[go: up one dir, main page]

WO2002008974A3 - Improvements relating to the security of authentication systems - Google Patents

Improvements relating to the security of authentication systems Download PDF

Info

Publication number
WO2002008974A3
WO2002008974A3 PCT/GB2001/003298 GB0103298W WO0208974A3 WO 2002008974 A3 WO2002008974 A3 WO 2002008974A3 GB 0103298 W GB0103298 W GB 0103298W WO 0208974 A3 WO0208974 A3 WO 0208974A3
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
subset
data element
challenge
user
Prior art date
Application number
PCT/GB2001/003298
Other languages
French (fr)
Other versions
WO2002008974A2 (en
Inventor
Giles Martin Wren-Hilton
Original Assignee
Nexxgen Ltd
Giles Martin Wren-Hilton
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB0018047A external-priority patent/GB0018047D0/en
Priority claimed from GB0111978A external-priority patent/GB0111978D0/en
Application filed by Nexxgen Ltd, Giles Martin Wren-Hilton filed Critical Nexxgen Ltd
Priority to AU2001270912A priority Critical patent/AU2001270912A1/en
Publication of WO2002008974A2 publication Critical patent/WO2002008974A2/en
Publication of WO2002008974A3 publication Critical patent/WO2002008974A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/04Billing or invoicing
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Computer Security & Cryptography (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method of and system for authenticating a personal authentication store such as a prepayment card for use in authentication the identity of a user is described. The method comprises generating a challenge by: receiving a unique identifier of the personal authentication store; identifying first and second subsets of predetermined data elements using the unique identifier; selecting a data element from the first subset and transmitting the data element to the user as an authentication challenge. Each subset has been previously selected from a corresponding larger set of the data elements and each data element of the first subset corresponds to a specific one of the data elements of the second subset. The authentication is determined by receiving a response to the authentication challenge from the user that has been determined by use of information provided on the personal authorisation store; and issuing an authentication signal if the response comprises the specific data element of the second subset that corresponds to the data element of the first subset used for the challenge.
PCT/GB2001/003298 2000-07-21 2001-07-23 Improvements relating to the security of authentication systems WO2002008974A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001270912A AU2001270912A1 (en) 2000-07-21 2001-07-23 Improvements relating to the security of authentication systems

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
GB0018047.1 2000-07-21
GB0018047A GB0018047D0 (en) 2000-07-21 2000-07-21 Improvements in and relating to authentication cards and systems
GB0111978A GB0111978D0 (en) 2001-05-16 2001-05-16 Improvements in and relating to authentication cards and systems
GB0111978.3 2001-05-16

Publications (2)

Publication Number Publication Date
WO2002008974A2 WO2002008974A2 (en) 2002-01-31
WO2002008974A3 true WO2002008974A3 (en) 2003-05-01

Family

ID=26244707

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/003298 WO2002008974A2 (en) 2000-07-21 2001-07-23 Improvements relating to the security of authentication systems

Country Status (2)

Country Link
AU (1) AU2001270912A1 (en)
WO (1) WO2002008974A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9742761B2 (en) 2015-11-10 2017-08-22 International Business Machines Corporation Dynamic authentication for a computing system

