WO2005086559A2 - System and method for identity verification by dynamic codifier interface - Google Patents

Abstract

The present invention comprises a group of interrelated elements for identity verification and secure access to resources of a server by an user. In this system, the password never goes out of the user's memory and becomes random/mutant through a mental codification assisted by an interface of password entrance. This Dynamic Codifier Interface comprises at least two special keyboards: the Dynamic and referential Compound Keyboard, which is utilized as reference to the personal password entrance ad the Dynamic Positional Keyboard, which is the keyboard where the password is entered. Thus, the password is never entered neither resides in the custouner computer; neither is transmitted to the server. These characteristics confer to the processes absolute security as in the external level as in the internal one.

Description

"SYSTEM AND METHOD FOR IDENTITY VERIFICATION BY DINAMIC CODIFIER INTERFACE"

FIELD OF THE INVENTION The present invention relates to a system and a method for user's authentication to access and/or to set machines, devices, computers, microprocessors and correlated systems.

BACKGROUND OF THE INVENTION Various systems are known for conducting electronic transactions in a more or less secure manner over a telecommunications link or the like. One well known system is known as electronic funds transfer at point-of-sale (EFTPOS), in which a user is issued with a credit or debit card bearing a unique identification number, usually embossed on the card in human-readable form and also encoded on a machine-readable magnetic strip on the reverse of the card. For further identification purposes, the card typically includes a space for a user permanently to include his signature. In use, the user presents the debit or credit card to a store employee. The card is then swiped through a card reader, and information relating to the identity of the card, the identity of the retail store and the value of the goods or services being purchases is transmitted by way of a telephone connection to a remote computer server operated by the card issuer (normally a bank or suchlike). The remote computer server checks that the user's card account contains sufficient funds or credit to cover the proposed transaction, checks that the user's card account is currently operational (for example, to check that the card has not been reported stolen), and then issues a confirmation signal back to the card reader to indicate that the transaction may be authorized. The store employee must then obtain a specimen of the user's signature and compare this with the signature on the reverse of the card so as to check the identity of the user. This system is open to fraudulent abuse, since it is possible for a card to be stolen or cloned and for a thief to forge the signature of an authorized user. In a development of this system, a card user may be issued with a personal identification number (PIN), which is theoretically known only to the user and to the card issuer. Instead of providing a specimen of his or her signature at the point-of-sale, the card user is required to enter his or her PIN into the card reader, and this information is transmitted to the remote computer server together with the card and retail store identification data and data regarding the value of the transaction. By providing an extra identification check by way of the PIN, this system helps to prevent fraud by forgery of signatures, but is still not completely secure because the PIN does not change between transactions, and may therefore be intercepted together with card identification data when being transmitted between the card reader and the remote server. Furthermore, it is possible for a thief to observe, to record or to film a user entering his or her PIN into a card reader. If the thief is also able to obtain card identification details, it is a simple matter to produce a fake card including all the appropriate identification information for later fraudulent use. A number of other attempts to solve the problem of identity verification are currently available and include Public Key Infrastructure (PKI), SMART Cards and biometrics. A Public Key Infrastructure is a combination of hardware and software wherein each user has a public key and a private key. The RSA public-key cryptosystem is the most popular form of public-key cryptography. This technology has used tokens, which are small portable microprocessors in key shape that shows the password of user's authentication in a LCD display. This password changes each 60 seconds, using a symmetrical key of 64 bits together to an algorithm that generates random numbers. The password is composed by the PIN, a fixed password and the tokencode, forming the passcode or code of access. The level of security is higher than systems conventionally used, since the tokencode of each user is mutant, i.e., to each minute it acquires a distinct numerical value. In order to the system functions, it is necessary to install a computer program in the personal computer or in each one of the computers of a local net, for example. The crucial point then is, in first place, that it has a time synchrony between the considered key and the manager accountant relative to the program, once each time that a new tokencode is generated in the key, one tokencode identical must be generated in the computer or the computers, for example, of a local net. Despite the high level of security, the PKI approach is only applicable for Internet or other transactions that use a computer because the complexity of the software at the users' end of the transaction requires significant computing resources. Additionally, it requires that the user carries the token to do the access and the authentication ritual must be done without the presence of any spy systems. Smart Cards are cards that have a microchip embedded within the card which enables personal details about the cardholder to be stored securely on the card, which can then be used to verify the identity of the person using the card. However, few Smart Card systems address the problem of "card not present" fraud such as e-commerce, m- commerce, interactive TV and telephone order. Similarly, any Smart Card can be copied and can subsequently be used fraudulently in card not present situations. The Biometric systems can use fingerprints, voice recognition, retinal scans or tissue samples to positively identify the cardholder. In the truth, it had a time where it was believed that the biometry could completely solve the pertinent questions to the security of computational systems and residences, companies, areas of restricted access, as certain types of laboratories, amongst other environments. However, all established technology can be overcame through certain artifices, like the substitution of corporal parts by prostheses. Moreover, one anatomical characteristic can be used to distinguish people if it can show a personal pattern. The problem, therefore, is inherent to the principle that guides the development of these technologies. From the moment that it has a particular pattern, it is necessary to be digitalized and used as standard in the process of user authentication. As this pattern is constant, it can be captured illegally and can be used in order to get contraventional access. Therefore, the constancy is the biggest conceptual impediment of the security involving biometric systems. Furthermore, these systems would require complex and costly equipment at the point of sale and would not provide any protection against fraud in card not present situations. This quarrel can be extended for other based types of personal identification in not anatomical elements, as genetic patterns, physiological standards, amongst other possible ones. Additionally, these biometric systems require complex and expensive devices and don't provide any protection against fraudulent situations where the card is not present. These technologies constitute in an overview of what have been made for access to nets and/or personal computers, show some imperfections of security inherent to its conceptions. The fact is that all they depend on, at the moment of the entrance of the password, the user is alone, i.e., that no observer or camera is present in the same place. This is necessary because a spy or a thief can discover the password used in the instant where the user will be executing the access rite. Almost all these systems fail to provide secure systems or require so higher investments that block the wide dissemination of technology. Among the mistakes, one of the biggest problems about current systems is the constancy of the personal identification number. Although it is easier to memorize, the constant passwords are also more sensible to spying. Another big disadvantage is that, in the most common systems, the password entrance is done through keys pressing or character clicking. Thus, these systems depend that, at the moment the password is entered, the user must be alone, i.e., that none observer or camera are present at the same place. This is necessary because a thief or spy could discover the password observing the user in the authentication process. Additionally, the password is transmitted between, not only computers in a local net, but also through the internet. Thus, to guarantee the password security, for example, against spy programs, these systems must utilize cryptography codes or sophisticated mechanisms of protection, which try to avoid interceptions as much in the external level such as in the internal one. The external level is represented by the external techniques of espionage to internal electronic circuits of one or more computers and diverse devices, as well as through the interception of telecommunications signals between computers, nets, equipment and microprocessors, like telephones and devices which operate transactions of automatic debit in banking account and payments with credit cards. The internal level is characterized by the internal techniques of espionage to the electronic circuits of one or more computers and diverse devices (telephones, microprocessed devices, amongst others), as well as through interceptions of telecommunications signals, once they are mediated by programs (softwares), specific devices of espionage (hardwares), interconnection devices of keyboard endowed with memory, amongst others. The capacity of crackers is excellent to develop programs, as for example, virus and Trojans horses, to break the security of systems and get passwords improperly, with intention to carry through illegal transactions in the internet. Another kind of illegal technique very used is the sites cloned for the appropriation of passwords and personal data. Moreover, it is not difficult to a cracker to have illegal access to the data of memory of an attacked computer. The existing systems in the state of the art are not capable to protect passwords and certain personal data of the attack by a cracker neither by traditional espionage (occult chambers, spy visual comment, amongst others). The system and method of the present invention are capable to protect users of attack of spies of internal and external level, by traditional and virtual methods. The system differs from the state of the art because the password never goes out of the memory of the user. The fixed password becomes random/mutant through a mental codification assisted by an interface of password entrance. In this way, although clearly identifiable for the user, the password will be inaccessible for a third person. In this system, the personal password is never entered in the customer computer.

