摘要 |
<p>The present invention provides a new method of site and user authentication that is achieved by creating a pop-up window on the user's PC that is in communication with a security server, and where this communication channel is separate from the communication between the user's browser and whichever web site they are at. A legitimate web site embeds code in the web page which communicates to the security server from the user's desktop. The security server checks the legitimacy of the web site and then signals both the web page on the user's browser, as well as the pop-up window to which it has a separate channel. If user authentication is requested by the web site the user is first authenticated by the security server for instance by out of band authentication.</p> |