WO2010071949A1 - Authentication system through sending of 2d images - Google Patents

Authentication system through sending of 2d images Download PDF

Info

Publication number
WO2010071949A1
WO2010071949A1 PCT/BR2009/000138 BR2009000138W WO2010071949A1 WO 2010071949 A1 WO2010071949 A1 WO 2010071949A1 BR 2009000138 W BR2009000138 W BR 2009000138W WO 2010071949 A1 WO2010071949 A1 WO 2010071949A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
image
transaction
images
sending
Prior art date
Application number
PCT/BR2009/000138
Other languages
French (fr)
Inventor
Abel AARÃO FILHO
Original Assignee
Infoserver S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Infoserver S.A. filed Critical Infoserver S.A.
Publication of WO2010071949A1 publication Critical patent/WO2010071949A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes

Definitions

  • the present invention refers to an authentication system through sending of 2D images, whose transaction signature in this scenario is the interpretation of the information captured from a 2D image and generation of an OTP (One Time Password) password based on this information that will be used for signing the transaction data.
  • OTP One Time Password
  • the 2D technology in cell phones for image data capture is not used for signing of electronic and bank transactions.
  • the objectives of the present invention are achieved through an authentication system through sending of 2D images, which includes the stages of:
  • the formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop;
  • the user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen; - the image is processed; the transaction data are shown on the mobile device's screen to be checked by the user;
  • the 2D mobile device After user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve for authentication / signature of the transaction in question; and then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator, such that this password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
  • Figure 1 - a flow diagram of the system object of the present invention.
  • Figure 2 - a 2d image generation flow diagram of the system object of the present invention.
  • Figure 3 - a 2D image interpretation flow diagram of the system object of the present invention.
  • an authentication system through sending of 2D images, where primarily, the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device, more precisely through a desktop.
  • the transaction data that the user informs are, for example: data of the account of destination of a bank transfer, such as branch number, account number, amount to be transferred.
  • the informed data are sent to a 2D image generation central unit.
  • the received information is compacted and formatted.
  • the formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop.
  • the user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen. This image is processed; the transaction data are shown on the mobile device's screen to be checked by the user, as it can be seen in figure 3.
  • the mobile device is preferably a token, supplied by the institution that installed the authentication system through 2D images. After user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve 'for authentication / signature of the transaction in question.
  • this password is passed to the system and will be sent to the OTP password validator. This password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
  • Another advantage is that if upon informing the data, any hacker or intruder in the network tries to modify the transaction data, let us say, to change the account of destination to a third party account, the signature OTP validation process in the server will be blocked and this offers a very huge security in financial transactions.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The present patent refers to an authentication system through sending and processing of 2D images whose transaction signature in this scenario is the interpretation of information captured from a 2D image and generation of an OTP (One Time Password) based on this information that will be used for signing the transaction data.

