公开(公告)号：US11985118B2

公开(公告)日：2024-05-14

申请号：US17613630

申请日：2021-05-13

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: H04L9/40

CPC classification number: H04L63/0823 ,  H04L63/166

Abstract: A software system that has an embedded browser, an authenticator and a data channel module where the authenticator is adapted to authenticate a user, to authenticate a data channel and to bind the user authentication with the authenticated channel is disclosed. The authenticator is further adapted to communicate with the user via a graphical user interface of the embedded browser using graphical and control primitives of the authenticator and/or using a stand-alone graphical user interface of the authenticator, and the data channel module is adapted to communicate with service provider servers via a secure protocol, to communicate with the embedded browser and to communicate with the authenticator. A method of authentication using this system increases security and user comfort when accessing services and data requiring authentication is also disclosed.

公开(公告)号：US10771441B2

公开(公告)日：2020-09-08

申请号：US15737684

申请日：2016-07-06

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann ,  Vlastimil Klima

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32

Abstract: A method of securing authentication in electronic communication between at least one user authentication mechanism and at least one server authentication mechanism, wherein primary authentication is performed in the first step, and during the primary authentication a secondary authentication secret is created and shared between the user authentication and the server authentication mechanisms and is valid only for the given authentication transaction, and the secondary authentication secret is subsequently used as an input for a cryptographic transformation performed by the user authentication mechanism separately on each authentication vector element while creating the first authentication vector product, wherein authentication vector (AV) is an ordered set of authentication vector elements (AVE)(i)), wherein the first authentication vector product is transferred from the user authentication mechanism to the server authentication mechanism and is evaluated by the server authentication mechanism using the secondary authentication secret.

公开(公告)号：US10897358B2

公开(公告)日：2021-01-19

申请号：US15737708

申请日：2016-07-06

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  H04W12/12 ,  G06F21/44 ,  H04L9/12 ,  H04W12/00

Abstract: The invention provides a method for mapping at least two authentication devices to a user account using an authentication server, where each authentication device connects to the authentication server using a secured communication channel; their mapping to the user account is recorded on the authentication server, and, when a transfer of data between the authentication devices mapped to the user account occurs, the data is passed over from the first authentication device to the authentication server using a secured communication channel and from the authentication server to another authentication device mapped to the account of said user using a secured communication channel, where the aforesaid secured communication channel is created by the second authentication device. This procedure allows the use of a single personal local authentication factor for multiple authentication devices and increases the security of authentication of devices with authentication servers.

公开(公告)号：US10091189B2

公开(公告)日：2018-10-02

申请号：US14893058

申请日：2014-05-21

Applicant: ADUCID s.r.o

Inventor： Libor Neumann

IPC: H04L9/32 ,  G06F17/00 ,  H04L9/00 ,  H04L29/06

Abstract: The invention solves the way of authentication of secured data channel between two sides (A, B) when there is at first established a non-authenticated protected data channel (1), with ending (3) of the data channel (1) on the first side (A) and ending (4) of the data channel (1) on the other side (B) and with target application (7) on the first side (A) and target application (8) on the other side (B), while the endings (3) and (4) have a non-authenticated shared secret (5), consequently, on both sides (A, B) of the data channel (1) there are calculated the data derived from non-authenticated shared secret (5), then the data derived from the non-authenticated shared secret (5) are passed via external communication means out of the data channel (1) to two sides (11, 12) of the external authentication system (2), which consequently performs authentication of communicating sides (A, B) including authentication of the data channel (1).

公开(公告)号：US11374920B2

公开(公告)日：2022-06-28

申请号：US16968030

申请日：2019-02-19

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: H04L67/1095 ,  H04L67/306 ,  H04L9/40

Abstract: An authentication system for use with personal electronic identity gadgets of at least one user of services in that the personal electronic identity gadgets are configured to authenticate to a main service provider and are configured to trigger synchronization of data storages of service providers. The system has a data storage of an authentication system server component of at least one main service provider. The data storage is synchronizable with data storage(s) of server component(s) of at least one other service provider, either directly or via personal electronic identity gadgets, and the authentication system server component of the at least one main service provider is configured for mapping personal electronic identity gadgets to the account of the user of services. The system offers an authentication method that allows to recover from emergencies and/or increase the user comfort and/or increase security.

公开(公告)号：US10686777B2

公开(公告)日：2020-06-16

申请号：US15737698

申请日：2016-07-06

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: G06F21/10 ,  H04L29/06 ,  H04L9/32 ,  H04W12/06 ,  G06F21/31 ,  G06F21/32

Abstract: A method of establishing protected electronic communication, secure transfer and processing of information among three or more subjects in which, at first, a first secure authenticated channel is created using an authentication system between a first subject and a second subject, and this channel is used by the first subject, in co-operation with the second subject, to create an authentication object stored on the second subject and provided with authentication object methods, whereas the first subject configures methods of authentication object by assigning to each method of the authentication object a rights control information for at least one other subject and optionally also a rights control information for the first subject to use at least one method of the authentication object, and then the first secure authenticated channel is closed.

