AUTHENTICATION SYSTEM AND METHOD
FIELD OF THE INVENTION
This invention relates to an authentication system and, more particularly, but not exclusively, to a system for authenticating payment transactions. The invention extends to a method for authenticating transactions
BACKGROUND TO THE INVENTION
It is known that current methods of conducting on-line commercial transactions, such as transactions on the World Wide Web of the Internet, are unsatisfactory. The reason for this is that a majority of all such commercial transactions are processed as Mail Order Telephone Order fMOTO") credit card purchases. Such a transaction only requires that a purchaser provide a credit card number and a corresponding expiry date. The cardholder is not required to authorise the transaction, either by means of a signature or by presentation of a credit card. Due to the ease with which credit card numbers and expiry dates can be intercepted, fraudulent MOTO transactions are easy to conduct, particularly on the Internet.
The above situation is disadvantageous for merchants because current practice by credit card issuers favours a purchaser, who can simply claim that a charge
relating to a particular transaction is fraudulent, the so-called "charge back", thereby placing an onus on a merchant to prove the legitimacy of the purchase. In many instances, this burden of proof is exceedingly difficult, if not impossible, to discharge.
In order to enhance the security of online commercial transactions, it is known to utilise further checks to establish the authenticity of a credit card used for settlement of a transaction. All credit cards are issued with a verification code that is known, variously, as a Card Verification Value ("CW") or a Card Validation Code ("CVC"). Use of this verification code does not, however, eliminate the possibility of fraudulent transactions, particularly where the CVC is also intercepted, together with a corresponding credit card number and expiry date.
A similar problem exists with any form of login to a closed system by means of a user name and password. The security of the system is compromised by unauthorised interception of the user name and password, making unauthorised access to the closed system easy to achieve.
There is a requirement for further enhancing the security of online commercial transactions by the use of still further additional checks.
OBJECT OF THE INVENTION
It is an object of this invention to provide a system and a method for authentication commercial transactions that will, at least partially, alleviate the abovementioned difficulties and disadvantages.
SUMMARY OF THE INVENTION
In accordance with this invention there is provided an authentication system, comprising: a registry containing at least one registered data set including a unique terminal identification code and a linked token identification code; a communication network providing data communication with the registry, receiving means capable of receiving, along the communication network, an authentication datagram containing a proposed terminal identification code and a proposed token identification code; a validation facility responsive to receipt of the authorisation datagram to compare the contents of the authentication datagram against the at least one registered data set contained in the registry; and transmitting means operable by the validation facility to transmit an authentication status, along the communication network, the authentication status being an approved status if the contents of the authentication datagram match the contents of the at least one registered data set, and a declined status if the contents of the authentication datagram do not match the contents of the at least one registered data set.
Further features of the invention provide for the at least one registered data set to include a unique terminal identification code and a plurality of linked token identification codes, for the authentication status transmitted by the transmitting means to be an approved status if the contents of the authentication datagram are a subset of the contents of the at least one registered data set, and a declined status if the contents of the authorisation datagram are not a subset of the contents of the at least one registered data set, for the registry to contain a plurality of registered data sets, each registered data set containing a different unique terminal identification code and a number of corresponding linked token identification codes, and for the authentication status transmitted by the transmitting means to be an approved status if the contents of the authentication
datagram are a subset of the contents of any single one of the plurality of registered data sets, and a declined status if the contents of the authentication datagram are not a subset of the contents of any single one of the plurality of registered data sets.
Still further features of the invention provide for the system to include registration means operable to add registered data sets to, and to delete registered data sets from, the registry, for the registration means to be further operable by a user to link and de-link a token identification code to a unique terminal identification code in any registered data set in the registry, for the validation facility to be an application server connected to the communication network and operating under control of a stored program, for the receiving means and the transmitting means to be a network interface card conforming with a communication standard of the communication network, and for the registry to be a database of registered data sets stored on a storage device, preferably a magnetic storage device, alternatively an optical storage device.
