Details Software & Training FAQ Contact Us


GATE [ Graphic Access Tabular Entry ]

An Interception-proof Authentication And Encryption System And Method

US Patent : 9,460,280

Videos   :
 


★ ★

★ ★ ★

  ^_^ !

Risk Roundup Interview

  The GATE System Defeats Peeking, Keylogging, Wiretapping, Phishing & Dictionary Attack Without The Restrictions Of Lowercase, Uppercase, Numbers & Special Characters !  
  In traditional password system, server authenticates user, yet with GATE, user also authenticates server, because the server has to know the user passcode in order to mix some user pins with  
  other symbols and generate tokens for the user to select, since phishing sites don't know user passcodes, they can't generate valid tokens, therefore phishing won't work on the GATE system !  
GATE won "Cybersecurity Innovation Award" at 2017 International Cyber Security and Intelligence Conference [ ICSIC ] on November 7th - 8th, 2017 in Toronto, Canada.


Traditional Password vs. GATE Passcode System
Traditional Password SystemGATE Passcode System

How To Enter GATE Passcode
[1] If All User Pins Are In The Table [2] If Some User Pins Are Not In The Table

After user entered User_Id, the server retrieves user passcode.
In the example above, user passcode is : Ⓘ ♥ 2 ✉

There are 3 x 3 = 9 tokens generated by the server in the above table.
Each token is a button that contains 4 symbols, user can click on any part of the
token/button to select and enter that token.

User followed the order of his pins [ Ⓘ ♥ 2 ✉ ] in the passcode and entered the
tokens that contain his pins.

The GATE system hides user pins among other symbols to obscure passcode.
The advantage of the GATE system is : even if the communication is intercepted
by a hacker, user pins are not obviously exposed.

But if all the user pins always appear in the tokens tables above, then the hacker
will eventually figure out what the user pins are, because "Ⓘ" always show up in
the first token user enter, "♥" always show up in the 2nd token user enter, "2"
always appear in the 3rd token, and so on.

Therefore, GATE introduced a missing pin concept, see example on the right side.

After user entered User_Id, the server retrieves user passcode.
In the example above, user passcode is still : Ⓘ ♥ 2 ✉

The tokens table can have 3 x 3 = 9 or 4 x 4 = 16 tokens generated by the server.
Table size is adjustable on the server.

User follows the order of his pins [ Ⓘ ♥ 2 ✉ ] in the passcode to enter the tokens.

In this example, "Ⓘ" and "2" are in the tokens table, but "♥" and "✉" are missing
from the tokens table above. In this case, when a pin is missing from the table,
user can and must enter a wilecard/random token in place of that missing pin.

The wildcard/random token can be any of the 9 tokens in the tokens table. This is
a safety feature, so even if the traffic is intercepted by a hacker, it's very hard to
figure out which symbol is a user pin, which is not a user pin.

The system can set the min. number of user pins to appear in the tokens table, but
at least one user pin will definitely appear, sometimes all user pins may be in the
tokens table.

When a user pin is in the table, user must select the token that has that user pin.

How To Register GATE Passcode

The Symbols That Form User Passcode In GATE Are Customizable

Benefits  Of  The  GATE  System  And  Method : Defeat Peeking, Wiretapping, Keylogging, Phishing & Dictionary Attack
Threats / DifficultiesTraditional PasswordGATE Passcode
Phishing scams over the network   Users can easily fall prey to phishing scams as most users don't know which is real and which is fake.   Won't happen, because in order to get a user to select tokens to enter passcode, the source needs to generate the tokens first according to that user's passcode, and without that knowledge, the tokens can't be generated to start with.
Camcorder recording the login session   Easily done at a far distance or with hidden cameras and users may never notice.   Won't disclose passcode even after repeated recording because the passcode pins are hidden among the symbols in the selected tokens and some of the pins may never show up.
Wiretapping / Keylogging to intercept the communication   Can be intercepted and seen.   Interception proof. Because even when intercepted the passcode is among the symbols in the selected tokens and no clear passcode is shown. Besides, the intercepted tokens may not even contain some of the pins in the passcode.
Peeking over the shoulder   Can be seen and stolen.   Peek proof, can even be seen multiple times, the passcode is not clearly shown.
Restrictions of lowercase, uppercase, numbers and special characters   Hard to remember.   Using Unicode symbols already in the operating system, easily select and remember meaningful symbols.


Bye-bye "Open Sesame", hello "GATE" !   Be a few steps ahead of the hackers. ^_^


You can now try the demo software first, absolutely free !


You Can Start In Just 2 Simple Steps :

<1>Fill out a form and contact us
<2>Register for a training session and learn the GATE system


 Commission Based Marketing & Sales Agents Welcome   ^_^   ! 

  Licensing, sample software, and comprehensive training available, contact for details.  


Details Software & Training FAQ Contact Us

View Min [ Frank ] Ni's profile on LinkedIn