WO2009025905A3 - Remote authentication and transaction signatures - Google Patents

Remote authentication and transaction signatures Download PDF

Info

Publication number
WO2009025905A3
WO2009025905A3 PCT/US2008/065216 US2008065216W WO2009025905A3 WO 2009025905 A3 WO2009025905 A3 WO 2009025905A3 US 2008065216 W US2008065216 W US 2008065216W WO 2009025905 A3 WO2009025905 A3 WO 2009025905A3
Authority
WO
WIPO (PCT)
Prior art keywords
card
pki
private key
signing
need
Prior art date
Application number
PCT/US2008/065216
Other languages
French (fr)
Other versions
WO2009025905A2 (en
Inventor
Frank Coulier
Frank Hoornaert
Original Assignee
Vasco Data Security Inc
Vasco Data Security Internat G
Frank Coulier
Frank Hoornaert
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vasco Data Security Inc, Vasco Data Security Internat G, Frank Coulier, Frank Hoornaert filed Critical Vasco Data Security Inc
Priority to CN200880100663.3A priority Critical patent/CN101765996B/en
Priority to EP08827860.1A priority patent/EP2158717B1/en
Priority to NO08827860A priority patent/NO2158717T3/no
Priority to DK08827860.1T priority patent/DK2158717T3/en
Publication of WO2009025905A2 publication Critical patent/WO2009025905A2/en
Publication of WO2009025905A3 publication Critical patent/WO2009025905A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Abstract

The invention provides a method, apparatus, computer readable medium and signal which allows the usage of devices containing PKl private keys such as PKI- enabled smart cards or USB sticks to authenticate users and to sign transactions. The authenticity of the user and/or the message is verified. Furthermore the operation (authentication and/or signing) occurs without the need for an application to have some kind of a direct or indirect digital connection with the device containing the private key. In other words a digital connection that would allow an application to submit data to the card for signing by the card's private key and that would allow retrieving the entire resulting signature from the card is not required. In addition the operation occurs without the need for the PKI-enabled device containing the private key (e.g. a PKI smart card or USB stick) to either support symmetric cryptographic operations or to have been personalized with some secret or confidential data element that can be read by a suitable reader.
PCT/US2008/065216 2007-05-31 2008-05-30 Remote authentication and transaction signatures WO2009025905A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
CN200880100663.3A CN101765996B (en) 2007-05-31 2008-05-30 Device and method for remote authentication and transaction signatures
EP08827860.1A EP2158717B1 (en) 2007-05-31 2008-05-30 Remote authentication and transaction signatures
NO08827860A NO2158717T3 (en) 2007-05-31 2008-05-30
DK08827860.1T DK2158717T3 (en) 2007-05-31 2008-05-30 REMOTE AUTHENTICATION AND TRANSACTION SIGNATURE

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/756,088 2007-05-31
US11/756,088 US7930554B2 (en) 2007-05-31 2007-05-31 Remote authentication and transaction signatures

Publications (2)

Publication Number Publication Date
WO2009025905A2 WO2009025905A2 (en) 2009-02-26
WO2009025905A3 true WO2009025905A3 (en) 2009-04-02

Family

ID=39343455

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2008/065216 WO2009025905A2 (en) 2007-05-31 2008-05-30 Remote authentication and transaction signatures

Country Status (7)

Country Link
US (1) US7930554B2 (en)
EP (1) EP2158717B1 (en)
CN (1) CN101765996B (en)
BE (1) BE1017304A6 (en)
DK (1) DK2158717T3 (en)
NO (1) NO2158717T3 (en)
WO (1) WO2009025905A2 (en)

