[go: up one dir, main page]

DE20014381U1 - Authentication device - Google Patents

Authentication device

Info

Publication number
DE20014381U1
DE20014381U1 DE20014381U DE20014381U DE20014381U1 DE 20014381 U1 DE20014381 U1 DE 20014381U1 DE 20014381 U DE20014381 U DE 20014381U DE 20014381 U DE20014381 U DE 20014381U DE 20014381 U1 DE20014381 U1 DE 20014381U1
Authority
DE
Germany
Prior art keywords
user
access
pin
access code
mobile phone
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE20014381U
Other languages
German (de)
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
RENT A BRAIN GmbH
Original Assignee
RENT A BRAIN GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by RENT A BRAIN GmbH filed Critical RENT A BRAIN GmbH
Priority to DE20014381U priority Critical patent/DE20014381U1/en
Publication of DE20014381U1 publication Critical patent/DE20014381U1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/313User authentication using a call-back technique via a telephone network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • G06Q20/3255Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Description

BESCHREIBUNGDESCRIPTION

Vorrichtung zur LegitimationsprüfungDevice for legitimacy verification

1 Einsatzgebiet1 Area of application

Es handelt sich um eine neuartige Legitimationsvorrichtung zum Beispiel für die Gewährung des Zugangs zu gesicherten Einrichtungen, welche einen erhöhten Sicherheitsstandard erfordern. Durch die Vorrichtung zur Prüfung der Zugangsberechtigung sollen ausschließlich hochsensible Bereiche innerhalb eines Systems geschützt werden.It is a new type of authentication device, for example for granting access to secured facilities that require a higher security standard. The device for checking access authorization is intended to protect only highly sensitive areas within a system.

2 Derzeitiger Stand der Technik:2 Current state of the art:

Bisherige Legitimationsvorrichtungen basieren auf dem PIN / TAN - Verfahren oder auf sogenannten Smartcards. Diese Vorrichtungen konnten sich in der Vergangenheit durchsetzen, jedoch besitzen beide Legitimatiovorrichtungen technische Unzulänglichkeiten.Previous identification devices are based on the PIN/TAN procedure or on so-called smart cards. These devices have been successful in the past, but both identification devices have technical deficiencies.

PIN ist eine persönliche Identifikationsnummer, welche dem Benutzer eines Systems dauerhaft zugewiesen wird. Die Übermittlung der Nummer erfolgt in der Regel in schriftlich fixierter Form. Diese dauerhafte Form der Zugangsberechtigung birgt einige Risiken. Es besteht die Möglichkeit, dass durch die Versendung der PIN oder durch fahrlässiges Verhalten seitens des Benutzers die PIN - Nummer einer dritten Person zugänglich wird. Erfolgt nicht sogleich eine Sperrung dieser PIN ist ein Missbrauch nicht vermeidbar. Weiterhin erhöht sich mit dem dauerhaften Bestehen der PIN das Risiko ihrer Entschlüsselung.PIN is a personal identification number that is permanently assigned to the user of a system. The number is usually transmitted in written form. This permanent form of access authorization involves some risks. It is possible that the PIN number may become accessible to a third party if the PIN is sent or if the user is negligent. If this PIN is not blocked immediately, misuse cannot be avoided. Furthermore, the permanent existence of the PIN increases the risk of it being decrypted.

TAN ist eine von vielen persönlichen Transaktionsnummern, welche jeweils nur für eine Transaktion benutzt werden kann. Die Gültigkeit einer TAN reicht von ihrer Erstellung bis zu ihrer Anwendung durch den Benutzer, das heißt der Zeitraum ihrer Gültigkeit hängt von ihrem Einsatz durch den Benutzer ab. TANs werden ebenso wie PINs in schriftlich fixierter Form auf dem Postweg versendet. Auch hier kann die TAN bei der Versendung oder durch fahrlässiges Verhalten seitens des Benutzers in die Hände Dritter gelangen. TANs sind zwar nicht dauerhaft gültig, jedoch sind sie auf Seiten des Dienstanbieters hinterlegt. Dadurch ist ein Missbrauch durch Mitarbeiter möglich.TAN is one of many personal transaction numbers that can only be used for one transaction. The validity of a TAN ranges from its creation to its application by the user, i.e. the period of its validity depends on its use by the user. TANs, like PINs, are sent by post in written form. Here too, the TAN can fall into the hands of third parties during dispatch or through negligent behavior on the part of the user. TANs are not valid permanently, but they are stored on the service provider's website. This means that employees can misuse them.

