[go: up one dir, main page]

NL2017801B1 - A method, apparatus and computer program product for providing access to a digital service - Google Patents

A method, apparatus and computer program product for providing access to a digital service Download PDF

Info

Publication number
NL2017801B1
NL2017801B1 NL2017801A NL2017801A NL2017801B1 NL 2017801 B1 NL2017801 B1 NL 2017801B1 NL 2017801 A NL2017801 A NL 2017801A NL 2017801 A NL2017801 A NL 2017801A NL 2017801 B1 NL2017801 B1 NL 2017801B1
Authority
NL
Netherlands
Prior art keywords
server
communication device
signal
digital service
user
Prior art date
Application number
NL2017801A
Other languages
Dutch (nl)
Inventor
Yesil Ismet
Original Assignee
Tmd Holding B V
Yesil Ismet
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tmd Holding B V, Yesil Ismet filed Critical Tmd Holding B V
Priority to NL2017801A priority Critical patent/NL2017801B1/en
Priority to PCT/NL2017/050744 priority patent/WO2018093258A1/en
Application granted granted Critical
Publication of NL2017801B1 publication Critical patent/NL2017801B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention relates to method of providing access to a digital service. The method comprises the steps of receiving an access request via a user interface on a terminal station and forwarding user identification data from the terminal station to a host server providing the digital service. Further, the method comprises the steps of transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, for initiating an incoming call on said communication device. If a response signal is a predefined approval signal, a positive authentication signal is transmitted to the host server authorizing the terminal station to access the digital service on the host server.

Description

OctrooicentrumPatent center

NederlandThe Netherlands

Figure NL2017801B1_D0001

© 2017801 (21) Aanvraagnummer: 2017801 © Aanvraag ingediend: 16/11/2016© 2017801 (21) Request number: 2017801 © Request submitted: 11/16/2016

Bl OCTROOI @ Int. CL:BL PATENT @ Int. CL:

H04L 29/06 (2016.01)H04L 29/06 (2016.01)

KA Aanvraag ingeschreven: KA Application registered: (73) Octrooihouder(s): (73) Patent holder (s): 25/05/2018 25/05/2018 TMD Holding B.V. te Blaricum. TMD Holding B.V. at Blaricum. Ismet Yesil te Istanbul,Turkey, TR. Ismet Yesil in Istanbul, Turkey, TR. (43) Aanvraag gepubliceerd: (43) Application published: (72) Uitvinder(s): (72) Inventor (s): (Cj) Octrooi verleend: (Cj) Patent granted: Ismet Yesil te Istanbul (TR). Ismet Yesil in Istanbul (TR). 25/05/2018 25/05/2018 (45) Octrooischrift uitgegeven: (45) Patent issued: (74) Gemachtigde: (74) Agent: 11/07/2018 11/07/2018 ir. C.M. Jansen c.s. te Den Haag. ir. C.M. Jansen et al. In The Hague.

© A method, apparatus and computer program product for providing access to a digital service © The invention relates to method of providing access to a digital service. The method comprises the steps of receiving an access request via a user interface on a terminal station and forwarding user identification data from the terminal station to a host server providing the digital service. Further, the method comprises the steps of transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, for initiating an incoming call on said communication device. If a response signal is a predefined approval signal, a positive authentication signal is transmitted to the host server authorizing the terminal station to access the digital service on the host server.© A method, apparatus and computer program product for providing access to a digital service © The invention relates to method or providing access to a digital service. The method comprises the steps of receiving an access request via a user interface on a terminal station and forwarding user identification data from the terminal station to a host server providing the digital service. Further, the method comprises the steps of transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, for initiating an incoming call on said communication device. If a response signal is a predefined approval signal, a positive authentication signal is transmitted to the host server authorizing the terminal station to access the digital service on the host server.

NL Bl 2017801NL Bl 2017801

Dit octrooi is verleend ongeacht het bijgevoegde resultaat van het onderzoek naar de stand van de techniek en schriftelijke opinie. Het octrooischrift komt overeen met de oorspronkelijk ingediende stukken.This patent has been granted regardless of the attached result of the research into the state of the art and written opinion. The patent corresponds to the documents originally submitted.

P106650NL00P106650NL00

Title: A method, apparatus and computer program product for providing access to a digital serviceTitle: A method, apparatus and computer program product for providing access to a digital service

The invention relates to a method of providing access to a digital service.The invention relates to a method of providing access to a digital service.

