CN101163014A - Dynamic password identification authenticating system and method - Google Patents
Dynamic password identification authenticating system and method Download PDFInfo
- Publication number
- CN101163014A CN101163014A CNA2007101958554A CN200710195855A CN101163014A CN 101163014 A CN101163014 A CN 101163014A CN A2007101958554 A CNA2007101958554 A CN A2007101958554A CN 200710195855 A CN200710195855 A CN 200710195855A CN 101163014 A CN101163014 A CN 101163014A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- authentication
- terminal
- dynamic
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 239000011159 matrix material Substances 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 abstract description 5
- 238000007726 management method Methods 0.000 description 21
- 230000007246 mechanism Effects 0.000 description 14
- 230000003068 static effect Effects 0.000 description 5
- 230000002457 bidirectional effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012905 input function Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000005096 rolling process Methods 0.000 description 1
- 238000007790 scraping Methods 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a dynamic password authentication system and a method, wherein, the method includes five steps. Firstly, when authentication is carried out, the dynamic password authentication system prompts a user to enter a dynamic password; secondly, a terminal utilizes a built-in symmetric password algorithm to perform calculation in order to generate a dynamic password; thirdly, the dynamic password generated by the terminal is sent to the dynamic password authentication system; fourthly, the dynamic password authentication system locally calculates a dynamic password according to the same algorithm; fifthly, the dynamic passowrd sent by the client end is compared with the locally calculated dynamic passowrd, if consistent, the user passes the authentication, and if not consistent, the authentication is denied. The invention increases the security of user authentication.
Description
Technical Field
The invention relates to a security authentication technology, in particular to a dynamic password identity authentication system and a dynamic password identity authentication method.
Background
With the development of the network era, electronic commerce and other network-based applications are rolling around the world, and the problem of internet security is becoming more important. In recent years, people pay more and more attention to the security of network transactions due to the fact that banks steal numbers and other events. However, most networks adopt a static password technology to realize identity verification at present, the traditional authentication mode has many potential safety hazards, and information is easy to divulge a secret; is easy to guess and leak. Besides static passwords, there are several other authentication methods such as digital certificates, but all have different security problems, so that a more convenient and secure authentication method is needed to realize authentication.
Disclosure of Invention
In view of this, the present invention provides a dynamic password authentication system and method, which can more conveniently and safely authenticate the user.
Based on the above object, the present invention provides a dynamic password identity authentication method, which comprises:
when the identity is authenticated, the dynamic password identity authentication system prompts a user to input a dynamic password;
the terminal generates a dynamic password by utilizing a built-in symmetric cryptographic algorithm;
sending the dynamic password generated by the terminal to a dynamic password identity authentication system;
the dynamic password identity authentication system locally calculates the dynamic password according to the same algorithm; and comparing the dynamic password sent by the client with the dynamic password calculated locally, if the dynamic password is consistent with the dynamic password calculated locally, passing the authentication, and if the dynamic password is inconsistent with the dynamic password calculated locally, rejecting the authentication.
The method is that the terminal calculates the dynamic password through a telecommunication intelligent card.
The telecommunication intelligent card is a Personal Information Management (PIM) card or a Universal Subscriber Identity Module (USIM) card.
The method also comprises the following steps before the terminal generates the dynamic password: and the terminal prompts the user to input a personal identification number PIN, verifies whether the PIN value input by the user is correct or not, and if so, the terminal calculates the dynamic password.
The method also comprises the following steps before the terminal generates the dynamic password: the dynamic password identity authentication system provides a challenge number for a user; the terminal prompts the user to input the challenge number, and the terminal calculates the dynamic password response number according to the challenge number.
The challenge number is a number and is an abstract of at least one item of information from transaction amount, transfer-in and transfer-out account numbers, currency types, transaction identification codes and merchant codes.
The dynamic password is obtained by calculating through a symmetric cryptographic algorithm according to a unique secret key, a dynamic factor and personalized data agreed in advance by a terminal and a dynamic password identity authentication system.
The algorithm of the dynamic factor adopts an event-based or time-based mode.
The terminal of the method is loaded with one or more dynamic password pass information, and each pass can generate and display a plurality of unidirectional password sequences.
The encryption key of the method is stored by special safety hardware HSM, and the HSM has PIN protection.
Based on the above object, the present invention further provides a dynamic password authentication system, comprising:
the business service system is used for generating an authentication interface, prompting a user to input authentication information including a dynamic password and receiving the authentication information of the user;
the dynamic password authentication server is used for providing dynamic password authentication aiming at the unique identity of the user;
and the dynamic password identity authentication platform is connected with the authentication server and the service systems and is used for intensively storing the dynamic password registration information of the service systems and providing unified service and interface for the related services of the dynamic password.
The terminal which can be supported by the authentication management platform and the authentication server of the system comprises: one or more of a token, scratch card, matrix card, PIM, USIM card;
the supported authentication modes comprise: one or more of a single-factor dynamic password, a double-factor dynamic password, a message signature, a two-way authentication dynamic password, a matrix type dynamic password and a short message dynamic password.
The authentication server of the system is a time-based authentication server or an event-based authentication server.
The system also comprises a providing interface connected with the short message gateway, various access platforms and an authentication server.
