WO1996018139A1 - Security code input - Google Patents

Security code input Download PDF

Info

Publication number
WO1996018139A1
WO1996018139A1 PCT/IB1995/001035 IB9501035W WO9618139A1 WO 1996018139 A1 WO1996018139 A1 WO 1996018139A1 IB 9501035 W IB9501035 W IB 9501035W WO 9618139 A1 WO9618139 A1 WO 9618139A1
Authority
WO
WIPO (PCT)
Prior art keywords
pattern
target
target points
indicator
sequence
Prior art date
Application number
PCT/IB1995/001035
Other languages
French (fr)
Inventor
Philip Raymond Lloyd
David Paul Walker
Original Assignee
Philips Electronics N.V.
Philips Norden Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Philips Electronics N.V., Philips Norden Ab filed Critical Philips Electronics N.V.
Publication of WO1996018139A1 publication Critical patent/WO1996018139A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password

Definitions

  • the present invention relates to methods for security coding and in particular to a method for restricting access to a computer-based system having a processor, a display, and user input means arranged to move an indicator about the display under user control, the method requiring correct entry by the user of a predetermined security code as a prerequisite to access.
  • the invention also relates to an apparatus having such restricted access.
  • PIN personal identification number
  • account code or a credit card number for a home shopping service
  • password or other conditional access code for on-line information.
  • PINs keyed into cash machines via keypads
  • user passwords typed into computer systems via keyboards. These methods require a set of physical numeric or alphanumeric keys which can be operated in a secure manner, without revealing the PIN or password to other people in the vicinity.
  • the user input may comprise a simple XY pointing device with a small number of buttons (maybe only two) .
  • An example of this would be a CD-i (Compact Disc - Interactive) player connected to a public data network with a remote control being used to purchase films offered by a Video on Demand service through the network.
  • a method for restricting access as set forth in the opening paragraph, characterised in that; - the user is presented, via the display, with a first pattern comprising a start point and a plurality of target points arranged related thereto, and the security code comprises a predetermined sequence of the target points; the user is required to move the indicator through the predetermined sequence of target points whilst display of the indicator is inhibited; and on determining that the indicator has been moved through a sequence of target points, an indication is provided to the user if that sequence does not correspond to the predetermined sequence.
  • the first pattern (which may simply comprise a grid arrangement of alphanumeric and/or graphical symbols arranged around the start point) further comprises an end point, with the determination that the indicator has been moved through a sequence of target points occurring when the indicator is moved by the user to the end point.
  • correct entry of the security code may further require selection of a predetermined one or ones of the target points in the predetermined sequence.
  • selection of (or placing the indicator on) that target point may be specified to cause the first pattern to be changed to a second pattern of target points: this may be extended to bring a change to a third pattern from the second, a fourth from the third and so on with, in the extreme, the pattern being changed for each indicated or selected target point of the sequence, and with only one correct target point in each pattern.
  • the changed pattern may comprise the respective target points of the preceding pattern rearranged on the display, or it may include one or more target points not included in the preceding pattern.
  • each pattern preferably includes a start point and, on changing from the preceding pattern, the indicator is preferably positioned at the start point of the new pattern.
  • the target points of the first pattern may be repositioned for each successive attempt to enter the correct sequence.
  • an escape point is preferably provided, the selection (or indication) of which restarts the users sequence input.
  • the selection (or indication) of which restarts the users sequence input may be provided by returning the indicator to the start point after commencing the sequence.
  • a computer-based apparatus having access restricted by the method of the present invention, the apparatus including a target point store holding data specifying the respective locations of the target points on the display; a security code store holding at least one security code; first comparator means arranged to receive an identification of current indicator position, compare this with the target point location data from the target store, and output an identification of a currently indicated target point; and second comparator means arranged to receive a sequence of the identifications from the first comparator means, compare that sequence with the code in the security code store, and output one or more signals indicating whether or not there is a match.
  • the target point store holds a plurality of target point arrangements and the apparatus may further include a pseudo-random selector arranged to select which target point arrangement is displayed.
  • FIG. 1 is a block schematic diagram of a networked CD-i system embodying the invention
  • FIG. 2 is a block schematic diagram of a games system console embodying the invention
  • Figure 3 schematically represents a code storage and comparison stage embodying the invention
  • Figure 4 shows a first arrangement of screen targets
  • Figure 5 shows a modified version of the arrangement of Figure 4.
  • Figure 6 shows a sequence of target arrangements according to an alternative embodiment of the present invention.
  • a first arrangement of apparatus in which the security scheme of the invention may be employed is shown in Figure 1 .
  • a CD-i player 10 connected to display on a television screen 12, is coupled (via link 14) to a consumer data network under control of network server 1 6.
  • the network server 1 6 is configured to provide services to users such as Video on Demand, in which the user may select from a menu of available feature films which are then downloaded to the CD-i 1 0 over the data link 14. Selection from an on-screen menu of available films is made using a remote controller 1 8 of the CD-i which enables the user to control the movement (by up/down/left/right controls 20) of a cursor or select bar 22.
  • a select button 24 is used to indicate that the choice currently marked by the cursor is the desired option.
