WO2018093258A1 - A method, apparatus and computer program product for providing access to a digital service - Google Patents

A method, apparatus and computer program product for providing access to a digital service Download PDF

Info

Publication number
WO2018093258A1
WO2018093258A1 PCT/NL2017/050744 NL2017050744W WO2018093258A1 WO 2018093258 A1 WO2018093258 A1 WO 2018093258A1 NL 2017050744 W NL2017050744 W NL 2017050744W WO 2018093258 A1 WO2018093258 A1 WO 2018093258A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
terminal station
communication device
digital service
signal
Prior art date
Application number
PCT/NL2017/050744
Other languages
French (fr)
Inventor
Ismet Yesil
Original Assignee
Tmd Holding B.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tmd Holding B.V. filed Critical Tmd Holding B.V.
Publication of WO2018093258A1 publication Critical patent/WO2018093258A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Definitions

  • the invention relates to a method of providing access to a digital service.
  • Digital services are widely available as local servers are remotely accessible, e.g. via Internet or other communication means. Depending on the character of the digital service, it might be desired or required to set up a secure connection between a remote device employed by the user on the one hand and a server providing the digital service on the other hand.
  • authorization techniques include verification whether a personal identification number, PIN, entered by a user matches with data associated with a user account of said user.
  • Another security scheme includes sending an SMS to the user, the SMS including data security data to be entered via the remote device.
  • a method of providing access to a digital service comprising the steps of receiving an access request via a user interface on a terminal station, providing an identification request on said user interface, receiving user identification data via said user interface, the user
  • identification data being associated with a user account, forwarding the user identification data from the terminal station to a host server providing the digital service, transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, initiating, by the telecommunication server, an incoming call on said communication device, receiving, by the
  • the telecommunication server to the host server if the received response signal is a predefined approval signal, and authorizing the terminal station to access the digital service on the host server.
  • the invention also relates to an authorization system for providing access to a digital service.
  • a computer program product may comprise a set of computer executable instructions stored on a data carrier, such as but not limited to a flash memory, a CD or a DVD.
  • the set of computer executable instructions which allow a programmable computer to carry out the method as defined above, may also be available for downloading from a remote server, for example via the Internet, e.g. as an app.
  • FIG. 1 shows a schematic view of an authorization system according to the invention
  • Fig. 2 shows a flow chart of a method according to the invention
  • Fig. 3 shows a flow diagram of the method in Fig. 2.
  • FIG. 1 shows a schematic view of an authorization system 10 according to the invention.
  • the system 10 is used for providing access to a digital service, such as a bank transaction.
  • the authorization system 10 includes a terminal station 12 provided with a user interface 14 such as a touch screen or a combined display and keyboard.
  • the terminal station 12 acts as a front end of a digital system processing data for offering the digital service.
  • the terminal station can be implemented as a shop cash register or a home computer that has Internet connectivity to a secure Internet web page, e.g. for online shopping or for Internet banking functionality.
  • the system 10 includes a host server 16 and a telecommunication server 18.
  • the host server 16 is arranged for providing the digital service, while the telecommunication server 18 is arranged for operatively being in
  • the communication device 20 is a device being operatively connected to the telecommunication server 18, preferably in a wireless way, i.e. a cell phone, smartphone, phablet, tablet or other mobile communication device, or wired, e.g. for home or office applications.
  • a wireless way i.e. a cell phone, smartphone, phablet, tablet or other mobile communication device, or wired, e.g. for home or office applications.
  • the terminal station 12 is connected to the host server 16 via a first data channel 22 while the telecommunication server 18 is connected to the host server 16 via a second communication channel 24.
  • the communication channels 22, 24 can be wired or wireless for transmitting data between the terminal station 12 and the host server 16 on the one hand, and between the telecommunication server 18 and the host server 16 on the other hand.
  • the authorization system is arranged for performing a number of steps to provide access to the digital service provided by the host server 16 as explained in more detail below.
  • FIG. 2 shows a flow chart of a first embodiment of a method according to the invention.
  • the method 100 is used for providing access to a digital service.
  • the method comprises a step of receiving 110 an access request via a user interface on a terminal station, a step of providing 120 an identification request on said user interface, a step of receiving 130 user identification data via said user interface, the user identification data being associated with a user account, a step of forwarding 140 the user
  • telecommunication server being operatively in communication with a communication device associated with said user account, a step of initiating 160, by the telecommunication server, an incoming call on said
  • the telecommunication server to the host server if the received response signal is a predefined approval signal, and a step of authorizing 190 the terminal station to access the digital service on the host server.
  • Fig. 3 shows a flow diagram of the method in Fig. 2.