From the above, the dynamic password authentication system and method provided by the invention skillfully utilize the terminal equipment of the user to calculate the dynamic password, and compare the dynamic password with the dynamic password calculated by the system side for verification, thereby greatly improving the security of the user identity authentication, being applicable to various industries and ensuring that the authentication of various industries can be realized at lower cost.
Drawings
Fig. 1 is a schematic structural diagram of an identity authentication system based on a Universal Subscriber Identity Module (USIM)/Personal Information Management (PIM) card dynamic password in an embodiment of the present invention.
FIG. 2 is a diagram of a dynamic password authentication platform according to an embodiment of the present invention;
FIG. 3 is a schematic diagram illustrating an authentication process based on USIM/PIM card dynamic password according to an embodiment of the present invention;
FIG. 4 is a diagram illustrating a dynamic password algorithm according to an embodiment of the present invention.
Detailed Description
The present invention now will be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments of the invention are shown.
The dynamic password identity authentication method mainly comprises the following steps:
a user inputs a Personal Identification Number (PIN) on a terminal, and then inputs a challenge number of the transaction provided by a service application system, and the terminal generates a calculated response number by utilizing a telecommunication intelligent card with built-in data such as a symmetric cryptographic algorithm, a secret key, a dynamic factor and the like according to the challenge number; the response number is sent to a dynamic password platform through a service system, and the dynamic password platform sends the response number to a dynamic password authentication server; the dynamic password authentication server system calculates a correct dynamic password according to the same algorithm and the terminal key information; comparing the two, if they are identical, passing authentication, if they are not identical, refusing this authentication.
The dynamic factor is a time or event variable, that is, the algorithm can adopt two modes of an event-based mode and a time-based mode.
The telecom smart card is a PIM card or a USIM card.
The challenge number is a number and can be obtained from the abstracts of information such as transaction amount, transfer-in and transfer-out account numbers, currency types, transaction identification codes, merchant codes and the like, and the abstracts are determined by a business service system.
The terminal is loaded with one or more dynamic password pass information, each pass can generate and display a series of one-way password sequences, and the password sequences generated by each pass are different;
the encryption key is stored via a dedicated hardware encryption module (HSM) that must be PIN protected.
The dynamic password identity authentication system of the embodiment of the invention mainly comprises:
the authentication management platform is connected with the authentication server through an interface;
an authentication server corresponding to the terminal to determine whether the authentication is passed;
and the business management system is provided with a special business service account and provides certain specific services for the user.
The system can support the authentication of various terminals on an authentication management platform and an authentication server, wherein the various terminals refer to tokens, scratch cards, PIMs (personal information management) or USIM (Universal subscriber identity modules), and the various authentication modes refer to single-factor dynamic passwords, double-factor dynamic passwords, message signatures, bidirectional authentication dynamic passwords, matrix dynamic passwords and short message dynamic passwords.
The system is characterized in that the authentication server can be a time-based authentication server or an event-based authentication server.
The system also comprises a providing interface connected with the short message gateway, and connected with each large access platform and the authentication server.
As shown in fig. 1, the structure of the dynamic password authentication system and terminal authentication based on PIM/USIM in the embodiment of the present invention mainly includes: a business service system 103, a dynamic password authentication server 105 and a dynamic password identity authentication platform 104, which authenticates the personal mobile terminal 101 terminal. Wherein,
the business service system 103 has a proprietary business service account and provides some specific services to the user.
The specific services refer to those services that the user needs to authenticate, for example, the service that the user needs to confirm identity when purchasing goods, for example, the service that the china telecom internet starry sky needs to confirm identity when purchasing gaming chips in order to protect the security of the user.
The terminal 101, a PHS terminal supporting PTK, and a USAT3G mobile phone terminal. The built-in dynamic password telecommunication smart card of the terminal is based on PTK/USAT technology of USIM card, realizes PTK/USAT application program, and provides user interface with the interaction of cell-phone. The dynamic password PTK/USAT application is loaded onto the card by the card manufacturer at the time of making the SIM card. The dynamic password loaded PIM/USIM card conforms to the product standard of the common PIM/USIM card. The authentication of the terminal 101 for different services carries one or more dynamic password pass information, each of which is capable of generating and displaying a plurality of one-way (i.e. non-reusable) password sequences (dynamic passwords).
The mobile phone also needs to support PIM-PS interface specification V2.0 of China fixed network and wireless terminal alliance. Wherein 2 and 3 items are determined according to the interface and the card of the final concrete implementation. No data messaging functionality is required.
1) The system must support the PIM-PS interface specification V2.0 of China fixed network and wireless terminal alliance, including the communication and short message functions of the mobile phone and the PIM card.
2) Sufficient space to install dynamic cryptographic applications and data, multiple DES, 3-DES key spaces. The reference space is 12-16 KB.
3) And the dynamic cryptographic algorithm is a safe running environment of source codes.
4) SIM PIN access method.
5)ISO-7816,vendor defined APDU
If the telecommunication smart card is a Java card, on the basis of the foregoing, the following should be supported: the SIM Toolkit standard of etsitgsm 03.19; JavaCard 2.1.1 or above version of the specification.
For the 3G USIM card, on the basis of the requirement of the PIM card, 3GPP TSTS 31.111 USIM Application Toolkit (USAT) should be supported, including communication and data short message functions between the mobile phone and the USIM card.
