WO2016013924A1 - Système et procédé d'authentification mutuelle faisant intervenir des codes à barres - Google Patents

Système et procédé d'authentification mutuelle faisant intervenir des codes à barres Download PDF

Info

Publication number
WO2016013924A1
WO2016013924A1 PCT/MY2015/050068 MY2015050068W WO2016013924A1 WO 2016013924 A1 WO2016013924 A1 WO 2016013924A1 MY 2015050068 W MY2015050068 W MY 2015050068W WO 2016013924 A1 WO2016013924 A1 WO 2016013924A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
barcode
communication device
authentication
server
Prior art date
Application number
PCT/MY2015/050068
Other languages
English (en)
Inventor
Chong Seak Sea
Kang Siong Ng
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2016013924A1 publication Critical patent/WO2016013924A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Definitions

  • the present invention is related to authentication mechanisms using a portable communication device and, more particularly, to system and method of mutual authentication mechanisms using barcodes that can be a linear or planar form barcode.
  • Digital identity is an important concern for any individual or company alike. Digital identity refers to all the information about an individual that is digitally available. More number of individuals today perform online activities, for instance, payment transactions, bank login, downloading etc, without paying heed to online security measures, such as private browsing, disabling cookies. As a result, our digital identity is always vulnerable to various privacy threats. And the biggest challenge we face is about losing both - privacy and control over our digital identity.
  • the most common form of authentication and security measures include usage of usernames and passwords to protect our digital identity online. These usernames and passwords generally comprise complex codes of alphanumeric characters and in some cases, also comprise of special characters or in other instances these characters might also be case sensitive. People often choose common words such as their own name, family members or friends, pets, telephone number, special interests, or some variants that are easy to remember. This makes username and passwords the simplest form of protection yet they are weak and vulnerable as the most common form of attack is password guessing. Other solutions have been proposed of late, such as One-time Password Authentication (OTP) which generates highly secure one-time password that is valid only for one login session or transaction, ensuring that only properly authenticated users are authorized to access critical applications and data. This type of OTP is currently used by major credit and debit cards users for online authentication.
  • OTP One-time Password Authentication
  • time-synchronized OTPs are subject to problems caused by clock skew, which means that if the authentication server and the user token are not kept at the same time, then the expected OTP value is not generated and the user authentication fails. Also, initial cost requirement is high due to the need of specialized hardware.
  • CRAM challenge-response authentication mechanism
  • a method for mutually authenticating a user through a communication device to access a secured website comprises registering the user with user profile and a registration number of the communication device with the authentication system; requesting access to the secured website through the authentication system with the communication device; rendering a barcode encoded based on user credentials and a user secret key; sending the barcode to the authenticating system for decoding the user credential provided by the user upon requesting access; and comparing the user credential provided by the user against a corresponding user credential stored on the authenticating system.
  • the barcode is rendered as a security token based on a user secret key, wherein the barcode contains user information and credentials.
  • a barcode is generated on the user communication device to request for authorization and another barcode is generated on the authentication system for matching the user credentials.
  • scanning the barcode through the user communication device via a visual channel comprises displaying the barcode on another communication device, wherein the barcode is rendered on a mobile application deployed on the another communication device, and the barcode is rendered based on the user credential sent from the authentication system.
  • the barcode is use as the security token for authenting user registration and user access.
  • an authentication system for mutually authenticating a user through a communication device.
  • the authentication system comprises an application server in communication with the user portable communication device, the application server has a database of user profiles that includes a user ID and a registration number of the user portable communication device; an authentication server for rendering a barcode encoded with a secret key that based on the user profiles; a mobile application for deploying on the user portable communication device, wherein the mobile application operable to communicate with the application server to facilitate user authentication.
  • the system operationally authenticates the user through matching the user credential decoded from the barcode against a corresponding user credential stored on the authentication server.
  • the visual channel includes optical means for acquiring the barcode.
  • the barcode is displayed on another communication device, wherein the barcode is rendered on a mobile application deployed on the another communication device, and the barcode is rendered based on the user credential sent from the authentication server.
  • the barcode maybe a matrix barcode or more specifically, a two- dimensional barcode.
  • FIG. 1 illustrates an authentication system in accordance with an embodiment of the present invention
  • FIG. 2 illustrates a schematic block diagram of a user device 200 in accordance with an embodiment of the present invention
  • FIG. 3 illustrates a sequence diagram of a user registration process in accordance with an embodiment of the present invention
  • FIG. 4 illustrates an authentication process as the user is accessing a secured website through the application server in accordance with an embodiment of the present invention
  • FIG. 5 illustrates a block diagram of the authentication system in accordance with another embodiment of the present invention.
  • One embodiment provides a system and method for two factor mutual authentication methods through a barcode as a security token for providing more effective secure solution, especially implementation for authenticated users to the systems with minimum data transmitted over the network (via visual channel, i.e. optical means).