  • the network server 1 6 requests the user to enter a security code via a displayed grid of targets 26 to confirm that the user is a registered subscriber to the service.
  • FIG. 2 An alternative system employing the target-based security code scheme is shown in Figure 2 comprising a computer games console 30 with a display screen 32.
  • the games console may suitably be of the type which accepts different games loaded as cartridges 34. Movement of a cursor 38 may be achieved by use of a joystick 36 or trackerball (not shown) and selection of a target from the displayed grid 26A is achieved by pressing the joystick "fire" button 40.
  • the coding scheme may be used to restrict access by minors to certain games, such as games having a highly violent content.
  • the XY pointing device will be used to move around a sequence of these targets already known to the user and corresponding to the access code. While this is happening, there is no visible counterpart (such as the cursor) on the display - the display is simply an aide-memoire for the user.
  • the cursor may remain visible until such time as the user has moved it from outside the pattern of targets to the start point but preferably the cursor would be automatically relocated to the start point and blanked simultaneously with the appearance of the target pattern.
  • the user may need to press a button on the controller (for example the "fire” button 40, Fig.2), or the display may change spontaneously as the XY control is moved, as will be described below.
  • a button on the controller for example the "fire” button 40, Fig.2
  • the display may change spontaneously as the XY control is moved, as will be described below.
  • an accept or reject response will be generated by the service. This may comprise a visual or audio indication or (for successful entry) this may simply be indicated by the granting of access.
  • a storage and comparison stage for the code input technique is shown in Figure 3. This may comprise a dedicated hardware arrangement or the respective functions may be assigned to existing storage and processor devices of, for example, the CD-i player 10 or games console 30 of Figures 1 and 2 respectively.
  • a target point store 42 holds display data and screen positions for a number of target point arrangements, with the particular arrangement displayed being selected by a pseudo-random selector 44.
  • a first comparator 46 receives the x,y screen position of the cursor and compares this with the target point positioning data for the selected arrangement from the store 42 to determine which target point is current being indicated (which target the non-displayed cursor currently lies on) . Where the operation requires selection (as in 3. above) the comparator may only carry out the current target point determination on receiving a "select" command from the user input device.
  • the sequence of target points identified by the first comparator 46 is passed to a second comparator 48 which compares the sequence with a security code or one of a number of security codes in the form of target point sequences and held in a further store 50. When compared, the comparator outputs a match/no-match signal to indicate whether the user-entered code is accepted or rejected.
  • a helpful technique for the user is to provide pictorial symbols which the user could relate to a remembered - and fictitious - story. This could improve the probability of accurate recall by exploiting the power of visual memory, a technique used by memory "experts" is to convert names, numbers etc into pictures and sequences of pictures forming a storyline.
  • the display consists of a 2-dimensional array of numeric keys, with a "START” key and “END” key, as shown in Figure 4.
  • the user "jogs” the XY control to move off the "START” key onto the first number of the code; this could take several movements, for example getting to the "9" target from the "START” .
  • the design would allow movement in the four main directions UP, RIGHT, DOWN and LEFT, or might also allow diagonal movements as well to give eight in all.
  • the grid size and spacing is determined as integer numbers of "clicks" (depressions of the movement control) to give the user an accurate idea of where the cursor lies: where movement control is by continuous movement means such as a mouse, the size of the targets should be greater to give a greater probability of the cursor being in the space where the user intends it to be.
  • a button on the controller is pressed to select that digit as a part of the code. Completion is indicated by clicking on the "END” key or, if no specific "END” key is provided, on the last target of the sequence. If the user was conscious of making an error, clicking on the "START" key could clear the code and re-start.
  • the system may be set up to rearrange some or all of the targets for each attempt to enter the code, as shown by Figure 5.
  • a third party would then only be able to learn a users security code by observing both the movement instructions input by the user and the arrangement and identity of targets at that time.
  • the idea of changing target arrangements is extended to an interaction using a sequence of choice patterns A, B and C, one for each symbol in the code as shown in Figure 6 for a three-target code.
  • the user moves from the origin (start point) of the first arrangement A presented, to one of the eight surrounding pictures (targets).
  • the choice pattern is replaced by another B, and the user is re-positioned at the origin.
  • the existing targets may simply be rearranged (as with Figures 4 and 5), they may be partially replaced (transition from A to B), or they may be completely replaced (transition from B to C).
  • PCMB95/01035 PCMB95/01035
  • any suitable layout of targets could be used, and the number of targets could be varied, as shown in Figures 1 and 2. It may even be desirable to repeat some of the targets within the layout, but if the selection of a particular one from a number of repeated targets is important, care must be taken when specifying rearrangement of the pattern (for example with two targets the same, it might be specified that the required one will always appear somewhere in the top row of a grid and the other somewhere in the bottom row). If the controller has two or more buttons which may be used to select, then the use of one or another button may be specified as a conditional feature when entering the code. Audio feedback could be provided so that the user knows they have made a valid movement; the important thing is that no visual effect should occur which could reveal the code the user is entering.

