WO1995019612A1 - A method of verifying authorization - Google Patents

A method of verifying authorization Download PDF

Info

Publication number
WO1995019612A1
WO1995019612A1 PCT/SE1995/000025 SE9500025W WO9519612A1 WO 1995019612 A1 WO1995019612 A1 WO 1995019612A1 SE 9500025 W SE9500025 W SE 9500025W WO 9519612 A1 WO9519612 A1 WO 9519612A1
Authority
WO
WIPO (PCT)
Prior art keywords
subcode
code
input
authorisation
user
Prior art date
Application number
PCT/SE1995/000025
Other languages
French (fr)
Inventor
Curt Nicolin
Hans Sjöblom
Original Assignee
SJÖBLOM, Lotta
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SJÖBLOM, Lotta filed Critical SJÖBLOM, Lotta
Priority to EP95906583A priority Critical patent/EP0739525A1/en
Priority to AU14696/95A priority patent/AU1469695A/en
Publication of WO1995019612A1 publication Critical patent/WO1995019612A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1058PIN is checked locally
    • G07F7/1066PIN data being compared to data on card

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

Method in conjunction with verification of the access to a system, wherein an authorised user must input an authorisation code. On a certain occasion of use, the user inputs a subcode and, on the next occasion of use, the user inputs a complementary subcode, on said next occasion the user being granted access to the system, provided that the two subcodes, taken together, satisfy a given condition, optionally as a complement to additional access-verifying measures, e.g. the input of a so-called PIN code.