  • the barcode provides digital information flow only in one- direction from a portable communication device.
  • one of the communicating device is a portable device that is capable of encoding a precise information into a barcode.
  • the other device referred to herein as the user portable communication device that can be a portable communicating device, capable of scanning the barcode and decoding the relevant information.
  • the user portable communication device according to another embodiment of the invention communicates with the portable communication device via a visual channel.
  • FIG. 1 illustrates an authentication system in accordance with an embodiment of the present invention.
  • the authentication system includes a user portable communication device 101, a portable communication device 100, a visual channel 103, a communication network 102, and an authentication source which include an application server 104 and an authentication server 106.
  • the user portable communication device 101 and the portable communication device 100 are communication devices that are able to connect to the authentication source via the communication network 102, such as Internet.
  • the communication devices may be any computing devices that are able to establish data communication through the communication network 102, which include smartphone, tablet PC and etc.
  • the user portable communication device 101 and the portable communication device 100 may in someway establish the visual channel 103 for capturing image from one to another, wherein the captured image can be decoded for extracting authentication information.
  • the visual channel 103 may be established through a camera and a display unit, which are respectively integrated on the user portable communication device 101 and the portable communication device 100. As shown in FIG. 1, the visual channel 103 is established through a display unit on the portable communication device 100 and an integrated camera on the user portable communication device 101, wherein the display unit displays the authentication information encoded in a form of barcode and the integrated camera captures an image of the barcode.
  • the visual channel may be established through may other means, for example, the means for capturing authentication information may be a connected camera or a dedicated barcode scanner, whilst the means for displaying the barcode may be a monitor screen or even a piece of printed material with the barcode printed thereon.
  • the barcode can be any matrix barcode or any two- dimensional (2D) code, such as TOF417, C0DE49, CODE 16K, tQR Code, Data Matrix, Maxi Code, Code One and so on.
  • the type of code used can be selected depending on the requirement and information to be embedded therein.
  • QR code is now favorably adapted as it has relatively large capacity, high reliability, can represent characters and images, and other information, confidentiality, security and etc. It can also have 360-degree recognition ability and represent characteristics of Chinese characters, and become easy to implement.
  • the authentication system further includes a mobile application 108, which includes a user registration module 110, and barcode encoder 112, a credential generator 114, and a key storage 116.
  • the mobile application 108 is a trusted application obtained from a trusted source.
  • the trusted source can be any trusted source mobile apps depository center, such as Apple App Store, Google Play or any app marketplace, or directly from the application server 104 of the authentication source.
  • the mobile application 108 is deployed with the mobile application 108 for realizing the authentication.
  • the mobile application 108 communicates with the authentication source through the communication network 102.
  • the user registration module 110 facilitates means for registering a new user on the communication devices directly.
  • the user registration information is sent to the authentication source.
  • the barcode encoder 112 adapted for encoding and decoding barcode to extract authentication information.
  • the credential generator 114 generates user credentials based on the preset inputs, which include time, location, login factors and etc.
  • the key storage 116 stores the keys that are used to generate the user credential through credential generator 114.
  • the generated credential can be a one-time password (OTP) that are typically used as a secondary authentication factor.
  • OTP one-time password
  • the key storage 116 stores all the keys generated for user authentication.
  • the application server comprises a network interface 118, a user registration module 120, key delivery module 122, barcode decoder 124, a login verification module 126 and a profile database 128.
  • the authentication server 106 also comprises a network interface 130, a user registration module 132, a key manager 134, a credential verification module 136, and a credential database 138.
  • the application server 104 is connected to the authentication server 106 for activating user account and authenticating it after performing validation and verification of user credentials. It manages the creation and distribution of user's secret key to the user portable communication device 101.
  • the application server 104 and the authentication server 106 are network of servers or computers working in a coordinated manner, of which respective network interfaces 118 and 130 are adapted to connecting the two servers 104 and 106.
  • the user registration module 120 is adapted to register user for mapping the same with the application user profile.
  • the key delivery module 122 delivers user secret key generated by a uthentication server 106 to the user portable communication device 101.
  • the secret key is delivered via a messaging channel, such as SMS gateway.
  • the barcode decoder 124 is adapted for decoding a barcode or any matrix barcode for extracting authentication information.
  • the barcode is transmitted from the user portable communication device 101, of which the user portable communication device 101 optically obtains/captures the barcode from the portable communication device 100 via the visual channel.
  • the login verification module 126 operationally validates user profile for authentication. These user profiles are stored on the profile database 128.
  • the authentication server 106 uses its user registration module 132 to associate user with secret key generated.
  • the key management module 134 generates and manages user secret key.
  • the credential verification module 136 operationally validates the credential submitted by user and the supplied user's credentials are stored on the credential database 138.
  • the user is able to carryout a user registration through the user registrations mobile on either the user portable communication device 101 or the portable communication device 100.