Smartcard ist ein technisches Gerät, welches zeitgleich zum Server in festgelegten Zeitintervallen dieselben Zugangscodes generiert. Die Smartcard wiederum ist über einen PIN zugriffsgeschützt. Allerdings.erfordern SrnartQards. einen.hohenSmartcard is a technical device that generates the same access codes at the same time as the server at set time intervals. The smartcard, in turn, is protected against access by a PIN. However, smartcards require a high level of

Verwaltungsaufwand, insbesondere bei der Erstausgabe von zum Teil mehrerer Tausend Smartcards oder bei der Sperrung von Zugriffsrechten. Benutzer von Smartcards müssen diese stets mit sich führen, um sich in das jeweilige System einloggen zu können. Ein Benutzer von mehreren Systemen muss somit zahlreiche Smartcards mit sich führen und sich damit für jede Smartcard die entsprechende PIN merken.Administrative effort, especially when issuing several thousand smart cards for the first time or when blocking access rights. Smart card users must always carry them with them in order to be able to log into the respective system. A user of several systems must therefore carry numerous smart cards and remember the corresponding PIN for each smart card.

3 Funktion der Vorrichtung3 Function of the device

Hier handelt es sich um eine Vorrichtung zur Prüfung der Zugangsberechtigung zu sensiblen Bereichen mittels Erzeugung eines ausschließlich temporären Zugangscodes und dessen Übermittlung an ein personalisiertes Medium.This is a device for checking access authorization to sensitive areas by generating an exclusively temporary access code and transmitting it to a personalized medium.

Der Kern der Vorrichtung basiert auf Java, einer speziell für das Internet entwickelten objektorientierten Programmiersprache, auf Short Message Service (SMS), einem Versandprotokoll für Kurzmitteilungen über Mobiltelefone, sowie auf dem PIN-Schutz (Personal Idenfrfikations Nummer) bei Mobiltelefonen.The core of the device is based on Java, an object-oriented programming language developed specifically for the Internet, on Short Message Service (SMS), a protocol for sending short messages via mobile phones, and on PIN (Personal Identification Number) protection on mobile phones.

Das Neuartige der Vorrichtung besteht darin, dass ein ausschließlich temporärer Schlüssel auf das Mobiltelefon des Benutzers übertragen wird. Der übermittelte Schlüssel berechtigt den Empfänger in sensiblen Bereichen einer Internetapplikation arbeiten zu können.The novelty of the device is that an exclusively temporary key is transmitted to the user's mobile phone. The transmitted key authorizes the recipient to work in sensitive areas of an Internet application.

Beim Einloggen des Benutzers in den allgemein zugänglichen Bereich des Sicherheitsbereichs mittels Loginname und Passwort wird ein temporäres Javaobjekf erzeugt, wobei der Konstruktor" des Objekts den Zugangscode auf „NULL" und den Parameter zur Zugangskontrolle für diese Vorrichtung geschützte Bereiche auf „FALSE" setzt. Die vom Konstruktor gebildeten Datenelemente werden im Objekt gekapselt™ und sind damit nur über Methoden des Objekts ansprechbar. Diese Kapselung stellt einen sicheren Schutz vor unberechtigtem Datenzugriff dar, da die Datenelemente nicht direkt veränderbar bzw. auslesbar sind.When the user logs into the publicly accessible area of the security area using a login name and password, a temporary Java object is created, whereby the object's constructor sets the access code to "NULL" and the access control parameter for the areas protected by this device to "FALSE". The data elements created by the constructor are encapsulated in the object and can therefore only be accessed using the object's methods. This encapsulation provides secure protection against unauthorized data access, since the data elements cannot be changed or read directly.