Description

"AUTHENTICATION SYSTEM THROUGH SENDING OF 2D IMAGES"
The present invention refers to an authentication system through sending of 2D images, whose transaction signature in this scenario is the interpretation of the information captured from a 2D image and generation of an OTP (One Time Password) password based on this information that will be used for signing the transaction data.
DESCRIPTION OF THE PRIOR ART
Electronic transaction data are subject to third- party handling causing damages to system users. The security mechanisms currently used do not assure that the data of a transaction will not be altered or implemented ill-intentionally .
The 2D technology in cell phones for image data capture is not used for signing of electronic and bank transactions.
Currently, data are captured from images through the cell phone that has the 2D technology in place; however its use is limited to this. For the security of any electronic / bank transaction, by using transaction signature with this technology, is not met.
The greatest disadvantage and problem of what is currently used are the vulnerability and the risks to which electronic / bank transactions are exposed and also the lack of amenity to the user, upon using certain security devices adopted for particular institutions.
OBJECTIVE OF THE PRESENT INVENTION
The objectives of the present invention are achieved through an authentication system through sending of 2D images, which includes the stages of:
- primarily the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device; - the informed data are sent to a 2D image generation central unit and the received information is compacted and formatted;
- the formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop;
- the user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen; - the image is processed; the transaction data are shown on the mobile device's screen to be checked by the user;
- after user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve for authentication / signature of the transaction in question; and then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator, such that this password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
SUMMARIZED DESCRIPTION OF THE DESIGNS
The present invention will be, as follows, more succinctly described based on an example of execution represented in the designs. The figures show:
Figure 1 - a flow diagram of the system object of the present invention.
Figure 2 - a 2d image generation flow diagram of the system object of the present invention.
Figure 3 - a 2D image interpretation flow diagram of the system object of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
As it can be seen starting with figure 1, an authentication system through sending of 2D images, where primarily, the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device, more precisely through a desktop.
The transaction data that the user informs are, for example: data of the account of destination of a bank transfer, such as branch number, account number, amount to be transferred.
The informed data are sent to a 2D image generation central unit. As it can be seen in figure 2, the received information is compacted and formatted. The formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop.
The user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen. This image is processed; the transaction data are shown on the mobile device's screen to be checked by the user, as it can be seen in figure 3.
The mobile device is preferably a token, supplied by the institution that installed the authentication system through 2D images. After user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve 'for authentication / signature of the transaction in question.
Then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator. This password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
The advantage of this approach is that it is not necessary to enter with the data in the mobile device, since they are read through photography or video of 2D barcodes.
Another advantage is that if upon informing the data, any hacker or intruder in the network tries to modify the transaction data, let us say, to change the account of destination to a third party account, the signature OTP validation process in the server will be blocked and this offers a very huge security in financial transactions.
Obviously it will be noticed that while the aforementioned was described as form of illustrative example of this invention, all other modifications and variations done to this invention, in the manner that would be apparent to specialists in the technique, are considered within the broad scope and range of this invention according to the claims that follow.

Claims

1. "AUTHENTICATION SYSTEM THROUGH SENDING OF 2D IMAGES" characterized by the fact that it has the stages of:
- primarily the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device; the informed data are sent to a 2D image generation central unit and the received information is compacted and formatted; - the formatted data are processed through a 2D image generator algorithm, such that this image will be readily
/ exhibited to the user, through his entry peripheral device;
- the user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen;
- the image is processed; the transaction data are shown on the mobile device's screen to be checked by the user;
- after user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve for authentication / signature of the transaction in question; and then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator, such that this password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
2. "AUTHENTICATION SYSTEM THROUGH SENDING OF 2D IMAGES", in accordance with claim 1, characterized by the fact that the transaction data can be anything.
3. "AUTHENTICATION THROUGH SENDING OF 2D IMAGES", in accordance with claim 1, characterized by the fact that the entry peripheral device is a desktop.
4. "AUTHENTICATION THROUGH SENDING OF 2D IMAGES", in accordance with claim 1, characterized by the fact that the mobile device is a token.
PCT/BR2009/000138 2008-12-23 2009-05-13 Authentication system through sending of 2d images WO2010071949A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
BRPI0805406-1 2008-12-23
BRPI0805406-1A BRPI0805406A2 (en) 2008-12-23 2008-12-23 authentication system by sending 2d images

Publications (1)

Publication Number Publication Date
WO2010071949A1 true WO2010071949A1 (en) 2010-07-01

Family

ID=42233921

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BR2009/000138 WO2010071949A1 (en) 2008-12-23 2009-05-13 Authentication system through sending of 2d images

Country Status (2)

