WO2019157574A1 - Method for proving user identity and or user's choice - Google Patents

Method for proving user identity and or user's choice Download PDF

Info

Publication number
WO2019157574A1
WO2019157574A1 PCT/BG2018/000039 BG2018000039W WO2019157574A1 WO 2019157574 A1 WO2019157574 A1 WO 2019157574A1 BG 2018000039 W BG2018000039 W BG 2018000039W WO 2019157574 A1 WO2019157574 A1 WO 2019157574A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
elements
sequence
session
information
Prior art date
Application number
PCT/BG2018/000039
Other languages
French (fr)
Inventor
Dimitar Anastasov GRIGOROV
Original Assignee
Grigorov Dimitar Anastasov
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Grigorov Dimitar Anastasov filed Critical Grigorov Dimitar Anastasov
Publication of WO2019157574A1 publication Critical patent/WO2019157574A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Definitions

  • the invention describes a method for proving user identity and / or choice. It is intended to create or allow communication between a user and functional device such as a tablet, a computer, a mobile phone etc.
  • a user and functional device such as a tablet, a computer, a mobile phone etc.
  • the usage of the method achieves higher levels of identification security against direct visual or technology- assisted observation. It can also be used as an addition or substitution to other identity and / or user choice methods.
  • Access to the control software is being provided after entering a password or pin code, having the additional user owned hardware device connected to the operating system.
  • This authentication method can be defined as having sufficient security, but at the same time the user has the additional inconvenience of owning a device that needs to go for periodic updates, and bring up to date the individual user data. These are supplemented with the necessity to install device support software on the user operating system. Additionally the hardware device has a quite limited compatibility and maintenance.
  • the physical device or a computer system left with connected device is present and running user management software. This can provide an unauthorized user’s choice or identification. Like the previous case, it is not always necessary to preown the control software access pin code or password.
  • the application does not directly communicate with the biometric data reading device. Indeed the user pre-records biometric data, and further executes compare queries to it. The device returns a binary reply - True or False.
  • the authentication can be used to provide an access to a personal or a physical space, for example an office. It can also provide physical user movement tracking data, or an access to a virtual space including bank accounts. It can grant the person the right to make a transaction. It can also allow usage of a one or multiple physical devices such as a personal communications devices. Therefore it is of an essential significance to reduce the possibility of or fraudulent biometric authentication.
  • a good example can be a recognition of an image (such as a portrait picture) of an authorized person instead of the real privileged person.
  • the results can be faked. Still this is dependent on specific device models, middleware drivers etc.
  • the required biometric information may be obtained directly from the user, with further possibility to be successfully compared to the one stored in the biometric device.
  • There is a known method for graphically representing numeric- alphanumeric information A sequence of letters, numbers, or symbols is being displayed in a preview window as an image. The method allows a certain level of displayed information visual deformation. The user must reproduce the displayed image as a text in the input window.
  • This method has a lower security level protection compared to the standard letters numbers and symbols password from a standard QWERTY keyboard input due to a high risk of erroneous deformed images recognition. Like the previously described method above, this method cannot be considered secure enough because of the possibility of making a visual association by another user. It does not grant the needed security protection against computer-generated attempts to reproduce combinations either.
  • a known method for user identification is wherein the user can define from his owned device with an installed operating system, a motion trajectory for previously selected individual parts ora random image or parts of it. To identifying himself, the user must reproduce a whole or partially predefined motion trajectory with a certain level of approximation, which he marks using closed polygons, vectors, or dots.
  • One disadvantage of the described method is its insufficient security in terms of maximum possible mathematical combinations, as well as the fact that there is a finite number of trajectories of motion on a fully visualized graphic image. The proposed level of security further allows compromising it by to using of screen recording methods.
  • the described method cannot be considered as sufficiently reliable in terms of the possibility of making a visual association by another user, but guarantees certain security protection against computer-generated attempts to reproduce combinations.
  • the security level can further be compromised with the use of screen recording methods (screen recorders).
  • Another method disadvantage is the matrix finite elements number that give a limited permutations of the possible solutions, as well as the overall graphics visualization of the entire image that define additional compatibility universal support for various operating systems and end point devices limitations.
  • the invention purpose is to provide a recognized versatile and applicably convenient user identity and / or user choice proving method, whilst having an increased level of security, increased authentication and authenticity protection, that will bring an improved overall access system reliability.
  • the invention objective is solved with the introduction of a user identity and / or choice proving method. It contains a selection of one or more elements, located in working polygon zones. The user then creates an element selection sequence for the chosen elements. Further when opening an access request session the user needs to identify the graphic elements whilst reproducing the pre-defined elements selection sequence.
  • the user when a user access request is being initially configured the user needs to define and memorize a selection sequence from a set of predefined graphics elements including the number, type and / or number of occurrences for each element. For each following access request session the graphics elements are displayed in random combination and order in a working field of“n” work zones. The user then needs to mark only the work zones, where the elements that match his configuration sequence are being displayed whilst conforming the predefined selection sequence as well.
  • the predefined elements are being displayed in different work zones and/or in a different position within a single work zone in combination with other randomly added elements that the system contains. Then user work zones selection is being compared with the user-predefined sequence. After a match the user is being granted an access. In case where there is no sequence or elements match the access is refused.
  • the predefined elements can be static or moving images as well as spatial or volumetric images.
  • the predefined elements can be represented by letters, digits, symbols, names, an image, a photo, combinations of matching or guiding colors, or patterns displayed on multiple rows or sequences.
  • the work zones have preferred shape is rectangular or square although it may be also possible to have work zones of different shape in one working field.
  • the user at his own discretion may select a combination of "n" predefined elements.
  • the user is able to define himself every single personal element, for example personal pictures or parts of them, respectively parts of the user's face.
  • the system can mix and display in a single work field generated combinations of images with at least 3 personal user elements.
  • the elements can be images, in which comer there can additionally be numbered.
  • the numerical element is assisting the system with the images user selected sequence.
  • the work zones identification sequence for every single work field and the elements location within them are being randomly generated.
  • each user session is valid only for a predetermined period of time.
  • a graphic element can consist of one more two-dimensional image.
  • a graphic object can consist of one or more three-dimensional graphic areas.
  • a graphic object can be a combination of one or more two-dimensional and three-dimensional images.
  • the graphic object can be a moving object.
