WO2012038885A2 - Procédé et système d'authentification - Google Patents

Procédé et système d'authentification Download PDF

Info

Publication number
WO2012038885A2
WO2012038885A2 PCT/IB2011/054105 IB2011054105W WO2012038885A2 WO 2012038885 A2 WO2012038885 A2 WO 2012038885A2 IB 2011054105 W IB2011054105 W IB 2011054105W WO 2012038885 A2 WO2012038885 A2 WO 2012038885A2
Authority
WO
WIPO (PCT)
Prior art keywords
code
valid
serial
item
authentication
Prior art date
Application number
PCT/IB2011/054105
Other languages
English (en)
Other versions
WO2012038885A3 (fr
Inventor
Kuocheng Parng
Michael Full
Original Assignee
Specialdeals.Com Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Specialdeals.Com Inc. filed Critical Specialdeals.Com Inc.
Publication of WO2012038885A2 publication Critical patent/WO2012038885A2/fr
Publication of WO2012038885A3 publication Critical patent/WO2012038885A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Definitions

  • This invention relates to a method and system for authentication, and in particular relates to a method and system for authentication using a serial code.
  • the present invention in one aspect, is a system comprising a serial code generator for generating at least one valid serial code based on a predefined rule.
  • Each serial code comprises a unique identifier and a key code, and the predefined rule determines a valid key code to the unique identifier.
  • the system also comprises an authentication module connected to the serial code generator, for assigning each valid serial code to an item to be authenticated.
  • the system further comprises an authentication list generator connected to the authentication module for generating an authentication list, the list comprising the valid serial codes.
  • the authentication list is provided to an authenticator before the valid serial codes are assigned. This system allows the authenticator to authenticate the item by referring to the authentication list, independent to the item.
  • the unique identifier of the serial code is provided in a sequential order.
  • the key code of the serial code comprises a string of characters.
  • the serial code further comprises a verification code.
  • the predefined rule determines at least one valid verification code based on an action performed towards the item.
  • the valid verification code is generated upon performing the action.
  • the action is an amount paid.
  • a method for authentication is disclosed.
  • the method first generates at least one valid serial code based on a predefined rule.
  • Each serial code comprises a unique identifier and a key code, and the predefined rule determines a valid key code to the unique identifier.
  • the method then generates an authentication list comprising the valid serial codes, and provides the authentication list to an authenticator.
  • the method assigns the each valid serial code to an item to be authenticated. This method allows the authenticator to authenticate the item by referring to the authentication list, independent to the item.
  • the step of generating the valid serial codes further generates at least one decoy serial code.
  • the decoy serial code is not valid and is not assigned to any item.
  • the decoy serial codes are included in the authentication list.
  • the serial codes are pre-generated before assigning the serial codes, or at least before the assignment is active or valid.
  • the authenticator does not need to know what the item is when he receives the authentication list.
  • the sequential order of the identifier allows easy lookup by the authenticator, and the decoy serial codes prevent the authenticator himself to cheat if the item to be authenticated is of monetary value.
  • Another advantage of the present invention is that the verification code provides a second mechanism for authentication separate from the key code, even though both are made up of characters. This allows improved effectiveness of the authentication method in relatively simple items, for example printed vouchers or tickets.
  • FIG. 1 is a flow chart of a method for authentication according to an embodiment of the present invention.
  • FIG. 2 is a block diagram of a system for authentication according to an embodiment of the present invention.
  • Fig. 3a and 3b are exemplary serial codes according to different embodiments of the present invention.
  • Fig. 4 is an exemplary authentication list for serial codes, according to an embodiment of the present invention.
  • Fig. 5 is an exemplary authentication list for verification codes, according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • Couple or “connect” refers to electrical coupling or connection either directly or indirectly via one or more electrical means unless otherwise stated.
  • “Character” means any character that can be input into a computer and can be printed physically or electronically.
  • the method and system of the present invention may be applied to many industries, including transportation, logistics, telecommunication and manufacturing industries. Various examples will be described herein to illustrate the use and operation of the present invention in various industries.
  • authentication means a person that authenticates an item.
  • Fig. 1 shows a flow chart of a method of authentication according to a first embodiment of the present invention.
  • step 100 at least one valid serial code is generated based on a predetermined rule.
  • a serial code comprises two fields, namely a unique identifier and a key code. Since the identifier is unique, each serial code is also unique and will never repeat itself. Whether a serial code is valid is determined by the key code to the unique identifier, as determined by the predefined rule.
  • each unique identifier has only one valid key code, although it is known to one skilled in the art that any number of valid key codes is possible.
  • an authentication list is generated.
  • the authentication list comprises all valid serial codes as determined above.
  • the authentication list has all valid serial codes sorted in a predetermined way such that the valid serial codes can be looked up conveniently.
  • the authentication list is then provided to an authenticator in step 104.
  • each of the pre-generated valid serial codes is assigned to one of the items to be authenticated.
  • the number of valid serial codes assigned may be the same or less than that in the authentication list. In other words, a maximum number of valid serial codes is decided in step 100, or else the authenticator is unable to look up the authentication list when authenticating the item.
  • the authenticator does not need to know whether the valid serial codes have been assigned to any items, or the identity of the item if assigned. It follows that the valid serial codes are independent of the item to be authenticated. Alternatively, the valid serial codes are assigned to the items when they are generated in step 100, but the valid serial codes have a validity period where the validity period starts some time after the authenticator receives the authentication list. In both cases, the valid serial codes are called to be pre-generated, as the authentication list is generated before any authentication is performed.
  • a valid serial code is provided to a user when the user obtains the item to be authenticated in an authorized fashion.
  • the user then presents the valid serial code to the authenticator for authentication of the item.
  • the authenticator refers or looks up to the authentication list to find a matching serial code to the valid serial code presented by the user. After finding the matching valid serial code, the authenticator marks the usage of the serial code in the authentication list for future tasks.
  • Fig. 2 shows a block diagram of a system for authentication according to an exemplary embodiment.
  • the system 20 comprises a serial code generator 22, an authentication list generator 24 and an authentication module 26, all interconnected to each other.
  • the serial code generator 22 has the predefined rule stored therewithin, and is used for determining the valid serial codes.
  • the authentication list generator 24 receives the valid serial codes from the serial code generator 22, then generates the authentication list.
  • the same valid serial codes are forwarded to the authentication module 26 for assignment to the items. The assignment can be done before or after providing the authentication list to the authenticator, or can be done before or after generation of the codes.
  • Fig. 3a shows an exemplary serial code according to an embodiment of the present invention.
  • the serial code 28 comprises the unique identifier 30 and the key code 32.
  • the unique identifier 30 has a first part 30a that identifies the item represented by this serial code, and has a second part 30b that is provided in a sequential order.
  • the second part 30b comprises a string of numerals, but it is obvious to one skilled in the art that a string of characters or any string where a sequence can be determined is applicable.
  • the first part 30a is shown as a number in this embodiment, but similarly any kind of identifiable content can be used instead, for example characters, icons, or a combination thereof.
  • a serial code 28 is determined to be valid if both the unique identifier 30 and the key code 32 are identical to a valid serial code.
  • Fig. 3b shows an exemplary serial code according to a further embodiment of the present invention.
  • the serial code 28 also comprises a verification code 34.
  • the verification code 34 differs from the key code 32 in that the verification code 34 is not pre-generated as compared to the key code 32 and other parts of the serial code 28. The operation of the verification code 34 is described in more detail below.
  • a verification code 34 comprises a string of characters. A verification code 34 is determined to be valid if the string of characters includes at least one selected character. That means there is a combination of valid verification codes possible for each pattern of selected characters.
  • the combination of valid verification codes is unable to be entirely included in the authentication list. Rather, the predefined rule, or the pattern of selected characters for a valid verification code is provided with the related action performed.
  • the action performed is preferably one that the authenticator would readily know once looking at the item to be authenticated.
  • the valid verification code Only when the user performs the related action will the valid verification code be generated and appended to the key code 32.
  • the authenticator does not know the actual generated verification code, and can only determine the authenticity of the item by first determining the action performed, then looking up the authentication list to check whether the verification code presented by the user includes the selected characters for the action performed.
  • the validity of a verification code 34 is also determined based on a part of the key code 32, such as a last character, in addition to the action performed.
  • the valid verification code is provided with the part of the key code 32 and the action performed in the authentication list in a matrix or table format.
  • the item to be authenticated is a voucher for redemption of goods or services.
  • the authenticator in this case is a merchant selling the goods or providing the services, and the user is a customer of the merchant.
  • a predetermined number of valid serial codes are pre-generated at the serial code generator as the merchant desires.
  • the authentication list is then generated and provided to the merchant.
  • the merchant may decide the goods or service that is to be the subject of the voucher before or after receiving the authentication list or even before the valid serial codes are generated, and may also set a validity period for the voucher.
  • the voucher is available for sale to the customer.
  • the valid serial code assigned to the voucher is provided to the customer.
  • the customer purchases the voucher through a customer terminal such as a personal computer or mobile device which is connected to an authentication server, in turn connected to the serial code generator.
  • the serial code provided to the customer can be in sequential order of the key code, or can be issued randomly.
  • the merchant If the serial code is valid, the merchant then provides the goods or service to the customer based on the voucher. The merchant at the same time marks on the authentication list that the serial code has been used, as each valid serial code is unique and therefore should be only used once. The merchant then updates the authentication server with the information to receive payment for the redeemed voucher. The customer can also update the authentication server in another embodiment.
  • the merchant is able to authenticate a voucher either in physically printed format or in electronically printed format, which is not feasible for other authentication devices such as barcode scanner.
  • An electronic voucher can simply be a voucher displayed on the customer's mobile device such as mobile phone or portable computer.
  • serial codes are easier for the merchant to authenticate in places where a barcode scanner is not available, for example there may be situations where the payment occurs on delivery of the goods or service, and the location of the payment may not be in a shop or at a counter.
  • Fig. 4 shows an exemplary authentication list of the above embodiment.
  • the first part 30a of the identifier 30 is a deal number that identifies the goods or services, e.g. "01”
  • the second part 30b is a number generated from one to the predetermined number as mentioned above.
  • the key code 32 is a string of numerals of four digits.
  • the authentication list also comprises at least one decoy serial code in addition to the valid serial codes.
  • the decoy serial code has a same format as the other serial codes, but the decoy serial code is not valid in the sense that the decoy serial code is not assigned to any item to be authenticated, or in this case, voucher.
  • the total number of serial codes in the authentication list as such is greater than the predetermined number, as there should be a predetermined number of valid serial codes with the decoy serial codes. Using the example as shown in Fig. 4, there may be 120 valid serial codes and 13 decoy serial codes among the 133 serial codes listed. The percentage or number of decoy serial codes is determined by the serial code generator.
  • the decoy serial codes are used to prevent the merchant from redeeming the vouchers by cheating. If the merchant tries to redeem a decoy voucher on the authentication server, the authentication server will be alerted and will act accordingly. Similarly, the decoy serial codes can also be used to prevent customer fraud when the customer tries to redeem the decoy serial code at a merchant or at the authentication server.
  • the verification code 34 is also included in the serial code.
  • the aforementioned action for generating the verification code is paying a certain amount for purchasing the voucher.
  • the valid serial code with the valid verification code is provided to the customer when the customer purchases the voucher.
  • the verification code generated can be based on the value of the item which is the subject of the voucher.
  • a table of the selected characters 36 for valid verification codes in the authentication list is shown.
  • the selected characters 36 are determined based on the amount paid by the customer for purchasing the voucher in groups of five dollars, and also based on the last digit of the key code 32 (as shown in Fig. 4).
  • the selected characters 36 in this case are two alphabets.
  • the verification code 34 (as shown in Fig. 3b) is generated and provided to the customer, the verification code contains three characters.
  • the verification code is deemed to be valid if the verification code contains the two selected characters in any order. In other embodiments, the two selected characters may have to be in the order as shown in the table.
  • the item to be authenticated is a train ticket or a sports game ticket.
  • the gatekeeper is the authenticator in this case, and the user is either a passenger for the train or a spectator for the sports game.
  • the predetermined number of valid serial codes generated can be based on the capacity of the train or the available seats of the stadium.
  • the valid serial code is provided to the user.
  • the identifier of the serial code may identify by the train route or the game detail.
  • the verification code may be based on the same conditions as the above example, i.e. payment amount for the ticket and last digit of the key code.
  • the present invention allows the gatekeeper to easily identify any fake tickets where in many circumstances the gates themselves do not have electrical connection.
  • the decoy serial codes may not be needed as the entire value of the ticket is paid beforehand, and there is no incentive for the gatekeeper or any party to take advantage of any decoy serial code.
  • the item to be authenticated is a key card for entering a protected area.
  • the user logs on to the authentication server through a user device to obtain the key card.
  • the identifier can identify by different areas.
  • the login name and other information can be used as a condition to determine the valid verification code.
  • Such system is useful for generating temporary key cards, where the user no longer needs to be at the responsible office for obtaining the key card. This helps spread the work load of the office and increases the efficiency of the workers in performing other tasks.
  • the serial codes may have a valid period, for example a one-day pass is only valid for one day.
  • the authentication list can be provided to the authenticator in a printed format or an electronic format.
  • a printed format allows the list to be used in places where internet connections are not available, while an electronic format allows an authenticator to easily mark the authentication list to update the current status thereof.
  • vouchers are used just as an example. Other examples include certificates, options for services or items, or other items that can be redeemed for something with monetary value.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
  • Collating Specific Patterns (AREA)

Abstract

La présente invention concerne un procédé et un système d'authentification. Au cours d'une première étape, le procédé produit au moins un code en série valide sur la base d'une règle prédéfinie. Chaque code en série comprend un identifiant unique et un code clé. La règle prédéfinie détermine un code clé valide pour l'identifiant unique. Au cours d'une deuxième étape, le procédé produit une liste d'authentification comprenant les codes en série valides. Lors d'une troisième étape, il transmet la liste d'authentification à un dispositif d'authentification. Lors de la dernière étape, le procédé attribue chaque code en série valide à un élément devant être authentifié. Ce procédé permet au dispositif d'authentification d'authentifier l'élément, indépendamment de ce dernier, en référence à la liste d'authentification.
PCT/IB2011/054105 2010-09-20 2011-09-20 Procédé et système d'authentification WO2012038885A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US40364610P 2010-09-20 2010-09-20
US61/403,646 2010-09-20

Publications (2)

Publication Number Publication Date
WO2012038885A2 true WO2012038885A2 (fr) 2012-03-29
WO2012038885A3 WO2012038885A3 (fr) 2012-05-24

Family

ID=45874213

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2011/054105 WO2012038885A2 (fr) 2010-09-20 2011-09-20 Procédé et système d'authentification

Country Status (1)

Country Link
WO (1) WO2012038885A2 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005059793A1 (fr) * 2003-12-01 2005-06-30 Hyungmin Kim Systeme de reglement electronique et methode faisant appel a un numero de serie comprenant une identification de logiciel, de contenu ou d'informations electroniques et support d'enregistrement lisible par ordinateur pour un programme d'enregistrement destine a mettre en oeuvre ladite methode
US20080114650A1 (en) * 2006-11-15 2008-05-15 Gmarket Inc. Online coupon distribution method
US20100231932A1 (en) * 2006-07-10 2010-09-16 De La Rue International Limited Document including data suitable for identification and verification

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005059793A1 (fr) * 2003-12-01 2005-06-30 Hyungmin Kim Systeme de reglement electronique et methode faisant appel a un numero de serie comprenant une identification de logiciel, de contenu ou d'informations electroniques et support d'enregistrement lisible par ordinateur pour un programme d'enregistrement destine a mettre en oeuvre ladite methode
US20100231932A1 (en) * 2006-07-10 2010-09-16 De La Rue International Limited Document including data suitable for identification and verification
US20080114650A1 (en) * 2006-11-15 2008-05-15 Gmarket Inc. Online coupon distribution method

Also Published As

Publication number Publication date
WO2012038885A3 (fr) 2012-05-24

Similar Documents

Publication Publication Date Title
EP2248083B1 (fr) Procédé d'authentification
JP5279379B2 (ja) 認証システム及び認証方法
JP2005521961A (ja) クレジットカードおよびデビットカードの安全な取引のためのシステムと方法
US20160034940A1 (en) Restricted use consumer coupon and method using same
US20090055296A1 (en) Systems and methods for electronic delivery of stored value
US20070276736A1 (en) Transaction processing
JP6248127B2 (ja) デジタル取引方法および装置
WO2001084473A1 (fr) Procedes et dispositifs d'authentification, d'attribution de code barres d'authentification, et terminal portable
AU2006318892A1 (en) Electronic vouchers
JP2002133299A5 (fr)
JP2016136665A (ja) 動的認証システム、動的認証方法、動的認証用読取装置、ユーザー端末装置、及び動的認証プログラム
NL2008296C2 (en) Method and system for verifying scannable codes, and code for use therein.
US20090077382A1 (en) Method for the preparation of a chip card for electronic signature services
US20040039709A1 (en) Method of payment
WO2012038885A2 (fr) Procédé et système d'authentification
US20080120179A1 (en) Method Of Commerce
JP2002189970A (ja) 電子ポイント管理システム
KR20090053876A (ko) 통신망(인터넷, 와이브로, 등 인터넷을 사용할 수 있는 모든 망)에서, 일회성 식별 번호 또는 신용카드를 도구로 하여, 사용 가능한 모든 할인 쿠폰을 사용하기 위한 구조와 그 방법
EP1564667A1 (fr) Système et procédé de validation de bons électroniques
WO2011058376A1 (fr) Système d'authentification de paiement et procédé de traitement
AU2004312730B2 (en) Transaction processing system and method
Conejero-Alberola et al. A selective privacy-preserving identity attributes protocol for electronic coupons
US20160092667A1 (en) System and method for utilizing and replacing anonymous recognition cards
JP2017215938A (ja) 電子チケット管理システム、電子チケット管理装置、電子チケット管理方法および電子チケット管理プログラム
WO2017176133A1 (fr) Procédé, système et dispositif de gestion de paiements sans numéraire avec un instrument de paiement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11826486

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11826486

Country of ref document: EP

Kind code of ref document: A2