And the OTA platform 106 downloads the pass through by the OTA platform of the telecommunication.
The dynamic password identity authentication platform 104 is arranged between the business service systems 103 and the dynamic password authentication server 105, and is used for storing the dynamic password registration information of the business service systems 103 in a centralized manner and providing unified services and interfaces for dynamic password related services.
As shown in fig. 2, the dynamic password identity authentication platform has four main functional modules: the system comprises a control service module 203, a platform management maintenance module 201, a statistical form generation module 202, a customer support system interface providing module 204 and a database. The telecommunication service and the SP are connected to the platform through the interface to complete authentication. Platform management personnel manage the platform and customer personnel access through a customer support system interface. The in-platform control service module 203 issues the short message password through the OTA platform 106 to complete authentication. The functions of the modules are as follows:
the control service module 203 provides external port service, and the service system integrates and calls a corresponding interface to realize a dynamic password service function. The main work comprises the following steps: establishing a safe connection with a communication client to allow the client to access; for the user registration management request, judging the validity of the information, and storing and inquiring or modifying the information; and interacting with a dynamic password server; for the dynamic password authentication and security management request, judging whether the registration state of the user is legal or not, and further forwarding the registration state to a dynamic password server; replying the processing result to the client; recording a transaction log and providing audit data for the system; integrating with a short message gateway interface to process downlink and uplink short messages; receiving a request of a service provider for sending a downlink dynamic password pass and a transaction downloading function short message, and sending a downlink short message; and receiving the uplink short message, and interactively verifying whether the signature short message is successful with the dynamic password authentication server and the service system.
The platform management and maintenance module 201 provides the management and maintenance functions of the platform itself, including: configuring system parameters; management of clients allowed access; the management of the operator comprises operator role, authority management and affiliated organization management; and managing the log.
And the statistical report generation module 202 is used for generating a required dynamic password service statistical report.
In addition, for the registration and security management of the dynamic password, a set of management pages need to be provided for a business hall or a telephone service staff, and the service staff checks the identity of the user and provides services for the user. The client support system interface providing module 204 mainly functions including: providing an HTML access interface; a customer service operator logs in/out of the system interface; providing a registration management interface; providing a query interface; a dynamic password security management interface is provided.
A database: the method comprises the steps of storing authentication information of a user, including basic information of the user, binding information of an account number of a business service system and the user, dynamic password terminal equipment information, and binding information of the dynamic password terminal information and the user, and in addition, storing operation information of a platform in a database, for example: operator information, operation log information, and the like.
The dynamic password authentication server 105 provides dynamic password authentication for the unique identity of the user, which is independent of the business service system 103.
For example, the following authentication modes can be realized: the password comprises a single-factor dynamic password, a double-factor dynamic password, a message signature, a bidirectional authentication dynamic password, a matrix type dynamic password and a short message dynamic password.
A one-factor dynamic password is one that can be generated without PIN protection on the terminal. This function must be used in conjunction with static password authentication.
The two-factor dynamic password is that the PIN protection is arranged on the terminal, and the user needs to input the correct terminal PIN to generate the dynamic password.
Only terminals with input digital functions can support this function, such as SIM card terminals; this functionality is typically used with static password authentication of the application service system.
The user needs to input a correct PIN on the terminal, and then input the Challenge number of the transaction provided by the service application system, and the terminal generates a Response number calculated according to the Challenge number. This functionality is typically used with static password authentication of the application service system; the transaction information can be prevented from being tampered.
Bidirectional authentication means that a user can authenticate a server, and then the server authenticates the user. The bidirectional authentication dynamic password is a server authentication code which is displayed on the terminal and is changed once, the server firstly displays the server authentication code of the authentication, and the user submits the dynamic password of the user authentication after the user is compared with the server authentication code on the terminal without errors. Mainly aims at low-cost terminals which can not realize the message signature function without the input function, namely scratch cards and single-factor tokens.
The matrix type dynamic password is special, can only be used for scraping a terminal carrier such as a scratch card, and is not a one-time password but can be reused although the dynamic password is also dynamic. During authentication, a server randomly generates challenges of the authentication, namely a plurality of sets of coordinate combinations, a user finds out corresponding password factors on the card and scrapes the password factors, and the password factors are combined into a complete transaction password according to the sequence of coordinate prompt for authentication.
The short message dynamic password is that the dynamic password is generated by the server side during each transaction and is sent to the mobile phone of the user through the short message; the user inputs the webpage to submit after receiving the webpage.
In the authentication process, a user holds a terminal 101 provided with a PIM/USIM card, when the user logs in a business service system 103 at a client through a communication network for transaction, the business service system 103 displays a transaction challenge number and requires the user to provide a dynamic password for identity authentication. The user operates the terminal 101 to enter the dynamic password menu, the terminal 101 requires the user to input a PIN code for verification, if the PIN is correct, the dynamic password function of the terminal 101 is entered, the transaction challenge number displayed by the business service system 103 is input to generate a dynamic password, and the user submits the dynamic password generated by the terminal to the business service system 103. The service system 103 sends the authentication information to the dynamic password identity authentication platform 104, the dynamic password identity authentication platform 104 checks whether the user information is a legal user, and then sends the authentication information to the dynamic password authentication server 105 for authentication; the dynamic password authentication server 105 calculates the dynamic password and compares whether the dynamic password is consistent with the dynamic password of the terminal, then returns the information whether the authentication is successful to the dynamic password identity authentication platform 104, and the dynamic password identity authentication platform 104 returns the information to the service system 103, thereby providing the information whether the authentication is passed.
The flow of the dynamic password identity authentication method based on the USIM/PIM card in the embodiment of the invention is shown in FIG. 3, and comprises the following steps. In the embodiment, a client side is provided with a dynamic password terminal with a built-in USIM/PIM card and client equipment such as a PC.
In the above steps 301 to 304, the PIN value and the challenge number are both set to ensure that the authentication is safer, and the terminal may also enter the dynamic password menu only by the user without requiring the user to input the PIN value and the challenge number, and the terminal generates a dynamic password according to a built-in algorithm.
And 307, judging that the authentication is successful, and returning the information of the successful authentication of the terminal.
In the above-mentioned process, the calculation of the dynamic password is shown in fig. 4, and during the calculation, the terminal and the dynamic password authentication server use a symmetric algorithm to calculate the unique key, the dynamic factor and the personalized data of the dynamic password terminal respectively, so as to obtain a consistent dynamic password. The unique key is used for distinguishing each dynamic password terminal, the key is different for any two terminals in the system, the dynamic factor is used for controlling the terminal to generate different passwords each time, and the personalized data is used for controlling the display mode of the dynamic passwords, such as the password length and the like. The key is stored via dedicated secure hardware HSM, which is PIN protected. The calculation of the dynamic password is shown in figure 4, during calculation, the terminal and the dynamic password authentication server use a symmetric algorithm, the DES and 3DES encryption algorithms are used in the algorithm, during authentication, the terminal and the dynamic password authentication server respectively calculate the unique key, the dynamic factor and the personalized data of the dynamic password terminal, and when the same dynamic password is obtained, the authentication is correct.
The dynamic factor can be used by a time mechanism and an event mechanism.
The time mechanism dynamic password is called by adopting a time mechanism dynamic factor, and the event mechanism dynamic password is called by adopting an event mechanism dynamic factor.
The time mechanism dynamic password terminal takes the current clock on the chip as a dynamic factor, runs the same algorithm every time to generate a string of digital passwords, and obtains different passwords every time due to different time, wherein the password is usually changed by 60 seconds.
The event mechanism dynamic password terminal stores a password counter on a chip of the event mechanism dynamic password terminal, and the counter is increased after the same algorithm is operated to generate a digital password every time, so that different passwords are obtained every time.
When the dynamic password terminal leaves a factory, the dynamic password terminal can be synchronized with the server, the time mechanism product can synchronize a clock on the terminal with the clock on the server, and the event mechanism product can synchronize a counter on the terminal with a counter recorded on the server.
In the used program, there is a synchronization mechanism for the dynamic password of both the time mechanism and the event mechanism to ensure the dynamic factors on the terminal and the server to keep synchronous.
The description of the present invention has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the invention in the form disclosed. Many modifications and variations will be apparent to practitioners skilled in this art. The embodiment was chosen and described in order to best explain the principles of the invention and the practical application, and to enable others of ordinary skill in the art to understand the invention for various embodiments with various modifications as are suited to the particular use contemplated.
Claims (14)
1. A dynamic password identity authentication method, comprising:
when the identity is authenticated, the dynamic password identity authentication system prompts a user to input a dynamic password;
the terminal generates a dynamic password by utilizing a built-in symmetric cryptographic algorithm;
sending the dynamic password generated by the terminal to a dynamic password identity authentication system;
the dynamic password identity authentication system locally calculates the dynamic password according to the same algorithm; and comparing the dynamic password sent by the client with the dynamic password calculated locally, if the dynamic password is consistent with the dynamic password calculated locally, passing the authentication, and if the dynamic password is inconsistent with the dynamic password calculated locally, rejecting the authentication.
2. Method according to claim 1, characterized in that the terminal calculates the dynamic password by means of a telecommunication smart card.
3. The method of claim 2, wherein the telecommunications smart card is a Personal Information Management (PIM) card or a Universal Subscriber Identity Module (USIM) card.
4. The method of claim 3, wherein before the terminal generates the dynamic password, further comprising: and the terminal prompts the user to input a personal identification number PIN, verifies whether the PIN value input by the user is correct or not, and if so, the terminal calculates the dynamic password.
5. The method according to any of claims 1 to 4, wherein before the terminal generates the dynamic password, further comprising: the dynamic password identity authentication system provides a challenge number for a user; the terminal prompts the user to input the challenge number, and the terminal calculates the dynamic password response number according to the challenge number.
6. The method of claim 5, wherein the challenge number is a number derived from a summary of at least one of the transaction amount, the transfer-in and transfer-out account numbers, the currency type, the transaction identification number, and the merchant code.
7. The method as claimed in claim 1, wherein the dynamic password is calculated by a symmetric cryptographic algorithm according to a unique key, a dynamic factor and personalized data agreed in advance by the terminal and the dynamic password identity authentication system.
8. The method of claim 7, wherein the algorithm for the dynamic factor is in an event-based or time-based manner.
9. The method of claim 7, wherein the terminal carries one or more dynamic password pass messages, each pass being capable of generating and displaying a plurality of one-way password sequences.
10. The method of claim 7, wherein said encryption key is stored via a dedicated secure hardware HSM, the HSM being PIN protected.
11. A dynamic password identity authentication system, comprising:
the business service system is used for generating an authentication interface, prompting a user to input authentication information including a dynamic password and receiving the authentication information of the user;
the dynamic password authentication server is used for providing dynamic password authentication aiming at the unique identity of the user;
and the dynamic password identity authentication platform is connected with the authentication server and the service systems and is used for intensively storing the dynamic password registration information of the service systems and providing unified service and interface for the related services of the dynamic password.
12. The system of claim 11, wherein the terminals that the authentication management platform and the authentication server can support include: one or more of a token, scratch card, matrix card, PIM, USIM card;
the supported authentication modes comprise: one or more of a single-factor dynamic password, a double-factor dynamic password, a message signature, a two-way authentication dynamic password, a matrix type dynamic password and a short message dynamic password.
13. The system of claim 11, wherein the authentication server is a time-based authentication server or an event-based authentication server.
14. The system of claim 11, further comprising a provisioning interface coupled to the short message gateway and to the various access platforms, authentication servers.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101958554A CN101163014A (en) | 2007-11-30 | 2007-11-30 | Dynamic password identification authenticating system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007101958554A CN101163014A (en) | 2007-11-30 | 2007-11-30 | Dynamic password identification authenticating system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101163014A true CN101163014A (en) | 2008-04-16 |
Family
ID=39297852
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101958554A Pending CN101163014A (en) | 2007-11-30 | 2007-11-30 | Dynamic password identification authenticating system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101163014A (en) |
Cited By (48)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101304316B (en) * | 2008-06-30 | 2010-11-03 | 北京飞天诚信科技有限公司 | Method for improving identification authentication security based on password card |
| CN101931657A (en) * | 2009-06-23 | 2010-12-29 | 思科技术公司 | The counterfeit prevention strategy that is used for pluggable modules |
| CN102013975A (en) * | 2010-06-29 | 2011-04-13 | 北京飞天诚信科技有限公司 | Secret key management method and system |
| CN102148837A (en) * | 2011-05-11 | 2011-08-10 | 上海时代亿信信息科技有限公司 | Bidirectional authentication method and system for dynamic token |
| CN102158488A (en) * | 2011-04-06 | 2011-08-17 | 北京天地融科技有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN101582764B (en) * | 2009-04-02 | 2011-08-17 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
| CN102281137A (en) * | 2010-06-12 | 2011-12-14 | 杭州驭强科技有限公司 | Dynamic password authentication method of mutual-authentication challenge response mechanism |
| CN102299922A (en) * | 2011-08-08 | 2011-12-28 | 张忠义 | User registration method through mobile phone registration and identity verification in Internet |
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
| CN101674284B (en) * | 2008-09-08 | 2012-12-19 | 联想(北京)有限公司 | Authentication method and system, user side server and authentication server |
| WO2013075380A1 (en) * | 2011-11-24 | 2013-05-30 | 飞天诚信科技股份有限公司 | Dynamic password authentication method and system |
| CN103312519A (en) * | 2013-07-05 | 2013-09-18 | 飞天诚信科技股份有限公司 | Dynamic password device and working method thereof |
| CN103441856A (en) * | 2013-09-06 | 2013-12-11 | 北京握奇智能科技有限公司 | Dynamic password authentication method and device |
| CN103475658A (en) * | 2011-04-06 | 2013-12-25 | 天地融科技股份有限公司 | Dynamic password generating method and device and authentication method and system |
| CN103903315A (en) * | 2012-12-26 | 2014-07-02 | 东莞市立旺电子塑胶有限公司 | Dynamic electronic lock and dynamic electronic lock software |
| CN103902880A (en) * | 2014-03-31 | 2014-07-02 | 上海动联信息技术股份有限公司 | Windows system two-factor authentication method based on challenge responding type dynamic passwords |
| CN103916249A (en) * | 2014-04-25 | 2014-07-09 | 长沙市梦马软件有限公司 | Dynamic password generating method and system |
| CN103946881A (en) * | 2011-11-17 | 2014-07-23 | 德国邮政股份公司 | Electronic transaction method |
| CN103957104A (en) * | 2014-04-22 | 2014-07-30 | 交通银行股份有限公司 | Dynamic token anti-phishing method and device |
| CN104036392A (en) * | 2014-06-25 | 2014-09-10 | Tcl集团股份有限公司 | Network payment method and device |
| CN104065479A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Key generation method and system and key distribution method and system based on group |