  • the user identification and / or user choice method has the advantage of providing a high level of protection against random guessing generation or recognition, as it is based on the user visual association, recognition and user predefined elements selection. They can be graphic images, located in different work areas of a single workspace. With every new access session both their location and their grouping combinations are different. This is a result from system-generated random identification display combination sequence.
  • the maximum elements selected number is not limited and it can be user-defined. The greater number of elements in a combination gives a greater access security.
  • the identification method allows usage of different graphics elements types such as 2D and / or 3D images and areas, moving objects, including personal or user images. The variety of them creates larger elements combinations variation, thus achieving a higher level of security for user- selected elements combination
  • the user identification method has a distinguished advantage that it can provide a higher security level than the others known methods.
  • the proposed authentication method provides a security access that eliminates the possibility of unauthorized software assisted and visual tracking, as well as sequence tracking by remembering the user selects. Therefore only the user itself is able to distinguish in a single work field the desired pre-selected element which is being displayed in combination with other elements of a similar or radically different type. This provides higher security, as in case of a third party person or technology visual tracking there cannot be an explicit clear user's choice explanation and the users logic cannot be defined, whilst the increased security access and protection level proportionally to the displayed number of elements in a single work field.
  • the method can be applied and works successfully in all known network environments and operating systems.
  • the protection is achieved by indications known only to the users who had independently set, mark and define their sequence, and they are randomly combined and displayed with other elements.
  • a single work area may include at least 2 elements, that can be of different types and number of polygons (fields, zones), together with different number combinations and elements types. They can be two-dimensional, three-dimensional static and/or moving objects, and can be displayed in different backgrounds each time, etc.
  • the shape and number of all access system elements can be changed, whilst retaining the deploying elements principles for a work area, that can change its shape and locations or can also contain misleading information in combination together with the with the correct information.
  • the method can require a predetermined area identification sequence in a specific way known only to the user. Additional supplementary, auxiliary or misleading information is also being displayed. It may be necessary to specify a given area more than once.
  • the method according to the invention limits the possibilities of standard tracking user actions methods usage such as keystrokes sequences (keyloggers) and / or recording cursor movements screen recorders. It does not require the ownership of any kind of additional identifiers and has no additional used operating systems encryption requirements.
  • the method can also be used as an addition or substitute of other identifying and / or user choise methods. It can respectively be safely performed in public places and / or on not user personally owned devices.
  • Fig.l- a representation of multiple rows or sequences displayed elements.
  • Fig.2- a representation of user pre-defined user elements combination in a user defined sequence.
  • Fig.3a-3c- a representation of a presents a three work fields sequence with a different work zones location, also with different selected user elements locations. DETAILED DESCRIPTION OF THE EMBODIMENT OF THE INVENTION.
  • the user performs an initial preparation that include the following operations: it is convenient for the user to have library of graphical objects, containing a standard set of pre-selected or added graphic objects his individual profile. The user has the option to add his own graphic objects as well.
  • the user selects elements from the library, a graphic objects or an user added element. This defines the graphic object the assignment to be used for prooving user identification and / or choice.
  • the device system When a user access system session is initiated, the device system generates random user pre-selected elements combination of mixed together with other system element.
  • the system has the correct sequence and it starts a hidden user session duration timer together with the previous unsuccessful access attempts information including the critical mode status with the number of critical unsuccessful attempts.
  • the predefined work areas contain functionally generated elements, such as system library graphic images extracts generated in random graphical areas combinations and order.
  • the system loads and displays the hints tags (user pre-defined) and user profile rules in a random combination with other non-defined library elements.
  • the user has to specify the location from which, the system will be required by the user, example: one additional line of system information will always see the yellow number. It is different every time and determines the number of false manipulations.
  • parasitic clicks will be added, depending on the user's wish that is set in the preset - it is previously stated in the system, that the user always starts choosing a parasitic combination and then adds its order of naming the signs.
  • the user selects the areas in accordance with his predefined by him assignments.
  • the operating system performs both field matching and sequence check. A comparison is being between the selected and the pre-defined element where in case of match, the next selected area is checked. When all the selected areas match for the valid session time for the whole identification sequence is established the access is being granted. In case of any area or identification sequence mismatch, the system reports an unsuccessful access attempt.
  • the method provides options for applying common actions used in conventional access methods especially actions that define the number of critical and unsuccessful access attempts for the during a single session, as well as for temporary or permanent user profile blocking.
  • a given element visual representation A single or multiple preset system elements can be represented in the selection window.
  • the selection window is a part of the device workspace that runs the proposed access method.
  • the selection window displays the graphic object or part of it.
  • the selection window size and shape is taking into consideration the specific end user access device hardware and software features.Thus the selection window size does not affect the actual graphic object surface size.
  • Visualization tools that control the specified graphic object displayed render can also be shown in the selection window. They can select and represent a preferred graphic object part that contains the specified area or part of it in the desired view and size. The control tools allow the user to move or animate a part of graphic objects, especially parts not in being in the selection window.
  • control tools can zoom in and /or out the graphic object or parts of it up to the selection window limits as well as rotate - graphic object around to different relative coordinate system axes. They can also display the hint markers that are also being visualized in the operating system workspace.
  • Identification sequence display The preferred identification sequence is being displayed for the current example in a modified form together with misleading information based on the active displayed in the current session hint markers.
  • a random combination user-defined selection sequence is being generated for the currently active user session that represents and visualizes corresponding identification sequence.
  • the access request process ends with the user identification.
  • the user needs to consecutively perform the current identification sequence given instructions by selecting the predefined by him areas sequence displayed in the selection window and using the management tools.
  • the system allows user access.
  • the device screen displays an error message.
  • the user session then is been interrupted and the user can further initiate a new user session where the specified areas are being displayed in a new, different identifying sequence combination. After a given number of unsuccessful attempts user access may be fully or partially suspended.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a method for proving user identity and/or choice. It is intended to provide or allow communication between a tablet, computer, mobile or other communication or functional device and an end user. The method creates ways to achieve a higher level of identification security, including a protection against direct visual or technology-assisted observation. It can also be used as an addition or a replacement of other identity and/or consumer choice methods.

