2 i ompanso
Contents
1. 0098 in the simplest case the online service specifies no constraint for the dynamic code In this case the parameters indicated by the online service to the code server will be PO P1 undefined P2 manual P3 none P4 none The soft ware of the code server will then execute a random selection ofa calling line number from the available lines This case is the one particularly suited to the replacement ofa static pass word by a dynamic code for a login 0099 Through the Example 1 the additional advantages ofthe method due to the parameterizing ofthe dynamic code request by the online service can be seen namely that the online service can use a dynamic extraction method that is to say define on each dynamic code request the number of digits that make up the dynamic code and the extraction rule The security linked to the use of a dynamic code is thus reinforced by introducing additional random elements in addition to the dynamic nature of the code itself namely in particular the length of the dynamic code or its extraction method 0100 The algorithm of the online service is therefore designed at the same time to specify using the parameters described previously both the characteristics of the dynamic code to be generated by the code server and its extraction mode 0101 Step 1b substantially simultaneously with the request to send a dynamic code in 1a the computer program ofthe online service reacts to the reception2. eters then make a choice of a line which will be the calling line 0105 It might be thought that in certain cases where the number of constraints would be too great the algorithm may fail to find any calling line In this case the code server indicates to the online service the impossibility of satisfying this particular code request and suggests for example a relaxation of the constraints The probability of culminating in an impossibility will be all the lower the greater the number of available lines 0106 Incase of success a calling line is selected by the code server which initiates a telephone call from the calling line to the telephone of the user and communicates the num ber of the calling line to the online service via a secure connection 0107 In the above Example 1 without constraint the algorithm of the code server will make random selection of a line from the available lines and initiate a call to the telephone of the user from the calling line 0108 Step 2b then transmission by the code server 2 of the calling line number selected in 2a to the online service which communicates it to the specific software 5 in order for the latter then to be able to verify the code that will be input by the user in response to the call from the code server 0109 Step 3 next the specific software 6 of the code server 2 initiates a telephone call to the telephone 8 of the user using the calling line number selected previousl
3. for the dynamic code being indicated in the message trans mitted by the online service to the network terminal of the user 0036 There are two methods for extracting and using the dynamic code from the calling line number namely a manual Mar 7 2013 mode and a more automated mode involving a specific appli cation installed on the telephone of the user 0037 Thus in a manual extraction mode the user will be able to simply view the number of the calling line which is displayed on the screen of his or her telephone and manually extract therefrom the digits of the dynamic code based on the extraction rule which is displayed on the screen of his or her network terminal Then the user will input the digits of the dynamic code on his or her network terminal for the dynamic code to be transmitted to the software of the online service which will compare it to the reference dynamic code obtained via the code server 0038 In another more automated mode of use the num ber ofthe calling line may be captured once the call is made by a software application installed for this purpose on the telephone of the user or any equivalent device This applica tion will then extract from the number of the calling line the dynamic code to perform the task for which it was provided for example the creation of another code the generation of a digital signature etc The extraction will be done either on the basis of an extraction rule predefined
4. comprising a software module suit able for specifying a dynamic code request in the form of a series of parameters on the basis of the user and of the use of the dynamic code for generating a rule for extracting the dynamic code and for transmitting such a dynamic code request to the code server said code server comprising a software module suitable for selecting a calling line from a set of available lines for which the number satisfies the parameters submitted in the dynamic code request for calling the telephone of the user from the calling line and for transmitting a the number of the calling line to said computer server and said software module of the computer server of the online service also being suitable for comparing the dynamic code extracted from the number of the calling line received from the code server and a dynamic code received from the network terminal of the user
5. in the software of the telephone of the user or an extraction rule communicated by the online service to the telephone of the user 0039 To give more detail the method according to the invention also comprises the following steps 0040 transmission by the online service to said code server ofa request to send a dynamic code to a given user of the online service together with a set of parameters specifying the dynamic code 0041 transmission by the online service of a call noti fication sent to the network terminal of the user 0042 after the selection by the code server of a calling line telephone number transmission by the code server of the number of the duly selected calling line to the server of the online service and extraction by said server of the dynamic code from the calling line number 0043 initiation ofa telephone call by the code server to the telephone of the user using the previously selected calling line number 0044 on reception of the telephone call by the tele phone of the user manual or automatic extraction of the dynamic code on the basis ofthe calling line number and of the previously notified extraction rule 0045 transmission by the user of the duly extracted dynamic code to the server of the online service by means of his or her network terminal 0046 onreception of the dynamic code by the server of the online service comparison between the locally obtained dynamic code and the dynamic co