Das temporäre Javaobjekt existiert nur für die Dauer einer Session, der Arbeitsphase eines Benutzers vom Einloggen ins System bis zum Ausloggen, im RAM des Servers. Um einen sensiblen Bereich des Systems betreten zu können, muss der Benutzer eine Anfrage an das System stellen. In diesem Fall erzeugt das temporäre Javaobjekt selbständig einen temporären Zugangscode, welcher aus beispielsweise sieben, unabhängig voneinander generierten Zufallsziffern besteht. Dieser Zugangscode wird nun automatisch dem Benutzer per SMS zugesandt. Innerhalb von Sekunden nach seiner Anfrage kann der Benutzer den benötigten Zugangscode auf seinem SMS-fähigen Handy abrufen. Der übermittelte Zugangscode muss dann vom Benutzer in einer Dialogbox eingegeben werden, welche dem Javaobjekt übergeben wird. Stimmt der Zugangscode mit der Eingabe überein, wird vom Javaobjekt der Parameter zur Zugangskontrolle auf „TRUE" gesetzt. Dieser Parameter kann über eine allgemein zugängliche Methode des Objekts ausgelesen, jedoch nicht verändert werden. Der Benutzer bekommt dadurch für die restliche Zeit der Session Zugriff auf die mit der Vorrichtung geschütztenThe temporary Java object only exists in the server's RAM for the duration of a session, the user's working phase from logging into the system to logging out. In order to access a sensitive area of the system, the user must submit a request to the system. In this case, the temporary Java object automatically generates a temporary access code, which consists of, for example, seven random numbers generated independently of one another. This access code is then automatically sent to the user via SMS. Within seconds of the request, the user can retrieve the required access code on their SMS-capable mobile phone. The transmitted access code must then be entered by the user in a dialog box, which is passed on to the Java object. If the access code matches the input, the Java object sets the access control parameter to "TRUE". This parameter can be read using a generally accessible method of the object, but cannot be changed. The user is thus given access to the data protected by the device for the remainder of the session.

Bereiche. Der gesetzte Parameter ermöglicht es dem Benutzer innerhalb seiner Session beliebig zwischen geschützten und allgemein zugänglichen Bereichen ohne erneute Anforderung eines Zugangscodes zu wechseln. Bei jedem versuchten Eintritt in einen durch diese Vorrichtung geschützten Bereich wird vom System mittels einer Methode des Javaobjekts überprüft, ob der Parameter zur Zugangskontrolle den Zustand „TRUE" aufweist. Stimmt der Zugangscode mit der Eingabe nicht überein, wird der Zugangscode vom Javaobjekt gelöscht und damit eine erneute Anfrage des Benutzers notwendig.
Die Telefonnummer seines Mobiltelefons kann der Benutzer nur bei der Ersterstellung des persönlichen Benutzerprofils eingeben oder zu einem späteren Zeitpunkt innerhalb des geschützten Bereiches. Nur in dem mit dieser Vorrichtung geschützten Bereich kann eine Änderung der Telefonnummer vorgenommen werden. Sollte es zum Verlust des Handys seitens des Benutzers kommen, so kann der Benutzer nur noch per Antrag beim Dienstanbieter seine neue Handynummer für den mit der Vorrichtung geschützten Bereich einstellen lassen.Areas. The set parameter allows the user to switch freely between protected and publicly accessible areas within their session without having to request an access code again. Every time an attempt is made to enter an area protected by this device, the system uses a method of the Java object to check whether the access control parameter has the status "TRUE". If the access code does not match the input, the access code is deleted from the Java object and the user must make a new request.
The user can only enter the telephone number of his mobile phone when he first creates his personal user profile or at a later time within the protected area. The telephone number can only be changed in the area protected by this device. If the user loses the mobile phone, the user can only request that his new mobile phone number be set for the area protected by the device by contacting the service provider.

4 Vorteile gegenüber anderen Legitimationsvorrichtungen:4 advantages over other identification devices:

Der Vorteil von der beschriebenen Vorrichtung gegenüber einfachen PIN / TAN Vorrichtungen liegt darin, dass die TAN - Nummer durch einen ausschließlich temporären Zugangscode ersetzt wird. Mit diesem Wegfall eines dauerhaft vorhandenen Codes entfällt die Gefahr des Datenmissbrauchs bei Verlust oder Entwenden des Codes durch einen Dritten. Da der temporär gültige Zugangscode von zu keinem Zeitpunkt auf einem permanenten Medium gespeichert wird und nur temporär im abgekapselten Bereich des Javaobjekts existiert, ist auch dem Dienstanbieter der derzeitige Zugangscode des Benutzers nicht bekannt. Er hat keine Möglichkeit des Zugriffs darauf, so dass ein Datenzugriff durch Mitarbeiter des Dienstanbieters ebenfalls weitestgehend ausgeschlossen werden kann.The advantage of the device described compared to simple PIN/TAN devices is that the TAN number is replaced by an exclusively temporary access code. This elimination of a permanent code eliminates the risk of data misuse if the code is lost or stolen by a third party. Since the temporarily valid access code is never stored on a permanent medium and only exists temporarily in the encapsulated area of the Java object, the service provider does not know the user's current access code. They have no way of accessing it, so access to data by employees of the service provider can also be largely ruled out.