Digital services are widely available as local servers are remotely accessible, e.g. via Internet or other communication means. Depending on the character of the digital service, it might be desired or required to set up a secure connection between a remote device employed by the user on the one hand and a server providing the digital service on the other hand. Usually, authorization techniques include verification whether a personal identification number, PIN, entered by a user matches with data associated with a user account of said user.Digital services are widely available as local servers are remotely accessible, e.g. via Internet or other communication means. Depending on the character of the digital service, it may be desired or required to set up a secure connection between a remote device employed by the user on the one hand and a server providing the digital service on the other hand. Usually, authorization techniques include verification whether a personal identification number, PIN, entered by a user matches with data associated with a user account or said user.

However, a PIN based security scheme is vulnerable for fraud since fraudulent persons may relatively easily collect PIN data from other people.However, a PIN-based security scheme is vulnerable to fraud since fraudulent persons may relatively easily collect PIN data from other people.

Another security scheme includes sending an SMS to the user, the SMS including data security data to be entered via the remote device. However, a process of transmitting and receiving an SMS may take some time rendering the methodology less attractive. Furthermore, there occurs sometimes telecommunication failures between the mobile phone carrier and the user’s mobile phone requiring recursive SMS sending action.Another security scheme includes sending an SMS to the user, the SMS including data security data entered via the remote device. However, a process of transmitting and receiving an SMS may take some time rendering the methodology less attractive. Furthermore, there sometimes occurs telecommunication failures between the mobile phone carrier and the user's mobile phone requiring recursive SMS sending action.

It is an object of the invention to provide an alternative method of providing access to a digital service. In particular, it is an object to provide a method that has improved security compared to a PIN based scheme. Thereto, a method of providing access to a digital service is provided, comprising the steps of receiving an access request via a user interface on a terminal station, providing an identification request on said user interface, receiving user identification data via said user interface, the user identification data being associated with a user account, forwarding the user identification data from the terminal station to a host server providing the digital service, transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, initiating, by the telecommunication server, an incoming call on said communication device, receiving, by the telecommunication server, a response signal from said communication device, transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and authorizing the terminal station to access the digital service on the host server.It is an object of the invention to provide an alternative method or providing access to a digital service. In particular, it is an object to provide a method that has improved security compared to a PIN based scheme. Thereto, a method of providing access to a digital service is provided, including the steps of receiving an access request via a user interface on a terminal station, providing an identification request on said user interface, receiving user identification data via said user interface, the user identification data being associated with a user account, forwarding the user identification data from the terminal station to a host server providing the digital service, transmitting a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, initiating, by the telecommunication server, an incoming call on said communication device, receiving, by the telecommunication server, a response signal from said communication device, transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and authorizing the termi station to access the digital service on the host server.

By initiating an incoming call to a communication device of a user requesting access to the digital service and by evaluating whether a response signal of the communication device is a predefined approval signal, the user can both securely and easily obtain access to the digital service. Further, initiating a call can generally be implemented in a relatively quick way having a higher priority than a process of generating and transmitting SMS messages.By initiating an incoming call to a communication device or a user requesting access to the digital service and by evaluating whether a response signal or the communication device is a predefined approval signal, the user can both securely and easily obtain access to the digital service. Further, initiating a call can generally be implemented in a relatively quick way having a higher priority than a process or generating and transmitting SMS messages.

The invention also relates to an authorization system for providing access to a digital service.The invention also relates to an authorization system for providing access to a digital service.

Further, the invention relates to a computer program product. A computer program product may comprise a set of computer executable instructions stored on a data carrier, such as but not limited to a flash memory, a CD or a DVD. The set of computer executable instructions, which allow a programmable computer to carry out the method as defined above, may also be available for downloading from a remote server, for example via the Internet, e.g. as an app.Further, the invention relates to a computer program product. A computer program product may include a set of computer executable instructions stored on a data carrier, such as but not limited to a flash memory, a CD or a DVD. The set of computer executable instructions, which allow a programmable computer to carry out the method as defined above, may also be available for downloading from a remote server, for example via the Internet, e.g. as an app.

Other advantageous embodiments according to the invention are described in the following claims.Other advantageous according to the invention are described in the following claims.

