PE20240487A1 - Autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia - Google Patents

Autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia

Info

Publication number
PE20240487A1
PE20240487A1 PE2023002699A PE2023002699A PE20240487A1 PE 20240487 A1 PE20240487 A1 PE 20240487A1 PE 2023002699 A PE2023002699 A PE 2023002699A PE 2023002699 A PE2023002699 A PE 2023002699A PE 20240487 A1 PE20240487 A1 PE 20240487A1
Authority
PE
Peru
Prior art keywords
user
microchip
factor authentication
computing device
smart cards
Prior art date
Application number
PE2023002699A
Other languages
English (en)
Inventor
Jeff Venable
Original Assignee
Brex Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Brex Inc filed Critical Brex Inc
Publication of PE20240487A1 publication Critical patent/PE20240487A1/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10366Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves the interrogation device being adapted for miscellaneous applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/0826Embedded security module
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Toxicology (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Electromagnetism (AREA)
  • General Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Traffic Control Systems (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

Se proporcionan sistemas y metodos para la autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia. Un usuario puede realizar transacciones u otras interacciones en linea que pueden necesitar la autenticacion multifactor, como, por ejemplo, mediante la provision de una prueba o informacion secundaria o mayor que se usa para confiar de manera mas segura en el usuario y que no sea otro usuario malicioso. El usuario puede utilizar una tarjeta fisica que incluye un microchip insertado en una superficie, donde el microchip incluye una clave u otra funcion de firma criptografica que se puede explorar y firmar digitalmente para la autenticacion desde un dispositivo informatico. El dispositivo informatico del usuario puede, entonces, acercarse al microchip cuando se recibe una solicitud de explorar el microchip de la tarjeta. El dispositivo informatico del usuario puede entonces usar senales inalambricas para activar el microchip y realizar una autenticacion multifactor.
PE2023002699A 2021-05-03 2022-04-20 Autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia PE20240487A1 (es)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US202163183496P 2021-05-03 2021-05-03
US17/562,952 US20220353084A1 (en) 2021-05-03 2021-12-27 Multifactor authentication through cryptography-enabled smart cards
PCT/US2022/025636 WO2022235433A1 (en) 2021-05-03 2022-04-20 Multifactor authentication through cryptography-enabled smart cards

Publications (1)

Publication Number Publication Date
PE20240487A1 true PE20240487A1 (es) 2024-03-13

Family

ID=83807913

Family Applications (1)

Application Number Title Priority Date Filing Date
PE2023002699A PE20240487A1 (es) 2021-05-03 2022-04-20 Autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia

Country Status (12)

Country Link
US (1) US20220353084A1 (es)
EP (1) EP4334881A1 (es)
JP (1) JP2024518218A (es)
KR (1) KR20240005724A (es)
CN (1) CN117242470A (es)
AU (1) AU2022270588A1 (es)
CA (1) CA3215301A1 (es)
CL (1) CL2023002832A1 (es)
CO (1) CO2023012428A2 (es)
MX (1) MX2023012938A (es)
PE (1) PE20240487A1 (es)
WO (1) WO2022235433A1 (es)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130226812A1 (en) * 2012-02-24 2013-08-29 Mads Landrok Cloud proxy secured mobile payments
US20140282992A1 (en) * 2013-03-13 2014-09-18 Optio Labs, Inc. Systems and methods for securing the boot process of a device using credentials stored on an authentication token
AU2017381403A1 (en) * 2016-12-19 2019-08-08 Xard Group Pty Ltd Digital transaction apparatus, system, and method with a virtual companion card
US10885220B2 (en) * 2018-01-24 2021-01-05 Zortag Inc. Secure access to physical and digital assets using authentication key
US11216806B2 (en) * 2018-09-19 2022-01-04 Capital One Services, Llc Systems and methods for providing card interactions

Also Published As

Publication number Publication date
KR20240005724A (ko) 2024-01-12
EP4334881A1 (en) 2024-03-13
AU2022270588A1 (en) 2023-09-14
CN117242470A (zh) 2023-12-15
CO2023012428A2 (es) 2023-12-20
CA3215301A1 (en) 2022-11-10
CL2023002832A1 (es) 2024-04-12
WO2022235433A1 (en) 2022-11-10
JP2024518218A (ja) 2024-05-01
MX2023012938A (es) 2023-11-13
US20220353084A1 (en) 2022-11-03

Similar Documents

Publication Publication Date Title
US10146983B2 (en) Fingerprint decryption method and device
US10313317B2 (en) Systems and methods for securely managing biometric data
US9665704B2 (en) Method and system for providing password-free, hardware-rooted, ASIC-based, authentication of human to a stand-alone computing device using biometrics with a protected local template to release trusted credentials to relying parties
KR102070635B1 (ko) 생물학적 특징 인식 장치와 방법 및 생물학적 특징 템플릿 등록 방법
EP3304258B1 (en) Authenticating stylus device
JP6687758B2 (ja) セキュリティチップ、生体特徴識別方法及び生体特徴テンプレート登録方法
KR102198288B1 (ko) 생물학적 특징 인식 장치와 방법 및 생물학적 특징 템플릿 등록 방법
CN101206542B (zh) 具有按键和显示屏的加密签名手写板
CN104021332A (zh) 一种基于指纹UsbKey实现身份鉴别和文件加解密的方法
PH12020000002A1 (en) Authentication by transmitting information through a human body
PE20240487A1 (es) Autenticacion multifactor a traves de tarjetas inteligentes activadas por criptografia
CN200983153Y (zh) 具有按键的加密签名手写板
JP2016144119A (ja) 電子ペン、端末、署名照合システム、署名照合方法および署名照合プログラム。
KR102010764B1 (ko) 스마트폰 인증 기능을 이용한 컴퓨터 보안 시스템 및 방법
Szadeczky Enhanced functionality brings new privacy and security issues–an analysis of eID
US20240039718A1 (en) Recovery verification system, collation system, recovery verification method, and non-temporary computer readable medium
Singh Multi-factor authentication and their approaches
Jo et al. Vulnerability analysis on smartphone fingerprint templates
CN113904850A (zh) 基于区块链私钥keystore安全登录方法、生成方法、***及电子设备
Sarkar et al. Survey on Biometric applications for implementation of authentication in smart Governance
Krasniqi et al. Efficiency Comparison of Cryptographic Applications, Match-off-Card vs. Match-on-Card, Using National Biometric eID Card
Andrianova Electronic signature key storage
KR101852703B1 (ko) 문장인식장치 및 문장인식방법
Avhad et al. A three-factor authentication scheme in ATM
Najera et al. Secure Integration of RFID Technology in Personal Documentation for Seamless Identity Validation