公开(公告)号：WO2022223484A2

公开(公告)日：2022-10-27

申请号：PCT/EP2022/060168

申请日：2022-04-15

Applicant: THALES DIS FRANCE SAS

Inventor： PIN, Yannick ,  ALI, Asad Mahboob

IPC: G06F21/34 ,  G06F21/32 ,  H04L9/40 ,  G06F2221/2103 ,  G06F2221/2151 ,  H04L63/0853 ,  H04L63/0861

Abstract: The invention relates to a method for granting a user access through a user access device hosting a client application to a service of a server application hosted by a server, comprising: - receiving by said client application a service access request and forwarding it to said server, - sending by said server application a user authentication request, a primary challenge, an URL of said service, and a unique user identifier to said user access device that forwards them to a secure peripheral device hosting a device application, - upon receiving said user authentication request, checking by said device application the user identity, - building by said device application a flag according to said checking using the result of a comparison between user data signals and the ones that have been stored within said secure peripheral device during a user-device binding process, or relying on a last user authentication validity, - generating by said device application a primary response based on said flag, on said primary challenge, and on a secret device key associated to said unique user identifier and to said URL and which has been stored within said secure peripheral device during the user-device binding process, - sending by said device application said primary response to said user access device that forwards it to said server, - verifying by said server application the validity of said primary response, - according to said primary response, granting or denying by said server application the user access to said service.

公开(公告)号：WO2022184441A1

公开(公告)日：2022-09-09

申请号：PCT/EP2022/053822

申请日：2022-02-16

Applicant: BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY

Inventor： SMITH-CREASEY, Max ,  EL-MOUSSA, Fadi

IPC: G06F21/34 ,  G06F21/32 ,  H04L9/40

Abstract: The authentication of a user across multiple devices includes the generation of authentication related data during an authentication process of a first device. The authentication process relating to a user's use of a second device is conducted in dependence on the authentication data generated during the authentication process of the first device. The authentication data may include the authentication readings that have been authenticated by the first device, a trust in the user, a location of the user, a proximity of the user to the device in use and a network device, and a time elapsed since the authentication process occurred on the first device. Beneficially, basing the authentication of a second device on the authentication process of a first device allows a trust in the user to be transferred.

公开(公告)号：WO2022153005A1

公开(公告)日：2022-07-21

申请号：PCT/FR2022/050062

申请日：2022-01-11

Applicant: LA POSTE

Inventor： MARCENAC, Guy ,  BOCQUIER, Bruno ,  MARIN, Pascal

IPC: G06F21/34 ,  G06F21/44

Abstract: L'invention concerne un procédé et un système de contrôle d'accès comprenant : - un support configuré pour supporter au moins une donnée de demande d'accès signée; - un support au moins défini par un identifiant unique préalablement signé et authentifiable; - un système de gestion de données comprenant plusieurs enregistrements; - un dispositif de génération d'une donnée de demande d'accès à signer à partir des enregistrements et de l'identifiant unique du support, - des moyens de signature de ladite donnée de demande d'accès à signer pour obtenir une donnée de demande d'accès signée comprenant une première donnée représentative de ladite une ou plusieurs desdites données spécifiques, une deuxième donnée relative audit identifiant unique du support, et une donnée signature, - un dispositif de transfert configuré pour transférer ladite donnée de demande d'accès signée audit support, ledit dispositif de transfert étant connecté auxdits moyens de signature et audit système de gestion.

公开(公告)号：WO2022148617A1

公开(公告)日：2022-07-14

申请号：PCT/EP2021/085898

申请日：2021-12-15

Applicant: THALES DIS FRANCE SAS

Inventor： TUILIER, Edmond ,  MARTIN, Jean-Pierre

IPC: G06F21/32 ,  G06F21/34 ,  H04L9/32

Abstract: The invention is a method for providing a One-Time-Password by an OTP device (20). The method comprises the steps: - establishing a communication session between the OTP device and a card (10) embedding a biometric sensor (18), - sending to the card, a request (84) to get a cryptographic value (72) computed from an identifier (19) of the card, - trying to authenticate a user through said biometric sensor and automatically releasing the cryptographic value in case of success only, - sending the cryptographic value from the card to the OTP device, - checking, by the OTP device, the cryptographic value by using a reference value (25), and - providing the One-Time-Password by the OTP device only in case of success.

公开(公告)号：WO2022144981A1

公开(公告)日：2022-07-07

申请号：PCT/JP2020/049148

申请日：2020-12-28

Applicant: 楽天グループ株式会社

Inventor： 赤鹿　秀樹

IPC: G06F21/34 ,  G06F21/45

Abstract: 認証システム（Ｓ）の入力情報取得手段（１０１，２０１）は、ユーザ端末（３０）から入力された、ユーザが所持するカードの外観の特徴に関する入力情報を取得する。識別情報取得手段（１０４，２０２）は、カードを識別可能な識別情報を取得する。登録情報取得手段（１０５，２０３）は、予め識別情報に関連付けられてサーバ（１０，２０）に登録された、外観の特徴に関する登録情報を取得する。認証手段（１０２）は、入力情報と、登録情報と、に基づいて、認証を実行する。

公开(公告)号：WO2022125979A1

公开(公告)日：2022-06-16

申请号：PCT/US2021/062938

申请日：2021-12-10

Applicant: THE ALFRED E. MANN FOUNDATION FOR SCIENTIFIC RESEARCH [US]/[US]

Inventor： KOHLER, Daniel G.