By way of example only, embodiments of the present invention will now be described with reference to the accompanying figures in whichBy way of example only, exponent of the present invention will now be described with reference to the accompanying figures in which

Fig. 1 shows a schematic view of an authorization system according to the invention;FIG. 1 shows a schematic view or an authorization system according to the invention;

Fig. 2 shows a flow chart of a method according to the invention, andFIG. 2 shows a flow chart or a method according to the invention, and

Fig. 3 shows a flow diagram of the method in Fig. 2.FIG. 3 shows a flow diagram of the method in Fig. 2.

The figures merely illustrate preferred embodiments according to the invention. In the figures, the same reference numbers refer to equal or corresponding parts.The figures merely illustrate preferred according to the invention. In the figures, the same reference numbers refer to equal or corresponding parts.

Figure 1 shows a schematic view of an authorization system 10 according to the invention. The system 10 is used for providing access to a digital service, such as a bank transaction.Figure 1 shows a schematic view of an authorization system 10 according to the invention. The system 10 is used for providing access to a digital service, such as a bank transaction.

The authorization system 10 includes a terminal station 12 provided with a user interface 14 such as a touch screen or a combined display and keyboard. The terminal station 12 acts as a front end of a digital system processing data for offering the digital service. In practice, the terminal station can be implemented as a shop cash register or a home computer that has Internet connectivity to a secure Internet web page, e.g. for online shopping or for Internet banking functionality. Further, the system 10 includes a host server 16 and a telecommunication server 18. The host server 16 is arranged for providing the digital service, while the telecommunication server 18 is arranged for operatively being in communication with a communication device 20 associated with a user account of a user U.The authorization system 10 includes a terminal station 12 provided with a user interface 14 such as a touch screen or a combined display and keyboard. The terminal station 12 acts as a front end or a digital system processing data for offering the digital service. In practice, the terminal station can be implemented as a shop cash register or a home computer that has Internet connectivity to a secure Internet web page, e.g. for online shopping or for Internet banking functionality. Further, the system 10 includes a host server 16 and a telecommunication server 18. The host server 16 is arranged for providing the digital service, while the telecommunication server 18 is arranged for being operatively in communication with a communication device 20 associated with a user account or a user U.

The communication device 20 is a device being operatively connected to the telecommunication server 18, preferably in a wireless way,The communication device 20 is a device being operatively connected to the telecommunication server 18, preferably in a wireless way,

i.e. a cell phone, smartphone, phablet, tablet or other mobile communication device, or wired, e.g. for home or office applications.i.e. a cell phone, smartphone, phablet, tablet or other mobile communication device, or wired, e.g. for home or office applications.

Generally, the terminal station 12 is connected to the host server 16 via a first data channel 22 while the telecommunication server 18 is connected to the host server 16 via a second communication channel 24. The communication channels 22, 24 can be wired or wireless for transmitting data between the terminal station 12 and the host server 16 on the one hand, and between the telecommunication server 18 and the host server 16 on the other hand.Generally, the terminal station 12 is connected to the host server 16 via a first data channel 22 while the telecommunication server 18 is connected to the host server 16 via a second communication channel 24. The communication channels 22, 24 can be wired or wireless for transmitting data between the terminal station 12 and the host server 16 on the one hand, and between the telecommunication server 18 and the host server 16 on the other hand.

The authorization system is arranged for performing a number of steps to provide access to the digital service provided by the host server 16 as explained in more detail below.The authorization system is arranged for performing a number of steps to provide access to the digital service provided by the host server 16 as explained in more detail below.

Figure 2 shows a flow chart of a first embodiment of a method according to the invention. The method 100 is used for providing access to a digital service. The method comprises a step of receiving 110 an access request via a user interface on a terminal station, a step of providing 120 an identification request on said user interface, a step of receiving 130 user identification data via said user interface, the user identification data being associated with a user account, a step of forwarding 140 the user identification data from the terminal station to a host server providing the digital service, a step of transmitting 150 a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, a step of initiating 160, by the telecommunication server, an incoming call on said communication device, a step of receiving 170, by the telecommunication server, a response signal from said communication device, a step of transmitting 180 a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined approval signal, and a step of authorizing 190 the terminal station to access the digital service on the host server.Figure 2 shows a flow chart or a first edition or a method according to the invention. The method 100 is used for providing access to a digital service. The method comprises a step of receiving 110 an access request via a user interface on a terminal station, a step of providing 120 an identification request on said user interface, a step of receiving 130 user identification data via said user interface, the user identification data being associated with a user account, a step of forwarding 140 the user identification data from the terminal station to a host server providing the digital service, a step of transmitting 150 a call request to a telecommunication server being operatively in communication with a communication device associated with said user account, a step of initiating 160, by the telecommunication server, an incoming call on said communication device, a step of receiving 170, by the telecommunication server, a response signal from said communication device, a step of transmitting 180 a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined appro val signal, and a step of authorizing 190 the terminal station to access the digital service on the host server.