Families Citing this family (94)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2442249B (en) * 2007-02-20 2008-09-10 Cryptomathic As Authentication device and method
US8667285B2 (en) 2007-05-31 2014-03-04 Vasco Data Security, Inc. Remote authentication and transaction signatures
US8359630B2 (en) * 2007-08-20 2013-01-22 Visa U.S.A. Inc. Method and system for implementing a dynamic verification value
CN101106455B (en) * 2007-08-20 2010-10-13 北京飞天诚信科技有限公司 Identity authentication method and intelligent secret key device
US9043603B2 (en) * 2008-01-28 2015-05-26 Seagate Technology Llc Security threshold enforcement in anchor point-based digital rights management
US20090202081A1 (en) * 2008-02-08 2009-08-13 Ayman Hammad Key delivery system and method
US8302167B2 (en) * 2008-03-11 2012-10-30 Vasco Data Security, Inc. Strong authentication token generating one-time passwords and signatures upon server credential verification
EP2107808A1 (en) * 2008-04-03 2009-10-07 Nagravision S.A. Security module (SM) for an audio/video data processing unit
US8941469B1 (en) * 2010-06-14 2015-01-27 Impinj, Inc. RFID tag authentication with public-key cryptography
US9129168B1 (en) * 2008-04-30 2015-09-08 Impinj, Inc. RFID readers causing tags to backscatter based on challenge
US8621210B2 (en) * 2008-06-26 2013-12-31 Microsoft Corporation Ad-hoc trust establishment using visual verification
AU2016228254B2 (en) * 2008-11-04 2018-02-01 Securekey Technologies Inc System and methods for online authentication
AU2009322102B2 (en) * 2008-11-04 2015-02-19 Securekey Technologies Inc. System and methods for online authentication
IT1392268B1 (en) * 2008-12-02 2012-02-22 Sata Hts Hi Tech Services S P A AUTHENTICATION PROCESS VIA TOKEN GENERANTE ONE TIME PASSWORD
US20100175120A1 (en) * 2009-01-06 2010-07-08 Chung-Nan Tien Multi-layer data mapping authentication system
US8826397B2 (en) * 2009-01-15 2014-09-02 Visa International Service Association Secure remote authentication through an untrusted network
EP2401838B1 (en) 2009-02-19 2013-12-11 SecureKey Technologies Inc. System and methods for online authentication
US20100241850A1 (en) * 2009-03-17 2010-09-23 Chuyu Xiong Handheld multiple role electronic authenticator and its service system
DE102009027686A1 (en) * 2009-07-14 2011-01-20 Bundesdruckerei Gmbh Method for reading attributes from an ID token
DE102009036179A1 (en) * 2009-08-05 2011-02-10 Siemens Aktiengesellschaft Method for issuing a digital certificate by a certification authority, arrangement for carrying out the method and computer system of a certification authority
AR077680A1 (en) 2009-08-07 2011-09-14 Dolby Int Ab DATA FLOW AUTHENTICATION
EP2290876A1 (en) * 2009-08-24 2011-03-02 Gemalto SA Method for establishing an electronic authorisation for a user having an electronic identity document and method for controlling said authorization.
US8572394B2 (en) * 2009-09-04 2013-10-29 Computer Associates Think, Inc. OTP generation using a camouflaged key
US8533460B2 (en) 2009-11-06 2013-09-10 Computer Associates Think, Inc. Key camouflaging method using a machine identifier
US8843757B2 (en) * 2009-11-12 2014-09-23 Ca, Inc. One time PIN generation
US8874914B2 (en) 2010-02-05 2014-10-28 Accenture Global Services Limited Secure and automated credential information transfer mechanism
US10826885B2 (en) * 2010-03-02 2020-11-03 Liberty Plugins, Inc. Digital certificate and reservation
FR2957216B1 (en) * 2010-03-03 2016-06-17 Avencis REMOTE STRONG AUTHENTICATION METHOD, AND INITIALIZATION METHOD, DEVICE AND ASSOCIATED SYSTEMS
WO2011121530A1 (en) 2010-03-31 2011-10-06 International Business Machines Corporation Method, secure device, system and computer program product for digitally signing a document
US8832807B1 (en) * 2010-08-05 2014-09-09 Christine E. Kuo Method and apparatus for asynchronous dynamic password
US8746553B2 (en) * 2010-09-27 2014-06-10 Mastercard International Incorporated Purchase Payment device updates using an authentication process
KR20120051344A (en) * 2010-11-12 2012-05-22 한국전자통신연구원 Portable integrated security memory device and service processing apparatus and method using the same