IPC: G06F21/31 ,  G06F21/33 ,  G06F21/34 ,  H04L9/32 ,  H04W12/06 ,  H04W12/069 ,  H04L49/00

Abstract: A method of multi-factor authentication includes receiving, by a first electronic device, a partial digital certificate including partial certificate information omitting at least one authentication factor from complete certificate information, and a signature encrypting a first hash of the complete certificate information with a certificate authority private key. The method also includes obtaining the first hash by decrypting, by the first electronic device, the signature with a certificate authority public key corresponding to the certificate authority private key; generating, by the first electronic device, a second hash based on the partial certificate information in the partial digital certificate and the at least one authentication factor; and comparing, by the first electronic device, the second hash to the first hash.

公开(公告)号：WO2022091221A1

公开(公告)日：2022-05-05

申请号：PCT/JP2020/040272

申请日：2020-10-27

Applicant: 日本電気株式会社

Inventor： 青柳　亨 ,  今西　佳子

IPC: G06F21/32 ,  G06F21/34

Abstract: 情報処理装置（１００）は、第１個人特定情報および端末特定情報が記録されている携帯型の記録媒体から第１個人特定情報および端末特定情報を取得する取得部（１０２）と、端末に搭載されたセンサが取得した第２個人特定情報と、当該端末の端末特定情報とを、記録媒体から取得した第１個人特定情報および端末特定情報を用いて認証する認証部（１０４）と、認証が成功したときに、所定の処理を実行する実行部（１０６）と、を備える。

公开(公告)号：WO2022042504A1

公开(公告)日：2022-03-03

申请号：PCT/CN2021/114159

申请日：2021-08-23

Applicant: 中兴通讯股份有限公司

Inventor： 谢迪 ,  管天云

IPC: G06F21/34 ,  G06F21/44 ,  G06F9/451

Abstract: 一种云桌面访问认证方法、电子设备和计算机可读存储介质，所述方法包括：接收客户终端的云桌面访问请求，所述云桌面访问请求携带由所述客户终端从USB-Key获取的用户认证信息(S110)；根据所述云桌面访问请求生成第一动态密码，并将所述用户认证信息和所述第一动态密码发送给云服务终端，以使所述云服务终端对所述用户认证信息进行验证和保存所述第一动态密码(S120)；接收所述云服务终端根据所述用户认证信息发送的验证信息(S130)；将所述第一动态密码发送给预设的密码接收设备，以使所述客户终端根据所述预设的密码接收设备接收到的所述第一动态密码从所述云服务终端获取访问云桌面的权限(S140)。

公开(公告)号：WO2022037817A1

公开(公告)日：2022-02-24

申请号：PCT/EP2021/065006

申请日：2021-06-04

Applicant: ASSA ABLOY AB

Inventor： KAUFMANN, Martin

IPC: G06F21/34 ,  H04L29/06 ,  G07C9/00

Abstract: A reader device of an access control system comprises physical layer circuitry and processing circuitry. The processing circuitry is operatively coupled to the physical layer circuitry and is configured to initiate transmission of a command to a credential device; determine a time duration from sending the command to the credential device to receiving a response to the command from the credential device; and generate an indication when the time duration exceeds a relay attack detection threshold time duration.

公开(公告)号：WO2022033769A1

公开(公告)日：2022-02-17

申请号：PCT/EP2021/068390

申请日：2021-07-02

Applicant: THALES DIS FRANCE SA

Inventor： OUNG, Richard ,  FAVREAU, Valentin ,  CHAFER, Sylvain

IPC: G06F21/32 ,  G06F21/45 ,  G06F21/34

Abstract: Enrolling a cardholder of a biometric payment card having a biometric sensor to authenticate to a service provider by using the biometric sensor located on the biometric payment card by receiving, by a processor of the biometric payment card, biometric information from the biometric sensor; adding the received biometric information to a biometric template for the cardholder of the biometric payment card; determining whether the biometric information completes a biometric template; verifying the cardholder of the payment card as being a legitimate user of the payment card; upon positive verification of the cardholder and positive determination that the biometric template is complete, transmitting, by the processor of the biometric payment card, a notification of completed biometric-use authentication enrollment from the biometric payment card to the service provider; and upon receipt of the notification of completed biometric-use authentication enrollment, transmitting, by the service provider, a notification to the of completed enrollment through an out-of-band notification system.