[go: up one dir, main page]

GB2504157A - Secure virtual keypad interface for inputting identification token - Google Patents

Secure virtual keypad interface for inputting identification token Download PDF

Info

Publication number
GB2504157A
GB2504157A GB1219278.7A GB201219278A GB2504157A GB 2504157 A GB2504157 A GB 2504157A GB 201219278 A GB201219278 A GB 201219278A GB 2504157 A GB2504157 A GB 2504157A
Authority
GB
United Kingdom
Prior art keywords
input
interface
user interface
codes
alphanumerical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB1219278.7A
Other versions
GB2504157B (en
GB201219278D0 (en
Inventor
Glynn Andrew Reynolds
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB1219278.7A priority Critical patent/GB2504157B/en
Publication of GB201219278D0 publication Critical patent/GB201219278D0/en
Priority to PCT/GB2013/000449 priority patent/WO2014064405A1/en
Publication of GB2504157A publication Critical patent/GB2504157A/en
Application granted granted Critical
Publication of GB2504157B publication Critical patent/GB2504157B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
    • G06F3/04886Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures by partitioning the display area of the touch-screen or the surface of the digitising tablet into independently controllable areas, e.g. virtual keyboards or menus
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • G07F7/1041PIN input keyboard gets new key allocation at each use

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Input From Keyboards Or The Like (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

In this interface the token, perhaps a password or PIN, includes a plurality of codes. The interface 400 is output to a computer display, e.g. the display of an automatic teller machine or mobile phone, and comprises a keypad 401comprising a plurality of input keys 402N and a number of alphanumerical 403N, pictographic 404N and colour 405N codes. Each input key of the keypad comprises at least one of each of the alphanumerical, pictographic and colour codes. For each output of the interface each input key may be randomly assigned a respective location in the interface and each code may be randomly associated with a respective input key, perhaps being repeated whenever an incorrect token is entered to the interface. The token may comprise at least one of each of the alphanumerical, pictographic and colour codes. Each input key may be associated with a respective input key of a second user interface, e.g. for retrofit to some legacy apparatus.