Description

A METHOD OF VERIFYING AUTHORIZATION.
Technical Field
The present invention relates to a method in con¬ junction with verification of the access to a system, wherein an authorised user must input a personal authori- 5 sation code or access code.
Background of the Invention
In many very different fields of application, use is made of systems which require that a user certify or veri- 0 fy his access, before he is granted access to the system at issue. Examples of systems of this type, which are fre¬ quently used today, are computer systems, cash dispensers, mobile telephone systems, admittance systems, card payment systems and the like. 5 To verify his access, the user must usually input a personal authorisation code, as a rule by using some sort of keyboard. In many cases, the authorisation code is a so-called PIN code (Personal Identification Number) . Be¬ sides, it is frequently necessary that the user presents
20 to the system some sort of authorisation object or device which recently in more and more cases is of the active type, especially a smart card, with which the system can communicate, when the authorisation device has, for ex¬ ample, been inserted into a reader included in the sys-
25 tern.
There is a substantial risk of unauthorised utilisa¬ tion if an unauthorised person can obtain information about a user's personal authorisation code, for example by secret watching of the user as he enters his authori-
30 sation code, or by unauthorised monitoring of data commu¬ nications in the system. For the purpose of obviating the last-mentioned possibility, among other things, many forms of encryption have been suggested.
SUBSTITUTE SHEET ISA/SE Objects of the Invention
The main object of the invention is to provide a method, by which the security against unauthorised access to the system can be significantly increased by simple means.
A further object of the invention is to provide a method which renders it possible for a user to selec¬ tively increase the security on occasions when this is estimated to be particularly desirable.
One more object of the invention is to provide a se¬ curity-enhancing method which is well suited to be used when the personal authorisation code is supplemented with the use of an authorisation device of the active type, especially a smart card.
A further object of the invention is to provide a security-enhancing method in which supplementary measures to be taken by the user can be flexible and variable and, moreover, can be controlled by the user himself.
Summary of the Invention
The above-mentioned objects are achieved by a method having the features stated in the accompanying claims. Thus, the invention is based on the knowledge that the security, especially against unauthorised catching of an authorisation code, can be increased by the requisite authorisation code comprising parts which are input on successive occasions of use. In other words, a first subcode is input on one occasion of use, whereupon a com- plementary subcode is input on the next occasion of use. Only if the two thus input subcodes, taken together, sat¬ isfy a given condition, the user is granted access to the system at issue on said next occasion of use.
As will be easily appreciated, unauthorised catching of one subcode does not imply that it will be possible to use the system unauthorisedly. The probability of the un¬ authorised person succeeding in catching also the other subcode on a subsequent occasion of use is, as is appre¬ ciated, very small. Of course, this is especially the case if the unauthorised person should first succeed in catching the complementary subcode, since, in a preferred embodiment of the invention, the authorised user uses, on the next occasion of use, a first subcode which deviates from the one last used.
The inventive subcode concept may advantageously be used as a complement to additional access-verifying rneas- ures. According to a preferred embodiment of the inven¬ tion, the subcodes are input as a complement to a basic authorisation code, which preferably is a so-called PIN code. When subcodes are used, it is convenient in such a case that the verification of the access begins with the input of the requisite complementary subcode, whereupon the basic authorisation code is input. Subsequently, a new first subcode may be input, if deemed desirable. It will be appreciated that an unauthorised person who se¬ cretly watches this process and from this tries to con- elude which PIN code and/or which subcodes are valid, will meet with an additional difficulty in the fact that the division between the subcode and the PIN code need not be apparent.
An alternative to inputting a new first subcode after the input of the PIN code (if provided) is, of course, to input a new first subcode as the last measure when using the system.
An essential advantage of the invention is, as will be easily appreciated, that in cases in which a basic au- thorisation code is used, the authorised user may also determine himself when he wishes to use the subcodes for enhancing the security. Such a freedom of choice is ex¬ tremely simple to implement in systems of the kind in¬ tended here. From the user's viewpoint, it is convenient to oper¬ ate with subcodes which are easy for the user to remem¬ ber. According to an embodiment of the invention, the subcodes contain, taken together, the same code elements (for example digits) as a used basic authorisation code, but of course other alternatives are feasible. For ex¬ ample, the user himself may select subcode data based on what he considers suitable, thereby making it easy to re¬ member what applies.
According to the invention, it is advantageous that the authorised user himself arbitrarily selects the divi¬ sion into subcode and complementary subcode and varies the division between different occasions of using the subcodes, of course within the scope of given conditions.
If the choice of the subcode should be made on the basis of a predetermined code combination (which, for in¬ stance, may be the basic authorisation code) , it is pos- sible for example to vary the length of the first subcode relative to the length of the complementary subcode, as well as which code elements should be included in the first subcode and in the complementary subcode etc. Of course, this requires the system (including the active authorisation device, if any) to have the necessary qualities to unambiguously compile, based on the subcode inputs effected, the input information in order to decide whether the above-mentioned given condition is satisfied. In a variant of the invention, it is conceivable to let the first subcode and the complementary subcode be identical or be related to each other in a predetermined manner (the complementary subcode may, for example, be the first subcode multiplied by a secret factor known by the user only) . In such a case, there need not be any stored basic information about the actual subcodes, but it is satisfactory if the input first subcode can be stored until the next occasion of use and then be com¬ pared with the input complementary subcode in respect of the satisfying of said condition. According to a preferred embodiment, the inventive method comprises, as an additional access-verifying meas¬ ure, the presentation of an authorisation device of the active type, especially a so-called smart card, to the system. It is then convenient, when using subcodes, to. let the authorisation device be controlled thereby, such that access information is supplied from the authorisa- tion device to the system merely after satisfying said given condition. Preferably, the processing of the input subcode and the input complementary subcode occurs in the active authorisation device, which means that the actual system need not be involved to any considerable extent, thereby already increasing the security. Moreover, the input of secret basic information about the use of the subcode in the active authorisation device can, in any case partly, be carried out directly by the user, for example in conjunction with the handing-out of the au- thorisation device, whereby for example the code combina¬ tion from which the subcodes should be collected, needs to be known by the authorised user only.
It is especially advantageous to use an authorisa¬ tion device or a card permitting the input of codes, for example a card having a keyboard, such that the user can input the subcode and the complementary subcode directly into the authorisation device. As a result, the entire security-enhancing subcode procedure can occur directly on the authorisation device outside the actual system. It will therefore not be possible to unauthorisedly try to obtain subcode information by using or monitoring data communications between the system and the authorisation device.
The invention will now be described in more detail by means of an embodiment, reference being made to the accompanying drawing.
Brief Description of the Drawing
The only Figure shows a schematic flow chart which illustrates an example of the use of security-enhancing subcodes in connection with a transaction system, in which access is verified by means of an authorisation de- vice and an input authorisation code in the form of a so- called PIN code.
Description of the Preferred Embodiment In the flow chart shown in the Figure, steps 10, 20, 30 and 40 represent a conventional method for carrying out a transaction in a transaction system. These conven¬ tional steps thus need not be described in more detail. The modifications which are required for carrying out the embodiment of the invention are as follows.
In step 11 following step 10, it is checked whether a subcode has been stored on the preceding occasion of use. If so, a subcode flag is set, which means transition to step 12. Otherwise, transition occurs to step 20. In step 12, the necessary complementary subcode is input. In step 13, it is checked whether the given condi¬ tion for the combination of subcode and complementary subcode is satisfied. If not, the user will be given the possibility of one more or a few more attempts at a cor- rect input of the complementary subcode, whereupon the system will in the normal manner be closed for the au¬ thorisation device involved.
If the condition is satisfied, transition occurs to step 14, in which the subcode flag and the other informa- tion about the input subcode are cleared. Steps 13 and 14 can occur in the authorisation device, for example if this is a smart card.
Then follow steps 20, 30 and 40. Step 20 may com¬ prise reading of information from the authorisation de- vice to the system, after the correct PIN code has been input.
In step 41, the system asks whether the input of a new subcode is desired. If the answer is in the negative, the transaction will be ended. In the affirmative, tran- sition to step 42 occurs. In step 42, the user inputs a new subcode, which in step 43 is stored in the system or in the authorisation device if this is, for example, a smart card, at the same time as the subcode flag is set again. Subsequently, the transaction will be ended.
A specific example of subcodes and the processing thereof will now be described. Assuming that the code combination of subcode and complementary subcode is 1, 2, 3, 4, 5. In step 13, five corresponding positions in a register should all have correctly set position flags to make the above-mentioned condition satisfied. For regis¬ ter position 1, a flag is set if a one is input; for reg- ister position 2, a flag is set if a two is input etc. No position flag is set if an incorrect digit or a * is in¬ put into a certain position.
Now assuming that the user selects in step 43 to in¬ put a subcode containing the digits 1, 3, 5 (i.e. corre- sponding to the first, third and fifth positions in the register) . The user may then on a keyboard enter 1, *, 3, *, 5 and any requisite other commands. As a result, the position flags for the first, third and fifth positions are set. On the next occasion of use, the user inputs, in step 12, * , 2 , * , 4, *, thereby also setting the position flags for the second and the fourth position. The stars in the first, third and fifth positions do not change the set flags of these positions, which, however, any other incorrectly entered digit would do.
If all the position flags are now correctly set, this means that the correct combination of subcode and complementary subcode has been input, thereby satisfying the given condition. The procedure now advances to step 14 for the resetting of position flags and the subcode flag before transition to step 20.

