| 摘要 |
Systems and methods for authenticating a user of a service are disclosed. A Personal Identification Number (PIN) is generated using a plurality of variables, and a user is authenticated by comparing the PIN generated at the user's mobile device with a PIN generated on an authentication server. The authentication enables the user to access a service or resource hosted on a host server. When requesting access to the resource, the user generates a device PIN and transmits the device PIN along with their unique key into the host server. The host server forwards the device PIN and the key to the authentication server. The authentication server generates a server PIN and compares the server PIN to the device PIN. If the two PINs match, the authentication server transmits a successful authentication response to the host server. The PIN generation process is a standard hash process, such as MD5 or SHA1, and uses at least the key provided by the user, a device identifier, and a current date/time. The device identifier is one of a unique identifier of the hardware on the mobile device or a unique identifier of a communication channel. This combination of the device identifier and the key ensures that only an authorized user is allowed access to the service. |
