IES20050147A2 - Securing access authorisation - Google Patents
Securing access authorisationInfo
- Publication number
- IES20050147A2 IES20050147A2 IES20050147A IES20050147A2 IE S20050147 A2 IES20050147 A2 IE S20050147A2 IE S20050147 A IES20050147 A IE S20050147A IE S20050147 A2 IES20050147 A2 IE S20050147A2
- Authority
- IE
- Ireland
- Prior art keywords
- series
- user
- support
- electronic resource
- terminal
- Prior art date
Links
Classifications
- 
        - G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
 
- 
        - G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
 
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Calculators And Similar Devices (AREA)
Abstract
A system for securing access to an electronic resource is provided, which comprises at least one data processing terminal and a support including at least first and second series of numerical values, said terminal comprising storage means, processing means and display means, said storage means storing a combination of a user reference and an electronic resource user access reference for at least one user and instructions which configure said processing means to generate a third series of random numerical values and request user input in response to said user requesting access to said electronic resource, compare said user input and said electronic resource user access reference upon receiving said user input, and grant access to said electronic resource upon said comparison returning a match, wherein said user input comprises at least one numerical value of said first series identified with positioning said support relative to said display device and comparing corresponding numerical value of said second series with corresponding numerical value of said thirdseries. <Figure 3>
  Description
Field of the Invention
This invention relates to securing access to an electronic data resource stored in a data processing system. More particularly, this invention relates to a device for encrypting one or more user identifiers in reference to numerical series and a i
Background to the Invention i corresponding meth^^J e-Qbf 3j/o°
In the so-called information age, an increasing amount of personal and/or user information is disseminated in either isolated or networked data processing terminals, whether as a result of user choice, for instance when registering for online banking services, or as a result of procedural change, such as when government agencies upgrade to computerized systems and records.
    The value of this readily-accessible personal or user information is increasing in tandem with the growing ubiquity of highly-distributed networks such as the Internet, as it allows purveyors of goods or services to constantly refine their target markets and extract better revenue from more accurate use of their advertising expenditure. More disturbingly, as the value or nature of this information expands, so it attracts third-party users willing and able to make unauthorized use of all or a portion of this information and therefore the need to implement access authentication methods and systems has long been recognized and many such methods and systems exist in the prior art.
    Password authentication schemes constitute the most widely-used methods of access authentication for a user to access electronic data resources, such as her banking details and/.or service provided over the Internet, and this despite growing problems associated with theft of user information, particularly information with an inherent financial value such as credit card or user or bank account details. Indeed, password authentication schemes can be compromised in numerous ways.
    Trojan Horse Attacks and Spyware are the most classic and widespread types of attack. A
Trojan Horse is an application that is stealthily processed by a data processing system and assists in the performance of illicit transactions, unbeknownst to a user of the data processing system. Trojan Horses may be used either on a standalone terminal sharing multiple
IE 0 50 1 47 consecutive users, such as in a public library, but are more commonly used in highlydistributed networks, such as the Internet, by remote unauthorised users and are configured to stealthily load into a data processing system and then collate local data including keys pressed, applications processed, electronic resources accessed over the network as well as l. 5 capture images of graphical user interfaces, for subsequently broadcasting this information over the network, still unbeknownst to the user, to those remote unauthorised users. In this context, Spyware is a colloquialism encompassing both legitimate and illegitimate forms of
Trojan Horse applications, which gather information about a user’s terminal and use thereof and relay that information to remote users, such as marketing companies in legitimate cases or
l. 10 unauthorised users in illegitimate circumstances.
