Interactive biometric touch scanner
US-2019050618-A1 · Feb 14, 2019 · US
Method for authenticating a user and corresponding user devices, server and system
US10509893B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10509893-B2 |
| Application number | US-201715678957-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 16, 2017 |
| Priority date | Aug 16, 2017 |
| Publication date | Dec 17, 2019 |
| Grant date | Dec 17, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Sending from a first user device to a server, through a first channel, a user identifier and a request to get a table. Generating, by the server, a first table including a first character set and being valid. Sending, from the server to the second user device, the first table and a first request to display this latter. Displaying, by or through the second user device, the first table. Selecting, by a user, through the first user device, a character. Sending, from the first user device to the server, through the first channel, the selected character, as submitted data. Determining, by the server, based upon a reference location within the first table, a corresponding reference character, as reference data. Verifying, by the server, for the user, whether the submitted data does match the reference data. And, if yes, succeeding, by the server, in authenticating the user.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for authenticating a user, comprising: sending from a first user device to a server, through a first communication channel, a first message including an identifier relating to the user and a request to get a challenge table, as challenge user authentication data; generating, by the server, a first challenge table including a first set of characters, the first challenge table being valid; getting, by the server, an identifier relating to a second user device; sending, using the second user device identifier, from the server to the second user device, through a second communication channel, a second message including the first challenge table and a first request to display the first challenge table; displaying, by or through the second user device, the first challenge table; generating, by the server, a second challenge table including a second set of characters, the second challenge table being invalid; sending from the server to the first user device, through the first communication channel, a third message including the second challenge table and a second request to display the second challenge table; displaying, by or through the first user device, the second challenge table; selecting, by a user, through a man machine interface relating to the first user device, at least one corresponding displayed character, as at least one selected character; sending, from the first user device to the server, through the first communication channel, a fourth message, as a challenge response message, including the at least one selected character, as submitted user authentication data; getting, by the server, at least one predetermined reference location within the first challenge table, as the reference table; determining, by the server, based upon the at least one predetermined reference location within the first challenge table, at least one corresponding reference character, as reference user authentication data; verifying, by the server, for the user, whether the submitted user authentication data does or does not match the reference user authentication data; and succeeding, by the server, in authenticating the user only if the submitted user authentication data matches the reference user authentication data. 2. The method according to claim 1 , wherein the second message further includes a first request to display a user request to select at least one character included within the first challenge table. 3. The method according to claim 1 , wherein the server sends to the first user device, through the first communication channel, a fifth message including a first request to display a user request to select at least one character included within the first challenge table. 4. The method according to claim 1 , wherein the third message includes a request to display a user request to select, as submitted authentication data, through the first user device, at least one corresponding character comprised within the first challenge table displayed or to be displayed by or through the second user device. 5. The method according to claim 4 , wherein the first user device displays the user request to select at least one corresponding character comprised within the first challenge table. 6. The method according to claim 1 , wherein the first communication channel is unsecure and the second communication channel is secure. 7. A first user device for authenticating a user, wherein the first user device is configured to: send to a server, through a first communication channel, a first message including an identifier relating to the user and a request to get a challenge table, as challenge user authentication data; receive, from the server, through the first communication channel, a second message including a second challenge table and a second request to display the second challenge table; display the second challenge table; receive, from a user, through a man machine interface relating to the first user device, at least one corresponding character, as at least one selected character, the at least one corresponding character being displayed by or through a second user device; and send to the server, through the first communication channel, a challenge response message including the at least one selected character, as submitted user authentication data. 8. The first user device according to claim 7 , wherein, the second message includes a request to display a user request to select, as submitted authentication data, through the first user device, at least one corresponding character comprised within a first challenge table displayed or to be displayed by or through the second user device, the first user device is further configured to display the user request to select at least one corresponding character comprised within the first challenge table. 9. A server for authenticating a user, wherein, the server is configured to: receive from a first user device, through a first communication channel, a first message including an identifier relating to the user and a request to get a challenge table, as challenge user authentication data; generate a first challenge table including a first set of characters, the first challenge table being valid; get an identifier relating to a second user device; send, using the second user device identifier, to the second user device, through a second communication channel, a second message including the first challenge table and a first request to display the first challenge table; generate a second challenge table including a second set of characters, the second challenge table being invalid; send to the first user device, through the first communication channel, a third message including the second challenge table and a second request to display the second challenge table; receive, from the first user device, through the first communication channel, a fourth message, as a challenge response message, including at least one selected character, as submitted user authentication data; get at least one predetermined reference location within the first challenge table, as the reference table; determine, based upon the at least one predetermined reference location within the first challenge table, at least one corresponding reference character, as reference user authentication data; verify, for the user, whether the submitted user authentication data does or does not match the reference user authentication data; and succeed in authenticating the user only if the submitted user authentication data matches the reference user authentication data. 10. A system for authenticating a user, wherein, the system includes a server and a first user device and at least one second user device, a first user device is configured to send, through a first communication channel, to the server, a first message including an identifier relating to the user and a request to get a challenge table, as challenge user authentication data the server is configured to generate a first challenge table including a first set of characters, the first challenge table being valid; get an identifier relating to the second user device; send, using the second user device identifier, to the second user device, through a second communication channel, a second message including the first challenge table and a first request to display the first challenge table; generate a second challenge table including a second set of characters, the second challenge table being invalid; send to the first user device, through the first communication channel, a third message including the second challenge table and a second request to display the second challenge table; the second user dev
Assignees
Inventors
Classifications
using separate channels for security data · CPC title
using challenge-response · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
by graphic or iconic representation · CPC title
- G06F21/34Primary
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10509893B2 cover?
- Sending from a first user device to a server, through a first channel, a user identifier and a request to get a table. Generating, by the server, a first table including a first character set and being valid. Sending, from the server to the second user device, the first table and a first request to display this latter. Displaying, by or through the second user device, the first table. Selecting…
- Who is the assignee on this patent?
- Gemalto Inc, Thales Dis France Sa
- What technology area does this patent fall under?
- Primary CPC classification G06F21/34. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 17 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).