WO2014165948A1 - Method and terminal for accessing to e-services using a secure code - Google Patents

Method and terminal for accessing to e-services using a secure code Download PDF

Info

Publication number
WO2014165948A1
WO2014165948A1 PCT/BG2013/000015 BG2013000015W WO2014165948A1 WO 2014165948 A1 WO2014165948 A1 WO 2014165948A1 BG 2013000015 W BG2013000015 W BG 2013000015W WO 2014165948 A1 WO2014165948 A1 WO 2014165948A1
Authority
WO
WIPO (PCT)
Prior art keywords
matrix
keyboard
code
syllabuses
user
Prior art date
Application number
PCT/BG2013/000015
Other languages
French (fr)
Inventor
Georgiev Stoyan BALABANOV
Original Assignee
Balabanov Georgiev Stoyan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Balabanov Georgiev Stoyan filed Critical Balabanov Georgiev Stoyan
Priority to PCT/BG2013/000015 priority Critical patent/WO2014165948A1/en
Publication of WO2014165948A1 publication Critical patent/WO2014165948A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • G07F7/1041PIN input keyboard gets new key allocation at each use
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN

Definitions

  • the invention is related to machine terminals. More precisely the invention is related to machines which use a terminal and use one and the same access. method.
  • ATM Automated teller machines
  • Internet bank operations by customers for implementing bank transactions with financial institutions from faraway places in the whole world.
  • the customers of the banks for access to their accounts through various technologies (including ATMs and terminals for internet banking), in order for them to make business and receive confidential information for their accounts.
  • the financial institution sends each customer of the bank a personal identification number or the so-called PIN code.
  • the customer of the bank enters the PIN code on the keyboard operatively connected to a card reader or other device which reads user identification data magnetically encoded from a check or ATM card, credit card, etc.
  • the PIN code and the user information afterwards are transferred via the network to the financial institution which checks whether the information is true.
  • the bank customers After an inspection of the PIN code of the customer of the bank and the user information, the bank customers are allowed to make business with the financial institution.
  • the ⁇ code entered by the user is the same as the identification number issued to the authorized user kept in the database system, the user is verified as authorized and the transaction is allowed.
  • the guarantees presented by these operations are related with holding the bank card issued to the user, knowing the ⁇ code as well as one request for an amount limited by the balance of the account.
  • this security system is sufficient for preventing unauthorized access to the account but unfortunately the unauthorized access to protected resources became a problem for billions.
  • the solution to this problem is hidden in understanding the weaknesses of the existing systems and the methods for their effective removal as at the same time the simplicity, the safety, and efficiency are preserved.
  • the swindler After the user leaves the ATM, the swindler checks the fingerprints, finds the numbers pressed by the user because the keys and the numbers are always shown on the same position of the ATM.
  • the virtual keyboard of this invention deals with these other limitations which ensure a compact image of the keyboard on the screen of the ATM terminal aiming at preventing a fraud after the security password is entered as described in the previous paragraphs.
  • A discloses a fraud-proof keyboard for an automatic banking terminal suitable for preventing the keys pressed on the keyboard by the person using the terminal during a bank operation from being detected and used to trace the personal identification code or other confidential user data.
  • the keyboard comprises means that automatically and randomly vary, between two successive banking operations, the number and/or symbol associated with each key.
  • [0011] [0011 ]
  • Document DE 4129202 Al discloses a protection circuit for a personal identification number keypad, which uses a number of keys to enter PIN value, with indicated values varying in pseudo-random manner.
  • characters of each key are positioned relative to the characters on adjacent keys so as to form a QWERTY or DVORAK layout.
  • a discloses a radiophone comprising a user interface and a controller unit connected to the user interface, the user interface comprising a display and a keypad having at least one operation key whose function is controlled by the controller nut and is displayed in a predetermined area of the display.
  • the function of said at least one operation key is displayed in a predetermined area of the display.
  • the radiophone is capable of assuming a plurality of states in which a group of predetermined actions associated with the state concerned may be performed by said at least one operation key.
