Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberWO1997031306 A1
Publication typeApplication
Application numberPCT/FI1997/000067
Publication dateAug 28, 1997
Filing dateFeb 6, 1997
Priority dateFeb 23, 1996
Also published asDE69705547D1, DE69705547T2, EP0976015A1, EP0976015B1, US6112078
Publication numberPCT/1997/67, PCT/FI/1997/000067, PCT/FI/1997/00067, PCT/FI/97/000067, PCT/FI/97/00067, PCT/FI1997/000067, PCT/FI1997/00067, PCT/FI1997000067, PCT/FI199700067, PCT/FI97/000067, PCT/FI97/00067, PCT/FI97000067, PCT/FI9700067, WO 1997/031306 A1, WO 1997031306 A1, WO 1997031306A1, WO 9731306 A1, WO 9731306A1, WO-A1-1997031306, WO-A1-9731306, WO1997/031306A1, WO1997031306 A1, WO1997031306A1, WO9731306 A1, WO9731306A1
InventorsToni Sormunen, Teemu Kurki
ApplicantNokia Mobile Phones Ltd, Toni Sormunen, Teemu Kurki
Export CitationBiBTeX, EndNote, RefMan
External Links: Patentscope, Espacenet
Method for obtaining at least one item of user authentication data
WO 1997031306 A1
Abstract
A method for obtaining at least one item of user specific data, wherein the user specific data is obtained at least partly by using paging or a short message service.
Claims  (OCR text may contain errors)
Claims:
1. A method for obtaining at least one item of user specific authentica¬ tion data, characterized in that the user specific authentication data is obtained at least partly by using paging or a short message service.
2. A method according to claim 1 , wherein the user specific authentica¬ tion data is used for forming a connection to an information service (1), which method comprises of sending (102) of a request for transmission of the user specific authentication data from the user to the information service provider, and receiving (107) of the user specific authentication data sent by the information service provider, characterized in that the user specific authentication data is sent as a short message (6) which is received by the paging terminal (3) of the user.
3. A method according to claim 2, characterized in that the request for transmitting the user specific authentication data is sent as a short message (2).
4. A method according to claim 2, characterized in that the request for transmitting the user specific authentication data is sent by a method known as such.
5. A method according to claim 4, characterized in that the request for transmitting the user specific authentication data is made by making a call by a telecommunication terminal, such as a telephone, to the telephone exchange of the information service provider, wherein the request can be made either by dictating or in preferably by voice-fre¬ quency signals formed by touching the telephone keys.
6. A method according to claim 1 , wherein the user specific authentica¬ tion data is used in forming a connection to the information service (1), which method comprises sending (102) of a subscription request from the user to the information service provider, wherein the subscription request comprises one or more items of user specific authentication data, and receiving (107) of the subscription data sent by the informa¬ tion service provider, characterized in that the user specific authenti- cation data is sent to the information service provider as a short mes¬ sage (2).
7. A method according to claim 3 or 6, characterized in that a short message (2) is sent by the paging terminal (3) of the user.
8. A method according to claim 1 , wherein the user specific authentica¬ tion data is used in forming a connection to an information service (1), which method comprises sending (102) a subscription request from the user to the information service provider, wherein the subscription request comprises one or more items of user specific data, and receiv¬ ing (107) of the subscription data sent by the information service provider, characterized in that the request for subscription of user specific authentication data is made by making a call by a telecommu- nication terminal, such as a telephone, to the telephone exchange of the information service provider, wherein the request can be transmitted either by dictating or preferably by using voice-frequency signals formed by touching the telephone keys.
9. A method according to claim 1 , wherein the user specific authentica¬ tion data is used to form a connection to the information service (1), which method comprises sending (102) a subscription request from the user to the information service provider, wherein the subscription re¬ quest comprises one or more items of user specific authentication data, and receiving (107) of the subscription data sent by the information service provider, characterized in that the subscription request is transmitted by using electronic mail, which is known as such.
10. A method according to any of claims 2, 3, 6 or 7, characterized in that the paging terminal (3) of the user is a mobile station.
11. A method according to claim 10, characterized in that the mobile station is a cellular system mobile station, such as a GSM mobile sta¬ tion.
12. A method according to claim 10, characterized in that the mobile station of the user is a paging device, such as a long distance paging device. 13. A system for obtaining at least one item of user specific authentica¬ tion data, characterized in that the system comprises means (3, 4) for obtaining user specific authentication data by using at least partly pag¬ ing or a short message service.
14. A system according to claim 13, characterized in that the means (3, 4) for obtaining user specific authentication data comprise a paging terminal (3).
15. A system according to claim 14, characterized in that the paging terminal (3) is a mobile station.
16. A system according to claim 15, characterized in that the mobile station is a cellular system mobile station, such as a GSM mobile sta¬ tion.
17. A system according to claim 15, characterized in that the mobile station is a paging device, such as a long distance paging device.
Description  (OCR text may contain errors)

