FR2959896A1 - Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service - Google Patents

Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service Download PDF

Info

Publication number
FR2959896A1
FR2959896A1 FR1053523A FR1053523A FR2959896A1 FR 2959896 A1 FR2959896 A1 FR 2959896A1 FR 1053523 A FR1053523 A FR 1053523A FR 1053523 A FR1053523 A FR 1053523A FR 2959896 A1 FR2959896 A1 FR 2959896A1
Authority
FR
France
Prior art keywords
transaction
authenticating
service provider
user
user requiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
FR1053523A
Other languages
English (en)
Other versions
FR2959896B1 (fr
Inventor
Johann Liberman
Panos Chatzikomninos
Jean Pascal Aubert
Benoit Delestre
Didier Hallepee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Goswiff France Fr
Original Assignee
4G SECURE
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to FR1053523A priority Critical patent/FR2959896B1/fr
Application filed by 4G SECURE filed Critical 4G SECURE
Priority to SG2012081857A priority patent/SG185449A1/en
Priority to PCT/FR2011/051008 priority patent/WO2011138558A2/fr
Priority to CN2011800341284A priority patent/CN103109494A/zh
Priority to RU2012152466/08A priority patent/RU2012152466A/ru
Priority to PH1/2012/502192A priority patent/PH12012502192A1/en
Priority to US13/696,489 priority patent/US9038196B2/en
Priority to EP11723560A priority patent/EP2567502A2/fr
Publication of FR2959896A1 publication Critical patent/FR2959896A1/fr
Application granted granted Critical
Publication of FR2959896B1 publication Critical patent/FR2959896B1/fr
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé d'authentification d'un utilisateur (Ui) requérant une transaction auprès d'un fournisseur de service (SP), le procédé comportant la génération (E) d'un code d'autorisation (codi) spécifique à l'utilisateur et à la transaction requise à partir d'une donnée d'authentification (dauth) lue sur un écran au moyen d'un terminal mobile (TEL) et l'envoi (F) du code d'autorisation généré au fournisseur de service afin d'authentifier l'utilisateur. Elle concerne également un serveur d'authentification (AS) correspondant, ainsi qu'un système d'authentification comprenant un tel serveur d'authentification.
FR1053523A 2010-05-06 2010-05-06 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service Expired - Fee Related FR2959896B1 (fr)

Priority Applications (8)

Application Number Priority Date Filing Date Title
FR1053523A FR2959896B1 (fr) 2010-05-06 2010-05-06 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service
PCT/FR2011/051008 WO2011138558A2 (fr) 2010-05-06 2011-05-04 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service
CN2011800341284A CN103109494A (zh) 2010-05-06 2011-05-04 用于授权需要服务提供商交易的用户方法
RU2012152466/08A RU2012152466A (ru) 2010-05-06 2011-05-04 Способ аутентификации пользователя, запрашивающего транзакцию у провайдера услуги
SG2012081857A SG185449A1 (en) 2010-05-06 2011-05-04 Method for authenticating a user requesting a transaction with a service provider
PH1/2012/502192A PH12012502192A1 (en) 2010-05-06 2011-05-04 Method for authenticating a user requesting a transaction with a service provider
US13/696,489 US9038196B2 (en) 2010-05-06 2011-05-04 Method for authenticating a user requesting a transaction with a service provider
EP11723560A EP2567502A2 (fr) 2010-05-06 2011-05-04 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FR1053523A FR2959896B1 (fr) 2010-05-06 2010-05-06 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service

Publications (2)

Publication Number Publication Date
FR2959896A1 true FR2959896A1 (fr) 2011-11-11
FR2959896B1 FR2959896B1 (fr) 2014-03-21

Family

ID=43533165

Family Applications (1)

Application Number Title Priority Date Filing Date
FR1053523A Expired - Fee Related FR2959896B1 (fr) 2010-05-06 2010-05-06 Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service

Country Status (8)

Country Link
US (1) US9038196B2 (fr)
EP (1) EP2567502A2 (fr)
CN (1) CN103109494A (fr)
FR (1) FR2959896B1 (fr)
PH (1) PH12012502192A1 (fr)
RU (1) RU2012152466A (fr)
SG (1) SG185449A1 (fr)
WO (1) WO2011138558A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017021657A1 (fr) * 2015-08-04 2017-02-09 Skeyecode Procédé de sécurisation d'une transaction a partir d'un terminal non sécurise

