[go: up one dir, main page]

SG166028A1 - Methods of robust multi-factor authentication and authorization and systems thereof - Google Patents

Methods of robust multi-factor authentication and authorization and systems thereof

Info

Publication number
SG166028A1
SG166028A1 SG200903010-7A SG2009030107A SG166028A1 SG 166028 A1 SG166028 A1 SG 166028A1 SG 2009030107 A SG2009030107 A SG 2009030107A SG 166028 A1 SG166028 A1 SG 166028A1
Authority
SG
Singapore
Prior art keywords
user
server
communication network
mobile device
verification
Prior art date
Application number
SG200903010-7A
Inventor
Kwok Yan Karch Lam
Li Jianbin
Wang Guisi
Song Jianping
Original Assignee
Privylink Private Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Privylink Private Ltd filed Critical Privylink Private Ltd
Priority to SG200903010-7A priority Critical patent/SG166028A1/en
Priority to PCT/IB2010/051938 priority patent/WO2010128451A2/en
Priority to SG2011080629A priority patent/SG175860A1/en
Publication of SG166028A1 publication Critical patent/SG166028A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Methods and systems of user authentication and authorization are provided. An application hosted in a server is in communication with a user computing device via a first communication network and the server application is in further communication with a user mobile device via a second communication network. The authentication method begins with a user sending a login request from the user computing device to the server application. The server application generates and sends a challenge to the user mobile device. The user mobile device then derives and returns a response to the server via the second communication network for verification. The user mobile device further derives and displays a context-based one-time passcode (OTP) for the user to submit from the user computing device to the server application via the first communication network for verification. The server subsequently verifies the received response and context-based OTP and grants the user access right if the verification is positive. (FIG. 2 accompanies the Abstract)
SG200903010-7A 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof SG166028A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
PCT/IB2010/051938 WO2010128451A2 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Publications (1)

Publication Number Publication Date
SG166028A1 true SG166028A1 (en) 2010-11-29

Family

ID=43050566

Family Applications (2)

Application Number Title Priority Date Filing Date
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Family Applications After (1)

Application Number Title Priority Date Filing Date
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Country Status (2)

Country Link
SG (2) SG166028A1 (en)
WO (1) WO2010128451A2 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103583060A (en) * 2011-06-03 2014-02-12 黑莓有限公司 System and method for accessing private networks
CN103427999A (en) * 2013-08-23 2013-12-04 北京易优安信息技术有限公司 User authentication method and system
US9477852B1 (en) 2014-07-24 2016-10-25 Wells Fargo Bank, N.A. Augmented reality numberless transaction card
US9679152B1 (en) 2014-07-24 2017-06-13 Wells Fargo Bank, N.A. Augmented reality security access
CN104113556A (en) * 2014-07-31 2014-10-22 国家超级计算深圳中心(深圳云计算中心) Network logon authentication method and system, mobile terminal and application server
US10142841B2 (en) * 2016-07-11 2018-11-27 Disney Enterprises, Inc. Configuration for multi-factor event authorization
US11651357B2 (en) 2019-02-01 2023-05-16 Oracle International Corporation Multifactor authentication without a user footprint
NL2026156B1 (en) 2020-07-24 2022-04-12 Anthony Francis Everts Roy A method that adequately protects the authentic identity and personal data of a natural person and remotely confirms the authentic identity of this natural person through a trusted entity to a beneficiary party.

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040083272A (en) * 2003-03-21 2004-10-01 (주)뱅크타운 Method and System for Authentication of User on Web and/or Wireless Network by Using Mobile Terminal Loaded a Challenge/Response Based Mobile One-Time Password Module
KR20070077569A (en) * 2006-01-24 2007-07-27 삼성전자주식회사 One time password service system and method using a mobile phone
KR20080061714A (en) * 2006-12-28 2008-07-03 손민석 User authentication method based on one-time password generated in mobile communication terminal

Also Published As

Publication number Publication date
WO2010128451A3 (en) 2011-03-24
WO2010128451A2 (en) 2010-11-11
SG175860A1 (en) 2011-12-29

Similar Documents

Publication Publication Date Title
SG166028A1 (en) Methods of robust multi-factor authentication and authorization and systems thereof
US9104853B2 (en) Supporting proximity based security code transfer from mobile/tablet application to access device
MX2015009993A (en) Method, apparatus and system for access verification.
MX346056B (en) Method and/or system for user authentication with targeted electronic advertising content through personal communication devices.
US20200120469A1 (en) Systems and methods for updating a mobile device
IN2013MU03727A (en)
GB2523710A (en) Multi-factor authentication and comprehensive login system for client-server networks
EP2887615A1 (en) Cloud-based scalable authentication for electronic devices
WO2014011318A3 (en) Methods and apparatus for preprovisioning authentication tokens to mobile applications
MX2015015547A (en) System and method for authorizing access to access-controlled environments.
WO2013106094A3 (en) System and method for device registration and authentication
WO2014208033A3 (en) Secure discovery for proximity based service communication
MX345061B (en) Method, one or more computer-readable non-transitory storage media and a device, in particular relating to computing resources and/or mobile-device-based trust computing.
GB201010546D0 (en) Method of indentity verification
IN2014DN10973A (en)
GB2464552B (en) Authentication system and method for authenticating a user terminal with an access node providing restricted access to a communication network
MX2016001108A (en) Processing electronic tokens.
JP2012506594A5 (en)
MX2017008769A (en) Method and device for determining user equipment control permission and terminal device.
WO2013120026A3 (en) Enabling secure access to a discovered location server for a mobile device
GB2564624A (en) Configuration for multi-factor event authorization
WO2010093636A3 (en) Devices, systems and methods for secure verification of user identity
WO2014160347A3 (en) Methods and systems for authenticating a transaction with the use of a portable electronic device
WO2009050583A9 (en) Secure network interactions using desktop agent
GB2497887A (en) User and device authentication for media services