6. ofthe identifier of the user by sending to the network terminal 7 of the user a message to be displayed indicating the imminent arrival of a call which he or she must not answer and the procedure to be followed by the user upon the reception of this call from the calling line that is to say in particular how to extract from the number of the calling line which will be displayed on his or her telephone which digits of the number must be taken into account to make up the dynamic code 0102 For example the message transmitted by the online service to the telephone of the user will be of the type you will be receiving a telephone call from a number beginning with 331234 do not answer this call and use the last 5 digits of this number as password simultaneously the online service sends via a secure connection 3 a dynamic code request to the code server by supplying it with all the parameters which the dynamic code must satisfy 0103 Step 2a on reception of the dynamic code request the specific software 6 of the code server 2 proceeds to select a calling line from the available lines This selection is made onthe basis ofthe parameters indicated by the online service US 2013 0060892 A1 0104 The code server launches its calling line selection algorithm This algorithm will analyze the different con straints represented by the parameters Pi and search through all the available lines for those which can satisfy said param
7. US 20130060892A1 as United States a2 Patent Application Publication 0 Pub No US 2013 0060892 A1 Barthelemy 43 Pub Date Mar 7 2013 54 METHOD FOR PROVIDING A DYNAMIC Publication Classification CODE VIA A TELEPHONE 51 Int Cl 75 Inventor Serge Barthelemy Montpellier FR G06F 15 16 2006 01 62 WSs CL th aeo tete et ete th 709 217 73 Assignee PAYCOOL INTERNATIONAL LTD Hong Kong S A R CN 67 ABSTRACT A user provides an identifier to a computer server operating 21 Appl No 13 575 483 an online service by means of a network terminal connected to the computer server by a digital network The user also 22 PCT Filed Jan 26 2011 provides a dynamic code that is to be used with the online service The dynamic code is made up ofa subset of digits that 86 PCT No PCT FR11 00054 makeup the number ofa calling line selected by a code server 371 cY1 from among a set of available lines so as to call the telephone ds a 20 Nov 19 2012 ofthe user The number for the dynamic code is transmitted to the online service by the code server The dynamic code is 30 Foreign Application Priority Data extracted from the number for the calling line on the basis of an extraction rule indicated by the online service on the net Jan 28 2010 FR onionenn 10 00347 work terminal of the user SOFTWARE SOFTWARE Server 1 side Server 2 side 11 Reception of the pararneters of the dynamic code and of the Transmi
8. are still one or more drawbacks the main one very often being the cost of use either because the dynamic code gen eration tool is itself costly or because the cost of routing such a code to the user is significant for example the cost of an SMS to send each new code To that is added the additional drawback that the banks or other organizations offering online services do not know in advance how many one time codes will be needed and consequently what will be the corresponding cost since this number depends solely on the number of cases of use of these codes Mar 7 2013 AIM OF THE INVENTION 0011 The general aim of the present invention is conse quently to provide a solution to the problems posed by the systems for supplying and routing one time codes used hith erto 0012 Another more specific aim of the invention is to propose a method for supplying dynamic codes that makes it possible to overcome the issues of deployment and cost in order to allow massive use of the dynamic codes within the framework of the infrastructures for online services 0013 In order to ensure a better clarity of the following description ofthe invention it is useful to introduce a certain number of definitions ofthe main elements involved in imple menting the method 0014 Online service This is a service or an application that is available or supplied digitally via a digital network of internet or equivalent type telecommunication network e
9. by the code server on the basis of the parameters supplied by the online service in its dynamic code request The calling line is selected from the available lines to make a call to the tele phone ofa user and of which the number has to be displayed on said telephone or any equivalent device suitable for receiving a telephone call such as for example a computer provided with a modem 0024 User This is a person having on the one hand a network terminal to access online services and on the other hand a telephone for personal use or any device suitable for receiving a telephone call and for displaying the number of a calling line The user wants to have access to and or use the functionalities ofan online service to which he or she will first have communicated his or her telephone number 0025 Dynamic code This is a code intended to be used directly or indirectly only for a single action or transaction between the user and the online service and whose validity period is advantageously limited in time of the order of a few minutes US 2013 0060892 A1 OBJECT OF THE INVENTION 0026 These aims are achieved by the method according to the invention In order to solve the problem posed the inven tion makes an innovative use of the code servers which are used by the online services In effect the invention provides for the generation ofthe dynamic codes which are then trans mitted to the user by the code server by means of a cal