  • the controller unit displays one of said group of actions as a default function in the predetermined area of the display.
  • Document EP 0844778 B l A discloses an intelligent key, whose functionality varies according to the radiophone status. Accordingly, the result originated by pressing the key while the phone is on a call is different from the one originated, for instance, by pressing the key while the phone is idle.
  • a method for providing access to e-services through a security access code includes a step for providing a keyboard comprising of a matrix with a certain number of syllabuses as each row of the matrix is numbered and these numbers of the rows on which there are the syllabuses of your code serve for decoding the secret code through which the information is encoded in the picture. All data are shopd in a database -(800). The subsequently picked numbers of the rows correspond to a key for decoding the variable for access.
  • the keyboard of this invention is virtual and it is shown through graphic user interface.
  • the keyboard comprising of a matrix as each member of the matrix is a couple of digits among which there are the real digits of the PIN code.
  • the customer enters the numbers of the rows where his couples of syllabuses are. In each usage the place of the members of the matrix is
  • the virtual keyboard is shown with the assistance of a graphic user interface.
  • each member of the matrix is a sole number among which there are the real digits of the PIN code.
  • the first ten digits from 0 to 9 are shown on the screen on a black background and another ten digits from 0 to 9 are shown on white background next to it.
  • the customer shall enter the numbers of the rows of the first 2 digits on the black background then he enters the numbers of the rows where the other 2 digits of the PIN code are and then enters the numbers of the rows where are the other 2 digits of the PIN code watching the digits on the white background.
  • the virtual keyboard is shown with the help of a graphic user interface.
  • the keyboard comprising of a matrix as each member of the matrix is a couple letter-digit characters among which are the real couples and the secret code. At each usage the places of the members of the matrix is changed.
  • the virtual keyboard is shown with the assistance of a graphic user interface.
  • PICT 0002 shows an example of a keyboard according to one variant of the invention
  • PICT 0003 illustrates one more example of virtual keyboard according to one variant of the invention
  • PICT 0004 illustrates one more example of virtual keyboard according to one variant of the invention
  • PICT 0005 is an illustration of one more example of the virtual keyboard, according to a variant of the invention.
  • PICT 0006 is a hardware keyboard in the invention.
  • PICT 0001 illustrates the graphics of an exemplary method for implementation of the invention.
  • PICT 0007 is a logical matrix.
  • PICT 0008 is a Record from the database.
  • PICT 0009 is a Photo JPG from the database
  • the method of this invention comprises of a virtual keyboard from matrix type with numbered rows as it is illustrated on figures from PICT. 0001 to PICT 0006 on the screen of a terminal or an ATM or any other computer terminal, for example, personal computer or a laptop.
  • PICT 0002 illustrates a keyboard 200, according to a variant of the invention.
  • the keyboard 200 is comprised of a matrix with 4 rows and 5 columns in which the couples of digits are ordered, read from the databases and ordered according to the logical matrix (700).
  • the PIN CODE is 4993.
  • 49 is on a row with number 2
  • 93 is on a row with number 4 which corresponds to member 5 of the logical matrix.
  • the system can endure for quite some time to the key loggers and fding the screens.
  • PICT 0003 illustrates keyboard 300, according to one variant of the invention.
  • the keyboard 300 comprises of a matrix 4 rows and 5 columns in which the sole digits from 0 to 9 are ordered, as in the front of the matrix the digits are shown on a black backgrounds and once more on a white background.
  • the PIN CODE is 4993.
  • 4 is located on a row 3
  • 9 is located on a row 3
  • 9 is on a row indicated with number 2 and 3 on a row with number.
  • PICT 0004 illustrates keyboard 400, according to one variant of the invention.
  • Keyboard 400 comprises of a matrix 4 rows and 5 columns in which the couples letter-digit characters are ordered according to the logical matrix (700)
  • the secret code password is q710YD92 .
  • q7 is located on row number 2
  • 10 is located on a row number 2
  • YD is on a row number 3 and 92 on a row number 1.
  • PICT. 0005 illustrates keyboard 500, according to one variant of the invention.
  • Keyboard 500 is comprised of matrix 5 rows and 6 columns in which the couples of letter-digit characters are ordered according to a logical matrix (700).
  • the secret code of the credit card is equal to
  • the principle is based on each depot having a number and serving a shop with the same number.