Yet further features of the invention provide for the token to be a payment token, preferably a credit card, alternatively a debit card, for the terminal to be a computer workstation, for the authentication datagram to be a datagram corresponding to a commercial transaction initiated from the computer workstation, for the proposed token identification code to relate to a payment token to be used for settlement of the commercial transaction, and for the proposed terminal identification code to relate to a computer workstation used to initiate the commercial transaction.
There is also provided for the system to include a derivation facility operable to derive a unique terminal identification code corresponding to a computer workstation, for the derivation facility to be an application software program installable and executable on the computer workstation, for the application software program to derive the terminal identification code as a function of a
number of different computer workstation parameters and a predetermined unique installation code, for the number of different computer workstation parameters to include a make and model of a processor in the computer workstation, a version of a system Basic Input/Output System (BIOS) of the computer workstation, a release date of the system BIOS, a version of a video BIOS of the computer workstation, a release date of the video BIOS, volume labels of a number of a number of storage devices associated with the computer workstation, Media Access Control (MAC) addresses of a number of communication network interface cards associated with the computer workstation, for the function of the number of different computer workstation parameters and the predetermined installation code to be a hash function, and for the derivation facility to automatically transmit the derived unique terminal identification code to the registry.
There is also provided for the validation facility to perform a statistical comparison between a proposed terminal identification code and any unique terminal identification code contained in any registered data set In the registry, for the statistical comparison to be performed as a function of the number of different workstation parameters and the predetermined unique installation code.
The invention extends to a method for authentication, comprising the steps of: establishing a registry containing at least one registered data set including a unique terminal identification code and a linked token identification code; receiving, along a communication network, an authentication datagram containing a proposed terminal identification code and a proposed token identification code; comparing the contents of the authentication datagram against the at least one registered data set contained in the registry; and transmitting an authentication status along the communication network, the authentication status being an approved status if the contents of the authentication datagram match the contents of the at least one registered data
set, and a declined status if the contents of the authentication datagram do not match the contents of the at least one registered data set.
There is further provided for including in the at least one registered data set a unique terminal identification code and a plurality of linked token identification codes, for transmitting an approved authentication status if the contents of the authentication datagram are a subset of the contents of the at lease one registered data set, and a declined status if the contents of the authorisation datagram are not a subset of the contents of the at least one registered data set, for including in the registry a plurality of registered data sets, each registered data set containing a different unique terminal identification code and a number of corresponding linked token identification codes, and for transmitting an approved authentication status if the contents of the authentication datagram are a subset of the contents of any single one of the plurality of registered data sets, and a declined status if the contents of the authentication datagram are not a subset of the of the contents of any single one of the plurality of registered data sets.
There is still further provided for the method to include the step of adding registered data sets to, and deleting registered data sets from, the registry, for the method to include the further step of linking and de-linking a token identification code to a unique terminal identification code in any registered data set in the registry, for comparing the contents of the authentication datagram the at least one data set in the registry by means of an application server operating under control of a stored program, and for establishing the registry as a database of registered data sets stored on a storage device.
There is yet further provided for the token to be a payment token, for the terminal to be a computer workstation, for constructing the authentication datagram to be a datagram corresponding to a commercial transaction initiated from the computer workstation, for relating the proposed token identification code to a
payment token to be used for settlement of the commercial transaction, and for relating the proposed terminal identification code to a computer workstation used to initiate the commercial transaction.
There is also provided for deriving the unique terminal identification code by means of an application program executable on the computer workstation, for deriving the unique terminal identification code as a function of a number of different computer workstation parameters and a predetermined unique installation code, for the number of different computer workstation parameters to include a make and model of a processor in the computer workstation, a version of a system BIOS of the computer workstation, a date of the system BIOS, a version of a video BIOS of the computer workstation, a date of the video BIOS, volume labels of a number of a number of storage drives associated with the computer workstation, Media Access Control (MAC) addresses of a number of communication network interface cards associated with the computer workstation, for the function of the number of different computer workstation parameters and the predetermined unique installation code to be a hash function, and for automatically transmitting the derived unique terminal identification code to the registry.