Country Link
BR (1) BRPI0805406A2 (en)
WO (1) WO2010071949A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2549421A1 (en) * 2011-07-22 2013-01-23 Marco Cavaterra Method and apparatus for the transfer of a money amount by using a two-dimension image code
WO2014097328A1 (en) * 2012-12-19 2014-06-26 Cavaterra, Marco Method and apparatus for the transfer of a money amount by using a two-dimension image code
EP2831822A4 (en) * 2012-03-30 2015-09-30 Ip Payovation Pty Ltd Payment apparatus and method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005001628A2 (en) * 2003-06-06 2005-01-06 Neomedia Technologies, Inc. Automatic access of internet content with a camera-enabled cell phone
EP1587014A1 (en) * 2004-04-16 2005-10-19 Pitney Bowes Inc. Method and system for using a camera cell phone in transactions
KR20060016714A (en) * 2004-08-18 2006-02-22 주식회사 이시티 A mobile phone for remote controlling a electronic product by using 2-dimensional barcode symbology

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005001628A2 (en) * 2003-06-06 2005-01-06 Neomedia Technologies, Inc. Automatic access of internet content with a camera-enabled cell phone
EP1587014A1 (en) * 2004-04-16 2005-10-19 Pitney Bowes Inc. Method and system for using a camera cell phone in transactions
KR20060016714A (en) * 2004-08-18 2006-02-22 주식회사 이시티 A mobile phone for remote controlling a electronic product by using 2-dimensional barcode symbology

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2549421A1 (en) * 2011-07-22 2013-01-23 Marco Cavaterra Method and apparatus for the transfer of a money amount by using a two-dimension image code
ITRM20110391A1 (en) * 2011-07-22 2013-01-23 Marco Cavaterra METHOD AND EQUIPMENT FOR THE TRANSFER OF A MONEY MONEY WITH THE USE OF A TWO-DIMENSIONAL IMAGE CODE
US9552577B2 (en) 2011-07-22 2017-01-24 Cosmo DI TUCCI Method and apparatus for the transfer of a money amount by using a two dimension image code
EP3961537A1 (en) * 2011-07-22 2022-03-02 Marco Cavaterra Method and apparatus for the transfer of a money amount by using a two-dimensional image code
EP2831822A4 (en) * 2012-03-30 2015-09-30 Ip Payovation Pty Ltd Payment apparatus and method
WO2014097328A1 (en) * 2012-12-19 2014-06-26 Cavaterra, Marco Method and apparatus for the transfer of a money amount by using a two-dimension image code

Also Published As

Publication number Publication date
BRPI0805406A2 (en) 2010-05-25

Similar Documents

Publication Publication Date Title
US20200279275A1 (en) Method for authenticating financial instruments and financial transaction requests
JP7183378B2 (en) Anti-replay authentication system and method
Ali et al. Consumer-facing technology fraud: Economics, attack methods and potential solutions
US11157905B2 (en) Secure on device cardholder authentication using biometric data
WO2019100854A1 (en) Credit-based claim settlement implementing method and device
CN202210326U (en) Personal payment terminal provided with keyboard
EP2332102A2 (en) System and method of secure payment transactions
EP2043036A1 (en) System, method and device for enabling interaction with dynamic security
CN108880791A (en) Cryptographic key protection method, terminal and computer readable storage medium
WO2016141014A1 (en) Authentication-activated augmented reality display device
CN113196704B (en) Techniques for securely performing offline authentication
EP3186739B1 (en) Secure on device cardholder authentication using biometric data
US20210279316A1 (en) Anti-replay authentication systems and methods
CN109978533A (en) A kind of offline secure payment system and method that anti-two dimensional code is usurped
US11403642B2 (en) Techniques to improve fraud detection at financial terminals
CN109523408A (en) Identity identifying method, insurance institution's server and the user terminal of insured people
WO2010071949A1 (en) Authentication system through sending of 2d images
CN108964921A (en) Verification System, authentication method and service server
EP3841508A1 (en) Anti-replay authentication systems and methods
WO2010140191A1 (en) Information communication network
WO2012071418A2 (en) System and method for secure financial transactions
KR20170141930A (en) System for providing financial service and method for transfer thereof
Singh et al. When social networks meet payment: a security perspective
US20230245125A1 (en) Identity verification using a virtual credential
KR20140011522A (en) Method and apparatus for performing electronic finance transaction using face recognition

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09833949

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09833949

Country of ref document: EP

Kind code of ref document: A1