Abstract

This invention is a virtual keyboard of matrix type, on which you can enter secret information such as PIN code, number of credit or personal card, password or some secret code following these stages: one matrix with 4 rows and 5 columns appears (the options are 5 X 6 or 6 X 7) next to the matrix "1", "2", "3" and "4" appear which are the numbers of the rows of the matrix. It generates and fills in by specially created database according to one strictly established logical matrix with numbers or letter-digit characters (20 syllabuses or more) among which there are your secret data divided into syllabuses. The user shall enter on the normal keyboard the number indicating the row on which his secret symbols (1, 2, 3, or 4) are or he should click with the mouse on them. The resulted virtual code shall be comprised of the digits "1", "2", "3" or "4" and it shall be deciphered by a special module which establishes whether the code is real and if it is true using a special database of PHANTOM type.

Description

TITLE:
METHOD AND TERMINAL FOR ACCESSING TO E-SERVICES USING A
SECURE CODE
Description:
Technological area of the invention:
[0001] The invention is related to machine terminals. More precisely the invention is related to machines which use a terminal and use one and the same access. method.
History (former condition of the equipment) of the invention:
[0002] computers become more and more popular in everyday life. It becomes clear that the companies in near future will be developed in most of their part in Internet. The
convenience of online shopping and using e-commerce has started to enter our lives. Credit card transactions and ordering goods from the Internet have become very common.
Nevertheless with this convenience the security of the system, the guidelines for identifying and validating the identification of the user are reasonable worries of the main users of the current systems.
[0003] Automated teller machines (ATM) and Internet bank operations by customers for implementing bank transactions with financial institutions from faraway places in the whole world. The customers of the banks for access to their accounts through various technologies (including ATMs and terminals for internet banking), in order for them to make business and receive confidential information for their accounts. For security reasons the financial institution sends each customer of the bank a personal identification number or the so-called PIN code. The customer of the bank enters the PIN code on the keyboard operatively connected to a card reader or other device which reads user identification data magnetically encoded from a check or ATM card, credit card, etc. The PIN code and the user information afterwards are transferred via the network to the financial institution which checks whether the information is true.
After an inspection of the PIN code of the customer of the bank and the user information, the bank customers are allowed to make business with the financial institution.
[0004] On the contemporary market four conditions are significant for access of an authorized user to a protected resource: (1) identification of the authorized user, (2) inspection of the identification of the authorized user, (3) rejecting unauthorized access of the USER and (4) an appropriate level of security for protecting a resource against unauthorized usage. For example when a given user (authorized or not) wishes to withdraw money from an ATM, the bank issuing the card has placed secret data on the magnet strip or microchip which are transferred to the system of the database. In order to ensure that the user is authorized to use the credit card after placing the card in the ATM, the ATM requests from the user to enter a personal identification number (PIN) which is issued only to authorized holder of the credit card. If the ΡΓΝ code entered by the user is the same as the identification number issued to the authorized user kept in the database system, the user is verified as authorized and the transaction is allowed. The guarantees presented by these operations are related with holding the bank card issued to the user, knowing the ΡΓΝ code as well as one request for an amount limited by the balance of the account. On theory this security system is sufficient for preventing unauthorized access to the account but unfortunately the unauthorized access to protected resources became a problem for billions. The solution to this problem is hidden in understanding the weaknesses of the existing systems and the methods for their effective removal as at the same time the simplicity, the safety, and efficiency are preserved.
[0005] As the PIN security system turned into a standard for inspection whether a user of the card systems and cards is authorized, the authorized users have to remember a lot of PIN codes for access to protected resources and services. This problem is solved
