WO2015008075A1 - Fourniture d'accès à un compte à un nouvel utilisateur - Google Patents

Fourniture d'accès à un compte à un nouvel utilisateur Download PDF

Info

Publication number
WO2015008075A1
WO2015008075A1 PCT/GB2014/052187 GB2014052187W WO2015008075A1 WO 2015008075 A1 WO2015008075 A1 WO 2015008075A1 GB 2014052187 W GB2014052187 W GB 2014052187W WO 2015008075 A1 WO2015008075 A1 WO 2015008075A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
management application
administration server
account management
access
Prior art date
Application number
PCT/GB2014/052187
Other languages
English (en)
Inventor
Jeremy GOLDSTONE
Original Assignee
Barclays Bank Plc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Barclays Bank Plc filed Critical Barclays Bank Plc
Publication of WO2015008075A1 publication Critical patent/WO2015008075A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3221Access to banking information through M-devices

Definitions

  • This disclosure relates to providing a new user with access to an account .
  • An account for example a financial account, may be set-up such that the account owner may access the financial account to allow the user, for example, to withdraw money from the account, instruct a payment from the account, view the account balance and/or up-date account details. Access to the account may be via an application on the user's
  • a mobile electronic device for example a mobile electronic device such as a smart phone or tablet.
  • a security process may be established by the organisation providing the account and the owner of the account .
  • the security process should try to minimise the burden on the owner of the account and the new user whilst still maintaining a high degree of security.
  • Providing electronic access to the account in this way needs to be secured so that only the account owner is authorised.
  • the present disclosure provides a method for providing an account management application that is installed on a new user's electronic device with access to an account, the method comprising the steps of: registering the account management application with an account administration server by associating an initiation code with the account
  • administration server an instruction from an administrator of the account to provide the account management application with access to the account, the instruction comprising the initiation code received by the administrator of the
  • the administrator of the account may verify that the new user should be given access to the account before any link is made between the account management application and the new user. As such, the account
  • the administrator may be afforded control over which individuals should be granted access to the account without the new user being aware of any specific details of the financial account, thereby improving security for the account. Furthermore, after the administrator has approved the new user for access to the account, the administrator does not need to supply any personal details of the new user or their account management application to the account administration server in order to execute access to the account. Instead, the provision of access may be instructed by the
  • the account administrator may be any entity that has privileges for instructing access to the account for new users using the account management application. For example,
  • the above method may provide a second account management application that is installed on a new user's electronic device with access to an account, wherein a first account management application that is installed on an existing user's electronic device has access to the account.
  • the account administration server may also generate a verification code; associate the verification code with the account and the account management
  • the verification code is associated with the account and with the account management application, when the new user comes to activate their access to the account, they may simply transmit the verification code to the account
  • administration server which will be able to identify the account and the account management application for which access to the account should be provided. If the instruction to provide the account management
  • the verification code may be transmitted to the new user's mobile telephone via SMS.
  • the verification code may be transmitted to the new user by any other
  • suitable means for example by email, telephone call, letter etc .
  • transmitting the verification code to the account management server has access to the communication means that were approved and verified by the account administrator.
  • an additional layer of security may be provided in respect of providing access to the account only for the authorised new user.
  • the initiation code may be generated at the account
  • the administration server and transmitted from the account administration server to the account management application for displaying the initiation code to the new user.
  • the new user may then pass the initiation code on to the
  • the account administrator may assess whether or not the new user should be granted access to the account. If they decide in the affirmative, the administrator may instruct the provision of access using the initiation code that they have been provided and which is associated with the new user's account management
  • control over access of new users may be directly exercised by the
  • Registration of the account management application with the account administration server may further comprise the steps of: generating and storing at the account administration server a unique association between the account management application and the account administration server;; and transmitting an identifier of the unique association from the account administration server to the account management application.
