摘要 |
An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user. |
主权项 |
1. A method for authentication, comprising:.
receiving, by a mobile device, a user request to access a service provider application; in response to the user request to access the service provider application, requesting, by the mobile device, identification and verification from the user via an identification and verification application residing within the mobile device; receiving, by the mobile device, a positive identification and verification response; generating, by the mobile device, a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, and a service provider application ID; and transmitting, by the mobile device, the generated cryptogram, the user ID, the timestamp, the device ID, and the service provider application ID, to a service provider computer associated with the service provider application, wherein the service provider computer verifies the cryptogram. |