Description

METHOD FOR PROVING USER IDENTITY
AND / OR USER’S CHOICE
FIELD OF THE INVENTION
[0001] The invention describes a method for proving user identity and / or choice. It is intended to create or allow communication between a user and functional device such as a tablet, a computer, a mobile phone etc. The usage of the method achieves higher levels of identification security against direct visual or technology- assisted observation. It can also be used as an addition or substitution to other identity and / or user choice methods.
BACKGROUND OF THE INVENTION.
[0002] At present there are several known different methods of proving user identity and / or user’s choice. They are considered to be most secure access methods at the moment and they include the use of an additional user owned autonomous devices that generates unique identification dynamic codes for the specific users, time and device. The information access in the device can be additionally protected by a key, password or pin code known only to the user. Similar user identification and/or user’s choice methods can also be applied on a device not owned by the user, and is safe to work in public environments. In such cases, the user's access is being provided by entering a received a one-time specific user session valid and time expiry password key, a pin code, which further grants an access for a given period of time.
[0003] Another known method for identification and/or user's choice that is being used in the cases where the information access does not require neither an address, nor an additional user owned device. The access is being provided by entering a key, code or password known to the specific user only in a working site or applica tion window with accesses through a public or private communications network / Internet or Intranet web environment /.The described access and identification method is can be applied to any communication end point without additional location and/or access device restrictions. [0004] The described method’s main disadvantage is related to the insufficient level of security protection that can be compromised by common password tracking methods by recording key strokes and sequences and / or recording of cursor movements (keyloggers), as well as the possible usage of screen capturing recorders (screen recorders). On the other hand, due to the need for simple and fast identification, especially when used in public environment, passwords with a high level of security are being entered in a relatively slow speed. For this purpose, a method for introducing simplified passwords, such as "pin codes", which do not contain the necessary mathematical complexity, is being commonly adopted. All types of passwords contain a certain level of risk and can be visually tracked, copied or extracted when the device communication protocol is intercepted.
[0005] There are other known methods for proving user identity, personal identity, and choice, which include an individual device with a hardware-encrypted unique user identification information, that is used with a corresponding software (electronic signature), as the information communication is based on private and public keys exchange.
[0006] Access to the control software is being provided after entering a password or pin code, having the additional user owned hardware device connected to the operating system. This authentication method can be defined as having sufficient security, but at the same time the user has the additional inconvenience of owning a device that needs to go for periodic updates, and bring up to date the individual user data. These are supplemented with the necessity to install device support software on the user operating system. Additionally the hardware device has a quite limited compatibility and maintenance.
[0007] There are a several known security breech cases in using this method mainly caused by an inappropriate hardware device storing and protection. In these cases, after providing the identification pin code or password to the device's management software the unauthorized access can occur after accessing
|
the physical device or a computer system left with connected device is present and running user management software. This can provide an unauthorized user’s choice or identification. Like the previous case, it is not always necessary to preown the control software access pin code or password.
[0008] There are also some known methods for user identification a in which additional biometric user data is being collected. The existing methods provide relatively good level of security when identifying the user and / or user’s choice. A significant method disadvantage is the requirement to have specific biometric data reading devices of different types, with no standard regulations connected to the user operating system. This mainly prevents the method from being universal.
[0009] Currently the way the identification is being performed the application does not directly communicate with the biometric data reading device. Indeed the user pre-records biometric data, and further executes compare queries to it. The device returns a binary reply - True or False.
There is a known method for face image identification (US20180039845). The authentication can be used to provide an access to a personal or a physical space, for example an office. It can also provide physical user movement tracking data, or an access to a virtual space including bank accounts. It can grant the person the right to make a transaction. It can also allow usage of a one or multiple physical devices such as a personal communications devices. Therefore it is of an essential significance to reduce the possibility of or fraudulent biometric authentication. A good example can be a recognition of an image (such as a portrait picture) of an authorized person instead of the real privileged person.
In this way by manipulating the communication between the biometric reading device controlling drivers or middleware and the device control software that executes the query the results can be faked. Still this is dependent on specific device models, middleware drivers etc. As a result of the above mentioned approaches, it is difficult to provide a realistic security level assessment for described method. In certain existing scenarios the required biometric information may be obtained directly from the user, with further possibility to be successfully compared to the one stored in the biometric device. [0010] There is a known method for graphically representing numeric- alphanumeric information. A sequence of letters, numbers, or symbols is being displayed in a preview window as an image. The method allows a certain level of displayed information visual deformation. The user must reproduce the displayed image as a text in the input window. This method has a lower security level protection compared to the standard letters numbers and symbols password from a standard QWERTY keyboard input due to a high risk of erroneous deformed images recognition. Like the previously described method above, this method cannot be considered secure enough because of the possibility of making a visual association by another user. It does not grant the needed security protection against computer-generated attempts to reproduce combinations either.