10. de transmit ted by the user and if the two dynamic codes match validation of the dynamic code transmitted by the user 0047 According to the invention in order for the user to know that he or she will be receiving a dynamic code a call notification is sent to the network terminal of the user on the one hand to indicate that a dynamic code is incorporated in the calling line number used by the code server to call the tele phone of the user and on the other hand to communicate the rule for extracting the dynamic code from the calling line number 0048 Advantageously the notification transmitted to the network terminal of the user comprises instructions to not answer the call originating from the calling line This makes it possible to display the calling line number including the dynamic code without generating communication costs US 2013 0060892 A1 0049 Alternatively the code server is programmed to cut the telephone communication sent from the calling line to the telephone of the user after the first ring which makes it possible to achieve the same result 0050 Preferably the calling line number selected from the available lines according to the parameters supplied to the code server is valid only for a limited period typically of the order ofa few minutes in order to increase the security linked to the use ofthe dynamic code 0051 The method according to the invention is imple mented partly by a specific software m
11. e dynamic code request and of the parameters specifying it transmitted by the software 5 of the server operating the online service 0130 23 selection of a calling line from the available lines on the basis of the parameters specified in the dynamic code request by the online service 0131 24 sending of a telephone call from the calling line to the telephone number of the user 0132 25 transmission of the number of the calling line to the software 5 of the online service then return to the start 21 pending the next dynamic code request 0133 The software of the code server implements an algo rithm for determining the number of the calling line from the available lines on the basis of the parameters of the code request which has been received from the online service US 2013 0060892 A1 0134 To avoid having the transmission of the dynamic code to the user generate communication costs a first alter native consists in having the call notification sent by the online service ask the user not to answer the call from the calling line as described above As a variant or as a comple ment provision is advantageously made for the call made from the calling line by the code server to be interrupted by the code server itself after the first ring so as to avoid having the user answer bearing in mind that the call number will in any case remain displayed on the screen of the telephone of the user 0135 In all the emb
12. ection of calling line l 2 User telephone call Transmission f calling line numbe the parameters of the dynamic co Transmission of dynamic code request 20 o Extraction of 7 dynamic code 16 Reception of dynam code fromthe user terminal OK FIG 3 US 2013 0060892 A1 METHOD FOR PROVIDING A DYNAMIC CODE VIA A TELEPHONE 0001 The present invention relates to a method for gener ating delivering and checking dynamic code The method is of the type in which the dynamic code is made available to a user notably via a mobile or fixed line telephone The dynamic code can then be used for example to authenticate the user with the server of an online service or for any other use that requires a dynamic code to be obtained STATE OF THE ART 0002 In the digital economy the number of online ser vices and applications is greatly expanding and access to these services like the validation of certain actions requires either the authentication of the users or the digital validation of certain actions even digital signing 0003 The implementation of these methods of authenti cation with online services or of signature validation very often involves the use of a dynamic password or code also called one time password which is verified directly or indirectly either by the entity which requires it for example an online service or by an independen
13. en the user wants to connect to the online service he or she enters his or her identifier on the user interface of the network terminal 7 which transmits it via the network 4 to the computer server 1 hosting the online service 0088 Step la at the request of the online service deter mination of the dynamic code specification parameters and generation of an extraction rule by the software application 5 and transmission of the request to send dynamic code to the software application 6 hosted by the code server 2 0089 The request to send dynamic code may vary accord ing to the requirements of the application installed on the online server 0090 Depending on the use which will be made of the dynamic code the online service will use an appropriate algorithm implemented by its application software to define the type of code that it wants to supply to the user by speci fying a certain number of parameters which are as many constraints as the dynamic code will have to satisfy 0091 As a nonlimiting example the parameters used to specify the type of code to be supplied to the user will com prise the following parameters 0092 PO this parameter relates to the identifier of the user if the latter is registered with the code server or his or her telephone number 0093 P1 this parameter relates to the number N of digits that the dynamic code must contain typically N is generally between 3 and 9 0094 P2 this parameter dete
