| 发明名称 |
SECURE IDENTITY AUTHENTICATION IN AN ELECTRONIC TRANSACTION |
| 摘要 |
An approach is provided for securely authenticating an identity of a user participating in an electronic transaction. A request is received from a mobile device to initiate the electronic transaction. Attributes of the user and request are received. A request is selected for a biometric identifier or a security question to authenticate the identity of the user. The request for the biometric identifier or security question is converted to a complete Quick Response (QR) code. Based on the user and request attributes, the complete QR code is disassembled into first and second portions by employing a disassembly algorithm. The first portion, but not the second portion, is sent to the mobile device, which prevents an entity other than the user and the enterprise from obtaining the request for the biometric identifier or security question by capturing network traffic that includes the electronic transaction. |
| 申请公布号 |
US2016212126(A1) |
申请公布日期 |
2016.07.21 |
| 申请号 |
US201514597827 |
申请日期 |
2015.01.15 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
Sadacharam Saravanan;Viswanathan Ram |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of securely authenticating an identity of a user participating in an electronic transaction with an enterprise, the method comprising the steps of:
a computer receiving a request from a mobile device of the user to initiate the electronic transaction and receiving information that specifies attributes of the user and the request; the computer selecting a request for a biometric identifier or a security question to authenticate the identity of the user; the computer converting the selected request for the biometric identifier or the security question to a first complete Quick Response (QR) code; based on the information that specifies the attributes of the user and the request, the computer disassembling the first complete QR code into first and second portions of the first complete QR code, the first portion of the first complete QR code selected by a QR code disassembly algorithm, and the first and second portions of the first complete QR code not having an element in common; and the computer sending to the mobile device the first portion of the first complete QR code, but not the second portion of the first complete QR code, which prevents an entity other than the user and the enterprise from obtaining the request for the biometric identifier or the security question by capturing network traffic that includes the electronic transaction. |
| 地址 |
ARMONK NY US |
