Nothing Special   »   [go: up one dir, main page]

WO2008080228A1 - A method and device for password pattern randomization - Google Patents

A method and device for password pattern randomization Download PDF

Info

Publication number
WO2008080228A1
WO2008080228A1 PCT/CA2007/002378 CA2007002378W WO2008080228A1 WO 2008080228 A1 WO2008080228 A1 WO 2008080228A1 CA 2007002378 W CA2007002378 W CA 2007002378W WO 2008080228 A1 WO2008080228 A1 WO 2008080228A1
Authority
WO
WIPO (PCT)
Prior art keywords
data array
values
processor
keys
input keys
Prior art date
Application number
PCT/CA2007/002378
Other languages
French (fr)
Inventor
Paul Simmons
Original Assignee
Paul Simmons
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Paul Simmons filed Critical Paul Simmons
Publication of WO2008080228A1 publication Critical patent/WO2008080228A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code

Definitions

  • This invention relates to a method and device for identity validation and more specifically identity validation using passwords or pass codes such as personal identification numbers (PINs), whereby the password or pass codes are entered using input keys having a randomized configuration.
  • PINs personal identification numbers
  • PINs are often used in conjunction with data media such as credit or company identity cards that are swiped or inserted into a transaction processing device as an initiation of a request for a desired service. Examples include the use of automated teller machines (“ATM”) for monetary withdrawal; point of sale (POS) integrated chip card transactions (“Smart Card technology” or “Chip and Pin”) for commercial purchases; and username and password entry on computers or terminals for secure data access.
  • ATM automated teller machines
  • POS point of sale
  • Smart Card technology Smart Card technology
  • Chip and Pin username and password entry on computers or terminals for secure data access.
  • the secret password or PIN is also often fixed. Even where the PIN is not fixed, movement of fingers across a fixed configuration keyboard (to enter a PIN into an entry point processing device) or observation of the general movement pattern (of fingers) of an individual while entering a PIN may cause inadvertent disclosure of the PIN to a second party, increasing the risk of fraudulent use.
  • US patent 5,239,583 discloses an improvement in structure and credit account access security employing method and means for ensuring that repeating an exact access code which was successful in accessing the account will be unsuccessful at the next or subsequent tries. This method is flawed because it requires the user to memorize multiple passwords, which is difficult. There is a high probability a user will forget some of those passwords.
  • US patent 5,428,349 discloses a password access method/ algorithm by generating a pseudorandom array of each letter of the alphabet and the numerals 0 through 9 such that the password entry can be monitored without disclosing the letters or numerals contained in the password. This method is flawed because relatively short passwords can still be easily cracked without knowledge of the actual password.
  • a preferred embodiment of the present invention provides a method of password pattern randomization for an individual transaction comprised of providing a predetermined number of input keys and a data array of a predetermined number of values, the number of data array values equalling the number of input keys.
  • Each of said data array values are assigned to each of said input keys, correspondingly mapped and then correspondingly displayed in operative connection with each of said keys. On operation of any key, its corresponding value is transmitted to a processor. The assignment of each of said values to each of said keys is random.
  • Another preferred embodiment of the present invention provides a device for password pattern randomization in an individual transaction comprised of a processor, a pre-determined number of input keys operatively connected to said processor, a display operatively connected to said input keys, and a data array of a predetermined number of values.
  • the number of data array values equals the number of input keys.
  • the data array is resident in (or operatively connected to) said processor, and the data array values are randomly assigned and correspondingly mapped and displayed in operative connection with said pre-determined number of input keys. On operation of any key, its corresponding value is transmitted to the processor.
  • Figure 1 is a perspective drawing of a processor device providing an input keyboard.
  • Figure 2 is a representative mapping of a conventional device processor input keyboard.
  • Figure 3 is a representative conventional device processor input keyboard.
  • Figure 4 is a sample populated data array with ten randomized data array values.
  • Figure 5 is a sample populated data array with twelve randomized data array values.
  • Figure 6 is an example input keyboard mapped with ten randomized data array values.
  • Figure 7 is a second example input keyboard mapped with twelve randomized data array values.
  • Figure 8 is an example input keyboard having a remote display.
  • Figure 9 is an example traditional 104-key input keyboard configuration having a remote display and blank keys.