to a level writing down the PIN code for easy check-up and kept in a wallet or purse. This is a direct compromise of the security provided by the planned PIN code system and it can lead to unauthorized access if the wallet or the purse is stolen. The problem was discussed on Reminder the licensor for using user fonts, for example Pins ΡΓΝ different, fully dynamic and other security measures which overlap. The access to the Internet and e-commerce with increased level of the requirements for security was changed to an access code with different length of the code and combination of letter-digit characters. A lot of internet sites require access codes from eight or more characters with at least two digits and at least one capital letter.
[0006] There are well familiar methods for guaranteeing the confidentiality of the PIN code of the customer of the bank. For example, outside the fixed keyboards with the advance of the graphic user interface (GUI) technology allows the customer of the bank to enter his PIN code on a keyboard or a sensor screen. The customer of the bank is thus protected as a whole from a potential swindler. The keyboard shown on the terminal is always shown in the same position and with the same location of the keys. As a result, a swindler can observe the moves of the customer of the bank, while entering the ΡΓΝ code and therefore to recognize the entered numbers because the keys and the digits are always on the same position on the screen of the bank terminal.
[0007] In addition some swindlers use fabrics for cleaning the screen before the customer of the bank uses it. This action enables the ΡΓΝ code identification via the fingerprints of the user on the sensor screen after entering it.
After the user leaves the ATM, the swindler checks the fingerprints, finds the numbers pressed by the user because the keys and the numbers are always shown on the same position of the ATM.
[0008] the virtual keyboard of this invention deals with these other limitations which ensure a compact image of the keyboard on the screen of the ATM terminal aiming at preventing a fraud after the security password is entered as described in the previous paragraphs.
[0009] references to previous techniques do not show or offer solution for a security keyboard as being described for this invention.
[0010] Document WO 98/27518 A Numero de publication EP1599786 B l
inventeurs:c/o Praca Alf. Egy. Souza Aranha R. A. de JONGH
A discloses a fraud-proof keyboard for an automatic banking terminal suitable for preventing the keys pressed on the keyboard by the person using the terminal during a bank operation from being detected and used to trace the personal identification code or other confidential user data. The keyboard comprises means that automatically and randomly vary, between two successive banking operations, the number and/or symbol associated with each key. [0011] [0011 ]Document DE 4129202 Al discloses a protection circuit for a personal identification number keypad, which uses a number of keys to enter PIN value, with indicated values varying in pseudo-random manner. [0012] The keyboards of both documents WO 98/27518 and DE 4129202 Al
Numero de publication EP1599786 Bl
Inventeurs c/o Praca Alf. Egv. SouzaAranha R. A. de JQNGH
A discloses a keyboard for a handheld electronic device comprising a row of keys wherein each of said keys represents at least two alphanumeric characters and the
characters of each key are positioned relative to the characters on adjacent keys so as to form a QWERTY or DVORAK layout.
[0014] In WO 02/101531 A, more than one value is assigned to each key of the keyboard. The objectives of such assignment are minimizing production costs and facilitate typing. According to such document, the configuration and the characters associated with each key remain constant. Therefore, an eavesdropper only needs to identify the sequence of keys pressed by the user in order to defraud the user's access to the electronic services.
[0015] With this keyboard configuration, it is not necessary to know the numbers
composing the user's access code but only the sequence of keys pressed by the user to gain access to the user's electronic services.
[0016] Document EP 0844778 B l Numero de publication EP0844778 B l
Inventeurs Larsen Flemming Klovborg
A discloses a radiophone comprising a user interface and a controller unit connected to the user interface, the user interface comprising a display and a keypad having at least one operation key whose function is controlled by the controller nut and is displayed in a predetermined area of the display. The function of said at least one operation key is displayed in a predetermined area of the display. The radiophone is capable of assuming a plurality of states in which a group of predetermined actions associated with the state concerned may be performed by said at least one operation key. The controller unit displays one of said group of actions as a default function in the predetermined area of the display.
[0017] Document EP 0844778 B l A discloses an intelligent key, whose functionality varies according to the radiophone status. Accordingly, the result originated by pressing the key while the phone is on a call is different from the one originated, for instance, by pressing the key while the phone is idle.
However, for a given phone status, the functionality associated with the key of the keyboard remains unchanged. Since there is only one functionality associated with each key, an eavesdropper watching the keyboard in a sufficiently close manner is able to identify the value associated with the key pressed by the user.
Summary of the invention:
[0019] After introducing the invention, a method for providing access to e-services through a security access code. The method includes a step for providing a keyboard comprising of a matrix with a certain number of syllabuses as each row of the matrix is numbered and these numbers of the rows on which there are the syllabuses of your code serve for decoding the secret code through which the information is encoded in the picture. All data are shopd in a database -(800). The subsequently picked numbers of the rows correspond to a key for decoding the variable for access. The keyboard of this invention is virtual and it is shown through graphic user interface.
[0020] According to other variant of the invention, the keyboard comprising of a matrix as each member of the matrix is a couple of digits among which there are the real digits of the PIN code. The customer enters the numbers of the rows where his couples of syllabuses are. In each usage the place of the members of the matrix is
changed. The virtual keyboard is shown with the assistance of a graphic user interface.
[0021] According to other variant of the keyboard comprising of a matrix as each member of the matrix is a sole number among which there are the real digits of the PIN code.
The first ten digits from 0 to 9 are shown on the screen on a black background and another ten digits from 0 to 9 are shown on white background next to it. The customer shall enter the numbers of the rows of the first 2 digits on the black background then he enters the numbers of the rows where the other 2 digits of the PIN code are and then enters the numbers of the rows where are the other 2 digits of the PIN code watching the digits on the white background. At each use the places of the members of the matrix is changed. The virtual keyboard is shown with the help of a graphic user interface.
[0022] According to other variant of the invention, the keyboard comprising of a matrix as each member of the matrix is a couple letter-digit characters among which are the real couples and the secret code. At each usage the places of the members of the matrix is changed. The virtual keyboard is shown with the assistance of a graphic user interface.
Short description of the drawings:
[0023] In the accompanying drawings which form part of the specification and shall be read in respect to that, this invention is illustrated through an example with numbers related to elements in which:
PICT 0002 shows an example of a keyboard according to one variant of the invention; PICT 0003 illustrates one more example of virtual keyboard according to one variant of the invention;
PICT 0004 illustrates one more example of virtual keyboard according to one variant of the invention;
PICT 0005 is an illustration of one more example of the virtual keyboard, according to a variant of the invention;
PICT 0006 is a hardware keyboard in the invention.
PICT 0001 illustrates the graphics of an exemplary method for implementation of the invention.
PICT 0007 is a logical matrix.
PICT 0008 is a Record from the database.
PICT 0009 is a Photo JPG from the database
Detailed description of the invention:
[0024] In the following detailed description, multiple specific details are shown aiming at providing in depth understanding of the invention. Nevertheless, for a specialist in the area it would be obvious that these precise details shall not be used for implementing the invention.
[0025] The method of this invention, which can be implemented by software, comprises of a virtual keyboard from matrix type with numbered rows as it is illustrated on figures from PICT. 0001 to PICT 0006 on the screen of a terminal or an ATM or any other computer terminal, for example, personal computer or a laptop.
[0026] PICT 0002 illustrates a keyboard 200, according to a variant of the invention. The keyboard 200 is comprised of a matrix with 4 rows and 5 columns in which the couples of digits are ordered, read from the databases and ordered according to the logical matrix (700).
[0027] In this example the PIN CODE is 4993. By looking at the matrix of the virtual keyboard we see that 49 is on a row with number 2, and 93 is on a row with number 4 which corresponds to member 5 of the logical matrix.
[0028] As it is shown on the figure, there is more than one couple of digits on each row which makes it impossible to figure out which are the real digits of the PIN code.
[0029] These digit characters are never changed. They are taken from the database and are ordered under a strictly established manner according to the logical matrix (700) the virtual rows 205-220 are the result.
[0030] We have to enter 24 on the keyboard.
[0031] According to the invention, the system can endure for quite some time to the key loggers and fding the screens.
[0032] PICT 0003 illustrates keyboard 300, according to one variant of the invention. The keyboard 300 comprises of a matrix 4 rows and 5 columns in which the sole digits from 0 to 9 are ordered, as in the front of the matrix the digits are shown on a black backgrounds and once more on a white background.
[0033] In this example the PIN CODE is 4993. By viewing the matrix of the virtual keyboard we see that 4 is located on a row 3, 9 is located on a row 3, in the part with black background, 9 is on a row indicated with number 2 and 3 on a row with number.
[0030] We have to enter 3324 on the keyboard.
[0033] As it is shown on the figure, there is more than one digit at each row which makes it impossible to figure out the real digits of the PIN code.
[0034] These digit characters never change. They are taken from the database and are ordered under a strictly established manner according to the logical matrix the virtual rows 305-320 are the result.
[0035] PICT 0004 illustrates keyboard 400, according to one variant of the invention. Keyboard 400 comprises of a matrix 4 rows and 5 columns in which the couples letter-digit characters are ordered according to the logical matrix (700)
It is adjusted to work with secret codes password (PASSWORDS).
[0036] In this example the secret code password (PASSWORD) is q710YD92 . By looking at the matrix of the virtual keyboard we see that q7 is located on row number 2, 10 is located on a row number 2 , YD is on a row number 3 and 92 on a row number 1.
[0037] We have to enter 2231 on the keyboard.
[0038] As it is shown on the figure, there is more than one letter-digit member of the matrix on each row which makes impossible to figure out the real digits of the secret code password (PASSWORD).
[0039] These digit characters are never changed. They are taken from the database and are ordered under a strictly established manner according to the logical matrix (700) the virtual rows 405-420 are the result.
[0040] PICT. 0005 illustrates keyboard 500, according to one variant of the invention. Keyboard 500 is comprised of matrix 5 rows and 6 columns in which the couples of letter-digit characters are ordered according to a logical matrix (700).
It is adjusted to work with codes of credit or personal cards.
[0041] In this example the secret code of the credit card is equal to
1234567890123456. By looking at the matrix of the virtual keyboard we see that 12 is located on row number 3, 34 is located on a row with number 5, 56 is on a row with number 2, 78 is on a row with number 2, 90 is on a row with number 4, 12 is on a row 3, 34 is on a row 5 and 56 is on a row 2.
[0042] We have to enter 35224352 on the keyboard.
[0043] As shown on the figure, there is more than one digit couples on each row which makes impossible figuring out the real digits of the secret code of the card.
[0044] These digit characters are never changed. They are taken from the database and are ordered under a strictly established manner according to the logical matrix (700) the virtual rows 505-530 are the result.
[0045] The logical matrix is shown on figure 1 under code 700.
It looks in the following manner. Here the example is from matrix 5 X 6.
The principle is based on each depot having a number and serving a shop with the same number.
I - depot 2-depot 3-depot 2-shop 4-depot 11-depot <--1 5-depot 6-depot 7-depot 6-shop 4-shop 12-depot <--2 3-shop 8-depot 7-shop 8-shop 9-depot 13-depot <-3 5-shop 10-depot 9--shop 10-shop 1-shop 14-depot <-4
II - shop 12-shop 13-shop 14-shop 15-depot 15-shop <--5 [0046] The members of the record of the databases divided according to the respective length are entered in a matrix as the first member goes in depot number 1 and the second member goes in shop number 1, then depot 2 is filled and shop 2 and so on.
[0047] By noticing that each depot has only one shop with its number.
[0048] For example, if we choose row 1 and row 5, depot 11 corresponds with these rows and shop 11 and the codes recorded in the matrix at these places are taken for an answer.
[0049] Now little calculations: HOW MANY ARE THE POSSIBLE
COMBINATIONS?
If the matrix is 4 X 5 i.e. 20 symbols which supposedly are 16 but ??
Pay attention? Here are the supposed combinations:
1 -1 , 1 -2, 1 -3, 1 -4,
2-1 , 2-2, 2-3, 2-4,
3-1 , 3-2, 3-3, 3-4
4-1 , 4-2, 4-3, 4-4
[0050] If we attempt in a row to check these combinations we see that we were wrong about the possibilities of the contents of the combinations because they are playing a game of hide and seek.
If for example we reach combination 3-4 by already being through the other combinations, it appears that in the moment the combination is 2-3 though we have passed it. This happens after scrambling the matrixes and in fact this turns into a hide and seek game and the combinations which are 16 become infinite.
[0051] For a better security against key loggers and fdming the screen the above indicated screens can also be used via cell phone GSM, which puts to an end stealing once and for all.
[0052] An example for a record of the database -(700) in which there are the codes from the PIN code added to with fake codes
1786,9882,9269,2327,4993,9447,6765,4111,4537,4478
[0053] Look at the site: www.orelsoft.net