  • the identifier of the unique association may first be transmitted from the account management application to the account management server so that the account management server may verify that the account management application has previously registered with it and identify the account management application with which it is communicating, which is useful in determining if access to the account should be allowed for that account management application.
  • the account management application has knowledge of the initial credentials used to generate the initiation code. Thus, a different account management application may be prevented from gaining access to the account because they will either not be registered with the account
  • the application with access to the account may further comprise a digital signature.
  • the digital signature may be applied by, for example, a smartcard belonging to the administrator of the account inserted into a smartcard reader. Because the digital signature is unique to the administrator of the account, the digital signature can be used to identify and verify the originator of the instruction (i.e. the
  • the instruction may be transmitted from the administrator to the account administration server via a portal, wherein the portal is configured to read the digital signature to verify the originator of the instruction.
  • the instruction may then be forwarded by the portal to the account administration server after it has been determined that the instruction has originated from a valid administrator.
  • the step of registering the account management application with the account administration server may further comprise the steps of: generating at the account administration server an application identifier that is unique to the account
  • the present disclosure also provides an account
  • administration server configured to: register an account management application that is installed on a new user's electronic device with the account administration server by associating an initiation code with the account management application; receive an instruction from an administrator of the account to provide the account management application with access to the account, the instruction comprising the initiation code received by the administrator of the
  • transaction management application via transmission of the instruction from the administrator, thereby avoiding any need for the administrator to submit new user and
  • transaction management application data to the account administration server, thereby reducing the burden on the administrator and reducing the security risk to the new user .
  • the account administrator may be any entity that has privileges for instructing access to the account for new users using the account management application. For example,
  • they may be an existing user of the account, the owner of the account, such as a Chief Executive Officer of a company, or an agent of the owner of the account, such as a call centre.
  • the owner of the account such as a Chief Executive Officer of a company
  • an agent of the owner of the account such as a call centre.
  • the account administration server may provide for access to the account for a plurality of different account management applications, thereby affording access to the account for a plurality of users.
  • the account administration server may therefore be configured to register a second account
  • the account administration server may be further configured to: generate a verification code; associate the verification code with the account and the account management
  • the account administration server may transmit the
  • the verification code is associated with the account and with the account management application, when the new user comes to activate their access to the account, they may simply transmit the verification code to the account
  • administration server so that the server can use the code to identify the account and the account management
  • the account administration server may be further configured to generate the initiation code and then transmit it to the account management application for displaying the initiation code to the new user on the account management application.
  • the new user may pass the initiation code on to the administrator of the account with a request for access to the account.
  • the account administrator may assess whether or not the new user should be granted access to the account. If they decide in the affirmative, the administrator may instruct the provision of access using the initiation code that they have been provided with and which is associated with the new user's account management
  • control over access of new users may be directly exercised by the administrator using any internal new user identification and verification controls of their own choosing, thus improving security of the account.
  • the account management application is already registered with the account administration server and linked to the initiation code, the administrator does not need to be supplied with any personal information relating to the new user in order to grant access, thereby reducing the burden on the
  • the account administration server may be further configured to: generate and store a unique association between the account management application and the account
  • the administration server ; and transmit an identifier of the unique association to the account management application.
  • the identifier of the unique association When the new user subsequently comes to activate their access to the account, the identifier of the unique
  • association may first be transmitted from the account management application to the account management server so that the account management server may verify that the account management application has previously registered with it and identify the account management application with which it is communicating, which is useful in determining if access to the account should be allowed for that account management application.