Abstract

A security code entry method is provided for restricting access to a computer-based system having a processor (30), a display (32), and user input means (34, 36) arranged to move an indicator (38) about the display under user control. When access is required the user is presented, via the display, with a display pattern (26A) comprising a start point (S) and a number of target points, with the security code comprising a predetermined sequence of the target points. To enter the code, the user is required to move the apparent position of the indicator (display of which is inhibited) through the predetermined sequence of target points. The layout of the target points (26A) may be changed after each attempt to enter the code, and the code itself may be carried in a sequence of arrangements of target points.

Description

DESCRIPTION
SECURITY CODE INPUT
The present invention relates to methods for security coding and in particular to a method for restricting access to a computer-based system having a processor, a display, and user input means arranged to move an indicator about the display under user control, the method requiring correct entry by the user of a predetermined security code as a prerequisite to access. The invention also relates to an apparatus having such restricted access.
As networked computer services of various kinds become increasingly common, there will be many more situations where a user is required to provide some form of security identification to the service in use. Examples include a personal identification number (PIN) for a banking transaction, an account code or a credit card number for a home shopping service, and a password or other conditional access code for on-line information. At present, the most commonly-met user identifications are PINs keyed into cash machines via keypads, and user passwords typed into computer systems via keyboards. These methods require a set of physical numeric or alphanumeric keys which can be operated in a secure manner, without revealing the PIN or password to other people in the vicinity.
A similar level of security needs to be provided for services where all user interaction takes place by moving a cursor or other indicator around a menu screen and selecting menu entries as indicated. At the simplest level, the user input may comprise a simple XY pointing device with a small number of buttons (maybe only two) . An example of this would be a CD-i (Compact Disc - Interactive) player connected to a public data network with a remote control being used to purchase films offered by a Video on Demand service through the network.
It is an object of the present invention to provide the user with a convenient yet secure way of communicating a secret access code to a computer system just using a pointing device and a visual display.
In accordance with the present invention, there is provided a method for restricting access as set forth in the opening paragraph, characterised in that; - the user is presented, via the display, with a first pattern comprising a start point and a plurality of target points arranged related thereto, and the security code comprises a predetermined sequence of the target points; the user is required to move the indicator through the predetermined sequence of target points whilst display of the indicator is inhibited; and on determining that the indicator has been moved through a sequence of target points, an indication is provided to the user if that sequence does not correspond to the predetermined sequence. Preferably, the first pattern (which may simply comprise a grid arrangement of alphanumeric and/or graphical symbols arranged around the start point) further comprises an end point, with the determination that the indicator has been moved through a sequence of target points occurring when the indicator is moved by the user to the end point. Where the user input means is operable to select items on the display when indicated by the indicator, correct entry of the security code may further require selection of a predetermined one or ones of the target points in the predetermined sequence.
To increase security, for one or more target points of the first pattern, selection of (or placing the indicator on) that target point may be specified to cause the first pattern to be changed to a second pattern of target points: this may be extended to bring a change to a third pattern from the second, a fourth from the third and so on with, in the extreme, the pattern being changed for each indicated or selected target point of the sequence, and with only one correct target point in each pattern. The changed pattern may comprise the respective target points of the preceding pattern rearranged on the display, or it may include one or more target points not included in the preceding pattern. With such a system of changing patterns, each pattern preferably includes a start point and, on changing from the preceding pattern, the indicator is preferably positioned at the start point of the new pattern. As a further security precaution, the target points of the first pattern may be repositioned for each successive attempt to enter the correct sequence.
In order to enable a user to cancel an attempt (for example if the user becomes aware that he/she has made a mistake in following the sequence) an escape point is preferably provided, the selection (or indication) of which restarts the users sequence input. Where only a single pattern of target points is provided, such escape may be provided by returning the indicator to the start point after commencing the sequence.