Der Vorteil der Vorrichtung gegenüber Smartcards liegt darin, dass hier kein zusätzliches technisches Gerät vom Benutzer mitgeführt werden muss. Für den Zugang zu sensiblen Bereichen eines Sicherheitsbereichs benötigt der Benutzer lediglich sein Mobiltelefon. Daraus ergeben sich zweierlei Vorteile. Der Benutzer erhält durch sein PIN - geschütztes Mobiltelefon einen weiteren Schutz, muss sich jedoch keine weitere PIN - Nummer merken. Legitimationsvorrichtungen die mit Smartcards arbeiten bedeuten für den Dienstanbieter einen hohen Verwaltungsaufwand. Dieser entfällt bei der Arbeit mit dieser Vorrichtung.The advantage of this device over smart cards is that the user does not need to carry any additional technical equipment. To access sensitive areas of a security area, the user only needs their mobile phone. This has two advantages. The user receives additional protection through their PIN-protected mobile phone, but does not have to remember any additional PIN numbers. Identification devices that work with smart cards mean a lot of administrative work for the service provider. This is eliminated when working with this device.

Die Vorrichtung ist einfach bedienbar bei gleichzeitigem Schutz über mehrere Mechanismen. Um in sensible Bereiche des Systems zu gelangen, müsste ein Unbefugter Login und Passwort des Benutzers entschlüsseln, das Mobiltelefon des Benutzers entwenden und dessen PiN kennen.The device is easy to use and at the same time protects via several mechanisms. To gain access to sensitive areas of the system, an unauthorized person would have to decrypt the user's login and password, steal the user's mobile phone and know their PIN.

5 Einsatzgebiete5 Areas of application

Die beschriebene Vorrichtung kann überall dort eingesetzt werden, wo eine Zugangsberechtigung überprüft werden soll. Auf diesem Wege können alle die Systeme abgesichert werden, deren Zugang durch Eingabe eines alphanumerischen Codes ermöglicht wird. Anwendungsgebiete können somit sein: Zugang zu Sicherheitsbereichen (Türabsicherung), Geldautomaten, Kaufautomaten, Banktresore, Ausleihe wertvoller Güter, Aktionen in automatisierten Systemen.The device described can be used wherever access authorization needs to be checked. In this way, all systems that can be accessed by entering an alphanumeric code can be secured. Areas of application can therefore include: access to secure areas (door security), cash machines, vending machines, bank vaults, lending of valuable goods, actions in automated systems.

1 Siehe Abbildung ,Javaobjekt" 1 See figure "Java object"

° Der Konstruktor bildet ein Objekt und nimmt die erste Initialisierung der Datenelemente vor.° The constructor creates an object and performs the first initialization of the data elements.

m Durch das Schlüsselwort „private" bei der Datenelementdeklaration werden die Datenelemente im Objekt gekapselt, das heißt von außerhalb des Objekts nicht ansprechbar. m The keyword "private" in the data element declaration encapsulates the data elements in the object, which means they cannot be accessed from outside the object.

Claims (1)

Die Vorrichtung ist dadurch gekennzeichnet, dass die Prüfung einer Zugangsberechtigung dadurch erfolgt, dass ein ausschließlich temporärer Zugangscode durch einen Zufallsgenerator erzeugt und dann an ein personalisiertes Medium (Mobiltelefon, Pager) mittels Short Message Service (SMS) weitergeleitet wird. The device is characterized in that the verification of an access authorization is carried out by generating an exclusively temporary access code by a random generator and then forwarding it to a personalized medium (mobile phone, pager) by means of a Short Message Service (SMS).
DE20014381U 2000-08-21 2000-08-21 Authentication device Expired - Lifetime DE20014381U1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE20014381U DE20014381U1 (en) 2000-08-21 2000-08-21 Authentication device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE20014381U DE20014381U1 (en) 2000-08-21 2000-08-21 Authentication device

