Method of Authentication of Users in Data Processing Systems
First Claim
1. A method of authentication of users in a data processing system, the method comprising:
- generating a “
Challenge”
univocally associated with a user to be authenticated;
processing the “
Challenge”
to generate an expected answer code, to be compared to an answer code that the user has to provide for authentication;
encoding the generated “
Challenge”
for obtaining an image displayable through a display device adapted to display the image to the user;
sending the image containing the “
Challenge”
to the user;
displaying to the user the image containing the “
Challenge”
through the display device;
through a user device provided with an image-capturing device, optically capturing the displayed image;
through the user device, processing the captured image for extracting from the captured image the “
Challenge”
, and subsequently processing the obtained “
Challenge”
for generating the answer code;
receiving the answer code from the user and comparing it to the expected answer code; and
in case of positive comparison, authenticating the user,wherein one among said actions of generating a “
Challenge” and
an expected answer code, and said action of processing the captured image to generate said answer code exploit a secret information univocally associated with the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of authentication of users in a data processing system is provided. The method includes a “Challenge” univocally associated with a user to be authenticated; processing the “Challenge” to generate an expected answer code, to be compared with an answer code that the user has to provide for authentication; encoding the generated “Challenge” for obtaining an image displayable through a display device; sending the image containing the “Challenge” to the user; displaying the image containing the “Challenge”; through a user device provided with an image-capturing device, optically capturing the displayed image; through the user device, processing the captured image for extracting from the captured image the “Challenge”, and subsequently processing the obtained “Challenge” for generating the answer code; receiving the answer code from the user and comparing it to the expected answer code; and, in case of positive comparison, authenticating the user. One among the actions of generating a “Challenge” and an expected answer code, and the action of processing the captured image that generates the answer code exploit secret information univocally associated with the user.
171 Citations
18 Claims
-
1. A method of authentication of users in a data processing system, the method comprising:
-
generating a “
Challenge”
univocally associated with a user to be authenticated;processing the “
Challenge”
to generate an expected answer code, to be compared to an answer code that the user has to provide for authentication;encoding the generated “
Challenge”
for obtaining an image displayable through a display device adapted to display the image to the user;sending the image containing the “
Challenge”
to the user;displaying to the user the image containing the “
Challenge”
through the display device;through a user device provided with an image-capturing device, optically capturing the displayed image; through the user device, processing the captured image for extracting from the captured image the “
Challenge”
, and subsequently processing the obtained “
Challenge”
for generating the answer code;receiving the answer code from the user and comparing it to the expected answer code; and in case of positive comparison, authenticating the user, wherein one among said actions of generating a “
Challenge” and
an expected answer code, and said action of processing the captured image to generate said answer code exploit a secret information univocally associated with the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for the authentication of users in a data processing system, the authentication system comprising:
-
a) an authentication server, said authentication server being in used adapted to; generating a “
Challenge”
univocally associated with a user to be authenticated;processing the “
Challenge”
to generate an expected answer code, to be compared to an answer code that the user has to provide for his/her authentication;encoding the generated “
Challenge”
for obtaining an image;sending the image containing the “
Challenge”
to a data processing terminal of the user through a data network;wherein the user data processing terminal comprises a display device adapted to display to the user the image containing the “
Challenge”
;b) a user device provided with an image-capturing device, adapted to optically capture the visualized image, the user device being adapted in use to process the captured image for extracting from the captured image the “
Challenge” and
to process the “
Challenge”
to generate an answer code to be compare to the expected answer code for the authentication of the user,wherein one among said actions of generating a “
Challenge” and
generating an expected answer code, and said action of processing the captured image to generate the answer code exploits secret information univocally associated with the user.
-
Specification