  • the instruction received by the account administration server to provide the account management application with access to the account may further comprise a digital signature and the account administration server may be further configured to: use the digital signature to verify that the instruction has originated from the administrator of the account and to identify the account. Because the digital signature is unique to the administrator of the account, the digital signature can be used to identify and verify the originator of the instruction (i.e. the
  • the instruction may be transmitted from the administrator to the account administration server via a portal (for example, through an online access page), wherein the portal is configured to read the digital signature to verify the originator of the instruction.
  • the instruction may then be forwarded by the portal to the account administration server after it has been determined that the instruction has originated from a valid administrator.
  • the portal may be separate from the account administration server, or it may form part of the account administration server.
  • the account administration server may associate the
  • initiation code with the specific instance of the account management application by being further configured to:
  • an account management application to be operated on an electronic device, wherein the account management application comprises logic configured to: transmit a request for registration to an account administration server; receive a verification code; and transmit the verification code to the account administration server to activate access for the account management application to an account.
  • the verification code may be input by an operator of the electronic device or it may be otherwise provided within the electronic device.
  • the new user may obtain access to the account with little administrative effort and without needing to share sensitive data with the administrator of the account.
  • the account management application may be further configured to: receive from the administration server an identifier of a unique association of the account management application with the account administration server; and transmit the identifier of the unique association to the account
  • administration server to verify the account management application to the account administration server when activating access for the account management application to an account .
  • the present disclosure also provides a system comprising: an account administration server; and an account management application that is installed on a new user's electronic device, the account administration server being configured to: register the account management application with the account administration server by associating an initiation code with the account management application; receive an instruction from an administrator of the account to provide the account management application with access to the account, the instruction comprising the initiation code received by the administrator of the account; and register access to the account for the account management application associated with the initiation code.
  • the system may further comprise: a portal or administration point through which the instruction from the administrator of the account to provide the account management application with access to the account is transmitted to the account administration server, wherein the instruction further comprises a digital signature and the portal is configured to: verify from the digital signature that the instruction has originated from the administrator of the account; and transmit the instruction to the account administration server .
  • the origin of the instruction and the administrator's approval for access may therefore be verified before any action is taken to provide access for the account management application to the account.
  • a fraudulent instruction emanating from a non-authorised user may be detected before access to the account is compromised.
  • access may be provided only to the account for which the administrator has responsibility, thus preventing an administrator enabling access to a different account for which they do not have responsibility.
  • the portal may be part of the account administration server or it may be a separate unit .
  • the system may further comprise a smartcard reader for use by the administrator of the account, wherein the digital signature is obtained from a smartcard inserted by the account administrator into the smartcard reader. This may also be used to secure access to the portal.
  • the system may further comprise a second account management application that is installed on a second user's electronic device (for example, that of the account owner or other user), wherein the second account management application has access to the account.
  • a second account management application that is installed on a second user's electronic device (for example, that of the account owner or other user)
  • the second account management application has access to the account.
  • access to the account may be provided for more than one account management application. Consequently, a plurality of users may be provided with access to the same account via the account management application that is installed on each of their electronic devices .
  • Figure 1 shows a system comprising an account administration server that may enable an new user using an account
  • Figure 2 shows a sequence diagram representing the process by which the account administration server of Figure 1 can enable the new user using an account management application to access the account.
  • an authorised, registered user may access funds from an account, check the balance of the account and/or update records relating to the account, for example the registered address for the account, using an account management application installed on their electronic device, for example a smart phone or tablet.
  • an account management application installed on their electronic device, for example a smart phone or tablet.
  • the user In order to be authorised and have access to the account, the user must go through a registration process that ensures that they have the right to access the account and that that access may be established securely.