Claims

1. A method in conjunction with verification of the access to a system, wherein an authorised user must input an authorisation code, c h a r a c t e r i s e d in that on a certain occasion of use, the user inputs a subcode and, on the next occasion of use, inputs a complementary subcode, on said next occasion of use the user being granted access to the system, provided that the two sub¬ codes, taken together, satisfy a given condition, option¬ ally as a complement to additional access-verifying meas¬ ures.
2. The method as claimed in claim 1, c h a r a c - t e r i s e d in that the two subcodes are input as a complement to an input basic authorisation code, for ex¬ ample a so-called PIN code.
3. The method as claimed in claim 2, c h a r a c ¬ t e r i s e d in that the user himself decides when sub- codes should be used, for the purpose of increasing the security against unauthorised use of the system.
4. The method as claimed in claim 2 or 3, c h a r ¬ a c t e r i s e d in that the subcode and the complemen¬ tary subcode, taken together, contain the same code ele- ments as the basic authorisation code.
5. The method as claimed in any one of claims 1-3, c h a r a c t e r i s e d in that the user himself se¬ lects a code combination, from which the subcode and the supplementary subcode are selected.
6. The method as claimed in any one of the preceding claims, c h a r a c t e r i s e d in that the user him¬ self arbitrarily selects the division into subcode and supplementary subcode, based on a predetermined code com¬ bination.
7. The method as claimed in any one of the preceding claims c h a r a c t e r i s e d by comprising, as an ad¬ ditional access-verifying measure, the presentation of an authorisation device of the active type, especially a so- called smart card, to the system, and when using subcodes, the authorisation device being controlled thereby such that access information is supplied from the authorisation device to the system merely after satisfying said given condition.
8. The method as claimed in claim 7, c h a r a c ¬ t e r i s e d in that the processing of the input sub¬ code and the input supplementary subcode occurs in the authorisation device.
9. The method as claimed in claim 7 or 8, c h a r ¬ a c t e r i s e d in that a code combination, from which the subcode and the supplementary subcode are selected, is stored in the authorisation device.
10. The method as claimed in any one of claims 7-9, c h a r a c t e r i s e d by using an authorisation de¬ vice permitting the input of codes, thereby permitting the user to input the subcode and the complementary sub¬ code directly into the authorisation device.
PCT/SE1995/000025 1994-01-14 1995-01-13 A method of verifying authorization WO1995019612A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP95906583A EP0739525A1 (en) 1994-01-14 1995-01-13 A method of verifying authorization
AU14696/95A AU1469695A (en) 1994-01-14 1995-01-13 A method of verifying authorization

