WO2021156617A1 - System and process for validation - Google Patents
System and process for validation Download PDFInfo
- Publication number
- WO2021156617A1 WO2021156617A1 PCT/GB2021/050245 GB2021050245W WO2021156617A1 WO 2021156617 A1 WO2021156617 A1 WO 2021156617A1 GB 2021050245 W GB2021050245 W GB 2021050245W WO 2021156617 A1 WO2021156617 A1 WO 2021156617A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computing device
- validation
- processing system
- sequence
- intermediary processing
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 26
- 238000010200 validation analysis Methods 0.000 title claims description 52
- 230000002123 temporal effect Effects 0.000 claims abstract description 9
- 238000013475 authorization Methods 0.000 claims abstract description 8
- 238000012545 processing Methods 0.000 claims description 35
- 238000004891 communication Methods 0.000 claims description 6
- 238000012360 testing method Methods 0.000 abstract description 11
- 238000003384 imaging method Methods 0.000 description 4
- 230000000007 visual effect Effects 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 210000003462 vein Anatomy 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
Definitions
- the present invention relates to a computerised validation process conducted between a first party and a second party.
- the present invention is potentially applicable to any of a very wide range of situations in which one party is to validate themselves, which may comprise providing evidence of their identity or of some other fact or proposition to another party.
- An example might be where two parties need to validate themselves to one another prior to exchange of information, for example in the context of a commercial transaction.
- one-time codes may be used to provide greater security.
- a log-in process for a user may involve issuance of a one-time code to the user through a known channel of communication, the one-time code being returned by the user. This demonstrates that the user has access to the known communication channel and provides improved security. But even a one-time code is essentially a static process.
- the invention is intended to provide an improved means and process for validation involving a first party, a second party and an intermediary.
- a process of validation conducted between a first party and a second party using an intermediary wherein the first party has a first computing device in communication with an intermediary processing system; the second party has a second computing device in communication with the intermediary processing system; a set of validation codes is generated and is stored in the intermediary processing system; a set of graphics each representing a respective validation code is presented on the first computing device in temporal sequence; each graphic is imaged using the second computing device and parsed to obtain the validation code represented in the image; and the validation code obtained from each image in the sequence is compared by the intermediary processing system against the stored validation code at the corresponding point in the sequence to determine whether there is a match, validation being contingent on the outcomes of a sequence of such comparisons.
- a system for validation comprising an intermediary processing system; a first computing device configured to communicate with the intermediary processing system; a second computing device configured to communicate with the intermediary processing system; means for generating a set of validation codes and for storing the set of validation codes in the intermediary processing system; an application implemented on the first computing device to cause it to display a set of graphics each representing a respective validation code in temporal sequence; wherein the second computing device is configured to image each graphic, and wherein the system comprises means to pass the said image to obtain the validation code represented in the image; and the intermediary processing system is configured to compare the validation code obtained from each image in the sequence against the stored validation code of the corresponding point in the sequence to determine whether there is a match, and to grant or refuse validation contingent on the outcomes of a sequence of such comparisons.
- a system operable in accordance with the present invention is represented in Figure 1 and comprises: an intermediary processing system 10 accessible in this example through a web portal 10a; a first computing device 12 associated with a first party 12a; and a second computing device 14 associated with a second party 14a.
- the intermediary processing system 10 will typically be administered by some trusted service provider. There is no particular limitation on the form of the processing system on which it is implemented. It may in particular be implemented in the cloud, and may run on any suitable server, virtual server or network of servers.
- the first party 12a participates in the validation process through the first computing device 12, which may take any of a range of different forms including without limitation smart phones, tablets, laptops, desktop computers, PDAs, wearable devices and any suitable computing device that is currently available or that is developed in the future. Often a portable device will be most suitable.
- the first computing device 12 is able to exchange data with the intermediary processing system 10 by some suitable means. Typically this will be through a wide area network 16, which may be the internet.
- the first computing device may for example be connected to the wide area network 16 through an unwired connection which may for example be a mobile (cellular) telecommunications network or a wireless local area network (WiFi).