The password code entered is, in truth, a mental codification system product that is executed by the user which is helped by a Dynamic Codifier Interface. This interface presents, at the same instant, at least two special keyboards: the Dynamic and Referential Compound Keyboard, which is utilized as reference to the personal password entrance ad the Dynamic Positional Keyboard, which is the keyboard where the password is entered. To enter the password, the user identifies, between the different characters of the Dynamic and Referential Compound Keyboard, that ones which correspond to the characters of her or his personal password. Once identified, the characters of the personal password are entered through the Dynamic Positional Keyboard. Thus, the password is never entered neither reside in the customer computer; neither is transmitted to the server. This is possible, mainly for the reasons that: 1) the Dynamic and Referential Compound Keyboard is dynamic because it is recombined each time the user requires the access; 2) the Dynamic Positional Keyboard don't shows characters that can be seen and e 3) the password characters are entered in the Dynamic Positional Keyboard as they are positioned in the Dynamic and Referential Compound Keyboard. Therefore the notorious characteristics obtained by this invention are: (a) the authentication process can the public and even if thousand of persons could observe step by step the user in the authentication process, they would not obtain any information which qualify them to simulate the user's steps; (b) in the case of spy program monitoring, as Trojans horses, all the information that can be obtained in the customer computer would be the Expect Code, but, once it is mutant, this code could not be used to validate a subsequent illegal authentication process; (c) by the same way, only the Expected Code could be obtained in the cases of monitoring and intercepting the authentication information through the line transmission; (d) the user authentication process is absolutely secure because the personal password is just processed at the server level, being never sent to others computers or any devices; (e) the Dynamic and Referential Compound Keyboard or the Dynamic Positional Keyboard can be recombined each user's requests and (f) all information changed between the customer and the server can, additionally, be done through secure environment with digitals certified and/or cryptography systems. These characteristics confer to the processes absolute security as in the external level as in the internal one.