Also in accordance with the present invention there is provided a computer-based apparatus having access restricted by the method of the present invention, the apparatus including a target point store holding data specifying the respective locations of the target points on the display; a security code store holding at least one security code; first comparator means arranged to receive an identification of current indicator position, compare this with the target point location data from the target store, and output an identification of a currently indicated target point; and second comparator means arranged to receive a sequence of the identifications from the first comparator means, compare that sequence with the code in the security code store, and output one or more signals indicating whether or not there is a match.
Suitably, the target point store holds a plurality of target point arrangements and the apparatus may further include a pseudo-random selector arranged to select which target point arrangement is displayed.
Further features and advantages of the present invention will become apparent from reading of the following description of preferred embodiments of the present invention, given by way of example only, and with reference to the accompanying drawings in which:
Figure 1 is a block schematic diagram of a networked CD-i system embodying the invention;
Figure 2 is a block schematic diagram of a games system console embodying the invention;
Figure 3 schematically represents a code storage and comparison stage embodying the invention; Figure 4 shows a first arrangement of screen targets;
Figure 5 shows a modified version of the arrangement of Figure 4; and
Figure 6 shows a sequence of target arrangements according to an alternative embodiment of the present invention.
A first arrangement of apparatus in which the security scheme of the invention may be employed is shown in Figure 1 . A CD-i player 10, connected to display on a television screen 12, is coupled (via link 14) to a consumer data network under control of network server 1 6. The network server 1 6 is configured to provide services to users such as Video on Demand, in which the user may select from a menu of available feature films which are then downloaded to the CD-i 1 0 over the data link 14. Selection from an on-screen menu of available films is made using a remote controller 1 8 of the CD-i which enables the user to control the movement (by up/down/left/right controls 20) of a cursor or select bar 22. A select button 24 is used to indicate that the choice currently marked by the cursor is the desired option. On receiving the selection, the network server 1 6 then requests the user to enter a security code via a displayed grid of targets 26 to confirm that the user is a registered subscriber to the service.
An alternative system employing the target-based security code scheme is shown in Figure 2 comprising a computer games console 30 with a display screen 32. The games console may suitably be of the type which accepts different games loaded as cartridges 34. Movement of a cursor 38 may be achieved by use of a joystick 36 or trackerball (not shown) and selection of a target from the displayed grid 26A is achieved by pressing the joystick "fire" button 40. In a 'stand-alone' application as shown, the coding scheme may be used to restrict access by minors to certain games, such as games having a highly violent content.
The general form of interaction to enter security codes is as follows: 1 . At the moment the service or device requires the user to input a code, a display will appear containing a pattern of visible targets and a start point.
2. The XY pointing device will be used to move around a sequence of these targets already known to the user and corresponding to the access code. While this is happening, there is no visible counterpart (such as the cursor) on the display - the display is simply an aide-memoire for the user. The cursor may remain visible until such time as the user has moved it from outside the pattern of targets to the start point but preferably the cursor would be automatically relocated to the start point and blanked simultaneously with the appearance of the target pattern.
3. During movement of the "invisible" cursor, the user may need to press a button on the controller (for example the "fire" button 40, Fig.2), or the display may change spontaneously as the XY control is moved, as will be described below.
4. Once the code has been communicated, an accept or reject response will be generated by the service. This may comprise a visual or audio indication or (for successful entry) this may simply be indicated by the granting of access.
A storage and comparison stage for the code input technique is shown in Figure 3. This may comprise a dedicated hardware arrangement or the respective functions may be assigned to existing storage and processor devices of, for example, the CD-i player 10 or games console 30 of Figures 1 and 2 respectively.
A target point store 42 holds display data and screen positions for a number of target point arrangements, with the particular arrangement displayed being selected by a pseudo-random selector 44. A first comparator 46 receives the x,y screen position of the cursor and compares this with the target point positioning data for the selected arrangement from the store 42 to determine which target point is current being indicated (which target the non-displayed cursor currently lies on) . Where the operation requires selection (as in 3. above) the comparator may only carry out the current target point determination on receiving a "select" command from the user input device.
The sequence of target points identified by the first comparator 46 is passed to a second comparator 48 which compares the sequence with a security code or one of a number of security codes in the form of target point sequences and held in a further store 50. When compared, the comparator outputs a match/no-match signal to indicate whether the user-entered code is accepted or rejected.