- WiFi wireless local area network
- the second party 14a participates in the validation process through the second computing device 14, which may take an even wider range of different forms.
- the second computing device 14 may comprise a turnstile with a suitable optical scanner, or other means of access control such as an automatic gate.
- the second computing device 14 is able to exchange data with the intermediary processing system. Again, this may be through a wide area network 16, which may be the internet, and The second computing device 14 may for example be connected to the wide area network 16 through an unwired connection which may for example be a mobile (cellular) telecommunications network or a wireless local area network (WiFi).
- the first 12 and second 14 computing devices need not connect to the intermediary processing system through the same network.
- Authentication refers to a process intended to verify the identity of the party to the validation system based on stored data personal to that party.
- a whole range of authentication techniques is known in relation to computers in general and smartphones in particular, and any suitable technique - existing at the time of writing or developed in the future - may be adopted in the present context.
- the authentication may be single factor or multi-factorial. It may involve the entry of a password, username or other data known to the person and intended to be confidential to them, or a combination of multiple items of such data. Additionally or alternatively it may involve sensing biometric properties of the person making the authentication, which may, without limitation, include one or more of iris imaging, finger print recognition, vein pattern imaging, voice recognition and facial recognition. Authentication may involve use of geolocation data.
- the authentication process may simply involve unlocking the computing device 12 by whatever secure means the first person routinely uses.
- an application running on the first computing device 12 may implement a suitable authentication process to be completed before the authorisation process can proceed.
- the same application may manage the operation of the first computing device 12 during the subsequent validation process.
- the second party will likewise be required to authenticate him/herself through the second computing device before participating in the validation process.
- the validation process is initiated by a validation request from one of the parties. In the present example it is initiated by a request from the first party 12a, made through the first computing device 12 to the intermediary processing system 10.
- the validation process itself, briefly summarised, comprises display of a temporal sequence of graphics 16 on display 18 of the first computing device 12.
- Each of the sequence of graphics is optically imaged using camera 20 of the second computing device 14, providing a respective digital image 22 on the second computing device 14 corresponding to each of the images 16 displayed on the first computing device 12 (the digital image 22 is shown displayed on the screen of the second computing device 14 in Figure 1 but this is not essential - the image referred to takes the form of a computer file).
- a graphic/digital image pair is formed for each graphic 16 displayed.
- a test is made whether the digital image 22 of the pair matches the graphic 16, and validation is granted or refused conditional on the outcome of a sequence of such tests.
- the graphic 16 may in principle take any of a wide range of forms.
- graphics is used herein merely to denote an item which can be displayed on a screen, without in itself imposing any limitation on the nature of that item. But it is especially preferred that the temporal sequence of graphics 16 comprises at least one visual symbol representing a code 26, the visual symbol being readable from the digital image by a computer to recover the code 26.
- a suitable form of visual symbol is commercially offered under the registered trade mark VCode by VST Enterprises Ltd. The details of the manner in which data is encoded in this form of symbol are not relevant for present purposes.
- Other computer-readable symbols may be used in implementing the present invention, and the skilled person is familiar with suitable symbols and their mode of generation, as well as being aware that software for their generation is widely commercially available.
- the term "computer-readable” as used herein does not exclude human readable symbols such as strings of natural language characters or digits, which can of course be read by computer.
- code refers merely to a piece of data which can be represented in the graphic 16, so that the code 26 can be read from the digital image of the graphic 16. In this way a straightforward test can be made whether the required match is present between the graphic 16 and the digital image.
- the graphic is generated from the code 26, so the code 26 is known.
- the testing of the graphic/digital image pair comprises reading the data from that image and comparing that data against the known code 26. If the two are the same then the test is satisfied. If they differ the test is failed.
- the code 26 may be a numerical value.
- the code 26 is a string of alphanumeric characters.
- the term "temporal sequence” implies that the graphics 16 in the sequence are displayed over different time periods. It does not necessarily exclude the possibility that the time of display of one graphic might overlap with the time of display of another. In the present embodiment they are displayed one after another without overlap.