BRIEF SUMMARY OF THE INVENTION The present invention solves the problems about password security, using a peculiar system which combines security and simplicity. The invention comprises a system and method of authentication for secure access to resources of a server by an user, wherein the user has a password to access the server; the server can access a database which contain information about users and passwords and it can send, replaying to the user requests, a Dynamic Codifϊer Interface; wherein the user enters the password in the dynamic positional keyboard and send it to the server; and wherein the server, from the Dynamic Codifier Interface sent to the user, simulates the personal password entrance and obtains the exact expected code, compares if the expected code sent by the user and the exact expected code obtained are the same and allows the user access if the answer is positive. It is another object of the present invention to provide a Dynamic Codifier Interface which comprises at least a Dynamic and Referential Compound Keyboard and preferentially also a Dynamic Positional Keyboard and an entrance for reading/writing information to identify the user. It is still another object of the present invention to provide an apparatus which presents the Dynamic Codifier Interface, the Dynamic and Referential Compound Keyboard and/or the Dynamic Positional Keyboard. It is yet another object of the present invention to provide software for use in a system for securely accessing a server which includes a data processing center software component that can reside on the data processing center and is capable of responding to a request initiated by the user submission to access, generating to the input terminal at least a dynamic codifier interface and is capable of comparing the submitted expected code to the exact expect code produced by simulating user codification based on recorded personal password and is capable to determine whether or not the submitted expected code matches the recorded personal password; (b) an input terminal software component that can reside on the input terminal and is capable of securely transmitting the at least one submitted expected code from the entrance for reading/writing information to identify the user to the data processing center and is capable of receiving the determination by the data processing center as to whether or not the submitted expected code matches the recorded personal password.

BRIEF DESCRIPTION OF THE DRAWINGS

Figure 1: Dynamic Codifier Interface. 1) Dynamic and Referential Compound Keyboard; 2) Super-key; 3) Infra-key and 4) Dynamic Positional Keyboard.

Figure 2: System wherein point A access resources at point B. Figure 3: Dynamic Codifier Interface comprised by: 1) personal identification (login); 2) Dynamic and Referential Compound Keyboard and 3) Dynamic Positional Keyboard.

Figure 4: Dynamic Codifier Interface to banking accesses through the internet.

Figure 5: Numerical Dynamic Codifier Interface wherein the super-keys show the PIN- FONE pattern. A) Dynamic and Referential Compound Keyboard; B) Dynamic Positional Keyboard.

Figure 6: Numerical Dynamic Codifier Interface wherein the super-keys have the conventional pattern of computer keyboards.

Figure 7: Numerical Dynamic Codifier Interface with random disposal. Figure 8: Dynamic Codifier Interface comprised by numerical and colored characters.

Figure 9: Dynamic Codifier Interface which shows 3 character classes: the super-keys are classified in 1) letters and 2) colors, while the infra-keys are classified in 3) numbers. Figure 10: Dynamic Codifier Interface wherein the character classes are numbers and colors in the super-keys and numbers in the infra-keys. Figure 11: Another example of Dynamic Codifier Interface wherein the character classes are numbers and colors in the super-keys and numbers in the infra- keys.

Figure 12: Dynamic Codifier Interface wherein the character classes are words and colors in the super-keys and numbers in the infra-keys. Figure 13: Dynamic Codifier Interface comprised by numerical and colored characters in the super-keys and hyper-keys. Figure 14: Dynamic Codifier Interface with multiple architecture, wherein 1) shows the linear Dynamic and Referential Compound Keyboard, 2) vertical frame, 3) linear super-key and 4) super-keys additional indicator in letters. Figure 15: Dynamic Codifier Interface with multiple architecture, wherein 1) shows the button that moves the frame to the left side, 2) button that moves the frame to the right side and 3) ENTER button.

Figure 16: Cellular device which presents a Dynamic Codifier Interface integrally visible. Figure 17: Cellular device which has a small display and presents a Dynamic Codifier Interface partially visible. It also presents buttons to vertically move the frame to 1) up and 2) down.