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10587683B1 (en) 2012-11-05 2020-03-10 Early Warning Services, Llc Proximity in privacy and security enhanced internet geolocation
US10581834B2 (en) * 2009-11-02 2020-03-03 Early Warning Services, Llc Enhancing transaction authentication with privacy and security enhanced internet geolocation and proximity
US8806592B2 (en) 2011-01-21 2014-08-12 Authentify, Inc. Method for secure user and transaction authentication and risk management
US9667823B2 (en) * 2011-05-12 2017-05-30 Moon J. Kim Time-varying barcode in an active display
US8869279B2 (en) 2011-05-13 2014-10-21 Imperva, Inc. Detecting web browser based attacks using browser response comparison tests launched from a remote source
US8880886B2 (en) * 2011-05-26 2014-11-04 First Data Corporation Systems and methods for authenticating mobile devices
FR2978891B1 (fr) * 2011-08-05 2013-08-09 Banque Accord Procede, serveur et systeme d'authentification d'une personne
KR101137523B1 (ko) * 2011-09-26 2012-04-20 유승훈 인증매체, 인증단말, 인증서버 및 이들을 이용한 인증방법
GB2495474B (en) * 2011-10-03 2015-07-08 Barclays Bank Plc User authentication
CN103975615B (zh) * 2011-12-16 2019-09-03 英特尔公司 用自动生成的登录信息经由近场通信登录
US9210146B2 (en) * 2012-02-18 2015-12-08 Daniel S. Shimshoni Secure content transfer using dynamically generated optical machine readable codes
CN103379491A (zh) * 2012-04-12 2013-10-30 中兴通讯股份有限公司 用于密码验证的用户终端、密码交易终端、系统和方法
FR2996187B1 (fr) * 2012-10-02 2014-09-05 Renault Sa Systeme de gestion d'un vehicule et son procede associe
CN104063789B (zh) * 2013-03-18 2016-04-20 财付通支付科技有限公司 一种对处理对象进行处理的方法、装置及系统
TWI505128B (zh) * 2013-03-20 2015-10-21 Chunghwa Telecom Co Ltd Method and System of Intelligent Component Library Management
FR3007167A1 (fr) * 2013-06-14 2014-12-19 France Telecom Procede d'authentification d'un terminal par une passerelle d'un reseau interne protege par une entite de securisation des acces
US10425407B2 (en) * 2013-07-28 2019-09-24 Eli Talmor Secure transaction and access using insecure device
CN104346548A (zh) * 2013-08-01 2015-02-11 华为技术有限公司 穿戴式设备的认证方法及穿戴式设备
US9160742B1 (en) * 2013-09-27 2015-10-13 Emc Corporation Localized risk analytics for user authentication
US9734694B2 (en) * 2013-10-04 2017-08-15 Sol Mingso Li Systems and methods for programming, controlling and monitoring wireless networks
JP6170844B2 (ja) * 2014-02-14 2017-07-26 株式会社Nttドコモ 認証情報管理システム
US10057240B2 (en) * 2014-08-25 2018-08-21 Sap Se Single sign-on to web applications from mobile devices
EP2998896A1 (fr) * 2014-09-17 2016-03-23 Gemalto Sa Procédé d'authentification d'un utilisateur, terminaux et système d'authentification correspondants
DE102014015814B4 (de) 2014-10-24 2016-05-04 Unify Gmbh & Co. Kg Verfahren zum Authentifizieren eines Benutzergeräts bei der Anmeldung an einem Server
CN104361267B (zh) * 2014-11-19 2017-11-07 厦门海迈科技股份有限公司 基于非对称加密算法的软件授权与保护装置及方法
US9619636B2 (en) * 2015-02-06 2017-04-11 Qualcomm Incorporated Apparatuses and methods for secure display on secondary display device
KR101652625B1 (ko) * 2015-02-11 2016-08-30 주식회사 이베이코리아 온라인 웹사이트의 회원 로그인을 위한 보안인증 시스템 및 그 방법
US11526885B2 (en) * 2015-03-04 2022-12-13 Trusona, Inc. Systems and methods for user identification using graphical barcode and payment card authentication read data
SG11201708726PA (en) * 2015-03-26 2017-11-29 Einnovations Holdings Pte Ltd System and method for facilitating remittance
US9614845B2 (en) 2015-04-15 2017-04-04 Early Warning Services, Llc Anonymous authentication and remote wireless token access
CN104917766B (zh) * 2015-06-10 2018-01-05 飞天诚信科技股份有限公司 一种二维码安全认证方法
TWI603222B (zh) * 2015-08-06 2017-10-21 Chunghwa Telecom Co Ltd Trusted service opening method, system, device and computer program product on the internet
US9602284B1 (en) * 2015-09-11 2017-03-21 Bank Of America Corporation Secure offline authentication
US10084782B2 (en) 2015-09-21 2018-09-25 Early Warning Services, Llc Authenticator centralization and protection
US9800580B2 (en) * 2015-11-16 2017-10-24 Mastercard International Incorporated Systems and methods for authenticating an online user using a secure authorization server
US10503890B2 (en) * 2016-02-16 2019-12-10 Arizona Board Of Regents On Behalf Of Northern Arizona University Authentication of images extracted from unclonable objects
US10091007B2 (en) * 2016-04-04 2018-10-02 Mastercard International Incorporated Systems and methods for device to device authentication
US10771451B2 (en) 2016-09-13 2020-09-08 Queralt, Inc. Mobile authentication and registration for digital certificates
US11431509B2 (en) 2016-09-13 2022-08-30 Queralt, Inc. Bridging digital identity validation and verification with the FIDO authentication framework
US10887113B2 (en) * 2016-09-13 2021-01-05 Queralt, Inc. Mobile authentication interoperability for digital certificates
US11093940B2 (en) * 2016-10-13 2021-08-17 Mastercard International Incorporated Systems and methods for authenticating a user using private network credentials
FR3060818A1 (fr) * 2016-12-19 2018-06-22 Orange Securisation de transaction
US11233634B1 (en) 2017-06-23 2022-01-25 Wells Fargo Bank, N.A. Systems and methods for network authentication with a shared secret
SE542213C2 (en) 2017-07-21 2020-03-10 Identitrade Ab Method and system for creating a strong authentication for a user using a portable electronic device
NL2019698B1 (en) * 2017-10-10 2019-04-19 Morpho Bv Authentication of a person using a virtual identity card
WO2019081038A1 (fr) * 2017-10-27 2019-05-02 Telefonaktiebolaget Lm Ericsson (Publ) Fourniture à distance de code pin/puk personnalisé
US11184334B2 (en) * 2019-09-05 2021-11-23 Microsoft Technology Licensing, Llc Control of the delegated use of DID-related data
US20210204116A1 (en) 2019-12-31 2021-07-01 Payfone, Inc. Identity verification platform
CN111597539B (zh) * 2020-04-23 2023-04-25 维沃移动通信有限公司 一种身份认证方法、身份认证装置及电子设备
US11461754B2 (en) * 2020-08-26 2022-10-04 Ncr Corporation Isolated POS terminal connectivity
US12058528B2 (en) 2020-12-31 2024-08-06 Prove Identity, Inc. Identity network representation of communications device subscriber in a digital domain
CN114898510A (zh) * 2022-05-11 2022-08-12 中国矿业大学 一种金融密码获取方法、系统、金融设备及可存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001056352A2 (fr) * 2000-04-19 2001-08-09 Magicaxess Procede et dispositif de paiement electronique
FR2852471A1 (fr) * 2003-03-13 2004-09-17 France Telecom Dispositif d'authentification du type utilisant un mot de passe a usage unique et dispositif generateur de mot de passe associe
EP1840814A1 (fr) * 2006-03-17 2007-10-03 Hitachi Software Engineering Co., Ltd. Système de vérification
WO2009134213A2 (fr) * 2008-05-02 2009-11-05 Radiantrust Pte Ltd Procédé et système pour une authentification à l'écran à l'aide d'un message visuel secret
WO2010116109A1 (fr) * 2009-04-10 2010-10-14 Lynkware Procédé d'authentification auprès d'un serveur par un utilisateur d'un appareil mobile

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7114178B2 (en) * 2001-05-22 2006-09-26 Ericsson Inc. Security system
US7578436B1 (en) * 2004-11-08 2009-08-25 Pisafe, Inc. Method and apparatus for providing secure document distribution
US20090293112A1 (en) 2004-12-03 2009-11-26 Stephen James Moore On-line generation and authentication of items
US8024576B2 (en) * 2008-03-31 2011-09-20 International Business Machines Corporation Method and system for authenticating users with a one time password using an image reader
CN101436280B (zh) 2008-12-15 2012-09-05 北京华大智宝电子系统有限公司 实现移动终端电子支付的方法及系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001056352A2 (fr) * 2000-04-19 2001-08-09 Magicaxess Procede et dispositif de paiement electronique
FR2852471A1 (fr) * 2003-03-13 2004-09-17 France Telecom Dispositif d'authentification du type utilisant un mot de passe a usage unique et dispositif generateur de mot de passe associe
EP1840814A1 (fr) * 2006-03-17 2007-10-03 Hitachi Software Engineering Co., Ltd. Système de vérification
WO2009134213A2 (fr) * 2008-05-02 2009-11-05 Radiantrust Pte Ltd Procédé et système pour une authentification à l'écran à l'aide d'un message visuel secret
WO2010116109A1 (fr) * 2009-04-10 2010-10-14 Lynkware Procédé d'authentification auprès d'un serveur par un utilisateur d'un appareil mobile

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017021657A1 (fr) * 2015-08-04 2017-02-09 Skeyecode Procédé de sécurisation d'une transaction a partir d'un terminal non sécurise

Also Published As

Publication number Publication date
US9038196B2 (en) 2015-05-19
CN103109494A (zh) 2013-05-15
WO2011138558A2 (fr) 2011-11-10
RU2012152466A (ru) 2014-06-20
PH12012502192A1 (en) 2013-03-25
SG185449A1 (en) 2012-12-28
FR2959896B1 (fr) 2014-03-21
EP2567502A2 (fr) 2013-03-13
US20130133086A1 (en) 2013-05-23
WO2011138558A3 (fr) 2012-07-12

Similar Documents

Publication Publication Date Title
FR2959896A1 (fr) Procede d'authentification d'un utilisateur requerant une transaction avec un fournisseur de service
WO2007092366A3 (fr) Services d'authentification et de vérification pour fournisseurs indépendants utilisant des dispositifs mobiles
US10230727B2 (en) Method and system for authenticating a user
FI20065288A0 (fi) Autentikointi
US20170230351A1 (en) Method and system for authenticating a user
WO2009031159A3 (fr) Procédé et système pour authentification sécurisée
RU2013103723A (ru) Способы, сервер, устройство-получатель платежей, компьютерные программы и компьютерные программные продукты для установления связи
WO2012171568A8 (fr) Procédé et dispositif d'authentification des utilisateurs d'un terminal hybride
WO2010129254A3 (fr) Système et procédé comprenant une approbation indirecte
WO2012174427A3 (fr) Procédé et système de détermination de niveaux d'authentification dans des transactions
JP2009526328A5 (fr)
WO2010064128A3 (fr) Authentification de transaction sécurisée
WO2008028046A3 (fr) Système et procédé de collecte et vérification de données de carte de crédit
RU2008150844A (ru) Виртуализация взаимодействия с пользователем мобильного устройства
MY157746A (en) Interactive information processing and delivery system and methods thereof
WO2007083319A3 (fr) Procédé et système pour effectuer un paiement au moyen d'un dispositif de communication mobile
WO2011159483A3 (fr) Techniques de vérification de l'emplacement pour des services géodépendant
CN105191293A (zh) 广告下载验证
CN102624687A (zh) 基于移动终端的联网程序用户验证方法
EP1998530A3 (fr) Procédé et appareil de contrôle de dispositif par un service basé sur un réseau
WO2009054165A1 (fr) Procédé, serveur et programme d'authentification à l'ouverture d'une session
MX2010008366A (es) Redireccion de pago para transacciones en linea.
FR3053549B1 (fr) Procede d'authentification de donnees de paiement, dispositifs et programmes correspondants.
EP2257096A8 (fr) Procédé, système, serveur et programme informatique pour des services
WO2012128478A3 (fr) Système et procédé d'authentification sur base d'une image

Legal Events

Date Code Title Description
PLFP Fee payment

Year of fee payment: 6

CD Change of name or company name

Owner name: GOSWIFF FRANCE, FR

Effective date: 20150724

ST Notification of lapse

Effective date: 20170131