- the process involves displaying a first graphic 16, imaging that graphic using the camera 20, to obtain a first digital image 22, testing whether the first digital image matches the first graphic 16, and then (in this example, only in the event of a match) moving on to display a second graphic 16a which is once more imaged and match tested.
- This sequence may in principle be repeated for any chosen number of graphics 16. Five graphics are used in a sequence, in the present embodiment.
- the graphics 16/codes 26 may be generated at the intermediary system 10 and sent to the first computing device 12 for display. However in the present embodiment they are generated by an app running on the first computing device 12 and sent to the intermediary processing system 10 by the first computing device 12.
- the codes 26 may for example be generated by a random or pseudo random process. In principle a new graphic 16/code 26 may be generated and sent each time the displayed graphic is changed. But in the present example a limited sequence of graphics 16 is generated by the portal 10 and sent to the first computing device 12, which then cycles through these graphics 16 during the validation process.
- the intermediary processing system 10 thereby receives the network address for the computing device 12 and is able to address the graphics 16 to that device accordingly.
- the intermediary processing system 10 implements or has access to a database 28 of users.
- both the first party 12a and the second person 14a are recorded in the database.
- the database may include for example authentication information for parties registered to the system, to provide for their secure log-in including authentication.
- the intermediary processing system may for example play the role of a trusted intermediary.
- the purpose of the validation process may be to demonstrate the identity of one party to the other, or to demonstrate the identity of each party to the other.
- the graphics presented on the first computing device may represent a user ID for the first user 12a.
- the intermediary processing system 10 receives this user ID in the form of the digital images 22, it is able - by reference to it - to retrieve from the database 28 the record for the user in question. Thus for example the intermediary processing system 10 may then provide confirmation of the identity of the first user 12a to the second user 14a.
- the intermediary processing system 10 may be a remote system accessed through a wide area network, this need not be the case in all embodiments.
- This system may instead be locally implemented.
- the present invention may be employed to validate identity of individuals at an entrance or exit. This might for example be done at any premises where security is required, or where workers need to clock in and out upon entry and exit.
- the intermediary processing system may be on-site.
- the second computing device which images the graphics may for example be implemented in a turnstile or other arrangement for control of access.
- a self-contained system might carry its own database and include the intermediary processing system 10. That database might still be updated periodically - perhaps daily - when internet access is available.
- the first and second computing devices need not be networked through the internet - they may instead connect through Bluetooth ® , or through a wired connection or WiFi connection or other suitable form of local area network.
Abstract
The invention concerns a system and process for authorisation. This authorisation may be provided from one user (50) to another user (54), and may be authorisation of access to records or other services or resources. The process of authorisation is implemented using first (12) and second (14) computing devices, in which: a temporal sequence of graphics (16) is displayed on the second computing device; each graphic is optically imaged from the display (18) of the second computing device (14) by the first computing device to create a digital image corresponding to the graphic( 16); and each graphic/digital image pair is tested to establish whether they match, authorisation being granted or refused based on the outcomes of the tests.
Description
SYSTEM AND PROCESS FOR VALIDATION
The present invention relates to a computerised validation process conducted between a first party and a second party.
The present invention is potentially applicable to any of a very wide range of situations in which one party is to validate themselves, which may comprise providing evidence of their identity or of some other fact or proposition to another party. An example might be where two parties need to validate themselves to one another prior to exchange of information, for example in the context of a commercial transaction.
Consider as a simple example ticketing systems used to gain access to venues, transport networks and so on. A ticket is presented by its holder to a second party as evidence that the holder has paid for a service. But tickets can be stolen and are potentially vulnerable to copying and counterfeiting.
Where use is made of computing devices for validation, more sophisticated measures may be adopted. As just one example, one-time codes may be used to provide greater security. For example a log-in process for a user may involve issuance of a one-time code to the user through a known channel of communication, the one-time code being returned by the user. This demonstrates that the user has access to the known communication channel and provides improved security. But even a one-time code is essentially a static process.
The invention is intended to provide an improved means and process for validation involving a first party, a second party and an intermediary.
In accordance with a first aspect of the present invention there is a process of validation conducted between a first party and a second party using an intermediary, wherein the first party has a first computing device in communication with an intermediary processing system; the second party has a second computing device in communication with the intermediary processing system; a set of validation codes is generated and is stored in the intermediary processing system; a set of graphics each representing a respective validation code is presented on the first computing device in temporal sequence;
each graphic is imaged using the second computing device and parsed to obtain the validation code represented in the image; and the validation code obtained from each image in the sequence is compared by the intermediary processing system against the stored validation code at the corresponding point in the sequence to determine whether there is a match, validation being contingent on the outcomes of a sequence of such comparisons.
In accordance with a second aspect of the present invention there is a system for validation comprising an intermediary processing system; a first computing device configured to communicate with the intermediary processing system; a second computing device configured to communicate with the intermediary processing system; means for generating a set of validation codes and for storing the set of validation codes in the intermediary processing system; an application implemented on the first computing device to cause it to display a set of graphics each representing a respective validation code in temporal sequence; wherein the second computing device is configured to image each graphic, and wherein the system comprises means to pass the said image to obtain the validation code represented in the image; and the intermediary processing system is configured to compare the validation code obtained from each image in the sequence against the stored validation code of the corresponding point in the sequence to determine whether there is a match, and to grant or refuse validation contingent on the outcomes of a sequence of such comparisons.
Specific embodiments of the present invention will now be described, by way of example only, with reference to the accompanying drawing, Figure 1, which is a symbolic representation of a system embodying the present invention; and
A system operable in accordance with the present invention is represented in Figure 1 and comprises: an intermediary processing system 10 accessible in this example through a web portal 10a; a first computing device 12 associated with a first party 12a; and a second computing device 14 associated with a second party 14a.
The intermediary processing system 10 will typically be administered by some trusted service provider. There is no particular limitation on the form of the processing system on which it is implemented. It may in particular be implemented in the cloud, and may run on any suitable server, virtual server or network of servers.
The first party 12a participates in the validation process through the first computing device 12, which may take any of a range of different forms including without limitation smart phones, tablets, laptops, desktop computers, PDAs, wearable devices and any suitable computing device that is currently available or that is developed in the future. Often a portable device will be most suitable. The first computing device 12 is able to exchange data with the intermediary processing system 10 by some suitable means. Typically this will be through a wide area network 16, which may be the internet. The first computing device may for example be connected to the wide area network 16 through an unwired connection which may for example be a mobile (cellular) telecommunications network or a wireless local area network (WiFi).
The second party 14a participates in the validation process through the second computing device 14, which may take an even wider range of different forms. For example, where the present invention is used to control or record access to some premises by individuals, the second computing device 14 may comprise a turnstile with a suitable optical scanner, or other means of access control such as an automatic gate. This example is given without limitation. The second computing device 14 is able to exchange data with the intermediary processing system. Again, this may be through a wide area network 16, which may be the internet, and The second computing device 14 may for example be connected to the wide area network 16 through an unwired connection which may for example be a mobile (cellular) telecommunications network or a wireless local area network (WiFi). The first 12 and second 14 computing devices need not connect to the intermediary processing system through the same network.
Prior to validation, the first party 12a must authenticate him or herself using the first computing device 12. "Authentication" as used herein refers to a process intended to verify the identity of the party to the validation system based on stored data personal to that party. A whole range of authentication techniques is known in relation to computers in general and smartphones in particular, and any suitable technique - existing at the time of writing or developed in the future - may be adopted in the present context. The authentication may be single factor or multi-factorial. It may involve the entry of a password, username or other data known to the person and intended to be confidential to them, or a combination of multiple items of such data. Additionally or alternatively it may involve sensing biometric properties of the person making the authentication, which may, without limitation, include
one or more of iris imaging, finger print recognition, vein pattern imaging, voice recognition and facial recognition. Authentication may involve use of geolocation data.
The authentication process may simply involve unlocking the computing device 12 by whatever secure means the first person routinely uses. Alternatively an application running on the first computing device 12 may implement a suitable authentication process to be completed before the authorisation process can proceed. The same application may manage the operation of the first computing device 12 during the subsequent validation process.
In some (but not all) instances the second party will likewise be required to authenticate him/herself through the second computing device before participating in the validation process.