DETAILED DESCRIPTIONN OF THE PREFERRED EMBODIMENT The object of the present invention is a system endowed with an Dynamic Codifier Interface (Figure 1) which is, basically, constituted by a Dynamic and Referential Compound Keyboard (Figure 1, element 1) and a Dynamic Positional Keyboard (Figure 1, element 4). The last ones are manipulated in two distinct levels, one in the point A (or user) and other in point B (or server). The invention operates according to a general project characterized for point A to intend to have access to resources of point B, since that it has a permission determined for point B. The point B generates a Dynamic and Referential Compound Keyboard and a Dynamic Positional Keyboard and submits them to the point A, which must react generating the Expected Code that, in turn, is submitted to point B. The point B recalls the user password, simulates the user's codification process, gets the Exact Expected Code and compares it with the Expected Code sent by the point A. If they are coincident, point B allows to the access the resource intended for the point A (Figure 2). It demonstrates that point B presents capacity of computational processing, but does not define that this needs to be a conventional computer. Point B can be the center of processing or microcontroller of any machine, for example, a robot or an automobile. It also can be a conventional computer, a local server of net or Internet, a notebook, a desktop, a palmtop, a Smartcard, a cellular phone, amongst other possibilities. The main characteristic of point B is that it has access to the intended resources, to the cadastre of users and their passwords as well as capacity to generate Dynamic and Referential Compound Keyboards and/or Dynamic Positional Keyboards. Another characteristic is that point B can be changed into point A and vice versa, in a process of mutual communication. The point A represents a device where one user, who can be a machine solicitation (machine as using), reacts to the interface of authentication commanded for point B. So, the point A can be comprised by a computer or an interface of any machine (a robot, for example) and point B can be internally located in relation to this machine. The point A can be in remote position and the communication signals can be, for example, of radio-frequency, ultrasound, luminous frequency, digital, electronic, telephonic systems, modem, other systems of remote transmission or any cable systems. In a preferred embodiment, the invent presented is a system of authentication of an user endowed with Dynamic Codifier Interface (Figure 3) which is constituted of at least one personal identification, also called login, a Dynamic and Referential Compound Keyboard and a Dynamic Positional Keyboard, that are manipulated in two distinct levels, one in the Customer computer (point A or CPU A) and another one in the Server (point B or CPU B). When one user through a Customer computer requests access to a resource of the Server, it generates an unknown combination in both the cited keyboards. After what, the Server sends to the Customer computer the identification field of user, the Dynamic and Referential Compound Keyboard and the Dynamic Positional Keyboard. Thus, the user reacts introducing its login and codifying its password using the special keyboards. The codification process generates the Expected Code. This information is sent to the Server, which identifies the user, rescues its password and simulates the codification using the special keyboards with the same combinations submitted to the using computer, getting then the Exact Expected Code. After that, the Server compares this code with the received one from the user, in case to be coincided, the Server authorizes the requested resource, in contrary case, it presents a negation message. The field of entrance of login must be interpreted as the information necessary to identify a user. The entrance of the user information can be given through a specific field, through optic, magnetic, biometric readers or any another form of data entrance that identifies the user. Thus, a login of bank for the Internet, for example, is composed by a code of bank agency and an account number (Figure 4). The Dynamic and Referential Compound Keyboard (Figure 1, element 1) is called compound because presents Super-keys (Figure 1, element 2) that in turn presents an internal keyboard (or infra-keyboard) constituted by infra-keys (Figure 1, element 3).

The infra-keys of each infra-keyboard will have equivalence in the number and in the character classes when compared to the infra-keys of others infra-keyboards. The Dynamic and Referential Compound Keyboard is called referential because anytime its super or infra-keys are touched. The keys of this keyboard are only a positional reference to guide the codification process. This keyboard is also called dynamic because at each access request, the server presents a recombined keyboard, i.e., the characters are randomly redistributed in the infra-keys of each infra-keyboard. The recombination occurs, preferentially, in such way that the infra-keyboards are indexed, resulting that the characters of the infra-keys of each infra-keyboard are never the same in the same position. The recombination, in other hand, can be random without any indexed recombination. Thus, the own random system guarantee the security as to that, it would be almost impossible that the same character appear in the same position in all infra-keyboards. Optionally, the keyboards recombination can occur not only each time the user requests the access, but also at each character of the password entered. The Dynamic and Referential Compound Keyboard can acquire two basics structures: can be presented in a dedicated device or can be presented in any screen which has others functions like, for example, a computer monitor, a LCD display, or any other visual device. The Dynamic Positional Keyboard (Figure 1, element 4) comprises an element which has architecture of keys identical to the architecture of the infra-keys of Dynamic and Referential Compound Keyboard. Nevertheless, in a preferred embodiment of the invention, the characters of each key cannot be seen in this keyboard. This keyboard is used to the password code entrance, i.e., it is in the truth, the keyboard. The Dynamic Positional Keyboard presents 3 possible constitutions. In the first one, it comprises a real keyboard with a general architecture similar or identical to each super-key. They differ only because the keys of the Dynamic Positional Keyboard don't show any character that can be seen. In another constitution, the keyboard presents characters, but they are not considered in the codification process. In this constitution, the user ignores the characters that he or she sees and utilizes only the architecture keyboard, i.e., the disposals of the keys into the keyboard. In the third constitution, the keyboard is presented in any screen, dedicated or not dedicated, like computer monitor, LCD display, among others. In this case, a device such as a mouse or a touch screen can be used to enter the user data. In a preferred embodiment of the invention, to each access of an user, both the keyboards have its keys recombined in order to generate new disposals. These disposals can be considered unknown, once the universe of recombination possibilities is very bigger that the number of accesses that each user could make during its life. By this way, a spy or thief who has registered the static disposal of the Dynamic and Referential Compound Keyboard, the infra-keyboard keys pressured in the Dynamic Positional Keyboard and the order of pressing process, could not have the chance to find the same disposal and simulate the attitudes of the user. Such fact is possible because the determination of the distribution of the characters in the Dynamic and Referential Compound Keyboard is determined not by the users, but by the Server. Moreover, the Server can have a database that registers the interfaces already used by each user, guaranteeing that, to each new solicitation of access, a new interface is generated. The generation of random disposals of the Dynamic and Referential Compound

Keyboard by the server (or CPU B) can occur in distinct ways. One of them consists of a database composed by static disposals pre-elaborated by specific program (software), and therefore, ready static conformations so that CPU B can use them. Thus, the server does not need to process in the instant of the solicitation coming from the customer computer (or CPU A), it is enough that the server has rescued in the database the numerical groupings of each infra-keyboard to built a static conformation. Another variation consists of CPU B to store a mini program, for example, in applets (Java), to be sent to the CPU solicitors of resources. Such mini program has the function to run in the CPU solicitor, generating a static conformation of a random Dynamic and Referential Compound Keyboard. This alternative is valid to delegate to the CPU solicitors, processing of draws for the generation of static conformations, saving CPU B of this work. These processes are also valid to generate static conformations of Dynamic Positional Keyboards. In another preferred embodiment of the invention, an only CPU can be responsible for the tasks attributed to the CPU A and B, like in the controlling access to restricted rooms and environments, drive of automobiles, amongst other possibilities. The Interface Dynamic Coder which, in a preferred form, is mounted in the server, it is composed of, at least, a static conformation of Dynamic and Referential Compound Keyboard and, preferentially, an entrance for the user identification (login). That is rank, since the system can be operating with a not virtual and not dedicated Dynamic Positional Keyboard. It can also operate with a dedicated, however fixed keyboard, i.e., that it is not recombined to each authentication requests. Thus, the user enter with its login and use the Dynamic and Referential Compound Keyboard as reference to guide it in the process to determine the sequence of keys to be pressured in not virtual Dynamic Positional Keyboard. Alternatively, considering the best mode, the interface presents a Dynamic and Referential Compound Keyboard, an entrance for login, a virtual or real Dynamic Positional Keyboard, and a field, where, to each pressed key of the Dynamic Positional Keyboard, a character is shown, as for example, an asterisk (Figure 3). The operation and the architecture of the Dynamic Codifier Interface and the characters used can be varied. The codification can be effected of distinct forms, using one or more passwords, with at least one character. The characters can be selected between varied classes, being able to be numerical, alphanumerical, figures, letters and words, endowed with color, tones, sounds or any other symbols. What it matters, considering the best way, it is that it exists a definite architecture of keyboard keys and characters, and that this architecture is repeated in, at least, each infra-keyboard. The invention is particularly applicable to, but not restricted, situations where it is desired to have secure access to personal data, data of a base, environments, vehicles of transport, banking information or to allow completion of a transaction such as:

■ control of traffic of information in relation customer-server in local nets;

■ control of traffic of information in relation customer-server in Internet; ^■ control of traffic of information in the relation microprocessed device and computer;

^■ control of drive of machines and devices;

^■ control the environment and rooms of restricted use;

^■ control of access to exchange of information between machines and devices (for example, communication between board computer of an aircraft with one another aircraft);

■ control of exchange of information between computers;

^■ control of drive of computer for human user;

^■ control of access to the BIOS (Basic Input Output System) of computer; ^■ logόft in similar computers and equipment and machines; and

^■ logon in diverse computer networks, a Domain, for example. The relation of cited areas above demonstrates the vast potential use of the present invention, that aims to, over all, become safer the interactions that involve machines, devices, human beings, devices, amongst others, through a singular, economic and high efficiency way. The present invention is further illustrated by the following examples with can better illustrate the operation mode and the codification process. These examples are provided to aid in the understanding of the invention and are not construed as a limitation thereof. EXAMPLES

EXAMPLE 1 - System wherein the class of the password characters are equivalent to the class of the super-keys characters. In the cases that, the class of the password characters are identical to the class of the super-keys characters, the codification process can be simple or compound. In the simple process, the codification rules are based in the fact that each password character corresponds to a super-key and an infra-key in the Dynamic and Referential Compound Keyboard. In the cases of numerical class of characters, each infra-keyboard presents the same group of characters presented by the super-keys, for example, from 0 to 9. The digits from 0 to 9 are randomly distributed in the surfaces of each super-key and infra- key. The distribution is, preferably, indexed to each infra-keyboard, which means that for the same relative position into each infra-keyboard, there will be distinct characters. A user, by way of example, has as a personal identification code the login "user" and the password "420974". The login "user" can be entered conventionally in a traditional keyboard. The password, memorized by the user, will be used as a mental reference to the codification process, i.e., the user thinks about the first password digit (number 4), visualizes the super-key 4 (which corresponds to the first digit) in the Dynamic and Referential Compound Keyboard, localizes the position occupied by the digit 4 into this infra-key and press or click in the Dynamic Positional Keyboard at the same position. Considering the static configuration presented by Figure 5 (element A), the user would press/click the eighth key (from the top to the bottom, from the left to the right side) in the Dynamic Positional Keyboard (Figure 5, element B). This first entered position would correspond to the first Expected Code digit and if the characters of the Dynamic Positional Keyboard have the PIN-FONE pattern, the character stored by this entered position would be 8. After that, the user thinks about the next password digit, in this example, the number 2. Following the rules, the user localizes the super-key 2 and the digit 2 into this infra-keyboard, obtaining next Expected Code digit, the number 2. Repeating the process to each subsequent password digits, the Expected Code obtained would be "828248" (in the case where the Dynamic Positional Keyboard has the PIN- FONE pattern). In the compound system, the codification rules require that the user memorizes two passwords, the first corresponds to the super-keys and the second is related to the infra-keys. Thus, considering the passwords "5125" to the super-keys and "3427" to the infra-keys, and the static interface presented by Figure 5 (element A), the codification process would be done according to the following steps:

^■ Step one: localizing the super-key 5 (first digit of the first password); ^■ Step two: localizing, into the super-key 5, the digit 3 (first digit of the second password); ■ Step three: pressing or clicking, in the Dynamic Positional Keyboard, the position which corresponds to that digit position visualized at step two; ■ Step four: localizing the super-key 1 (second digit of the first password); ^■ Step five: localizing, into the super-key 1, the digit 4 (second digit of the second password); ^■ Step six: pressing or clicking, in the Dynamic Positional Keyboard, the position which corresponds to that digit position visualized at step five; The codification process continues successively until all the passwords digits had been visualized at Dynamic and Referential Compound Keyboard and entered at Dynamic Positional Keyboard, obtaining, in a PIN-FONE pattern, the Expected Code "1122". By this way, the user had pressed or clicked in the Dynamic Positional Keyboard twice in the first key (from the top to the bottom, from the left to the right side) and twice in the second key (Figure 5, element B). As the characters can vary from 0 to 9 at each position in the keyboard, a spy or thief would have so many doubts that, he or she would not be able to get the user's password. That is why the process can be considered to use a public-individual principle, i.e., although the personal password is secret, the codification process in the customer computer and the data transmissions can be publics. Furthermore, because it is mutant, the Expected Code can be used as public key in cryptographic systems. The Figures 5 to 7 present keyboards and infra-keyboards configurations with numerical characters varying from 0 to 9. Notwithstanding, any others group numbers can be used, with different pattern of character distribution, as the PIN-FONE pattern, which has numbers beginning with, from the left to the right, from the top to the bottom, 1, followed by 2, 3, 4, 5, 6, 7, 8, 9 and 0. The character distribution also can occurs in a conventional computer keyboard pattern (7, 8, 9, 4, 5, 6, 1, 2, 3 and 0), any other distribution pattern, or yet in a randomly disposition (Figure 7).

EXAMPLE 2 - Mixed systems wherein the passwords correspond to a combination of two characters classes. In this system, there is a combination of two characters classes and the user memorizes two password sequences which will codify his or her access. The Figure 8 presents one example of a Dynamic Codifier Interface which the characters are numbers and colors. If the first password memorized by the user was green, yellow, orange and gray and the second was "2379", the proceedings to the user access would be:

^■ First step: visualizing the green keyboard (first character of the first password); ^■ Second step: localizing, into the green keyboard, the digit 2 (first digit of the second password). In the Figure 8, the digit 2 is seen at column 1, second position; ^■ Third step: pressing or clicking, in the Dynamic Positional Keyboard, the position which corresponds to that character position visualized in the second step; ^■ Fourth step: visualizing the yellow keyboard; ^■ Fifth step: localizing, into the yellow keyboard, the digit 3; ^■ Sixth step: pressing or clicking, in the Dynamic Positional Keyboard, the position which corresponds to that character position visualized in the sixth step; The further steps follow the same codification rule, obtaining the Expected Code "4337", if a Dynamic Positional Keyboard with a PIN-FONE pattern is utilized.

EXAMPLE 3 - Mixed systems with three or more characters classes.

EXAMPLE 3.1 - Systems with three or more characters classes wherein only two of them are used in the codification process. According to other embodiment of the present invention, the Dynamic Codifier Interface presents three or more characters classes, but only two classes are used in the codification process. The Figure 9 shows 3 characters classes: the super-keys are classified in 1) letters and 2) colors, while the infra-keys are classified in 3) numbers. In the Figures 10 and 11 the classes are numbers and colors to the super-keys and numbers to the infra-keys. In the Figure 12 the classes are words and colors to the super-keys and numbers to the infra-keys. Many others combinations involving different characters classes are possible. Thus, to compose its password, the user can choose two of classes presented by the Dynamic Codifier Interface. Once the password is memorized by the user, the codification process follows the rules described to the previous examples. EXAMPLE 3.2 - Hyper-keyboards Systems. In another embodiment of the invention, the Dynamic Codifier Interface shows a static configuration with Hyper-keyboards. The element C, in the Figure 13, is a Dynamic and Referential Compound Keyboard wherein each super-key presents an infra-keyboard with classified infra-keys. This classification occurs in the following manner: all the first infra-keys (from the left to the right, from the top to the bottom) are related by the yellow color and form the Hyper-keyboard 1; all the second infra-keys, orange, form the Hyper-keyboard 2; the third blue ones form the Hyper-keyboard and so on, until to the tenth infra-keys which are gray and form the Hyper-keyboard 10. The Dynamic Positional Keyboard architecture is identical to each super-key, following the same color classification pattern. In this configuration, the super-keys do not necessarily have a character class. It occurs by the reason that the user can choose the infra-keyboard according to the hyper- keyboard (in this example, through the colors). Thus, in the case of a first password related to the Hyper-keyboard be "4587" and the second password be "3208", the user will utilizes the Hyper-keyboard 4 (brown) and will observe that the super-key which corresponds to the first digit of the second password (digit 3) is the super-key J. So, the user should press the inferior key in the Dynamic Positional Keyboard. Considering that the distribution of this keyboard corresponds to the PIN-FONE pattern, the pressed key would produce the number 0 and it would be the first character of the Expected Code. The next Hyper-keyboard is 5 and the next password digit is 2, therefore the corresponding super-key is H and the key pressed in the Dynamic Positional Keyboard will produce a digit 8, corresponding to the second character of the Expected Code. Following the rule, the Hyper-keyboard 8 and the password digit 0, shows the super-key C and produces the digit 3 in the Expected Code. The subsequent are the Hyper-keyboard 7 and the password digit 8, generating the super-key B, and the Expected Code digit 2.

EXAMPLE 3.3 - Multiple Architectures Systems. The Dynamic and Referential Compound Keyboard and its super-keys, as well the Dynamic Positional Keyboard, can be presented in distinct architectures. The Figure

14 shows a Dynamic and Referential Compound Keyboard which has linear super-keys

(element 3). In a preferred embodiment, each line has a different color and can be, simultaneously, indicated by a character, for example by letters (element 4). The letter A corresponds to the line A, the letter B, to the line B and so on, until the letter J, in the line J. In this figure, the matrix which produces the character calculation in the Dynamic and Referential Compound Keyboards can-be seen. In this system each linear super-key shows a distribution of, for example, numbers from 0 to 9. In a ideally embodiment, there is no character repetition into each line. By the same way, the character repetition into the columns does not occur. Thus, in the Figure 14, the first column presents the characters, from the top to the bottom, 8, 2, 0, 9, 4, 7, 1, 5, 6 and 3. This example shows the same number of characters and lines, which are 10. But the keyboard can also contain 2, 3, 4, 5, 6, 7, 8, 9 or more linear super-keys and characters of any other class like alpha-numeric digits, letters and words, among others. The Dynamic Positional Keyboard (Figure 14, element 1) is linear such as the super-keys. The dark rectangle (element 2), also called frame, makes the visibility easier. Thus, each time the user looks for the password digits, he or she can stop, e.g., the mouse above the Dynamic Positional Keyboard button and the frame will evidence the digits of the corresponded column in the Dynamic and Referential Compound Keyboard. If the user has the password sequence for the super-keys equal to "FEAC" and the second password equal to "4397", he or she should, firstly, look for the super-key F. (see figure 14). h this super-key, he or she visualizes the position of the first password digit, in this case the number 4. So, he or she presses the third key, from the left to the right side, in the linear Dynamic Positional Keyboard (element 1) and, considering that the distribution of digits in the Dynamic Positional Keyboard corresponds to the pattern 0, 1, 2, 3, 4, 5, 6, 7, 8 and 9, the key pressed would be 2, and it would be the first digit of the Expected Code. The next super-key is E, then the user will press the eighth key in the Dynamic Positional Keyboard and the second digit of the Expected Code would be 7. By the same way, the super-key A and its corresponded digit 9, would produces the pressing of the fourth key in the Dynamic Positional Keyboard whose digit corresponds to 3. And at last, there will be the super-key C and its password digit 7, corresponding to the fourth digit in the Dynamic Positional Keyboard line, producing the last digit in the Expected Code, which in the final would be "2733". The Figure 15 indicates an example wherein it is essential that the vertical frame, or at least an indicator, does evidence the matrix column. Thus, the frame can be moved to the left and to the right side utilizing the respective buttons (Figure 15, elements 1 and 2). The difference in this case is that, when the frame is positioned above the column which have the password digit required, the ENTER button (element 3) is pressed. After that and according to the frame position, the digit which corresponds to the pressed column remains recorded as the first digit of the Expected Code. It is possible to conclude that this architecture is useful to devices which have small displays; for example, mobile phones illustrated by the figures 16 e 17, which show compacted Dynamic Codifier Interface. The Figure 16 shows a device which has a very small, such that the Dynamic Codifier Interface cannot be seen integrally. Thus, the buttons that move the frame to up (element 1) and down (element 2) are presented. These systems also can have a endowed program which make that conventional keys do operate as vertical, horizontal and enter keys. Alternatively, the PIN-FONE keys can be used as the Dynamic Positional Keyboard keys.

Claims

1) A secure method of authenticating a user in the access of a server comprising: (i) the user has a personal password to access the server; (ii) the server can access the database with alfpersonal passwords; (iii) the server sends to the user, at requisition access moment, a recombined dynamic codifier interface; (iv) the user enters the password at dynamic positional keyboard, producing the expected code; (v) the user submits the expected code to the server; (vi) the server, from the dynamic codifier interface sent to the user, simulates the personal password entrance and obtains the exact expected code; (vii) the server compares the expected code sent by the user and the exact expected code obtained; (viii) if they are coincident, the server allows the user access. 2) The method according to claim 1 wherein the user is a person, a computer or a machine;

3) The method according to claim 1 wherein the server has computing processing ability;

4) The method according to claim 1 wherein the server is a processor; 5) The method according to claim 4 wherein the server is a computer of a machine, a robot, or a transporter vehicle.

6) The method according to claim 4 wherein the server is local or web server.

7) The method according to claim 1 wherein the access to the server by the user is done by at least one of the means of radio-frequency, ultrasound, luminous frequency, digital, electronic, telephonic, modem or cable systems.