    Phishing Attacks are mounted by highly-organised unauthorised users and comprise largescale, carefully planned defrauding operations. Phishing is a method of using deceptive email and internet sites to retrieve authentication data from unsuspecting users. Such operations l. 15 typically begin with an electronic mail message addressed to a genuine user by an apparently genuine sender, for instance the bank of that user or an Internet transaction website at which said user is registered. The message is configured in wording, appearance and interactive features, such as a pointer to a network address or Uniform Resource Locator, to lead the recipient to an apparently genuine Internet page of this bank or transaction site, which is in
1. 20 fact a false Internet page output by the data processing system of the unauthorized users, at which point the user is requested to input her username and password, which are therefore obtained by the afore-mentioned highly-organised unauthorized users when said user is deceived.
l. 25 Man-in-the-Middle Attacks are the hardest attack to carry out, as they need to be performed whist a victim is connected to the network. Such attacks involve a particularly sophisticated form of data processing procedure, colloquially known as hacking, which involves the illegal misuse of Secure Socket Layer Certificates and Keys.
1. 30 The negative impact of any successful attack is threefold: bad publicity for the provider of the electronic resource, loss of confidence by users as a subsequent reaction and financial loss from the attack itself to the provider and/or the users. Loss of customer confidence may reflect not only on the image and turnover of a provider, but also on the Internet as a channel for transacting with sensitive information. For obvious reasons, institutions are keen to reduce
1. 35 their exposure to these risks. It is unfortunate that this type of unauthorized activity will
IE 050 1 41 become more intense with the ongoing drive to facilitate the transacting of an ever-increasing amount of goods and service over the Internet.
    An improved system and an improved method are therefore required to prevent unauthorized l. 5 users from obtaining user information, particularly access authentication data, by deception, whether a user accidentally or unknowingly provides this information or whether such unauthorized users deliberately attempt to obtain this information by deception.
    Object of the Invention
1. 10 It is an object of the present invention to improve the security of access authentication required for a user to access an electronic resource, whether locally or via a network, by decreasing the risk of compromising authentication data.
    It is another object of the present invention to provide a method of securing access to an
1. 15 electronic resource at a user terminal.
    It is a further object of the present invention to provide a system for securing access to an electronic resource.
l. 20 Summary of the Invention
According to an aspect of the present invention, a method of securing access to an electronic resource is provided at a user terminal equipped with a display device, which comprises the steps of providing a user with at least first and second series of numerical values on a support; l. 25 storing a combination of a user reference and an electronic resource user access reference for said user;
in response to said user requesting access to said electronic resource, generating a third series of random numerical values and requesting user input;
upon receiving said user input, comparing said user input and said electronic resource user
1. 30 access reference; and granting access to said electronic resource upon said comparison returning a match, wherein said user input comprises at least one numerical value of said first series identified with positioning said support relative to said display device and comparing corresponding numerical value of said second series with corresponding numerical value of said third series.
1. 35
According to another aspect of the present invention, a system for securing access to an electronic resource is provided, which comprises at least one data processing terminal and a support including at least first and second series of numerical values, said terminal comprising
1. 5 storage means, processing means and display means, said storage means storing a combination of a user reference and an electronic resource user access reference for at least one user and instructions which configure said processing means to generate a third series of random numerical values and request user input in response to said user requesting access to said electronic resource;
l. 10 compare said user input and said electronic resource user access reference upon receiving said user input; and grant access to said electronic resource upon said comparison returning a match, wherein said user input comprises at least one numerical value of said first series identified with positioning said support relative to said display device and comparing corresponding
l. 15 numerical value of said second series with corresponding numerical value of said third series.
    According to a further aspect of the present invention, a support is provided for securing access to an electronic resource, said support comprising at least first and second series of numerical values, said support being operationally positioned relative to the display device of
1. 20 a data processing terminal on which a third series of numerical values is displayed in response to a user requesting access to an electronic resource, wherein said user may compare corresponding numerical value of said second series of said support with corresponding numerical value of said third series and input at least one numerical value of said first series identified by said comparison for granting access to said electronic resource upon the
1. 25 comparison of said user input and an electronic resource user access reference returning a match.
    Preferably, the support comprising said first and second series of numerical values is configured with at least one substantially see-through portion between said series, and the step
1. 30 of comparing corresponding numerical value of said second series with corresponding numerical value of said third series advantageously comprises the further step of positioning the see-through portion of the support over the third series on the display device.