14. er telephone 8 0114 Obviously in 4b the network terminal 7 transmits the input dynamic code to the software 5 of the online service 0115 Step 5 to finish the software 5 of the online service compares the dynamic code received via the terminal 7 of the user with that extracted from the calling line number trans mitted previously step 2b by the code server for this user If Mar 7 2013 there is a match between the two codes the software 5 of the online service authorizes the user to access the online service otherwise it displays a message indicating to the user that his or her identification or validation attempt has failed 0116 Variants can be implemented on the basis of the basic outline of the method which has just been described 0117 Thus it would be possible for an online service to have its own dedicated code server assigned to generate dynamic codes rather than having to communicate with a remote and independent code server 0118 Reference is now made to FIG 3 in which is repre sented the simplified functional flow diagram of the specific software packages 5 and 6 to be installed respectively in the computer server 1 hosting the online service and in the code server 2 in order to be able to implement the online service method of the invention 0119 The left hand part of FIG 3 represents the flow diagram 10 of the software 5 which should be run in the server 1 of the online service This software compris
15. es the following steps 0120 11 reception from a user terminal 7 of a request to access the online service hosted by the computer server 1 0121 12 generation of the specification in the form of a series of parameters of the dynamic code on the basis of the user and of the use which will be made of the dynamic code and determination of the rule for extraction from the calling line number 0122 13 transmission of a dynamic code request pro viding a set of parameters which said code must satisfy to the software 6 of the code server 2 0123 14 reception of a calling line number from the software 6 of the code server 0124 15 local extraction of the dynamic code from the calling line number 0125 16 reception of the dynamic code transmitted by the user terminal 7 0126 17 comparison of the locally extracted dynamic code and of the dynamic code transmitted by the user via his or her network terminal 7 If the two codes match the dynamic code of the user is declared valid and the user s access to the online service is authorized otherwise an error message is prepared by the software 5 and transmitted to the online service for display on the network terminal of the user 0127 The right hand part of FIG 3 represents the flow diagram 20 of the software 6 which must be run in the code server 2 This software comprises the following steps 0128 After the start 21 0129 22 reception of th
16. est and of the parameters specifying it transmitted by the software of the server operating the online service 0061 selection ofa calling line from the available lines on the basis ofthe dynamic code request transmitted by the software of the server operating the online service and of the parameters associated therewith 0062 sending ofa telephone call from the calling line to the telephone number of the user 0063 transmission of the number of the calling line to the software ofthe online service then return to the start pending the next dynamic code request 0064 Another subject of the invention is a system for supplying the user of an online service with a dynamic code via a telephone in which said user supplies on the one hand an identifier to a computer server operating an online service and on the other hand a dynamic code intended to be used by the user with the online service said system comprising 0065 a network terminal connected to said computer server by a digital network 0066 auser telephone suitable for displaying the tele phone number of a calling line Mar 7 2013 said system being characterized in that it also comprises 0067 computer server operating an online service 0068 a code server linked to said computer server by a secure digital link 0069 said computer server comprising a software mod ule suitable for specifying a dynamic code request in the form of a series of pa
17. f the dynamic code from the calling line number initiation of a telephone call by the code server to the telephone of the user by using the previously selected calling line number on reception of the telephone call by the telephone of the user manual or automatic extraction of the dynamic code on the basis of the calling line number and of the previously notified extraction rule transmission by the user of the duly extracted dynamic code to the server of the online service by means of his or her network terminal on reception ofthe dynamic code by the server ofthe online service comparison between the locally obtained dynamic code and the dynamic code transmitted by the user and if the two dynamic codes match validation of the dynamic code transmitted by the user 11 The method as claimed in claim 10 wherein the call notification is sent to the network terminal of the user to notify the user of a call emanating from the calling line whose number contains the dynamic code and to communicate to the user the rule for extracting the dynamic code from the calling line number 12 The method as claimed in claim 11 wherein the call notification transmitted to the network terminal of the user comprises instructions to not answer the call originating from the calling line 13 The method as claimed in claim 10 wherein the code server is programmed to cut the telephone communication sent from the calling line to the telephone of the use
18. im 7 wherein in the case of manual extraction of the dynamic code by the user the digits of the dynamic code are firstly chosen by the user from the display of the number of the calling line on the telephone of the user on the basis of the extraction rule communicated by the online service to the user then input on the network terminal of the user and communicated to the software of the online service 9 The method as claimed in claim 7 wherein in the case of automatic extraction of the dynamic code from the telephone US 2013 0060892 A1 number of the calling line the telephone of the user is pro vided with software suitable for reading the number of the calling line and for extracting the dynamic code therefrom on the basis of an extraction rule predefined in said software or communicated by the online service to the telephone of the user 10 The method as claimed in claim 1 further comprising the following steps transmission by the online service to said code server of a request to send a dynamic code to a given user with the online service together with a set of parameters speci fying the dynamic code transmission by the online service ofa call notification sent to the network terminal of the user after the selection by the code server of a calling line telephone number transmission by the code server ofthe number of the duly selected calling line to the server of the online service and extraction by said server o
19. l to the telephone of the user from a calling line chosen by the code server This choice of calling lineis determined on the basis of a specification issued by the online service 0027 Furthermore the dynamic code is contained in and transported directly by the number ofthe calling line which is viewed by the user on his or her telephone while avoiding the generation of the cost of a call or of an SMS 0028 It follows that in the invention the object the code and its transmission means the number ofthe calling line are intermingled it is the transmission means which is the code 0029 More specifically the subject of the invention is a method for supplying the user of an online service with a dynamic code via a telephone in which said user supplies on the one hand an identifier to a computer server operating an online service by means of a network terminal connected to said computer server by a digital network and on the other hand a dynamic code intended to be used with the online service said method being characterized in that the dynamic code is made up of a subset of the digits that make up the number of a calling line selected by a code server from a set of available lines to call the telephone of the user and the number of which is transmitted to the online service by the code server 0030 Advantageously the number of the calling line con taining the dynamic code is determined by an algorithm implemented by
20. odiments of the method according to the invention it is advantageous to assign a validity period to the dynamic code This period can typically be set to a few minutes 0136 It may also be advantageous for the code server to arrange for its lines to have a portion of their number com mon for example 33999 0137 This way the user friendliness ofthe method will be enhanced because when the user has become accustomed to this method he will quickly recognize a call from the code server and will not be tempted to answer the call 0138 In another embodiment the dynamic code included in the number of the calling line will be read automatically and used by an application installed on the telephone of the user 0139 This type of embodiment is particularly well suited to a situation in which a user has an application installed on his or her telephone or where the use thereof requires a dynamic code to be supplied In this case the application will itself be adapted to automatically capture the dynamic code included in the number of the calling line 0140 As an example this may correspond to the situation of an online bank user who will be asked by the online bank site to produce the digital signature of a transaction using his or her signature application previously installed on his or her telephone and requiring a dynamic code 0141 The method is identical to the one already described up to the step of extraction by the
21. odule incorporated in the server of the online service and which implements the following steps 0052 reception on behalf of a user terminal of a request to access the online service hosted by the computer server 0053 generation of the specification of the dynamic code in the form of a series of parameters on the basis of the user and of the use which will be made of the dynamic code and generation of the rule for extracting the dynamic code from the calling line number 0054 transmission ofa dynamic code request specified by a set of parameters to the code server 0055 reception of a calling line number from the code server 0056 local extraction on the server of the online service ofthe dynamic code from the calling line number 0057 reception ofthe dynamic code transmitted by the user terminal 0058 comparison of the locally extracted reference dynamic code and of the dynamic code transmitted by the user terminal and if the two codes match the dynamic code of the user is declared valid by the online service and the access of the user to the online service is authorized otherwise an error message is prepared by the software module ofthe online service for display on the network terminal of the user 0059 The method according to the invention is also partly implemented by another software module incorporated in the code server and implementing the following steps 0060 reception of the dynamic code requ
22. plication denoted 6 suitable for implementing the method US 2013 0060892 A1 according to the invention in cooperation with the other components of the system represented in FIG 1 0082 It should be noted that there is no limit to the nature of the transactions envisaged in the context of the online service they can be commercial or not of banking or other type inasmuch as a user has to be able to provide a dynamic code to the online service at the request thereof 0083 Furthermore on the user s side the method accord ing to the invention implements on the one hand a network terminal 7 and on the other hand a telephone 8 which can be a conventional cell phone or a fixed telephone provided with a display or even a computer device provided with a modem function 0084 The network terminal 7 is also connected to the computer server 1 via the digital network 4 in order for the user to be able to dialogue with the online service notably to be able to provide it with his or her identifier and his or her password in the form of a dynamic code 0085 To beableto use the method the online service may previously have registered the telephone number of the user 0086 There now follows a more detailed description through an example illustrated in FIG 2 of the method for supplying a dynamic code according to the invention 0087 Preliminary step 0 transmission by the user of his or her identifier to the online service wh
