"AUTHENTICATION SYSTEM THROUGH SENDING OF 2D IMAGES"
The present invention refers to an authentication system through sending of 2D images, whose transaction signature in this scenario is the interpretation of the information captured from a 2D image and generation of an OTP (One Time Password) password based on this information that will be used for signing the transaction data.
DESCRIPTION OF THE PRIOR ART
Electronic transaction data are subject to third- party handling causing damages to system users. The security mechanisms currently used do not assure that the data of a transaction will not be altered or implemented ill-intentionally .
The 2D technology in cell phones for image data capture is not used for signing of electronic and bank transactions.
Currently, data are captured from images through the cell phone that has the 2D technology in place; however its use is limited to this. For the security of any electronic / bank transaction, by using transaction signature with this technology, is not met.
The greatest disadvantage and problem of what is currently used are the vulnerability and the risks to which electronic / bank transactions are exposed and also the lack of amenity to the user, upon using certain security devices adopted for particular institutions.
OBJECTIVE OF THE PRESENT INVENTION
The objectives of the present invention are achieved through an authentication system through sending of 2D images, which includes the stages of:
- primarily the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device; - the informed data are sent to a 2D image generation central unit and the received information is compacted and formatted;
- the formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop;
- the user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen; - the image is processed; the transaction data are shown on the mobile device's screen to be checked by the user;
- after user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve for authentication / signature of the transaction in question; and then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator, such that this password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
SUMMARIZED DESCRIPTION OF THE DESIGNS
The present invention will be, as follows, more succinctly described based on an example of execution represented in the designs. The figures show:
Figure 1 - a flow diagram of the system object of the present invention.
Figure 2 - a 2d image generation flow diagram of the system object of the present invention.
Figure 3 - a 2D image interpretation flow diagram of the system object of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
As it can be seen starting with figure 1, an authentication system through sending of 2D images, where primarily, the user provides the data for the desired transaction, such that these data are provided through an entry peripheral device, more precisely through a desktop.
The transaction data that the user informs are, for example: data of the account of destination of a bank transfer, such as branch number, account number, amount to be transferred.
The informed data are sent to a 2D image generation central unit. As it can be seen in figure 2, the received information is compacted and formatted. The formatted data are processed through a 2D image generator algorithm, such that this image will be readily exhibited to the user, through his desktop.
The user uses a mobile device that has a 2D barcode data capture software, which was previously installed in the customer's cell phone, which captures the 2D image presented on the screen. This image is processed; the transaction data are shown on the mobile device's screen to be checked by the user, as it can be seen in figure 3.
The mobile device is preferably a token, supplied by the institution that installed the authentication system through 2D images. After user confirmation, the 2D mobile device generates an OTP password by using the data contained in the image, which will serve 'for authentication / signature of the transaction in question.
Then, after customer confirmation, this password is passed to the system and will be sent to the OTP password validator. This password is checked and if everything is correct, a transaction implementation confirmation response is presented to the customer.
The advantage of this approach is that it is not necessary to enter with the data in the mobile device, since they are read through photography or video of 2D barcodes.
Another advantage is that if upon informing the data, any hacker or intruder in the network tries to modify the transaction data, let us say, to change the account of destination to a third party account, the signature OTP validation process in the server will be blocked and this offers a very huge security in financial transactions.
Obviously it will be noticed that while the aforementioned was described as form of illustrative example of this invention, all other modifications and variations done to this invention, in the manner that would be apparent to specialists in the technique, are considered within the broad scope and range of this invention according to the claims that follow.