| 发明名称 |
SYSTEM AND METHODS FOR ONLINE AUTHENTICATION |
| 摘要 |
A method of authenticating a network client to a relying party computer via a computer server comprises the computer server receiving a transaction code from a token manager via a first communications channel. The network client is configured to communicate with a token manager which is configured to communicate with a hardware token interfaced therewith. The network client is also configured to communicate with the relying party computer and the computer server. The computer server also receives a transaction pointer from the relying party computer via a second communications channel that is distinct from the first communications channel. Preferably, the transaction pointer is unpredictable by the computer server. The computer server transmits an authorization signal to the relying party computer in accordance with a correlation between the transaction code and the transaction pointer. The authorization signal facilitates authentication of the network client to the relying party computer. |
| 申请公布号 |
US2015304319(A1) |
申请公布日期 |
2015.10.22 |
| 申请号 |
US201514753177 |
申请日期 |
2015.06.29 |
| 申请人 |
SecureKey Technologies Inc. |
发明人 |
Ronda Troy Jacob;Roberge Pierre Antoine;Engel Patrick Hans;Mclve Rene;Wolfond Gregory Howard;Boysen Andre Michael |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of authenticating a network client to a relying party computer via a computer server, the network client being configured to communicate with the relying party computer and the computer server, the network client being further configured to communicate with a token manager, the token manager being configured to communicate with a hardware token interfaced with the token manager, the method comprising the computer server:
receiving a transaction code from one of the token manager and the network client via a first communications channel; receiving a transaction request from the relying party computer via a second communications channel distinct from the first communications channel, wherein the transaction request comprises a transaction pointer that is associated with the hardware token; correlating the transaction pointer with the transaction code to identify the token manager; transmitting an authentication request message to one of the token manager and the network client via the first communications channel; receiving a credential from one of the token manager and the network client via the first communications channel; and transmitting an authorization signal to the relying party computer in response to the transaction request in accordance with a determination of validity of the credential and data originating from the hardware token, the authorization signal facilitating authentication of the network client to the relying party computer. |
| 地址 |
Toronto CA |