DE102010055699A1 (en) 2010-12-22 2012-06-28 Giesecke & Devrient Gmbh Cryptographic process
CN103597520B (en) * 2011-04-13 2016-12-07 诺基亚技术有限公司 The ticketing service method and system of identity-based
CN102307095B (en) * 2011-04-27 2014-08-27 上海动联信息技术股份有限公司 Injection and deformation method for seed key of dynamic token
US8842840B2 (en) 2011-11-03 2014-09-23 Arvind Gidwani Demand based encryption and key generation and distribution systems and methods
US8631475B1 (en) * 2011-12-21 2014-01-14 Emc Corporation Ordering inputs for order dependent processing
CN102609646A (en) * 2012-01-20 2012-07-25 华为终端有限公司 Information protection method, information protection device and terminal equipment
CN102655454A (en) * 2012-04-20 2012-09-05 深圳市文鼎创数据科技有限公司 Determination method and device for dynamic token trading
FR2992083B1 (en) * 2012-06-19 2014-07-04 Alstom Transport Sa COMPUTER, COMMUNICATION ASSEMBLY COMPRISING SUCH A COMPUTER, RAIL MANAGEMENT SYSTEM COMPRISING SUCH A SET, AND METHOD FOR RELIABILITY OF DATA IN A COMPUTER
US20150235215A1 (en) * 2012-08-16 2015-08-20 Tango Mobile, LLC System and Method for Mobile or Web-Based Payment/Credential Process
CN102983975B (en) * 2012-11-12 2016-02-24 天地融科技股份有限公司 Dynamic password display method
US9053305B2 (en) * 2012-12-10 2015-06-09 Dell Products L.P. System and method for generating one-time password for information handling resource
WO2014106031A1 (en) * 2012-12-28 2014-07-03 Vasco Data Security, Inc. Remote authentication and transaction signatures
FR3003058A1 (en) * 2013-03-05 2014-09-12 Noemy SYSTEM AND METHOD FOR MANAGING AT LEAST ONE ONLINE APPLICATION, USB USER PORTABLE OBJECT AND REMOTE SYSTEM DEVICE
FR3003059A1 (en) * 2013-03-05 2014-09-12 Noemy SYSTEM AND METHOD FOR MANAGING AT LEAST ONE ONLINE APPLICATION, USER PORTABLE OBJECT COMMUNICATING WITH A RADIO PROTOCOL AND DEVICE REMOTE FROM THE SYSTEM
US9780950B1 (en) * 2013-03-15 2017-10-03 Symantec Corporation Authentication of PKI credential by use of a one time password and pin
US9166970B1 (en) 2013-03-15 2015-10-20 Symantec Corporation Dynamic framework for certificate application configuration
EP3019992B1 (en) * 2013-07-08 2020-04-29 Assa Abloy AB One-time-password generated on reader device using key read from personal security device
US9178881B2 (en) 2013-10-09 2015-11-03 Microsoft Technology Licensing, Llc Proof of device genuineness
US9258117B1 (en) * 2014-06-26 2016-02-09 Amazon Technologies, Inc. Mutual authentication with symmetric secrets and signatures
US9292875B1 (en) 2014-09-23 2016-03-22 Sony Corporation Using CE device record of E-card transactions to reconcile bank record
US9355424B2 (en) 2014-09-23 2016-05-31 Sony Corporation Analyzing hack attempts of E-cards
US9367845B2 (en) 2014-09-23 2016-06-14 Sony Corporation Messaging customer mobile device when electronic bank card used
US10262316B2 (en) 2014-09-23 2019-04-16 Sony Corporation Automatic notification of transaction by bank card to customer device
US9646307B2 (en) 2014-09-23 2017-05-09 Sony Corporation Receiving fingerprints through touch screen of CE device
US9202212B1 (en) 2014-09-23 2015-12-01 Sony Corporation Using mobile device to monitor for electronic bank card communication
US9953323B2 (en) 2014-09-23 2018-04-24 Sony Corporation Limiting e-card transactions based on lack of proximity to associated CE device
US9378502B2 (en) 2014-09-23 2016-06-28 Sony Corporation Using biometrics to recover password in customer mobile device
US9317847B2 (en) 2014-09-23 2016-04-19 Sony Corporation E-card transaction authorization based on geographic location
US9558488B2 (en) 2014-09-23 2017-01-31 Sony Corporation Customer's CE device interrogating customer's e-card for transaction information
US9432339B1 (en) * 2014-09-29 2016-08-30 Emc Corporation Automated token renewal using OTP-based authentication codes
CN107113175B (en) * 2014-10-31 2020-08-04 威斯科数据安全国际有限公司 Multi-user strong authentication token
CN104468119B (en) * 2014-11-21 2017-06-27 上海瀚之友信息技术服务有限公司 A kind of disposal password Verification System and authentication method
WO2016101027A1 (en) * 2014-12-24 2016-06-30 Isignthis Ltd Securing a transaction
US20160275505A1 (en) * 2015-03-17 2016-09-22 Ca, Inc. Method of receiving payment confirmation in emv contactless mobile payment
US20160275506A1 (en) * 2015-03-17 2016-09-22 Ca, Inc. System and method of contactless mobile payment verification
US10360558B2 (en) * 2015-03-17 2019-07-23 Ca, Inc. Simplified two factor authentication for mobile payments
US10050942B2 (en) 2015-03-17 2018-08-14 Ca, Inc. System and method of mobile authentication
US10089631B2 (en) 2015-03-18 2018-10-02 Ca, Inc. System and method of neutralizing mobile payment
US10387884B2 (en) 2015-03-18 2019-08-20 Ca, Inc. System for preventing mobile payment
US10778435B1 (en) * 2015-12-30 2020-09-15 Jpmorgan Chase Bank, N.A. Systems and methods for enhanced mobile device authentication
US10861019B2 (en) 2016-03-18 2020-12-08 Visa International Service Association Location verification during dynamic data transactions
US11151561B2 (en) * 2016-07-01 2021-10-19 American Express Travel Related Services Company, Inc. Systems and methods for validating transmissions over communication channels
WO2018020369A1 (en) * 2016-07-29 2018-02-01 nChain Holdings Limited Blockchain-implemented method and system
US20180060865A1 (en) * 2016-08-23 2018-03-01 Venuenext, Inc. Retrieving payment information for a user from an authentication server for use in purchase requests to vendors
EP3340149A1 (en) * 2016-12-22 2018-06-27 Mastercard International Incorporated Methods and systems for validating an interaction
US11494765B2 (en) * 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
JP6953837B2 (en) * 2017-06-28 2021-10-27 大日本印刷株式会社 Authentication methods using secure elements, computer programs, devices and secure elements
EP3422628B1 (en) * 2017-06-29 2021-04-07 Siemens Aktiengesellschaft Method, safety device and safety system
CN107454561A (en) * 2017-08-14 2017-12-08 恒宝股份有限公司 A kind of Bluetooth link data guard method and its protection system
EP3454502B1 (en) 2017-09-07 2020-08-05 Nxp B.V. Transceiver system
CN107833054B (en) * 2017-12-11 2019-05-28 飞天诚信科技股份有限公司 A kind of bluetooth fiscard and its working method
CN108011722A (en) * 2017-12-12 2018-05-08 金邦达有限公司 Data signature method, system, chip card and micro-control unit
CN110278180B (en) * 2018-03-16 2021-09-21 上海方付通商务服务有限公司 Financial information interaction method, device, equipment and storage medium
US10510066B2 (en) * 2018-05-01 2019-12-17 Robert R. Lovett ATM replacement using two mobile devices
DE102018005038A1 (en) 2018-06-25 2020-01-02 Giesecke+Devrient Mobile Security Gmbh Smart card as a security token
SG11202101351VA (en) * 2018-08-13 2021-03-30 Visa Int Service Ass Token keys to generate cryptograms for token interactions
CN110032414B (en) * 2019-03-06 2023-06-06 联想企业解决方案(新加坡)有限公司 Apparatus and method for secure user authentication in remote console mode
US20210243035A1 (en) * 2020-02-03 2021-08-05 Micron Technology, Inc. Multi-factor authentication enabled memory sub-system
US11757646B2 (en) 2020-11-02 2023-09-12 Orolia Defense & Security Llc Methods for generating an encrypted signal simulation with a cryptographic interface card (GCIC) and devices thereof
US11880229B2 (en) * 2020-12-21 2024-01-23 Micron Technology, Inc. Security capsule for enabling restricted features of a memory device
US20220294614A1 (en) * 2021-03-09 2022-09-15 Micron Technology, Inc. Utilization of a memory device for per-user encryption
DE102021112041A1 (en) * 2021-05-07 2022-11-10 Embex Gmbh Method for authentication of interactions independent of a system time and device for carrying out this method and flame monitor with a dear-like device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6308266B1 (en) * 1998-03-04 2001-10-23 Microsoft Corporation System and method for enabling different grades of cryptography strength in a product
US20020087860A1 (en) * 2000-10-20 2002-07-04 David William Kravitz Cryptographic data security system and method
US6715078B1 (en) * 2000-03-28 2004-03-30 Ncr Corporation Methods and apparatus for secure personal identification number and data encryption