Publications (1)

Publication Number Publication Date
DE20014381U1 true DE20014381U1 (en) 2000-11-30

Family

ID=7945411

Family Applications (1)

Application Number Title Priority Date Filing Date
DE20014381U Expired - Lifetime DE20014381U1 (en) 2000-08-21 2000-08-21 Authentication device

Country Status (1)

Country Link
DE (1) DE20014381U1 (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1195973A1 (en) * 2000-10-05 2002-04-10 Digital Rum Ltd. Method for registering a user into new services by sending a permanent PIN via SMS or e-mail
WO2002052387A2 (en) * 2000-12-22 2002-07-04 Siemens Aktiengesellschaft Computer system that can be connected to a data transmission network
EP1233378A1 (en) * 2001-09-21 2002-08-21 Siemens Aktiengesellschaft System for creating and using temporary authorizations and mobile telecommunication terminal therefor
WO2002077934A2 (en) * 2001-03-22 2002-10-03 Cyberos Gesellschaft Für Sicherheitssysteme Mbh & Co. Kg Method and device for carrying out at least one commercial transaction in return for payment
WO2003014858A2 (en) * 2001-08-09 2003-02-20 Scott Edward James Garratt Method to activate a vending machine
AT411947B (en) * 2001-04-23 2004-07-26 Fischlmayr Albert SYSTEM FOR THE SAFE IMPLEMENTATION OF TRANSACTIONS BETWEEN INFORMATION-PROCESSING EQUIPMENT
EP1445917A2 (en) * 2003-02-04 2004-08-11 RenderSpace - Pristop Interactive d.o.o. Identification system for admission into protected area by means of an additional password
EP1486924A1 (en) * 2003-06-10 2004-12-15 Kagi, Inc. Method and apparatus for verifying financial account information
EP1498861A2 (en) * 2003-06-24 2005-01-19 LG TeleCom, Ltd. System for providing banking services by use of mobile communication system
WO2005062613A1 (en) * 2003-12-18 2005-07-07 Nptv Method for accessing an interactive television session by short message (sms)
WO2006049585A1 (en) * 2004-11-05 2006-05-11 Mobile Money International Sdn Bhd Payment system
EP1690164A2 (en) * 2003-12-02 2006-08-16 Broadon Communications Corp. Delivery of license information using a short messaging system protocol in a closed content distribution system
WO2007073352A1 (en) * 2005-12-19 2007-06-28 Veritas Mobile Solutions Pte. Ltd. METHOD FOR SECURE TRANSMITTAL OF PINs OVER TELECOMMUNICATIONS NETWORKS
WO2007130145A1 (en) * 2006-04-28 2007-11-15 Sony Ericsson Mobile Communications Ab Mobile device control of mobile television broadcast signals form broadcaster
ITAQ20090001A1 (en) * 2009-03-19 2009-06-18 Paolo Fabrizio Di PAYMENT SYSTEM BASED ON THE USE OF SPECIALLY REALIZED ELECTRONIC DEVICES THAT ALLOW THE OPERATION OF ELECTRONIC TRANSACTIONS BETWEEN SUBJECTS THAT BELONG TO THE SAME CIRCUIT PROVIDED AND MANAGED BY A SINGLE CRE INSTITUTE
US7588181B2 (en) 2005-09-07 2009-09-15 Ty Shipman Method and apparatus for verifying the legitamacy of a financial instrument
DE102009053448A1 (en) 2009-11-17 2011-05-19 Austria Card Plastikkarten Und Ausweissysteme Gmbh Method for the secure transmission of a PIN to an end customer
US8131649B2 (en) 2003-02-07 2012-03-06 Igware, Inc. Static-or-dynamic and limited-or-unlimited content rights
ITPI20110028A1 (en) * 2011-03-28 2012-09-29 Iamboo S R L METHOD AND EQUIPMENT FOR THE STRONG AUTHENTICATION OF A USER
WO2014127897A1 (en) * 2013-02-22 2014-08-28 Audi Ag Motor vehicle with a driving behavior which can be modified at a later stage using an application program
US9646142B2 (en) 2003-02-07 2017-05-09 Acer Cloud Technology Inc. Ensuring authenticity in a closed content distribution system
CN112541996A (en) * 2020-10-22 2021-03-23 重庆宏火实业有限公司 Control method based on AB gate logic

