发明名称 |
Method and apparatus for the secure authentication of a web site |
摘要 |
Methods for the authentication of a web site by a visitor to the web site. The visitor uses a device, such as a portable device like a cell phone to compute a dynamic identification string and a one-time password. The dynamic identification string is sent to a service provider, such as a certification service server associated with the web site. In response, the server computes a one-time password that is transmitted to the visitor's device. The device computed one-time password can then be compared to the server computed one-time password in order to authenticate the web site. |
申请公布号 |
US9231944(B2) |
申请公布日期 |
2016.01.05 |
申请号 |
US201514593569 |
申请日期 |
2015.01.09 |
申请人 |
Bouyant Holdings Limited |
发明人 |
Labaton Isaac J |
分类号 |
H04L29/06;G06Q20/10;G06Q20/36;G06Q20/40 |
主分类号 |
H04L29/06 |
代理机构 |
Law Offices of David O. Caplan, PLLC |
代理人 |
Law Offices of David O. Caplan, PLLC |
主权项 |
1. A method for authenticating a web site to a user, the method comprising:
(a) with a portable device:
(i) computing a one-time code,(ii) computing a first one-time password having a predetermined relationship to the one-time code,(iii) outputting the one-time code; and (b) with a computer connected to a communications medium and having a browser capable of accessing the web site through the communications medium:
(i) sending the one-time code received from the portable device but not the first one-time password via the communications medium for receipt by a certification server computer associated with the web site, which certification server computer is programmed to use the one-time code: (A) to authenticate the user of the computer, and (B) to compute a second one-time password in the predetermined relationship to the one-time code, and(ii) in response to sending the one-time code, receiving the second one-time password; (c) wherein whether the web site is verified, for access by the browser of the computer, depends on whether the second one-time password matches the first one-time password; and (d) wherein the communications medium includes at least one of the following: the Internet, a data line, or a telephone or telecommunications system. |
地址 |
Amman JO |