Description

SECURE USER INTERFACE
Field of the Invention
[0001] The present invention relates to improvements in user interfaces for inputting unique personal identification numbers (PIN) or tokens. More particularly, the present invention relates to a secure user interface for inputting a PIN or token in a data processing device, which consists of a sequence of codes and wherein the interface is output to a display means of the device.
Background of the Invention
[0002] User interfaces for inputting unique personal identification numbers (FINs), tokens or codes are a ubiquitous form of interface used in very many environments, from conventional keypad hardware typically found on automatic teller machines (ATMs) and telephone handsets for inputting personal access is codes, to electronic versions of same output on displays of computers, more recently touchscreen displays as a substitute for hardware keypads.
[0003] Whether physical or rendered on a display, a typical such user interface, in its most widespread form, consists of a plurality of substantially square input keys in a grid-like arrangement. Each input key has a respective numerical digit ranging from 0 to 9 and, optionally as in the case of mobile data processing devices such as mobile telephone handsets, with further alphabetical letters ranging from A to Z for written communication purposes. A respective PIN or token consisting of a unique sequence of digits and/or letters is issued to each user for accessing a physical or digital resource, for instance a secure room or a data file, and is input as a corresponding sequence of keys in the user interface for authenticating and/or validating access to the local, or even remote, resource.
[0004] Such user interfaces exhibit a distinct security disadvantage.
Keeping a written record of a PIN or token constantly at hand is strongly discouraged by relevant code issuers, for instance payment card issuers, as the written record may be lost or misappropriated and subsequently misused.
Accordingly, such identifiers are conventionally short in length, typically 4 digits only, so that a user may easily memorize them for inputting purposes.
[0005] A first important problem is that it is therefore relatively easy for a bystander, intent on fraudulently accessing another user's resource, to observe such a reasonably short sequence of digits being input by that user. The observation may be made directly, for instance if the user does not screen the interface of the terminal at the time of input or if the bystander has equipped the terminal with unauthorized concealed equipment for recording the sequence. The observation may also be made indirectly, for instance by observing gestural interaction of the user with the interface, since the general layout of the user interface is known to the bystander, particularly when such an interface is a hardware keypad.
[0006] There have been numerous attempts to solve the above problem.
For instance, many payment card terminals have physical screens or barriers shielding the numeric keypad from observation on at least 3 slides. However, the use of physical shields is impractical for portable or general-purpose devices.
[0007] In the field of network computing, encrypting techniques have been proposed, which rely upon the use of physical cypher sheets to be positioned on a displayed user interface at the time of inputting a PIN, or rendered cypher sheets.
It has also been proposed to either increase the length of the sequence of codes constituting the PIN or token and/or increase the number of keys in the interface for inputting additional codes, in an effort to impede ad hoc observation by a third party.
[0008] However, and again, such solutions are impractical and potentially cumbersome for portable devices. Increasing a PIN or token length beyond 4 digits is more difficult to memorize and has been shown to result in increasing user input errors, and the corresponding ISO standard 9564 indeed states that, for usability reasons, a PIN not exceed six digits in length, which is still sufficiently short to observe and memorize for purposes of misuse. Besides, the lightweight character of portable devices renders the use of external cipher sheets cumbersome, and such sheets may easily be misplaced, which effectively prevents any code inputting, thus access to a resource secured by the code, until a sheet is found or replaced. Moreover, such devices typically have comparatively small displays and overall dimensions, relative to conventional ATM or computers for instance, and which provide insufficient casing or display surface, respectively for increasing the number of keys on the device or in a displayed user interface.
[0009] An improved secure user interface is therefore required, which mitigates at least the security shortcomings of the prior art, particularly one which is suitable regardless of the input device type and size.
Summary of the Invention
[0010] The present invention provides a new secure user interface, wherein is input keys are configured to obfuscate any observation of the sequence constituting the FIN or token as it is input by a user, even in the case of a direct observation over-the-shoulder or by concealed imaging means.
[0011] According to a first aspect of the present invention, there is provided a secure user interface for inputting a unique identification token in a data processing device, wherein the token includes a plurality of codes and the interface is output to a display means of the device, the interface comprising a keypad comprising a plurality of input keys, a number of alphanumerical codes, a number of pictographic codes and a number of colour codes, wherein each input key comprises at least one of each of the alphanumerical, pictographic and colour codes.
[0012] The configuration assigns a plurality of input codes to each input key so that, when the actual sequence is not known to the observer, any key press provides inherent uncertainty about the actual code which is input amongst the plurality thereof on the key, and this uncertainty is compounded by each further key press required for inputting a complete sequence of codes In the interface of the invention, a password or token length of only a few codes can usefully be preserved, for instance four, but the number of permutations is increased due to the introduction of further input variables beyond aiphanumerical input codes in the interface.
[0013] In an embodiment of the user interface, for each output of the interface on the display means, each input key is randomly assigned a respective location in the interface. Additionally, or alternatively, for each output of the interface on the display means, each code may be randomly associated with a respective input key of the interface. These variations advantageously hinder observation and comprehension of the code sequence being input in the interface still further, since they effectively reconfigure the location of the keys and/or of the codes on the keys in user interface, for every next use of the user interface.
[0014] The token preferably comprises at least one of each of the alphanumerical, pictographic and colour codes. This condition provides a token which is both easy to remember, for instance consisting of at least a memorable digit, a favourite colour and a basic symbol such as a card suit, but difficult to observe and reproduce or transcribe for the observer.
[0015] Each input key preferably has a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles. Each of the geometrical shapes of the keypad may be configured into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes. The input keys may be configured as a plurality of rows and columns. The alphanumerical codes preferably comprise digits 0 to 9, and the pictographic codes comprise geometrical shapes or symbols, such as card suit symbols, basic shapes and the like. Each of these variations provides a particularly ergonomic user interface, easy to comprehend by the user and familiar so intuitive to use.
[0016] The device processing the user interface is preferably selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices. The configuration of the user interface advantageously provides a platform -agnostic input solution, easily adaptable to any purpose -specific or general -purpose data processing device having at least some form of user data input interface, be it a touchscreen display, a conventional keyboard or keypad, a remote control or game controller with user-S activated buttons, and the like.
[0017] According to another aspect of the present invention, there is also provided a method of outputting a secure user interface to a display means of a data processing device, wherein the interface is for inputting a unique identification token having a plurality of codes, the method comprising the steps of instantiating a keypad input interface comprising a plurality of input keys in memory means of the device, associating each input key with at least one of each of an alphanumerical code, a pictographic code and a colour code, and rendering the keypad input interface to display means of the device, wherein each input key is thereof comprises the alphanumerical, pictographic and colour codes respectively associated therewith.
[0018] Preferably, the step of rendering further comprises randomizing the location of each input key in the keypad input interface. Additionally, or alternatively, the step of associating further comprises randomizing the respective associations of the alphanumerical, pictographic and colour codes with each input key. In a particularly advantageous embodiment, the steps of instantiating, associating and rendering are repeated and the further step of randomizing is automatically performed, when an incorrect token is input in the secure interface.
[0019] Again, these variations advantageously hinder observation and comprehension of the code sequence being input in the interface still further, since they effectively reconfigure the location of the keys and/or of the codes on the keys in user interface, for every next use of the user interface.
[0020] In an embodiment, the method may comprise the further step of associating each input key in the keypad input interface with a respective input key of a second user input interface. The second user input interface may be selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller. This embodiment effectively retrotits the user interface of the invention to data processing devices with legacy user interfaces, physical keys of which are mapped to corresponding displayed keys of the user interface of the invention. The security benefit of the invention is preserved, since the obscuring function of the user interface of the invention, for instance displayed on an ATM screen, is preserved when inputting the code sequence with the mapped legacy user interface, for instance the keypad of the ATM.
[0021] Preferably, the step of rendering the keypad input interface further comprises rendering each input key as a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles. The method may comprise the further step of configuring each geometrical shape into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes. Again, each of these variations provides a particularly ergonomic user interface, easy to comprehend by the user and intuitive to use.
[0022] According to a further aspect of the present invention, there is also provided a system for inputting a unique identification token including a plurality of codes, the system comprising at least a first data processing device with display means and user input means, and a secure user interface comprising a keypad with a plurality of input keys output to the display means, wherein each input key comprises at least one of each of an alphanumerical code, a pictographic code and a colour code.
[0023] The first device may be selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices.
[0024] The first device may comprise a second user interface having a keypad with a plurality of alphanumerical input keys, and wherein each aiphanumerical input key is associated with a respective input key of the secure user interface, again for retrofitting the user interface of the invention. Accordingly, the second user input interface may be selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller.
[0025] In an embodiment, the system may further comprise a network and a second data processing device storing a data resource, wherein the first and second data processing devices are connected to the network, and wherein the second data processing device is configured to authenticate the token input at the first data processing device for access to the resource over the network. This embodiment advantageously extends the benefit of the secure user interface of the invention to the field of distributed, secured data resources. Such resources typically include personal data stored by third party servers, for instance bank account details maintained by one or more bank servers, but increasingly include all manner of further token -secured personal and multimedia data, for instance social website personal data or movie data files streamed from a remote server to a local data processing device such as a computer, mobile phone handset or network-connected television set.
[0026] According to yet another aspect of the present invention, there is also provided a set of instructions recorded on a data carrying medium which, when processed by a data processing terminal having display means, configures the terminal to output a secure user interface to the display means, the interface comprising a keypad with a plurality of input keys, wherein each input key comprises at least one of each of an alphanumerical code, a pictographic code andacolourcode.
[0027] The set of instructions may advantageously be embodied as an application package file (AFK') for use with the AndroidTM operating system, as an iPhoneTM application archive (IFA') for use with the iOSTM operating system, as an executable (EXE') or cabinet (CAB') file for use with the WindowsTM Phone 8TM or the WindowsTM SurfaceTM operating systems, or as a subroutine of such an application.
[0028] Other aspects are as set out in the claims herein.
Brief Description of the Drawings
[0029] For a better understanding of the invention and to show how the same may be carried into effect, there will now be described by way of example only, specific embodiments, methods and processes according to the present invention with reference to the accompanying drawings in which: Figure 1 shows an environment comprising a plurality of data processing is devices, some of which connected to respective networks, and each of which is configured with the secure user interface according to the invention, for accessing one or more local and/or remote resources.
Figure 2 is a logic diagram of a first device shown in Figure 1, wherein the device is a personal mobile computing device, comprising data display means, touchscreen data input means and memory means.
Figure 3 is a logic diagram of a second device shown in Figure 1, wherein the device is an automatic teller machine, comprising data display means, a legacy hardware keypad as data input means, and memory means.
Figure 4 illustrates an embodiment of a secure user interface according to the invention.
Figure 5 details data processing step performed by the device of Figure 2 for outputting the secure user interface of Figure 4.
Figure 6 details data processing step performed by the device of Figure 3 for outputting the secure user interface of Figure 4.
Figure 7 illustrates the secure user interface of Figure 4 according to the alternative embodiment of Figure 6.
Figure 8 details data processing step of an alternative embodiment performed by either device of Figures 3 and 4 for outputting the secure user interface of Figure 4.
Figures 9 and 10 respectively show successive iterations of the secure user interface of Figure 4 according to the alternative embodiment of Figure 8.
Detailed Description of the Embodiments
[0030] There will now be described by way of example a specific mode contemplated by the inventors. In the following description numerous specific details are set forth in order to provide a thorough understanding. It will be apparent however, to one skilled in the art, that the present invention may be practiced without limitation to these specific details. In other instances, well known methods and structures have not been described in detail so as not to
unnecessarily obscure the description.
[0031] With reference to Figures 1 to 3, an environment is shown which comprises a plurality of data processing devices, some of which being connected to respective networks, and each of which is configured with the secure user interface according to the invention, for accessing one or more local and/or remote resources.
[0032] A first data processing device 101 is a mobile telephone handset 101 having wireless telecommunication emitting and receiving functionality over a cellular telephone network configured according to one or several amongst the Global System for Mobile Communication (GSM'), General Packet Radio Service (GPRS'), International Mobile Telecommunications-2000 (IMT -2000, W-CDMA' or 3G') network industry standards, and wherein telecommunication is performed as voice, alphanumeric or audio-video data using the Short Message Service (SMS') protocol, the Wireless Application protocol (WAR') the Hypertext Transfer Protocol (HTTP') or the Secure Hypertext Transfer Protocol (HTTPS'). The mobile telephone handset 101 receives or emits voice, text, audio andlor image data encoded as a digital signal over a wireless data transmission 102, wherein the signal is relayed respectively to or from the handset by the geographically-closest communication link relay 103 of a plurality thereof. The plurality of communication link relays 103 allows digital signals to be routed between the handset 101 and their destination by means of a remote gateway 104 via a MSC or base station associated with the communication link relay 103. The gateway 104 is for instance a communication network switch, which couples digital signal traffic between wireless telecommunication networks, such as the cellular network within which wireless data transmissions 102 take place, and a Wide Area Network (WAN) 105.
is The gateway 104 further provides protocol conversion if required, for instance whether a handset 101 uses the WAR or HTTPS protocol to communicate data.
[0033] A typical hardware architecture of a mobile telephone handset 101 suitable for processing and outputting a user interface data according to the invention is shown in Figure 2 in further detail, by way of non-limitative example.
The handset 101 firstly includes a data processing unit 201, for instance a general-purpose microprocessor (CPU'), acting as the main controller of the handset 101 and which is coupled with memory means 202, comprising non-volatile random-access memory (NVRAM').
[0034] The mobile telephone handset lOlfurther includes a modem 203 to implement the wireless communication functionality, as the modem provides the hardware interface to external communication systems, such as the cellular telephone network shown in Figure 1. An aerial 204 coupled with the modem 203 facilitates the reception of wireless signals from nearby communication link relays 103. The modem 203 is interfaced with or includes an analogue-to-digital converter 205 (ADC') for demodulating wavelength wireless signals received via the antenna 204 into digital data, and reciprocally for outgoing data.
[0035] The handset 101 further includes self-locating means in the form of a GPS receiver 206, wherein the ADC 205 receives analogue positional and time data from orbiting satellites (not shown), which the data processing unit 201 or a dedicated data processing unit processes into digital positional and time data. The handset 101 further includes a sound transducer 207, for converting ambient sound waves such as a user's voice into an analogue signal, which the ADC 205 receives for the data processing unit 201 or a dedicated data processing unit to process into digital first audio data. The handset 101 may optionally further include imaging means 208 in the form of an electronic image sensor, for capturing image data which the data processing unit 201 or a dedicated data processing unit processes into digital image data.
[0036] The CPU 201, NVRAM 202, modem 203, GPS receiver 206, microphone 207 and optional digital camera 208 are connected by a data input/output bus 209, over which they communicate and to which further components of the handset 101 are similarly connected, in order to provide wireless communication functionality and receive user interrupts, inputs and configuration data. Alphanumerical and/or image data processed by CPU 201 is output to a video display unit 210 (VDU'), from which user interrupts may also be received if it is a touch screen display. Further user interrupts may also be received from a keypad 211 of the handset, or from an external human interface device (HiD') connected to the handset via a Universal Serial Bus (USB') interface 212. The USB interface advantageously also allows the CPU 201 to read data from and/or write data to an external or removable storage device. Audio data processed by CPU 201 is output to a speaker unit 213.
[0037] Power is provided to the handset 101 by an internal module battery 214, which an electrical converter 215 charges from a mains power supply as and when required. The mobile telephone handset 101 further includes a Subscriber Identity Module (SIM) uniquely identifying the handset to the cellular network, in that it permanently stores data representative of its unique serial number (ICCID), international mobile subscriber identity (IMSI), security authentication and ciphering information, temporary information related to any local network 120, 130, a list of the services the user has access to and one or more passwords.
[0038] In the example environment of Figure 1 still, a second data processing device 111 is an automatic teller machine (ATM') 111 which emits and receives data encoded as a digital signal over a wired data transmission conforming to the IEEE 802.3 (Gigabit Ethernet') standard, wherein the signal is relayed respectively to or from the ATM by a wired router 112 interfacing the ATM 111 to the WAN communication network 105 and/or to a dedicated, remote server operated by the ATM-owning and -operating bank.
[0039] A typical hardware architecture of the ATM 111 suitable for processing and outputting a user interface according to the invention is shown in Figure 3 in further detail, by way of non-limitative example. The ATM 111 is a purpose -specific computer configured with a data processing unit 301, data outputting means such as video display unit (VDU) 302, user data inputting means such as a keypad 303 and also optionally the VDU 302 from which user interrupts may also be received if it is a touch screen display, and data inputting/outputting means such as a card reader unit 304 for reading card data from a magnetic stripe and/or electronic circuitry embedded on a payment card and writing data to the electronic circuitry after operations have been performed, a receipt printer 305, and additional hardware components such as a banknote dispenser 306.
[0040] Within data processing unit 301, a central processing unit (CPU) 307 provides task co-ordination and data processing functionality. Sets of instructions and data for the CPU 307 are stored in memory means 308 and a hard disk storage unit 309 facilitates non-volatile storage of the instructions and the data. A network interface card (NIC) 310 provides the interface to the network connection to the router 112, thus through to the WAN 105 or a leased line. A data input/output interface 311, for instance a universal serial bus (USB) port, serial port and/or parallel port 311 facilitates connection to the receipt printer 305 and the banknote dispenser 306. All of the above components are connected to a data input/output bus 312, to which the keypad 303 and card reader 304 are also connected. A video adapter may receives CPU instructions over the bus 312 for outputting processed data to VDU 302. All the components of data processing unit 301 are powered by a power supply unit 314, which receives electrical power from a local mains power source and transforms same according to component ratings S and requirements.
[0041] The environment of Figure 1 may include further data processing devices of varying types, all of which corresponding substantially or at least partially to the respective architectures of either the mobile handset 101 or the ATM 111. Such further devices may thus include tablet computers 121 and personal computers 131, each having wired and/or wireless telecommunication emitting and receiving functionality over, respectively, a wireless Local Area Network (WLAN') conforming to the 802.11 standard (Wi-Fi') 120 and/or a wired local area network (LAN') 130. In the LAN or WLAN, telecommunication is is likewise performed as voice, alphanumeric and/or audio-video data using the Internet Protocol (IP), Voice data over IP (VoIP') protocol, Hypertext Transfer Protocol (HTTP') or Secure Hypertext Transfer Protocol (HTTPS'), the signal being relayed respectively to or from a data communication device 121, 131 by a wireless (WLAN) or wired (LAN) router 122, 132 interfacing the device 121, 131 to the WAN communication network 105. A tablet computer may thus provide wireless telecommunication emitting and receiving functionality over the GSM, GPRS, W-CDMA and/or 3G network described with reference to the mobile handset 101 in addition to the WLAN 120.
[0042] Generally, devices 101, 111, 121, 131 may be any data processing device having at least wireless communication means and data processing and display means. It will therefore be readily understood by the skilled person from the present disclosure, that the data processing devices 101, 121, 131 may be a personal computer operable under the WindowsTM or OSXTM operating system, a portable computer commonly referred to as a laptop' or netbook', a smartphone such an iPhoneTM handset manufactured by the Apple Corporation or a Nexus OneTM handset manufactured for Google, Inc. by the HTC Corporation, a tablet computer such as an AppleTM iPadTM or a SamsungTM NexusTM, a personal digital assistant such as an HewlettPackardTM iFaqTM, a portable media player such as an ArchosTM 43 Android TM PMP, a game console manufactured by Sony, Nintendo or Microsoft, a television set having networking means and data processing means commonly referred to as a smart TV', and more.
[0043] An embodiment of a secure user interface according to the invention is shown in Figure 4, as would be output to the display means 210 of the mobile devices 101, 121 or to the display means 302 of the static devices 111, 131. The secure user interface 400 consists of a keypad 401 comprising a plurality of input 0 keys 402N, in the example 10 input keys arranged as a grid of 3 keys by 3 keys, with the remaining key located centrally under the middle lowest key of the grid.
The spatial configuration of the secure user interface 400 in this embodiment corresponds substantially to the spatial configuration of a conventional keypad, for ensuring familiarity of the user with the secure user interface.
S
[0044] All the input keys 402N have an identical, substantially square shape and are equally dimensioned. The square shape of each input key 402N is divided into three portions, consisting of a lower right portion, a lower left portion symmetrically opposed to the lower right portion about the vertical median line of the square and having substantially identical dimensions to the lower right portion, and an upper portion which straddles both the lower right and left portions across the width of the square. Each input key 4O2N comprises a respective alphanumerical code 403N located in the lower right portion, a respective pictographic code 404N located in the lower left portion, and a respective colour code 405N located in the upper portion.
[0045] The user interface of the example thus comprises a total of 10 numerical codes 403N ranging from 0 to 9; 10 pictographic codes 404N including a circle, a triangle, a square, a star, a plus sign, a lozenge, a multiply sign, a flower, a club' card suit and an arrow; and 10 colour codes 405N including red (R), yellow (Y), purple (PU), light blue (LB), grey (GY), orange (0), dark green (DGR), pink (RI), light green (LGR) and dark blue (DB), providing for a total of -io3° possible permutations.
[0046] The user interface is thus configured to accept input of a sequence of aiphanumerical and/or pictographic and/or colour codes by a user, wherein the sequence is a unique token which the user must input in order to access a resource, for instance a communication functionality of the personal device 101 or a balance or withdrawal functionality of the ATM device 111.
[0047] It will be appreciated that the sequence may consist of any number of codes, for instance a total of 4 codes as privileged in most applications currently, and that it may still consist exclusively of digits as is well-known, since even a token of 4 digits 403N according to ISO 9564 benefits from the security advantage provided by the secure user interface 400 of the invention: in the context of the additional variables 404N, 405N located on each input key 402N relative to prior art keypads, an onlooker cannot know whether the user actually is input 4 digits 403N, or input a combination of 4 codes selected from digits, signs and colours 403N, 404N, 405N instead. Even if the onlooker observes which code keys 402N are input by a user, then for a 4-code token and absent the knowledge of the actual token, the onlooker would have to attempt potentially up to 1 million permutations, when including the signs 404N and colours 405N variables into the permutation possibilities, rather than 10,000 based on 4 numerical digits 403N alone.
[0048] Data processing steps performed by the mobile handset 101 for outputting a secure user interface 400 are now described with reference to Figure 5 by way of example only. A data processing step or function of the operating system or an application being processed by the mobile handset 101 initiates a user authentication procedure at step 501, according to known techniques. For instance, the mobile handset 101 may have been operating in a standby power saving mode and the user now requires its voice call functionality, whereby a security function of the handset operating system requires the user to input an authentication token to verify that the user is authorized to use the device for the purpose.
[0049] The authentication procedure thus includes an application programmer interface (API) call upon a set of instructions embodying a data processing method according to the invention, pursuant to which, at step 502, a keypad input interface 401 comprising 10 input keys 4O2N is instantiated in the memory means 202 of the device 101, in the example arranged as a grid-like structure substantially as shown in Figure 4 and wherein each of the 10 input keys 402N is provided with respective display screen X,Y coordinates. Any tactile user interrupt provided at a location X, Y of the touch screen-enabled display screen 210 may therefore be associated with a corresponding input key 402N of the user interface 401.
[0050] At step 503, each of the 10 input keys 402N is associated with a respective alphanumerical code 403N, a respective pictographic code 404N and a respective colour code 405N, so that each of the total number of alphanumerical, is pictographic and colour codes is associated once only in the interface, with a single sub-portion of a key thereof. Any tactile user interrupt provided on the touch screen-enabled display screen 210 and associated with a corresponding input key 402N of the user interface 401 may therefore be associated with a corresponding code input 403N, 404N, 405N, forwarded as an input to the authentication procedure.
[0051] At step 504, the keypad input interface 401 is rendered by the CPU 201 to the display means 210 of the device, wherein each input key thereof comprises the alphanumerical, pictographic and colour codes 4O3N, 4O4N, 405N respectively associated therewith, ready for user input as described above. The token input may then be validated locally, for instance if it is stored in the memory means 202, or remotely via a relevant query to a remote server over the network 105, according to known techniques.
[0052] In an alternative embodiment based substantially upon the method described with reference to Figure 5, the step 502 of instantiating the keypad input interface 401 may further provide each sub-portion of each input key 4O2N with respective display screen X,Y coordinates, whereby any tactile user interrupt provided at a location X, Y of the touch screen-enabled display screen 210 may therefore be associated with a corresponding sub-portion of an input key 4O2N of the user interface 401. Accordingly, in this embodiment the step 503 associates each sub-portion of the input keys 402N with a respective alphanumerical code 403rj or a respective pictographic code 404N or a respective colour code 405N, so that each of the total number of alphanumerical, pictographic and colour codes is still associated once only in the interface, with a single sub-portion of a key thereof.
[0053] Data processing steps of an alternative method, performed this time by the ATM 111 for outputting a secure user interface 400 are now described with reference to Figures 6 and 7 by way of example only. In the example, the ATM 111 display 302 is not touchscreen-enabled and the only human-machine interface provided for inputting an identification or authentication token of any sort is the conventional keypad 303 comprising 10 digit keys 303N from 0 to 9 and two symbol keys [0054] A data processing step of the purpose-specific application being processed by the ATM 111 initiates a user authentication procedure at step 601, according to known techniques. Typically, step 601 is expected to be performed after a user has inserted a payment card or the like in the card reader 304, at which time the ATM 111 require user authentication for the card before any further data processing occurs.
[0055] The authentication procedure again includes an API call upon a set of instructions embodying this data processing method according to the invention, pursuant to which, at step 602, a keypad input interface 401 comprising 10 input keys 402N is again instantiated in the memory means 308 of the device 111, in the example arranged as a grid-like structure substantially as shown in Figure 4 and mirroring substantially the layout of the conventional keypad 303, and wherein each of the 10 input keys 402N is provided with respective display screen X,Y coordinates as before.
[0056] At step 603, each input key input keys 402N is associated with the respective input key 303N corresponding to its location in the conventional keypad 303. Thus, for example, the top left key 4O2i of the displayed keypad input interface 401 is associated with the top left key 3O3 of the hardware keypad 303, the next key 4022 of the displayed keypad input interface 401 immediately to the right of the top left key 4O2 is associated with the corresponding next key 3032 of the hardware keypad 303 immediately to the right of the top left key 3O3i thereof, and so on and so forth. Any tactile user interrupt provided on a key 303N of the conventional keypad 303 may therefore be associated with a corresponding input key 4O2N of the user interface 401.
[0057] At step 604, each of the 10 input keys 402N is associated with a respective alphanumerical code 403N, a respective pictographic code 404N and a respective colour code 4O5N as before, so that each of the total number of alphanumerical, pictographic and colour codes is associated once only in the interface 401, with a single sub-portion of a key 4O2N thereof, and by association following step 603, with a single input key 303N of the conventional keypad 303.
Accordingly, any tactile user interrupt provided on the keypad 303 and associated with a corresponding input key 402N of the user interface 401 may therefore be associated with a corresponding code input 403N, 4O4N, 405N, forwarded as an input to the authentication procedure.
[0058] At step 605, the keypad input interface 401 is rendered by the CPU 307 to the display means 302 of the ATM device 111, wherein each input key thereof comprises the alphanumerical, pictographic and colour codes 403N, 404N, 405N respectively associated therewith, ready for user input as described above.
The token input may then be validated locally, for instance if it is recorded in the payment card magnetic stripe or electronic circuitry, or remotely via a relevant query to a remote server over the network 105, according to known techniques. It will be readily appreciated by those skilled in the art that the above principle may be applied to any device with legacy human -machine interface, particularly computers equipped with alphanumerical keyboards and/or numeric keypads, regardless of the spatial arrangement of the legacy human -machine interface.
[0059] Data processing steps of another alternative method, performed this time by any of the devices 101, 111, 121, 131 for outputting a secure user interface 400 are now described with reference to Figures 8, 9 and 10 by way of S example only. As before, a data processing step or function of the operating system or an application being processed by a relevant device 101, 111, 121, 131 initiates a user authentication procedure at step 801, according to known techniques.
[0060] The authentication procedure again includes an API call upon a set of instructions embodying this data processing method according to the invention, pursuant to which a keypad input interface 401 comprising 10 input keys 4O2N is first instantiated in memory means of the device, in the example again arranged as a grid-like structure substantially as shown in Figure 4.
[0061] In this embodiment, however, each of the 10 input keys 4O2N is provided with respective display screen X,Y coordinates, that are different from the last-provided display screen X,Y coordinates, and each alphanumerical code 403N, pictographic code 404N and colour code 405N is associated with a different input key 402N, relative to the last-made association.
[0062] The set of instructions stores a template of the interface layout with display screen X,Y coordinates respectively representing 10 interface key locations, that may be provided to any of the input keys 4O2N and a list of the last association of each alphanumerical code 403N, pictographic code 404N and respective colour code 4O5N with a respective input key 4O2N [0063] On any new or next iteration of the method caused by a procedural call of step 801, illustrated in Figures 9 and 10 and the successive character thereof denoted therein as, respectively, 401 (t+1) and 401 (t+2) relative to the original interface 401 (tO') of Figure 4, the provision of display screen X,Y coordinates to respective input keys 402N is randomized at step 802, then the interface is instantiated as before at step 803, such that any tactile user interrupt provided at a location X, Y of a touch screen-enabled display screen 210 or via legacy input means 303 may therefore be associated with a corresponding input key 402N of the user interface 401.
[0064] At the next step 804, each of the 10 input keys 402N is randomly associated with a different aiphanumerical code 403N, pictographic code 404N and colour code 405N than recorded in the list, so that each of the total number of aiphanumerical, pictographic and colour codes is still associated once only in the interface, with a single sub-portion of a different key 402N thereof The list of key and code bindings is updated at step 805.
[0065] At step 806, the keypad input interface 401 is rendered by data processing means to display means of the device, wherein each input key 402N thereof comprises the alphanumerical, pictographic and colour codes 403N, 404N, 405 respectively associated therewith, ready for user input as described above, however at a different location in the interface relative to the last token input event, rendering the successful reproduction and input of an observed or witnessed token sequence still less likely.
[0066] The embodiments in the invention described with reference to the drawings comprise a computer apparatus and/or processes performed in a computer apparatus. However, the invention also extends to computer programs, particularly computer programs stored on or in a carrier adapted to bring the invention into practice. The program may be in the form of source code, object code, or a code intermediate source and object code, such as in partially compiled form or in any other form suitable for use in the implementation of the method according to the invention. The carrier may comprise a storage medium such as ROM, e.g. CD ROM, or magnetic recording medium, e.g. a floppy disk or hard disk. The carrier may be an electrical or optical signal which may be transmitted via an electrical or an optical cable or by radio or other means.
[0067] In the specification the terms "comprise, comprises, comprised and comprising" or any variation thereof and the terms include, includes, included and including" or any variation thereof are considered to be totally interchangeable and they should all be afforded the widest possible interpretation and vice versa.
[0068] The invention is not limited to the embodiments hereinbefore described but may be varied in both construction and detail.

Claims (29)

  1. Claims 1. A secure user interface for inputting a unique identification token in a data processing device, wherein the token includes a plurality of codes and the s interface is output to a display means of the device, the interface comprising a keypad comprising a plurality of input keys; a number of alphanumerical codes; a number of pictographic codes; a number of colour codes; wherein each input key comprises at least one of each of the alphanumerical, pictographic and colour codes.
  2. 2. An electronic secure user interface according to claim 1 wherein, for each output of the interface on the display means, each input key is randomly assigned a respective location in the interface.
  3. 3. An electronic secure user interface according to claim 1 or 2 wherein, for each output of the interface on the display means, each code is randomly associated with a respective input key of the interface.
  4. 4. An electronic secure user interface according to any of claims 1 to 3, wherein the token comprises at least one of each of the alphanumerical, pictographic and colour codes.
  5. 5. An electronic secure user interface according to any of claims 1 to 5, wherein each input key has a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles.
  6. 6. An electronic secure user interface according to claim 5, wherein the geometrical shape is configured into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes.s
  7. 7. An electronic secure user interface according to any of claims 1 to 6, wherein the input keys are configured as a plurality of rows and columns.
  8. 8. An electronic secure user interface according to any of claims 1 to 7, wherein the alphanumerical codes comprise digits U to 9.
  9. 9. An electronic secure user interface according to any of claims 1 to 8, wherein the pictographic codes comprise geometrical shapes or symbols.
  10. 10. An electronic secure user interface according to any of claims 1 to 8, is wherein the device is selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices.
  11. 11. A method of outputting a secure user interface to a display means of a data processing device, wherein the interface is for inputting a unique identification token having a plurality of codes, the method comprising the steps of instantiating a keypad input interface comprising a plurality of input keys in memory means of the device, associating each input key with at least one of each of an alphanumerical code, a pictographic code and a colour code; and rendering the keypad input interface to display means of the device, wherein each input key thereof comprises the alphanumerical, pictographic and colour codes respectively associated therewith.
  12. 12. A method according to claim 11, wherein the step of rendering further comprises randomizing the location of each input key in the keypad input interface.
  13. 13. A method according to claim 11 or 12, wherein the step of associating further comprises randomizing the respective associations of the aiphanumerical, pictographic and colour codes with each input key.
  14. 14. A method according to claim 12 or 13, wherein the steps of instantiating, associating and rendering are repeated and the further step of randomizing is automatically performed, when an incorrect token is input in the secure interface.
  15. 15. A method according to any of claims 11 to 14, comprising the further is step of associating each input key in the keypad input interface with a respective input key of a second user input interface.
  16. 16. A method according to claim 15, wherein the second user input interface is selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller.
  17. 17. A method according to any of claims 11 to 16, wherein the step of rendering the keypad input interface further comprises rendering each input key as a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles.
  18. 18. A method according to claim 17, comprising the further step of configuring the geometrical shape into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes.
  19. 19. A method according to any of claims 11 to 18, wherein the alphanumerical codes comprise digits 0 to 9.
  20. 20. A method according to any of claims 11 to 19, wherein the pictographic codes comprise geometrical shapes or symbols.
  21. 21. A system for inputting a unique identification token having a plurality of codes, the system comprising at least a first data processing device with display means and user input means; and a secure user interface comprising a keypad with a plurality of input keys output to the display means, wherein each input key comprises at least one of each of an alphanumerical code, a pictographic code and a colour code.
  22. 22. A system according to claim 21, wherein the first device is selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices.
  23. 23. A system according to claim 21 or 22, wherein the first device comprises a second user interface having a keypad with a plurality of alphanumerical input keys, and wherein each alphanumerical input key is associated with a respective input key of the secure user interface.
  24. 24. A system according to claim 24, wherein the second user input interface is selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller.
  25. 25. A system according to any of claims 21 to 24, wherein the token comprises at least one of each of the alphanumerical, pictographic and colour codes.
  26. 26. A system according to any of claims 21 to 25, further comprising a network and a second data processing device storing a data resource, wherein the first and second data processing devices are connected to the network, and wherein the second data processing device is configured to authenticate the token S input at the first data processing device for access to the resource over the network.
  27. 27. A set of instructions recorded on a data carrying medium which, when processed by a data processing terminal having display means, configures the terminal to output a secure user interface to the display means, the interface comprising a keypad with a plurality of input keys, wherein each input key comprises at least one of each of an aiphanumerical code, a pictographic code and a colour code.
  28. 28. A set of instructions according to claim 27, embodied as an application package file (ARK') for use with the AndroidTM operating system, or as an iphoneTM application archive (IRA') for use with the iOSTM operating system, or as an executable (EXE') or cabinet (CAB') file for use with the Windows1M Phone 8TM or the WindowsTM SurfacelM operating systems, or as a subroutine of such an application.
  29. 29. A secure user interface substantially as herein before described with reference to the accompanying drawings.Amendments to the claims have been filed as follows: Claims 1. A secure user interface for inputting a unique identification token in a data processing device, wherein the token includes a plurality of codes and the s interface is output to a display means of the device, the interface comprising a keypad comprising a plurality of input keys; a number of alphanumerical codes; a number of pictographic codes; a number of colour codes; wherein each input key comprises at least one of each of the alphanumerical, pictographic and colour codes.2. An electronic secure user interface according to claim 1 wherein, for each output of the interface on the display means, each input key is randomly assigned a respective location in the interface.3. An electronic secure user interface according to claim 1 or 2 wherein, for each output of the interface on the display means, each code is randomly associated with a respective input key of the interface.4. An electronic secure user interface according to any of claims 1 to 3, wherein the token comprises at least one of each of the alphanumerical, pictographic and colour codes.5. An electronic secure user interface according to any of claims 1 to 5, wherein each input key has a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles.6. An electronic secure user interface according to claim 5, wherein the geometrical shape is configured into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes.s 7. An electronic secure user interface according to any of claims 1 to 6, wherein the input keys are configured as a plurality of rows and columns.8. An electronic secure user interface according to any of claims 1 to 7, wherein the alphanumerical codes comprise digits U to 9.9. An electronic secure user interface according to any of claims 1 to 8, wherein the pictographic codes comprise geometrical shapes or symbols.10. An electronic secure user interface according to any of claims 1 to 8, is wherein the device is selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices.11. A method of outputting a secure user interface to a display means of a data processing device, wherein the interface is for inputting a unique identification token having a plurality of codes, the method comprising the steps of instantiating a keypad input interface comprising a plurality of input keys in memory means of the device, associating each input key with at least one of each of an alphanumerical code, a pictographic code and a colour code; and rendering the keypad input interface to display means of the device, wherein each input key thereof comprises the alphanumerical, pictographic and colour codes respectively associated therewith.12. A method according to claim 11, wherein the step of rendering further comprises randomizing the location of each input key in the keypad input interface.13. A method according to claim 11 or 12, wherein the step of associating further comprises randomizing the respective associations of the aiphanumerical, pictographic and colour codes with each input key.14. A method according to claim 12 or 13, wherein the steps of instantiating, associating and rendering are repeated and the further step of randomizing is automatically performed, when an incorrect token is input in the secure interface.15. A method according to any of claims 11 to 14, comprising the further is step of associating each input key in the keypad input interface with a respective input key of a second user input interface.16. A method according to claim 15, wherein the second user input interface is selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller.17. A method according to any of claims 11 to 16, wherein the step of rendering the keypad input interface further comprises rendering each input key as a geometrical shape selected from the group comprising squares, rectangles, circles, ovals, triangles.18. A method according to claim 17, comprising the further step of configuring the geometrical shape into three portions, each portion bearing a respective one of the alphanumerical, pictographic and colour codes.19. A method according to any of claims 11 to 18, wherein the alphanumerical codes comprise digits 0 to 9.20. A method according to any of claims 11 to 19, wherein the pictographic codes comprise geometrical shapes or symbols.21. A system for inputting a unique identification token having a plurality of codes, the system comprising at least a first data processing device with display means and user input means; and a secure user interface comprising a keypad with a plurality of input keys output to the display means, wherein each input key comprises at least one of each of an alphanumerical code, a pictographic code and a colour code.22. A system according to claim 21, wherein the first device is selected from the group comprising automatic teller machines, payment card terminals, computers, tablet computers, mobile telephone handsets, television sets, set top boxes, multimedia devices, gaming devices.23. A system according to claim 21 or 22, wherein the first device comprises a second user interface having a keypad with a plurality of alphanumerical input keys, and wherein each alphanumerical input key is associated with a respective input key of the secure user interface.24. A system according to claim 24, wherein the second user input interface is selected from the group comprising an Automatic Teller Machine (ATM) keypad, a payment card terminal keypad, a computer keyboard or number pad, a telephone dial pad, a television remote control, a game controller.25. A system according to any of claims 21 to 24, wherein the token comprises at least one of each of the alphanumerical, pictographic and colour codes.26. A system according to any of claims 21 to 25, further comprising a network and a second data processing device storing a data resource, wherein the first and second data processing devices are connected to the network, and wherein the second data processing device is configured to authenticate the s token input at the first data processing device for access to the resource over the network.27. A set of instructions recorded on a data carrying medium which, when processed by a data processing terminal having display means, configures the terminal to output a secure user interface to the display means for inputting a unique identification token, the interface comprising a keypad with a plurality of input keys1 wherein each input key comprises at least one of each of an alphanumerical code, a pictographic code and a colour code.28. A set of instructions according to claim 27, embodied as an application package file (APK'), an application archive (IPA'), an executable (EXE') or cabinet (tAB') file, or as a subroutine of such an applidation or file.29. A secure user interface substantially as herein before described with reference to the accompanying drawings. * . * * .s * *S. *t -* * . * * a. * * I. * * * . * I
GB1219278.7A 2012-10-26 2012-10-26 Secure user interface Expired - Fee Related GB2504157B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB1219278.7A GB2504157B (en) 2012-10-26 2012-10-26 Secure user interface
PCT/GB2013/000449 WO2014064405A1 (en) 2012-10-26 2013-10-22 Secure user interface

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1219278.7A GB2504157B (en) 2012-10-26 2012-10-26 Secure user interface

Publications (3)

Publication Number Publication Date
GB201219278D0 GB201219278D0 (en) 2012-12-12
GB2504157A true GB2504157A (en) 2014-01-22
GB2504157B GB2504157B (en) 2014-09-24

Family

ID=47358693

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1219278.7A Expired - Fee Related GB2504157B (en) 2012-10-26 2012-10-26 Secure user interface

Country Status (2)

Country Link
GB (1) GB2504157B (en)
WO (1) WO2014064405A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9411465B2 (en) 2014-06-06 2016-08-09 Wipro Limited Systems and methods for generating a secure locking interface

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2713033A1 (en) * 1993-11-26 1995-06-02 Jouve Jerome Tactile display screen for access control
WO2002100016A1 (en) * 2001-06-06 2002-12-12 Atm Direct, Inc. Secure key entry using a graphical user interface
US20060224523A1 (en) * 2005-03-31 2006-10-05 Elvitigala Rajith T Dynamic keypad
WO2007082139A2 (en) * 2006-01-05 2007-07-19 Apple Inc. Keyboards for portable electronic devices

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8239937B2 (en) * 2004-12-16 2012-08-07 Pinoptic Limited User validation using images

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2713033A1 (en) * 1993-11-26 1995-06-02 Jouve Jerome Tactile display screen for access control
WO2002100016A1 (en) * 2001-06-06 2002-12-12 Atm Direct, Inc. Secure key entry using a graphical user interface
US20060224523A1 (en) * 2005-03-31 2006-10-05 Elvitigala Rajith T Dynamic keypad
WO2007082139A2 (en) * 2006-01-05 2007-07-19 Apple Inc. Keyboards for portable electronic devices

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9411465B2 (en) 2014-06-06 2016-08-09 Wipro Limited Systems and methods for generating a secure locking interface

Also Published As

Publication number Publication date
GB2504157B (en) 2014-09-24
GB201219278D0 (en) 2012-12-12
WO2014064405A1 (en) 2014-05-01

Similar Documents

Publication Publication Date Title
CN108769027B (en) Secure communication method, device, mobile terminal and storage medium
CN104584086B (en) PIN verification
CN103793815B (en) Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards
US9104840B1 (en) Trusted security zone watermark
US9213931B1 (en) Matrix barcode enhancement through capture and use of neighboring environment image
US20080148186A1 (en) Secure data entry device and method
WO2018083088A1 (en) Method for securing a transaction performed from a non-secure terminal
CN101794365B (en) The method of safely inputting information and mobile terminal on mobile terminals
CN104239804A (en) Data protecting method and device
CN105005731A (en) A data encryption and decryption method and mobile terminal
WO2020253197A1 (en) Method and apparatus for managing virtual user identification card, terminal device and storage medium
CN102117393A (en) Mobile terminal and password input method thereof
CN107194268A (en) A kind of information processing method, device, computer installation and readable storage medium storing program for executing
CN102968587B (en) A kind of electronic equipment and the method giving electronic equipment unlocking information for change
CN104270741A (en) Terminal locking method and device
CN103793659A (en) Method and system for setting password and method and system for verifying password
CN105071824A (en) A smart wearable device and method for transmitting data
CN107992768B (en) Information protection method, terminal equipment and storage medium
CN107483704A (en) A kind of private space method to set up and terminal device
CN102521169B (en) Confidential USB (universal serial bus) memory disk with display screen and security control method of confidential USB memory disk
CN105577375A (en) Identity authentication method and device
CN103200325A (en) Peripheral device for mobile terminal and communication method for mobile terminal and peripheral device
CN104506481A (en) Authentication method of mobile communication network
US20130061057A1 (en) Authentication method and device
CN108540591B (en) Address book management method, address book management device and electronic device

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20161026