公开(公告)号：WO02073542A3

公开(公告)日：2003-10-09

申请号：PCT/EP0202320

申请日：2002-03-04

Applicant: ERICSSON TELEFON AB L M ,  SCHUBA MARKO ,  WRONA KONRAD ,  QUINET RAPHAEL

Inventor： SCHUBA MARKO ,  WRONA KONRAD ,  QUINET RAPHAEL

IPC: H04L9/32

CPC classification number: H04L9/321 ,  H04L9/3231 ,  H04L2209/80

Abstract: A method for authentication of a user towards a unit (AR1) is described that uses unique biometric data of the user but avoids spreading of the sensitive biometric data. The method overcomes the problem of the lack of trustworthiness of a client (C1) operated by a user and the lack of trustworthinessof a unit (AR1) operate d by an institution offering services or goods introducing an authentication instance (AI1) operated by a third party that is trusted by both the user operating the client (C1) and the institution operating the unit. According to the invented method the responsability for the secure handling of the sensitive biometric data is taken from the institution operating the unit (AR1) requesting authentication and given to a trusted third party organization operating an authentication instance (AI1). The authentication instance (AI1) stores the sensitive biometric data and performs the authentication based on a pattern matching of a prestored pattern of biometric data and a pattern of biometric data recorded by the user.

Abstract translation: 描述了用户向单元（AR1）认证的方法，其使用用户的唯一生物测定数据，但是避免了敏感的生物特征数据的扩展。 该方法克服了由用户操作的客户端（C1）缺乏可信赖性以及由提供服务或提供由第三方操作的认证实例（AI1）的商品提供的单元（AR1）缺乏可信度的操作d的问题。 由操作客户端（C1）的用户和操作该单元的机构信任的一方。 根据本发明的方法，敏感生物特征数据的安全处理的责任是从操作单元（AR1）的机构请求认证，并给予操作认证实例（AI1）的受信任的第三方组织。 认证实例（AI1）存储敏感的生物统计数据，并且基于预先存储的生物特征数据模式和由用户记录的生物特征数据的模式的模式匹配来执行认证。

公开(公告)号：WO0239391A3

公开(公告)日：2003-03-20

申请号：PCT/EP0112299

申请日：2001-10-24

Applicant: ERICSSON TELEFON AB L M ,  WRONA KONRAD ,  TRACZ ROBERT DANIEL

Inventor： WRONA KONRAD ,  TRACZ ROBERT DANIEL

IPC: G06Q20/00 ,  G07F7/10

CPC classification number: H04L9/3263 ,  G06Q20/02 ,  G06Q20/06 ,  G06Q20/29 ,  G06Q20/3825 ,  G06Q20/3829 ,  H04L9/321 ,  H04L9/3257 ,  H04L2209/56

Abstract: The invention relates to a method of returning change to a payer in an electronic payment system. A payer determines a change return valu, generates and blinds a change return certificate, generates a first signature by signing the blinded change return certificate, and sends a message comprising the first signature to a payee. The payee forwards the message to a payment provider. The payment provider verifies the first signaure and the change return value indicated by the message, generates a blinded second signature by signing the blinded change retun certificate, and forwards the blinded second signature to the payer. The payer unblinds and verifies the blinded second signature, and forms a second payment certificate. The invention furthermore relates to a method of performing tasks of a payer and to a method of performing tasks of a payment provider in a change return transaction, to computer programs and devices therefore.

Abstract translation: 本发明涉及一种在电子支付系统中将变更返还给付款人的方法。 支付者确定变更返回值，生成并且变更返回证书，并通过签署变更返回证书生成第一签名，并将包含第一签名的消息发送给收款人。 收款人将邮件转发给付款提供商。 支付提供者验证消息所指示的第一个信号和变化返回值，通过签署失明的变更保留证书来产生一个无效的第二个签名，并将这个被忽略的第二个签名转发给付款人。 付款人解除隐私并验证盲人的第二签名，并形成第二个付款证书。 本发明还涉及一种执行付款人的任务的方法和一种在改变返回交易中执行付款提供商的任务的方法，因此涉及计算机程序和装置。

公开(公告)号：WO2002073542A2

公开(公告)日：2002-09-19

申请号：PCT/EP2002/002320

申请日：2002-03-04

Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (publ) ,  SCHUBA, Marko ,  WRONA, Konrad ,  QUINET, Raphael

Inventor： SCHUBA, Marko ,  WRONA, Konrad ,  QUINET, Raphael

IPC: G07C

CPC classification number: H04L9/321 ,  H04L9/3231 ,  H04L2209/80

Abstract: A method for authentication of a user towards a unit (AR1) is described that uses unique biometric data of the user but avoids spreading of the sensitive biometric data. The method overcomes the problem of the lack of trustworthiness of a client (C1) operated by a user and the lack of trustworthinessof a unit (AR1) operate d by an institution offering services or goods introducing an authentication instance (AI1) operated by a third party that is trusted by both the user operating the client (C1) and the institution operating the unit. According to the invented method the responsability for the secure handling of the sensitive biometric data is taken from the institution operating the unit (AR1) requesting authentication and given to a trusted third party organization operating an authentication instance (AI1). The authentication instance (AI1) stores the sensitive biometric data and performs the authentication based on a pattern matching of a prestored pattern of biometric data and a pattern of biometric data recorded by the user.

Abstract translation: 描述了用户向单元（AR1）认证的方法，其使用用户的唯一生物测定数据，但是避免了敏感的生物特征数据的扩展。 该方法克服了由用户操作的客户端（C1）缺乏可信赖性以及由提供服务或提供由第三方操作的认证实例（AI1）的商品提供的单元（AR1）缺乏可信度的操作d的问题。 由操作客户端（C1）的用户和操作该单元的机构信任的一方。 根据本发明的方法，敏感生物特征数据的安全处理的责任是从操作单元（AR1）的机构请求认证，并给予操作认证实例（AI1）的受信任的第三方组织。 认证实例（AI1）存储敏感的生物统计数据，并且基于预先存储的生物特征数据模式和由用户记录的生物特征数据的模式的模式匹配来执行认证。