Family Cites Families (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0658670B2 (en) * 1983-08-01 1994-08-03 沖電気工業株式会社 Automatic trading system
US4819267A (en) * 1984-02-22 1989-04-04 Thumbscan, Inc. Solid state key for controlling access to computer systems and to computer software and/or for secure communications
US4609777A (en) * 1984-02-22 1986-09-02 Gordian Systems, Inc. Solid state key for controlling access to computer software
US4599489A (en) * 1984-02-22 1986-07-08 Gordian Systems, Inc. Solid state key for controlling access to computer software
US4885778A (en) * 1984-11-30 1989-12-05 Weiss Kenneth P Method and apparatus for synchronizing generation of separate, free running, time dependent equipment
US5485519A (en) * 1991-06-07 1996-01-16 Security Dynamics Technologies, Inc. Enhanced security for a secure token code
US5657388A (en) * 1993-05-25 1997-08-12 Security Dynamics Technologies, Inc. Method and apparatus for utilizing a token for resource access
FR2689997B1 (en) * 1992-04-08 1997-06-13 Innovatron Sa CONTACTLESS DATA EXCHANGE SYSTEM BETWEEN A TERMINAL AND A MODULAR PORTABLE ASSEMBLY.
FR2696067B1 (en) * 1992-09-21 1994-11-25 France Telecom Telecommunication installation with secure download of prepayment means and corresponding download method.
US5884292A (en) * 1993-05-06 1999-03-16 Pitney Bowes Inc. System for smart card funds refill
US6145739A (en) * 1993-10-26 2000-11-14 Intellect Australia Pty Ltd. System and method for performing transactions and an intelligent device therefor
US5521966A (en) * 1993-12-14 1996-05-28 At&T Corp. Method and system for mediating transactions that use portable smart cards
US5915209A (en) * 1994-11-21 1999-06-22 Lawrence; David Bond trading system
US5625534A (en) * 1995-05-12 1997-04-29 Dell Computer Corporation Portable computer having a data card reader apparatus associated therewith
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
AU734654B2 (en) * 1996-02-09 2001-06-21 Integrated Technologies Of America, Inc. Access control/crypto system
US5937068A (en) * 1996-03-22 1999-08-10 Activcard System and method for user authentication employing dynamic encryption variables
US5802176A (en) * 1996-03-22 1998-09-01 Activcard System for controlling access to a function, using a plurality of dynamic encryption variables
US5889941A (en) * 1996-04-15 1999-03-30 Ubiq Inc. System and apparatus for smart card personalization
US6088450A (en) * 1996-04-17 2000-07-11 Intel Corporation Authentication system based on periodic challenge/response protocol
US6065679A (en) * 1996-09-06 2000-05-23 Ivi Checkmate Inc. Modular transaction terminal
NL1004249C2 (en) 1996-10-11 1998-04-15 Datelnet Smart Services B V System with a computer and a number of portable terminals for a smart card, as well as a terminal for use in this system.
EP0951775A1 (en) * 1997-01-13 1999-10-27 John Overton Automated system for image archiving
US5988510A (en) * 1997-02-13 1999-11-23 Micron Communications, Inc. Tamper resistant smart card and method of protecting data in a smart card
US6564995B1 (en) * 1997-09-19 2003-05-20 Schlumberger Malco, Inc. Smart card application-selection
JP3905961B2 (en) * 1997-11-11 2007-04-18 インターナショナル・ビジネス・マシーンズ・コーポレーション Temporary signature authentication method and system
DE19841886C2 (en) 1998-01-22 2003-03-27 Kobil Comp Gmbh Method and device for generating passwords
US6484260B1 (en) * 1998-04-24 2002-11-19 Identix, Inc. Personal identification system
US6234389B1 (en) * 1998-04-29 2001-05-22 @Pos.Com, Inc. PCMCIA-based point of sale transaction system
US6196459B1 (en) * 1998-05-11 2001-03-06 Ubiq Incorporated Smart card personalization in a multistation environment
FR2779018B1 (en) * 1998-05-22 2000-08-18 Activcard TERMINAL AND SYSTEM FOR IMPLEMENTING SECURE ELECTRONIC TRANSACTIONS
US6129274A (en) * 1998-06-09 2000-10-10 Fujitsu Limited System and method for updating shopping transaction history using electronic personal digital shopping assistant
US6808111B2 (en) * 1998-08-06 2004-10-26 Visa International Service Association Terminal software architecture for use with smart cards
EP2290577B1 (en) 2000-02-18 2017-08-16 Vasco Data Security International GmbH Token device having a USB connector
US6550683B1 (en) * 2000-02-24 2003-04-22 Telxon Corporation Hand held portable device with multiple functions
ES2167245B1 (en) 2000-06-23 2003-04-01 Esignus S L EXTERNAL SIGNATOR FOR PC.
US7519989B2 (en) * 2003-07-17 2009-04-14 Av Thenex Inc. Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
CN100449990C (en) * 2003-08-19 2009-01-07 华为技术有限公司 User centrificating apparatus and method for fixed network terminal
US20050050330A1 (en) 2003-08-27 2005-03-03 Leedor Agam Security token
US7386736B2 (en) 2004-12-16 2008-06-10 International Business Machines Corporation Method and system for using a compact disk as a smart key device
CN1885769B (en) * 2005-06-23 2013-03-27 北京书生国际信息技术有限公司 Digital abstract forming device and method, and CA signing system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6308266B1 (en) * 1998-03-04 2001-10-23 Microsoft Corporation System and method for enabling different grades of cryptography strength in a product
US6715078B1 (en) * 2000-03-28 2004-03-30 Ncr Corporation Methods and apparatus for secure personal identification number and data encryption
US20020087860A1 (en) * 2000-10-20 2002-07-04 David William Kravitz Cryptographic data security system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2158717A4 *

Also Published As

Publication number Publication date
CN101765996B (en) 2014-10-29
EP2158717A4 (en) 2012-11-14
CN101765996A (en) 2010-06-30
EP2158717A2 (en) 2010-03-03
US20080301461A1 (en) 2008-12-04
US7930554B2 (en) 2011-04-19
DK2158717T3 (en) 2017-12-11
NO2158717T3 (en) 2018-02-03
WO2009025905A2 (en) 2009-02-26
BE1017304A6 (en) 2008-05-06
EP2158717B1 (en) 2017-09-06

Similar Documents

Publication Publication Date Title
WO2009025905A3 (en) Remote authentication and transaction signatures
TW511362B (en) Protection of biometric data via key-dependent sampling
EP2648163A2 (en) A personalized biometric identification and non-repudiation system
WO2006049832A3 (en) Security device for cryptographic communications
EP2825993A1 (en) Ipassport method and apparatus
AU2011275691A8 (en) Stand-alone secure pin entry device for enabling emv card transactions with separate card reader
HK1090998A1 (en) Portable security transaction protocol
WO2008041980A3 (en) Proxy authentication methods and apparatus
MX2012005226A (en) Verification of portable consumer devices for 3-d secure services.
US20140245019A1 (en) Apparatus for generating privacy-protecting document authentication information and method of performing privacy-protecting document authentication using the same
US20110296191A1 (en) Method for securely drawing up a virtual multiparty contract capable of being physically represented
WO2007072450A3 (en) Puf protocol with improved backward security
KR20110051003A (en) System for certificating one time virtual certification number, smart card having the display and method therefor
CN203260066U (en) Electronic payment device based on fingerprint identification and audio interface
CN103258269A (en) Electronic payment device for mobile equipment
CN103150520A (en) Security encryption method and electronic device
CN1889420B (en) Method for realizing encrypting
TWI373950B (en) Decription system utilizing rfid system and related method thereof
Martínez et al. A comparative study of three Spanish eGoverment smart cards
De Cock et al. Insights on identity documents based on the Belgian case study
CN101699472B (en) Electronic signature supporting continuous endorsement
JP2010124355A (en) Digital watermark reading apparatus
Balsubramanian et al. Mark sheet verification
GB2397153A (en) Handwritten signature check to allow use of digital certificate
JP2023000782A (en) Electronic signature device, electronic signature utilization system, and electronic signature generation method

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200880100663.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08827860

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 7081/CHENP/2009

Country of ref document: IN

REEP Request for entry into the european phase

Ref document number: 2008827860

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2008827860

Country of ref document: EP