  • the user registration particulars, as mentioned, are sent to the authentication source. All the registered users are able to utilize the mobile application 108 to perform authentication with the authentication source.
  • FIG. 2 illustrates a schematic block diagram of a user device 200 in accordance with an embodiment of the present invention.
  • the communication device 200 can be adapted on either one or both of the user portable communication device 101 and portable communication device 100 of FIG. 1.
  • the user device 200 comprises a camera 202, a display screen 204 and programs 206.
  • the camera 202 is facilitated as an optical means for scanning a barcode encoded with user authentication information or credential that is generated based on an input secret key.
  • the display screen 204 on the other hand is used for displaying or showing the matrix barcode for scanning by the camera on the other communication device.
  • the program 206 that comprises the mobile application 108 that operationally facilitates the user authentication process based on the key 208.
  • FIG. 3 illustrates a sequence diagram of a user registration process in accordance with an embodiment of the present invention.
  • the current figure is herein after described in conjunctions with the features of FIG. 1, though it is understood to a skilled person that the process can be adapted in different setup and configuration.
  • the user registration process involves a user 302, the communication device 100, the user communication device 101, the application server 104 and the authentication server 106 of FIG. 1.
  • User registration process is required for all new users who have not yet register with the authentication system.
  • the communication device 100 may be a portable device, or a desktop computer having a display screen and a camera.
  • the user 302 uses the communication device 100 to request for registration.
  • the request is sent through the mobile application 108 to the application server 104 at step 312 through a communication network, such as Internet.
  • the application server 104 reverts with a registration form on a web browser on the communication device 100 to acquire necessary details from the user 302.
  • the registration form can be presented in a HTML form on a web browser and display on the communication device 100 to user 302 at step 313.
  • the details may include user personal particulars, registration number of the user communication device 101, specifications of the user portable communication device 101 or other associated or required information therefor.
  • the user 302 enters all the required details on the form displayed on the communication device 100, and submits to the application server 104 at step 316.
  • the application server 104 creates a user profile based on the details provided by the user.
  • the user profile includes a user ID, among other information.
  • the user ID may include the user's name, user's email address or registration number of the user communication device (such as IMEI, IMSI, and MSISDIM).
  • the application server 104 forwards the user ID to the authentication server 106 for user registration.
  • the Authentication Server 106 generates a user secret key and associates the user secret key with the user ID.
  • the user secret key is generated through applying cyptography function on a random data.
  • the user ID and the associated user secret key are stored in the credential database 138 of the authentication server 106.
  • the authentication server 106 sends the user secret key 208 to the application server 104.
  • the user secret key is being encrypted at the application server 104 through pre-arranged encryption key. Any open or proprietary encryptions may be used for such encryption, including but not limited to AES (Advanced Encryption Standard) or DES (Digital Encryption Standard), or any other suitable encryption methods.
  • the application server 104 delivers the encrypted user secret key to the user trusted mobile application 108 on the user portable communication device 101 via Short Message Service (SMS) as an activation SMS for validation of authentication process. This process is provided for establishing the ownership of the communication device 100.
  • SMS Short Message Service
  • the trusted mobile application 108 is deployed as means for facilitating the authorization.
  • the mobile application 108 is adapted to receive the activation SMS, which allows the mobile application 108 to process the activation SMS. While processing the activation SMS, the mobile application 108 verifies the source of the SMS and the decrypts contents of the activation SMS. Specifically, the secret key will be recovered from the activation SMS and stored on the mobile device in a secured formed. The secret key may be protected for recovering therefrom through any one or more of the user password, device serialization and sensor input.
  • the secret key stored on the key database is encrypted before sending to the device, user may opt for additional protection to secure the secret key on the device.
  • One of the most common protections is user password and pattern lock.
  • the mobile application may utilize some of the unique identities assigned to the device for protecting the secret key. These unique identities include a device serial number, Wi-Fi MAC address, and other unique number available to the device.
  • the device may also facilitate sensor for acquiring biometric of the user for protecting the secret key. These biometric may include audio, fingerprint, and etc.
  • the user is notified and at step 332, the user 302 clicks on the trusted mobile application 108 on the user portable communication device 101, and at step 334 the user communication device 101 generates a first credential (CI) by applying cryptographic techniques on the secret key and some input factors, such as time location, etc.
  • the first credential CI is then encoded to a 2-dimensional (2D) barcode as a security token.
  • the barcode encoder 112 of the mobile application 118 is responsible for encoding the relevant information to the 2D barcode format.
  • the barcode security token generated is then forwarded to the application server 104 using communication device 100 via visual channel 103 at step 336.
  • the barcode is decoded.
  • the application server 104 receives and decodes the 2D barcode security token to recover the User ID and user credentials CI.
  • the user ID along with user credentials CI are pushed to the authentication server 106 for credential authentication.
  • the authentication server 106 looks up for the relevant user information by using the user ID.
  • the authentication server 106 searches in its credential database 138 and retrieve the user information stored in its database.