[0011] A known method for user identification is wherein the user can define from his owned device with an installed operating system, a motion trajectory for previously selected individual parts ora random image or parts of it. To identifying himself, the user must reproduce a whole or partially predefined motion trajectory with a certain level of approximation, which he marks using closed polygons, vectors, or dots. One disadvantage of the described method is its insufficient security in terms of maximum possible mathematical combinations, as well as the fact that there is a finite number of trajectories of motion on a fully visualized graphic image. The proposed level of security further allows compromising it by to using of screen recording methods.
[0012] There is a known user identification method - EP2493228, according to which the user selects a graphic object, divides it into individual regions that further graphically represented, in a matrix of "m" rows and "n" columns. Each matrix element has a graphic image. Based on predefined identification instructions, the user has to select one or more particular elements that are defined by polygon-bound geometric regions of the matrix, based on visual association.
[0013] The described method cannot be considered as sufficiently reliable in terms of the possibility of making a visual association by another user, but guarantees certain security protection against computer-generated attempts to reproduce combinations.
The security level can further be compromised with the use of screen recording methods (screen recorders). Another method disadvantage is the matrix finite elements number that give a limited permutations of the possible solutions, as well as the overall graphics visualization of the entire image that define additional compatibility universal support for various operating systems and end point devices limitations.
SUMMARY OF THE INVENTION
[0014] As previously described in the invention art, the invention purpose is to provide a recognized versatile and applicably convenient user identity and / or user choice proving method, whilst having an increased level of security, increased authentication and authenticity protection, that will bring an improved overall access system reliability.
[0015] The invention objective is solved with the introduction of a user identity and / or choice proving method. It contains a selection of one or more elements, located in working polygon zones. The user then creates an element selection sequence for the chosen elements. Further when opening an access request session the user needs to identify the graphic elements whilst reproducing the pre-defined elements selection sequence.
[0016] According to the invention, when a user access request is being initially configured the user needs to define and memorize a selection sequence from a set of predefined graphics elements including the number, type and / or number of occurrences for each element. For each following access request session the graphics elements are displayed in random combination and order in a working field of“n” work zones. The user then needs to mark only the work zones, where the elements that match his configuration sequence are being displayed whilst conforming the predefined selection sequence as well.
[0017] For every different access request session or attempt (in each new session), the predefined elements are being displayed in different work zones and/or in a different position within a single work zone in combination with other randomly added elements that the system contains. Then user work zones selection is being compared with the user-predefined sequence. After a match the user is being granted an access. In case where there is no sequence or elements match the access is refused.
[0018] According to the identification sequence requirement, the predefined elements can be static or moving images as well as spatial or volumetric images.
[0019] According to a sample method embodiment, the predefined elements can be represented by letters, digits, symbols, names, an image, a photo, combinations of matching or guiding colors, or patterns displayed on multiple rows or sequences.
[0020] The work zones have preferred shape is rectangular or square although it may be also possible to have work zones of different shape in one working field.
[0021] The user at his own discretion may select a combination of "n" predefined elements.
[0022] According to a sample method embodiment the user is able to define himself every single personal element, for example personal pictures or parts of them, respectively parts of the user's face.
[0023] According to another sample method embodiment, the system can mix and display in a single work field generated combinations of images with at least 3 personal user elements.
[0024] According to a sample method embodiment, the elements can be images, in which comer there can additionally be numbered. In such cases the numerical element is assisting the system with the images user selected sequence.
[0025] According to a preferred method embodiment, for each different user session the work zones identification sequence for every single work field and the elements location within them are being randomly generated.
[0026] According to a preferred method embodiment, each user session is valid only for a predetermined period of time.
[0027] According to an optional method for proving identity embodiment, while the randomly generated predefined elements sequence is being displayed, for the identification sequence an additional assisting and / or misleading information can also be displayed. This help information is intended to help the user to derive the correct user’s choice sequence.
[0028] According to a preferred invention method embodiment, a graphic element can consist of one more two-dimensional image.
[0029] According to a preferred invention method embodiment a graphic object can consist of one or more three-dimensional graphic areas.
[0030] According to an optional invention method embodiment a graphic object can be a combination of one or more two-dimensional and three-dimensional images.
[0031] According to the invention the graphic object can be a moving object.
[0032] The user identification and / or user choice method has the advantage of providing a high level of protection against random guessing generation or recognition, as it is based on the user visual association, recognition and user predefined elements selection. They can be graphic images, located in different work areas of a single workspace. With every new access session both their location and their grouping combinations are different. This is a result from system-generated random identification display combination sequence. The maximum elements selected number is not limited and it can be user-defined. The greater number of elements in a combination gives a greater access security.
[0033] The identification method allows usage of different graphics elements types such as 2D and / or 3D images and areas, moving objects, including personal or user images. The variety of them creates larger elements combinations variation, thus achieving a higher level of security for user- selected elements combination According to the invention the user identification method has a distinguished advantage that it can provide a higher security level than the others known methods. The proposed authentication method provides a security access that eliminates the possibility of unauthorized software assisted and visual tracking, as well as sequence tracking by remembering the user selects. Therefore only the user itself is able to distinguish in a single work field the desired pre-selected element which is being displayed in combination with other elements of a similar or radically different type. This provides higher security, as in case of a third party person or technology visual tracking there cannot be an explicit clear user's choice explanation and the users logic cannot be defined, whilst the increased security access and protection level proportionally to the displayed number of elements in a single work field.
[0034] The method can be applied and works successfully in all known network environments and operating systems. The protection is achieved by indications known only to the users who had independently set, mark and define their sequence, and they are randomly combined and displayed with other elements. A single work area may include at least 2 elements, that can be of different types and number of polygons (fields, zones), together with different number combinations and elements types. They can be two-dimensional, three-dimensional static and/or moving objects, and can be displayed in different backgrounds each time, etc. The shape and number of all access system elements can be changed, whilst retaining the deploying elements principles for a work area, that can change its shape and locations or can also contain misleading information in combination together with the with the correct information.
The method can require a predetermined area identification sequence in a specific way known only to the user. Additional supplementary, auxiliary or misleading information is also being displayed. It may be necessary to specify a given area more than once.
Because of that, it is difficult to retrieve useful information from a direct visual or technology-aided user actions surveillance or tamper-indicating manipulations.
[0035] The method according to the invention limits the possibilities of standard tracking user actions methods usage such as keystrokes sequences (keyloggers) and / or recording cursor movements screen recorders. It does not require the ownership of any kind of additional identifiers and has no additional used operating systems encryption requirements. The method can also be used as an addition or substitute of other identifying and / or user choise methods. It can respectively be safely performed in public places and / or on not user personally owned devices.
BRIEF DESCRIPTION OF THE DRAWINGS.
[0036] Following within the invention description, an exemplary of user identity proving method will be presented. This is illustrated by the additional drawings, as follows:
Fig.l- a representation of multiple rows or sequences displayed elements. Fig.2- a representation of user pre-defined user elements combination in a user defined sequence.
Fig.3a-3c- a representation of a presents a three work fields sequence with a different work zones location, also with different selected user elements locations. DETAILED DESCRIPTION OF THE EMBODIMENT OF THE INVENTION.
[0037] Further in the current description a method for proving user identity and / or user choice example will be presented with the described operations sequence and its specifying parameters can be applied in different variations versions and scenarios such as the usage two or three dimensional images that group and arrange in separate work areas can have an equivalent function or functionality It also shows the usage of the described user identification proving method beneficial effect. In regards with this, the invention method embodiment should be considered and interpreted as an illustrated proposed technical solution, without setting a limit for other variations use. Some other current invention ascpect of are described in regards with method use according to the invention embodiment. It should be make clear that every single work field, or work fields combinations can be defined by reading computer program instructions.
[0038] The method for proving user identity is carried out in the following sequence:
[0039] First, the user performs an initial preparation that include the following operations: it is convenient for the user to have library of graphical objects, containing a standard set of pre-selected or added graphic objects his individual profile. The user has the option to add his own graphic objects as well.
[0040] The user selects elements from the library, a graphic objects or an user added element. This defines the graphic object the assignment to be used for prooving user identification and / or choice.
[0041] Elements visual representations. In the current exemplary embodiment, all of the below shown method features are displayed and / or generated randomly for each individual user session and each individual user method application attempt. They can be valid for a certain period of time and after expiry they can no longer be relevant and therefore it is not possible the user access to be granted.
