Search International and National Patent Collections

1. (WO2018050293) USER SIGN-IN AND AUTHENTICATION WITHOUT PASSWORDS

Pub. No.:    WO/2018/050293    International Application No.:    PCT/EP2017/025257
Publication Date: Fri Mar 23 00:59:59 CET 2018 International Filing Date: Sat Sep 16 01:59:59 CEST 2017
IPC: H04L 29/06
H04L 9/32
Applicants: GURULOGIC MICROSYSTEMS OY
Inventors: KÄRKKÄINEN, Tuomas
KALEVO, Ossi
Title: USER SIGN-IN AND AUTHENTICATION WITHOUT PASSWORDS
Abstract:
A data security system is provided. The data security system includes at least a first party and a second party that are mutually coupled via a data communication arrangement, wherein the data communication arrangement is operable to provide for user authentications and/or user sign-in. The first and second parties are provided with identical or mutually compatible copies of a digital key code list that includes keys and indexes referencing the keys. The first party is operable to deliver to the second party an authentication message including an index of a key to be derived, a unique identifier (ID) of a digital key code list from which the key is to be derived, and additional information indicative of at least one of: a unique user ID associated with the first party, a session token previously-received from the second party, a date and time at which an attempt for user authentications and/or user sign-in is made. The additional information is provided in an encrypted form. The first and second parties are operable to use, when performing data communication therebetween, for providing user authentications and/or user sign-in, the key that is derived from the digital key code list based upon the index included within the authentication message, and to dispose of the key after use, wherein the key is arranged to be usable only once between the first and second parties.