The targets themselves can contain any sort of graphic relevant to the interaction. For numerical PINs, they would simply be the digits 0 to 9; for passwords, a larger range of alphanumeric and/or graphical symbols could be provided. A helpful technique for the user is to provide pictorial symbols which the user could relate to a remembered - and fictitious - story. This could improve the probability of accurate recall by exploiting the power of visual memory, a technique used by memory "experts" is to convert names, numbers etc into pictures and sequences of pictures forming a storyline.
For a numerical PIN, the display consists of a 2-dimensional array of numeric keys, with a "START" key and "END" key, as shown in Figure 4. The user "jogs" the XY control to move off the "START" key onto the first number of the code; this could take several movements, for example getting to the "9" target from the "START" . In a basic implementation, the design would allow movement in the four main directions UP, RIGHT, DOWN and LEFT, or might also allow diagonal movements as well to give eight in all. The grid size and spacing is determined as integer numbers of "clicks" (depressions of the movement control) to give the user an accurate idea of where the cursor lies: where movement control is by continuous movement means such as a mouse, the size of the targets should be greater to give a greater probability of the cursor being in the space where the user intends it to be. Whenever a key is reached which corresponds to the next digit in the code, a button on the controller is pressed to select that digit as a part of the code. Completion is indicated by clicking on the "END" key or, if no specific "END" key is provided, on the last target of the sequence. If the user was conscious of making an error, clicking on the "START" key could clear the code and re-start. The layout shown in Figure 4 would provide 10n codes, where n is the number of digits in the code, and codes could be of arbitrary length. Where there is no select function, and the code is entered by simply moving through targets in a predetermined order, the number of possible codes is of course reduced by the adjacency requirement for the numbers in the sequence.
To further improve the security, the system may be set up to rearrange some or all of the targets for each attempt to enter the code, as shown by Figure 5. A third party would then only be able to learn a users security code by observing both the movement instructions input by the user and the arrangement and identity of targets at that time.
In a modified embodiment, the idea of changing target arrangements is extended to an interaction using a sequence of choice patterns A, B and C, one for each symbol in the code as shown in Figure 6 for a three-target code. The user moves from the origin (start point) of the first arrangement A presented, to one of the eight surrounding pictures (targets). As soon as this is done, or following selection if required, the choice pattern is replaced by another B, and the user is re-positioned at the origin. In the replacement pattern, the existing targets may simply be rearranged (as with Figures 4 and 5), they may be partially replaced (transition from A to B), or they may be completely replaced (transition from B to C). PCMB95/01035
When relocated to the origin of the second pattern B, the user chooses a second picture by again moving off the origin. This sequence of moving from the origin and replacement of the pattern continues until the code is complete. The sequence of Figure 6 is only three pictures long; more would probably be needed in practice to give a greater number of possible codes. For the target layout shown, a sequence of n choice patterns would provide 8n possible (fixed-length) codes.
As will be appreciated, variations on the above examples are possible. Any suitable layout of targets could be used, and the number of targets could be varied, as shown in Figures 1 and 2. It may even be desirable to repeat some of the targets within the layout, but if the selection of a particular one from a number of repeated targets is important, care must be taken when specifying rearrangement of the pattern (for example with two targets the same, it might be specified that the required one will always appear somewhere in the top row of a grid and the other somewhere in the bottom row). If the controller has two or more buttons which may be used to select, then the use of one or another button may be specified as a conditional feature when entering the code. Audio feedback could be provided so that the user knows they have made a valid movement; the important thing is that no visual effect should occur which could reveal the code the user is entering.
From reading of the present disclosure, other modifications will be apparent to persons skilled in the art. Such modifications may involve other features which already known in the field of security coding techniques and apparatus, and component parts thereof and which may be used instead of or in addition to features already described herein. Although claims have been formulated in this application to particular combinations of features, it should be understood that the scope of the disclosure of the present application also includes any novel feature or any novel combination of features disclosed herein either explicitly or implicitly, whether or not it relates to the same invention as presently claimed in any claim and whether or not it mitigates any or all of the same technical problems as does the present invention. The applicants hereby give notice that new claims may be formulated to such features and/or combinations of such features during the prosecution of the present application or of any further application derived therefrom.

