Method and system for the behaviour-based authentication of a user

    公开(公告)号:US11632368B2

    公开(公告)日:2023-04-18

    申请号:US16495539

    申请日:2018-02-23

    摘要: The invention relates to a method for authenticating (400) a current user of a mobile, portable communication system (100) with respect to a server (150) by means of a behavior-based authentication.
    The server (150) comprising a first interface and a second interface. The first interface is configured to communicate with at least one activatable device (152), and the second interface is configured to communicate with a mobile, portable communication system (100).
    The method for authentication comprises: receiving at least one classification result (600) by the server (150) from the mobile, portable communication system (100); evaluating the at least one classification result (600) by the server according to a predefined examination criterion (800); and activating the device (152) by the server (150) by means of a control signal.

    METHOD FOR SECURELY PROVIDING A PERSONALIZED ELECTRONIC IDENTITY ON A TERMINAL

    公开(公告)号:US20220116230A1

    公开(公告)日:2022-04-14

    申请号:US17421079

    申请日:2020-01-08

    IPC分类号: H04L9/32 H04L9/08 H04L9/30

    摘要: The invention relates to a method for securely providing a personalized electronic identity on a terminal (2) which can be used by a user (1) for identification purposes when claiming an online service. In the method, an identification application is ran on a terminal (2), which is assigned to a user (1), in a system comprising data processing devices (9; 10; 11; 12) and said terminal (2), and additionally a personalization application and an identity provider application are ran. The method has the following steps in particular; transmitting a request to transmit an identity attribute assigned to the user (1) front the personalization application to the identity provider application; transmitting the identity attribute from the identity provider application to the personalization application after an agreement to transmit the identity attribute by means of the identity provider application is received from the user (1); generating an asymmetric key pair with a public and a private key on the terminal (2) by means of the identification application; transmitting the public-key from tire identification application on the terminal (2) to the personalization application; and generating an electronic certificate for the public-key by means of tire personalization application and storing the electronic certificate in a data storage device in order to form a first public-key infrastructure of the personalization application, additionally having the steps of: generating a hash value for the identity attribute and recording the hash value onto the electronic certificate. The identity attribute is encoded and transmitted together with the electronic certificate from the personalization application to the identification application (14) on the terminal (2), where both are stored in a local storage device of the terminal (2).

    System and methods for performing distributed authentication using a bridge computer system

    公开(公告)号:US11277398B2

    公开(公告)日:2022-03-15

    申请号:US16670568

    申请日:2019-10-31

    IPC分类号: H04L9/30 H04L29/06

    摘要: A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.

    Providing and checking the validity of a virtual document

    公开(公告)号:US11151260B2

    公开(公告)日:2021-10-19

    申请号:US16334189

    申请日:2017-10-11

    发明人: Olaf Horvath

    摘要: A method for providing and checking the validity of a virtual document on a first computer system is disclosed. The virtual document is provided by means of a mobile second computer system for a first computer system. The method includes receiving a password-protected storage address of a first database at which the virtual document can be read, reading the virtual document, displaying the virtual document on a display of the first computer system, receiving a unique second identifier of the mobile second computer system, calculating a third identifier using the received second identifier and a hash value of the virtual document, identifying the database entry of the second database in which a first identifier of a first pairing consisting of the mobile second computer system and the first virtual document is stored, comparing the calculated third identifier with the first identifier stored in the identifier database entry.

    ID token having a protected microcontroller

    公开(公告)号:US10956618B2

    公开(公告)日:2021-03-23

    申请号:US15779987

    申请日:2016-12-13

    摘要: An ID token includes a sensor, a communication interface, and a first microcontroller. The ID token includes a protected second microcontroller having at least one microcontroller communication interface, which is arranged in a holder of the ID token, wherein the microcontroller communication interface provides a data input and a data output. The first microcontroller is configured as a proxy for switching between the sensing of the measurement data by the sensor and forwarding of the sensed measurement data from the sensor to the first application of the protected second microcontroller by the microcontroller communication interface thereof on the one hand and forwarding of notifications for establishing a connection between the second application and the reading device and/or forwarding of APDUs by the connection between the second application and the reading device on the other hand.

    Person identification apparatus
    8.
    发明授权

    公开(公告)号:US10713474B2

    公开(公告)日:2020-07-14

    申请号:US15552055

    申请日:2016-03-09

    IPC分类号: G06K9/00 G06K9/20 H04N5/33

    摘要: Methods, systems, and devices are described for warless communications. An apparatus may identifying a living person by recording a heat image of a person's facial area and detecting a local heat inhomogeneity in a predetermined detection range of the heat image in order to identify the living person. Identifying the living person may include detecting a heat pattern in a predetermined detection range and comparing the detected heat pattern to a heat reference sample. The predetermined detection range may be detected based on a heat image geometry, using pattern matching, by comparing the heat image to a white light image of a living person, or by masking the heat image.

    Method for authenticating a user to a machine

    公开(公告)号:US10607211B2

    公开(公告)日:2020-03-31

    申请号:US14762246

    申请日:2014-01-06

    IPC分类号: G06Q20/32 H04L29/06

    摘要: The disclosure relates to a method for authenticating a user to a machine: generating a challenge by the machine, generating a first pattern, in which the challenge is coded, by the machine, displaying the first pattern on a display device of the machine, optically recording the first pattern by a user device, decoding the first pattern to receive the challenge by the user device, generating a response to the challenge by the user device, generating a second pattern, in which the response is coded, by the user device, displaying the second pattern on a display device of the user device, optically recording the second pattern by the machine, decoding the second pattern to receive the response by the machine, checking the correctness of the response by the machine, and, on the condition that the response is correct, fulfilling a function by the machine.

    Mobile terminal for capturing biometric data

    公开(公告)号:US10572638B2

    公开(公告)日:2020-02-25

    申请号:US14795941

    申请日:2015-07-10

    摘要: A mobile terminal is provided by an issuing authority for capturing biometric data of a user for transmission to a security document. The mobile terminal includes a data storage unit containing a credential, an authentication module, a sensor for capturing the biometric data of the user and a control unit that is configured to capture the biometric data of the user only upon successful reciprocal authentication of the user and the mobile terminal. An authenticity test module tests the authenticity of the captured biometric data captured. If authentic, the captured biometric data is stored in the data storage unit in protected form. Readout of the biometric data from the mobile terminal, by an operator of the issuing authority, is permitted only if the operator has been authenticated to the mobile terminal using additional authentication data.