| CN104079413A (en) * | 2014-07-14 | 2014-10-01 | 上海众人科技有限公司 | Enhancement type one-time dynamic password authentication method and system |
| CN104079407A (en) * | 2013-03-29 | 2014-10-01 | 北京千橡网景科技发展有限公司 | Token generation and verification method and device |
| WO2014201830A1 (en) * | 2013-06-20 | 2014-12-24 | Tencent Technology (Shenzhen) Company Limited | Method and device for detecting software-tampering |
| CN104378206A (en) * | 2014-10-20 | 2015-02-25 | 中国科学院信息工程研究所 | Virtualization desktop safety certification method and system based on USB-Key |
| CN104579649A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Identity recognition method and system |
| CN104618104A (en) * | 2014-12-15 | 2015-05-13 | 惠州Tcl移动通信有限公司 | Accessory, electronic equipment and accessory authentication implementation system |
| CN104751044A (en) * | 2013-12-31 | 2015-07-01 | 环达电脑(上海)有限公司 | Dynamic password identity authentication system and method |
| CN105094004A (en) * | 2014-05-12 | 2015-11-25 | 罗伯特·博世有限公司 | Method for operating a control unit |
| CN105450400A (en) * | 2014-06-03 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Identity verification method, client, server side, and system |
| CN105530094A (en) * | 2014-09-28 | 2016-04-27 | 中国移动通信集团公司 | An identity authentication method, device, system and cipher |
| WO2016107332A1 (en) * | 2014-12-30 | 2016-07-07 | 飞天诚信科技股份有限公司 | Card-based dynamic password generation method and device |
| CN105991293A (en) * | 2016-07-26 | 2016-10-05 | 努比亚技术有限公司 | Verification method and verification device |
| CN106533895A (en) * | 2015-09-11 | 2017-03-22 | 北大方正集团有限公司 | Password-based instant communication method and system |
| CN106817217A (en) * | 2017-01-22 | 2017-06-09 | 石家庄科林电气股份有限公司 | A kind of dynamic password AES of interrupted aging |
| CN107210918A (en) * | 2015-02-17 | 2017-09-26 | 维萨国际服务协会 | Use the token and password of transaction-specific information |
| CN107332819A (en) * | 2017-05-25 | 2017-11-07 | 苏州科达科技股份有限公司 | A kind of method for authenticating and device for conference system |
| CN107959670A (en) * | 2017-11-06 | 2018-04-24 | 北京明华联盟科技有限公司 | A kind of generation method of dynamic password, device, terminal device and storage medium |
| CN107979472A (en) * | 2017-12-01 | 2018-05-01 | 江苏乐希科技有限公司 | A kind of coding lock system and authentication method |
| WO2018108062A1 (en) * | 2016-12-15 | 2018-06-21 | 腾讯科技(深圳)有限公司 | Method and device for identity verification, and storage medium |
| CN108769021A (en) * | 2018-05-28 | 2018-11-06 | 徐州徐工挖掘机械有限公司 | A kind of dynamic password control method suitable for excavator |
| CN109075965A (en) * | 2015-12-30 | 2018-12-21 | 欧尼斯潘国际有限公司 | Use the mthods, systems and devices for the forward secrecy cryptographic technique that password code is verified |
| CN109586923A (en) * | 2018-12-20 | 2019-04-05 | 武汉璞华大数据技术有限公司 | Single time password offline authentication method and device |
| CN110121010A (en) * | 2019-05-13 | 2019-08-13 | 重庆天蓬网络有限公司 | One key outgoing call implementation method, terminal, medium and electronic equipment |
| CN111275858A (en) * | 2020-01-22 | 2020-06-12 | 广东快车科技股份有限公司 | Credit granting method and system for voiceprint recognition |
| CN112134885A (en) * | 2020-09-23 | 2020-12-25 | 国网江苏省电力有限公司泰州供电分公司 | A method and system for encryption of Internet terminal access |
-
2007
- 2007-11-30 CN CNA2007101958554A patent/CN101163014A/en active Pending
Cited By (72)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101304316B (en) * | 2008-06-30 | 2010-11-03 | 北京飞天诚信科技有限公司 | Method for improving identification authentication security based on password card |
| CN101674284B (en) * | 2008-09-08 | 2012-12-19 | 联想(北京)有限公司 | Authentication method and system, user side server and authentication server |
| CN101582764B (en) * | 2009-04-02 | 2011-08-17 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
| CN101931657A (en) * | 2009-06-23 | 2010-12-29 | 思科技术公司 | The counterfeit prevention strategy that is used for pluggable modules |
| CN101931657B (en) * | 2009-06-23 | 2016-03-09 | 思科技术公司 | For the counterfeit prevention strategy of pluggable modules |
| US8769654B2 (en) | 2009-06-23 | 2014-07-01 | Cisco Technology, Inc. | Counterfeit prevention strategy for pluggable modules |
| CN102281137A (en) * | 2010-06-12 | 2011-12-14 | 杭州驭强科技有限公司 | Dynamic password authentication method of mutual-authentication challenge response mechanism |
| CN102013975B (en) * | 2010-06-29 | 2012-06-27 | 飞天诚信科技股份有限公司 | Secret key management method and system |
| CN102013975A (en) * | 2010-06-29 | 2011-04-13 | 北京飞天诚信科技有限公司 | Secret key management method and system |
| CN103475658A (en) * | 2011-04-06 | 2013-12-25 | 天地融科技股份有限公司 | Dynamic password generating method and device and authentication method and system |
| CN102158488A (en) * | 2011-04-06 | 2011-08-17 | 北京天地融科技有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN102158488B (en) * | 2011-04-06 | 2014-03-12 | 天地融科技股份有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
| CN102148837A (en) * | 2011-05-11 | 2011-08-10 | 上海时代亿信信息科技有限公司 | Bidirectional authentication method and system for dynamic token |
| CN102299922A (en) * | 2011-08-08 | 2011-12-28 | 张忠义 | User registration method through mobile phone registration and identity verification in Internet |
| CN103946881A (en) * | 2011-11-17 | 2014-07-23 | 德国邮政股份公司 | Electronic transaction method |
| WO2013075380A1 (en) * | 2011-11-24 | 2013-05-30 | 飞天诚信科技股份有限公司 | Dynamic password authentication method and system |
| US9386013B2 (en) | 2011-11-24 | 2016-07-05 | Feitian Technologies Co., Ltd. | Dynamic password authentication method and system thereof |
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| CN103903315A (en) * | 2012-12-26 | 2014-07-02 | 东莞市立旺电子塑胶有限公司 | Dynamic electronic lock and dynamic electronic lock software |
| CN104079407A (en) * | 2013-03-29 | 2014-10-01 | 北京千橡网景科技发展有限公司 | Token generation and verification method and device |
| WO2014201830A1 (en) * | 2013-06-20 | 2014-12-24 | Tencent Technology (Shenzhen) Company Limited | Method and device for detecting software-tampering |
| US9607147B2 (en) | 2013-06-20 | 2017-03-28 | Tencent Technology (Shenzhen) Company Limited | Method and device for detecting software-tampering |
| CN103312519B (en) * | 2013-07-05 | 2016-08-24 | 飞天诚信科技股份有限公司 | A kind of dynamic password device and method of work thereof |
| CN103312519A (en) * | 2013-07-05 | 2013-09-18 | 飞天诚信科技股份有限公司 | Dynamic password device and working method thereof |
| CN103441856A (en) * | 2013-09-06 | 2013-12-11 | 北京握奇智能科技有限公司 | Dynamic password authentication method and device |
| CN104579649B (en) * | 2013-10-28 | 2019-01-11 | 腾讯科技(深圳)有限公司 | Personal identification method and system |
| CN104579649A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Identity recognition method and system |
| WO2015062461A1 (en) * | 2013-10-28 | 2015-05-07 | Tencent Technology (Shenzhen) Company Limited | Method and system for verifying user identity of an online application |
| CN104751044A (en) * | 2013-12-31 | 2015-07-01 | 环达电脑(上海)有限公司 | Dynamic password identity authentication system and method |
| CN103902880A (en) * | 2014-03-31 | 2014-07-02 | 上海动联信息技术股份有限公司 | Windows system two-factor authentication method based on challenge responding type dynamic passwords |
| CN103957104A (en) * | 2014-04-22 | 2014-07-30 | 交通银行股份有限公司 | Dynamic token anti-phishing method and device |
| CN103916249A (en) * | 2014-04-25 | 2014-07-09 | 长沙市梦马软件有限公司 | Dynamic password generating method and system |
| CN105094004B (en) * | 2014-05-12 | 2020-10-13 | 罗伯特·博世有限公司 | Method for operating a control device |
| CN105094004A (en) * | 2014-05-12 | 2015-11-25 | 罗伯特·博世有限公司 | Method for operating a control unit |
| CN105450400A (en) * | 2014-06-03 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Identity verification method, client, server side, and system |
| CN105450400B (en) * | 2014-06-03 | 2019-12-13 | 阿里巴巴集团控股有限公司 | Identity verification method, client, server and system |
| CN104036392A (en) * | 2014-06-25 | 2014-09-10 | Tcl集团股份有限公司 | Network payment method and device |
| CN104065479A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Key generation method and system and key distribution method and system based on group |
| CN104079413A (en) * | 2014-07-14 | 2014-10-01 | 上海众人科技有限公司 | Enhancement type one-time dynamic password authentication method and system |
| CN105530094B (en) * | 2014-09-28 | 2019-04-23 | 中国移动通信集团公司 | An identity authentication method, device, system and cryptographic device |
| CN105530094A (en) * | 2014-09-28 | 2016-04-27 | 中国移动通信集团公司 | An identity authentication method, device, system and cipher |
| CN104378206A (en) * | 2014-10-20 | 2015-02-25 | 中国科学院信息工程研究所 | Virtualization desktop safety certification method and system based on USB-Key |
| CN104378206B (en) * | 2014-10-20 | 2017-09-12 | 中国科学院信息工程研究所 | A USB-Key-based virtual desktop security authentication method and system |
| CN104618104B (en) * | 2014-12-15 | 2019-11-29 | 惠州Tcl移动通信有限公司 | Accessory, electronic equipment and the system for realizing accessory certification |
| CN104618104A (en) * | 2014-12-15 | 2015-05-13 | 惠州Tcl移动通信有限公司 | Accessory, electronic equipment and accessory authentication implementation system |
| WO2016107332A1 (en) * | 2014-12-30 | 2016-07-07 | 飞天诚信科技股份有限公司 | Card-based dynamic password generation method and device |
| CN107210918B (en) * | 2015-02-17 | 2021-07-27 | 维萨国际服务协会 | Apparatus and method for transaction processing using token and password based on transaction specific information |
| CN107210918A (en) * | 2015-02-17 | 2017-09-26 | 维萨国际服务协会 | Use the token and password of transaction-specific information |
| US11943231B2 (en) | 2015-02-17 | 2024-03-26 | Visa International Service Association | Token and cryptogram using transaction specific information |
| US11068895B2 (en) | 2015-02-17 | 2021-07-20 | Visa International Service Association | Token and cryptogram using transaction specific information |
| CN106533895B (en) * | 2015-09-11 | 2019-04-30 | 北大方正集团有限公司 | Password-based instant messaging method and system |
| CN106533895A (en) * | 2015-09-11 | 2017-03-22 | 北大方正集团有限公司 | Password-based instant communication method and system |
| CN109075965A (en) * | 2015-12-30 | 2018-12-21 | 欧尼斯潘国际有限公司 | Use the mthods, systems and devices for the forward secrecy cryptographic technique that password code is verified |
| CN109075965B (en) * | 2015-12-30 | 2022-02-15 | 万思伴国际有限公司 | Method, system and apparatus for forward secure cryptography using passcode authentication |
| CN105991293A (en) * | 2016-07-26 | 2016-10-05 | 努比亚技术有限公司 | Verification method and verification device |
| CN105991293B (en) * | 2016-07-26 | 2019-10-08 | 努比亚技术有限公司 | A kind of method of calibration and device |
| WO2018108062A1 (en) * | 2016-12-15 | 2018-06-21 | 腾讯科技(深圳)有限公司 | Method and device for identity verification, and storage medium |
| CN106817217A (en) * | 2017-01-22 | 2017-06-09 | 石家庄科林电气股份有限公司 | A kind of dynamic password AES of interrupted aging |
| CN106817217B (en) * | 2017-01-22 | 2019-06-28 | 石家庄科林电气股份有限公司 | A kind of dynamic password Encryption Algorithm of interrupted aging |
| CN107332819A (en) * | 2017-05-25 | 2017-11-07 | 苏州科达科技股份有限公司 | A kind of method for authenticating and device for conference system |
| CN107959670A (en) * | 2017-11-06 | 2018-04-24 | 北京明华联盟科技有限公司 | A kind of generation method of dynamic password, device, terminal device and storage medium |
| CN107959670B (en) * | 2017-11-06 | 2020-12-18 | 北京明华联盟科技有限公司 | A method, device, terminal device and storage medium for generating a dynamic password |
| CN107979472A (en) * | 2017-12-01 | 2018-05-01 | 江苏乐希科技有限公司 | A kind of coding lock system and authentication method |
| CN108769021B (en) * | 2018-05-28 | 2021-06-04 | 徐州徐工挖掘机械有限公司 | Dynamic password control method suitable for excavator |
| CN108769021A (en) * | 2018-05-28 | 2018-11-06 | 徐州徐工挖掘机械有限公司 | A kind of dynamic password control method suitable for excavator |
| CN109586923A (en) * | 2018-12-20 | 2019-04-05 | 武汉璞华大数据技术有限公司 | Single time password offline authentication method and device |
| CN110121010A (en) * | 2019-05-13 | 2019-08-13 | 重庆天蓬网络有限公司 | One key outgoing call implementation method, terminal, medium and electronic equipment |
| CN111275858A (en) * | 2020-01-22 | 2020-06-12 | 广东快车科技股份有限公司 | Credit granting method and system for voiceprint recognition |
| CN111275858B (en) * | 2020-01-22 | 2022-07-01 | 广东快车科技股份有限公司 | Credit method and system for voiceprint recognition |
| CN112134885A (en) * | 2020-09-23 | 2020-12-25 | 国网江苏省电力有限公司泰州供电分公司 | A method and system for encryption of Internet terminal access |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101163014A (en) | Dynamic password identification authenticating system and method | |
| EP1833219B1 (en) | Methods, apparatus and software for using a token to calculate time-limited password within cellular telephone | |
| CN101582762B (en) | Method and system for identity authentication based on dynamic password | |
| EP1829281B1 (en) | Authentication device and/or method | |
| US8369833B2 (en) | Systems and methods for providing authentication and authorization utilizing a personal wireless communication device | |
| CN101414909B (en) | Network application user authentication system, method and mobile communication terminal | |
| CN101582764B (en) | Method and system for identity authentication based on dynamic password | |
| CN102088353B (en) | Two-factor authentication method and system based on mobile terminal | |
| Harini et al. | 2CAuth: A new two factor authentication scheme using QR-code | |
| US9344896B2 (en) | Method and system for delivering a command to a mobile device | |
| US10382954B2 (en) | System and method for providing a service to the user of a mobile terminal | |
| CN101252435B (en) | Method for realizing dynamic password generation and judge on smart card | |
| US20060095290A1 (en) | System and method for authenticating users for secure mobile electronic gaming | |
| CN106991317A (en) | Safe verification method, platform, device and system | |
| WO2015042668A2 (en) | Mobile authentication method and system for providing authenticated access to internet-supported services and applications | |
| US11403633B2 (en) | Method for sending digital information | |
| EP2027668A2 (en) | Authentication methods and systems | |
| CN104541475A (en) | Abstracted and randomized one-time passwords for transactional authentication | |
| UA113415C2 (en) | METHOD, SERVER AND PERSONAL AUTHENTICATION SYSTEM | |
| WO2004049621A1 (en) | Authentication and identification system and transactions using such an authentication and identification system | |
| CN104584479B (en) | The method that safety service is provided using CyberID | |
| CN101931530A (en) | Generation method, authentication method and device for dynamic password and network system | |
| KR101617452B1 (en) | Method for Settling On-Line using One-Time Password | |
| Rajarajan | Novel framework for secure mobile financial services | |
| WO2015133975A1 (en) | A method for prepaid mobile phone top-up and a system performing thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080416 |