There is also provided for performing a statistical comparison between the proposed terminal identification code and any unique terminal identification code contained in any registered data set in the registry, and for performing the statistical comparison as a function of the number of different workstation parameters and the predetermined unique installation code.
BRIEF DESCRIPTION OF THE DRAWINGS
One embodiment of the invention is described below, by way of example only, and with reference to the abovementioned drawings, in which:
Figure 1 is a schematic representation of an authentication system according to the invention, shown in connection with a computer workstation.
DETAILED DESCRIPTION OF THE INVENTION
Referring to Figure 1 , an authentication system is indicated generally by reference numeral (1 ).
Although this embodiment of the invention will be described with particular reference to the authentication of commercial transactions, it is to be clearly understood that the invention is not limited to this particular application.
The authentication system (1) includes a registry (2) in the form of a database of one or more registered data sets (3), a validation facility (4) in the form of an application server operating under control of a stored program, and a communication network (5) that is, in this embodiment, the Internet. The registry (2) is hosted on a database server (not shown) that is accessible by the application server (4) along the communication channel (5). Data in the data sets of the registry may are accessible by means of standard database management software such as SQL Server that is available from Microsoft Corporation of Seattle, Washington in the United States. The application server (4) operates under he well know Windows 2000 Professional operating system which is also available from the Microsoft Corporation. The application server (4) accesses the communication network (5) by means of a network interface controller (not shown) that provides receiving means capable of receiving data from the communication network (5), as well as transmitting means capable of transmitting data to the communication network. The operation of the network interface controller (not shown) is well known in the art and will not be described here in detail. The application server (4) is able to communicate via the communication network (5) with a web server (6) that hosts a merchant portal. The merchant portal is an on-line shopping website on the World Wide Web of the Internet that
5 enables a purchaser to conduct commercial transactions such as the purchase of goods and services from the merchant.
A merchant wishing to utilise the authentication system (1 ) is required to register with the application server (4) and become a participating merchant. Upon 10 registration , a software program is downloaded from the application server and installed on the web server (6) of the participating merchant, which enables the web server to communicate with the application server (4) as described below,
In use, the purchaser initiates a commercial transaction on the merchant portal 15 by means of a terminal (7) in the form of an Internet-enabled computer workstation. When initiating a commercial transaction on the portal of the participating merchant for the first time, a derivation facility (8) consisting of a software program is downloaded from the application server (4) and installed on the computer workstation (7). As part of the installation, a unique installation code 2.0 ' is established on the computer workstation (7), the use of which will be described in the description that follows
Immediately upon installation, the derivation facility (8), or software program, is executed for a first time on the computer workstation (7). During execution, the 25 software program gathers a set of parameters specifically related to hardware components of the computer workstation hardware and derives therefrom a computer identification code (CIN) that uniquely identifies the particular computer workstation. The parameters include:
30 1. a make and model of a Central Processing Unit (CPU) of the computer workstation (7);
2. a version number of a system BIOS of the workstation (7);
3. a date of a system BIOS of the workstation (7);
4. a version number of a video BIOS of the workstation (7); 35 5. a date of a video BIOS of the workstation (7);
6. unique volume labels of a maximum of three storage devices associated with the workstation (7);
7. MAC addresses of a maximum of three network access controllers associated with the workstation; and
8. the unique installation code that is set at the time of installation of the software program on the computer workstation (7).