Claims

1 . A method for restricting access to a computer-based system having a processor, a display, and user input means arranged to move an indicator about the display under user control, the method requiring correct entry by the user of a predetermined security code as a prerequisite to access, characterised in that; the user is presented, via the display, with a first pattern comprising a start point and a plurality of target points arranged related thereto, and the security code comprises a predetermined sequence of the target points; the user is required to move the indicator through the predetermined sequence of target points whilst display of the indicator is inhibited; and - on determining that the indicator has been moved through a sequence of target points, an indication is provided to the user if that sequence does not correspond to the predetermined sequence.
2. A method as claimed in Claim 1 , wherein the first pattern further comprises an end point, and the determination that the indicator has been moved through a sequence of target points occurs when the indicator is moved to the end point.
3. A method as claimed in Claim 1 , wherein the user input means is operable to select items on the display when indicated by the indicator, and correct entry of the security code further requires selection of a predetermined one or ones of the target points in the predetermined sequence.
4. A method as claimed in Claim 3, wherein for one or more target points of the first pattern, selection of that target point causes the first pattern to be changed to a second pattern of target points.
5. A method as claimed in Claim 4, wherein the second pattern comprises the respective target points of the first pattern rearranged on the display.
6. A method as claimed in Claim 4, wherein the second pattern includes one or more target points not included in the first pattern.
7. A method as claimed in Claim 4, wherein the second pattern includes a start point and, on changing from the first pattern to the second pattern, the indicator is positioned at the start point of the second pattern.
8. A method as claimed in Claim 1 , wherein returning the indicator to the start point following movement to a target point restarts the users sequence input.
9. A method as claimed in Claim 1 , wherein for successive attempts to enter the predetermined sequence, the relative positions of the target points of the first pattern are altered.
1 0. A method as claimed in Claim 1 , wherein the target points comprise alphanumeric characters or graphical symbols or a combination of the two.
1 1 . A computer-based apparatus having access restricted by the method of Claim 1 , the apparatus including a target point store holding data specifying the respective locations of the target points on the display; a security code store holding at least one security code; first comparator means arranged to receive an identification of current indicator position, compare this with the target point location data from the target store, and output an identification of a currently indicated target point; and second comparator means arranged to receive a sequence of the identifications from the first comparator means, compare that sequence with the code in the security code store, and output one or more signals indicating whether or not there is a match.
1 2. An apparatus as claimed in Claim 1 1 , wherein the target point store holds a plurality of target point arrangements, the apparatus further comprising pseudo-random selector means operable to select which of the plurality of target point arrangements is to be displayed.
PCT/IB1995/001035 1994-12-08 1995-11-21 Security code input WO1996018139A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB9424791.3A GB9424791D0 (en) 1994-12-08 1994-12-08 Security code input
GB9424791.3 1994-12-08

Publications (1)

Publication Number Publication Date
WO1996018139A1 true WO1996018139A1 (en) 1996-06-13

Family

ID=10765618

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB1995/001035 WO1996018139A1 (en) 1994-12-08 1995-11-21 Security code input

Country Status (2)

Country Link
GB (1) GB9424791D0 (en)
WO (1) WO1996018139A1 (en)