23. r 0076 The following description of the method according to the invention is made in the context of the conventional manual use of a dynamic code to allow access to an online services site without this context being in any way limiting Itis understood that the method thus described can be used in many other circumstances for example without this list being exhaustive 0077 to perform the authentication of users in the case of access to digital services the dynamic code then constituting one of the authentication factors 0078 to validate an action and check that the author is indeed who he or she pretends to be as is useful to validate an online banking transaction 0079 to provide a random factor or a challenge to any application installed on the telephone of the user such as for example a digital signature application 0080 Reference is made to FIG 1 The method imple ments an online service which is executed by a computer server 1 a code server 2 connected to the computer server 1 via a secure digital link 3 supplied for example by a network 4 of internet type The computer server 1 is a server like the many that exist in their thousands apart from the fact that it hosts a specific software application denoted 5 suitable for implementing with the other components of the system the method according to the invention which will be described below 0081 Similarly the code server 2 hosts a specific software ap
24. r after the first ring 14 The method as claimed in claim 1 wherein the calling line number selected from the available lines of the code server is valid only for a limited period of the order of a few minutes 15 The method as claimed in claim 2 wherein the software of the online service implements the following steps reception on behalf ofa user terminal of a request to access the online service hosted by the computer server generation of the specification of the dynamic code in the form of a series of parameters on the basis of the user and of the use which will be made of the dynamic code and generation of the rule for extracting the dynamic code from the calling line number Mar 7 2013 transmission of a dynamic code request to the code server and of a set of parameters specifying the dynamic code reception of a calling line number from the code server local extraction on the server of the online service of the dynamic code from the calling line number reception of the dynamic code transmitted by the user terminal comparison of the locally extracted dynamic code and of the dynamic code transmitted by the user terminal and if the two codes match the dynamic code of the user is declared valid by the online service and the access of the user to the online service is authorized otherwise an error message is prepared by the software of the online service for display on the network terminal of the user 16 The me
25. rameters on the basis of the user and ofthe use ofthe dynamic code for generating a rule for extracting the dynamic code and for transmitting such a dynamic code request to the code server 0070 said code server comprising a software module suitable for selecting a calling line from a set of available lines for which the number satisfies the parameters sub mitted in the dynamic code request for calling the tele phone of the user from the calling line and for transmit ting the number of the calling line to said computer server 0071 said software module of the computer server of the online service also being suitable for comparing the dynamic code extracted from the number of the calling line received from the code server and a dynamic code received from the network terminal of the user DESCRIPTION OF THE INVENTION 0072 The invention will be better understood by referring to the following description and to the appended figures in which 0073 FIG 1 represents a block diagram of a system suit able for implementing the method according to the invention 0074 FIG 2 represents an overall flow diagram of the method according to the invention showing all the elements ofthe system implementing the different steps including the network terminal and the telephone of the user 0075 FIG 3 represents a flow diagram of the steps of the method according to the invention as implemented by the online service and by the code serve
26. rmines the type of extraction of the dynamic code from the calling line number This extraction will be manual by the user from the calling line number displayed on his or her telephone or automatic and performed by a specific application installed on the telephone of the user 0095 P3 this parameter determines as appropriate any imposed values namely the values ofthe digits which should appear in the dynamic code if this 1s required by the online service This may be a single imposed value for example the first digit Cl of the dynamic code must be equal to 0 There may also be a requirement set by the online service concern Mar 7 2013 ing all the digits of the dynamic code in this case it is the entire dynamic code which is determined For example for a 4 digit code N 4 and an imposed dynamic code of 1234 for a given transaction 0096 P4 this parameter defines the extraction rule required The extraction rule defines in which position each digit Ci of the dynamic code should be situated in the number of the calling line Ci j i 1 N It is possible to have no extraction rule required notably when no value of Ci is speci fied 0097 Depending on the requirements of the online ser vice the algorithm ofthe online service will define the type of code to be transmitted to the user and communicate via a secure connection this request to the code server specifying the required parameters P0 P1 P2 P3 P4 EXAMPLE 1
27. ssion of dynamic code request Reception of calling line number 16 Reception of dynarni code fromthe user terminal i OK __ Reception of dynamiq 22 code request e NOK 21 23 Random selection of calling line 2 User telephone call Transmission of calling ine numbe Patent Application Publication Mar 7 2013 Sheet 1 of 3 US 2013 0060892 A1 Code server Telephone FIG 1 User terminal service Patent Application ERU um Y 5 VERIFICATION OF DYNAMIC COD d N eere e CALL RECEPTION MISSED Publication Mar 7 2013 Sheet 2 of 3 US 2013 0060892 A1 6 7 8 pf O Transmission of user X ID SPECIFIGATION AND REQUE E TO SEND pvc CODE FOR ee X 1b CALL NOTIFIGATION DISPLAY 2a SELECTIDN OF SAN LINE 2b SENDING OF THE CALLING LINE NUMBER a aso me Se Po carrer ae greene qo errr a ae ee 3 CALL WITH CALLING ee 4 EXTRACTION OF DYNAMIC CDDE INPUT OF DYNAMIC COE ON TERMIN 4b TRANSMISSION OF DYNAMIC LODE X n M ee ee Y E FIG 2 Patent Application Publication Mar 7 2013 Sheet 3 of 3 US 2013 0060892 A1 SOFTWARE l SOFTWARE Server 1 side Server 2 side 11 Reception of 21 Reception of dynamic code request 23 Random sel
28. t third party 0004 In particular there is an increasing demand among online service operators such as banks for example for safer authentication methods that in particular make it possible to increase the security with respect to attacks of the phishing type which involve cunningly obtaining a user s static pass word for an online service Increasing this security entails abandoning the static passwords and replacing them with dynamic passwords or authentication methods with a number of factors using one time codes 0005 Now there are already various methods for gener ating and supplying a user with a dynamic password for example by 0006 generating a code or password from using a dedi cated tool such as the one marketed by RSA under the brand name SecureID This tool makes it possible to compute and display a code which varies as a function of time for example every 60 seconds 0007 generating a dynamic code from cryptographic calculators using chip cards 0008 using SMS short message service to send a dynamic code to a cell phone of the user 0009 generating a dynamic code using a specific soft ware application installed on the cell phone or the SIM card ofthe telephone such a solution has been described in the French patent application number FR 08 00440 filed by the same applicant 0010 Most of these known methods obviously offer increased security compared to the use of static codes but there
29. tc and which asks its users to input a dynamic code to validate some of their actions for example a so called login code to allow access to the service or the provision of an authentica tion code in the context of a multiple factor authentication method or for the validation of transactions or digital signa ture etc 0015 Code server This is a computer server having 0016 secure connection capabilities with one or more online services 0017 data management and processing capabilities 0018 connections with one or more voice telephony networks 0019 access to a significantly large number of calling telephone lines advantageously several thousands or tens of thousands of lines called available lines 0020 a program and an algorithm that are capable of producing at the request of an online service the selec tion of a line number suitable for responding to said request from the available lines and for initiating a call from the selected line to the telephone number of a user 0021 The code server within the meaning ofthe invention may be operated either by the online service or by an entity that is independent of the online service 0022 Available lines These are telephone lines each hav ing a different telephone number made available perma nently or temporarily to the code server and from which the latter can make calls to the telephones of the users 0023 Calling line This is the line selected
30. ter mined by an algorithm implemented by the code server on the basis of a set of parameters included in a dynamic code request transmitted by the online service 3 The method as claimed in claim 2 wherein for a par ticular choice of the parameters included in the dynamic code request the determination of the calling line number by the code server is made by a random selection of the number of the calling line from the numbers of available lines for the code server 4 The method as claimed in claim 1 wherein the dynamic code is determined from the calling line number used by the code server to call the telephone of the user by a dynamic code extraction rule which designates the digits of the tele phone number of the calling line to be taken into account to make up the dynamic code 5 The method as claimed in claim 4 wherein the dynamic code extraction rule is either fixed or defined by the online service on the occasion of each dynamic code request 6 The method as claimed in claim 5 wherein the extraction rule comprises selecting the last 4 5 or 6 digits of the number of the calling line to make up the dynamic code 7 The method as claimed in claim 4 wherein the extraction of the dynamic code from the calling line number on the basis of said extraction rule is either performed manually by the user or performed automatically by a software application installed on the telephone of the user 8 The method as claimed in cla
31. the code server on the basis of a set of parameters included in a dynamic code request transmitted by the online service 0031 Fora particular choice ofthe parameters included in the dynamic code request the determination of the calling line number by the code server can be made by a random selection of the number of the calling line from the numbers of available lines for the code server 0032 Advantageously the dynamic code is determined from the calling line number used by the code server to call the telephone of the user by a dynamic code extraction rule which designates the digits of the telephone number of the calling line to be taken into account to make up the dynamic code 0033 The dynamic code extraction rule may be fixed but it could also vary and be redefined by the online service on the occasion of each dynamic code request 0034 As an example the digits that make up the dynamic code may be made up by the last 4 5 or 6 digits of the number of the calling line This very simply makes it possible for the user to select from the digits of the number of the calling line those that correspond to the dynamic code by applying the extraction rule supplied by his or her network terminal 0035 As a variant the dynamic code may be made up of the positions of a predetermined subset of digits taken from the digits that make up said telephone number of the calling line the positions of the digits to be taken into consideration
