公开(公告)号：EP3407280A1

公开(公告)日：2018-11-28

申请号：EP17172892.6

申请日：2017-05-24

Applicant: Mastercard International Incorporated

Inventor： CUMMINS, Edwin ,  MONAGHAN, Karl ,  WHELAN, Darragh ,  DIXON, Conor ,  O'BRIEN, Gregory

IPC: G06Q20/40 ,  G07C9/00 ,  H04L29/06 ,  G06F19/00 ,  G06Q50/24

CPC classification number: G07C9/00087 ,  G06F19/32 ,  G06F19/34 ,  G06F21/32 ,  G06F21/35 ,  G06K9/00288 ,  G06Q20/40145 ,  G07C9/00103 ,  G16H20/13 ,  G16H70/40 ,  H04L63/0853 ,  H04L63/0861 ,  H04L2463/082

Abstract: A method of authenticating a user with a computing device associated with a camera is described. The computing device obtains first data from a token held by the user, and then captures a user image with the camera. The first data and the captured user image are then sent to an authentication server. If a record matches the first data, the record comprising the first data and a stored user image, the computing device receives information to indicate whether the user is authenticated. A suitable computing device is described, together with a suitable authentication server and an associated method carried out at the authentication server.

公开(公告)号：EP3384655A1

公开(公告)日：2018-10-10

申请号：EP16816108.1

申请日：2016-12-02

Applicant: Cernoch, Dan ,  Pondicherry, Ajay ,  Refsland, David ,  Ives-Halperin, Kenneth

Inventor： Cernoch, Dan ,  Pondicherry, Ajay ,  Refsland, David ,  Ives-Halperin, Kenneth

IPC: H04L29/06

CPC classification number: H04L63/10 ,  G06F21/31 ,  G06F21/44 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/205 ,  H04L2463/082

Abstract: Authentication systems and methods can selectively authenticate a request to access a resource data store storing access rights associated with a user device. The systems and methods can scalably execute challenges workflows as part of the authentication process. For example, a request to access one or more access rights stored in the data store can be received from the user device. The user device can be authenticated using challenge workflows selected based on a device identifier of the user device. The selected challenge workflows can be executed to determine whether or not to grant access to the access rights stored in the resource data store.

公开(公告)号：EP3381166A1

公开(公告)日：2018-10-03

申请号：EP16810557.5

申请日：2016-11-23

Applicant: Inauth, Inc.

Inventor： BENSON, Glenn, S. ,  GOLDBERG, Daniel ,  MOOS, Chris, Guenther ,  MARSOLAN, Paul

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/08 ,  H04W12/12

CPC classification number: H04L63/0876 ,  H04L63/0815 ,  H04L63/10 ,  H04L63/1441 ,  H04L63/18 ,  H04L67/146 ,  H04L67/303 ,  H04L67/42 ,  H04L2463/082 ,  H04W12/06 ,  H04W12/08 ,  H04W12/12 ,  H04W88/02

Abstract: A system facilitates secure communication between an authorized user device and two or more servers via two or more channels that are associated with the respective servers. For each communication channel, the system receives a device identifier for the authorized user device and links the device identifiers together via another identifier, thereby allowing the system to recognize that the different device identifiers identify the same authorized user device. The system can identify an unauthorized device masquerading as the authorized user device by determining that a communication from the unauthorized device does not include another identifier linking the two or more device identifiers and/or by determining that a device identifier computed during the registration process is different from a linked identifier.

公开(公告)号：EP2955903B1

公开(公告)日：2018-09-26

申请号：EP15171518.2

申请日：2015-06-10

Applicant: Orange

Inventor： Prokopi, Maria ,  Qureshi, Mobeen ,  Ahmad, Zaheer

IPC: H04L29/08 ,  G06F21/31 ,  H04L29/06

CPC classification number: H04L63/105 ,  G06F21/316 ,  G06F2221/2113 ,  H04L63/08 ,  H04L63/0823 ,  H04L67/22 ,  H04L67/306 ,  H04L2463/082

Abstract: A method and system regulate a digital security system that controls access to a resource. The digital security system controls access to the resource according to a multi-level security protocol including a high-security-level access protocol and a low-security-level access protocol. The regulation method and system are configured to collect data from a set of user-data sources with which the user interacts during his daily life and, based on the collected data, to compute security parameters characterizing user activity. The computed security parameters are compared to a digital profile that models the characteristic behaviour of this user. When the comparison indicates that the observed user activity is inconsistent with the digital behaviour profile, the method and system regulate the digital security system to set (or maintain) it in an operating state such that, when the user requests access to the resource in the future, the digital security system will automatically implement the high-security-level access protocol at that time.

公开(公告)号：EP3367718A1

公开(公告)日：2018-08-29

申请号：EP17158517.7

申请日：2017-02-28

Applicant: Utiliread ApS

Inventor： JACOBSEN, Rasmus Melchior

IPC: H04W12/08 ,  G01D4/00 ,  H04W12/06

CPC classification number: H04W12/08 ,  G01D4/002 ,  H04L2463/082 ,  H04W12/06 ,  Y02B90/241 ,  Y02B90/246 ,  Y04S20/32 ,  Y04S20/42 ,  Y04S40/24

Abstract: The present invention relates to a method and a system 100 for authorising access, in particular for authorising access to a computer system, such as to a computer system comprising consumption data 110, 135 from meter systems 111. The authorisation system being configured to: obtain, via a second communication channel 118 and by means of a portal system 102, second primary access information 120 being indicative of a first meter system 112; obtain, via the second communication channel 118 and by means of the portal system 102, first primary access information 122 relating to, or comprising, at least part of the first consumption data 110; obtain, by means of the second primary access information 120 and second primary verification information 114, first primary verification information relating to, or comprising, at least part of the first consumption data 110; and compare, using an access evaluator 126, the first primary access information 122 with the first primary verification information for determining whether to authorise access.

