Secure transaction authentication

摘要

A method and system for authenticating secure transactions between a transacting user and a secure transaction host is provided. The system includes a mobile phone software application installed on a transacting user's mobile phone which is configured to compose a digital fingerprint uniquely associated with the specific mobile phone on which it is installed. The system further includes an authentication service provider with which users of the system may be enrolled by registering at least the digital identifiers composed by the applications installed on their mobile communication devices in an authentication database. The authentication service provider is configured to authenticate secure transactions on request from secure transaction hosts by sending transaction confirmation requests to mobile phones of enrolled users requiring them to confirm or deny secure transactions before such transactions are allowed to be finalized.

主权项

1. A method for authentication of a secure transaction to be conducted between a secure transaction host and a transacting user, the method to be carried out at an authentication service provider and comprising the steps of:
receiving an authentication request from the secure transaction host; receiving a digital identifier from a mobile communications device associated with the transacting user whereby the mobile communications device may be uniquely identified, the digital identifier having been composed by an authentication application installed on the mobile communications device so as to establish a one-to-one association between the digital identifier and the mobile communications device of the user, and being stored in a secure storage location on the mobile communications device from where it is retrievable by the authentication application; comparing the digital identifier with a list of digital identifiers associated with mobile communication devices of pre-enrolled users stored on a database associated with the authentication service provider; if the received digital identifier corresponds to a digital identifier stored on the database, establishing a secure communications link between the mobile communications device of the transacting user and the authentication service provider, the secure communications link being initiated from the authentication application on the mobile communications device; responsive to receiving the authentication request, transmitting a transaction confirmation request to the mobile communications device of the transacting user over the secure communications link, the request requiring the user to confirm or deny its intended performance of the secure transaction; receiving a confirmation or denial result from the mobile communications device; in response to a confirmation result, transmitting a positive authentication result to the secure transaction host; and in response to a denial result, transmitting a negative authentication result to the secure transaction host.