[0042] When a user access system session is initiated, the device system generates random user pre-selected elements combination of mixed together with other system element. The system has the correct sequence and it starts a hidden user session duration timer together with the previous unsuccessful access attempts information including the critical mode status with the number of critical unsuccessful attempts. The predefined work areas contain functionally generated elements, such as system library graphic images extracts generated in random graphical areas combinations and order. At the same time the system loads and displays the hints tags (user pre-defined) and user profile rules in a random combination with other non-defined library elements. For example, in a sample order of the blue, 1 and point, chosen by the user, it is possible to produce the following option: "constant parasitic or misleading information" - this is the possibility at the start of the time when the user chooses to add between 1 and one parasitic (to be understood) each field, sector, area of the work area (the place where all zones). In this way, the user will know in advance that must be have to add a random field every time in the selected sequence to this place, and this add- on will only be known to the user. Example: The user chooses the second action to be parasitic information and in the selected sequence“blue, 1 and point” will get “blue, parasitic click, 1 and point”. Option "False manipulation requirement". In this case, the user has to specify the location from which, the system will be required by the user, example: one additional line of system information will always see the yellow number. It is different every time and determines the number of false manipulations. Thus, before or after the selected user combination, parasitic clicks will be added, depending on the user's wish that is set in the preset - it is previously stated in the system, that the user always starts choosing a parasitic combination and then adds its order of naming the signs. "False manipulation placement requirement" - example: in the selected character sequence -’’blue, 1 and point”, the user pre-set the number of misleading or parasitic information (number of clicks, anywhere) for system information (the characters that are located on the side, more precisely - the numbers of different colors), where the system indicates where the parasitic information should be placed. Example: If the color selected by the user is a numeral 2, it means that in the selected sequence “blue, 1 and point”, the second must be the misleading information. In this case the sequence becomes:“blue, misleading click, 1 and point”. In the next session, the misleading information will be in a different location.
[0043] The user selects the areas in accordance with his predefined by him assignments. When selecting every one of them, the operating system performs both field matching and sequence check. A comparison is being between the selected and the pre-defined element where in case of match, the next selected area is checked. When all the selected areas match for the valid session time for the whole identification sequence is established the access is being granted. In case of any area or identification sequence mismatch, the system reports an unsuccessful access attempt.
When the user default access unsuccessful attempt limited is being reached when the user access is suspended. After each unsuccessful user access attempt, the active session is closed and needs to be revoked by the uses. The user needs to reenter again requested sequence during the duration new session active time of, that is different for the new session.
[0044] The method provides options for applying common actions used in conventional access methods especially actions that define the number of critical and unsuccessful access attempts for the during a single session, as well as for temporary or permanent user profile blocking.
[0045] A given element visual representation. A single or multiple preset system elements can be represented in the selection window. The selection window is a part of the device workspace that runs the proposed access method. The selection window displays the graphic object or part of it. The selection window size and shape is taking into consideration the specific end user access device hardware and software features.Thus the selection window size does not affect the actual graphic object surface size. Visualization tools that control the specified graphic object displayed render can also be shown in the selection window. They can select and represent a preferred graphic object part that contains the specified area or part of it in the desired view and size. The control tools allow the user to move or animate a part of graphic objects, especially parts not in being in the selection window.
[0046] The control tools can zoom in and /or out the graphic object or parts of it up to the selection window limits as well as rotate - graphic object around to different relative coordinate system axes. They can also display the hint markers that are also being visualized in the operating system workspace.
[0047] Identification sequence display. The preferred identification sequence is being displayed for the current example in a modified form together with misleading information based on the active displayed in the current session hint markers.
[0048] A random combination user-defined selection sequence is being generated for the currently active user session that represents and visualizes corresponding identification sequence.
[0049] The access request process ends with the user identification. The user needs to consecutively perform the current identification sequence given instructions by selecting the predefined by him areas sequence displayed in the selection window and using the management tools. In case of a successful method completion the system allows user access. In case of an authentication sequence failure the device screen displays an error message. The user session then is been interrupted and the user can further initiate a new user session where the specified areas are being displayed in a new, different identifying sequence combination. After a given number of unsuccessful attempts user access may be fully or partially suspended.
[0050] Actual user identity proving and / or choice method implementation. It is been executed when it is necessary to perform an initial and / or subsequent user identification and / or user action on an end user access device in line with the system predefined user elements and user profile settings.
[0051] The terminology used herein is intended only for the current description purposes for the specific embodiments and in neither case does not limit the invention. As used herein, the singular forms are being described with "a", "one", "single" where plural forms are indicated with "-s", "many" ,"much", "more than one", "multiple", "several", "various" etc. unless otherwise explicitly indicated in the context. It will be further understood that the terms“ include” and / or“ including” when used in the current specification, define the presence of specified features, goals, numbers, steps, operations, elements and / or components, but do not exclude the presence or adding more and/or more other functions, integers, steps, operations, elements, numbers and / or groups thereof.
The present invention various embodiment descriptions are given with illustrative purpose only. They are not intended to exhaust or limit the invention to the disclosed embodiments.
The method allows multiple and variants modifications realization that have the scope and the idea sense of, some of which may be obvious to skilled specialists in the art.

