One time password authentication of websites

摘要

A method including generating a first and second One Time Password (OTP) token from a shared clock, receiving a third OTP token, and comparing the second and the third OTP tokens. A system including a number generator residing on a first server to generate first and second One Time Password (OTP) tokens from a shared clock, a transmitter residing on the first server to transmit the first and the second OTP tokens, a receiver residing on a second server to receive the first, the second, and a third OTP tokens, and a comparator residing on the second server to compare the second and the third OTP tokens to authenticate an identity of a party who generates the third OTP token.

主权项

1. A system comprising:
a first clock residing at a secured verification site synchronized with a second clock residing on a user device of a user, the synchronized second clock used to derive two or more clock values that are hashed by a first hashing module residing at the user device that applies a hashing function to the two or more clock values, a result of the hashing function comprising one-time password (OTP) token values of the user device, a first OTP token value used to verify a OTP token value received from a site with which the user is attempting to transact and a second OTP token value being transmitted to the site with which the user is attempting to transact, the second OTP token value being sent in response to the first OTP token value matching the OTP token value received from the site; a second hashing module, residing at the secured verification site, to apply the hashing function to two or more clock values derived from the first clock, a result of the hashing function comprising OTP token values of the secured verification site, the OTP token values of the secured verification site transmitted to the site with which the user is attempting to transact; a receiving module, residing at the site with which the user is attempting to transact, to receive the second OTP token value from the user device and the OTP token values from the secured verification site, one of the OTP token values from the secured verification site being forwarded to the user device as the OTP token value from the site that is compared with the first OTP token value at the user device; and a comparison module, residing at the site with which the user is attempting to transact, to compare the second OTP token value from the user device and a remaining one of the OTP token values from the secured verification site after the matching of the first OTP token value and the OTP token value received from the site at the user device.