8) The method according to claim 1 wherein the dynamic codifier interface is recombined at each user access requisition.

9) The method according to claim 8 wherein the recombination occurs by the means that the same dynamic codifier interface never is presented to an user. 10) Dynamic codifier interface to secure access comprising at least a dynamic and referential compound keyboard.

11) Interface according to the claim 10 wherein the dynamic and referential compound keyboard is the reference to the personal password entrance. 12) Interface according to the claim 11 wherein the dynamic and referential compound keyboard is comprised by at least a super-key which contains different infra-keys with characters that can be seen.

13) Interface according to the claim 12 wherein the infra-keys show at least a character chosen at one of the numericals, alphanumericals, words, drawings, designs, with tones, colors or sounds classes.

14) Interface according to the claim 10 wherein the dynamic and referential compound keyboard is recombined at each access requisition.

15) Interface according to the claim 14 wherein the recombination occurs in an indexed way so that a character never presents the same position into different infra- keyboards.

16) Interface according to the claim 14 wherein the recombination occurs in a random way;

17) Interface according to the claim 14 wherein the recombination occurs in the way that the recombination occurs by means that one character never is repeated into the same infra-keyboard.

18) Interface according to the claim 10 wherein the dynamic and referential compound keyboard is recombined at each time one password character is entered.

19) Interface according to the claim 12 wherein the infra-keys are classified by hiper- keys. r 20) Interface according to the claim 19 wherein the infra-keys of the hiper-keyboards belong to different infra-keyboards.

21) Interface according to the claim 10 wherein the dynamic and referential compound keyboard is a shared or dedicated visual device. 22) Interface according to the claim 21 wherein the shared visual device is a computer monitor or a LCD display.

23) Interface according to the claim 10 comprising a dynamic positional keyboard.

24) Interface according to the claim 23 wherein the dynamic positional keyboard is the keyboard where the personal password is entered.

25) Interface according to the claim 24 wherein the dynamic positional keyboard presents infra-keys and wherein the characters of the infra-keys are recombined at each user access requisition.

26) Interface according to the claim 25 wherein the characters of the infra-keys cannot be seen.

27) Interface according to the claim 23 wherein the characters of the infra-keys can be seen but do not influence in the password codification.

28) Interface according to the claim 23 wherein the dynamic positional keyboard is a mutant or fix device. 29) Interface according to the claim 23 wherein the dynamic positional keyboard is a shared or dedicated visual device.

30) Interface according to any of the claims 10 to 23 comprising an entrance for reading/writing information to identify the user.

31) Interface according to the claim 30 wherein the information to identify the user is entered by conventional keyboard, touch screen, optic reader, magnetic reader or biometric reader.

32) A secure authentication system for a user comprising: (i) a server for storing a personal user password and for supplying a recombined dynamic codifier interface at least at each user requisition; (ii) at least an electronic device in electronic communication with said server to presents to the recombined dynamic codifier interface and for receiving a personal user password, wherein said personal user password is entered beyond the dynamic positional keyboard and sent to the server and wherein said server verifies if that said personal user password matches said personal user password stored in database and allows the access if they are coincident.

33) The system according to claim 3 -wherein he ecombinations at dynamic codifier interface occurs each time a character of personal user password is entered.

34) An electronic apparatus comprising (i) means for communication with the server and (ii) at least a display device which presents a dynamic codifier interface according to any of the claims 10 to 31.

35) The electronic apparatus according to claim 34 wherein the communication with the server is done by at least one of the means of radio-frequency, ultrasound, luminous frequency, digital, electronic, telephonic, modem or cable systems.

36) The electronic apparatus according to claim 34 comprising an entrance for reading/writing information to identify the user.

37) The electronic apparatus according to claim 36 wherein the information to identify the user is entered by conventional keyboard, touch screen, optic reader, magnetic reader or biometric reader.

38) Dedicated fixed apparatus comprising (i) means for communication with the server and (ii) a dynamic positional keyboard according to any of the claims 23 to 27.

39) Software for use in a system for securely accessing a server, wherein an authorized user has provided at least one previously, recorded personal password to provide access to the server, the system including a data processing center, an input terminal in communication with the data processing center, and a dynamic codifier interface presented by the input terminal, said dynamic codifier interface having at least a dynamic and referential compound keyboard and, additionally a Dynamic Positional Keyboard capable of generating the submitted expected code and an entrance for reading/writing information to identify the user, the software comprising: (a) data processing center software component that can reside on the data processing center and is capable of responding to a request initiated by the user submission to access, generating to the input terminal at least a dynamic codifier interface and is capable of comparing the submitted expected code to the exact expect code produced by simulating user codification based on recorded personal password and is capable to determine whether or not the submitted expected code matches the recorded personal password; (b) an input terminal software component that can reside on the input terminal and is capable of-securely transmitting the at least one submitted expected code from the entrance for reading/writing information to identify the user to the data processing center and is capable of receiving the determination by the data processing center as to whether or not the submitted expected code matches the recorded personal password.

40) The software of claim 39 which has instructions provided or associated therewith for how to use the software with the system, how to install the software on the system, or how to use with and install the software on the system.

41) An electronic apparatus according to the claims 34 to 38 comprising the software according to the claims 39 and 40.