  • Figure 10 is an example traditional 104-key input keyboard configuration having a remote display displaying randomized keys by light emission.
  • the transaction method herein can be practised on any processor device (10) including the type shown in figure 1.
  • the processor device (10) is typically housed in a casing (34), has an input keyboard (14) comprised of a pre-determined number of input keys (26) operatively connected to the processor (10), an optional transmitter (22) (to transmit data to a selected source outside the processor (10)) and an optional data reader (18) (for reading, for example, magnetic data strips found on credit cards) operatively connected (meaning able to transmit and possibly receive data) to the processor (10).
  • a separate data reader (18) is not mandatory since transactions using the method herein can allow for key (26) based input as an alternate method of receiving magnetic strip data or the like.
  • the input keys (26) are pre-determined in number, have an assigned value selected from a populated data array of values (for example figures 4 and 5) in accordance with the method herein, and each value is displayed on its corresponding key face (38) (digitally in figure 1 as an example).
  • the value of each key (26) can be shown locally on its face (38) or on a remote display (30) operatively connected (meaning able to receive and possibly send data) to the keyboard (figure 8), according to preference.
  • the keys (26) are operatively connected to the processor (10) meaning that on operation (typically, pressing) of any key (26) during a transaction, the processor (10) is able to determine which key (26) is being operated, and the corresponding value transmitted.
  • a transaction can be defined as a single event like operating an individual key (26) (i.e. one keystroke), or as a series of events like the pressing or operating of a number of keys (26) in series to establish a password like "1X3Q".
  • a transaction is defined as a single event, the method herein improves security further when it is repeated after each individual transaction (i.e. after each single key press, a new random assignment is formed (figure 4), and correspondingly mapped (figure 2) and displayed (figures 6 and 7))-
  • the processor Resident in (or operatively connected to (generally in a software sense)) the processor (10) is a populated data array (figures 4 and 5) of a pre- determined number of values (for example iconic, alphanumeric, cryptographic, or Braille values). The number of data array values matches the number of input keys (26).
  • the data array values are randomly assigned (figure 4 showing an algorithm for random assignment of ten values to ten keys, and assignment of two values to two keys where the probability of those assignments being made is certain; figure 5 showing an algorithm for random assignment of twelve values to twelve keys), and correspondingly mapped (figure 2 showing a basic keyboard (14) map) and displayed (figures 3, 6 and 7) in operative connection (meaning each key (26) is connected to a specific data array value which the processor (10) can determine on operation of said key (26)) with the input keys (26).
  • Each of the data array values is transmittable to the processor (10) on operation of each of the corresponding keys (26). In one embodiment of this invention, it may be preferable to not randomly assign certain keys (26).
  • Figures 4 and 6 show an example of where it may be desirable to keep the values "Cancel” (figure 6 “Can”) and "Enter” (figure 6 "Ent”) in a pre- specified location, for convention and convenience. Where that is not required, all values can be randomized (figure 5) to generate a different result (figure 7 "C” and "E” respectively).
  • this method of password pattern randomization for an individual transaction provides to a user (not shown) a pre-determined number of input keys (26) available on any keyboard (14).
  • a populated data array (figures 3, 4, and 5) comprised of a number of values equal in number to the number of input keys is provided, and the values within the array are randomly assigned to the available keys (26).
  • Each value assignment is then mapped (figures 2 through 7 inclusive) to its corresponding key (26).
  • a user- friendly keyboard (14) map (figures 6 and 7) is then displayed for a user either locally (figure 1) or remotely (figure 8), depending on preference.
  • a key (26) Every time a key (26) is operated it will transmit its corresponding assigned value to the processor (10). Depending on password requirements and the definition of the transaction, the steps of random assignment and correspondingly mapping, displaying and transmitting on key operation, may be repeated. For a higher level of security, after every key operation, a reassignment (and subsequent necessary operations) can occur. For a lower level of security, it may be suitable to run this method once, and accept a multi-value (multicharacter) password based on a single keyboard (14) configuration. Once the user has entered his password, the processor (10) either validates the password, or if it is not so equipped, the processor (10) transmits the password to a selected destination for validation via the optional transmitter (22).