Method for obtaining at least one item of user authentication data

The invention relates to a method and system for obtaining at least one item of user specific authentication data, such as a password and/or a user name.

Information services refer in this specification chiefly to electronic infor¬ mation services which can be used by a data processor or the like. For using an information service, a data transmission connection is formed from the data processor to the information service, which is for example an application in the computer of the information service provider. The data transmission connection can be formed for example by using a telecommunication network or a mobile communication network. Upon using an information service, usually user specific authentication data is required, for example a user name and password, which are given with a data processor at the stage when the connection to the information service is formed. The user name and the password enable the infor¬ mation service provider to control the user using the information service, wherein also invoicing can be directed to the users appropri- ately for example according to usage time. A further object of the user name and the password is to prevent unauthorized use of the informa¬ tion service.

A wide range of services is available for example via the Internet net- work. Via the network it is possible to make orders and to scan data¬ bases and articles. In addition, many banks offer their customers the possibility to pay bills and enquire account transactions using a data processor at home or even at work.

A user name is user specific and it is usually not changed in different connection set-ups. Passwords, on the other hand, can be divided into three main types:

1. One single password valid as long as the user is a regis- tered subscriber to the service. A password of this type is used mainly in services with less need for security. 2. A list of single-connection passwords, each valid for only one connection. For the first connection, the first password is used, for the second connection, the second password is used, etc., as long as all the passwords in the list are used. Subsequently, a new set of passwords has to be ordered before the service can be further used. In some services a new list is sent within a short notice before the last pass¬ word in the list is used in order to minimize the possible interruption at the list change. Passwords of this type are commonly used with information services provided espe¬ cially by banks.

3. A periodical password valid for a predefined period of time. This type of password may be used within the period determined for the password regardless of how many times the connection is made. The validity period may be for example a month or a year, after which the password is to be changed into a new one.

Especially when using passwords of the type 2., the problem is that the list has to be kept safe and account of the last used password has to be kept in one way or another. Thus the possibility of abuse is great, especially if the list and the user name are preserved in the same place.

Regardless of which password type is used, it is the user of the service who is to a great extent responsible for data security, and the service provider has few possibilities to prevent and control abuse for example in case the password falls into the wrong hands.

When a new user starts using the information service, the user has to register to the information service provider. This may be done for example by a written subscription request, in which the user gives his or her personal data and other information required, most often by mail, electronic mail (e-mail) or facsimile. In due course, the new user is sent a user name and a password or a list of passwords. These are sent most commonly by mail. In some cases the information may also be sent by facsimile, but in this case it is more likely that the user name and the password fall into the wrong hands. Also electronic mail may be used for informing a user name and a password. However, especially the Internet network is an open network in which the communicated data is in unenciphered form. Furthermore, unauthorized persons can easily read information transferred via the Internet.

In some cases, the user is mailed the information that the user specific authentication data may be dispatched from a post office or bank. In this case the identity of the user can still be checked when the authenti- cation data is despatched.