    The first, second and third series of numerical values may number ten numerical values, each
1. 35 of which is comprised between 0 (zero) and 9 (nine). The third series is advantageously
IE 0 5 0 1 47 generated as a random series to uniquely encrypt the electronic resource user access reference for every access authentication procedure. The first, second and third series of numerical values are preferably equally spaced relative to one another both on the support and the display device, to facilitate the comparison therebetween.
1. 5
In an alternative embodiment of the present invention, the terminal is connected to a network and the electronic resource is a data resource stored at a first remote terminal.
    In another alternative embodiment of the present invention, the terminal is connected to a 1. 10 network, the electronic resource is a data resource stored locally or at a first remote terminal and the combination of a user reference and an electronic resource user access reference for said user is stored at a second remote terminal.
    In yet another alternative embodiment of the present invention, the terminal is connected to a 1. 15 network, the electronic resource is a data resource stored locally or at a first remote terminal, the combination of a user reference and an electronic resource user access reference for said user is stored locally or at a second remote terminal and the third series is generated at said second remote terminal and communicated to the local user over the network.
1. 20 Brief Description of the Drawings
The above and other features and advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying illustrations listed below:
Figure 1 illustrates an environment comprising a data processing terminal connected to a l. 25 network, at which a user with a support may request access authentication according to the present invention;
Figure 2 details the data processing terminal of Figure 1, including a display;
Figure 3 details the support of Figure 1;
Figure 4 details processing steps performed by the terminal of Figures 1 and 2, including a l. 30 step of outputting a graphical user interface;
Figure 5 provides a graphical illustration of the interface of Figure 4·,
Figure 6 provides a graphical illustration of the interface of Figure 4 overlaid with the support of Figures I and J;
Figure 7 provides a graphical illustration of the interface of Figure 4 overlaid with the support 1. 35 of Figures 1 and 3 according to an alternative embodiment of the present invention; and
Figure 8 details processing steps performed by a remote terminal and the terminal of Figures 1 to 6 in an alternative embodiment of the present invention.
    Detailed Description of the Drawings
1. 5 An environment is shown in Figure 1, in which a user 101 is equipped with a support 102 provided by a support issuer 103 and may use a first computer terminal 104, for instance a personal computer located at the dwelling or workplace of user 101.
    In an alternative embodiment of the present invention, user 101 may use a second computer terminal 105, for instance if terminals 104 and 105 are made available to users in a public
1. 10 access location, such as a library, or if terminals 104 and 105 are workplace terminals which user 101 may use alternatively. In the alternative embodiment, terminal 104 is optionally connected to terminal 105 via a Local Area Network (LAN) 106, which may be implemented as either a wired Ethernet connection or a wireless Ethernet connection (WLAN), known to those killed in the art as a Wi-Fi network.
1. 15 Terminal 104 is optionally connected to a Wide Area Network (WAN) such as the Internet 107 via an Internet Service Provider (ISP) 108, to which it connects via any of a lowbandwidth dial-up modem connection or a high-bandwidth cable or Asynchronous Digital Subscriber Line (ADSL) connection 109. In an alternative embodiment, terminal 105 is likewise optionally connected to the Internet 107, for instance with sharing the connection
1. 20 109 of terminal 104 to ISP 108 over the LAN or WLAN 106.
    In yet another alternative embodiment of the present invention, a terminal 110 is located at support issuer 103 and is also connected to the Internet 107.
    Therefore, depending upon the particular embodiment of the present invention, terminal 104 may be used as a local data processing system only, or as a locally network-connected (106) l. 25 data-processing system only, or as a data-processing system connected to a plurality of wide and local networks (106, 107), in which embodiment terminal 104 may communicate data to terminal 110 and receive data therefrom.
    An example of the terminal 104 shown in Figure 1 is provided in Figure 2. In the example, the l. 30 respective architectures of terminals 104,105 and 110 are substantially similar, for the sake of not unnecessarily complicating the present description, but it will be readily apparent to those skilled in the arts that the invention may not be limited to the example terminal described below.
    Terminal 104 is a computer terminal configured with a data processing unit 201, data
1. 35 outputting means such as video display unit (VDU) 202, data inputting means such as a
IE 250147
Ί keyboard 203 and a pointing device (mouse) 204, data inputting/outputting means such as an optional modem connection 205A to network 107 or an optional Ethernet connection 205B andto LAN 106 and optionally also to the Internet 107, a first reader/writer 206A for reading data from and writing data to magnetic data-carrying medium 206B, and a second
1. 5 reader/writer 207A for reading data from and writing data to optical data-carrying medium 207B.
    Within data processing unit 201, a central processing unit (CPU) 208, such as an Intel Pentium 4 manufactured by the Intel Corporation, provides task co-ordination and data processing functionality. Instructions and data for the CPU 208 are stored in main memory l. 10 209 and a hard disk storage unit 210 facilitates non-volatile storage of data and data processing applications. Network connection 205A is provided by way of a 56k or ADSL modem 211 as a wired connection to the Internet 107. Network connection 205B is provided by way of a Network Interface Card (NIC) 212 as a wired or wireless connection to terminal
105 and optionally to the Internet 107.
1. 15 A universal serial bus (USB) input/output interface 213 facilitates connection to the keyboard and pointing devices 203, 204 and a further serial or parallel input/output interface 214 is provided for legacy purposes.
    All of the above devices are connected to a data input/output bus 215, to which said magnetic data-carrying medium reader/writer 206A and optical data-carrying medium reader/writer
1. 20 207B are also connected. A video adapter 216 receives CPU instructions over said bus 213 for outputting processed data to VDU 202,
In the embodiment, data processing unit 201 is of the type generally known as a compatible Personal Computer ('PC'), but may equally be any device configured with processing means, output data display means, memory means, input means and wired or wireless network
1. 25 connectivity.
    The support 102 issued to user 101 by support issuer 103 is further detailed in Figure 3. The support 102 takes the form of a card, preferably made of a durable plastic material and the dimensions of which are substantially identical to a standard credit card. In the preferred
1. 30 embodiment of the present invention, support issuer 103 issues the card 102 with at least a first series of numerical values 301 and a second series of numerical values 302.
    In an alternative embodiment of the present invention shown as a card 102B, the card 102B is configured with a see-through portion 303, located substantially between the first and second series of numerical values 301, 302.
1. 35
Each of the first and second series of numerical values 301, 302 preferably comprises an identical number of numerical values, which is 10 in the example but may be a higher or a lower number. Each of the values themselves are preferably randomly selected between 0 (zero) and 9 (nine), and each of the series 301, 302 is preferably generated as a random series,
1. 5 of 10 randomly-selected values in the example.
    In the preferred embodiment of the present invention, the combination of the first and second series 301, 302 forms an encryption and decryption key, stored in a database the terminal 104 with information data of user 101, comprising at least a user reference and an electronic resource user access reference, for instance a user name and a access password respectively,
1. 10 when said support 102 is created and issued to user 101.
    In an alternative embodiment of the present invention, the combination of the first and second series 301, 302 forming the encryption and decryption key and information data of user 101, comprising at least a user reference and an electronic resource user access reference, for instance a user name and a access password respectively, stored in a remotely-accessible
l. 15 database in the terminal 110 when said support 102 is created and issued to user 101.
    In another alternative embodiment of the present invention, shown as card 102C, support issuer 103 is a financial institution and that the card 102C is configured for use as a transaction card, e.g. a credit or debit card to effect payments and/or currency withdrawals, and so is further configured with a magnetic data-carrying strip 304. Further embodiments
1. 20 contemplate the inclusion of a chip (not shown) to configure card 102, 102B or 102C as a smartcard.
    Figure 4 details processing steps performed by the terminal 104 for requesting and obtaining access authorization to an electronic resource stored therein. In the preferred embodiment,
1. 25 terminal 104 stores instructions in storage means 210 which are loaded into RAM 209 and processed by CPU 208 when the user 101 inputs data via keyboard or pointing device 203, 204 to signify a request to access an electronic resource at step 401, for instance a database stored in storage means 210 or an application to process same and likewise stored in storage means 210 and which will be loaded into RAM 209 and processed by CPU 208 upon user 101
1. 30 being granted the requested access authorization. The instructions comprise a system module and a random number generator as well as processing user input and the previously-described database, which retains key data and information data relating to user 101.
    Upon receiving the user input of step 401, the system module is engaged and generates a third series of random numbers with respective values between 0 and 9, using the random number
]. 35 generator, at step 402. The third series preferably includes the same number of values as the
ΙΕ Ο 5 0 ί 4 γ first and second series 301, 302, e.g. 10. The instructions record the generated numbers and, with reference now to Figure 5, output a user interface 501 at step 403. The interface 501 presents the third series of numbers 502 and a plurality of user-selectable buttons, some of which are located in the interface to compliment the use of the support 102. Preferably, a
1. 5 button 503 is generated for each of the numbers of the third series 502, which is substantially vertically aligned therewith. Other buttons include a ‘submit’ button 504 and a ‘cancel’ button 505 and the interface further comprises a text input area 506 for user 101 to input a respective user reference as well as a cipher input area 507 for the instructions to input the enciphered user electronic resource user access reference according to the user interaction with the
1. 10 buttons 503.
    At step 404, the user 101 inputs respective user reference data via keyboard and/or pointing device 203, 204 into the text input area 506 and interacts with the buttons 503. With reference now to Figure 6, the user manipulates the support 102 relative to VDU 202 so that each number of the first series 301 is substantially vertically aligned with a corresponding number l. 15 of the third series 502 and the respective configuration of the support 102 and the interface
505 complement one another in such a way as to likewise substantially vertically align each number of the second series 302 with a corresponding button 503.
    At step 404 still, the user recalls the first number of a respective electronic resource user access reference and locates the corresponding number 601 in the first series 301. In the
1. 20 example, the first number is “5” and, vertically adjacent to the number 5 is the corresponding number 602 in the third series 502, which is “1”.
    Having identified the number “1”, the user 101 compares this number with the second series
302 to locate a number 603 having a corresponding “1” value therein and selects the button
503, 604 immediately above the number “1”. The button is preferably assigned a value other l 25 than 1 within the system module. The user repeats this above sequence until the entire electronic resource user access reference is input, e.g. all 10 numbers of the user’s respective electronic resource user access reference have been enciphered. On completion of the enciphering of the electronic resource user access reference, the user submits the screen to the system module for processing by the instructions with selecting the “submit” button 504.
1. 30 The instructions retrieve the username and ciphered password string presented by the user
101 via the software module and attempt to identify the validity of the username with processing the database, resulting in a first question asked at step 405, as to whether the username has been matched in said database. If the question of step 405 is answered negatively, the instructions output an error message at step 409 and call upon the module to
1. 35 output a new third series 502 and interface at step 402.
ΙΕ ν'5ΰ f 47
Alternatively, the question of step 405 is answered positively, i.e. the username is valid, and at step 406 the instructions select the value of the first element of the enciphered user access reference, assign this value to a memory variable - offset and examine the first series 301 at the index indicated by the offset variable, and retrieve the value contained therein from the
1. 5 database. The retrieved value is recorded in the memory variable offsetl. The instructions then examine the value contained in the second series 302 at index offsetl. This constitutes the first deciphered number of the user access reference string. This process continues until completion and the now-entirely deciphered user access reference string is compared against the corresponding user access reference stored in the database, whereby a second question
1. 10 asked at step 407, as to whether the user access reference has been matched in said database. If the question of step 407 is answered negatively, the instructions output an error message at step 409 and call upon the module to output a new third series 502 and interface at step 402. Alternatively, the question of step 407 is answered positively, i.e. the user access reference name is valid, and at step 408 the instructions route the user to the requested electronic
1. 15 resource, i.e. the requested access to the electronic resource is granted.
    An alternative embodiment of the present invention is illustrated in Figure 7, in which the support 102 comprises a see-through portion 303 and the interface 501 is configured by the module so that the third series 502 of values can be overlaid with the see-through portion 303
1. 20 when the user manipulates the support 102 relative to VDU 202, so that each number 601 of the first series 301 on support 102 is substantially vertically aligned with a corresponding number 602 of the third series 502, which number 602 on display 202 is directly observable relative to said corresponding number 601 through the transparent portion 303. Further alternative embodiments contemplate respective see-through portions 303 for each number of
1. 25 the third series 502.
    An alternative embodiment of the present invention is shown in Figure 8, in which the terminal 110 of support supplier 103 is a remote server and the key data 301, 302, user reference and electronic resource user access reference are stored in a database which is itself
1. 30 stored at said server 110. In the Figure, a portion of the processing steps previously described in Figure 4 are performed by server 110, which is particularly useful when user 101 wants to access a remote electronic resource, for instance over the Internet 107, such as the website of the bank at which said user holds an account and which account may be remotely interacted with via said website, or the website of a retail concern at which said user may remotely effect l. 35 purchases. The processing steps respectively performed by terminal 104 operated by user 101
SE ύ s 0147 are therefore represented as grouped within a logical block 701 and the processing steps respectively performed by server 110 upon user 101 inputting data at step 401 at terminal 104 to access a remote electronic resource are represented as grouped within a logical block 702.
    In this alternative embodiment, the instructions are not stored at terminal 104 but are stored at
1. 5 server 110 from which, alternatively, either the system module is downloaded by terminal 104 as any of a browser plug-in, an Active-X plug-in, a Java script, a HTML script or the like further to user 101 performing step 401, or only the user interface 501 is downloaded by terminal 104. The distributed system is described in Figure 8 with data exchanged between remote terminals 104 and 108 over the Internet 107, but it will be readily apparent to those
1. 10 skilled in the art that the distributed system may equally be described in, and the invention extending to, the context of any network, including the example LAN 106.
    The present invention therefore improves the security of access authentication required for a user to access an electronic resource, whether locally or via a network, by decreasing the risk
1. 15 of compromising authentication data.with filtering a user access reference, such as a password. The password is altered into another numeric state and this altered numeric state is further interpreted, the interpreted result being entered into the user interface. A user attempting to gain unauthorised access to a local or remote electronic resource, such as personal information of a different user, would need to be in possession of all three factors,
1. 20 the password, the support 102 and the interactive user interface 501 to gain successful access.
    The present invention provides a Multiple Factor Authentication solution, which confers a high level of confidence to password- or PIN-based security. According to the present invention, a user’s password is never directly transacted against, or disclosed over networks
such as the Internet. The invention solves the problem of users being offered fake screens by users practicing Phishing attacks. If an unauthorized user mimics the genuine interface 501, this interface will offer no hint as to the password or construction of the support 102. If the user is deceived into putting genuine data into an interface 501 developed by an unauthorized user, then that data alone will not suffice to gain genuine access to the targeted electronic
1. 30 resource.
    The present invention thus manages the security of the access authorization process without regard or concern for the environment to which it is connected, namely a computer, or through which it is communicated, namely a network.
1. 35
IE 0 5 0 14 7
The words “comprises/comprising” and the words “having/including” when used herein with reference to the present invention are used to specify the presence of stated features, integers, steps or components but does not preclude the presence or addition of one or more other features, integers, steps, components or groups thereof.
  Claims (1)
1. 20 terminal and communicated to the terminal of the user over the network.
    Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title | 
|---|---|---|---|
| IES20050147 IES20050147A2 (en) | 2005-03-21 | 2005-03-21 | Securing access authorisation | 
| PCT/IE2006/000015 WO2006100655A2 (en) | 2005-03-21 | 2006-03-21 | Securing access authorisation | 
| EP06711128A EP1861804A2 (en) | 2005-03-21 | 2006-03-21 | Securing access authorisation | 
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title | 
|---|---|---|---|
| IES20050147 IES20050147A2 (en) | 2005-03-21 | 2005-03-21 | Securing access authorisation | 
Publications (1)
| Publication Number | Publication Date | 
|---|---|
| IES20050147A2 true IES20050147A2 (en) | 2007-05-02 | 
Family
ID=36645762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date | 
|---|---|---|---|
| IES20050147 IES20050147A2 (en) | 2005-03-21 | 2005-03-21 | Securing access authorisation | 
Country Status (3)
| Country | Link | 
|---|---|
| EP (1) | EP1861804A2 (en) | 
| IE (1) | IES20050147A2 (en) | 
| WO (1) | WO2006100655A2 (en) | 
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| US8738908B2 (en) * | 2011-05-10 | 2014-05-27 | Softlayer Technologies, Inc. | System and method for web-based security authentication | 
| FR3008837B1 (en) * | 2013-07-19 | 2015-08-07 | In Webo Technologies | STRONG AUTHENTICATION METHOD | 
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| FR2654238B1 (en) * | 1989-11-07 | 1992-01-17 | Lefevre Jean Pierre | METHOD FOR AUTHENTICATING THE IDENTITY OF A PHYSICAL PERSON AND AUTHENTICATING DEVICE FOR IMPLEMENTING THE METHOD. | 
| JPH10307799A (en) * | 1997-02-28 | 1998-11-17 | Media Konekuto:Kk | Personal identification method and device in computer communication network | 
| JP2004507010A (en) * | 2000-08-22 | 2004-03-04 | シーエムエックス テクノロジーズ ピーティーワイ リミテッド | Transaction validation | 
- 
        2005
        - 2005-03-21 IE IES20050147 patent/IES20050147A2/en not_active IP Right Cessation
 
- 
        2006
        - 2006-03-21 WO PCT/IE2006/000015 patent/WO2006100655A2/en not_active Application Discontinuation
- 2006-03-21 EP EP06711128A patent/EP1861804A2/en not_active Withdrawn
 
Also Published As
| Publication number | Publication date | 
|---|---|
| EP1861804A2 (en) | 2007-12-05 | 
| WO2006100655A2 (en) | 2006-09-28 | 
| WO2006100655A3 (en) | 2007-03-01 | 
Similar Documents
| Publication | Publication Date | Title | 
|---|---|---|
| RU2518680C2 (en) | Verification of portable consumer devices | |
| US9582801B2 (en) | Secure communication of payment information to merchants using a verification token | |
| CA2701055C (en) | Method of providing assured transactions using secure transaction appliance and watermark verification | |
| US20060123465A1 (en) | Method and system of authentication on an open network | |
| US8321353B2 (en) | Method of providing transactions employing advertising based verification | |
| US20060136332A1 (en) | System and method for electronic check verification over a network | |
| US20040215963A1 (en) | Method and apparatus for transffering or receiving data via the internet securely | |
| AU2010292125B2 (en) | Secure communication of payment information to merchants using a verification token | |
| US20110202762A1 (en) | Method and apparatus for carrying out secure electronic communication | |
| AU2010315111A1 (en) | Verification of portable consumer devices for 3-D secure services | |
| US20120095919A1 (en) | Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input | |
| AU2006200653A1 (en) | A digital wallet | |
| US20100058068A1 (en) | Secure PIN Character Retrieval and Setting | |
| EP1861804A2 (en) | Securing access authorisation | |
| IES85150Y1 (en) | Securing access authorisation | |
| JP2002304589A (en) | Payment system | |
| Ranum | Eletronic Commerce and Security | |
| AU2018214039A1 (en) | Verification of portable consumer devices | |
| THATCHER | Protecting E-Commerce Systems | |
| Kurylowicz | The Origin and Outlook for the Development of Electronic Banking in Poland at the Beginning of the 21st Century | 
Legal Events
| Date | Code | Title | Description | 
|---|---|---|---|
| MM4A | Patent lapsed |