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2313460A (en) * 1996-05-21 1997-11-26 Bosch Gmbh Robert Graphical password entry
EP0901060A2 (en) * 1997-09-05 1999-03-10 Fujitsu Limited Secure data control apparatus and method
WO2001077792A2 (en) * 2000-04-07 2001-10-18 Rsa Security Inc. System and method for authenticating a user
FR2808340A1 (en) * 2000-04-26 2001-11-02 Scm Schneider Microsysteme Confidential network/computer secure access addition having monitor with memory forming grid display and control button selecting secure digital words/peripheral units sending.
WO2002027442A2 (en) * 2000-09-29 2002-04-04 Reinhold Rohrbach Method and device for determining an access code
WO2002054199A1 (en) * 2001-01-05 2002-07-11 Schlumberger Systemes Method for accessing a secured system
WO2002071177A2 (en) * 2001-03-03 2002-09-12 Moneyhive.Com Pte Ltd Method and system for substantially secure electronic transactions
EP1574931A2 (en) * 2004-03-11 2005-09-14 Wincor Nixdorf International GmbH Self-service device with a data imput device and method for inquiring the PIN
AT413775B (en) * 2004-03-31 2006-05-15 Helmut Dipl Ing Schluderbacher PROCESS FOR SAFE REGISTRATION TO A TECHNICAL SYSTEM
WO2006010058A3 (en) * 2004-07-07 2006-07-13 Bharosa Inc Online data encryption and decryption
AT413894B (en) * 2004-04-15 2006-07-15 Helmut Dipl Ing Schluderbacher NOT PERSONALIZED ACCESS CODE
WO2007000845A1 (en) * 2005-06-27 2007-01-04 Kabushiki Kaisha Toshiba Server device, method and program
US7219368B2 (en) 1999-02-11 2007-05-15 Rsa Security Inc. Robust visual passwords
WO2007098569A1 (en) * 2006-03-01 2007-09-07 Norman Frank Goertzen Method and system for securing interface access via visual array paths in combination with hidden operators
WO2008105602A1 (en) * 2007-02-28 2008-09-04 Mininfo Co., Ltd. User authentication method and system using graphic otp
US7543154B2 (en) 2000-09-29 2009-06-02 Patev Gmbh & Co., Kg Method and device for determining an access code
US7596701B2 (en) 2004-07-07 2009-09-29 Oracle International Corporation Online data encryption and decryption
US7689831B2 (en) 2004-08-30 2010-03-30 Passrules Canadian Security Inc. Method and system for securing interface access via visual array paths in combination with hidden operators
US7908645B2 (en) 2005-04-29 2011-03-15 Oracle International Corporation System and method for fraud monitoring, detection, and tiered user authentication
US8739278B2 (en) 2006-04-28 2014-05-27 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting
WO2015003672A1 (en) * 2013-07-12 2015-01-15 Anect A.S. Method of secret information entering into electronic digital devices
US9106422B2 (en) 2006-12-11 2015-08-11 Oracle International Corporation System and method for personalized security signature
EP1956813B1 (en) 2000-06-30 2016-04-13 III Holdings 3, LLC Locking the keyboard by a joy stick

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993011511A2 (en) * 1991-11-30 1993-06-10 John Hugh Evans Davies Personal identification devices and access control systems
EP0677801A1 (en) * 1994-04-04 1995-10-18 AT&T Corp. Graphical password

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993011511A2 (en) * 1991-11-30 1993-06-10 John Hugh Evans Davies Personal identification devices and access control systems
EP0677801A1 (en) * 1994-04-04 1995-10-18 AT&T Corp. Graphical password

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IBM TECHNICAL DISCLOSURE BULLETIN, Volume 32, No. 10B, March 1990, "Menu Icon With Hidden Geometrical Password", pages 463-464. *