Figure 1 shows a flow diagram of a commonly used method for obtain¬ ing user specific authentication data. The person (block 101) who wants to become a user of an information service, sends a subscription request (block 102) to the information service provider (block 103). The information service provider sends a subscription form to the user (block 104). Having filled in the form (block 105), the user sends it back to the service provider for example by facsimile or by mail (block 106). The information service provider subsequently handles the form and allots the user the user specific authentication data and sends it for instance by mail, electronic mail or facsimile (block 107). Having received the user specific authentication data, the user can start using the information service (block 108).

For example in the Internet network, some information service provid¬ ers use a method for registering a new user, whereby the person who intends to become a user, forms a data transmission connection to the Internet address of the service provider. Thus in the display unit of a data processor a subscription form is produced, in which the user may fill in his or her personal data by using the keyboard of the data proc¬ essor. Information to be filled in include e.g. forename, surname, a pro¬ posal for user name and password. After the information has been filled in, the data is saved to be processed in the computer of the service provider. The information service provider handles the information and, when accepting a new user, forms a record or the like for the user, in which the data of the new user is saved. After accepting the new user, the information service provider sends the information of this to the Internet address of the user. Next, the new user may form a connection to the information service. In this method the user may in other words inform the desired password, in which case the information service provider does not send the password with a return message. Also this method includes for example the disadvantage that the user specific authentication data in connection to the subscription request is trans¬ mitted via a data network, whereby it is possible that the password and the user name fall into the wrong hands.

The interval between the potential user has sent a subscription request and receives the user specific authentication data is a few days, even weeks. A somewhat shorter delay is reached in situations in which the subscription request can be made via a data processor by contacting the computer of the service provider. Even in cases like this, the han¬ dling of the subscription data takes some time, possibly a few days, which means that the using of the service can not be initiated before this.

An object of the present invention is to eliminate the disadvantages disclosed above and to establish a method wherein transmission of user specific authentication data from the service provider to the user of the service can be performed as fast and as safely as possible. The invention is based on the idea that user specific authentication data is transmitted to the user by using, at least partly, a paging system or a short message service. The method according to the invention is char- acterized in what will be mentioned in the characterizing part of the appended claim 1. The system according to the invention is character¬ ized in what will be mentioned in the characterizing part of the appended claim 13.

The present invention can be applied especially in such telecommuni¬ cation systems in which it is possible to transmit short messages to a terminal belonging to the telecommunication system on the basis of a terminal key, such as a telephone number. This quality is included in mobile communication systems. In publication TSK 19 "Matkaviestin- sanasto" by Tekniikan sanastokeskus (Finnish Center for Technical Vocabulary) a mobile communication system is defined as a telecom¬ munication system composed of a mobile communication network and mobile stations. Mobile communication systems include for example a cellular system, a paging system and a mobile phone system. A cellular system, such as the GSM system, is a mobile communication system in which a cellular network is used. A paging system is a one-way mobile communication system intended for paging. A mobile phone system is a two-way mobile communication system primarily intended for speech transmission. It is advantageous to apply the present system in mobile communication systems which include short message service (SMS) or paging.

The present invention provides considerable advantages over methods of prior art. The method according to the present invention enables very fast subscription, whereby the using of the service may be initiated almost immediately after a subscription request has been sent, be¬ cause transmission of user information is conducted in enciphered, electronic form and the receiver can be recognized in order to prevent abuse. A further advantage of the fast data transmission is that the validity of passwords can be shortened remarkably and security may thus be improved.

The invention will be described in more detail below with reference to the appended figures, in which

Fig. 1 shows a block diagram of a method in transmitting a user name and passwords according to prior art,

Fig. 2 shows a method for transmitting a user name and pass¬ words according to a preferred embodiment of the invention, and

Fig. 3 shows an alternative embodiment of the invention for transmitting a user name and passwords.

