METHOD FOR AUTHENTICATING A USER

US 20150286811A1
Filed: 10/18/2013
Published: 10/08/2015
Est. Priority Date: 10/24/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating a user when accessing to an application securely stored on a secure element of a portable device, said method comprising:

authenticating the user via two authentication factors, and requesting a further authentication factor to said user, in a form of challenge-response based on a randomised request associated to a biometric data of said user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for authenticating a user when accessing to an application securely stored on a secure element of a portable device, said method comprising a step of authenticating the user via two authentication factors. The method comprises requesting a further authentication factor to said user, in a form of challenge-response based on a randomised request associated to a biometric data of said user.

Citations

20 Claims

1. A method for authenticating a user when accessing to an application securely stored on a secure element of a portable device, said method comprising:
- authenticating the user via two authentication factors, and requesting a further authentication factor to said user, in a form of challenge-response based on a randomised request associated to a biometric data of said user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method according to claim 1, further comprising operating the secure element to generate the further authentication factor request based on the capability of the portable device and the security level of the application.
  - 3. The method according to claim 1, further comprising requesting a voice challenge defined by the secure element.
  - 4. The method according to claim 1, further comprising requesting a photo challenge defined by the secure element.
  - 5. The method according to claim 1, further comprising requesting a video challenge defined by the secure element.
  - 6. The method according to claim 1, further comprising displaying the challenge request on a screen of the portable device or prompting the user via a speaker of the portable device to execute the further authentication factor.
  - 7. The method according to claim 1 further comprising using a UICC as secure element.
  - 8. The method according to claim 7, wherein the UICC is preprovisioned with the user'"'"'s biometrics data, the secure element being able to check the challenge response of the user, to extract biometric data from the challenge response and to compare biometrics data of the challenge response with the preprovisioned biometric data.
  - 9. The method according to claim 1, further comprising using STK commands.
  - 10. The method according to claim 1, further comprising using a mobile phone or tablet as portable device.
  - 11. The method according to claim 2, further comprising requesting a voice challenge defined by the secure element.
  - 12. The method according to claim 2, further comprising requesting a photo challenge defined by the secure element.
  - 13. The method according to claim 2, further comprising requesting a video challenge defined by the secure element.
  - 14. The method according to claim 2, further comprising requesting a video challenge defined by the secure element.
  - 15. The method according to claim 2, further comprising displaying the challenge request on a screen of the portable device or prompting the user via a speaker of the portable device to execute the further authentication factor.
  - 16. The method according to claim 3, further comprising displaying the challenge request on a screen of the portable device or prompting the user via a speaker of the portable device to execute the further authentication factor.
  - 17. The method according to claim 2, further comprising using a UICC preprovisioned with the user'"'"'s biometrics data as secure element, the secure element being able to check the challenge response of the user, to extract biometric data from the challenge response and to compare biometrics data of the challenge response with the preprovisioned biometric data.
  - 18. The method according to claim 3, further comprising using a UICC preprovisioned with the user'"'"'s biometrics data as secure element, the secure element being able to check the challenge response of the user, to extract biometric data from the challenge response and to compare biometrics data of the challenge response with the preprovisioned biometric data.
  - 19. The method according to claim 2, further comprising using STK commands.
  - 20. The method according to claim 2, further comprising using a mobile phone or tablet as portable device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gemalto SA (Thales SA)
Original Assignee
Gemalto SA (Thales SA)
Inventors
L'Heriteau, Denis, Phan, Ly-Thanh

Application Number

US14/438,217
Publication Number

US 20150286811A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

H04L 12/06   Answer-back mechanisms or c...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04W 12/06   Authentication

METHOD FOR AUTHENTICATING A USER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR AUTHENTICATING A USER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links