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1195973A1 (en) * 2000-10-05 2002-04-10 Digital Rum Ltd. Method for registering a user into new services by sending a permanent PIN via SMS or e-mail
WO2002052387A3 (en) * 2000-12-22 2003-09-18 Siemens Ag Computer system that can be connected to a data transmission network
WO2002052387A2 (en) * 2000-12-22 2002-07-04 Siemens Aktiengesellschaft Computer system that can be connected to a data transmission network
US8171073B2 (en) 2000-12-22 2012-05-01 Siemens Aktiengesellschsft Computer system connected to a data communications network
WO2002077934A3 (en) * 2001-03-22 2003-10-16 Cyberos Ges Fuer Sicherheitssy Method and device for carrying out at least one commercial transaction in return for payment
WO2002077934A2 (en) * 2001-03-22 2002-10-03 Cyberos Gesellschaft Für Sicherheitssysteme Mbh & Co. Kg Method and device for carrying out at least one commercial transaction in return for payment
AT411947B (en) * 2001-04-23 2004-07-26 Fischlmayr Albert SYSTEM FOR THE SAFE IMPLEMENTATION OF TRANSACTIONS BETWEEN INFORMATION-PROCESSING EQUIPMENT
WO2003014858A2 (en) * 2001-08-09 2003-02-20 Scott Edward James Garratt Method to activate a vending machine
US6850816B2 (en) 2001-08-09 2005-02-01 Scott Edward James Garratt Method to activate a vending machine
WO2003014858A3 (en) * 2001-08-09 2003-12-11 Scott Edward James Garratt Method to activate a vending machine
EP1233378A1 (en) * 2001-09-21 2002-08-21 Siemens Aktiengesellschaft System for creating and using temporary authorizations and mobile telecommunication terminal therefor
EP1445917A2 (en) * 2003-02-04 2004-08-11 RenderSpace - Pristop Interactive d.o.o. Identification system for admission into protected area by means of an additional password
EP1445917A3 (en) * 2003-02-04 2004-10-06 RenderSpace - Pristop Interactive d.o.o. Identification system for admission into protected area by means of an additional password
US8131649B2 (en) 2003-02-07 2012-03-06 Igware, Inc. Static-or-dynamic and limited-or-unlimited content rights
US9985781B2 (en) 2003-02-07 2018-05-29 Acer Cloud Technology, Inc. Ensuring authenticity in a closed content distribution system
US9646142B2 (en) 2003-02-07 2017-05-09 Acer Cloud Technology Inc. Ensuring authenticity in a closed content distribution system
US10263774B2 (en) 2003-02-07 2019-04-16 Acer Cloud Technology, Inc. Ensuring authenticity in a closed content distribution system
US7765153B2 (en) 2003-06-10 2010-07-27 Kagi, Inc. Method and apparatus for verifying financial account information
US8805738B2 (en) 2003-06-10 2014-08-12 Kagi, Inc. Method and apparatus for verifying financial account information
EP1486924A1 (en) * 2003-06-10 2004-12-15 Kagi, Inc. Method and apparatus for verifying financial account information
EP1498861A2 (en) * 2003-06-24 2005-01-19 LG TeleCom, Ltd. System for providing banking services by use of mobile communication system
EP1498861A3 (en) * 2003-06-24 2009-09-16 LG TeleCom, Ltd. System for providing banking services by use of mobile communication system
EP1690164A2 (en) * 2003-12-02 2006-08-16 Broadon Communications Corp. Delivery of license information using a short messaging system protocol in a closed content distribution system
EP1690164A4 (en) * 2003-12-02 2010-02-24 Broadon Comm Corp Delivery of license information using a short messaging system protocol in a closed content distribution system
WO2005062613A1 (en) * 2003-12-18 2005-07-07 Nptv Method for accessing an interactive television session by short message (sms)
WO2006049585A1 (en) * 2004-11-05 2006-05-11 Mobile Money International Sdn Bhd Payment system
US7588181B2 (en) 2005-09-07 2009-09-15 Ty Shipman Method and apparatus for verifying the legitamacy of a financial instrument
US8131617B2 (en) 2005-09-07 2012-03-06 Kagi, Inc. Method and apparatus for verifying the legitimacy of a financial instrument
WO2007073352A1 (en) * 2005-12-19 2007-06-28 Veritas Mobile Solutions Pte. Ltd. METHOD FOR SECURE TRANSMITTAL OF PINs OVER TELECOMMUNICATIONS NETWORKS
US7555288B2 (en) 2006-04-28 2009-06-30 Sony Ericsson Mobile Communications Ab Mobile device control of mobile television broadcast signals from broadcaster
WO2007130145A1 (en) * 2006-04-28 2007-11-15 Sony Ericsson Mobile Communications Ab Mobile device control of mobile television broadcast signals form broadcaster
ITAQ20090001A1 (en) * 2009-03-19 2009-06-18 Paolo Fabrizio Di PAYMENT SYSTEM BASED ON THE USE OF SPECIALLY REALIZED ELECTRONIC DEVICES THAT ALLOW THE OPERATION OF ELECTRONIC TRANSACTIONS BETWEEN SUBJECTS THAT BELONG TO THE SAME CIRCUIT PROVIDED AND MANAGED BY A SINGLE CRE INSTITUTE
EP2336935A1 (en) 2009-11-17 2011-06-22 Austria Card Plastikkarten und Ausweissysteme GmbH Method for securely sending a PIN to an end customer
DE102009053448A1 (en) 2009-11-17 2011-05-19 Austria Card Plastikkarten Und Ausweissysteme Gmbh Method for the secure transmission of a PIN to an end customer
ITPI20110028A1 (en) * 2011-03-28 2012-09-29 Iamboo S R L METHOD AND EQUIPMENT FOR THE STRONG AUTHENTICATION OF A USER
US9560061B2 (en) 2013-02-22 2017-01-31 Audi Ag Motor vehicle with a driving behavior which can be modified at a later stage using an application program
WO2014127897A1 (en) * 2013-02-22 2014-08-28 Audi Ag Motor vehicle with a driving behavior which can be modified at a later stage using an application program
CN112541996A (en) * 2020-10-22 2021-03-23 重庆宏火实业有限公司 Control method based on AB gate logic

