Authentication method using ephemeral and anonymous credentials

摘要

A user accesses an intermediary device, in communication with a restricted entity, requires a One Time Credential OTC and activates a mobile device previously registered, by the user, in an authentication entity, in order to generate a OTC, based on the information related to the user, to the restricted entity, to the mobile device and to the authentication entity, the OTC credential being then typed in the intermediary device and transmitted therefrom to the restricted entity and, from the latter, to the authentication entity, in which the OTC credential is decrypted and compared with the information related to the user, to the restricted entity, to the authentication entity and to the mobile device registered in the authentication entity, in order to generate an authentication result which is transmitted to the restricted entity, which will decide to accept or to reject the access of the user.