According to a preferred embodiment of the invention illustrated in Fig. 2 a two-way questionnaire of user specific authentication data exhibits only those blocks essential in application of the method. For obtaining the password or the list of passwords required for using a service 1 , the user of the service sends a short message 2 from a paging terminal 3, such as a mobile station. The short message 2 includes a password request and possibly also a subscription request for a new user. With the short message from the paging terminal 3, authentication data of the sender is sent to a paging service center 4. The form of the data depends on the type of the message system used. For example the GSM system allows sending short messages, wherein a GSM mobile station can be used in implementation of the method according to the invention. The short messages are transmitted in enciphered form, whereby it is almost impossible for outsiders to decipher the content of the short messages. In formation of a short message for example a keyboard of a mobile station may be used or the message can also be supplied from the keyboard of a data proces¬ sor coupled to a mobile station. Further, the message can be sent by forming a data transmission connection to the Internet network, to the so-called WWW (World Wide Web) page of the information service provider, and giving the user authentication data as well as the number of the mobile station, to which the authentication data is transmitted preferably in a short message. Thus the mobile station is not needed in the data inquiry phase.

The paging service center 4 processes the incoming message and forms according to it a data transmission connection to a password server 5 and transmits the inquiry to it. The password server 5 proc¬ esses the message and forms a reply message containing one or more passwords and the user name in case a new user is registered. The formation of the reply message can be automatic or it can require proc¬ essing of the information in one way or another, before a password and a possible user name can be admitted. A more detailed processing of this phase depends on the service provider and it is not significant in view of applying the present invention; consequently a more detailed description of the subject is herein unnecessary.

The paging service center 4 is for example in the GSM system advanta¬ geously a short message service center.

The password server 5 transmits the password and/or the user name to the short message service center 4, which forms according to the data a reply message 6, which is sent to the paging terminal 3 preferably in enciphered form. The short message service center 4 for example attends to that the short message is sent to the correct paging terminal 3. Herein it is possible to utilize the information in the connection of the message received by the short message service center 4 from the paging terminal 3. The reply message 6 arrived to the paging terminal 3 can be shown to the user for example by the display means 7 of a mobile station used as a paging terminal. The user may subsequently start using the service 1.

In order to be identified the user forms by a data processor 8 a data transmission connection to a verification service 9 of the service 1. After the user has given his or her user name and the valid password, the verification service 9 transmits the given data to the service 1 , which sends a check request 11 of the user name and the password to the password server 5. The password server 5 examines the data and communicates in a reply message 12 to the service 1 whether the user name and the password are given correctly. If the data is correct, the user has a data transmission connection from the data processor 8 to the service 1. In case the user name or the password are given incor¬ rectly, the password server 5 communicates this to the service 1 , wherein the use of the service 1 is prevented. Furthermore, the pass¬ word server 5 can give a report to the service provider, which is capa¬ ble of using this information when controlling possible abuse attempts of the service 1.

The data processor 8 can have a data transmission connection to the mobile station 3. Thus the subscription request can be formed in the application software of the data processor 8, for example in a terminal program. The application software of the mobile station 3 forms a short message 2 on the basis of the subscription data given through the application software of the data processor. In a corresponding manner, the reply message 6 is processed in the application software of the mobile station and transmitted to the data processor 8, whereby the user is given his or her user-specific authentication data for using the information service. The use of the information service can then be started immediately by forming a data transmission connection with the service 1 , as described above. The data transmission connection is formed advantageously through a mobile station. An advantage of this method is for example the fact that subscription as a user of the infor- mation service can be performed anywhere within the receiving area of the mobile communication network in which the mobile station 3 is con¬ nected.

The data transmission connection for using the information service from the data processor 8 can be formed also as a modem connection to a wireline telecommunication network, which is known as such.

The service block 1 , the password server block 5 and the verification service block 9 shown in the block diagram of Fig. 2, can be placed for example in the mainframe of the service provider or the like, or they can be separate data processors between which data transmission connec¬ tions are formed.