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8224887B2 (en) 2003-03-26 2012-07-17 Authenticatid, Llc System, method and computer program product for authenticating a client
US8060915B2 (en) 2003-12-30 2011-11-15 Entrust, Inc. Method and apparatus for providing electronic message authentication
US9191215B2 (en) 2003-12-30 2015-11-17 Entrust, Inc. Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
US9281945B2 (en) 2003-12-30 2016-03-08 Entrust, Inc. Offline methods for authentication in a client/server authentication system
US8966579B2 (en) 2003-12-30 2015-02-24 Entrust, Inc. Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US8612757B2 (en) 2003-12-30 2013-12-17 Entrust, Inc. Method and apparatus for securely providing identification information using translucent identification member
US8230486B2 (en) * 2003-12-30 2012-07-24 Entrust, Inc. Method and apparatus for providing mutual authentication between a sending unit and a recipient
US7347366B2 (en) 2006-03-14 2008-03-25 Verisign, Inc. Method and apparatus to provide authentication using an authentication card
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
CN113469694A (en) * 2021-07-27 2021-10-01 中国银行股份有限公司 Method and device for logging in and paying by mobile phone software of low-vision people
CN115913562A (en) * 2022-09-30 2023-04-04 福建正孚软件有限公司 Electronic array card authentication method, medium and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2058417A (en) * 1979-06-25 1981-04-08 Gao Ges Automation Org Input of a Personal Code Word
US4958066A (en) * 1988-08-19 1990-09-18 Secured Transactions Financial instrument verification and method of production
FR2654238A1 (en) * 1989-11-07 1991-05-10 Lefevre Jean Pierre METHOD FOR AUTHENTICATING THE IDENTITY OF A PHYSICAL PERSON AND AUTHENTICATING DEVICE FOR IMPLEMENTING THE METHOD.
US5177789A (en) * 1991-10-09 1993-01-05 Digital Equipment Corporation Pocket-sized computer access security device
US5712627A (en) * 1995-04-19 1998-01-27 Eastman Chemical Company Security system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2058417A (en) * 1979-06-25 1981-04-08 Gao Ges Automation Org Input of a Personal Code Word
US4958066A (en) * 1988-08-19 1990-09-18 Secured Transactions Financial instrument verification and method of production
FR2654238A1 (en) * 1989-11-07 1991-05-10 Lefevre Jean Pierre METHOD FOR AUTHENTICATING THE IDENTITY OF A PHYSICAL PERSON AND AUTHENTICATING DEVICE FOR IMPLEMENTING THE METHOD.
US5177789A (en) * 1991-10-09 1993-01-05 Digital Equipment Corporation Pocket-sized computer access security device
US5712627A (en) * 1995-04-19 1998-01-27 Eastman Chemical Company Security system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9742761B2 (en) 2015-11-10 2017-08-22 International Business Machines Corporation Dynamic authentication for a computing system

Also Published As

Publication number Publication date
AU2001270912A1 (en) 2002-02-05
WO2002008974A2 (en) 2002-01-31

Similar Documents

Publication Publication Date Title
US6398115B2 (en) System for authenticating use of transaction cards having a magnetic stripe
CN105379409B (en) EHF safety communications equipment
CN101233476B (en) Method, memory device and USB flash drive for transferring wireless network settings
CA2208055A1 (en) System for verifying use of a credit/identification card including recording of physical attributes of unauthorized users
WO2003044721A3 (en) Transaction card system having security against unauthorized usage
WO2001057750A8 (en) Authentication system
BR9807372A (en) Method of verifying authorization
WO2002073877A3 (en) System and method of user and data verification
AU4781590A (en) Secure data interchange system
MY122139A (en) Personal identification authenticating with fingerprint identification
JPS61139873A (en) Authorization system
CA2140803A1 (en) Method of Authenticating a Terminal in a Transaction Execution System
AU1470795A (en) Method and apparatus for authenticating a data carrier intended to enable a transaction or access to a service or a location, and corresponding carrier
EP0391261A3 (en) Method and apparatus for implementing electronic cash
EP1271435A3 (en) Authentication and access control system
WO2006100171A1 (en) Secure credit card with near field communications (nfc)
GB2050021A (en) Method and means for securing the distribution of encoding keys
CA2026739A1 (en) Transaction system security method and apparatus
WO2002008974A3 (en) Improvements relating to the security of authentication systems
WO2002065253A3 (en) Method, arrangement and secure medium for authentication of a user
RU2008131071A (en) METHOD OF AUTHORIZED SERVICE PROVISION AND DEVICE FOR ITS IMPLEMENTATION
WO2001075864A8 (en) Electronic identifier
EP0998073A3 (en) Scheme, system and equipment for inter-equipment authentication and key delivery
AU649190B2 (en) Method and apparatus for personal identification
EP1486851A4 (en) Authentication system, authentication server, authentication method, authentication program, terminal, authentication request method, authentication request program, and storage medium

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (EPO FORM 1205A DATED 06.06.03)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP