摘要 |
<p>An authentication system (10) allows the identity of a user (12) to be authenticated when the user (12) is seeking access to a secure service provided by a server (14). The system (10) comprises two separate communications channels. The first channel is a network (20) for allowing the user (12) to communicate with the server (14). The second channel is a mobile communications channel (26) that utilises a mobile communications device (28) for allowing an authentication server (22) to communicate with the user (12). In use, when the user (12) requests access to the server (14), he or she sends a username to the server (14). The server (14) generates a request for the confirmation of the user's identity, which it sends to the authentication server (22). The authentication server (22) in turn generates a passcode and also queries a user database for the mobile communication device network number of the user (12). The server (22) sends the passcode via the mobile communication network to the user's mobile device (28) and to the server (14). Once the user (12) receives the passcode, he or she offers it as a passcode to the server (14), which compares the passcode that was offered by the user (12) with the passcode that it received from the authentication server (22). If the two codes are the same, the server (14) may allow access to the desired service or facility.</p> |