The validation process is initiated by a validation request from one of the parties. In the present example it is initiated by a request from the first party 12a, made through the first computing device 12 to the intermediary processing system 10.
The validation process itself, briefly summarised, comprises display of a temporal sequence of graphics 16 on display 18 of the first computing device 12. Each of the sequence of graphics is optically imaged using camera 20 of the second computing device 14, providing a respective digital image 22 on the second computing device 14 corresponding to each of the images 16 displayed on the first computing device 12 (the digital image 22 is shown displayed on the screen of the second computing device 14 in Figure 1 but this is not essential - the image referred to takes the form of a computer file). Thus for each graphic 16 displayed, a graphic/digital image pair is formed. A test is made whether the digital image 22 of the pair matches the graphic 16, and validation is granted or refused conditional on the outcome of a sequence of such tests.
The graphic 16 may in principle take any of a wide range of forms. The word "graphic" is used herein merely to denote an item which can be displayed on a screen, without in itself imposing any limitation on the nature of that item. But it is especially preferred that the temporal sequence of graphics 16 comprises at least one visual symbol representing a code 26, the visual symbol being readable from the digital image by a computer to recover the code 26.
A suitable form of visual symbol is commercially offered under the registered trade mark VCode by VST Enterprises Ltd. The details of the manner in which data is encoded in this form of symbol are not relevant for present purposes. Other computer-readable symbols may be used in implementing the present invention, and the skilled person is familiar with suitable symbols and their mode of generation, as well as being aware that software for their generation is widely commercially available.
The term "computer-readable" as used herein does not exclude human readable symbols such as strings of natural language characters or digits, which can of course be read by computer.
The term "code" as used herein refers merely to a piece of data which can be represented in the graphic 16, so that the code 26 can be read from the digital image of the graphic 16. In this way a straightforward test can be made whether the required match is present between the graphic 16 and the digital image. The graphic is generated from the code 26, so the code 26 is known. The testing of the graphic/digital image pair comprises reading the data from that image and comparing that data against the known code 26. If the two are the same then the test is satisfied. If they differ the test is failed.
The code 26 may be a numerical value. In the present embodiment the code 26 is a string of alphanumeric characters.
The term "temporal sequence" implies that the graphics 16 in the sequence are displayed over different time periods. It does not necessarily exclude the possibility that the time of display of one graphic might overlap with the time of display of another. In the present embodiment they are displayed one after another without overlap. In the present embodiment the process involves displaying a first graphic 16, imaging that graphic using the camera 20, to obtain a first digital image 22, testing whether the first digital image matches the first graphic 16, and then (in this example, only in the event of a match) moving on to display a second graphic 16a which is once more imaged and match tested. This sequence may in principle be repeated for any chosen number of graphics 16. Five graphics are used in a sequence, in the present embodiment.
In the present embodiment, if there is a match in each of a sequence of tests then validation is granted. If one or more tests is failed - that is, any of the tests in the sequence fails to show a match, then the system will respond accordingly. Since the process may fail for reasons not indicative of nefarious activity (e.g. poor quality imaging, camera shake and so on), management of such a situation may involve total or partial repetition of the process to provide a renewed opportunity for validation to be made.
The graphics 16/codes 26 may be generated at the intermediary system 10 and sent to the first computing device 12 for display. However in the present embodiment they are generated by an app running on the first computing device 12 and sent to the intermediary processing system 10 by the first computing device 12. The codes 26 may for example be generated by a random or pseudo random process. In principle a new graphic 16/code 26 may be generated and sent each time the displayed graphic is changed. But in the present example a limited sequence of graphics 16 is
generated by the portal 10 and sent to the first computing device 12, which then cycles through these graphics 16 during the validation process.
Where the validation process is initiated by a request sent from the first computing device 12 to the intermediary processing system 10, the latter thereby receives the network address for the computing device 12 and is able to address the graphics 16 to that device accordingly.
In the present embodiment the intermediary processing system 10 implements or has access to a database 28 of users. In some embodiments both the first party 12a and the second person 14a are recorded in the database. The database may include for example authentication information for parties registered to the system, to provide for their secure log-in including authentication. In some embodiments the intermediary processing system may for example play the role of a trusted intermediary. The purpose of the validation process may be to demonstrate the identity of one party to the other, or to demonstrate the identity of each party to the other.
The graphics presented on the first computing device may represent a user ID for the first user 12a. In this case, when the intermediary processing system 10 receives this user ID in the form of the digital images 22, it is able - by reference to it - to retrieve from the database 28 the record for the user in question. Thus for example the intermediary processing system 10 may then provide confirmation of the identity of the first user 12a to the second user 14a.
While the drawings show the intermediary processing system 10 to be a remote system accessed through a wide area network, this need not be the case in all embodiments. This system may instead be locally implemented. For example, the present invention may be employed to validate identity of individuals at an entrance or exit. This might for example be done at any premises where security is required, or where workers need to clock in and out upon entry and exit. In this case, the intermediary processing system may be on-site. The second computing device which images the graphics may for example be implemented in a turnstile or other arrangement for control of access.
Other self-contained versions of the system and process may for example be employed where internet access is unreliable, as in rural areas or in countries without universal telecommunications infrastructure. In such cases a self-contained system might carry its own database and include the intermediary processing system 10. That database might still be updated periodically - perhaps daily - when internet access is available. In such cases, the first and second computing devices need not be networked through the internet - they may instead connect through Bluetooth®, or through a wired connection or WiFi connection or other suitable form of local area network.
Claims
1. A process of validation conducted between a first party and a second party using an intermediary, wherein the first party has a first computing device in communication with an intermediary processing system; the second party has a second computing device in communication with the intermediary processing system; a set of validation codes is generated and is stored in the intermediary processing system; a set of graphics each representing a respective validation code is presented on the first computing device in temporal sequence; each graphic is imaged using the second computing device and parsed to obtain the validation code represented in the image; and the validation code obtained from each image in the sequence is compared by the intermediary processing system against the stored validation code at the corresponding point in the sequence to determine whether there is a match, validation being contingent on the outcomes of a sequence of such comparisons.
2. A process as claimed in claim 1 in which at least one of the graphics comprises a symbol representing a validation code.
3. A process as claimed in claim 1 or claim 2 in which a graphic is displayed and imaged and the resultant graphic/digital image pair is match tested prior to display of the next graphic in the temporal sequence.
4. A process as claimed in any preceding claim in which the validation codes and/or the graphics are generated by the intermediary processing system and sent to the first computing device.
5. A process as claimed in any preceding claim in which at least one of the first and second computing devices is networked to the intermediary system through the internet.
6. A process as claimed in any preceding claim which further comprises generation of an authorisation request by the first computing device or the second computing device, the authorisation request including information from which the other of the computing devices is able to be addressed and/or identified.
7. A process as claimed in any preceding claim which further comprises authentication of the first party through the first computing device.
8.. A system for validation comprising an intermediary processing system; a first computing device configured to communicate with the intermediary processing system; a second computing device configured to communicate with the intermediary processing system; means for generating a set of validation codes and for storing the set of validation codes in the intermediary processing system; and an application implemented on the first computing device to cause it to display a set of graphics each representing a respective validation code in temporal sequence; wherein the second computing device is configured to image each graphic, and wherein the system comprises means to parse the said image to obtain the validation code represented in the image; and the intermediary processing system is configured to compare the validation code obtained from each image in the sequence against the stored validation code of the corresponding point in the sequence to determine whether there is a match, and to grant or refuse validation contingent on the outcomes of a sequence of such comparisons.
9. A system as claimed in claim 8 in which at least one of the graphics is a symbol representing a stored code.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB2001515.2 | 2020-02-05 | ||
GB2001515.2A GB2591759A (en) | 2020-02-05 | 2020-02-05 | System and process for Validation |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021156617A1 true WO2021156617A1 (en) | 2021-08-12 |
Family
ID=69800140
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB2021/050245 WO2021156617A1 (en) | 2020-02-05 | 2021-02-04 | System and process for validation |
Country Status (2)
Country | Link |
---|---|
GB (1) | GB2591759A (en) |
WO (1) | WO2021156617A1 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150269466A1 (en) * | 2014-03-24 | 2015-09-24 | Cellum Innovacios es Szolgaltato Zrt. | Systems and methods for motion two dimensional codes |
US20170316626A1 (en) * | 2016-04-27 | 2017-11-02 | Cubic Corporation | 4d barcode |
US10498730B1 (en) * | 2016-03-30 | 2019-12-03 | Snap Inc. | Authentication via camera |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015000425A1 (en) * | 2013-07-03 | 2015-01-08 | Mpayme Ltd. | Method and system for authenticating user using out-of-band channel |
SG10201805772VA (en) * | 2018-07-04 | 2020-02-27 | Wee Dar Leow | Identity or security authentication device for electronic system using visual patterns or codes |
-
2020
- 2020-02-05 GB GB2001515.2A patent/GB2591759A/en active Pending
-
2021
- 2021-02-04 WO PCT/GB2021/050245 patent/WO2021156617A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150269466A1 (en) * | 2014-03-24 | 2015-09-24 | Cellum Innovacios es Szolgaltato Zrt. | Systems and methods for motion two dimensional codes |
US10498730B1 (en) * | 2016-03-30 | 2019-12-03 | Snap Inc. | Authentication via camera |
US20170316626A1 (en) * | 2016-04-27 | 2017-11-02 | Cubic Corporation | 4d barcode |
Non-Patent Citations (1)
Title |
---|
YUNG-WEI KAO ET AL: "Physical Access Control Based on QR Code", CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY (CYBERC), 2011 INTERNATIONAL CONFERENCE ON, IEEE, 10 October 2011 (2011-10-10), pages 285 - 288, XP032012006, ISBN: 978-1-4577-1827-4, DOI: 10.1109/CYBERC.2011.55 * |
Also Published As
Publication number | Publication date |
---|---|
GB2591759A (en) | 2021-08-11 |
GB202001515D0 (en) | 2020-03-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2710889C1 (en) | Methods and systems for creation of identification cards, their verification and control | |
US8485438B2 (en) | Mobile computing device authentication using scannable images | |
US9648496B2 (en) | Authentication of web content | |
JP6046765B2 (en) | System and method enabling multi-party and multi-level authorization to access confidential information | |
EP2065798A1 (en) | Method for performing secure online transactions with a mobile station and a mobile station | |
CN107294721A (en) | The method and apparatus of identity registration, certification based on biological characteristic | |
US20100174914A1 (en) | System and method for traceless biometric identification with user selection | |
US8959359B2 (en) | Methods and systems for improving the security of secret authentication data during authentication transactions | |
US20140020074A1 (en) | Methods and systems for improving the security of secret authentication data during authentication transactions | |
EP2038851A1 (en) | System and method for traceless biometric identification | |
WO2017178816A1 (en) | Event tickets with user biometric verification on the user mobile terminal | |
US20150235226A1 (en) | Method of Witnessed Fingerprint Payment | |
US11575670B2 (en) | Adaptive user authentication | |
JP5145179B2 (en) | Identity verification system using optical reading code | |
WO2014140426A1 (en) | Multi-factor authentication techniques | |
JP7364057B2 (en) | Information processing device, system, face image update method and program | |
Mohamed | Security of Multifactor Authentication Model to Improve Authentication Systems | |
Nath et al. | Issues and challenges in two factor authentication algorithms | |
WO2021156617A1 (en) | System and process for validation | |
US20210264443A1 (en) | System and method of counting votes in an electronic voting system | |
KR20210107553A (en) | Device and methodm for approval procedure using virtual authentication code | |
Malik et al. | Enhancing the Security of Online Voting System Using Defined Biometrics | |
WO2024084659A1 (en) | Information processing device, information processing system, information processing method, and non-transitory computer-readable medium having program stored therein | |
US20230130024A1 (en) | System and method for storing encryption keys for processing a secured transaction on a blockchain | |
Kamau et al. | A review of Two Factor Authentication Security Challenges in the Cyberspace |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21708293 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21708293 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 09.08.2023) |