Claims

1. A method for proving user identity and/or user’s choice, which contains a selection of one or more elements, located in working polygon zones, after that the user creates an element selection sequence for the chosen elements and further when opening an access request session the user needs to identify the graphic elements whilst reproducing the pre-defmed elements selection sequence, characterize with that, when a user access request is being initially configured the user needs to define and memorize a selection sequence from a set of predefined graphics elements including the number, type and/or number of occurrences for each element and for each following access request session the graphics elements are displayed in random combination and order in a working field of“n” work zones, as the user then needs to mark only the work zones, where the elements that match his configuration sequence are being displayed whilst conforming the predefined selection sequence as well, a user identity proof and / or choice method of which includes a work user area (environment) visualization that has one or multiple fields (areas, zones) where in each two or more elements are being visualized in each field (area, zone), one or more of which is can be correct, and the one (one or more) to be misleading, and in a single user session generation, the combination of the correct (authentication) and misleading information in a single zone (area, field), provides protection against visual or technical observation, since the select field reason cannot be determined, but the user predefined element for the authentication information can be visualized each time in a different session in a different location in the field (zone) in combination with other system components library located randomly in the work zone, each user work area field can have a different shape and location and its position is changing with each new session, where the field shape can also be a specific user information itself and when tagged it could mean authentic identification information provided to the system, where a user requirement allows the of the correct authentication sequence tagging by the user and the combination of displaying misleading information and the variable position for each new session, provides the necessary security identification level, whereby any identification information can be an element from the pre-defined system elements and can also be created by the user himself and further imported in the system elements library and any representing identification information element can be a moving static or different (any) spatial image. Any visual element can be accompanied by a sound equivalent. Any visual element can be displayed in any user session or user sessions sequences in different style and vision whilst still describing explicitly the user's predetermined choice and giving the exact element definition, as the method also allows hint and or misleading information provisioning that will indicate the predetermined identification sequence and changing it further in an each time different system sequence. It can be built into the workspace as separate module (s), when the system generates different request information for each new session showing the predetermined identification sequence order and determines the combinations match as well as sets the session success status.
2. A method according to claim 1 , characterized with that, can be described with randomly generated the user pre-set elements identifying sequence system zone location for each user session.
3. Method according to claim 1, characterized with that, can be described with that each user session being valid only for a predetermined period of time.
4. Method according to claim 1 characterized with that, that can be described with simultaneous generated user predefined elements random location visualization together with their identification sequence, additional hint and / or misleading information to indicate the user selection sequence.
5. Method according to claim 1, characterized with that can be described with a graphic object or element consisting of one or more two-dimensional image.
6. Method according to claim 1, characterized with that can be described with a graphic object or element consisting of be one or more three-dimensional graphic areas.
7. Method according to claim 1, characterized with that can be described with a working area being a closed polygon defined by multiple work area surface points.
8. Method according to claim 1, characterized with that can be described with working area being selected by positioning a graphic cursor and activating a selecting or marking key combination over a work area point.
9. Method according to claim 1, characterized with that can be described with a working area selection done by directly selecting a single work area surface point by a touch displays or screen.
PCT/BG2018/000039 2018-02-14 2018-11-01 Method for proving user identity and or user's choice WO2019157574A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
BG112680A BG112680A (en) 2018-02-14 2018-02-14 User iidentity and will proving method
BG112680 2018-02-14