公开(公告)号：US20160119317A1

公开(公告)日：2016-04-28

申请号：US14893058

申请日：2014-05-21

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/083 ,  H04L9/3247 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/18 ,  H04L2463/061

Abstract: The invention solves the way of authentication of secured data channel between two sides (A, B) when there is at first established a non-authenticated protected data channel (1), with ending (3) of the data channel (1) on the first side (A) and ending (4) of the data channel (1) on the other side (B) and with target application (7) on the first side (A) and target application (8) on the other side (B), while the endings (3) and (4) have a non-authenticated shared secret (5), consequently, on both sides (A, B) of the data channel (1) there are calculated the data derived from non-authenticated shared secret (5), then the data derived from the non-authenticated shared secret (5) are passed via external communication means out of the data channel (1) to two sides (11, 12) of the external authentication system (2), which consequently performs authentication of communicating sides (A, B) including authentication of the data channel (1).

Abstract translation: 本发明解决了当首先建立未认证的受保护数据信道（1）时，双方（A，B）之间的安全数据信道的认证方式，其中数据信道（1）的结束（3）在 另一侧（B）上的数据通道（1）的第一侧（A）和结束（4）以及另一侧（B）上的第一侧（A）和目标应用（8）上的目标应用（7） ），而结尾（3）和（4）具有未认证的共享秘密（5），因此在数据信道（1）的两侧（A，B）上，计算从未认证的 共享秘密（5），则从非认证共享秘密（5）导出的数据经由外部通信装置从数据信道（1）传递到外部认证系统（2）的两侧（11,12） ，从而对包括数据信道（1）的认证的通信侧（A，B）进行认证。

公开(公告)号：US10771970B2

公开(公告)日：2020-09-08

申请号：US15737717

申请日：2016-07-06

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann ,  Vlastimil Klima

IPC: H04W12/06 ,  H04L29/06 ,  H04L9/32

Abstract: A method of authenticating the communication of an authentication device and at least one authentication server using a local factor with creation of secret information shared by the authentication device and the authentication server; the reference information is derived from the secret information shared by the authentication device and the authentication server, where the manner of derivation is the same on the authentication device and on the authentication server; furthermore, the authentication device creates transformed reference information by means of cryptographic transformation from the reference information, where the local factor chosen and entered by the user or obtained from a medium or from the surrounding environment is used as an input in this cryptographic transformation, and where only the transformed reference information is stored on the authentication device and only the reference information is stored on the authentication server.

公开(公告)号：US10192075B2

公开(公告)日：2019-01-29

申请号：US14904433

申请日：2014-07-11

Applicant: ADUCID s.r.o.

Inventor： Libor Neumann

IPC: H04L9/32 ,  G06F21/83 ,  G06F21/36

Abstract: The solution provides a method of secret information entering into an electronic digital device by a user via the input/output device, when the electronic digital device assigns a multimedia information designed for interaction containing the elements (1) is such a way that their relation to control elements of the electronic digital device is variable between individual displays. Then, the user selects elements (1) of multimedia information designed for interaction assigned to elements (2) of secret information in an order corresponding with the order of elements (2) of secret information, so by selecting the elements (1) of multimedia information designed for interaction the user selects the elements (2) of secret information in given order.

公开(公告)号：US20160154980A1

公开(公告)日：2016-06-02

申请号：US14904433

申请日：2014-07-11

Applicant: ADUCID S.R.O.

Inventor： Libor Neumann

IPC: G06F21/83

CPC classification number: G06F21/83 ,  G06F21/36

Abstract: The solution provides a method of secret information entering into an electronic digital device by a user via the input/output device, when the electronic digital device assigns a multimedia information designed for interaction containing the elements (1) is such a way that their relation to control elements of the electronic digital device is variable between individual displays. Then, the user selects elements (1) of multimedia information designed for interaction assigned to elements (2) of secret information in an order corresponding with the order of elements (2) of secret information, so by selecting the elements (1) of multimedia information designed for interaction the user selects the elements (2) of secret information in given order.

Abstract translation: 该解决方案提供了当用户通过输入/输出设备进入电子数字设备时的秘密信息的方法，当电子数字设备分配专门为包含元素（1）的交互设计的多媒体信息时，它们与 电子数字设备的控制元件在各个显示器之间是可变的。 然后，用户按照与秘密信息的元素（2）的顺序相对应的顺序选择被设计用于分配给秘密信息的元素（2）的交互的多媒体信息的元素（1），因此通过选择多媒体元素（1） 设计用于交互的信息，用户以给定的顺序选择秘密信息的元素（2）。