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Input From Keyboards Or The Like (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

An embodiment of the present invention is a method of password pattern randomization comprised of providing a predetermined number of input keys and a data array of a predetermined number of values, the number of data array values equalling the number of input keys. Each data array value is assigned to each input key, correspondingly mapped and then correspondingly displayed in operative connection with each of said key. On operation of any key, its corresponding value is transmitted to a processor. The assignment of each value to each key is random. Another embodiment of the present invention is a keyboard device employing this method of password pattern randomization.

Description

Title
[0001] A Method And Device For Password Pattern Randomization
Field of Invention
[0002] This invention relates to a method and device for identity validation and more specifically identity validation using passwords or pass codes such as personal identification numbers (PINs), whereby the password or pass codes are entered using input keys having a randomized configuration.
Background
[0003] PINs are often used in conjunction with data media such as credit or company identity cards that are swiped or inserted into a transaction processing device as an initiation of a request for a desired service. Examples include the use of automated teller machines ("ATM") for monetary withdrawal; point of sale (POS) integrated chip card transactions ("Smart Card technology" or "Chip and Pin") for commercial purchases; and username and password entry on computers or terminals for secure data access.
[0004] Validating an identity using a PIN reduces the risk that a lost, stolen or cloned medium (card or device) can be used fraudulently by an unauthorized user.
[0005] Many transaction locations (or entry points) where PINs are used are located in publicly accessible and are permanently situated where there is an opportunity for eavesdropping or "shoulder surfing". Most entry points or transaction locations provide a processor device having a fixed input keyboard configuration, for password or PIN entry.
[0006] For any particular medium, the secret password or PIN is also often fixed. Even where the PIN is not fixed, movement of fingers across a fixed configuration keyboard (to enter a PIN into an entry point processing device) or observation of the general movement pattern (of fingers) of an individual while entering a PIN may cause inadvertent disclosure of the PIN to a second party, increasing the risk of fraudulent use.
[00007] US patent 5,239,583 discloses an improvement in structure and credit account access security employing method and means for ensuring that repeating an exact access code which was successful in accessing the account will be unsuccessful at the next or subsequent tries. This method is flawed because it requires the user to memorize multiple passwords, which is difficult. There is a high probability a user will forget some of those passwords.
[0008] US patent 5,428,349 discloses a password access method/ algorithm by generating a pseudorandom array of each letter of the alphabet and the numerals 0 through 9 such that the password entry can be monitored without disclosing the letters or numerals contained in the password. This method is flawed because relatively short passwords can still be easily cracked without knowledge of the actual password.
Summary
[0009] A preferred embodiment of the present invention provides a method of password pattern randomization for an individual transaction comprised of providing a predetermined number of input keys and a data array of a predetermined number of values, the number of data array values equalling the number of input keys. Each of said data array values are assigned to each of said input keys, correspondingly mapped and then correspondingly displayed in operative connection with each of said keys. On operation of any key, its corresponding value is transmitted to a processor. The assignment of each of said values to each of said keys is random.
[0010] Another preferred embodiment of the present invention provides a device for password pattern randomization in an individual transaction comprised of a processor, a pre-determined number of input keys operatively connected to said processor, a display operatively connected to said input keys, and a data array of a predetermined number of values. The number of data array values equals the number of input keys. The data array is resident in (or operatively connected to) said processor, and the data array values are randomly assigned and correspondingly mapped and displayed in operative connection with said pre-determined number of input keys. On operation of any key, its corresponding value is transmitted to the processor.
Description of the drawings
[0011] Figure 1 is a perspective drawing of a processor device providing an input keyboard.
[0012] Figure 2 is a representative mapping of a conventional device processor input keyboard.
[0013] Figure 3 is a representative conventional device processor input keyboard. [0014] Figure 4 is a sample populated data array with ten randomized data array values.
[0015] Figure 5 is a sample populated data array with twelve randomized data array values.
[0016] Figure 6 is an example input keyboard mapped with ten randomized data array values.
[0017] Figure 7 is a second example input keyboard mapped with twelve randomized data array values.
[0018] Figure 8 is an example input keyboard having a remote display.
[0019] Figure 9 is an example traditional 104-key input keyboard configuration having a remote display and blank keys.
[0020] Figure 10 is an example traditional 104-key input keyboard configuration having a remote display displaying randomized keys by light emission.
Detailed description of the drawings
[0021] In a preferred embodiment of the present invention, the transaction method herein can be practised on any processor device (10) including the type shown in figure 1. The processor device (10) is typically housed in a casing (34), has an input keyboard (14) comprised of a pre-determined number of input keys (26) operatively connected to the processor (10), an optional transmitter (22) (to transmit data to a selected source outside the processor (10)) and an optional data reader (18) (for reading, for example, magnetic data strips found on credit cards) operatively connected (meaning able to transmit and possibly receive data) to the processor (10). A separate data reader (18) is not mandatory since transactions using the method herein can allow for key (26) based input as an alternate method of receiving magnetic strip data or the like.
[0022] The input keys (26) are pre-determined in number, have an assigned value selected from a populated data array of values (for example figures 4 and 5) in accordance with the method herein, and each value is displayed on its corresponding key face (38) (digitally in figure 1 as an example). The value of each key (26) can be shown locally on its face (38) or on a remote display (30) operatively connected (meaning able to receive and possibly send data) to the keyboard (figure 8), according to preference. The keys (26) are operatively connected to the processor (10) meaning that on operation (typically, pressing) of any key (26) during a transaction, the processor (10) is able to determine which key (26) is being operated, and the corresponding value transmitted.
[0023] A transaction can be defined as a single event like operating an individual key (26) (i.e. one keystroke), or as a series of events like the pressing or operating of a number of keys (26) in series to establish a password like "1X3Q". Especially where a transaction is defined as a single event, the method herein improves security further when it is repeated after each individual transaction (i.e. after each single key press, a new random assignment is formed (figure 4), and correspondingly mapped (figure 2) and displayed (figures 6 and 7))-
[0024] Resident in (or operatively connected to (generally in a software sense)) the processor (10) is a populated data array (figures 4 and 5) of a pre- determined number of values (for example iconic, alphanumeric, cryptographic, or Braille values). The number of data array values matches the number of input keys (26). The data array values are randomly assigned (figure 4 showing an algorithm for random assignment of ten values to ten keys, and assignment of two values to two keys where the probability of those assignments being made is certain; figure 5 showing an algorithm for random assignment of twelve values to twelve keys), and correspondingly mapped (figure 2 showing a basic keyboard (14) map) and displayed (figures 3, 6 and 7) in operative connection (meaning each key (26) is connected to a specific data array value which the processor (10) can determine on operation of said key (26)) with the input keys (26). Each of the data array values is transmittable to the processor (10) on operation of each of the corresponding keys (26). In one embodiment of this invention, it may be preferable to not randomly assign certain keys (26). Figures 4 and 6 show an example of where it may be desirable to keep the values "Cancel" (figure 6 "Can") and "Enter" (figure 6 "Ent") in a pre- specified location, for convention and convenience. Where that is not required, all values can be randomized (figure 5) to generate a different result (figure 7 "C" and "E" respectively).
[0025] In any embodiment of this invention, it is possible to populate the data array either with unique or repeating values, depending on preference and need.
[0026] In operation, this method of password pattern randomization for an individual transaction provides to a user (not shown) a pre-determined number of input keys (26) available on any keyboard (14). A populated data array (figures 3, 4, and 5) comprised of a number of values equal in number to the number of input keys is provided, and the values within the array are randomly assigned to the available keys (26). Each value assignment is then mapped (figures 2 through 7 inclusive) to its corresponding key (26). A user- friendly keyboard (14) map (figures 6 and 7) is then displayed for a user either locally (figure 1) or remotely (figure 8), depending on preference.
[0027] Every time a key (26) is operated it will transmit its corresponding assigned value to the processor (10). Depending on password requirements and the definition of the transaction, the steps of random assignment and correspondingly mapping, displaying and transmitting on key operation, may be repeated. For a higher level of security, after every key operation, a reassignment (and subsequent necessary operations) can occur. For a lower level of security, it may be suitable to run this method once, and accept a multi-value (multicharacter) password based on a single keyboard (14) configuration. Once the user has entered his password, the processor (10) either validates the password, or if it is not so equipped, the processor (10) transmits the password to a selected destination for validation via the optional transmitter (22).
[0028] The present invention can be practised on any type of keyboard
(14) including in a traditional 104-key input keyboard configuration (Figures 9 and 10).
[0029] Where a reassignment, etc. occurs after every key (26) operation, the probability of correctly breaking a three character (value) password using a three by three matrix keypad populated with nine unique values and absolutely no knowledge of the existing password (i.e. a pure guess), is 1 in 729. In contrast, the preexisting art (for example US patent 5,428,349) in the same situation would yield a probability of 1 in 27.
[0030] In a matrix of thirty-six keys (26) arranged six rows by six columns, the probability of a four or six character password being (purely) guessed correctly is 1 in 1,296 and 1 in 46,656 respectively using the U.S. patent no. 5,428,349 solution. In the present invention the same arrangement would yield probabilities of 1 in 1,679,616 and 1 in 2,176,782,336 respectively. The invention herein is 1,296 times and 46,656 times respectively more secure.

Claims

ClaimsWhat is claimed is:
1. A method of password pattern randomization for an individual transaction comprising: a) providing a predetermined number of input keys; b) providing a data array of a predetermined number of values, the number of data array values equalling the number of input keys; c) assigning each of said data array values to each of said input keys; d) correspondingly mapping each of said data array values to each of said input keys; e) correspondingly displaying each of said values in operative connection with each of said keys; f) correspondingly transmitting each of said values on operation of each of said keys to a processor; and g) the assignment of each of said values to each of said keys being random.
2. The method as defined in claim 1 wherein each data array value is unique within the data array.
3. The method as defined in claim 1 wherein the random assignment and corresponding mapping, displaying and transmitting is repeated for each new individual transaction.
4. A device for password pattern randomization in an individual transaction comprising: a) a processor;
b) a pre-determined number of input keys operatively connected to said processor; c) a display operatively connected to said input keys; and d) a data array of a predetermined number of values, the number of data array values equalling the number of input keys, the data array being resident in said processor, the data array values being randomly assigned and correspondingly mapped and displayed in operative connection with said input keys, each of said data array values being transmittable to the processor on operation of each of said corresponding keys.
5. The device as defined in claim 4 further comprising a data reader operatively connected to said processor.
6. The device as defined in claim 4 wherein each data array value is unique within the data array.
7. The device as defined in claim 4 wherein the random assignment and corresponding mapping and displaying is repeated for each new individual transaction.
PCT/CA2007/002378 2007-01-05 2007-12-31 A method and device for password pattern randomization WO2008080228A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CA2/574,983 2007-01-05
CA 2574983 CA2574983A1 (en) 2007-01-05 2007-01-05 A method and device for password pattern randomization

Publications (1)

Publication Number Publication Date
WO2008080228A1 true WO2008080228A1 (en) 2008-07-10

Family

ID=39580538

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2007/002378 WO2008080228A1 (en) 2007-01-05 2007-12-31 A method and device for password pattern randomization

Country Status (2)

Country Link
CA (1) CA2574983A1 (en)
WO (1) WO2008080228A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010053594A1 (en) * 2008-11-05 2010-05-14 Sony Ericsson Mobile Communications Ab Secure key input by rearrangement of keypad layout
US20110090097A1 (en) * 2009-10-20 2011-04-21 Beshke Thomas C Keyless entry with visual rolling code display
CN103106734A (en) * 2012-12-17 2013-05-15 张家港市鸿钻贸易有限公司 Automatic teller machine (ATM) keyboard
GB2502773A (en) * 2012-05-28 2013-12-11 Swivel Secure Ltd User authentication by inputting code on a randomly generated display
US9030293B1 (en) 2012-05-04 2015-05-12 Google Inc. Secure passcode entry
US11757865B2 (en) 2020-10-23 2023-09-12 International Business Machines Corporations Rule-based filtering for securing password login

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2712089A1 (en) * 2010-01-29 2010-04-07 Norman F. Goertzen Secure access by a user to a resource
EP3142038B1 (en) 2015-09-10 2019-01-23 Tata Consultancy Services Limited Authentication system and method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1985003787A1 (en) * 1984-02-14 1985-08-29 Peter White Electronic transaction security system
US5428349A (en) * 1992-10-01 1995-06-27 Baker; Daniel G. Nondisclosing password entry system
US20030004827A1 (en) * 1998-04-27 2003-01-02 Wang Ynjiun P. Payment system
US20040044739A1 (en) * 2002-09-04 2004-03-04 Robert Ziegler System and methods for processing PIN-authenticated transactions

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1985003787A1 (en) * 1984-02-14 1985-08-29 Peter White Electronic transaction security system
US5428349A (en) * 1992-10-01 1995-06-27 Baker; Daniel G. Nondisclosing password entry system
US20030004827A1 (en) * 1998-04-27 2003-01-02 Wang Ynjiun P. Payment system
US20040044739A1 (en) * 2002-09-04 2004-03-04 Robert Ziegler System and methods for processing PIN-authenticated transactions

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010053594A1 (en) * 2008-11-05 2010-05-14 Sony Ericsson Mobile Communications Ab Secure key input by rearrangement of keypad layout
US20110090097A1 (en) * 2009-10-20 2011-04-21 Beshke Thomas C Keyless entry with visual rolling code display
US10223857B2 (en) * 2009-10-20 2019-03-05 Methode Electronics, Inc. Keyless entry with visual rolling code display
US9030293B1 (en) 2012-05-04 2015-05-12 Google Inc. Secure passcode entry
GB2502773A (en) * 2012-05-28 2013-12-11 Swivel Secure Ltd User authentication by inputting code on a randomly generated display
GB2502773B (en) * 2012-05-28 2015-03-11 Swivel Secure Ltd Method and system for secure user identification
US9892407B2 (en) 2012-05-28 2018-02-13 Swivel Secure Limited Method and system for secure user identification
AU2013269368B2 (en) * 2012-05-28 2018-11-22 Swivel Secure Limited Method and system for secure user identification
CN103106734A (en) * 2012-12-17 2013-05-15 张家港市鸿钻贸易有限公司 Automatic teller machine (ATM) keyboard
US11757865B2 (en) 2020-10-23 2023-09-12 International Business Machines Corporations Rule-based filtering for securing password login

Also Published As

Publication number Publication date
CA2574983A1 (en) 2008-07-05

Similar Documents

Publication Publication Date Title
ES2276279T3 (en) VIRTUAL KEYBOARD.
WO2008080228A1 (en) A method and device for password pattern randomization
US8947197B2 (en) Method and apparatus for verifying a person's identity or entitlement using one-time transaction codes
KR100892103B1 (en) An encryption key inputting device and method
RU2711351C2 (en) Device and method of password checking
AU2013323018B2 (en) Method and system for securely entering identification data in order to authenticate a transaction carried out by means of a self-service terminal
US20110101093A1 (en) Device and method for generating dynamic credit card data
US20060037067A1 (en) Method of secure data communication
JP5142195B2 (en) Personal authentication method, personal authentication system, personal authentication program for causing a computer to execute the personal authentication method, and a personal authentication program storage medium storing the program
US20050067485A1 (en) Apparatus and method of identifying the user thereof by means of a variable identification code
US9600808B1 (en) Secure payment card, method and system
JP2010506245A (en) Computer-based credit card
GB2433147A (en) A method for verifying a person's identity or entitlement using one-time transaction codes
JP5198950B2 (en) Identification system
EP1966928B1 (en) Deriving cryptographic keys
GB2454459A (en) Personal identification code entry device
JP2007087313A (en) Automatic transaction device
Kale et al. Design of Embedded Based Dual Identification ATM Card Security System
JP4864667B2 (en) PIN code input device
KR101155532B1 (en) Method for processing security number and system using the same
JP2002208071A (en) Card processing system
JPH02171030A (en) Individual identification system
JPH02171815A (en) Individual identification system
GB2445181A (en) Partial PIN entry for authorisation
KR20020005148A (en) An automated teller machine and A transaction processing method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07855658

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07855658

Country of ref document: EP

Kind code of ref document: A1