The data transmission connection 13 between the short message serv¬ ice center 4 and the password server 5 can be for example a direct connection by using ISDN/LAN (Integrated Services Digital Network / Local Area Network) or a corresponding connection. Also this is prior art known as such. Transmission of short messages between the pag- ing terminal 3 and the short message service center 4 is made prefer¬ ably at least partly in a wireless manner, for example by using a mobile communication network.

Fig. 3 shows a reduced block diagram of another advantageous em- bodiment according to the present invention. The difference to the em¬ bodiment of Fig. 2 lies primarily in the fact that a paging terminal which is only capable of receiving messages can also be used as the paging terminal 3. In such a case, a subscription request is formed by a data processor 8 and transmitted to a verification service 9. The verification service 9 transmits the received message further to a password server 5. A reply mer =κje 6 is formed principally as described in connection with Fig. 2. As .e paging terminal 3 in this embodiment, for example a paging device or the like may be used, whereby the method of trans¬ mitting the reply message to the paging device depends for example on the paging system used.

In the embodiment of Fig. 3, the paging service center 4 is for example a paging network controller or a wireless messaging switch. Methods have been developed for transmitting paging messages in connection with radio broadcasting so that they do not interfere with receiving the broadcasting. Thus the paging device includes a receiver which separates from the incoming broadcasting the paging information coded in it and examines whether the transmission is intended to the user of this particular paging device, wherein the paging device forms a signal from the message to the display means 10. The user may con¬ sequently form a connection to the service 1 in a corresponding manner as presented in the above description in connection with the em¬ bodiment of Fig. 2.

Another possible application of the present invention is that the user makes a call by using a telecommunication terminal, such as a tele- phone, to the telephone exchange of the information service provider, wherein the user can give the subscription data for example by dictating or tapping the telephone keys. Yet another alternative for sending the subscription request is electronic mail, which is known as such, wherein the data is given to the data processor in the electronic mail application used and transmitted via a telecommunication network or a mobile communication network to the electronic mail address of the informa¬ tion service provider. The transmission of the user specific authentica¬ tion data to the user is performed by using paging or short message service as presented in connection with the previous embodiments.

Further, the present invention can be applied also for obtaining a per¬ sonal identity number (PIN) of bank and credit cards and corresponding charge cards. Thus when the charge card is being ordered, the number of the orderer's paging device or mobile station can be given, wherein the supplier of the charge card transmits the personal identity number connected to the charge card to the paging device or the mobile station of the user. Thus it is not necessary to send the identity number by post, which decreases the possibility that the identity number falls into the wrong hands. In a corresponding manner, the method according to the invention can be used for requesting a new personal identity num¬ ber for a charge card which is already in use, wherein the identity num¬ ber is transmitted to the paging device or the mobile station of the user. This may be necessary for example in situations when it is suspected that the identity number has fallen into the wrong hands.

The present invention is not restricted solely to the embodiments pre¬ sented above, but it can be varied within the scope of the appended claims.

Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
WO1995019593A1 *Jan 12, 1995Jul 20, 1995Michael Jeremy KewA computer security system
WO1996000485A2 *Jun 14, 1995Jan 4, 1996Ericsson Telefon Ab L MUser authentication method and apparatus
Referenced by
Citing PatentFiling datePublication dateApplicantTitle
WO1999010793A1 *Aug 25, 1998Mar 4, 1999Sonera OyProcedure for accessing a service in a data communication system, and a data communication system
WO1999026124A1 *Nov 10, 1998May 27, 1999Ericsson Telefon Ab L MMethod, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network
WO1999056520A2 *Apr 22, 1999Nov 11, 1999House Of Added Value AbA method of storing and retrieving personal codes
WO2000025477A1 *Oct 27, 1999May 4, 2000Sonera OyjProcedure and system for identifying and billing a subscriber associated with a service in a telecommunication system
WO2000058922A1 *Mar 27, 2000Oct 5, 2000Hermanus Albertus BosUtility purchases by prepayment
WO2000067170A1 *May 3, 2000Nov 9, 2000Telia AbPayment by card at electronic shopping
WO2000078009A2 *Jun 16, 2000Dec 21, 2000Olivier LenoirMethod and system for securely accessing a computer server
WO2001003083A1 *Jun 30, 2000Jan 11, 2001Mic SystemsSystem and method for performing secure electronic transactions over an open communication network
WO2001015462A1Aug 23, 1999Mar 1, 2001Nokia Networks OySending initial password through an sms
WO2001041081A2 *Dec 4, 2000Jun 7, 2001First Hop OyA method and a system for obtaining services using a cellular telecommunication system
WO2001043478A1 *Dec 1, 2000Jun 14, 2001Mauro SentinelliA method of enabling a customer of a mobile radio network to access an electronic mail server
WO2001052025A2 *Jan 4, 2001Jul 19, 2001Sun Microsystems IncAccessing multiple services with a unique user name
WO2001078563A2 *Apr 17, 2001Oct 25, 2001Kisteman Gerard RoelE-commerce deliverybox
WO2001099382A2 *Jun 19, 2001Dec 27, 2001Allen Robert YaxleyA method and system of controlling access to a remote location
WO2007073352A1 *Dec 12, 2006Jun 28, 2007C Alfredo FajardoMETHOD FOR SECURE TRANSMITTAL OF PINs OVER TELECOMMUNICATIONS NETWORKS
WO2008110294A2 *Mar 6, 2008Sep 18, 2008Deutsche Telekom AgMethod and device for producing fixed-mobile convergent telecommunications services
DE19729933A1 *Jul 7, 1997Feb 4, 1999Mannesmann AgVerfahren zur Konfigurierung, insbesondere Freischaltung eines Endgerätes, Endgerät, Dienstleistungszentrale und Datenerfassungsgerät
DE19729933B4 *Jul 7, 1997Jan 19, 2006Atx Europe GmbhVerfahren zur Konfigurierung, insbesondere Freischaltung eines Endgerätes, Endgerät, Dienstleistungszentrale und Datenerfassungsgerät
DE19911221B4 *Mar 12, 1999Oct 27, 2005T-Mobile Deutschland GmbhVerfahren zur Verteilung von Schlüsseln an Teilnehmer von Kommunikationsnetzen
EP0935041A1 *Feb 9, 1999Aug 11, 1999Eric MarichalApparatus and method for physical or logical access control
EP0944203A2 *Jan 26, 1999Sep 22, 1999Nokia Mobile Phones Ltd.Mobile internet access
EP1058872A1Feb 5, 1999Dec 13, 2000Telefonaktiebolaget Lm EricssonMethod, arrangement and apparatus for authentication through a communications network
EP1065634A1 *Jul 2, 1999Jan 3, 2001Mic SystemsSystem and method for performing secure electronic transactions over an open communication network
EP1102150A2 *Nov 13, 2000May 23, 2001IniNet AGMethod for internet user identification
EP1102157A1 *Nov 22, 1999May 23, 2001Telefonaktiebolaget Lm EricssonMethod and arrangement for secure login in a telecommunications system
EP1107638A1 *Dec 7, 1999Jun 13, 2001Telecom Italia Mobile S.P.A.A method of enabling a customer of a mobile radio network to access an electronic mail server
EP1187419A2 *Sep 5, 2001Mar 13, 2002Pioneer CorporationUser authentication system and method
EP1189180A2 *Jul 13, 2001Mar 20, 2002Pioneer CorporationInformation service providing method
EP1199864A1 *Oct 19, 2001Apr 24, 2002Ascom Monétel SASystem to securely access a service
