Method and system for accessing a service
First Claim
1. A method for accessing a service,wherein the method is implemented by at least one user device storing at least one first key and at least one user terminal storing or accessing the at least one first key, and wherein the at least one user device is connected to a first server,the method comprising the following steps:
- a) the terminal sends to at least one second server a connection request for connecting to the second server;
b) the second server determines a challenge and an associated transaction identifier;
c) the second server sends to the terminal the transaction identifier and the challenge;
d) the terminal determines a first result depending upon the first key and at least one of the challenge and the transaction identifier;
e) the terminal sends to the first server the first result, and a data item relating to the user device;
f) the first server sends, based upon the data item relating to the user device, to the user device, the first result;
g) the user device determines at least one of the challenge and the transaction identifier based upon the first result and the first key;
h) the user device sends to the second server the transaction identifier and the challenge;
i) the second server verifies whether the transaction identifier and the challenge received from the user device do or do not match the transaction identifier and the challenge sent to the terminal; and
j) only if the transaction identifier and the challenge received from the user device match the transaction identifier and the challenge sent to the terminal, the second server authorizes the terminal to connect to the second server.
1 Assignment
0 Petitions
Accused Products
Abstract
To access a service, each user device stores one first key. The user device is connected to a first server. A terminal sends to a second server a connection request. The second server responds with first data relating to a transaction identifier and an associated challenge. The terminal determines a first result depending upon the first data and the first key. The terminal sends to the first server the first result and user device data. The first server identifies a user device based upon the user device data and sends to the device the first result. The device determines the challenge and the transaction identifier based upon the first result and the first key and sends to the second server the challenge and the transaction identifier. The second server verifies whether the data received from the device matches the first data and, if so, authorizes the terminal to connect.
-
Citations
10 Claims
-
1. A method for accessing a service,
wherein the method is implemented by at least one user device storing at least one first key and at least one user terminal storing or accessing the at least one first key, and wherein the at least one user device is connected to a first server, the method comprising the following steps: -
a) the terminal sends to at least one second server a connection request for connecting to the second server; b) the second server determines a challenge and an associated transaction identifier; c) the second server sends to the terminal the transaction identifier and the challenge; d) the terminal determines a first result depending upon the first key and at least one of the challenge and the transaction identifier; e) the terminal sends to the first server the first result, and a data item relating to the user device; f) the first server sends, based upon the data item relating to the user device, to the user device, the first result; g) the user device determines at least one of the challenge and the transaction identifier based upon the first result and the first key; h) the user device sends to the second server the transaction identifier and the challenge; i) the second server verifies whether the transaction identifier and the challenge received from the user device do or do not match the transaction identifier and the challenge sent to the terminal; and j) only if the transaction identifier and the challenge received from the user device match the transaction identifier and the challenge sent to the terminal, the second server authorizes the terminal to connect to the second server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for accessing a service,
wherein the system comprises a first server and at least one second server, at least one user device and at least one user terminal, each of the at least one user device comprising means for storing at least one first key, at least one user terminal comprising means for storing or accessing the at least one first key, the user device comprising or being connected to means for connecting to the first server, wherein the terminal comprises means for sending to one second server a connection request for connecting to the second server; -
wherein the second server comprises; means for determining a challenge and an associated transaction identifier; means for sending, to the terminal the transaction identifier and the challenge; wherein the terminal comprises; means for determining a first result depending upon the first key and at least one of the challenge and the transaction identifier; means for sending to the first server at least the first result and a data item relating to the user device; wherein the first server comprises means for sending, based upon the data item relating to the user device, to the user device, at least the first result; wherein the user device comprises; means for determining at least one of the challenge and the transaction identifier based upon the first result and the first key; means for sending to the second server the transaction identifier and the challenge; and wherein the second server further comprises; means for verifying whether the transaction identifier and the challenge received from the user device does or does not match the transaction identifier and the challenge sent to the terminal; means for authorizing the terminal to connect to the second server only if the transaction identifier and the challenge received from the user device matches the transaction identifier and the challenge sent to the terminal.
-
Specification