the PC 4 itself was hacked only privacy is endangered, whereas the security of the transaction is not affected. Insofar, the link between the PC 4 and the bank can be regarded as a semi-trusted relationship.
The last relationship to be considered is the relationship between the bank and the user's mobile phone 6. On this link transactions are authenticated. Thus, high trust is necessary and only encrypted and authenticated methods for data exchange over this link are employed. However, even if the security on the link is broken while the PC 4 is secure, the transaction initiated at the PC 4 is transmitted correctly to the bank. On the broken link between the bank and the user's mobile phone 6 the bank asks for authentication for the transaction. An attacker can not change the transaction on the broken link; he could just block an authentication.
In the following several forms of attacks and their consequences on a system according to the invention will be described.
First, Man-in-the-Middle attacks are considered. In these kinds of attacks an attacker succeeded in gaining complete control over the data traffic between two communication partners, i.e. the attacker can perceive and manipulate the exchanged information. As according to the invention, the transaction communication is divided into two separate branches, an attacker would need to be situated between both channels used for communication to execute a successful Man-in-the-Middle attack. The probability of such an attack can therefore be considered negligible.
As regards phishing attacks, the attacker must acquire both sets of login/authentication information to make attacks using phished data possible. In case of an additional protection by means of TANs or OTPs, the attacker must furthermore retrieve a sufficiently large amount of TANs or crack the OTP system. This can easily be avoided by the user being sufficiently careful.
If one device, i.e. either the PC 4 or the user's mobile phone 6, is infected by Trojans, viruses or similar infections, any possible manipulation is easily recognizable. Only if both devices 4, 6 are infected by Trojans and the Trojans can communicate with each other and the Trojans are able to associate each other as being used for the same transaction, the current online transaction can be manipulated successfully. However, in an embodiment as described in connection with Fig. 1 there is no communication between the PC 4 employed for transaction initiation and the user's mobile phone 6. In an embodiment as described in connection with Fig. 2, a well-defined minimal interface is used for communication between PC 4 and mobile device 6, thus making mutual infection over this channel highly unlikely. As different hardware, software and operating systems can be assumed, mutual infection becomes even more unlikely. Insofar, mutual infection of both used devices can be considered as carelessness of the user.
Replay attacks can be avoided by using https connections both for direct connections as well as for tunnelled connections, as the encryption scheme used for https is resistant against replay attacks.
Many modifications and other embodiments of the invention set forth herein will come to mind the one skilled in the art to which the invention pertains having the benefit of the teachings presented in the foregoing description and the associated drawings. Therefore, it is to be understood that the invention is not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims

C l a i m s
1. Method for executing online transactions between a first transaction party (1 ), in particular a financial institution, and a second transaction party (2), in particular an end-user, wherein said second transaction party (2) employs a first Internet-capable device (3) for establishing a connection with said first transaction party (1) and for initiating the transaction by transferring transaction data to said first transaction party (1), c h a r a c t e r i z e d i n that the method comprises the following steps: said first transaction party (1) transmits the transaction data to a second
Internet-capable device (5) which is operated by said second transaction party (2) and which is registered with said first transaction party (1 ), and said second transaction party (2) employs said second Internet-capable device (5) for authenticating the transaction using authentication data provided by said first transaction party (1 ).
2. Method according to claim 1 , wherein said first transaction party (1) provides two sets of authentication data, data from the first set of authentication data being employed by said first Internet-capable device (3) to log into the first transaction party's (1) website, and data from the second set of authentication data being employed by said second Internet-capable device (5) for transaction authentication.
3. Method according to claim 1 or 2, wherein the transaction data are transferred from said second transaction party (2) to said first transaction party (1) via an Internet data connection.
4. Method according to claim 3, wherein said Internet data connection is SSL (Secure Sockets Layer) secured.
5. Method according to any of claims 1 to 4, wherein the communication between said first transaction party (1) and said second Internet-capable device (5) is performed via an encrypted channel.
6. Method according to any of claims 1 to 5, wherein PKI (Public Key Infrastructure) certificates are employed for encrypting the communication between said first transaction party (1) and said second Internet-capable device (5).
7. Method according to any of claims 1 to 6, wherein the communication between said first transaction party (1) and said second Internet-capable device (5) is performed by means of a wireless network connection.
8. Method according to claim 7, wherein said wireless network connection is SSL (Secure Sockets Layer) secured.
9. Method according to any of claims 1 to 8, wherein the communication between said first transaction party (1) and said second Internet-capable device (5) is performed via said first Internet-capable device (3) by means of a tunnel.
10. Method according to claim 9, wherein the tunnel is established in form of a tunnelled SSL secured data connection.
11. Method according to any if claims 1 to 10, wherein a short range broadcast connection is established for communication between said first Internet-capable device (3) and said second Internet-capable device (5).
12. Method according to claim 11 , wherein NFC (Near Field Communication) technology, RFID (Radio Frequency IDentification), Bluetooth, or Infrared technology is used to establish the short range broadcast connection between said first Internet-capable device (3) and said second Internet-capable device (5).
13. Method according to claims 11 or 12, wherein the connection between said first Internet-capable device (3) and said second Internet-capable device (5) is established in form of a tunnelled SSL secured NFC connection.
14. Method according to any of claims 1 to 13, wherein the transaction authentication by means of said second Internet-capable device (5) is performed by using a TAN (Transaction Number) or an OTP (One-Time Password).
15. Method according to any of claims 1 to 14, wherein the transaction data are displayed on said second Internet-capable device (5).
16. Method according to any of claims 1 to 15, wherein the transaction data in case of a remittance includes an identification of the recipient of the transfer, the account numbers of the involved parties, and the amount of the money to be transferred.
17. Method according to any of claims 1 to 16, wherein said first transaction party (1), after having received the transaction authentication from said second Internet-capable device (5), authorizes the transaction.
18. Method according to any of claims 1 to 17, wherein said first transaction party (1) sends a message to said first Internet-capable device (3) and to said second Internet-capable device (5) informing them about the transaction authorization.
19. System for executing online transactions between a first transaction party (1), in particular a financial institution, and a second transaction party (2), in particular an end-user, preferably for performing a method according to any of claims 1 to 18, the system comprising a first Internet-capable device (3) employed by said second transaction party (2) for establishing a connection with said first transaction party (1) and for initiating the transaction by transferring transaction data to said first transaction party (1), c h a r a c t e r i z e d i n that the system further comprises a second Internet-capable device (5) which is operated by said second transaction party (2) and which is registered with said first transaction party (1), said second Internet- capable device (5) being configured to receive the transaction data forwarded by said first transaction party (1) and being further configured to authenticate the transaction using authentication data provided by said first transaction party (1).
20. System according to claim 19, wherein said first Internet-capable device (3) is a PC (4), a laptop, a client computer system, or a workstation.
21. System according to claim 19 or 20, wherein said second Internet-capable device (5) is a mobile phone (6), a PDA, or a Smartphone.
22. System according to any of claims 19 to 21 , wherein said first Internet- capable device (3) and said second Internet-capable device (5) include an interface for wireless communication with each other.
23. System according to any of claims 19 to 22, wherein said first Internet- capable device (3) and said second Internet-capable device (5) each include an NFC reader (7).
PCT/EP2008/004628 2008-06-10 2008-06-10 Method and system for executing online transactions WO2009149723A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2008/004628 WO2009149723A1 (en) 2008-06-10 2008-06-10 Method and system for executing online transactions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2008/004628 WO2009149723A1 (en) 2008-06-10 2008-06-10 Method and system for executing online transactions

Publications (1)

Publication Number Publication Date
WO2009149723A1 true WO2009149723A1 (en) 2009-12-17

Family

ID=40290971

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/004628 WO2009149723A1 (en) 2008-06-10 2008-06-10 Method and system for executing online transactions

Country Status (1)

Country Link
WO (1) WO2009149723A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015160711A1 (en) 2014-04-15 2015-10-22 Alibaba Group Holding Limited Service authorization using auxiliary device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020178122A1 (en) * 2001-05-23 2002-11-28 International Business Machines Corporation System and method for confirming electronic transactions
US20030128822A1 (en) * 2000-06-22 2003-07-10 Mika Leivo Arrangement for authenticating user and authorizing use of secured system
GB2397731A (en) * 2003-01-22 2004-07-28 Ebizz Consulting Ltd Authenticating a user access request to a secure service over a primary communication channel using data sent over a secondary communication channel
EP1455317A2 (en) * 2003-03-05 2004-09-08 Ming-Ching Shiu Method for securing card transactions by using mobile device
US20070235539A1 (en) * 2006-04-05 2007-10-11 Jarkko Sevanto Mobile device with near field communication module and secure chip

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030128822A1 (en) * 2000-06-22 2003-07-10 Mika Leivo Arrangement for authenticating user and authorizing use of secured system
US20020178122A1 (en) * 2001-05-23 2002-11-28 International Business Machines Corporation System and method for confirming electronic transactions
GB2397731A (en) * 2003-01-22 2004-07-28 Ebizz Consulting Ltd Authenticating a user access request to a secure service over a primary communication channel using data sent over a secondary communication channel
EP1455317A2 (en) * 2003-03-05 2004-09-08 Ming-Ching Shiu Method for securing card transactions by using mobile device
US20070235539A1 (en) * 2006-04-05 2007-10-11 Jarkko Sevanto Mobile device with near field communication module and secure chip

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015160711A1 (en) 2014-04-15 2015-10-22 Alibaba Group Holding Limited Service authorization using auxiliary device
CN105099673A (en) * 2014-04-15 2015-11-25 阿里巴巴集团控股有限公司 Authorization method, authorization requesting method and devices
EP3132342A4 (en) * 2014-04-15 2017-11-15 Alibaba Group Holding Limited Service authorization using auxiliary device
US10659454B2 (en) 2014-04-15 2020-05-19 Alibaba Group Holding Limited Service authorization using auxiliary device
CN112134708A (en) * 2014-04-15 2020-12-25 创新先进技术有限公司 Authorization method, authorization request method and device

Similar Documents

Publication Publication Date Title
EP3175578B1 (en) System and method for establishing trust using secure transmission protocols
US20190238531A1 (en) Method for secure user and transaction authentication and risk management
EP2834729B1 (en) Secure authentication in a multi-party system
CN104838629B (en) Use mobile device and the method and system that are authenticated by means of certificate to user
US8789153B2 (en) Method for secure user and transaction authentication and risk management
US9530165B2 (en) Financial transaction system
US20120066749A1 (en) Method and computer program for generation and verification of otp between server and mobile device using multiple channels
Mizuno et al. Authentication using multiple communication channels
EP3662430B1 (en) System and method for authenticating a transaction
WO2001084761A1 (en) Method for securing communications between a terminal and an additional user equipment
US10404475B2 (en) Method and system for establishing a secure communication tunnel
CN102577301A (en) Method and apparatus for trusted authentication and logon
US20190281053A1 (en) Method and apparatus for facilitating frictionless two-factor authentication
CN104767740A (en) User platform credible authentication and access method
GB2573394A (en) Crypto SIM and method therefor
JP5186648B2 (en) System and method for facilitating secure online transactions
Me et al. A mobile based approach to strong authentication on Web
US20240005312A1 (en) Multi-Factor User Authentication Using Blockchain Tokens
EP2940618A1 (en) Method, system, user equipment and program for authenticating a user
WO2009149723A1 (en) Method and system for executing online transactions
KR20140029067A (en) Methods and apparatus for electronically identifying personal identity
KR101493057B1 (en) Method for Providing One Time Code
Mumtaz et al. Strong authentication protocol based on Java Crypto chips
Schuba et al. Internet id-flexible re-use of mobile phone authentication security for service access
Mumtaz et al. Strong Authentication Protocol based on Java Crypto Chip as a Secure Element

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08759151

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08759151

Country of ref document: EP

Kind code of ref document: A1