Publications (1)

Publication Number Publication Date
WO2019157574A1 true WO2019157574A1 (en) 2019-08-22

Family

ID=67619680

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BG2018/000039 WO2019157574A1 (en) 2018-02-14 2018-11-01 Method for proving user identity and or user's choice

Country Status (2)

Country Link
BG (1) BG112680A (en)
WO (1) WO2019157574A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023193068A1 (en) * 2022-04-07 2023-10-12 Ict Platforms Ltd Method for authentication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2466843A2 (en) * 2010-06-28 2012-06-20 Vodafone IP Licensing limited Apparatus and method for authentication of a transaction between a user and an entity
US8392975B1 (en) * 2008-05-29 2013-03-05 Google Inc. Method and system for image-based user authentication
GB2538379A (en) * 2015-04-17 2016-11-16 Outbound Services Pty Ltd Method of authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8392975B1 (en) * 2008-05-29 2013-03-05 Google Inc. Method and system for image-based user authentication
EP2466843A2 (en) * 2010-06-28 2012-06-20 Vodafone IP Licensing limited Apparatus and method for authentication of a transaction between a user and an entity
GB2538379A (en) * 2015-04-17 2016-11-16 Outbound Services Pty Ltd Method of authentication

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023193068A1 (en) * 2022-04-07 2023-10-12 Ict Platforms Ltd Method for authentication

Also Published As

Publication number Publication date
BG112680A (en) 2019-08-30

Similar Documents

Publication Publication Date Title
US6209104B1 (en) Secure data entry and visual authentication system and method
US6934860B1 (en) System, method and article of manufacture for knowledge-based password protection of computers and other systems
CA2644272C (en) Method and system for securing interface access via visual array paths in combination with hidden operators
CN101320407B (en) Method and apparatus of providing pattern based user password access
CA2689853C (en) Secure access by a user to a resource
RU2376626C2 (en) Method of preventing disclosure entered information to observer
CA2766019C (en) Computing device with graphical authentication interface
US8850603B2 (en) System and method for enhancing device passcode security
US9367679B2 (en) Input information authentication device, server device, input information authentication system, and program of device
EP0564832A1 (en) Identity verification system resistant to compromise by observation of its use
WO2001077792A2 (en) System and method for authenticating a user
US20090158424A1 (en) Method of inputting password
US20020129269A1 (en) Method and apparatus for inputting secret information
KR20040014129A (en) User interface and method for inputting password and password system using the same
US20100199100A1 (en) Secure Access by a User to a Resource
WO2001098924A1 (en) Method and apparatus for inputting secret information using multiple screen pointers
KR101885836B1 (en) Method of Providing User Certification and Additional Service Using Image Password System
CN101183941A (en) Random concealed inquiry type cipher authentication technique
CN101162489B (en) Personate photograph producing method used for keep input secret and method of use thereof
WO2007104159A1 (en) Authentication system employing user memories
US20150172254A1 (en) System and Method For Operating a Social Networking Site on the Internet
EP3410668A1 (en) Dynamic graphical password-based network registration method and system
WO2019157574A1 (en) Method for proving user identity and or user's choice
US20060047969A1 (en) Method and system for securing interface access via visual array paths in combination with hidden operators
KR102014408B1 (en) Method and computer program for user authentication using image touch password

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18905953

Country of ref document: EP

Kind code of ref document: A1

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18905953

Country of ref document: EP

Kind code of ref document: A1