摘要 |
A secured hardware token includes an embedded processor, secured persistent storage, and read only memory. The storage includes functionality to store data that includes an account master secret for an account at a financial institution. The memory includes a security application, which causes the processor to receive, from a financial institution application executing on a mobile device, a call for an n-bit result. The security application further causes the processor to obtain, from the secured persistent storage, the account master secret, construct the n-bit result specific to the call using the account master secret and the n-bit generator input as input to an n-bit generator in the security application, and return the n-bit result to the financial institution application. The financial institution application provides the n-bit result to the financial institution, which completes a financial transaction when the n-bit result is verified using a copy of the account master secret. |