WO2007106566A3 - A method and apparatus to provide authentication using an authentication card - Google Patents

A method and apparatus to provide authentication using an authentication card Download PDF

Info

Publication number
WO2007106566A3
WO2007106566A3 PCT/US2007/006549 US2007006549W WO2007106566A3 WO 2007106566 A3 WO2007106566 A3 WO 2007106566A3 US 2007006549 W US2007006549 W US 2007006549W WO 2007106566 A3 WO2007106566 A3 WO 2007106566A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
authentication
value
card issued
card
Prior art date
Application number
PCT/US2007/006549
Other languages
French (fr)
Other versions
WO2007106566A2 (en
Inventor
Raihi David M
Original Assignee
Verisign Inc
Raihi David M
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Verisign Inc, Raihi David M filed Critical Verisign Inc
Priority to BRPI0709392-6A priority Critical patent/BRPI0709392A2/en
Priority to EP07753195.2A priority patent/EP1999682A4/en
Publication of WO2007106566A2 publication Critical patent/WO2007106566A2/en
Publication of WO2007106566A3 publication Critical patent/WO2007106566A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Abstract

A method and apparatus to provide authentication. The method comprising sending a challenge to a user to be authenticated, the challenge including a reference on a card issued to the user and receiving a user-supplied value purported by the user to be associated with the reference on the card issued to the user. The method further comprising accessing a secret key associated with the card issued to the user and generating a password using a function F of the secret key and the reference. The method further comprising mapping the function F to a value in an alphabet and authenticating the user by comparing the value in the alphabet to the user-supplied value.
PCT/US2007/006549 2006-03-14 2007-03-14 A method and apparatus to provide authentication using an authentication card WO2007106566A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
BRPI0709392-6A BRPI0709392A2 (en) 2006-03-14 2007-03-14 method and apparatus for providing authentication using an authentication card
EP07753195.2A EP1999682A4 (en) 2006-03-14 2007-03-14 A method and apparatus to provide authentication using an authentication card

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/376,678 2006-03-14
US11/376,678 US7347366B2 (en) 2006-03-14 2006-03-14 Method and apparatus to provide authentication using an authentication card

Publications (2)

Publication Number Publication Date
WO2007106566A2 WO2007106566A2 (en) 2007-09-20
WO2007106566A3 true WO2007106566A3 (en) 2008-01-17

Family

ID=38510096

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/006549 WO2007106566A2 (en) 2006-03-14 2007-03-14 A method and apparatus to provide authentication using an authentication card

Country Status (4)

Country Link
US (1) US7347366B2 (en)
EP (1) EP1999682A4 (en)
BR (1) BRPI0709392A2 (en)
WO (1) WO2007106566A2 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8166532B2 (en) * 2006-10-10 2012-04-24 Honeywell International Inc. Decentralized access control framework
US9286481B2 (en) * 2007-01-18 2016-03-15 Honeywell International Inc. System and method for secure and distributed physical access control using smart cards
US8176332B2 (en) * 2007-02-15 2012-05-08 Christopher Nathan Drake Computer security using visual authentication
GB2442249B (en) * 2007-02-20 2008-09-10 Cryptomathic As Authentication device and method
US8397281B2 (en) 2009-12-30 2013-03-12 Symantec Corporation Service assisted secret provisioning
US20110213985A1 (en) * 2010-02-26 2011-09-01 Compuware Corporation Two factor authentication scheme
US8902040B2 (en) 2011-08-18 2014-12-02 Greisen Enterprises Llc Electronic lock and method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030080183A1 (en) * 2001-10-31 2003-05-01 Sanguthevar Rajasekaran One-time credit card number generator and single round-trip authentication
US20050144450A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing mutual authentication between a sending unit and a recipient
US6983381B2 (en) * 2001-01-17 2006-01-03 Arcot Systems, Inc. Methods for pre-authentication of users using one-time passwords
US20060018467A1 (en) * 2004-07-20 2006-01-26 Scribocel, Inc. Device for authentication and identification for computerized and networked systems

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5712627A (en) * 1995-04-19 1998-01-27 Eastman Chemical Company Security system
AU2001270912A1 (en) 2000-07-21 2002-02-05 Nexxgen Limited Improvements relating to the security of authentication systems
US7194765B2 (en) * 2002-06-12 2007-03-20 Telefonaktiebolaget Lm Ericsson (Publ) Challenge-response user authentication
US7882361B2 (en) * 2004-02-05 2011-02-01 Oracle America, Inc. Method and system for accepting a pass code
US7128274B2 (en) * 2005-03-24 2006-10-31 International Business Machines Corporation Secure credit card with near field communications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6983381B2 (en) * 2001-01-17 2006-01-03 Arcot Systems, Inc. Methods for pre-authentication of users using one-time passwords
US20030080183A1 (en) * 2001-10-31 2003-05-01 Sanguthevar Rajasekaran One-time credit card number generator and single round-trip authentication
US20050144450A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing mutual authentication between a sending unit and a recipient
US20060018467A1 (en) * 2004-07-20 2006-01-26 Scribocel, Inc. Device for authentication and identification for computerized and networked systems

Also Published As

Publication number Publication date
US20070215693A1 (en) 2007-09-20
WO2007106566A2 (en) 2007-09-20
EP1999682A2 (en) 2008-12-10
US7347366B2 (en) 2008-03-25
EP1999682A4 (en) 2015-07-08
BRPI0709392A2 (en) 2011-07-05

Similar Documents

Publication Publication Date Title
WO2007121190A3 (en) Method and apparatus for binding multiple authentications
WO2005006629A3 (en) Terminal authentication in a wireless network
WO2007106566A3 (en) A method and apparatus to provide authentication using an authentication card
WO2009002599A3 (en) Electronically securing an electronic device using physically unclonable functions
WO2008011628A3 (en) Device authentication
WO2008042871A3 (en) Methods and apparatus for securely signing on to a website via a security website
WO2008054375A3 (en) Constrained cryptographic keys
WO2007003997A3 (en) Using one-time passwords with single sign-on authentication
WO2007106679A3 (en) Mutual authentication between two parties using two consecutive one-time passwords
WO2005065132A3 (en) System, method, and devices for authentication in a wireless local area network (wlan)
WO2010093636A3 (en) Devices, systems and methods for secure verification of user identity
WO2009048574A3 (en) Secure wireless communication
WO2007112023A3 (en) Secure biometric processing system and method of use
EP2456121A3 (en) Challenge response based enrollment of physical unclonable functions
WO2002093824A3 (en) Authentication method
WO2006130616A3 (en) Augmented single factor split key asymmetric cryptography-key generation and distributor
WO2006084036A3 (en) System and method for providing peer-to-peer communication
WO2006137983A3 (en) Method and apparatus for accessing digital data using biometric information
MY172709A (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication
WO2005045550A3 (en) Password recovery system and method
WO2008095011A3 (en) Methods and systems for authentication of a user
WO2007139706A3 (en) Authenticating a tamper-resistant module in a base station router
WO2007126794A3 (en) Accessing data storage devices
WO2006115655A3 (en) Linking diffie hellman with hfs authentication by using a seed
WO2009126209A3 (en) Methods and apparatus for authentication and identity management using a public key infrastructure (pki) in an ip-based telephony environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07753195

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2007753195

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007753195

Country of ref document: EP

ENP Entry into the national phase

Ref document number: PI0709392

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20080915