Fig. 3 shows a flow diagram of the method in Fig. 2.FIG. 3 shows a flow diagram of the method in Fig. 2.

In practice, the method can be implemented particularly referring to Fig. 1 and Fig. 3 as follows.In practice, the method can be implemented particularly referring to Figs. 1 and FIG. 3 as follows.

A user U is permitted to use a digital service, such as a financial service e.g. a bank transaction service or another service such as a digital service concerning secure data or a digital service providing physical access to a protected area or zone.A user You are permitted to use a digital service, such as a financial service such as a bank transaction service or another service such as a digital service concerning secure data or a digital service providing physical access to a protected area or zone.

The digital service is serviced by the host server 16. The user U has a user account related to said digital service, the user account including user identification data, such as personal data like first name, last name address, username etc. The user account also includes a telephone number or similar data associating the user account with the communication device 20 of the user U.The digital service is serviced by the host server 16. The user You have a user account related to said digital service, the user account including user identification data, such as personal data like first name, last name address, username etc. The user account also includes a telephone number or similar data associating the user account with the communication device 20 of the user U.

When the user U wishes to have access to the digital service, e.g. for carrying out a payment, the user U enters an access request 40 via the user interface 14 of the terminal station 12. The terminal station receives 110 said access request 40 and returns 120 an identification request 42 on said user interface 14 inviting the user U to enter user identification data. The user U may input user identification data 44 via said user interface, e.g. by entering a username, said data being included in the user account. Upon receiving 130 the entered user identification data 44, the terminal station 12 forwards 140 said data 44 to the host server 16, preferably together with the access request 40.When the user wishes to have access to the digital service, eg for carrying out a payment, the user enters an access request 40 via the user interface 14 or the terminal station 12. The terminal station receives 110 said access request 40 and returns 120 an identification request 42 on said user interface 14 inviting the user You to enter user identification data. The user You may input user identification data 44 via said user interface, e.g. by entering a username, said data being included in the user account. Upon receiving 130 the entered user identification data 44, the terminal station 12 forwards 140 said data 44 to the host server 16, preferably together with the access request 40.

Then, a call request 46 is transmitted 150 to the telecommunication server 18 that initiates 160 an incoming call 48 on the communication device 20 associated with the user account. Upon interaction of the user U with the communication device 20, the telecommunication server 18 receives 170 a response signal 50 from said device 20.Then, a call request 46 is transmitted 150 to the telecommunication server 18 that initiates 160 an incoming call 48 on the communication device 20 associated with the user account. Upon interaction of the user You with the communication device 20, the telecommunication server 18 receives 170 a response signal 50 from said device 20.

If the received response signal 50 is a predefined approval signal 52, the telecommunication server 18 transmits 180 a positive authentication signal 54 to the host server 16. Responsive to said positive authentication signal 54 the host server 16 authorizes 190 the terminal station 12 to have access to the digital service.If the received response signal 50 is a predefined approval signal 52, the telecommunication server 18 transmits 180 a positive authentication signal 54 to the host server 16. Responsive to said positive authentication signal 54 the host server 16 authorizes 190 the terminal station 12 to have access to the digital service.

In a preferred embodiment, the predefined approval signal 52 is a call declination signal that the communication device 20 transmits when the user U declines the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a NO or similar button on the device 20. In another embodiment, the predefined approval signal 52 may be different,In a preferred embodiment, the predefined approval signal 52 is a call declination signal that the communication device 20 transmits when the user You declare the incoming call 48 initiated by the telecommunication server 16, eg by pressing a NO or similar button on the device 20. In another embodiment, the predefined approval signal 52 may be different,

e.g. a call acceptance signal.e.g. a call acceptance signal.

