摘要 |
A system and method for locking an application to specific hardware device without storing device or user information on server. A lock registration is performed during the first usage of the application where the application sends a unique value to the server through secured channel. This unique value is combination of user specific information and device information. The server receives the unique value, and sends the encrypted value to the device, which is stored in predefined location of device. During lock validation, which is initiated during every request to the server or on every session creation, the device unique value and encrypted value is sent to the server. The server receives it, decrypts the encrypted value, and compares with the received unique value. If both the values are same, the server validates application instance by sending the response to the device else error message is sent to the device. |
主权项 |
1. A computer implemented method for locking an application to a device, wherein device information is not stored on server side, the method comprising:
receiving, through a processor, a first unique value of a device on first usage of an application, wherein the first unique value is derived based on one or more device parameters; encrypting, through a processor, the first unique value received from the device; sending, through a processor, the encryption result to the device, wherein the encryption result is stored in a predefined location of the device; receiving, through a processor, a second unique value of the device and the encryption result at the subsequent usage of the application, wherein the second unique value is derived based on the one or more device parameters; decrypting, by the processor, the encryption result to get the first unique value received at the time of the first usage of the application; comparing, by the processor, the decrypted first unique value and the received second unique value; and based on the comparing, choosing between (a) and (b): (a) if the first unique value and the second unique value are identical, validating the device by the processor and enabling the application; and (b) if the first unique value and the second unique value are not identical, disabling the application. |