32. thod as claimed in claim 2 wherein the software of the code server implements the following steps reception of the dynamic code request transmitted by the software of the server operating the online service and of the parameters associated therewith selection of a calling line from the available lines on the basis of the dynamic code request transmitted by the software of the server operating the online service and of the parameters associated therewith sending of a telephone call from the duly selected calling line to the telephone number of the user and transmission of the number of the calling line to the soft ware of the online service then return to the start pend ing the next dynamic code request 17 A system for supplying the user of an online service with a dynamic code via a telephone in which said user supplies an identifier to a computer server operating an online service and a dynamic code intended to be used by the user with the online service said system comprising a network terminal connected to said computer server by a digital network auser telephone suitable for displaying the telephone num ber of a calling line a computer server operating an online service a code server linked to said computer server by a secure digital link said computer server operating the online service compris ing a software module suitable for transmitting a dynamic code request to the code server said computer server
33. trary in the method according to the invention the send ing of the dynamic code to the user does not generate any cost since there is no answer to the call made by the code server 0145 Furthermore this method operates with all the exist ing cell phones without exception and even with fixed line telephones which have a display or with computer systems provided with a modem and emulating the operation of a telephone Consequently this novel method can be used by the greatest possible number of subscribers to the telephony services In most of the cases envisaged in practice the dynamic code will be supplied to the user via his or her cell phone which makes it possible to use the huge base already installed of cell phones 1 A method for supplying the user ofan online service with a dynamic code via a telephone in which said user supplies on the one hand an identifier to a computer server operating an online service by means of a network terminal connected to said computer server by a digital network and a dynamic code to be used with the online service wherein the dynamic code is made up of a subset of the digits that make up the number of a calling line selected by a code server from a set of available lines to call a telephone of the user and wherein the number is transmitted to the online service by the code server 2 The method as claimed in claim 1 wherein the number of the calling line containing the dynamic code is de
34. user In the dynamic code specification parameters the online service indicates an auto matic usage mode in P2 and specifies the parameters P3 and P4 in such a way that the application installed on the tele phone of the user can extract dynamic code At this stage the user launches on his or her telephone the application which will use the dynamic code The application will then either consult the log of incoming calls and select the last number that of the calling line or ask the user which incoming call number it should take into account Once this selection is made the application automatically extracts the dynamic code from the number of the calling line and performs the tasks for which it was designed ADVANTAGES OF THE INVENTION 0142 The method according to the invention makes it possible to address the aims set and offers a number of decisive advantages compared to the known methods for gen erating and supplying one time codes 0143 Unlike the known methods the dynamic code will not be generated in the cell phone itself which would demand the onboard presence of specific software dedicated to this function 0144 Nor will the dynamic code be generated by the server of the online service then transmitted to the user via a conventional voice call or SMS because that would introduce Mar 7 2013 communication costs for the online service or for the user which is what the invention aims to make disappear On the con
35. y step 2a as call number 0110 Preferably when the software 6 of the code server 2 initiates a call to the telephone 8 of the user from the calling line for example 33 123456789 it interrupts this call after the first ring to avoid having the call answered by the user This makes it possible to have the number of the calling line containing the dynamic code displayed on the display of the telephone 8 of the user without this call consuming commu nication units 0111 Step 4 the user discovers the incoming call and the number of the calling line displayed on his or her telephone 8 He or she then extracts the dynamic code therefrom This extraction is done according to the indications given previ ously step 1b in the context of the dynamic code request sent by the online service 0112 Thus in the example chosen it will be sufficient for the user to read the last 5 digits of the displayed calling line number However many other encodings of the dynamic code within the number of the calling line will obviously be possible without departing from the framework of the present invention 0113 When the user has the dynamic code after its extrac tion he or she inputs the dynamic code in the space provided for the input of the password on his or her network terminal 7 Thus in the example chosen the user inputs on his or her network terminal 7 the last 5 digits of the calling line number which is displayed on his or h
Download Pdf Manuals
Related Search