In an embodiment of the invention, an application may be run on the communication device 20 to selectively configure the predefined approval signal 52 based on signal induced by a user interaction with the communication device 20, e.g. a button signal caused by pressing a NO, YES or some other physical button or virtual button on a touch screen.In an embodiment of the invention, an application may be run on the communication device 20 to selectively configure the predefined approval signal 52 based on signal induced by a user interaction with the communication device 20, eg a button signal caused by pressing a NO, YES or some other physical button or virtual button on a touch screen.

On the other hand, if the received response signal 50 is a predefined rejection signal 56, the communication server 18 transmits a negative authentication signal 58 to the host server 16. Responsive to said negative authentication signal 58 the host server 16 denies the terminal station 12 to have access to the digital service.On the other hand, if the received response signal 50 is a predefined rejection signal 56, the communication server 18 transmits a negative authentication signal 58 to the host server 16. Responsive to said negative authentication signal 58 the host server 16 denies the terminal station 12 to have access to the digital service.

The user of the communication device 20 may cause the device 20 to send the predefined rejection signal 56 if another, fraudulent person has requested access to the digital service using the user identification data of the user. Then, access to the digital service is effectively denied.The user of the communication device 20 may cause the device 20 to send the predefined rejection signal 56 if another, fraudulent person has requested access to the digital service using the user identification data or the user. Then, access to the digital service is effectively denied.

In a preferred embodiment, the predefined rejection signal 56 is a call acceptance signal that the communication device 20 transmits when the user U accepts the incoming call 48 initiated by the telecommunication server 16, e.g. by pressing a YES or similar button on the device 20. In another embodiment, the predefined rejection signal 56 may be different,In a preferred embodiment, the predefined rejection signal 56 is a call acceptance signal that the communication device 20 transmits when the user You accept the incoming call 48 initiated by the telecommunication server 16, eg by pressing a YES or similar button on the device 20. In another embodiment, the predefined rejection signal 56 may be different,

e.g. a call declination signal.e.g. a call declining signal.

Optionally, a communication session is set up between the communication device 20 and the telecommunication server 18, e.g. for informing the user U about details concerning the access request 40 and/or terminal station 12.Optionally, a communication session is set up between the communication device 20 and the telecommunication server 18, e.g., for informing the user. About details about the access request 40 and / or terminal station 12.

If the response signal 50 is not a predefined approval signal 52 or a predefined rejection signal 56, the host server 16 may transmit another call request to the telecommunication server and/or may transmit a message to the terminal station 12 informing the user U that something went wrong when processing the access request 40.If the response signal 50 is not a predefined approval signal 52 or a predefined rejection signal 56, the host server 16 may transmit another call request to the telecommunication server and / or may transmit a message to the terminal station 12 informing the user U that something went wrong when processing the access request 40.

Advantageously, the method may further include a step of offering, via the user interface 14, an alternative authorization process, before the step of transmitting the call request 46 to the telecommunication server 18. As an example, the user U may enter a password or may transmit biometric data such as iris recognition data.Advantageously, the method may further include a step of offering, via the user interface 14, an alternative authorization process, before the step of transmitting the call request 46 to the telecommunication server 18. As an example, the user You may enter a password or may transmit biometric data such as iris recognition data.

Further, an alternative authorization process may be initiated if no positive authentication signal 54 is received by the host server 16.Further, an alternative authorization process may be initiated if no positive authentication signal 54 is received by the host server 16.

In principle, the terminal station 12, the host server 16, the telecommunication server 18 and the communication device 20 are separate devices. However, devices can be physically integrated. As an example, functionality of the terminal station 12 may be available on the communication device 20. Then, the user U interacts with the communication device 20 for initiating the access request 40, entering the user identification data and responding to the incoming call 48 that is initiated by the telecommunication server 18.In principle, the terminal station 12, the host server 16, the telecommunication server 18 and the communication device 20 are separate devices. However, devices can be physically integrated. As an example, functionality of the terminal station 12 may be available on the communication device 20. Then, the user You interacts with the communication device 20 for initiating the access request 40, entering the user identification data and responding to the incoming call 48 that is initiated by the telecommunication server 18.

The method for providing access to a digital service can be performed using dedicated hardware structures, such as FPGA and/or ASIC components. Otherwise, the method can also at least partially be performed using a computer program product comprising instructions for causing a processor of a computer system or a control unit to perform the above described step of the method according to the invention, or at least a substep thereof. As an example, the step of forwarding the user identification data from the terminal station to the host server is preferably initiated by the terminal station, while the step of forwarding a call request to the telecommunication server is preferably initiated by the host server.The method for providing access to a digital service can be performed using dedicated hardware structures, such as FPGA and / or ASIC components. Otherwise, the method can also be at least partially performed using a computer program product including instructions for causing a processor or a computer system or a control unit to perform the above described step of the method according to the invention, or at least a substep . As an example, the step of forwarding the user identification data from the terminal station to the host server is preferably initiated by the terminal station, while the step of forwarding a call request to the telecommunication server is preferably initiated by the host server.

All steps can in principle be performed on a single processor. However, it is noted that at least one sub-step can be performed on a separate processor. A processor can be loaded with a specific software module. Dedicated software modules can be provided.All steps can be performed in principle on a single processor. However, it is noted that at least one sub-step can be performed on a separate processor. A processor can be loaded with a specific software module. Dedicated software modules can be provided.

The invention is not restricted to the embodiments described herein. It will be understood that many variants are possible.The invention is not restricted to the described described. It will be understood that many variants are possible.

These and other embodiments will be apparent for the person skilled in the art and are considered to fall within the scope of the invention as defined in the following claims. For the purpose of clarity and a concise description features are described herein as part of the same or separate embodiments. However, it will be appreciated that the scope of the invention may include embodiments having combinations of all or some of the features described.These and other expands will be apparent to the person skilled in the art and are considered to fall within the scope of the invention as defined in the following claims. For the purpose of clarity and concise description features are described as part of the same or separate exp. However, it will be appreciated that the scope of the invention may include not including combinations of all or some of the features described.

Claims (13)

ConclusiesConclusions 1. Werkwijze voor het verschaffen van toegang tot een digitale dienst, omvattend de stappen van:A method for providing access to a digital service, comprising the steps of: - het ontvangen van een toegangsverzoek via een gebruikersinterface op een eindstation;- receiving an access request via a user interface at a terminal; 5 - het verschaffen van een identificatieverzoek op het genoemde gebruikersinterface;- providing an identification request on said user interface; - het ontvangen van gebruikersidentificatie data via het genoemde gebruikersinterface, de gebruikersidentificatiedata geassocieerd zijnde met een gebruikersaccount;- receiving user identification data via said user interface, the user identification data being associated with a user account; 10 - het doorsturen van de gebruikersidentificatie data van het eindstation naar een host-server die de digitale dienst verschaft;- forwarding the user identification data from the terminal to a host server providing the digital service; - het uitzenden van een oproepverzoek aan een telecommunicatieserver die tijdens bedrijf in communicatie is met een communicatieapparaat geassocieerd met het genoemde- transmitting a call request to a telecommunications server that is in communication during operation with a communication device associated with said 15 gebruikersaccount;15 user account; - het initiëren, door de telecommunicatieserver, van een inkomende oproep op het genoemde communicatie apparaat;- initiating, by the telecommunication server, an incoming call on said communication device; - het ontvangen, door de telecommunicatieserver, van een antwoordsignaal van het genoemde communicatieapparaat;- receiving, by the telecommunication server, a response signal from said communication device; 20 - het uitzenden van een positief authenticatiesignaal van de telecommunicatie server aan de host-server indien het ontvangen signaal een van te voren vastgesteld goedkeuringssignaal, en- transmitting a positive authentication signal from the telecommunication server to the host server if the received signal is a predetermined approval signal, and - het machtigen van het eindstation om de digitale dienst te benaderen op de host-server.- authorizing the terminal to access the digital service on the host server. 2. Werkwijze volgens conclusie 1, waarbij het van tevoren vastgestelde goedkeuringssignaal een oproep weigerend signaal is.The method of claim 1, wherein the predetermined approval signal is a call rejecting signal. 3. Werkwijze volgens conclusie 1 of 2, waarbij toegang tot de digitale dienst op de host-server wordt geweigerd als het antwoordsignaal een van tevoren vastgesteld afwijzingssignaal is.The method according to claim 1 or 2, wherein access to the digital service on the host server is denied if the response signal is a predetermined rejection signal. 4. Werkwijze volgens conclusie 3, waarbij het van tevoren vastgestelde afwijzingssignaal een oproep accepterend signaal is.The method of claim 3, wherein the predetermined rejection signal is a call accepting signal. 5. Werkwijze volgens conclusie 3 of 4, waarbij een communicatie sessie opgezet wordt tussen het communicatie apparaat en de telecommunicatieserver.Method according to claim 3 or 4, wherein a communication session is set up between the communication device and the telecommunication server. 6. Werkwijze volgens één van de voorgaande conclusies, voorts omvattend een stap van het aanbieden van een alternatief autorisatie proces via de gebruikersinterface, vóór de stap van het uitzenden van een oproepverzoek aan de telecommunicatieserver.The method of any one of the preceding claims, further comprising a step of offering an alternative authorization process through the user interface, before the step of transmitting a call request to the telecommunication server. 7. Werkwijze volgens een van de voorgaande claims , voorts omvattend een stap van het aanbieden van een alternatief autorisatie proces via de gebruikersinterface, als er geen positief authenticatiesignaal wordt ontvangen op de host-server.A method according to any of the preceding claims, further comprising a step of offering an alternative authorization process via the user interface, if no positive authentication signal is received on the host server. 8. Werkwijze volgens een van de voorgaande claims, waarbij functionaliteit van het eindstation beschikbaar is op het communicatieapparaat.8. Method according to one of the preceding claims, wherein functionality of the terminal is available on the communication device. 9. Autorisatiesysteem voor het verschaffen van toegang tot een digitale dienst, omvattend een eindstation voorzien van een gebruikersinterface, een host-server en een telecommunicatieserver, waarbij het systeem is ingericht voor het uitvoeren van de stappen van:An authorization system for providing access to a digital service, comprising a terminal provided with a user interface, a host server and a telecommunications server, the system being adapted to perform the steps of: - het ontvangen van een toegangsverzoek via een gebruikersinterface op een eindstation;- receiving an access request via a user interface at a terminal; - het verschaffen van een identificatieverzoek op het genoemde interface;- providing an identification request on said interface; - het ontvangen van gebruikersidentificatie data via het genoemde gebruikersinterface, de gebruikersidentificatiedata geassocieerd zijnde met een gebruikersaccount;- receiving user identification data via said user interface, the user identification data being associated with a user account; - het doorsturen van de gebruikersidentificatie data van het eindstation aan een host-server die de digitale dienst aanbiedt;- forwarding the user identification data from the terminal to a host server that offers the digital service; - het uitzenden van een oproepverzoek aan een telecommunicatieserver die tijdens gebruik in communicatie is met een communicatieapparaat geassocieerd met het genoemde gebruikersaccount;- transmitting a call request to a telecommunications server that is in use during communication with a communication device associated with said user account; - het initiëren, door de telecommunicatieserver, van een inkomende oproep op het genoemde communicatieapparaat;- initiating, by the telecommunication server, an incoming call on said communication device; - het ontvangen, door de telecommunicatieserver, van een antwoordsignaal van het genoemde communicatieapparaat;- receiving, by the telecommunication server, a response signal from said communication device; - het uitzenden van een positief authenticatiesignaal van de telecommunicatieserver aan de host-server als het ontvangen antwoordsignaal een van tevoren vastgesteld goedkeuringssignaal is, en- transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predetermined approval signal, and - het machtigen van het eindstation om de digitale dienst te benaderen op de host-server.- authorizing the terminal to access the digital service on the host server. 10. Een systeem volgens conclusie 9, waarin functionaliteit van het eindstation beschikbaar is op het mobiele communicatie apparaat.A system according to claim 9, wherein functionality of the terminal is available on the mobile communication device. 11. Een computerprogrammaproduct voor het verschaffen van toegang tot een digitale dienst, het computerprogrammaproduct omvattende door een computer leesbare code om een processor in staat te stellen de stappen te laten uitvoeren van:A computer program product for providing access to a digital service, the computer program product comprising computer readable code to enable a processor to perform the steps of: - het ontvangen van een toegangsverzoek via een gebruikersinterface op een eindstation;- receiving an access request via a user interface at a terminal; - het verschaffen van een identificatieverzoek op het genoemde gebruikersinterface;- providing an identification request on said user interface; - het ontvangen van gebruikersidentificatie data via het genoemde gebruikersinterface, de gebruikersidentificatie data geassocieerd- receiving user identification data via said user interface, the user identification data associated 5 zijnde met een gebruikersaccount;5 being with a user account; - het doorsturen van de gebruikersidentificatie data van het eindstation aan een host-server die de digitale dienst verschaft;- forwarding the user identification data from the terminal to a host server providing the digital service; - het uitzenden van een oproepverzoek aan een telecommunicatieserver die tijdens bedrijf in communicatie is met- sending a call request to a telecommunications server that is in communication with 10 een communicatieapparaat geassocieerd met het genoemde gebruikersaccount;10 a communication device associated with said user account; - het initiëren, door de telecommunicatieserver, van een inkomende oproep op het genoemde communicatieapparaat;- initiating, by the telecommunication server, an incoming call on said communication device; - het ontvangen, door de telecommunicatie telecommunicatieserver,- the reception by the telecommunications telecommunications server, 15 van een antwoordsignaal van het genoemde communicatieapparaat;15 a response signal from said communication device; - het uitzenden van een positief authenticatiesignaal van de telecommunicatieserver aan de host-server indien het ontvangen antwoordsignaal een van tevoren gedefinieerd- transmitting a positive authentication signal from the telecommunication server to the host server if the received response signal is a predefined 20 goedkeuringssignaal is, en20 is an approval signal, and - het machtigen van het eindstation om de digitale dienst te benaderen op de host-server.- authorizing the terminal to access the digital service on the host server. 1/31/3
NL2017801A 2016-11-16 2016-11-16 A method, apparatus and computer program product for providing access to a digital service NL2017801B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
NL2017801A NL2017801B1 (en) 2016-11-16 2016-11-16 A method, apparatus and computer program product for providing access to a digital service
PCT/NL2017/050744 WO2018093258A1 (en) 2016-11-16 2017-11-16 A method, apparatus and computer program product for providing access to a digital service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
NL2017801A NL2017801B1 (en) 2016-11-16 2016-11-16 A method, apparatus and computer program product for providing access to a digital service