公开(公告)号：EP3362934A1

公开(公告)日：2018-08-22

申请号：EP16779308.2

申请日：2016-09-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： SABOORI, Anooshiravan ,  PORTER, Nelly ,  BHARADWAJ, Vijay G. ,  WEINERT, Alexander Thomas ,  URECHE, Octavian T. ,  VINCENT, Benjamin Richard ,  KAMEL, Tarek Bahaa El-Din Mahmoud

IPC: G06F21/33 ,  G06F21/31 ,  G06F21/35

CPC classification number: G06F21/31 ,  G06F21/33 ,  G06F21/35 ,  G06F2221/2111 ,  H04L63/06 ,  H04L63/08 ,  H04L2463/082

Abstract: A multi-factor user authentication framework using asymmetric key includes a host device, a user agent, a gesture system, and an authentication system. The multiple factors include a user credential as well as a user gesture that indicates that the user is present. The user interacts with the user agent via the host device in order to obtain access to something for which user authentication is needed. The authentication system maintains the user credentials, which are provided to authenticate the user in response to the authentication system determining that the user is present (which can be determined in different manners, such as using a personal identification number (PIN), biometric information regarding the user, geographic location of the gesture system, etc.). The user agent, gesture system, and authentication system can be implemented on the same device (e.g., the host device), or alternatively implemented across one or more different devices.

公开(公告)号：EP3350738A1

公开(公告)日：2018-07-25

申请号：EP16847554.9

申请日：2016-09-19

Applicant: First Data Corporation

Inventor： ROYYURU, Vijay Kumar

IPC: G06F21/12 ,  G06F21/32 ,  G06F21/36 ,  G06K9/00 ,  H04L9/32 ,  G06F19/20 ,  A61B34/10 ,  G06Q30/02

CPC classification number: H04L63/0861 ,  G06Q20/40145 ,  G06Q30/0277 ,  H04L9/3213 ,  H04L9/3231 ,  H04L63/166 ,  H04L2463/082

Abstract: A computing device for biometric authentication includes an input interface, a biometric input interface with a biometric sensor, a communications interface, a memory, and a processor. The processor navigates a browser to a website and receives an input associated with a biometric access icon associated with a secure webpage that is displayed on the website. The processor launches an interface of a mobile authentication application upon receiving the input. The interface includes an instruction to provide a biometric input. The processor receives the biometric input and compares the received input with a stored input. The stored input is stored on the memory. The processor authenticates a user of the computing device based on the comparison of the received input and the stored input, communicates an authentication confirmation to an entity associated with the secure webpage, and receives a uniform resource locator (URL) associated with the secure webpage.

公开(公告)号：EP3177987A4

公开(公告)日：2018-07-25

申请号：EP15830319

申请日：2015-08-03

Applicant: MOBILE SEARCH SECURITY LLC

Inventor： MULHEARN PATRICK F X ,  CAPRONI LEO MARTIN ,  HEARN FRANCIS J

IPC: G06F21/32 ,  G06F7/04 ,  G06F21/62 ,  G06Q20/40 ,  H04L9/32

CPC classification number: G06F21/606 ,  G06F21/32 ,  G06F21/6245 ,  G06F2221/2115 ,  H04L63/0861 ,  H04L2463/082 ,  H04W12/06

Abstract: A system for authenticating an identity of a user is disclosed. The system comprises a processor and a non-volatile storage medium comprising computer executable instructions to instruct the processor to receive an image file relating to the user, from a user device owned by the user; determine whether the image file matches stored image information ma database, wherein the stored image information is not an image file and contains identifying information about the image; and, if the image file matches the stored image information, allow the user to request an authentication message be sent to the user device, request that an authentication message be sent to a destination oilier than, the user device, or request that a message be sent to a third party whose message addressing information is unknown to the user.

公开(公告)号：EP3329650A1

公开(公告)日：2018-06-06

申请号：EP16747957.5

申请日：2016-07-26

Applicant: Amazon Technologies, Inc.

Inventor： JOHANSSON, Jesper, Mikael ,  HITCHCOCK, Daniel, Wade ,  CANAVOR, Darren, Ernest ,  BHIMANAIK, Bharath, Kumar

IPC: H04L29/06 ,  H04W12/06 ,  H04W4/00

CPC classification number: H04L63/0838 ,  H04L63/067 ,  H04L2463/082 ,  H04W12/06

Abstract: Disclosed are various embodiments for providing multi-factor authentication credentials. In one embodiment, in response to a request from an application, a notification is generated in a notification area of a display. Entry of a user approval is facilitated via the notification. In response to receiving the approval, a security credential is transferred to the application. In another embodiment, the security credential may be shown in the notification area so that a user may enter it in a form field of the application.

公开(公告)号：EP3314845A2

公开(公告)日：2018-05-02

申请号：EP16732869.9

申请日：2016-06-21

Applicant: Microsoft Technology Licensing, LLC

Inventor： BAILEY, Guillaume ,  MAHENDRU, Kshitij ,  WU, Jun ,  ZARIC, Vlado

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/08 ,  H04L63/102 ,  H04L63/205 ,  H04L2463/082 ,  H04W12/06

Abstract: Disclosed herein are systems and methods for determining learned associations between authentication credentials and network contextual data, such as may be utilized in a network that supports network roving. A mobile device attempts to rove to a visited network using authentication credentials associated with another network, based at least in part on first contextual information associated with the other network and second contextual information associated with the visited network indicating that the visited network is part of a common association of networks that supports roving internetworking between the networks of the common association.