Claims

CLAIMS:
Claim 1 (independent) characterized by providing secure access to the terminal for providing access to e-services via secure access code, as the terminal consists of graphic user interface which allows the user access to protected e-information and keyboard, as it is established in each of the claims.
Claim 2 according to claim 1 characterized by providing access to e-services via secure access code, comprising of provision of keyboard of matrix type (200, 300, 400, 500,600), consisting of certain number of syllabuses, as the digits indicating the row of the matrix, in which the syllabuses of the secret code are, are used for entering secure access code.
Claim 3 according to claim 2 characterized by the variables combining from one to several digits or symbols in each member (square) of the matrix, as by each their usage their places are changed;
Claim 4 according to claim 3 characterized by the matrix being shown to the user with indicated numbers of the rows at their side;
Claim 5 according to claim 1 characterized by implementing selection by the user and entering the numbers of the rows which correspond to the syllabuses of the PIN code;
Claim 6 according to claim 1 characterized by comparing the data connected to each row of the matrix and via a special logical module and the data of the matrix -(700) of the database of PHANTOM type -(800) the validity of the secret code, which does not exist anywhere, is established.
Claim 7 according to claim 1 allows the user access to e-services if the special module returns the answer "true".
Claim 8 according to claim 2 characterized by the keyboard being a physical keyboard (600).
Claim 9 according to claim 2 characterized by the keyboard being virtual keyboard (200, 300, 400,500). Claim 10 according to claim 2 characterized by the virtual keyboard being shown through graphic user interface.
Claim 11 according to claim 2 characterized by the virtual keyboard
comprising of 20 or more variables (syllabuses).
Claim 12 according to claim from 1 to 6, characterized by the e-services being bank functions.
Claim 13 according to claim from 1 to 6, characterized by the e-services being computer functions.
Claim 14 according to claim 3, characterized by the variables being letter- digit characters.
Claim 15 according to claim 3, characterized by the variables being pictures. Claim 16 according to claim from 3, characterized by the variables being photos.
Claim 17 according to claim from 3, characterized by the variables being symbols.
Claim 18 according to claim 1, characterized by the matrix with the variables being shown to every user.
Method according to claim from 1 to 6 characterized by the method being applied in home access to the terminal.
Method according to claim from 1 to 6, characterized by comprising of the step of placing the card issued by a bank in the terminal for implementation of the transaction (105).
Method according to claim from 1 to 6, characterized by comprising of the step which requires access code from the user (120).
Method according to claim from 1 to 6, characterized by comprising of the steps of:
transferring information for the card to the server (110) and;
checking the authenticity of the issued card.
The data from the database are scrambled (115) The data are distributed according to the logic of the logical matrix 700
(120).
The data are scrambled within their rows and are numbered (125)»
The virtual keyboard is created (130),
The so-established matrix for the keyboard is shown to the user (135).
Method according to claim from 1 to 6, characterized by consisting of the steps of:
encrypting data of the user access code and transferring data to the server (145).
Keyboards (200, 300, 400, 500) for providing access to e-services via secure access code, comprising of:
The data on syllabuses according to the logical matrix 700 are placed in the matrix as each row of the matrix is numbered.
Method according to claim from 1 to 6, The keyboards are characterized by the places of the variables being changed at each new usage.
Method according to claim from 1 to 6 The keyboards are
characterized by the fact that the terminal can be a GSM cell phone.
Claim 19 (independent) characterized by the group of the variables consisting the secret code being generated according to a pre-established logical matrix-(700).
Claim 20 according to claim 19, characterized by the group of the variables consisting the secret code of the database (800) being connected to the members of the logical matrix -(700) in correspondence with strictly determined
combination of values.
Claim 21 according to claim 19, characterized by the sizes of the logical matrix
-(700) being unlimited.
Claim 22 according to claim 19, characterized by the fact that the members of the logical matrix -(700) can be of any type of data. Claim 23 (independent) characterized by the secret code being divided into syllabuses which are added to the specified number of syllabuses with randomly generated syllabuses after which it serves for encoding in a photo -(900) of the selected variable (name, e-mail) as the series of syllabuses are receded in the database -(800).
Claim 24 according to claim 23 characterized by the series of syllabuses recorded in the database-(800) never being changed.
Claim 25 according to claim 23, characterized by the fact that the secret code is not recorded anywhere.
PCT/BG2013/000015 2013-04-08 2013-04-08 Method and terminal for accessing to e-services using a secure code WO2014165948A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/BG2013/000015 WO2014165948A1 (en) 2013-04-08 2013-04-08 Method and terminal for accessing to e-services using a secure code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/BG2013/000015 WO2014165948A1 (en) 2013-04-08 2013-04-08 Method and terminal for accessing to e-services using a secure code

Publications (1)

Publication Number Publication Date
WO2014165948A1 true WO2014165948A1 (en) 2014-10-16

Family

ID=51688756

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BG2013/000015 WO2014165948A1 (en) 2013-04-08 2013-04-08 Method and terminal for accessing to e-services using a secure code

Country Status (1)

Country Link
WO (1) WO2014165948A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3299983A1 (en) * 2016-09-23 2018-03-28 Harman International Industries, Incorporated Device access control

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU27763U1 (en) * 2002-10-15 2003-02-10 Гребинюк Максим Валентинович BANK OPERATION CONTROL SYSTEM
US20060215360A1 (en) * 2005-03-24 2006-09-28 Chyi-Yeu Lin Password input and verification method
US20070200827A1 (en) * 2004-10-29 2007-08-30 Samal Dmitry I Method and matrix for inputting symbols into computers
US20110215954A1 (en) * 2010-03-03 2011-09-08 John Dennis Page Matrix Keyboarding System
US20130047238A1 (en) * 2010-11-19 2013-02-21 Young Man Hwang Method for providing active security authentication, and terminal and system supporting same

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU27763U1 (en) * 2002-10-15 2003-02-10 Гребинюк Максим Валентинович BANK OPERATION CONTROL SYSTEM
US20070200827A1 (en) * 2004-10-29 2007-08-30 Samal Dmitry I Method and matrix for inputting symbols into computers
US20060215360A1 (en) * 2005-03-24 2006-09-28 Chyi-Yeu Lin Password input and verification method
US20110215954A1 (en) * 2010-03-03 2011-09-08 John Dennis Page Matrix Keyboarding System
US20130047238A1 (en) * 2010-11-19 2013-02-21 Young Man Hwang Method for providing active security authentication, and terminal and system supporting same

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3299983A1 (en) * 2016-09-23 2018-03-28 Harman International Industries, Incorporated Device access control
US10235532B2 (en) 2016-09-23 2019-03-19 Harman International Industries, Incorporated Device access control

Similar Documents

Publication Publication Date Title
EP1615181B1 (en) A method of secure data communication
EP1599786B1 (en) Virtual keyboard
US9892407B2 (en) Method and system for secure user identification
AU2006221804B2 (en) A method of secure data communication
US20100325046A1 (en) Transaction Security Method and Apparatus
US9196111B1 (en) Automated teller machine (“ATM”) dynamic keypad
GB2434472A (en) Verification using one-time transaction codes
US20120104090A1 (en) Card-reader apparatus
CN102932152B (en) A kind of identity identifying technology adopting sound mixed cipher
WO2002017556A1 (en) Validation of transactions
US10754814B1 (en) Methods and systems for image-based authentication
KR20170016821A (en) Server system, communication system, communication terminal device, program, recording medium, and communication method
Reno Multifactor authentication: Its time has come
WO2014165948A1 (en) Method and terminal for accessing to e-services using a secure code
US9214051B1 (en) Dynamic touch screen for automated teller machines (“ATMs”)
CN102930646B (en) Authentication technology based on stock market quotation
RU2507588C2 (en) Method of improving security of automated payment system
KR100507712B1 (en) Information inputting system with a variable arrangement of keypad, and control method thereof
KR200333754Y1 (en) Information inputting system with a variable arrangement of keypad
AU2001281586B2 (en) Validation of transactions
AU2001281586A1 (en) Validation of transactions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13881961

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13881961

Country of ref document: EP

Kind code of ref document: A1