Similar Documents

Publication Publication Date Title
DE20014381U1 (en) Authentication device
EP0281058B1 (en) Data exchange system
EP0875871B1 (en) Authorization method and system in data transfer systems
EP1254436B1 (en) Method for controlling the identity of users
DE69735166T2 (en) METHOD AND DEVICE FOR SECURING THE REMOTE SERVICES OF THE FINANCIAL INSTITUTIONS
DE3044463A1 (en) METHOD AND DEVICE FOR CODING A CARD
EP2528045A1 (en) Method and service computer and system for card-less authentication
DE19860177A1 (en) Chip card function releasing device comprises pocket chip card reader with checking component in chip card for verifying authentication data
WO2002084455A2 (en) Method for authentication of a user on access to a software-based system by means of an access medium
DE69330743T2 (en) Procedure for the certification of one unit of information by another
DE102007008651B4 (en) Chip card and method for activating a chip card function
EP1525731B1 (en) Identification of a user of a mobile terminal and generation of an action authorisation
EP1676191A1 (en) Device and method for securing and monitoring protected data
DE4439593C2 (en) Device and method for access and access control
EP0997853B1 (en) Method for protecting chip cards against unlawful use in unrelated devices
DE102007023003A1 (en) Mobile paying method, involves causing paying process based on transferred data record with reference data record in server computer, where data record comprises safety information with temporally limited validation
WO2017036455A2 (en) Device and method for authenticating and authorizing persons
DE19818998B4 (en) Method for protecting against attacks on the authentication algorithm or the secret key of a chip card
EP1652131B1 (en) Method for the issuing of a portable data support
DE102020123755B4 (en) Method for authentication with an optoelectronically readable code as well as function enabling device and computer program therefor
EP2230648A1 (en) Single-use code mask for deriving a single-use code
EP1163559A1 (en) Method for securing access to a data processing device and appropriate device
EP1566945A1 (en) Age verification by a mobile communication network
DE102022103369A1 (en) Procedure for creating a digital vaccination card
DE102022114588A1 (en) Method and system for authenticating a person

Legal Events

Date Code Title Description
R207 Utility model specification

Effective date: 20010104

R156 Lapse of ip right after 3 years

Effective date: 20040302