Method for controlling independent secure transactions by means of a single apparatus
First Claim
1. A method for controlling independent secure transactions between a user and one of a plurality of different service providers comprising the steps of:
- the user acquiring a physical device independently of any service provider by the user, said physical device comprises a public key (Kup) and a secret key (Kus) and remains unchanged following the step of acquiring;
the user presenting of the physical device and associated identifier to said one service provider;
the service provider supplying the user with a certified digital profile by the service supplier which comprises access rights to a given service of said one service provider, the identifier which identifies the user to the service provider, and the public key of the physical device; and
initiating a secure transaction with said one service provider, by the user providing the certified digital profile to said one service provider and by the user providing authentication by encrypting a random number sent by said one service provider using the secret key of the physical device.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a procedure for controlling independent secure transactions using a single physical apparatus (11) that is the property of the user, wherein:
the user of said apparatus obtains the apparatus independently of any service provider,
on presentation by the user of said apparatus (11) to a service provider (P1, P2, P3) said service provider supplies a set of data identifying the user associated with the apparatus for access to a given service (S1, S2, S3)
the combination of the apparatus and the data enables a secure transaction to be conducted with the service.
78 Citations
5 Claims
-
1. A method for controlling independent secure transactions between a user and one of a plurality of different service providers comprising the steps of:
-
the user acquiring a physical device independently of any service provider by the user, said physical device comprises a public key (Kup) and a secret key (Kus) and remains unchanged following the step of acquiring;
the user presenting of the physical device and associated identifier to said one service provider;
the service provider supplying the user with a certified digital profile by the service supplier which comprises access rights to a given service of said one service provider, the identifier which identifies the user to the service provider, and the public key of the physical device; and
initiating a secure transaction with said one service provider, by the user providing the certified digital profile to said one service provider and by the user providing authentication by encrypting a random number sent by said one service provider using the secret key of the physical device. - View Dependent Claims (2, 3, 4, 5)
said one service provider holds a second public key and a second secret key;
on presentation by the user of the physical device, said one service provider signs or encrypts the profile of the user by means of the second secret key;
on initiation of a secure transaction with said one service provider by the user, said one service provider verifies the digital profile sent by the user by means of the second public key; and
on authentication of the user, said one service provider verifies the encrypted random number sent by the user by means of the public key of the user.
-
-
4. The method of claim 1, wherein the physical device is a smart card comprising a public key, a secret key and signature algorithm with a public signature key.
-
5. The method of claim 3, wherein the physical device is a smart card comprising a public key, a secret key and signature algorithm with a public signature key.
Specification