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2313460B (en) * 1996-05-21 1998-07-08 Bosch Gmbh Robert Graphical password entry
GB2313460A (en) * 1996-05-21 1997-11-26 Bosch Gmbh Robert Graphical password entry
EP0901060A3 (en) * 1997-09-05 2002-08-21 Fujitsu Limited Secure data control apparatus and method
EP0901060A2 (en) * 1997-09-05 1999-03-10 Fujitsu Limited Secure data control apparatus and method
US7219368B2 (en) 1999-02-11 2007-05-15 Rsa Security Inc. Robust visual passwords
WO2001077792A2 (en) * 2000-04-07 2001-10-18 Rsa Security Inc. System and method for authenticating a user
WO2001077792A3 (en) * 2000-04-07 2003-01-30 Rsa Security Inc System and method for authenticating a user
FR2808340A1 (en) * 2000-04-26 2001-11-02 Scm Schneider Microsysteme Confidential network/computer secure access addition having monitor with memory forming grid display and control button selecting secure digital words/peripheral units sending.
EP1956813B1 (en) 2000-06-30 2016-04-13 III Holdings 3, LLC Locking the keyboard by a joy stick
WO2002027442A3 (en) * 2000-09-29 2002-09-19 Reinhold Rohrbach Method and device for determining an access code
WO2002027442A2 (en) * 2000-09-29 2002-04-04 Reinhold Rohrbach Method and device for determining an access code
US7543154B2 (en) 2000-09-29 2009-06-02 Patev Gmbh & Co., Kg Method and device for determining an access code
FR2819323A1 (en) * 2001-01-05 2002-07-12 Schlumberger Systems & Service METHOD FOR ACCESSING A SECURE SYSTEM
WO2002054199A1 (en) * 2001-01-05 2002-07-11 Schlumberger Systemes Method for accessing a secured system
WO2002071177A2 (en) * 2001-03-03 2002-09-12 Moneyhive.Com Pte Ltd Method and system for substantially secure electronic transactions
WO2002071177A3 (en) * 2001-03-03 2005-03-10 Moneyhive Com Pte Ltd Method and system for substantially secure electronic transactions
EP1574931A2 (en) * 2004-03-11 2005-09-14 Wincor Nixdorf International GmbH Self-service device with a data imput device and method for inquiring the PIN
EP1574931A3 (en) * 2004-03-11 2008-09-24 Wincor Nixdorf International GmbH Self-service device with a data imput device and method for inquiring the PIN
AT413775B (en) * 2004-03-31 2006-05-15 Helmut Dipl Ing Schluderbacher PROCESS FOR SAFE REGISTRATION TO A TECHNICAL SYSTEM
AT413894B (en) * 2004-04-15 2006-07-15 Helmut Dipl Ing Schluderbacher NOT PERSONALIZED ACCESS CODE
US7822990B2 (en) 2004-07-07 2010-10-26 Oracle International Corporation Online data encryption and decryption
US8484455B2 (en) 2004-07-07 2013-07-09 Oracle International Corporation Online data encryption and decryption
WO2006010058A3 (en) * 2004-07-07 2006-07-13 Bharosa Inc Online data encryption and decryption
US7596701B2 (en) 2004-07-07 2009-09-29 Oracle International Corporation Online data encryption and decryption
US7616764B2 (en) 2004-07-07 2009-11-10 Oracle International Corporation Online data encryption and decryption
US7689831B2 (en) 2004-08-30 2010-03-30 Passrules Canadian Security Inc. Method and system for securing interface access via visual array paths in combination with hidden operators
US7908645B2 (en) 2005-04-29 2011-03-15 Oracle International Corporation System and method for fraud monitoring, detection, and tiered user authentication
WO2007000845A1 (en) * 2005-06-27 2007-01-04 Kabushiki Kaisha Toshiba Server device, method and program
WO2007098569A1 (en) * 2006-03-01 2007-09-07 Norman Frank Goertzen Method and system for securing interface access via visual array paths in combination with hidden operators
US8739278B2 (en) 2006-04-28 2014-05-27 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting
US9106422B2 (en) 2006-12-11 2015-08-11 Oracle International Corporation System and method for personalized security signature
WO2008105602A1 (en) * 2007-02-28 2008-09-04 Mininfo Co., Ltd. User authentication method and system using graphic otp
WO2015003672A1 (en) * 2013-07-12 2015-01-15 Anect A.S. Method of secret information entering into electronic digital devices
US10192075B2 (en) 2013-07-12 2019-01-29 Aducid S.R.O. Method of secret information entering into electronic digital devices
CZ309308B6 (en) * 2013-07-12 2022-08-17 Aducid S.R.O. A method of entering classified information into electronic digital devices

Also Published As

Publication number Publication date
GB9424791D0 (en) 1995-02-08

Similar Documents

Publication Publication Date Title
WO1996018139A1 (en) Security code input
US5815083A (en) Process for entry of a confidential piece of information and associated terminal
US5428349A (en) Nondisclosing password entry system
US7240367B2 (en) User interface and method for inputting password and password system using the same
US8010797B2 (en) Electronic apparatus and recording medium storing password input program
US8239937B2 (en) User validation using images
US6658574B1 (en) Method for non-disclosing password entry
US6209104B1 (en) Secure data entry and visual authentication system and method
US6209102B1 (en) Method and apparatus for secure entry of access codes in a computer environment
CA2089306C (en) Identity verification system resistant to compromise by observation of its use
US20090037986A1 (en) Non-disclosing password entry method
JP2007264929A (en) User authentication system, user authentication method, operation terminal and server or the like
US20020129269A1 (en) Method and apparatus for inputting secret information
US20070198846A1 (en) Password input device, password input method, recording medium, and electronic apparatus
US8117652B1 (en) Password input using mouse clicking
JPS60134377A (en) Password number input device
JP2002032176A (en) Input device and its key arranging method
CN106407761B (en) Unlocking method and unlocking device
US20100043079A1 (en) Code securing for a personal entity
US20060179471A1 (en) System and method for providing secure disclosure of a secret
JP2891206B2 (en) Password verification method
US11354395B2 (en) Authentication method for a computing device using interactive game board and game piece images
KR20210027317A (en) Method and Device for Password and Unlocking Input using the Combination of Password Number and Pattern Image
KR20020071293A (en) User authentication method and system using colored pattern
JPH05334334A (en) Password number input device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase