Method and System of User Authentication Using an Out-of-band Channel

摘要

The user authentication method comprises: a central processing server generates an encoded data, such as a QR code, from encoding a session number, which can be randomly generated; a first client computing device displays a login page that includes the QR code to a user for authentication; the user uses a mobile communication that has already been registered and paired with the user account stored in the central processing server to image-capture the QR code, and sends the decoded QR code data to the central processing server; the central processing server validates the decoded QR code data against the session number; upon a positive validation, the user may need to enter his/her security PIN according to configuration in the second mobile communication and be sent to the central processing server for validation; and upon a positive validation, the user authentication is completed.

主权项

1. A computer processor implemented method for online user authentication, comprising:
generating an encoded data, by a central processing server, wherein the encoded data is encoded for a data comprising a session number stored in the central processing server; presenting the encoded data to a user for user authentication; image-capturing the encoded data, by a mobile communication device equipped with a camera or optical scanner, wherein the mobile communication device is associated with a user account associated with the user, wherein the user account record is stored in the central processing server, and wherein the user account record comprises an identification data of the mobile communication device; decoding the image-captured encoded data, by the mobile communication device, to extract the session number; sending, by the mobile communication device, the extracted session number and an identification data of the mobile communication device to the central processing server; and authenticating the user, by the central processing, by matching the extracted session number and the identification data of the mobile communication device received from the mobile communication to the session number stored in the central processing and the identification data of the mobile communication device in the user account record.