The software program (8) derives the CIN by means of a one-way, collision-free transformation, such as an MD-5 or an SHA-1 Hash function, both of which are well known in the art. Once the CIN is derived in this manner, it is transmitted by the computer workstation (7) to the application server (4) where it forms a component of a new data set added to the registry (2)
The derivation facility (8) is then used by the purchaser to access the application server (4) and to submit one or more token identification codes to be added to the new data in the registry (2) and thereby to be linked to the CIN corresponding to that computer workstation (7). Each one of the token identification codes so added to the registry is a number of a corresponding payment token, such as a credit card, which the user may wish to use to settle a commercial transaction. The application server (4) stores the CIN and details of each linked payment token as a coπ-esponding data set (3) in the registry (2), It will be appreciated by those skilled in the art that a particular data set in the registry may include a single such token identification code, or multiple different such token identification codes where multiple different payment tokens have been linked with a particular CIN.
Whenever a user initiates a subsequent commercial transaction with the merchant website on the web server (6), the user is required to furnish details of a payment token which he proposes to use to make a payment in settlement of the transaction. At this stage, the derivation facility (8) is executed to derive a
fresh CIN for that computer workstation (7). The freshly derived CIN will be referred to as a proposed terminal Identification code, for convenience.
The proposed token identification code and the proposed terminal identification code are passed by the web server (6) along the communication network (5) to the to the application server (4) as an authentication datagram, for authentication. The authentication datagram is received by the network interface controller (not shown) of the application server (4), which compares the contents of the authentication datagram against each of the registered data sets (3) in the registry (2). In particular, the comparison determines whether or not the separate components of the authentication datagram, namely the proposed terminal identification code and the proposed token identification code, both match components of any single registered data set in the registry (2). When the comparison is completed, the application server (4) transmits an authentication status along the communication network (5) to back to the web server (6) by means of the network interface controller (not shown). The authentication status is an approved status if the components of the authentication datagram correspond with the components of a single data set, and a declined status if the components of the authentication datagram do not match the components of any one of the registered data sets in the registry (2). The transmitted authentication status is received by the web server (6) where it available for the merchant to use as a basis for a decision whether to approve the commercial transaction with the user, or not.
It will be appreciated by those skilled in the art that the system (1 ) enables the security of online commercial transactions to be enhanced by restricting the use of a payment token used in a commercial transaction to one or more particular predetermined computer workstations. The operation of the system is based on a fundamental premise that most persons conduct online commercial transactions from only a few computer workstations, such as home or work, thus rendering such a restriction reasonable.
Numerous modifications are possible to this embodiment without departing from the scope of the invention. In particular, the payment token may be a debit card or any other type of uniquely identifiable payment token. Further, the CIN for a particular workstation is not constant and may change as the workstation is upgraded with time. In order to accommodate such changes, the match between the stored CIN in a data set in the registry (2) and a proposed CIN contained in the authorisation datagram need not be an exact one. This is possible by applying a statistical comparison instead of a string comparison, in which each datum that is used to derive a CIN is assigned a point value, and each matching element is summed to derive a single figure of merit. When the figure of merit exceeds a predetermined threshold, the CIN is considered a match. By applying this methodology, less weight is given to component elements used in deriving the CIN that are likely to change.
In addition to the authentication of commercial transactions, the authentication system (1) may also be used to authenticate access to any closed system such as a website on the World Wide Web of the Internet. In this instance, the token identification code will consist of login name and associated password, while the remainder of the invention remains as described above. Use of the invention in this particular application will have the effect of only allowing access to the website from one or more computer workstations that have previously been registered in the registry. Similarly, access to online bank account information could be restricted to specific computer workstations. Access to other classified, proprietary, or sensitive Information such as medical records and the like can be regulated in an identical manner.
The technical problem solved by this invention is that of introducing a introducing the use of two related tokens for settling an online commercial transaction, a first token being a conventional individually identifiable payment token such as a
credit or debit card, and a second token being a particular computer workstation that has been previously mapped to the first token.
The invention therefore provides a system for authorisation of online commercial transactions that provides greater security against fraud than prior art equivalent.