公开(公告)号：WO2015004528A3

公开(公告)日：2015-04-30

申请号：PCT/IB2014002137

申请日：2014-06-19

Applicant: ASSA ABLOY AB

Inventor： LOVELOCK JULIAN ERIC ,  HOYER PHILIP

IPC: G06F21/34 ,  G06F21/35 ,  H04L9/08

CPC classification number: H04L63/0838 ,  G06F21/34 ,  G06F21/35 ,  H04L9/0863 ,  H04L9/3234 ,  H04L63/06 ,  H04L63/10

Abstract: An authentication system is provided using one-time passwords (OTPs) for user authentication. An OTP key may be stored on a different device than the device on which the OTP is generated. In an embodiment, the system described herein enables a combined authentication system, including the two separate devices communicating over a non-contact interface, to provide advantageous security features compared to the use of a single device, such as a hardware OTP token. One device may be a personal security device and the other device may be a reader device coupled to a host device via which access is being controlled.

Abstract translation: 提供使用一次性密码（OTP）进行用户认证的认证系统。 OTP密钥可以存储在与生成OTP的设备不同的设备上。 在一个实施例中，本文描述的系统使得包括两个分离的设备通过非接触式接口进行通信的组合认证系统能够提供与使用单个设备（诸如硬件OTP令牌）相比有利的安全特征。 一个设备可以是个人安全设备，而另一个设备可以是耦合到主机设备的读取器设备，通过该主机设备正在控制访问。

公开(公告)号：WO2014140807A3

公开(公告)日：2014-12-04

申请号：PCT/IB2014000812

申请日：2014-02-21

Applicant: ASSA ABLOY AB

Inventor： HOYER PHILIP ,  LOVELOCK JULIAN ERIC ,  ROBINTON MARK

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/10

CPC classification number: H04L63/083 ,  G06F17/30887 ,  H04L9/321 ,  H04L9/3247 ,  H04L61/609 ,  H04L63/0492 ,  H04L63/0823 ,  H04L63/12 ,  H04L67/02 ,  H04L2209/805 ,  H04W4/008 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag (308) is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response (S303) to a read request (S301). Accordingly, each response generated by the smart tag (308) will include a different TAC. It follows that interactions between the smart tag (308) and a reading device (304) can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract translation: 提供了一种智能标签和与之相互作用的交互的方法。 智能标签（308）能够生成标签认证密码（TAC），并且将响应中的TAC（S303）包括在读取请求中（S301）。 因此，由智能标签（308）产生的每个响应将包括不同的TAC。 因此，如果TAC被验证为唯一和正确的TAC，智能标签（308）和读取装置（304）之间的交互可被认证为唯一的交互。

公开(公告)号：WO2016151407A3

公开(公告)日：2016-11-10

申请号：PCT/IB2016000883

申请日：2016-03-25

Applicant: ASSA ABLOY AB

Inventor： LOVELOCK JULIAN ERIC ,  HOYER PHILIP

IPC: G06Q50/18 ,  G06Q10/00 ,  G06Q10/02

CPC classification number: G06Q50/18 ,  G06Q10/00

Abstract: Providing virtualized credentials of a license holder includes authorizing a subset of credential data to be sent to a device of a relying party that is different from the license holder, where the subset of credential data depends on a role of the relying party and/or contextual data of the relying party and includes displaying the subset of credential data on a screen of the device of the relying party. The credential data may correspond to a license of the license holder. The license may be a driver's license. The credential data may include insurance information of the license holder. The contextual data may be a geolocation of the relying party. The device of the relying party may be a laptop, a cellphone, or a tablet. The credential data may be provided by a device of the license holder.

Abstract translation: 提供许可证持有者的虚拟化凭证包括授权将证书数据的子集发送到与许可证持有者不同的依赖方的设备，其中证书数据的子集取决于依赖方的角色和/或上下文 依赖方的数据，并且包括在依赖方的设备的屏幕上显示凭证数据的子集。 证书数据可以对应于许可证持有者的许可证。 许可证可能是驾驶执照。 凭证数据可以包括许可证持有者的保险信息。 上下文数据可以是依赖方的地理位置。 依赖方的设备可以是膝上型计算机，手机或平板电脑。 证书数据可以由许可证持有者的设备提供。

公开(公告)号：WO2014075056A3

公开(公告)日：2014-06-26

申请号：PCT/US2013069636

申请日：2013-11-12

Applicant: ASSA ABLOY AB

Inventor： LOVELOCK JULIAN ERIC ,  BERG DANIEL ,  ROBINTON MARK

IPC: G06F21/00

CPC classification number: G07C9/00142 ,  G07C9/00015 ,  G07C9/00166 ,  H04W4/008 ,  H04W12/08

Abstract: Managing access by a user includes requesting an access code from an external server, the external server providing the access code to the user only if the user is authorized for access, the access code being provided to an input unit, and the user being granted access by a security component if the access code is valid. The input unit may be a keypad. The access code may be provided using RF communication, such as NFC, Bluetooth, and/or Bluetooth Smart. The device may request the access code from the external server. The device may be a mobile device. Managing access by a user may also include the user entering a PIN in addition to the access code. The pin may be entered by the user's device. The access may be to a physical area and the user may be granted access by having a door open.

Abstract translation: 管理用户的访问包括请求来自外部服务器的访问码，只有当用户被授权访问时，外部服务器才向用户提供访问码，访问码被提供给输入单元，并且用户被授权访问 如果访问码有效，则由安全组件访问。 输入单元可以是小键盘。 访问码可以使用诸如NFC，蓝牙和/或蓝牙智能的RF通信来提供。 设备可以从外部服务器请求访问代码。 该设备可以是移动设备。 用户管理访问还可以包括除访问代码之外用户输入PIN。 该引脚可以由用户的设备输入。 访问可以是到一个物理区域，并且用户可以通过打开一扇门而被授予访问权限。