  • a plurality of different users may be authorised and
  • registered user may independently access the account, for example to transfer funds in order to pay for a product (either goods or services) .
  • a product either goods or services
  • an employee of a corporation may be granted access to a corporate account using an account management application installed on their electronic device so that they may make any necessary corporate financial payments directly from the corporate account .
  • Figure 1 represents a system for enabling access for a new user 102 using an account management application 103
  • the account management application 103 is in communication with an account
  • the mobile gateway 104 is itself in communication with a database 105, again via any suitable means of data transfer.
  • An account administrator 101 who may be an individual, for example a Chief Financial Officer of a business, who has administration privileges, for example the rights to add new users, for an account, has access to an account portal 106, through which they can access and control the account for which they are responsible.
  • the account portal 106 can also communicate via any suitable means with the mobile gateway 104 in order to set up and activate access to the account for the new user 102.
  • the mobile gateway 106 is also in communication with an SMS provider 107, through which the new user 102 may be
  • FIG. 2 represents the steps that are undertaken to enable access for the account management application 103 to an existing account.
  • Step 110 the new user 102 chooses to install the account management application 103 on their electronic device.
  • Step 115 the installation of the account management application 103 onto the new user's electronic device takes place.
  • the passcode may be, for example, a multi-digit code, such as a five digit code, chosen by the new user and may be used for security purposes at subsequent times to restrict access to the account management application only to the new user .
  • Step 125 a request for registration of the account management application 103 with the mobile gateway 104 is transmitted from the account management application 103 to the mobile gateway 104. Having received the request for registration, the mobile gateway 104 generates in Step 130 a unique association between the account management
  • the association is unique to the particular instance of the account management application, the association may be used subsequently by the account management application 103 and the mobile gateway 104 to identify with which instance of account management application 103 (as opposed to any other instances that are installed on other electronic devices) the mobile gateway 204 is communicating and to authenticate communication from the account management application 103 to the mobile gateway 104.
  • the unique association is created by generating a unique application identification code, which identifies the specific instance of the account management application 103 installed on the new user's electronic device (as opposed to any other copies of the account management application installed on other electronic devices), and an identifier of the unique association, for example a randomly generated number, that is stored in Step 135 with the unique
  • the unique application identification code may take any form whereby it is unique to the instance of the account management application 103 installed on the new user's device, for example it may be a long random number, or a number generated on an increment principle etc.
  • the mobile gateway 104 also generates an initiation, or "kick-start", code that is also stored in Step 135 with the unique application identification code and identifier of the unique association on the database 105.
  • the initiation code can later be used to identify the account management application 103 installed on the new user's electronic device (as explained in more detail later) .
  • the initiation code is a human readable code, for example a nonce, an alphanumeric code, or a random word or phrase.
  • the initiation code may be set up to have a limited lifespan, for example for the duration of an incomplete registration process (wherein the initiation code ceases to be effective after it has been used in Step 165 described below) and consequently may be reused in the future. Where the initiation is reusable, it may be shorter than the unique application identification code, thereby functioning as a human readable proxy for the unique application
  • Step 140 the mobile gateway 104 transmits to the account management application 103 the identifier of the unique association between the account management application 103 and mobile gateway 104.
  • Step 145 the identifier of the unique association is saved locally to the account
  • the account management application 103 uses, for example, the electronic device's keychain. In this way, the account management application instance installed on the new user's electronic device is tied to the new user's electronic device and its association with the mobile gateway 104. The account management application 103 may then later transmit the identifier to the account administration server 104 so that the account administration server 104 can identify the instance of the account management application 103 with which it is communicating and authenticate communications from the account management application 103 to the mobile gateway 104.
  • Step 140 the initiation code is also transmitted from the mobile gateway 104 to the account management application 103, after which, in Step 150, the account management application 103 displays the initiation code to the new user 102.
  • the new user 102 may in Step 155 pass the initiation code to an account administrator 101 (for example, orally) with a request for access to the account for which the account administrator 101 is responsible.
  • the account administrator 101 may be an individual, for example a Chief Financial Officer of a business, who has administration privileges, for example the rights to add new users, for a particular account .
