| 主权项 |
1. A system whereby an online website, acting as a certifying authority for authorized access to a user's online account at said online website, is electronically coupled to a user's local/mobile computing device and to a Validation Database Server/Web Server, and uses specified distinctive identifiers drawn from said local/mobile computing device to validate and authorize access to said online website account including, but not limited to, e-Commerce websites, financial account websites and email account websites:
a a user initiates an online website account access request via a local/mobile computing device; b Said local/mobile computing device is communicably coupled to said online website and transmits identity and account information to said online website; c Said identity and account information transmitted by the local/mobile computing device is defined by the account access authorization policies of said online website and may include, but are be limited to, a user name or email address, one or more passwords and/or biometric marker information identifying a rightful account owner; d said online website examines the identity and account information submitted by the local/mobile computing device and determines that access to said account requires validation matching of said specified distinctive identifiers with said Validation Database Server/Web Server as part of said access authorization process; e said online website sends a regenerate specified distinctive identifiers request to said local/mobile computing device; f a first software program resident and executing on said local/mobile computing device receives said regenerate specified distinctive identifiers request; g said first software program regenerates a set of specified distinctive identifiers from said local/mobile computing device, said regenerated specified distinctive identifiers are obtained from hardware modules and/or software modules resident on said local/mobile computing device; h said first software program secures said set of regenerated specified distinctive identifiers by hashing and/or encrypting said set of regenerated specified distinctive identifiers then electronically transmits said set of regenerated specified distinctive identifiers to said online website which requested the regenerate specified distinctive identifiers request; i said first software program upon transmitting the regenerated specified distinctive identifiers may securely erase the results of the regenerated specified distinctive identifiers from the local/mobile computing device; j said online website electronically receives said regenerated specified distinctive identifiers and forwards said regenerated specified distinctive identifiers to said Validation Database Server/Web Server k after electronically forwarding said regenerated specified distinctive identifiers to said Validation Database Server/Web Server, online website may securely erase the results of the regenerated specified distinctive identifiers from the online website; l said validation database server/web server contains a second software program which attempts to match the received set of said regenerated specified distinctive identifiers to at least one set of said specified distinctive identifiers from a plurality of local/mobile computing devices previously registered in said validation database; m if said second software program matches received set of said regenerated specified distinctive identifiers against at least one set of said previously registered specified distinctive identifiers from a plurality of local/mobile computing devices, said second software program electronically notifies said online website of said matching and if said second software program does not find a match between said received set of regenerated specified distinctive identifiers against at least one set of said previously registered selected distinctive identifiers from a plurality of local/mobile computing devices, said second software program electronically notifies said online website that said match was not made; n if said online website receives from said validation database server/website server an electronic notice that a match was made between said received set of regenerated specified distinctive identifiers and at least one set of said previously registered specified distinctive identifiers from a plurality of local/mobile computing devices, said online website notifies said local/mobile computing device that said account access request is accepted; o if said online website receives from said validation database server/Web Server electronic notice that a match was not made between said received set of regenerated specified distinctive identifiers and at least one set of said previously registered specified distinctive identifiers from a plurality of local/mobile computing devices, said online website electronically notifies said local/mobile computing device that authorized access to a user's online account is denied; p said second software program upon transmitting said match results to said online website may securely erase said regenerated specified distinctive identifiers from said validation database/web server. |