Publications (1)

Publication Number Publication Date
NL2017801B1 true NL2017801B1 (en) 2018-05-25

Family

ID=58501764

Family Applications (1)

Application Number Title Priority Date Filing Date
NL2017801A NL2017801B1 (en) 2016-11-16 2016-11-16 A method, apparatus and computer program product for providing access to a digital service

Country Status (2)

Country Link
NL (1) NL2017801B1 (en)
WO (1) WO2018093258A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011161461A1 (en) * 2010-06-23 2011-12-29 Applied Neural Technologies Limited Identity verification
EP2611096A1 (en) * 2011-12-28 2013-07-03 Gemalto SA Method for authenticating a user using a second mobile device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011161461A1 (en) * 2010-06-23 2011-12-29 Applied Neural Technologies Limited Identity verification
EP2611096A1 (en) * 2011-12-28 2013-07-03 Gemalto SA Method for authenticating a user using a second mobile device

Also Published As

Publication number Publication date
WO2018093258A1 (en) 2018-05-24

Similar Documents

Publication Publication Date Title
US11113679B2 (en) Method and system for cardless use of an automated teller machine (ATM)
US11700529B2 (en) Methods and systems for validating mobile devices of customers via third parties
US8990909B2 (en) Out-of-band challenge question authentication
AU2017203608B2 (en) Mobile human challenge-response test
KR102141836B1 (en) Two factor authentication
US9578022B2 (en) Multi-factor authentication techniques
AU2020200743B2 (en) Real time EFT network-based person-to-person transactions
US11943222B2 (en) Systems and methods for multi-device multi-factor authentication
US12130897B2 (en) Systems and methods for initiating an authenticated session
US20190089538A1 (en) Smart login method using messenger service and apparatus thereof
NL2017801B1 (en) A method, apparatus and computer program product for providing access to a digital service
KR20160137192A (en) User authentication server and method for authenticating user
JP2018036790A (en) Authentication device, identity verification method, and program
US12488080B2 (en) Method and system for user authentication
KR20190118253A (en) Simple authentication method and system
US10701058B1 (en) System and method for user identification and authentication
KR20170037241A (en) Method and system for messaging automatic response service
KR20150136957A (en) Method and apparatus for authentication using multi-key
CA2944084A1 (en) Provisioning of secure application

Legal Events

Date Code Title Description
MM Lapsed because of non-payment of the annual fee

Effective date: 20191201