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE9400102-1 1994-01-14
SE9400102A SE9400102L (en) 1994-01-17 1994-01-17 Authorization verification procedure

Publications (1)

Publication Number Publication Date
WO1995019612A1 true WO1995019612A1 (en) 1995-07-20

Family

ID=20392575

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1995/000025 WO1995019612A1 (en) 1994-01-14 1995-01-13 A method of verifying authorization

Country Status (4)

Country Link
EP (1) EP0739525A1 (en)
AU (1) AU1469695A (en)
SE (1) SE9400102L (en)
WO (1) WO1995019612A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0953180A1 (en) * 1996-05-30 1999-11-03 Mci Communications Corporation Method for authenticating credit transactions to prevent fraudulent charges
NL1023224C2 (en) * 2003-04-18 2004-10-19 Syntech Holdings Bv Equipment and method are for secure disintegration of banknotes and involve electronic data simply available to an authorized person for use

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3587051A (en) * 1969-12-11 1971-06-22 North American Res Corp Electronic combination switching device
US3766522A (en) * 1972-08-10 1973-10-16 Gen Motors Corp Electronic combination lock
EP0372110A1 (en) * 1987-05-26 1990-06-13 Hai Cheng Chen A security system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3587051A (en) * 1969-12-11 1971-06-22 North American Res Corp Electronic combination switching device
US3766522A (en) * 1972-08-10 1973-10-16 Gen Motors Corp Electronic combination lock
EP0372110A1 (en) * 1987-05-26 1990-06-13 Hai Cheng Chen A security system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0953180A1 (en) * 1996-05-30 1999-11-03 Mci Communications Corporation Method for authenticating credit transactions to prevent fraudulent charges
EP0953180A4 (en) * 1996-05-30 2002-04-17 Mci Communications Corp Method for authenticating credit transactions to prevent fraudulent charges
NL1023224C2 (en) * 2003-04-18 2004-10-19 Syntech Holdings Bv Equipment and method are for secure disintegration of banknotes and involve electronic data simply available to an authorized person for use

Also Published As

Publication number Publication date
AU1469695A (en) 1995-08-01
SE9400102L (en) 1995-07-28
SE9400102D0 (en) 1994-01-17
EP0739525A1 (en) 1996-10-30

Similar Documents

Publication Publication Date Title
EP1107196B1 (en) A wireless electronic system for performing transactions
US5259025A (en) Method of verifying fake-proof video identification data
US5214699A (en) System for decoding and displaying personalized indentification stored on memory storage device
US5534683A (en) System for conducting transactions with a multifunctional card having an electronic purse
US7600676B1 (en) Two factor authentications for financial transactions
EP0953180B1 (en) Method for authenticating credit transactions to prevent fraudulent charges
US6611819B1 (en) Electronic money apparatus, method, card and computer readable record medium having electronic money processing program recorded thereon
CA2281816C (en) Method for authorization check
EP1254454B1 (en) System for securing data on a data carrier
US7010701B1 (en) Network arrangement for smart card applications
US20090150248A1 (en) System for enhancing payment security, method thereof and payment center
US20040098336A1 (en) System for effecting orders for payment with identification by means of card data and fingerprint
US7210621B2 (en) Secure credit card and method and apparatus for utilizing the same
KR20010030344A (en) A universal magnetic stripe card
EP1436791A2 (en) Enhanced pin-based security system
US20020013900A1 (en) User authentication device and electric commerce system using the device
WO1995019612A1 (en) A method of verifying authorization
EP0638880B1 (en) A method of verifying fake-proof video identification data
CN1196541B (en) Method and apparatus for automatically disabling removable, portable vault of postage metering system
JPS58161083A (en) Collating device
JPH04303281A (en) Device for authenticating individual
EP1039769A1 (en) A method and apparatus for getting acccess to a digital mobile phone
WO2001041026A1 (en) Method and system for point of transaction credit card access validation
JPS60207956A (en) Identification matching system
GB2345175A (en) Payment card authentication

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK EE ES FI GB GE HU JP KE KG KP KR KZ LK LR LT LU LV MD MG MN MW MX NL NO NZ PL PT RO RU SD SE SI SK TJ TT UA US UZ VN

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE MW SD SZ AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1995906583

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1995906583

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: CA

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 1995906583

Country of ref document: EP