  • a user U is permitted to use a digital service, such as a financial service e.g. a bank transaction service or another service such as a digital service concerning secure data or a digital service providing physical access to a protected area or zone.
  • a digital service such as a financial service e.g. a bank transaction service or another service such as a digital service concerning secure data or a digital service providing physical access to a protected area or zone.
  • the digital service is serviced by the host server 16.
  • the user U has a user account related to said digital service, the user account including user identification data, such as personal data like first name, last name address, username etc.
  • the user account also includes a telephone number or similar data associating the user account with the communication device 20 of the user U.
  • the user U When the user U wishes to have access to the digital service, e.g. for carrying out a payment, the user U enters an access request 40 via the user interface 14 of the terminal station 12.
  • the terminal station receives 110 said access request 40 and returns 120 an identification request 42 on said user interface 14 inviting the user U to enter user identification data.
  • the user U may input user identification data 44 via said user interface, e.g. by entering a username, said data being included in the user account.
  • the terminal station 12 Upon receiving 130 the entered user identification data 44, the terminal station 12 forwards 140 said data 44 to the host server 16, preferably together with the access request 40.
  • the telecommunication server 18 that initiates 160 an incoming call 48 on the communication device 20 associated with the user account. Upon interaction of the user U with the communication device 20, the telecommunication server 18 receives 170 a response signal 50 from said device 20.
  • the telecommunication server 18 transmits 180 a positive authentication signal 54 to the host server 16. Responsive to said positive authentication signal 54 the host server 16 authorizes 190 the terminal station 12 to have access to the digital service.
  • the predefined approval signal 52 is a call declination signal that the communication device 20 transmits when the user U declines the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a NO or similar button on the device 20.
  • the predefined approval signal 52 may be different, e.g. a call acceptance signal.
  • an application may be run on the communication device 20 to selectively configure the predefined approval signal 52 based on signal induced by a user interaction with the communication device 20, e.g. a button signal caused by pressing a NO, YES or some other physical button or virtual button on a touch screen.
  • the communication server 18 transmits a negative authentication signal 58 to the host server 16. Responsive to said negative authentication signal 58 the host server 16 denies the terminal station 12 to have access to the digital service.
  • the user of the communication device 20 may cause the device 20 to send the predefined rejection signal 56 if another, fraudulent person has requested access to the digital service using the user identification data of the user. Then, access to the digital service is effectively denied.
  • the predefined rejection signal 56 is a call acceptance signal that the communication device 20 transmits when the user U accepts the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a YES or similar button on the device 20.
  • the predefined rejection signal 56 may be different, e.g. a call declination signal.
  • a communication session is set up between the communication device 20 and the telecommunication server 18, e.g. for informing the user U about details concerning the access request 40 and/or terminal station 12.
  • the host server 16 may transmit another call request to the telecommunication server and/or may transmit a message to the terminal station 12 informing the user U that something went wrong when processing the access request 40.
  • the method may further include a step of offering, via the user interface 14, an alternative authorization process, before the step of transmitting the call request 46 to the telecommunication server 18.
  • the user U may enter a password or may transmit biometric data such as iris recognition data.
  • an alternative authorization process may be initiated if no positive authentication signal 54 is received by the host server 16.
  • the terminal station 12, the host server 16, the telecommunication server 18 and the communication device 20 are separate devices. However, devices can be physically integrated. As an example, functionality of the terminal station 12 may be available on the
  • the method for providing access to a digital service can be performed using dedicated hardware structures, such as FPGA and/or ASIC components. Otherwise, the method can also at least partially be performed using a computer program product comprising instructions for causing a processor of a computer system or a control unit to perform the above described step of the method according to the invention, or at least a sub- step thereof.
  • the step of forwarding the user identification data from the terminal station to the host server is preferably initiated by the terminal station, while the step of forwarding a call request to the telecommunication server is preferably initiated by the host server.
  • At least one sub-step can be performed on a separate processor.
  • a processor can be loaded with a specific software module.
  • Dedicated software modules can be provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention relates to method of providing access to a digital service. The method comprises the steps of receiving an access request via a user interface on a terminal station and forwarding user identification data from the terminal station to a host server providing the digital service. Further, the method comprises the steps of transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, for initiating an incoming call on said communication device. If a response signal is a predefined approval signal, a positive authentication signal is transmitted to the host server authorizing the terminal station to access the digital service on the host server.

Description

Title: A method, apparatus and computer program product for providing access to a digital service The invention relates to a method of providing access to a digital service.
Digital services are widely available as local servers are remotely accessible, e.g. via Internet or other communication means. Depending on the character of the digital service, it might be desired or required to set up a secure connection between a remote device employed by the user on the one hand and a server providing the digital service on the other hand.
Usually, authorization techniques include verification whether a personal identification number, PIN, entered by a user matches with data associated with a user account of said user.
However, a PIN based security scheme is vulnerable for fraud since fraudulent persons may relatively easily collect PIN data from other people.
Another security scheme includes sending an SMS to the user, the SMS including data security data to be entered via the remote device.
However, a process of transmitting and receiving an SMS may take some time rendering the methodology less attractive. Furthermore, there occurs sometimes telecommunication failures between the mobile phone carrier and the user's mobile phone requiring recursive SMS sending action.
It is an object of the invention to provide an alternative method of providing access to a digital service. In particular, it is an object to provide a method that has improved security compared to a PIN based scheme.
Thereto, a method of providing access to a digital service is provided, comprising the steps of receiving an access request via a user interface on a terminal station, providing an identification request on said user interface, receiving user identification data via said user interface, the user
identification data being associated with a user account, forwarding the user identification data from the terminal station to a host server providing the digital service, transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, initiating, by the telecommunication server, an incoming call on said communication device, receiving, by the
telecommunication server, a response signal from said communication device, transmitting a positive authentication signal from the
telecommunication server to the host server if the received response signal is a predefined approval signal, and authorizing the terminal station to access the digital service on the host server.
By initiating an incoming call to a communication device of a user requesting access to the digital service and by evaluating whether a response signal of the communication device is a predefined approval signal, the user can both securely and easily obtain access to the digital service. Further, initiating a call can generally be implemented in a relatively quick way having a higher priority than a process of generating and transmitting SMS messages.
The invention also relates to an authorization system for providing access to a digital service.
Further, the invention relates to a computer program product. A computer program product may comprise a set of computer executable instructions stored on a data carrier, such as but not limited to a flash memory, a CD or a DVD. The set of computer executable instructions, which allow a programmable computer to carry out the method as defined above, may also be available for downloading from a remote server, for example via the Internet, e.g. as an app.
Other advantageous embodiments according to the invention are described in the following claims.
By way of example only, embodiments of the present invention will now be described with reference to the accompanying figures in which Fig. 1 shows a schematic view of an authorization system according to the invention;
Fig. 2 shows a flow chart of a method according to the invention, and
Fig. 3 shows a flow diagram of the method in Fig. 2.
The figures merely illustrate preferred embodiments according to the invention. In the figures, the same reference numbers refer to equal or corresponding parts.
Figure 1 shows a schematic view of an authorization system 10 according to the invention. The system 10 is used for providing access to a digital service, such as a bank transaction.
The authorization system 10 includes a terminal station 12 provided with a user interface 14 such as a touch screen or a combined display and keyboard. The terminal station 12 acts as a front end of a digital system processing data for offering the digital service. In practice, the terminal station can be implemented as a shop cash register or a home computer that has Internet connectivity to a secure Internet web page, e.g. for online shopping or for Internet banking functionality. Further, the system 10 includes a host server 16 and a telecommunication server 18. The host server 16 is arranged for providing the digital service, while the telecommunication server 18 is arranged for operatively being in
communication with a communication device 20 associated with a user account of a user U.
The communication device 20 is a device being operatively connected to the telecommunication server 18, preferably in a wireless way, i.e. a cell phone, smartphone, phablet, tablet or other mobile communication device, or wired, e.g. for home or office applications.
Generally, the terminal station 12 is connected to the host server 16 via a first data channel 22 while the telecommunication server 18 is connected to the host server 16 via a second communication channel 24. The communication channels 22, 24 can be wired or wireless for transmitting data between the terminal station 12 and the host server 16 on the one hand, and between the telecommunication server 18 and the host server 16 on the other hand.
The authorization system is arranged for performing a number of steps to provide access to the digital service provided by the host server 16 as explained in more detail below.
Figure 2 shows a flow chart of a first embodiment of a method according to the invention. The method 100 is used for providing access to a digital service. The method comprises a step of receiving 110 an access request via a user interface on a terminal station, a step of providing 120 an identification request on said user interface, a step of receiving 130 user identification data via said user interface, the user identification data being associated with a user account, a step of forwarding 140 the user
identification data from the terminal station to a host server providing the digital service, a step of transmitting 150 a call request to a
telecommunication server being operatively in communication with a communication device associated with said user account, a step of initiating 160, by the telecommunication server, an incoming call on said
communication device, a step of receiving 170, by the telecommunication server, a response signal from said communication device, a step of transmitting 180 a positive authentication signal from the
telecommunication server to the host server if the received response signal is a predefined approval signal, and a step of authorizing 190 the terminal station to access the digital service on the host server.
Fig. 3 shows a flow diagram of the method in Fig. 2.
In practice, the method can be implemented particularly referring to Fig. 1 and Fig. 3 as follows.
A user U is permitted to use a digital service, such as a financial service e.g. a bank transaction service or another service such as a digital service concerning secure data or a digital service providing physical access to a protected area or zone.
The digital service is serviced by the host server 16. The user U has a user account related to said digital service, the user account including user identification data, such as personal data like first name, last name address, username etc. The user account also includes a telephone number or similar data associating the user account with the communication device 20 of the user U.
When the user U wishes to have access to the digital service, e.g. for carrying out a payment, the user U enters an access request 40 via the user interface 14 of the terminal station 12. The terminal station receives 110 said access request 40 and returns 120 an identification request 42 on said user interface 14 inviting the user U to enter user identification data. The user U may input user identification data 44 via said user interface, e.g. by entering a username, said data being included in the user account. Upon receiving 130 the entered user identification data 44, the terminal station 12 forwards 140 said data 44 to the host server 16, preferably together with the access request 40.
Then, a call request 46 is transmitted 150 to the
telecommunication server 18 that initiates 160 an incoming call 48 on the communication device 20 associated with the user account. Upon interaction of the user U with the communication device 20, the telecommunication server 18 receives 170 a response signal 50 from said device 20.
If the received response signal 50 is a predefined approval signal 52, the telecommunication server 18 transmits 180 a positive authentication signal 54 to the host server 16. Responsive to said positive authentication signal 54 the host server 16 authorizes 190 the terminal station 12 to have access to the digital service.
In a preferred embodiment, the predefined approval signal 52 is a call declination signal that the communication device 20 transmits when the user U declines the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a NO or similar button on the device 20. In another embodiment, the predefined approval signal 52 may be different, e.g. a call acceptance signal.
In an embodiment of the invention, an application may be run on the communication device 20 to selectively configure the predefined approval signal 52 based on signal induced by a user interaction with the communication device 20, e.g. a button signal caused by pressing a NO, YES or some other physical button or virtual button on a touch screen.
On the other hand, if the received response signal 50 is a predefined rejection signal 56, the communication server 18 transmits a negative authentication signal 58 to the host server 16. Responsive to said negative authentication signal 58 the host server 16 denies the terminal station 12 to have access to the digital service.
The user of the communication device 20 may cause the device 20 to send the predefined rejection signal 56 if another, fraudulent person has requested access to the digital service using the user identification data of the user. Then, access to the digital service is effectively denied.
In a preferred embodiment, the predefined rejection signal 56 is a call acceptance signal that the communication device 20 transmits when the user U accepts the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a YES or similar button on the device 20. In another embodiment, the predefined rejection signal 56 may be different, e.g. a call declination signal.
Optionally, a communication session is set up between the communication device 20 and the telecommunication server 18, e.g. for informing the user U about details concerning the access request 40 and/or terminal station 12.
If the response signal 50 is not a predefined approval signal 52 or a predefined rejection signal 56, the host server 16 may transmit another call request to the telecommunication server and/or may transmit a message to the terminal station 12 informing the user U that something went wrong when processing the access request 40.
Advantageously, the method may further include a step of offering, via the user interface 14, an alternative authorization process, before the step of transmitting the call request 46 to the telecommunication server 18. As an example, the user U may enter a password or may transmit biometric data such as iris recognition data.
Further, an alternative authorization process may be initiated if no positive authentication signal 54 is received by the host server 16.
In principle, the terminal station 12, the host server 16, the telecommunication server 18 and the communication device 20 are separate devices. However, devices can be physically integrated. As an example, functionality of the terminal station 12 may be available on the
communication device 20. Then, the user U interacts with the
communication device 20 for initiating the access request 40, entering the user identification data and responding to the incoming call 48 that is initiated by the telecommunication server 18.
The method for providing access to a digital service can be performed using dedicated hardware structures, such as FPGA and/or ASIC components. Otherwise, the method can also at least partially be performed using a computer program product comprising instructions for causing a processor of a computer system or a control unit to perform the above described step of the method according to the invention, or at least a sub- step thereof. As an example, the step of forwarding the user identification data from the terminal station to the host server is preferably initiated by the terminal station, while the step of forwarding a call request to the telecommunication server is preferably initiated by the host server.
All steps can in principle be performed on a single processor.
However, it is noted that at least one sub-step can be performed on a separate processor. A processor can be loaded with a specific software module. Dedicated software modules can be provided.
The invention is not restricted to the embodiments described herein. It will be understood that many variants are possible.
These and other embodiments will be apparent for the person skilled in the art and are considered to fall within the scope of the invention as defined in the following claims. For the purpose of clarity and a concise description features are described herein as part of the same or separate embodiments. However, it will be appreciated that the scope of the invention may include embodiments having combinations of all or some of the features described.

Claims

Claims
1. A method of providing access to a digital service, comprising the steps of:
- receiving an access request via a user interface on a terminal station;
- providing an identification request on said user interface;
- receiving user identification data via said user interface, the user identification data being associated with a user account;
- forwarding the user identification data from the terminal station to a host server providing the digital service;
- transmitting a call request to a telecommunication server being
operatively in communication with a communication device associated with said user account;
- initiating, by the telecommunication server, an incoming call on said communication device;
- receiving, by the telecommunication server, a response signal from said communication device;
- transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and
- authorizing the terminal station to access the digital service on the host server.
2. A method according to claim 1, wherein the predefined approval signal is a call declination signal.
3. A method according to claim 1 or 2, wherein access to the digital service on the host server is denied if the response signal is a predefined rejection signal.
4. A method according to claim 3, wherein the predefined rejection signal is a call acceptance signal.
5. A method according to claim 3 or 4, wherein a communication session is set up between the communication device and the
telecommunication server.
6. A method according to any of the preceding claims, further comprising a step of offering via the user interface an alternative
authorization process, before the step of transmitting a call request to the telecommunication server.
7. A method according to any of the preceding claims, further comprising a step of offering via the user interface an alternative
authorization process if no positive authentication signal is received at the host server.
8. A method according to any of the preceding claims, wherein functionality of the terminal station is available on the communication device.
9. An authorization system for providing access to a digital service, comprising a terminal station provided with a user interface, a host server and a telecommunication server, the system being arranged to perform the steps of:
- receiving an access request via a user interface on a terminal station; - providing an identification request on said user interface;
- receiving user identification data via said user interface, the user identification data being associated with a user account;
- forwarding the user identification data from the terminal station to a host server providing the digital service;
- transmitting a call request to a telecommunication server being
operatively in communication with a communication device associated with said user account;
- initiating, by the telecommunication server, an incoming call on said communication device;
- receiving, by the telecommunication server, a response signal from said communication device; - transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and
- authorizing the terminal station to access the digital service on the host server.
10. A system according to claim 9, wherein functionality of the terminal station is available on the mobile communication device.
11. A computer program product for providing access to a digital service, the computer program product comprising computer readable code for causing a processor to perform the steps of:
- receiving an access request via a user interface on a terminal station;
- providing an identification request on said user interface;
- receiving user identification data via said user interface, the user identification data being associated with a user account;
- forwarding the user identification data from the terminal station to a host server providing the digital service;
- transmitting a call request to a telecommunication server being
operatively in communication with a communication device associated with said user account;
- initiating, by the telecommunication server, an incoming call on said communication device;
- receiving, by the telecommunication server, a response signal from said communication device;
- transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and
- authorizing the terminal station to access the digital service on the host server.
PCT/NL2017/050744 2016-11-16 2017-11-16 A method, apparatus and computer program product for providing access to a digital service WO2018093258A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL2017801 2016-11-16
NL2017801A NL2017801B1 (en) 2016-11-16 2016-11-16 A method, apparatus and computer program product for providing access to a digital service

Publications (1)

Publication Number Publication Date
WO2018093258A1 true WO2018093258A1 (en) 2018-05-24

Family

ID=58501764

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NL2017/050744 WO2018093258A1 (en) 2016-11-16 2017-11-16 A method, apparatus and computer program product for providing access to a digital service

Country Status (2)

Country Link
NL (1) NL2017801B1 (en)
WO (1) WO2018093258A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011161461A1 (en) * 2010-06-23 2011-12-29 Applied Neural Technologies Limited Identity verification
EP2611096A1 (en) * 2011-12-28 2013-07-03 Gemalto SA Method for authenticating a user using a second mobile device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011161461A1 (en) * 2010-06-23 2011-12-29 Applied Neural Technologies Limited Identity verification
EP2611096A1 (en) * 2011-12-28 2013-07-03 Gemalto SA Method for authenticating a user using a second mobile device

Also Published As

Publication number Publication date
NL2017801B1 (en) 2018-05-25

Similar Documents

Publication Publication Date Title
KR101384608B1 (en) Method for providing card payment system using phnone number and system thereof
US8990909B2 (en) Out-of-band challenge question authentication
US9578022B2 (en) Multi-factor authentication techniques
US20220188786A1 (en) Systems and methods for user data management across multiple devices
US20090006254A1 (en) Virtual prepaid or credit card and process and system for providing same and for electronic payments
AU2017203608A1 (en) Mobile human challenge-response test
WO2016028342A1 (en) Access control based on authentication
GB2533095A (en) System and method
CN105656850B (en) Data processing method, related device and system
US11757867B2 (en) System and method for implementing hacker traffic barriers
US20170331821A1 (en) Secure gateway system and method
US20210406909A1 (en) Authorizing transactions using negative pin messages
US20180276647A1 (en) Method and apparatus for transmitting transaction data using a public data network
US11887106B2 (en) Provisioning of secure application
EP2916510B1 (en) Network authentication method for secure user identity verification using user positioning information
KR20170005718A (en) Apparatus for an account transfer service and method thereof
WO2018093258A1 (en) A method, apparatus and computer program product for providing access to a digital service
KR102187907B1 (en) Communication Terminal Certification Processing System, Communication Terminal, Server and Certification Processing Method
TWI839875B (en) Payment method, user terminal, device, equipment, system and medium
US20230409752A1 (en) System and method for localized permission-based sharing of personal information
US20230169160A1 (en) Method and system for user authentication
JP2018036790A (en) Authentication device, identity confirmation method, and program
CA2944084C (en) Provisioning of secure application
CN106941615B (en) Payment method, set top box and system
EP3559881A1 (en) Secure log-in or transaction procedure

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17817242

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17817242

Country of ref document: EP

Kind code of ref document: A1