  • the authentication server then generates a second user credential (C2) based on the user secret key for comparing the first user credentials CI.
  • the secret key is processed with certain required factors, such as time, location and etc. to generate another credential for comparing with that in the one encoded in the barcode.
  • step 346 the authentication server 106 informed the application server 104 of the authentication status.
  • step 348 application server 104 activates the user account and confirmation is sent to the communication device 100 and in turn the user 302. User may then use the communication device 100 to carry out authentication accordingly at step 350.
  • the cryptographic or encryption/decryption techniques used may be, but not limited to, hashing, symmetric and asymmetric cryptography.
  • FIG. 4 illustrates an authentication process as the registered user 306 is accessing a secured website throught the application server 104 in accordance with an embodiment of the present invention.
  • the user 302 requests to access the secured website through the user communication device 100.
  • the communication device 100 connects to send the request to the application server 104, which in some case, can be a proxy server for handing authentication.
  • the application server 104 returns with a HTML pages at step 414 to request for user login credentials, the registered user ID and credential.
  • the login page is displayed to the user 302.
  • the mobile application 108 installed on the user communication device 101 is used to generate a user credential based on user secret key and input factor such as time, location and etc. and applies with cryptographic function to encode the same into barcode as a security token.
  • the user communication device 100 captures or scans the barcode from the user communication device 101 via visual channel or any out-of-band channel, and send to the application server 104.
  • the application server 104 received the decoded barcoded.
  • the application server 104 lookup for the corresponding user profile based on the recovered a first user credentials (CI). Once the user profile is identified, at step 426, the user ID and credentials are sent to the authentication server 106 for credential validation.
  • the authentication server 106 looks up for the relevant user information.
  • the authentication server 106 searches in its credential database 138 and retrieve the user information stored in its database.
  • the authentication server 106 then generates the user secret key.
  • the secret key is then processed with certainly required factors, such as time, location and etc. to generate another credential (C2) for comparing with that in the one encoded in the barcode.
  • the authentication server 106 informed the application server 104 of the authentication status.
  • application server 104 complete the authentication process and allowing the user to access the secured website, only when authentication server return a status of validation and comparison result showing both credentials are identical.
  • the user 302 is authenticated and allow to access.
  • the authentication method of the present invention may adapt any type of barcode that is designed so that reading and decoding is feasible and efficient using the built-in camera 202 and the computer power available in a portable communication device 100. Examples of barcode may include Data matrix, QR code, Sema code or may other codes available.
  • the exemplary architecture 500 of the application server 104 and the authentication server 106 is as shown in FIG. 5.
  • the application server 104 and the authentication server 106 include processor(s) 502, Input - Output circuitry 504, computer readable media, such as, but not limited to, memory 506, and network interface (not shown).
  • the application server 104 and the authentication server 106 may be connected to the portable communication device 100 via communication network 102.
  • the computer readable media 506 stores application program modules 508 and data 510.
  • Application program modules 508 contain instructions, which when executed by processor(s) 502, cause the processor(s) 502 to perform actions of a method described herein in FIG. 3 and FIG. 4. The method described above with reference to FIG. 3 and FIG.
  • the method 4 may be embodied on a computer program comprising computer programming codes for performing the server-side parts of the method when the computer program code is executed by a processor 502, for instance embodied in any of the application server 104 and the authentication server 106 in FIG. 1.
  • the method may also be embodied as executable instructions on a computer readable medium having stored there on a computer program comprising computer program code for performing the method when the computer program code is executed by a processor 502.
  • the processor 502 may, for instance, be embodied in any of the servers 104 or 106 as shown in FIG. 1.
  • the computer readable medium may, for instance, be memory 506 or any another plausible medium including, but not limited to, an optical disc (e.g. CD or DVD), a portable semiconductor memory (e.g. USB stick), a magnetic disc, or a file server accessible in a computer network such as the Internet.
  • the method described above with reference to FIG. 3 and FIG. 4 may also be embodied as a computer program, also known as app, com prising computer program code for performing the portable communication device 100 parts of the method when the computer program code is executed by a processor on the portable communication device 100.
  • the method may also be embodied as a computer readable medium having stored there on a computer program comprising computer program code for performing the method when the computer program code is executed by a processor in the portable communication device 100.
  • the computer readable medium may be any plausible medium including, but not limited to, an optical disc CD or DVD, a portable semiconductor memory USB stick, a magnetic disc, or a file server accessible in a computer network such as the Internet.
  • the user device 100 on the other hand is equipped with a barcode scanner, which can be integrated or externally attached as an input peripheral, for capturing the barcode for carrying out the authentication.
  • the barcode is presented or outputted on a display unit of a separate device, which is also adapted to operationally communicate with the application server 104.
  • the barcode can be sent to the device seeking for the authentication itself, and once the barcode is received, the device seeking for the authentication may process the acquired barcode on the mobile application 108 as defined above.
  • the barcode can be printed out in a physical medium, whereby the barcode can be scanned through the user device 100 to perform the authentication as described above.

Abstract

La présente invention concerne un système et un procédé pour l'authentification mutuelle d'accès et d'enregistrement d'utilisateur. De manière spécifique, le système et le procédé font intervenir un code à barres en tant que jeton de sécurité pour faciliter l'authentification d'utilisateur. Le code à barres est utilisé pour coder un justificatif d'identité d'utilisateur et un numéro d'enregistrement de dispositif à l'intérieur de celui-ci. Le code à barres peut être obtenu par l'intermédiaire d'un canal visuel.
PCT/MY2015/050068 2014-07-25 2015-07-09 Système et procédé d'authentification mutuelle faisant intervenir des codes à barres WO2016013924A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2014002191A MY171789A (en) 2014-07-25 2014-07-25 System and method of mutual authentication using barcode
MYPI2014002191 2014-07-25

Publications (1)

Publication Number Publication Date
WO2016013924A1 true WO2016013924A1 (fr) 2016-01-28

Family

ID=55163372

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2015/050068 WO2016013924A1 (fr) 2014-07-25 2015-07-09 Système et procédé d'authentification mutuelle faisant intervenir des codes à barres

Country Status (2)

Country Link
MY (1) MY171789A (fr)
WO (1) WO2016013924A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414604A (zh) * 2019-01-08 2020-07-14 阿里巴巴集团控股有限公司 认证方法、设备、系统及存储介质
US10949869B1 (en) * 2018-06-25 2021-03-16 Sprint Communications Company L.P. Method for generating and using a 2D barcode

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060088166A1 (en) * 2004-10-22 2006-04-27 Nec Corporation Authentication method and method device, system, and program for delivering secret information between proximity terminals
US20110219427A1 (en) * 2010-03-04 2011-09-08 RSSBus, Inc. Smart Device User Authentication
US20120089519A1 (en) * 2010-10-06 2012-04-12 Prasad Peddada System and method for single use transaction signatures
US20120240204A1 (en) * 2011-03-11 2012-09-20 Piyush Bhatnagar System, design and process for strong authentication using bidirectional OTP and out-of-band multichannel authentication
US20130278622A1 (en) * 2012-04-23 2013-10-24 Netspectrum Inc. Secure and Authenticated Transactions with Mobile Devices

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060088166A1 (en) * 2004-10-22 2006-04-27 Nec Corporation Authentication method and method device, system, and program for delivering secret information between proximity terminals
US20110219427A1 (en) * 2010-03-04 2011-09-08 RSSBus, Inc. Smart Device User Authentication
US20120089519A1 (en) * 2010-10-06 2012-04-12 Prasad Peddada System and method for single use transaction signatures
US20120240204A1 (en) * 2011-03-11 2012-09-20 Piyush Bhatnagar System, design and process for strong authentication using bidirectional OTP and out-of-band multichannel authentication
US20130278622A1 (en) * 2012-04-23 2013-10-24 Netspectrum Inc. Secure and Authenticated Transactions with Mobile Devices

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10949869B1 (en) * 2018-06-25 2021-03-16 Sprint Communications Company L.P. Method for generating and using a 2D barcode
US11574332B1 (en) 2018-06-25 2023-02-07 Sprint Communications Company, L.P. Method for generating and using a 2D barcode
CN111414604A (zh) * 2019-01-08 2020-07-14 阿里巴巴集团控股有限公司 认证方法、设备、系统及存储介质
CN111414604B (zh) * 2019-01-08 2023-10-03 阿里巴巴集团控股有限公司 认证方法、设备、系统及存储介质

Also Published As

Publication number Publication date
MY171789A (en) 2019-10-29

Similar Documents

Publication Publication Date Title
US11647023B2 (en) Out-of-band authentication to access web-service with indication of physical access to client device
US11343099B2 (en) System and method for securing personal information via biometric public key
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
US9525549B2 (en) Method and apparatus for securing a mobile application
US10313881B2 (en) System and method of authentication by leveraging mobile devices for expediting user login and registration processes online
ES2680152T3 (es) Método y aparato de autenticación conveniente para el usuario usando una aplicación de autenticación móvil
US8775814B2 (en) Personalized biometric identification and non-repudiation system
US9577999B1 (en) Enhanced security for registration of authentication devices
US20160205098A1 (en) Identity verifying method, apparatus and system, and related devices
US20140337957A1 (en) Out-of-band authentication
WO2016114841A1 (fr) Jeton d'authentification forte à multiples utilisateurs
KR20110081103A (ko) 보안 트랜잭션 시스템 및 방법
WO2019226115A1 (fr) Procédé et appareil d'authentification d'utilisateur
WO2014141263A1 (fr) Système d'authentification otp asymétrique
Malathi et al. Achieving privacy and security using QR code by means of encryption technique in ATM
KR20200092950A (ko) 지문의 2단계 중앙 일치
Malik et al. Multifactor authentication using a QR code and a one-time password
KR102122555B1 (ko) 사용자가 소지한 금융 카드 기반 본인 인증 시스템 및 방법
WO2016013924A1 (fr) Système et procédé d'authentification mutuelle faisant intervenir des codes à barres
WO2017091133A1 (fr) Procédé et système de stockage sécurisé d'informations
CA2904646A1 (fr) Authentification securisee employant un code de saut
US20240005820A1 (en) Content encryption and in-place decryption using visually encoded ciphertext
MORAKINYO A secure bank login system using a multi-factor authentication
WO2012038449A2 (fr) Authentification
JP2021093063A (ja) 情報処理装置、認証システム、情報処理方法、および認証方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15824687

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15824687

Country of ref document: EP

Kind code of ref document: A1