主权项 |
1. A method comprising:
obtaining, by a soft token application installed on a mobile device, via an Application Programming Interface (API) of an operating system of the mobile device, a unique device ID of the mobile device that uniquely identifies the mobile device; requesting, by the soft token application via an Internet Protocol (IP)-based network to which the mobile device is connected, a seed from a provisioning server coupled to the IP-based network, wherein the seed is for generating a One-Time Password (OTP) for accessing a secure network resource; receiving, by the mobile device, the seed via a first out-of-band channel in encrypted form based on a secret key, the unique device ID and a hardcoded-pre-shared key; decrypting, by the soft token application, the received encrypted seed and installing the seed within the soft token application; generating, by the soft token application, the OTP based on the seed; and binding, by the soft token application, the OTP to the mobile device by encrypting the seed with the unique device ID and the hardcoded pre-shared key. |