EP1238336A1 *Dec 14, 2000Sep 11, 2002Authentify, Inc.Dual network system and method for online authentication or authorization
EP1249141A1 *Jan 18, 2001Oct 16, 2002Microinspection, Inc.Authentication method using cellular phone in internet
EP1305745A1 *Jun 21, 2000May 2, 2003Chikka Pte LtdA trading and auction system, and methods for the authentication of buyers and sellers and for the transmission of trading instructions in a trading and auction system
EP1341104A1 *Oct 30, 2001Sep 3, 2003ARKRAY, Inc.User authentication method in network
EP1502383A1 *May 7, 2003Feb 2, 2005Wireless Applications Pty Ltd.Method for authenticating and verifying sms communications
EP1705594A2 *Mar 16, 2006Sep 27, 2006webmiles GmbHMethod and device for tamper-proof determination of receivers in a communication system
EP1983696A1 *Apr 16, 2007Oct 22, 2008T-Mobile International AG & CO. KGMobilized inhouse network and method for operating such a network
EP2355028A1 *Dec 30, 2009Aug 10, 2011SecurEnvoy LimitedAuthentication apparatus
US6230002Nov 19, 1997May 8, 2001Telefonaktiebolaget L M Ericsson (Publ)Method, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network
US6430407Feb 4, 1999Aug 6, 2002Telefonaktiebolaget Lm Ericsson (Publ)Method, apparatus, and arrangement for authenticating a user to an application in a first communications network by means of a mobile station communicating with the application through a second communications network
US6477644Feb 5, 1999Nov 5, 2002Nokia Mobile Phones LimitedMobile internet access
US6993666Feb 25, 2000Jan 31, 2006Sonera OyjMethod and apparatus for remotely accessing a password-protected service in a data communication system
US7031699Aug 23, 1999Apr 18, 2006Nokia CorporationSending initial password through an SMS
US7383572May 24, 2002Jun 3, 2008Authentify, Inc.Use of public switched telephone network for authentication and authorization in on-line transactions
US7461258Nov 14, 2003Dec 2, 2008Authentify, Inc.Use of public switched telephone network for capturing electronic signatures in on-line transactions
US7574733Jun 15, 2005Aug 11, 2009Authentify, Inc.System and method of using the public switched telephone network in providing authentication or authorization for online transaction
US7725723Aug 12, 2002May 25, 2010Peter LandrockData certification method and apparatus
US8078879Mar 31, 2010Dec 13, 2011Cryptomathic A/SData certification method and apparatus
US8549308Nov 16, 2011Oct 1, 2013Cryptomathic Ltd.Data certification method and system
US8649766Dec 30, 2009Feb 11, 2014Securenvoy PlcAuthentication apparatus
Classifications
International ClassificationG06F21/31, G06F21/43, G07F7/10, H04L29/06, G06Q20/00, G06F1/00, G07F17/16, H04W4/12
Cooperative ClassificationG06Q20/425, G06Q20/3558, G06Q20/385, G07F7/1008, H04L29/06, G06F2221/2119, G06F21/43, G06F2221/2117, G07F17/16, G06F2221/2107, H04L63/18, G06F21/31, H04L63/08, H04W4/12
European ClassificationG06F21/31, G06F21/43, G06Q20/385, G06Q20/3558, G06Q20/425, H04L63/18, H04L63/08, H04L29/06, G07F17/16, G07F7/10D
Legal Events
DateCodeEventDescription
Jul 4, 2001WWG
Ref document number: 1997902381
Country of ref document: EP
Feb 2, 2000WWP
Ref document number: 1997902381
Country of ref document: EP
Dec 24, 1998REG
Ref country code: DE
Ref legal event code: 8642
Dec 4, 1998NENP
Ref country code: JP
Ref document number: 97529825
Format of ref document f/p: F
Aug 26, 1998WWE
Ref document number: 1997902381
Country of ref document: EP
Nov 19, 1997121
Oct 30, 1997DFPE
Aug 28, 1997AK
Kind code of ref document: A1
Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE HU IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK TJ TM TR TT UA UG US UZ VN YU AM AZ BY KG KZ MD RU TJ TM
Aug 28, 1997AL
Kind code of ref document: A1
Designated state(s): KE LS MW SD SZ UG AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF