[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

EP1922856A2 - Method for authenticating a user and device therefor - Google Patents

Method for authenticating a user and device therefor

Info

Publication number
EP1922856A2
EP1922856A2 EP06808284A EP06808284A EP1922856A2 EP 1922856 A2 EP1922856 A2 EP 1922856A2 EP 06808284 A EP06808284 A EP 06808284A EP 06808284 A EP06808284 A EP 06808284A EP 1922856 A2 EP1922856 A2 EP 1922856A2
Authority
EP
European Patent Office
Prior art keywords
medium
data
user
support
storage means
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP06808284A
Other languages
German (de)
French (fr)
Inventor
Alain Leclercq
Yves Arnail
Bernard Delbourg
Pierre Rabischong
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MEDISCS Sas
Original Assignee
MEDISCS SARL
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MEDISCS SARL filed Critical MEDISCS SARL
Publication of EP1922856A2 publication Critical patent/EP1922856A2/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Definitions

  • the present invention relates to a method for authenticating a user through a terminal connected to a computer type network and comprising means for reading a ROM memory medium, of the CD, CD CARD or DVD type.
  • the present invention is in the field of secure and remote authentication of a user, in particular the identification of a user through a computer type network.
  • the invention relates more particularly to such an authentication method and its implementation device.
  • the present invention will find a particular application in the field of banking and online payment, in the manner of a bank card.
  • the remote authentication of a user can be performed through a system using a smart card.
  • a computer can be provided with a terminal for reading a smart card.
  • the latter contains authentication information, such as an electronic signature, which is then transferred from said terminal through said network to be compared and authenticated. Access is guaranteed.
  • the connection is secured through known encryption tools and protocols.
  • the object of the invention is to overcome the disadvantages of the state of the art by proposing a secure authentication method and its implementation device offering an optimal security, an impossible reproduction rendering them unfalsifiable.
  • the invention creates a link between the data contained on a medium and the medium itself, so that the copy of one independently of the other is not feasible.
  • the data relating to the support relates to the errors that occurred during the etching of said support.
  • support is provided compatible with readers equipping most computer terminals, such as DVD players or CDs.
  • the present invention therefore provides a unique, secure and tamper-proof payment solution.
  • the present invention relates to a method for authenticating a user through a terminal connected to a computer type network and comprising means for reading a ROM memory medium, of the CD, CD CARD type. or DVD, in which, when creating said medium:
  • identification data relating to said user are recorded, on the one hand, on said medium through etching means and, on the other hand, on storage means;
  • said identification data are read through said reading means and transmitted through secure means of connection to said remote storage means through said network;
  • said transmitted data is compared with said data contained on said storage means in order to be authenticated; said method also comprising:
  • connection through secure means consists of:
  • such a method may consist in transmitting bank data transparently to the user in order to automatically fill out an online payment form.
  • the invention also relates to a device for implementing the authentication method, comprising a medium containing personal data concerning a user and able to be read through a terminal provided with reading means, said terminal being connected to the through a computer network, to means for comparing, on the one hand, said personal data with data contained on storage means and, on the other hand, information relating to the etching of said data on said medium with collected information relating to the physical level of said medium in the form of a trace listing the random errors that occurred during the etching of said medium.
  • said comparison means comprise means for burning data concerning the user on said medium and means for collecting information relating to said etching, and means for storing said data and said information.
  • said medium is a ROM memory comprising a chip.
  • the present invention relates to a method of authenticating a user and its implementation device.
  • the invention aims to authenticate a user from a terminal 1 connected to a computer network 2.
  • the network 2 is preferably the Internet network but the invention also relates to any computer type network in which two terminals are connected to one another.
  • the invention will find its application in the secure connection of a user, when transmitting information requiring a high level of confidentiality, for example in the case of access to an online payment site where it is necessary to communicate risk banking data.
  • the invention also relates to any type of connection or access where it is necessary to identify with certainty the user wishing to connect, for example in the case of an intranet or other network.
  • the present invention confers a strong authentication of the personal medium to the user and consequently of the latter. It uses the combined comparison, on the one hand, of characteristics related to a physical medium 3 with information related to these same characteristics previously stored and, on the other hand, information stored or contained on said medium with previously stored information.
  • a user wishing to connect to an application, a payment site or the like, acquires a terminal 1, connected to said computer network 2, and comprising means 4 for reading said medium 3.
  • the support 3 is a support equipped with a ROM-type memory such as a CD, CD CARD or DVD.
  • This memory can be provided rewritable, such as a C-D or a DVD-RW, or non-rewritable, this characteristic thus conferring on said support 3 a security preventing the modification of the data recorded therein.
  • the reading means 4 are of known type, such as a ROM-type memory reader, such as a CD and DVD disc player.
  • said support 3 may comprise a chip so that it is compatible with smart card systems, in particular in the case of a CD CARD type support.
  • the support 3 has been made in advance and sent through a conventional routing network, for example postal.
  • identification data 5 are recorded on said support 3.
  • These data are personal to each user and may relate to the identity of the person (name, surname, contact details, bank account number , etc.) and may contain an identifier of connection for the recognition of said support 3 when using the latter.
  • This data may also include the bank details of the user, said support 3 can be issued by a bank.
  • the recording of said data is performed by etching through conventional etching means. On the other hand, these same data are copied and stored in storage means 6.
  • An advantage of the present invention resides in the fact that information 7 relating to the etching of said medium 3 is stored on said storage means 6.
  • This etching information 7 is collected in the form of a trace after the finalization of said medium 3.
  • This trace lists the errors that occurred during this operation of etching at the physical level of said support 3.
  • each etching produces random physical errors, impossible to reproduce, and unique to each support 3.
  • the surface of said support 3 therefore contains an identification of its own.
  • An advantage in terms of security therefore consists in comparing the trace of the support 3 with the support 3 used during the connection. Thus, any reproduction or duplication of the support 3 is not possible.
  • Another advantage lies in the fact that only the trace of the inserted medium 3 is transmitted over the network, the comparison being made with the trace stored on a remote server. Thus, in case of falsification, the original data are not transmitted, minimizing the risk of piracy.
  • this data may be encrypted beforehand and / or encoded to prevent any modifications or interception during the transfer.
  • secure connections and secure data transfer protocols can be used (SSL, private and public key encryption or other).
  • the communicated identifier makes it possible to find within the storage means 6 the data previously recorded and linked to the user and his bank details.
  • Data cohesion provides a first step in authenticating the user.
  • the bank details can be specific to online use, through specific forms and automatically filled by means dedicated to this purpose.
  • the invention consists of transparently transmitting bank data to the user in order to automatically fill out an online payment form.
  • comparison means 11 connected to said network 2 and said storage means 6.
  • the latter can group the data stored therein. known manner in the form of a database.
  • connection through secure means 8 can be based on the entry and encrypted sending of a confidential code 9 known to the user alone.
  • This code can be transmitted to the user at the same time or separately from said medium 3, by means of classic mailing, by electronic mail or any other means.
  • an application is executed on said terminal 1 opening input means 10 through which the user can enter his code 9.
  • These input means 10 comprise an interface for entering said code 9, especially through a keyboard or a keypad, especially a secure keypad.
  • the code 9 can be directly compared with code encoded and encrypted on the support 3.
  • the support 3 can be recognized during each introduction in the reader 4 and may not be requested later.
  • This usage option facilitates the repeated identification of the same user, for example in the case of several separate and consecutive purchases.
  • the code 9 is then encrypted and sent through the network 2, through secure lines, to said storage means 6. It is then decrypted and compared with the previously recorded code, when performing the support 3, in said storage means 6. Once the validity of the code 9 has been checked, the user, with authentication of the medium 3 as previously mentioned, obtains an access authorization.
  • the user can enter up to three times said code 9 before blocking said data contained in said storage means 6. In other words, access to the data is immediately blocked and the further use of the support 3 will not allow any connection.
  • security messages can be sent to an administrator managing the system. The support 3 is then unusable until the restoration of access to the data or the realization of another support 3.
  • comparison means 11 remote and connected, on the one hand, to the storage means 6 and, on the other hand, to said network 2. On request, they make it possible to compare the data received by the network with the data contained in the storage means 6, in particular and vice versa the data transmitted with the identification data 5, the data relating to the support 3 with the trace, and finally the code 9.
  • the present invention thus provides a secure way to access sensitive areas on a network safely.
  • a dedicated application preferentially remains the payment on the Internet. It is no longer necessary to transmit his bank details from his terminal or computer whose security is less than banking networks.
  • the invention does not require any additional device and is adaptable to any terminal equipped with a CD, DVD or similar type of reader. Compatibility is optimal while providing strong authentication of the support 3 and its user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention concerns a method for authenticating a user via a terminal (1) connected to a network (2) and comprising means (4) for reading a medium (3) wherein, when said support (3) is created, identifying data (5) concerning said user are recorded on the medium (3) by etching means and on storage means (6); data (7) concerning the etching of said medium (3) are collected and stored in the form of a trace via said storage means (6), said trace indexing random errors occurring during etching; and, wherein, when said medium (3) is used, said identifying data (5) are read and transmitted via secure connection means (8) to said remote storage means (6) via said network for comparing and authenticating same.

Description

PROCEDE D'AUTHENTIFICATION D'UN UTILISATEUR ET DISPOSITIF DE MISE EN ŒUVRE.METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING IT
La présente invention concerne un procédé d' authentification d'un utilisateur au travers d'un terminal connecté à un réseau de type informatique et comprenant des moyens de lecture d'un support à mémoire ROM, de type CD, CD CARD ou DVD.The present invention relates to a method for authenticating a user through a terminal connected to a computer type network and comprising means for reading a ROM memory medium, of the CD, CD CARD or DVD type.
La présente invention entre dans le domaine de 1' authentification sécurisée et distante d'un utilisateur, en particulier l'identification d'un utilisateur au travers d'un réseau de type informatique.The present invention is in the field of secure and remote authentication of a user, in particular the identification of a user through a computer type network.
L'invention concerne plus particulièrement un tel procédé d' authentification et son dispositif de mise en œuvre.The invention relates more particularly to such an authentication method and its implementation device.
La présente invention trouvera une application toute particulière dans le domaine bancaire et du paiement en ligne, à la manière d'une carte bancaire.The present invention will find a particular application in the field of banking and online payment, in the manner of a bank card.
De manière connue, l' authentification à distance d'un utilisateur, connecté à un réseau informatique au travers d'un ordinateur, peut être réalisée au travers d'un système utilisant une carte à puce. A l'instar des systèmes utilisant les cartes bancaires, un ordinateur peut être pourvu d'un terminal de lecture d'une carte à puce. Cette dernière renferme des informations d' authentification, comme par exemple une signature électronique, qui est transférée alors depuis ledit terminal au travers dudit réseau pour être comparée puis authentifiée. L'accès est alors garanti. De plus, de manière connue, la connexion est sécurisée au travers d'outils et de protocoles de cryptage connus .In known manner, the remote authentication of a user, connected to a computer network through a computer, can be performed through a system using a smart card. Like systems using bank cards, a computer can be provided with a terminal for reading a smart card. The latter contains authentication information, such as an electronic signature, which is then transferred from said terminal through said network to be compared and authenticated. Access is guaranteed. In addition, in a known manner, the connection is secured through known encryption tools and protocols.
Toutefois, un tel dispositif n'offre pas une sécurité satisfaisante, particulièrement en cas de vol de la carte qui peut alors être utilisée sur un autre terminal. C'est pourquoi les dispositifs bancaires utilisent un code connu de l'utilisateur seul. De plus, ce type de dispositif requiert l'achat et l'installation d'un lecteur spécifique destiné à la lecture de la carte. Ce lecteur, généralement externe, n'est qu'un moyen de lecture des données contenues sur la carte à puce et est dépourvu de moyens de cryptage. Il n'offre donc aucune sécurité de transmission entre le terminal et l'ordinateur, notamment au travers de son lien filaire physique .However, such a device does not provide satisfactory security, particularly in case of theft of the card which can then be used on another terminal. That is why the banking devices use a code known to the user alone. In addition, this type of device requires the purchase and installation of a specific reader for reading the card. This reader, which is generally external, is only a means of reading the data contained on the smart card and has no means of encryption. It therefore offers no transmission security between the terminal and the computer, in particular through its physical wired link.
De surcroit, dans le cadre d'un accès sécurisé à un site de paiement en ligne par carte bancaire, par exemple sur Internet, aucun code n'est requis. Il suffit d'entrer les numéros inscrits sur la carte pour valider l'achat. Encore une fois, en cas de vol de cette dernière, aucune sécurité n'empêche alors une utilisation frauduleuse.In addition, as part of secure access to an online payment site by credit card, for example on the Internet, no code is required. Just enter the numbers on the card to validate the purchase. Again, in case of theft of the latter, no security then prevents fraudulent use.
C'est pour ces raisons, qu'au travers du document WO 01/59547, il a été imaginé un support compatible avec la plupart des lecteurs existants sur un terminal, notamment les lecteurs de mémoire ROM, tel un lecteur de CD ou de DVD. Un code PIN est demandé à chaque insertion dudit CD/DVD pour authentifier l'utilisateur.For these reasons, through WO 01/59547, it has been imagined a support compatible with most existing readers on a terminal, including ROM memory drives, such as a CD or DVD player . A PIN code is requested at each insertion of said CD / DVD to authenticate the user.
Toutefois, l'utilisation d'un support aussi répandu que le CD ou le DVD n'empêche pas la reproduction de ce dernier.However, the use of a support as widespread as the CD or DVD does not prevent the reproduction of the latter.
Il a donc été imaginé d'empêcher cette reproduction au travers de la génération volontaire, lors de la gravure dudit support, de marques . Ces dernières sont alors comptabilisées par un logiciel adapté et contribuent à l'identification dudit support. Cette solution est succinctement décrite dans le document WO 2004/084487.It has therefore been imagined to prevent this reproduction through the voluntary generation, during the etching of said support, marks. The latter are then counted by a suitable software and contribute to the identification of said support. This solution is briefly described in WO 2004/084487.
L'inconvénient de cette solution réside dans le fait que, étant donné qu' il est possible de générer sciemment des marques lors de la gravure, un logiciel adapté pourra lire lesdites marques et ainsi les reproduire lors d'une opération de copie dans le but de falsifier le support.The disadvantage of this solution lies in the fact that, since it is possible to knowingly generate marks when etching, adapted software can read said marks and thus reproduce them during a copy operation in order to falsify the support.
De plus, la saisie des coordonnées bancaires, même au travers d'une connexion sécurisée, peut être piraté par la présence de logiciel espion. Qui plus est, lesdites données peuvent être stockées sur le site, même temporairement, et offre une faille de sécurité.In addition, the entry of bank details, even through a secure connection, can be hacked by the presence of spyware. Moreover, said data can be stored on the site, even temporarily, and offers a security breach.
Enfin, si les données présentent sur la carte arrivent à être copiées, aucun moyen n'empêche la falsification de cette carte et sa reproduction.Finally, if the data presented on the card can be copied, no means prevents the forgery of this card and its reproduction.
L'invention a pour but de pallier les inconvénients de l'état de la technique en proposant une méthode d' authentification sécurisée et son dispositif de mise en œuvre offrant une sécurité optimale, une reproduction impossible les rendant infalsifiable .The object of the invention is to overcome the disadvantages of the state of the art by proposing a secure authentication method and its implementation device offering an optimal security, an impossible reproduction rendering them unfalsifiable.
En particulier, l'invention créer un lien entre les données contenues sur un support et le support lui-même, de sorte que la copie de l'un indépendamment de l'autre n'est pas réalisable. En particulier, dans le cas de la présente invention, les données relatives au support concernent les erreurs survenues lors de la gravure dudit support.In particular, the invention creates a link between the data contained on a medium and the medium itself, so that the copy of one independently of the other is not feasible. In particular, in the case of the present invention, the data relating to the support relates to the errors that occurred during the etching of said support.
Des méthodes similaires existent dans l'art antérieur.Similar methods exist in the prior art.
Au travers de cette authentification forte du support, la procédure s'affranchit de la saisie des coordonnées bancaires par l'utilisateur. Par ailleurs, la procédure de transmission desdites coordonnées bancaires est alors transparente pour ledit utilisateur.Through this strong authentication support, the procedure is freed from the entry of bank details by the user. Furthermore, the procedure for transmitting said bank details is then transparent for said user.
De plus , le support est prévu compatible avec les lecteurs équipant la plupart des terminaux informatiques , de type lecteur de DVD ou de CD.In addition, support is provided compatible with readers equipping most computer terminals, such as DVD players or CDs.
La présente invention offre par conséquent une solution unique de paiement sûre et infalsifiable.The present invention therefore provides a unique, secure and tamper-proof payment solution.
Pour ce faire , la présente invention concerne un procédé d'authentification d'un utilisateur au travers d'un terminal connecté à un réseau de type informatique et comprenant des moyens de lecture d'un support à mémoire ROM, de type CD, CD CARD ou DVD, dans lequel, lors de la création dudit support :To do this, the present invention relates to a method for authenticating a user through a terminal connected to a computer type network and comprising means for reading a ROM memory medium, of the CD, CD CARD type. or DVD, in which, when creating said medium:
- des données d' identification concernant ledit utilisateur sont enregistrées, d'une part, sur ledit support au travers de moyens de gravure et, d'autre part, sur des moyens de stockageidentification data relating to said user are recorded, on the one hand, on said medium through etching means and, on the other hand, on storage means;
- des informations relatives à la gravure dudit support sont collectées et stockées sous forme d'une trace au travers desdits moyens de stockage, ladite trace répertoriant les erreurs aléatoires survenues lors de la gravure dudit support ; et, dans lequel, lors de l'utilisation dudit support :information relating to the etching of said medium is collected and stored in the form of a trace through said storage means, said trace listing the random errors that occurred during the etching of said medium; and, wherein, when using said support:
lesdites données d' identification sont lues au travers desdits moyens de lecture et transmises au travers de moyens sécurisés de connexion vers lesdits moyens de stockage distants au travers dudit réseau ;said identification data are read through said reading means and transmitted through secure means of connection to said remote storage means through said network;
lesdites données transmises sont comparées avec lesdites données contenues sur lesdits moyens de stockage afin d'être authentifiées ; ledit procédé consistant aussi à :said transmitted data is compared with said data contained on said storage means in order to be authenticated; said method also comprising:
- contrôler physiquement ledit support lors de sa lecture et transmettre les résultats dudit contrôle auxdits moyens de stockage distants ; - comparer le résultat de son contrôle avec ladite trace afin d'authentifier ledit support ; et, après authentification dudit support et desdites informations, à autoriser un accès dudit utilisateur à une application.physically controlling said support during its reading and transmitting the results of said control to said remote storage means; comparing the result of its control with said trace in order to authenticate said support; and, after authentication of said medium and said information, to allow access of said user to an application.
Selon d'autres caractéristiques de l'invention, la connexion au travers de moyens sécurisés consiste à :According to other characteristics of the invention, the connection through secure means consists of:
- lors de la réalisation dudit support, enregistrer un code sur lesdits moyens de stockage ;when carrying out said medium, register a code on said storage means;
- lors de l'utilisation dudit support, exécuter des moyens de saisie par un utilisateur dudit code ; puis crypter ledit code et le transmettre au travers d'une connexion sécurisée dudit réseau vers lesdits moyens de stockage ; et contrôler la validité dudit code par comparaison avec le code contenu dans lesdits moyens de stockage .when using said medium, executing input means by a user of said code; then encrypting said code and transmitting it through a secure connection of said network to said storage means; and check the validity of said code by comparison with the code contained in said storage means.
De plus , un tel procédé peut consister à transmettre de manière transparente vis-à-vis de l'utilisateur des données bancaires afin de remplir automatiquement un formulaire de paiement en ligne.In addition, such a method may consist in transmitting bank data transparently to the user in order to automatically fill out an online payment form.
L'invention concerne aussi un dispositif de mise en œuvre du procédé d' authentification, comprenant un support contenant des données personnelles concernant un utilisateur et apte à être lu au travers d'un terminal pourvu de moyens de lecture, ledit terminal étant connecté, au travers d'un réseau informatique, à des moyens de comparaison, d'une part, desdites données personnelles avec des données contenues sur des moyens de stockage et, d'autre part, d'informations relatives à la gravure desdites données sur ledit support avec des informations collectées concernant le niveau physique dudit support sous forme d'une trace répertoriant les erreurs aléatoires survenues lors de la gravure dudit support. Avantageusement, lesdits moyens de comparaison comprennent des moyens de gravure des données concernant l'utilisateur sur ledit support et des moyens de collecte des informations relative à ladite gravure, et des moyens de stockage desdites données et desdites informations .The invention also relates to a device for implementing the authentication method, comprising a medium containing personal data concerning a user and able to be read through a terminal provided with reading means, said terminal being connected to the through a computer network, to means for comparing, on the one hand, said personal data with data contained on storage means and, on the other hand, information relating to the etching of said data on said medium with collected information relating to the physical level of said medium in the form of a trace listing the random errors that occurred during the etching of said medium. Advantageously, said comparison means comprise means for burning data concerning the user on said medium and means for collecting information relating to said etching, and means for storing said data and said information.
Selon un mode de réalisation ledit support est à mémoire ROM comprenant une puce.According to one embodiment, said medium is a ROM memory comprising a chip.
D'autres caractéristiques et avantages de l'invention ressortiront de la description détaillée qui va suivre des modes de réalisation non limitatifs de l'invention, en référence à la figure annexée qui est une représentation schématique du fonctionnement de l' invention .Other features and advantages of the invention will emerge from the following detailed description of non-limiting embodiments of the invention, with reference to the attached figure which is a schematic representation of the operation of the invention.
La présente invention concerne un procédé d' authentification d'un utilisateur et son dispositif de mise en œuvre. En particulier, l'invention vise l' authentification d'un utilisateur à partir d'un terminal 1 connecté à un réseau 2 de type informatique.The present invention relates to a method of authenticating a user and its implementation device. In particular, the invention aims to authenticate a user from a terminal 1 connected to a computer network 2.
A ce propos, le réseau 2 est préférentiellement le réseau Internet mais l'invention concerne aussi tout réseau de type informatique dans lequel deux terminaux sont connectés l'un à l'autre.In this regard, the network 2 is preferably the Internet network but the invention also relates to any computer type network in which two terminals are connected to one another.
L'invention trouvera son application dans la connexion sécurisée d'un utilisateur, lors de transmission d'informations nécessitant un niveau de confidentialité élevé, par exemple dans le cas de l'accès à un site de paiement en ligne où il est nécessaire de communiquer des données bancaires à risques . L'invention vise aussi tout type de connexion ou d'accès où il est nécessaire d'identifier de façon certaine l'utilisateur désireux de se connecter, par exemple dans le cas d'un réseau intranet ou autre. Avantageusement, afin d' autoriser l' accès précédemment évoqué , la présente invention confère une authentification forte du support personnel à l'utilisateur et par conséquent de ce dernier. Elle utilise la comparaison combinée, d'une part, de caractéristiques liées à un support 3 physique avec des informations liées à ces mêmes caractéristiques préalablement stockées et, d'autre part, des informations stockées ou contenues sur ledit support avec des informations préalablement stockées .The invention will find its application in the secure connection of a user, when transmitting information requiring a high level of confidentiality, for example in the case of access to an online payment site where it is necessary to communicate risk banking data. The invention also relates to any type of connection or access where it is necessary to identify with certainty the user wishing to connect, for example in the case of an intranet or other network. Advantageously, in order to authorize the previously mentioned access, the present invention confers a strong authentication of the personal medium to the user and consequently of the latter. It uses the combined comparison, on the one hand, of characteristics related to a physical medium 3 with information related to these same characteristics previously stored and, on the other hand, information stored or contained on said medium with previously stored information.
Pour ce faire, un utilisateur désireux de se connecter à une application, un site de paiement ou analogue, se munit d'un terminal 1 , connecté audit réseau informatique 2 , et comprenant des moyens 4 de lecture dudit support 3.To do this, a user wishing to connect to an application, a payment site or the like, acquires a terminal 1, connected to said computer network 2, and comprising means 4 for reading said medium 3.
A ce propos, le support 3 est un support équipé d'une mémoire de type ROM comme un CD, CD CARD ou DVD . Cette mémoire peut être prévue réinscriptible, comme un C-D ou un DVD-RW, ou non réinscriptible, cette caractéristique conférant dès lors audit support 3 une sécurité empêchant la modification des données y enregistrées . On notera donc que les moyens de lecture 4 sont de type connu, tel un lecteur de mémoire de type ROM, comme un lecteur de disque CD et DVD.In this regard, the support 3 is a support equipped with a ROM-type memory such as a CD, CD CARD or DVD. This memory can be provided rewritable, such as a C-D or a DVD-RW, or non-rewritable, this characteristic thus conferring on said support 3 a security preventing the modification of the data recorded therein. It will therefore be noted that the reading means 4 are of known type, such as a ROM-type memory reader, such as a CD and DVD disc player.
Selon un mode de réalisation particulier, ledit support 3 peut comprendre une puce de sorte qu'il soit compatible avec les systèmes à carte à puce, en particulier dans le cas d'un support de type CD CARD.According to a particular embodiment, said support 3 may comprise a chip so that it is compatible with smart card systems, in particular in the case of a CD CARD type support.
Le support 3 a été réalisé au préalable et envoyé au travers d'un réseau d'acheminement classique, par exemple postal. Lors de la création dudit support 3 , des données d' identification 5 sont enregistrées sur ledit support 3. Ces données sont personnelles à chaque utilisateur et peuvent être relatives à l'identité de la personne (nom, prénom, coordonnées, numéro de compte bancaire, etc. ) et peuvent contenir un identifiant de connexion pour la reconnaissance dudit support 3 lors de l'utilisation de ce dernier. Ces données peuvent aussi comprendre les coordonnées bancaires de l'utilisateur, ledit support 3 pouvant être émis par un organisme bancaire . L'enregistrement desdites données est réalisé par gravure au travers de moyens de gravure classiques. D'autre part, ces mêmes données sont copiées et stockées dans des moyens de stockage 6.The support 3 has been made in advance and sent through a conventional routing network, for example postal. During the creation of said support 3, identification data 5 are recorded on said support 3. These data are personal to each user and may relate to the identity of the person (name, surname, contact details, bank account number , etc.) and may contain an identifier of connection for the recognition of said support 3 when using the latter. This data may also include the bank details of the user, said support 3 can be issued by a bank. The recording of said data is performed by etching through conventional etching means. On the other hand, these same data are copied and stored in storage means 6.
Un avantage de la présente invention réside dans le fait que des informations 7 relatives à la gravure dudit support 3 sont stockées sur lesdits moyens de stockage 6. Ces informations de gravure 7 sont collectées sous forme d'une trace après la finalisation dudit support 3. Cette trace répertorie les erreurs survenues lors de cette opération de gravure au niveau physique dudit support 3. En effet, chaque gravure produit des erreurs physiques aléatoires, impossibles à reproduire, et uniques à chaque support 3. A la manière d' une empreinte digitale, la surface dudit support 3 contient donc une identification qui lui est propre.An advantage of the present invention resides in the fact that information 7 relating to the etching of said medium 3 is stored on said storage means 6. This etching information 7 is collected in the form of a trace after the finalization of said medium 3. This trace lists the errors that occurred during this operation of etching at the physical level of said support 3. In fact, each etching produces random physical errors, impossible to reproduce, and unique to each support 3. In the manner of a fingerprint, the surface of said support 3 therefore contains an identification of its own.
Un avantage en terme de sécurité consiste donc à comparer la trace du support 3 avec le support 3 utilisé lors de la connexion. Ainsi, toute reproduction ou duplication du support 3 n'est pas envisageable.An advantage in terms of security therefore consists in comparing the trace of the support 3 with the support 3 used during the connection. Thus, any reproduction or duplication of the support 3 is not possible.
Un autre avantage réside dans le fait qu'uniquement la trace du support 3 inséré est transmise sur le réseau, la comparaison étant effectuée avec la trace stockée sur un serveur distant. Ainsi, en cas de falsification, les données originelles ne sont pas transmises, minimisant les risques de piratage.Another advantage lies in the fact that only the trace of the inserted medium 3 is transmitted over the network, the comparison being made with the trace stored on a remote server. Thus, in case of falsification, the original data are not transmitted, minimizing the risk of piracy.
De plus, lors de l'utilisation dudit support 3, l'utilisateur insère ce support 3 dans les moyens de lecture 4. Lesdites données d' identification 5 contenues sur ledit support 3 sont alors lues et transmises au travers de moyens 8 sécurisés de connexion vers lesdits moyens de stockage 6. Ce transfert s'effectue au travers dudit réseau 2, le terminal 1 et les moyens de stockage 6 étant distants .In addition, during the use of said support 3, the user inserts this support 3 into the reading means 4. Said identification data 5 contained on said support 3 are then read and transmitted through secure means 8. connection to said storage means 6. This transfer takes place through said network 2, the terminal 1 and the storage means 6 being remote.
On notera que ces données peuvent être préalablement cryptée et/ou encodées pour empêcher toutes modifications ou interception lors du transfert. De plus, des connexions sécurisées et des protocoles sécurisés de transfert de données peuvent être utilisés (SSL, cryptage par clefs privée et publique ou autre) .It should be noted that this data may be encrypted beforehand and / or encoded to prevent any modifications or interception during the transfer. In addition, secure connections and secure data transfer protocols can be used (SSL, private and public key encryption or other).
Il y a alors une étape de vérification des données d'identification 5 transmises. En particulier, l'identifiant communiqué permet de retrouver au sein des moyens de stockage 6 les données préalablement y enregistrées et liées à l'utilisateur et à ses coordonnées bancaires. La cohésion des données 5 permet une première étape dans l'authentification de 1'utilisateur.There is then a step of verifying the transmitted identification data. In particular, the communicated identifier makes it possible to find within the storage means 6 the data previously recorded and linked to the user and his bank details. Data cohesion provides a first step in authenticating the user.
On notera que cette procédure d' authentification des données s'effectue de manière transparente pour l'utilisateur. Il n'est plus alors nécessaire pour lui de saisir ses coordonnées bancaires, minimisant les risques de piratage, notamment au travers d'un logiciel espion résidant sur le terminal de l'utilisateur.It should be noted that this procedure for authenticating the data is done transparently for the user. It is no longer necessary for him to enter his bank details, minimizing the risk of hacking, including through spyware residing on the user's terminal.
De plus, les coordonnées bancaires peuvent être spécifiques à une utilisation en ligne, au travers de formulaires spécifiques et remplis automatiquement par des moyens dédiés à cet effet. L'invention consiste à transmettre de manière transparente vis- à-vis de l'utilisateur des données bancaires afin de remplir automatiquement un formulaire de paiement en ligne.In addition, the bank details can be specific to online use, through specific forms and automatically filled by means dedicated to this purpose. The invention consists of transparently transmitting bank data to the user in order to automatically fill out an online payment form.
Lors de la lecture dudit support 3, ce dernier est contrôlé physiquement afin de lister les erreurs de gravure apparentes . La même procédure est utilisée avec des moyens similaires, en particulier une application conçue et dédiée à cette tâche, pour lister ces erreurs que pour répertorier les informations de gravure 7 précédemment évoquées. Le résultat de ce contrôle est transmis, de manière sécurisée ou non, auxdits moyens de stockage distants . Ce résultat y est alors comparé avec la trace , authentifiant ainsi de manière forte le support 3. Cette comparaison s'effectue au travers de moyens de comparaison 11.When reading said medium 3, the latter is physically checked in order to list the apparent engraving errors. The same procedure is used with similar means, in particular an application designed and dedicated to this task, to list these errors to list the information engraving 7 previously mentioned. The result of this control is transmitted, securely or otherwise, to said remote storage means. This result is then compared with the trace, thereby strongly authenticating the support 3. This comparison is carried out through comparison means 11.
Ces deux étapes d' authentification garantissent alors une parfaite et unique identité entre les données enregistrées initialement sur le support 3 et le support utilisé par l'utilisateur pour se connecter.These two authentication steps then guarantee a perfect and unique identity between the data initially recorded on the medium 3 and the medium used by the user to connect.
La comparaison des données d'identification 5 et des informations 7 liées à la gravure est effectuée par des moyens de comparaison 11 connectés audit réseau 2 et auxdits moyens de stockage 6. A ce propos , ces derniers peuvent regrouper les données qui y sont stockées de manière connue sous la forme d'une base de données.The comparison of the identification data 5 and information 7 related to the etching is performed by comparison means 11 connected to said network 2 and said storage means 6. In this respect, the latter can group the data stored therein. known manner in the form of a database.
Avantageusement, en complément de protection, la connexion au travers de moyens sécurisés 8 peut se baser sur la saisie et l'envoi crypté d'un code 9 confidentiel, connu de l'utilisateur seul. Ce code peut être transmis à l'utilisateur en même temps ou séparément dudit support 3, par des moyens d'envoi classique postaux, par courrier électronique ou tout autre moyen. Lors de la lecture dudit support 3, une application est exécutée sur ledit terminal 1 ouvrant des moyens de saisie 10 au travers desquels l'utilisateur peut taper son code 9. Ces moyens de saisi 10 comprennent une interface permettant d'entrer ledit code 9 , notamment au travers d'un clavier ou d'un pavé numérique, en particulier un pavé numérique sécurisé .Advantageously, in addition to protection, the connection through secure means 8 can be based on the entry and encrypted sending of a confidential code 9 known to the user alone. This code can be transmitted to the user at the same time or separately from said medium 3, by means of classic mailing, by electronic mail or any other means. When reading said medium 3, an application is executed on said terminal 1 opening input means 10 through which the user can enter his code 9. These input means 10 comprise an interface for entering said code 9, especially through a keyboard or a keypad, especially a secure keypad.
Selon un premier mode de réalisation, le code 9 peut directement être comparé avec un code encodé et crypté sur le support 3. De cette manière , le support 3 peut être reconnu lors de chaque introduction dans le lecteur 4 et peut ne plus être demandée ultérieurement. Cette option d'utilisation facilite les identifications à répétition d'un même utilisateur, par exemple dans le cas de plusieurs achats distincts et consécutifs .According to a first embodiment, the code 9 can be directly compared with code encoded and encrypted on the support 3. In this way, the support 3 can be recognized during each introduction in the reader 4 and may not be requested later. This usage option facilitates the repeated identification of the same user, for example in the case of several separate and consecutive purchases.
Selon un autre mode de réalisation, le code 9 est alors crypté et envoyé au travers du réseau 2 , passant par des lignes sécurisées, vers lesdits moyens de stockage 6. Il est alors décrypté et comparé au code préalablement enregistré, lors de la réalisation du support 3, dans lesdits moyens de stockage 6. Une fois la validité du code 9 contrôlée, l'utilisateur, avec authentification du support 3 comme précédemment évoqué, obtient une autorisation d' accès .According to another embodiment, the code 9 is then encrypted and sent through the network 2, through secure lines, to said storage means 6. It is then decrypted and compared with the previously recorded code, when performing the support 3, in said storage means 6. Once the validity of the code 9 has been checked, the user, with authentication of the medium 3 as previously mentioned, obtains an access authorization.
Afin de limiter les possibilités de fraude, l'utilisateur peut saisir jusqu' à trois fois ledit code 9 avant blocage desdites données 5 contenues dans lesdits moyens de stockage 6. En d'autre terme, l'accès aux données est immédiatement bloqué et l'utilisation ultérieur du support 3 ne permettra aucune connexion. De plus, des messages de sécurité peuvent être envoyés à un administrateur gérant le système . Le support 3 est alors inutilisable jusqu'à la restauration de l'accès aux données ou bien la réalisation d'un autre support 3.To limit the possibilities of fraud, the user can enter up to three times said code 9 before blocking said data contained in said storage means 6. In other words, access to the data is immediately blocked and the further use of the support 3 will not allow any connection. In addition, security messages can be sent to an administrator managing the system. The support 3 is then unusable until the restoration of access to the data or the realization of another support 3.
Une autre particularité réside dans le fait qu'il n'est pas nécessaire de mémoriser un nom d'utilisateur. Par similarité avec les systèmes de carte bancaire, il n'est nécessaire d' introduire que le code 9. De plus , la saisie d'un code 9 améliore grandement la sécurité, en particulier en cas de vol du support 3.Another peculiarity lies in the fact that it is not necessary to memorize a username. By similarity with the credit card systems, it is necessary to introduce only the code 9. Moreover, the entry of a code 9 greatly improves the security, in particular in case of theft of the support 3.
Les étapes de comparaison précédentes sont effectuées au travers de moyens de comparaison 11, distants et reliés, d'une part, aux moyens de stockage 6 et, d'autre part, audit réseau 2. Sur requête, ils permettent de comparer les données reçues par le réseau avec les données contenues dans les moyens de stockage 6 , en particulier et réciproquement les données transmises avec les données d'identification 5, les données relatives au support 3 avec la trace, et enfin le code 9.The preceding comparison steps are performed through comparison means 11, remote and connected, on the one hand, to the storage means 6 and, on the other hand, to said network 2. On request, they make it possible to compare the data received by the network with the data contained in the storage means 6, in particular and vice versa the data transmitted with the identification data 5, the data relating to the support 3 with the trace, and finally the code 9.
La présente invention offre donc un moyen sûr d' accéder à des zones sensibles sur un réseau en toute sécurité. Une application dédiée préférentiellement reste le paiement sur Internet. Il n'est alors plus nécessaire de transmettre ses coordonnées bancaires depuis son terminal ou son ordinateur dont la sécurité est moindre que les réseaux bancaires.The present invention thus provides a secure way to access sensitive areas on a network safely. A dedicated application preferentially remains the payment on the Internet. It is no longer necessary to transmit his bank details from his terminal or computer whose security is less than banking networks.
De plus, l'invention ne requiert aucun dispositif supplémentaire et est adaptable à tout terminal équipé d'un lecteur de type CD, DVD ou analogue. La compatibilité est donc optimale tout en offrant une authentification forte du support 3 et de son utilisateur. In addition, the invention does not require any additional device and is adaptable to any terminal equipped with a CD, DVD or similar type of reader. Compatibility is optimal while providing strong authentication of the support 3 and its user.

Claims

REVENDICATIONS
1. Procédé d' authentification d'un utilisateur au travers d'un terminal (1) connecté à un réseau (2) de type informatique et comprenant des moyens (4) de lecture d'un support (3) à mémoire ROM, de type CD, CD CARD ou DVD, dans lequel, lors de la création dudit support (3) :A method of authenticating a user through a terminal (1) connected to a network (2) of the computer type and comprising means (4) for reading a medium (3) with a ROM memory, type CD, CD CARD or DVD, in which, when creating said medium (3):
- des données d'identification (5) concernant ledit utilisateur sont enregistrées, d'une part, sur ledit support (3) au travers de moyens de gravure et, d'autre part, sur des moyens de stockage (6) ;identification data (5) concerning said user are recorded, on the one hand, on said medium (3) through etching means and, on the other hand, on storage means (6);
- des informations (7) relatives à la gravure dudit support (3) sont collectées et stockées sous forme d'une trace au travers desdits moyens de stockage (6) , ladite trace répertoriant les erreurs aléatoires survenues lors de la gravure dudit support (3) ; et, dans lequel, lors de l'utilisation dudit support (3) :information (7) relating to the etching of said medium (3) is collected and stored in the form of a trace through said storage means (6), said trace listing the random errors that occurred during the etching of said medium (3); ); and, wherein, when using said support (3):
- lesdites données d'identification (5) sont lues au travers desdits moyens de lecture (4) et transmises au travers de moyens (8) sécurisés de connexion vers lesdits moyens de stockage (6) distants au travers dudit réseau (2) ;said identification data (5) are read through said reading means (4) and transmitted through secure connection means (8) to said remote storage means (6) through said network (2);
lesdites données transmises sont comparées avec lesdites données contenues sur lesdits moyens de stockage (6) afin d'être authentifiées ; ledit procédé consistant aussi à :said transmitted data is compared with said data contained on said storage means (6) in order to be authenticated; said method also comprising:
- contrôler physiquement ledit support (3) lors de sa lecture et transmettre les résultats dudit contrôle auxdits moyens de stockage (6) distants ;- physically control said support (3) during its reading and transmit the results of said control to said remote storage means (6);
- comparer le résultat de son contrôle avec ladite trace afin d'authentifier ledit support (3) ; et, après authentification dudit support (3) et desdites informations, à autoriser un accès dudit utilisateur à une application.comparing the result of its control with said trace in order to authenticate said medium (3); and, after authentication said medium (3) and said information, to allow access of said user to an application.
2. Procédé d'authentification selon la revendication 1, caractérisé par le fait que la connexion au travers de moyens sécurisés (8) consiste à :2. Authentication method according to claim 1, characterized in that the connection through secure means (8) consists of:
- lors de la réalisation dudit support (3) , enregistrer un code (9) sur lesdits moyens de stockage (6) ;during the production of said support (3), register a code (9) on said storage means (6);
- lors de l'utilisation dudit support (3) , exécuter des moyens de saisie (10) par un utilisateur dudit code (9) ; puis crypter ledit code (9) et le transmettre au travers d'une connexion sécurisée dudit réseau (2) vers lesdits moyens de stockage (6) ; et contrôler la validité dudit code (9) par comparaison avec le code (9) contenu dans lesdits moyens de stockage (6) .when using said medium (3), executing input means (10) by a user of said code (9); then encrypting said code (9) and transmitting it through a secure connection of said network (2) to said storage means (6); and checking the validity of said code (9) by comparison with the code (9) contained in said storage means (6).
3. Procédé d' authentification selon l'une quelconque des revendications 1 ou 2, caractérisé par le fait qu'il consiste à transmettre de manière transparente vis-à-vis de l'utilisateur des données bancaires afin de remplir automatiquement un formulaire de paiement en ligne.3. Authentication method according to any one of claims 1 or 2, characterized in that it consists in transmitting transparently vis-à-vis the user of bank data to automatically fill out a payment form. online.
4. Dispositif de mise en œuvre du procédé d'authentification selon l'une quelconque des revendications précédentes, caractérisé par le fait qu'il comprend un support (3) contenant des données (5) personnelles concernant un utilisateur et apte à être lu au travers d'un terminal (1) pourvu de moyens de lecture (4) , ledit terminal (1) étant connecté, au travers d'un réseau informatique (2) , à des moyens de comparaison (11) , d'une part, desdites données personnelles (5) avec des données contenues sur des moyens de stockage (6) et, d'autre part, d'informations (7) relatives à la gravure desdites données sur ledit support (3) avec des informations collectées concernant le niveau physique dudit support (3) sous forme d'une trace répertoriant les erreurs aléatoires survenues lors de la gravure dudit support (3) .4. Device for implementing the authentication method according to any one of the preceding claims, characterized in that it comprises a support (3) containing personal data (5) concerning a user and able to be read at through a terminal (1) provided with reading means (4), said terminal (1) being connected, via a computer network (2), to comparison means (11), on the one hand, said personal data (5) with data contained on storage means (6) and, on the other hand, information (7) relating to the etching of said data on said medium (3) with information collected on the level physical of said support (3) in the form of a trace listing the random errors that occurred during the etching of said support (3).
5. Dispositif selon l'une quelconque des revendications 5 ou 6, caractérisé par le fait que lesdits moyens de comparaison (11) comprennent des moyens de gravure des données (5) concernant l'utilisateur sur ledit support (3) et des moyens de collecte des informations relative à ladite gravure, et des moyens de stockage (6) desdites données (5) et desdites informations (7) .5. Device according to any one of claims 5 or 6, characterized in that said comparison means (11) comprise data etching means (5) for the user on said support (3) and means for collecting information relating to said etching, and storage means (6) of said data (5) and said information (7).
6. Dispositif selon l'une quelconque des revendications 5 à 7, caractérisé par le fait que ledit support (3) est à mémoire ROM comprenant une puce . 6. Device according to any one of claims 5 to 7, characterized in that said support (3) is ROM memory comprising a chip.
EP06808284A 2005-09-07 2006-09-06 Method for authenticating a user and device therefor Withdrawn EP1922856A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0552701A FR2890509B1 (en) 2005-09-07 2005-09-07 METHOD FOR AUTHENTICATING A USER AND DEVICE FOR IMPLEMENTING THE SAME
PCT/FR2006/050845 WO2007028925A2 (en) 2005-09-07 2006-09-06 Method for authenticating a user and device therefor

Publications (1)

Publication Number Publication Date
EP1922856A2 true EP1922856A2 (en) 2008-05-21

Family

ID=36651278

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06808284A Withdrawn EP1922856A2 (en) 2005-09-07 2006-09-06 Method for authenticating a user and device therefor

Country Status (4)

Country Link
US (1) US20080209520A1 (en)
EP (1) EP1922856A2 (en)
FR (1) FR2890509B1 (en)
WO (1) WO2007028925A2 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4785361A (en) * 1982-11-08 1988-11-15 Vault Corporation Method and apparatus for frustrating the unauthorized copying of recorded data
CA2298379A1 (en) * 2000-02-14 2001-08-14 Point Net Communication Inc. System and method for secure transactions over a network
ES2224841B1 (en) * 2003-03-17 2006-06-16 Pedro Gallego Rubio NETWORK USER IDENTIFICATION SYSTEM.
US20050005137A1 (en) * 2003-06-16 2005-01-06 Microsoft Corporation System and method for individualizing installation media

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2007028925A3 *

Also Published As

Publication number Publication date
FR2890509A1 (en) 2007-03-09
WO2007028925A3 (en) 2007-05-24
FR2890509B1 (en) 2009-10-30
WO2007028925A2 (en) 2007-03-15
US20080209520A1 (en) 2008-08-28

Similar Documents

Publication Publication Date Title
EP0055986B1 (en) Security system and apparatus for the three-way communication of confidential data
EP0810506B1 (en) Method and system for secure identification between two terminals
EP1302018B1 (en) Secure transactions with passive storage media
US20020019938A1 (en) Method and apparatus for secure identification for networked environments
EP0425053A1 (en) Data processing system having memory card authenticating means, electronic circuit for use in that system and method for using this authentication
EP1549011A1 (en) Communication method and system between a terminal and at least a communication device
WO2007012584A1 (en) Method for controlling secure transactions using a single multiple dual-key device, corresponding physical device, system and computer programme
EP1791292B1 (en) Personalisation of an electronic circuit
FR2989799A1 (en) METHOD FOR TRANSFERRING A DEVICE TO ANOTHER RIGHTS OF ACCESS TO A SERVICE
EP0995175A1 (en) Method for managing a secure terminal
WO2007028925A2 (en) Method for authenticating a user and device therefor
FR2730076A1 (en) Authentication by server of holder of object incorporating microprocessor
CA2652140A1 (en) Terminal activation method
FR2898423A1 (en) Certified electronic signature generating device e.g. chip card, configuring method for e.g. computer, involves updating certificate to user upon reception of denomination and number by certificate producer so as to be used with device
EP0595720B1 (en) Process and system for recording information on a data carrier enabling to later certify the originality of this information
EP3032450B1 (en) Method for checking the authenticity of a payment terminal and terminal thus secured
WO2002065411A2 (en) Method and system for making secure a commercial transaction with a smart card
BE1015988A6 (en) Credit card e.g. VISA card, for e.g. on-line payment, has Lead-in area zone and is made of three layers, each containing one type of information, where middle layer has e.g. radio frequency identification type antenna and RFID chip
FR2790854A1 (en) Device for securing computer data exchanges of payment or remote payment has inaccessible area in secret memory in which primary codes of list may be used as preference for secure exchange
FR3150010A3 (en) Secure data set and procedure for issuing and reading such a set
FR3137769A1 (en) Process for saving sensitive personal data on a blockchain
FR3150011A3 (en) Secure data set and procedure for issuing and reading such a set
FR3150016A3 (en) Secure data set and procedure for issuing and reading such a set
FR3150015A1 (en) Secure data set and procedure for issuing and reading such a set
EP1962239A1 (en) Method of verifying a code identifying a carrier, smart card and terminal respectively designed to implement said method

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20080208

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

RIN1 Information on inventor provided before grant (corrected)

Inventor name: ARNAIL, YVES

Inventor name: DELBOURG, BERNARD

Inventor name: RABISCHONG, PIERRE

Inventor name: LECLERCQ, ALAIN

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: MEDISCS SAS

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20120807

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20121218