  • the account administrator 101 may verify in Step 160 that the request is legitimate - i.e., that the initiation code has come from an individual who should be granted access to the account. This may be undertaken using particular internal security policies of the administrators choosing. Having determined that the request is legitimate, the account administrator 101 then initiates the process of registering the account management application 103 for access to the account for which the administrator 101 is responsible, so that the new user 102 may later access the account via the account management application 103 installed on the new user's electronic device.
  • Step 165 the account administrator 101 transmits to their account portal 106 an instruction to allow the new user 102 to access the account using the account management application 103.
  • the instruction transmitted in Step 165 comprises the initiation code described above, a mobile telephone number for the new user 102 and means for
  • administrator's approval may take the form of a digital signature applied to the Step 165 transmission by, for example, an administrator smartcard inserted into a
  • Step 170 the portal 106 verifies the data transmission, for example from the signatures applied to the data
  • Step 175 the account portal 106 instructs the mobile gateway 104 to provide the account management application 103 with access to the account.
  • the instruction transmitted in Step 175 comprises the initiation code so that the correct account management application 103 can be afforded access to the account by virtue of the initiation code's association with the account management application 103 installed on the new user's electronic device, and the mobile telephone number for the new user 102, so that they can be contacted later on (as explained below) .
  • the mobile gateway 104 can in Step 180 use the initiation code to retrieve from the database 105 the unique application identification code.
  • the mobile gateway 104 can then in Step 185 use the unique application identification code to generate a verification code that is unique to the instance of the account
  • Step 190 the mobile gateway 104 transmits it and a reference to the account to the database 105 for association and storage with the unique application identification code. This is so that the verification code can later be used during activation of access to the account to retrieve the account reference and unique application identification code in order to activate access to the correct account for the correct account management application 103.
  • Step 195 the mobile gateway transmits the verification code to an SMS service 107, so that in Step 199 the
  • verification code can be transmitted to the new user 102 via their mobile telephone. Having received the verification code, the new user 102 is in a position to activate their access via the account management application 103 to the account. This may be done via the account management application 103 first by transmitting the identifier of the unique
  • the mobile gateway 104 may then use the unique identifier to confirm that the account management application 103 has registered with it and identify the unique application identification code associated with the identifier of the unique association. This also performs the function of confirming that the account management application 103 has knowledge of the initial credentials that were used to set up the initiation code. Having validated communications between the account
  • the account management application 103 can activate access to the account by transmitting the verification code to the mobile gateway 104. Transmitting the verification code from the account management application 103 confirms that the operator of the account management application 103 has access to the mobile telephone number that the account administrator approved to be legitimate for the new user, thus improving certainty of restricting access only to the new user.
  • the mobile gateway 104 may then identify the account
  • initiation code and the verification code are the same.
  • the verification code can only activate access to the account if it is transmitted from the same account management application 103 that transmitted the initial request for registration in Step 120, from which the initiation code and unique association between the account management application 103 and mobile gateway 104 were generated. Therefore, even if the verification code is intercepted, it still may only be used by the instance of the account management application 103 that is installed on the new user's electronic device.
  • access to the account may be activated by the mobile gateway 104.
  • long-term security provisions may be put in place to enable secure
  • a mobile electronic device for example a smart phone or tablet, and communicates with a mobile gateway 104, it may be installed on any electronic device, either mobile or static, and communicate with any suitable type of
  • the account may be any type for account where restricted access is needed, for example it may be a financial account, an account for gaming, an account for gambling, a shopping account etc.
  • the mobile gateway 104 may be implemented on any suitable account administration server. Whilst Figure 2 shows the mobile gateway 104, database 105 and portal 106 as separate components, at least one of the database 105 and the portal 106 may alternatively be implemented with the mobile gateway 104 on an account administration server.
  • the initiation code may be generated elsewhere, for example the account management application 103 might generate the initiation code and transmit it to the mobile gateway 104 in Step 125. In that example, it would not be necessary further to transmit the initiation code from the mobile gateway 104 to the account management application 103 in Step 140, since the account management application 103 will already have the initiation code.
  • Step 140 Rather than transmitting the initiation code to the account management application 103 in Step 140 for forwarding by the new user 102 to administrator 101 in Step 155, the
  • initiation code may be communicated to the administrator 101 by any means. For example, it may be transmitted directly from the mobile gateway 104 to the administrator 101, for example by email, SMS, telephone call or letter, based on administrator 101 contact details supplied to the mobile gateway 104 by the account management application 103 in Step 125.
  • the new user may enter all of their relevant request and user details into the account management application 102 in Step 120 for transmission to the mobile gateway 103 in Step 125.
  • the relevant request details may include an identifier of the account for which they would like access, for example by identifying the corporate organisation they belong to if they would like to access to the corporate account, and the user details may include an identifier of the new user 102, for example an employee number.
  • the administrator 101 may then be made aware of the request via the account portal 106 and may verify the legitimacy of the request and instruct the generation and subsequent transmission of the verification code in steps 185 onwards.
  • the notification of the user details to the portal 106 via the account management application 103 effectively passes an initiation code to the administrator 101, wherein the subsequently generated verification code is bounded to a unique identifier of the account management application 103 (whether a unique application identification code or an initiation code), may also be included in Step 125 so that along with the initiation code, the administrator 101 may also be provided with an indication of who the new user 102 is so that they may authorise or decline their request for access to the account.
  • the new user may be transmitted to the new user via a different transmission means, for example by SMS, email, telephone call or letter, wherein the transmission details required may be supplied to the mobile gateway 104 in Step 125 and after receipt of the initiation code the new user may forward the initiation code to the administrator in Step 155 as described above.
  • a different transmission means for example by SMS, email, telephone call or letter, wherein the transmission details required may be supplied to the mobile gateway 104 in Step 125 and after receipt of the initiation code the new user may forward the initiation code to the administrator in Step 155 as described above.
  • the verification code could be sent by any other suitable means, for example email, a telephone call or a letter.
  • the details required for sending the verification code to the new user 102 may be included in Step 165 with the instruction to provide access for the account management application 103 to the account.
  • the verification code may be entered into the account management application 103 by any means, for example automatic entry from an SMS.
  • the initiation code is unique to the particular account management application instance installed on the new user's electronic device and may be set up to be unique for the duration of the registration process.
  • the initiation code may be used to represent the association between the specific account management application instance and the mobile gateway 104. Consequently the unique
  • the application identification code may be generated at a later time than described above, for example at step 190 where registration has been completed and the initiation code may cease to be unique to the particular instance of the account management application 103.
  • the unique application identification code may be generated and then replace the initiation code association between the account management application 103 and the new user as a permanent, unique identifier of the account management application 103.
  • Step 130 may instead be generated at a later time, for example at any time before Step 150 where it is displayed to the new user on the account management application 103.
  • it may be generated at the mobile communications gateway 104 after Step 145, transmitted to the database 105 for storage and transmitted to the account management application 103 for displaying to the new user in Step 150.
  • any means of data storage may alternatively be used, for example the data may be cached on the mobile gateway 104.
  • communications between the two may be verified and/or secured by any other known means, for example with a user ID and password agreed with the
  • any other means of identifying the administrator 101 for verification to the portal 106 may be used, for example using a password.
  • portal 106 may be any means of access for the administrator to the account for which they are
  • the portal may be configured such that the administrator may operate only within the scope their own account portal capability.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé, un système, une application et un serveur permettant de fournir l'accès à un compte à une application de gestion de compte, qui est installée sur un dispositif électronique d'un nouvel utilisateur. Le procédé comporte les étapes consistant à : enregistrer l'application de gestion de compte auprès d'un serveur d'administration de compte en associant un code de déploiement de services à l'application de gestion de compte ; recevoir, au serveur d'administration de compte, une instruction provenant d'un administrateur du compte et qui vise à fournir à l'application de gestion de compte l'accès au compte, l'instruction comprenant le code déploiement de services reçu par l'administrateur du compte ; et enregistrer, au serveur d'administration de compte, l'accès au compte pour l'application de gestion de compte associée au code de déploiement de services.
PCT/GB2014/052187 2013-07-17 2014-07-17 Fourniture d'accès à un compte à un nouvel utilisateur WO2015008075A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1312797.2A GB2516278A (en) 2013-07-17 2013-07-17 Providing a new user with access to an account
GB1312797.2 2013-07-17

Publications (1)

Publication Number Publication Date
WO2015008075A1 true WO2015008075A1 (fr) 2015-01-22

Family

ID=49081417

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2014/052187 WO2015008075A1 (fr) 2013-07-17 2014-07-17 Fourniture d'accès à un compte à un nouvel utilisateur

Country Status (2)

Country Link
GB (1) GB2516278A (fr)
WO (1) WO2015008075A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104881783A (zh) * 2015-05-14 2015-09-02 中国科学院信息工程研究所 电子银行账户欺诈行为及风险检测方法与系统
WO2017039891A1 (fr) * 2015-08-31 2017-03-09 Linkedin Corporation Inscription automatique en ligne
US11037232B2 (en) 2017-06-06 2021-06-15 Microsoft Technology Licensing, Llc Smart membership management
CN113938320A (zh) * 2021-12-15 2022-01-14 四川省交通勘察设计研究院有限公司 一种基于统一网关的置信用户识别方法和系统
US11657136B2 (en) 2017-12-21 2023-05-23 Bitstrata Systems Inc. Secure association of an installed application instance with a service

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
EPO: "Mitteilung des Europäischen Patentamts vom 1. Oktober 2007 über Geschäftsmethoden = Notice from the European Patent Office dated 1 October 2007 concerning business methods = Communiqué de l'Office européen des brevets,en date du 1er octobre 2007, concernant les méthodes dans le domaine des activités", JOURNAL OFFICIEL DE L'OFFICE EUROPEEN DES BREVETS.OFFICIAL JOURNAL OF THE EUROPEAN PATENT OFFICE.AMTSBLATTT DES EUROPAEISCHEN PATENTAMTS, OEB, MUNCHEN, DE, vol. 30, no. 11, 1 November 2007 (2007-11-01), pages 592 - 593, XP007905525, ISSN: 0170-9291 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104881783A (zh) * 2015-05-14 2015-09-02 中国科学院信息工程研究所 电子银行账户欺诈行为及风险检测方法与系统
WO2017039891A1 (fr) * 2015-08-31 2017-03-09 Linkedin Corporation Inscription automatique en ligne
CN108496192A (zh) * 2015-08-31 2018-09-04 微软技术授权有限责任公司 自动在线注册
US11037232B2 (en) 2017-06-06 2021-06-15 Microsoft Technology Licensing, Llc Smart membership management
US11657136B2 (en) 2017-12-21 2023-05-23 Bitstrata Systems Inc. Secure association of an installed application instance with a service
CN113938320A (zh) * 2021-12-15 2022-01-14 四川省交通勘察设计研究院有限公司 一种基于统一网关的置信用户识别方法和系统
CN113938320B (zh) * 2021-12-15 2022-04-29 四川省交通勘察设计研究院有限公司 一种基于统一网关的置信用户识别方法和系统

Also Published As

Publication number Publication date
GB2516278A (en) 2015-01-21
GB201312797D0 (en) 2013-08-28

Similar Documents

Publication Publication Date Title
US11706212B2 (en) Method for securing electronic transactions
CN107690788B (zh) 识别和/或认证系统和方法
US8407112B2 (en) Transaction authorisation system and method
US8572377B2 (en) Method for authentication
CA2930752A1 (fr) Systeme et procede permettant une authentification de transactions financieres sur la base d'un emplacement
US20120078735A1 (en) Secure account provisioning
US20120089514A1 (en) Method of authentication
US20110213711A1 (en) Method, system and apparatus for providing transaction verification
CN102790674A (zh) 身份验证方法、设备和系统
US9256724B2 (en) Method and system for authorizing an action at a site
WO2010140876A1 (fr) Procede, systeme et serveur securise d'authentification multifactorielle de transaction
US20140223520A1 (en) Guardian control over electronic actions
CN103200176A (zh) 一种基于银行独立通信渠道的认证方法、装置及系统
CN102025498B (zh) 保护用户隐私的方法、装置及系统
KR20180124067A (ko) 계정에 연결하고 서비스 프로세스를 제공하기 위한 방법 및 디바이스
EP3579595B1 (fr) Système et procédé améliorés de vérification d'âge d'accès à internet
WO2015008075A1 (fr) Fourniture d'accès à un compte à un nouvel utilisateur
CN106416336A (zh) 识别和/或认证系统和方法
CN102184353A (zh) 一种防止网上支付数据被劫持的方法
JP6370771B2 (ja) サイバーidを使用してセキュアなトランザクションを提供する方法およびシステム
UA100711C2 (uk) Спосіб здійснення захищених транзакцій
US20180183805A1 (en) System and method of authorization of simple, sequential and parallel requests with means of authorization through previously defined parameters
KR101078705B1 (ko) 문자보안 서비스 시스템 및 그 이용방법
US10051468B2 (en) Process for authenticating an identity of a user
KR20070029537A (ko) 무선단말기와 연동한 개인별고유코드를 활용한인증시스템과 그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14742328

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14742328

Country of ref document: EP

Kind code of ref document: A1