Authentication device and/or method
First Claim
1. A method of authenticating a remote service to a user via a communications network, the method including:
- the remote service obtaining a service authentication code that has been generated, using a code generation algorithm, based on a first secret key;
communicating the service authentication code to the user via the communications network;
receiving or entering the service authentication code into an authentication device associated with the user;
the authentication device generating, using the same code generation algorithm, an expected code value based on a second secret key and thereafter comparing the expected code value to the service authentication code; and
responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device generating a response that indicates to the user the authenticity of the remote service.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating a remote service (104) to a user (102) via a communications network (106) is disclosed. The remote service (104) obtains a service authentication code that has been generated, using a code generation algorithm, based on a first secret key. The service authentication code is communicated to the user (102) via the communications network (106) and received, or entered, into an authentication device (106) associated with the user (102). The authentication device (106) then generates, using the same code generation algorithm, an expected code value based on a second secret key and compares the expected code value to the service authentication code. Responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device (106) generates a response that indicates to the user (102) the authenticity of the remote service (104).
115 Citations
36 Claims
-
1. A method of authenticating a remote service to a user via a communications network, the method including:
-
the remote service obtaining a service authentication code that has been generated, using a code generation algorithm, based on a first secret key;
communicating the service authentication code to the user via the communications network;
receiving or entering the service authentication code into an authentication device associated with the user;
the authentication device generating, using the same code generation algorithm, an expected code value based on a second secret key and thereafter comparing the expected code value to the service authentication code; and
responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device generating a response that indicates to the user the authenticity of the remote service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 34)
-
-
18. A method of authenticating a remote service to a user via a communications network, the method including:
-
the remote service obtaining a service authentication code that has been generated, using a code generation algorithm, based on a first secret key;
communicating the service authentication code to the user via the communications network;
receiving or entering the service authentication code into an authentication device associated with the user;
the authentication device generating, using the same code generation algorithm, an expected code value based on a second secret key and thereafter comparing the expected code value to the service authentication code; and
responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device generating a response that indicates to the user the authenticity of the remote service;
wherein the code generation algorithm for generating the service authentication code based on the first secret key, and the code generation algorithm for generating the expected code value based on the second secret key use synchronised encoding sequences for generating the service authentication code and the expected code value based on the first secret key and the second secret key respectively
-
-
19. A method of mutually authenticating a remote service user and a remote service via a communications network, the method including:
-
the remote service obtaining a service authentication code that has been generated, using a code generation algorithm, based on a first secret key;
communicating the service authentication code to the user via the communications network;
receiving or entering the service authentication code into an authentication device associated with the user;
the authentication device generating, using the same code generation algorithm, an expected code value based on a second secret key and thereafter comparing the expected code value to the service authentication code;
responsive to the comparison, and in the event that the expected code correlates with the service authentication code, the authentication device generating, using a code generation algorithm, a user authentication code value based on a third secret key;
communicating the user authentication code to the remote service via the communications network;
the remote service, or other service, obtaining a second expected code value that has been generated based on a fourth secret key and thereafter comparing the second expected code value to the user authentication code; and
responsive to the comparison and in the event that the second expected code value correlates with the user authentication code, the remote service allowing the user further access to the remote service.
-
-
20. A software architecture embodied on one or more computer-readable media for implementation on a server, the software architecture including:
-
a service authentication code generator for generating a service authentication code, using a code generation algorithm, based on a first secret key, the generation of the service authentication code including encoding the first secret key using a first pseudorandom encoding sequence and a second pseudorandom encoding sequence having the same sequence length as the first pseudorandom encoding sequence, the encoding including;
identifying, in order, the location of characters in the first pseudorandom encoding sequence that correspond to the characters of the first secret key;
mapping the sequence location of the identified characters to characters of the second pseudorandom encoding sequence having the same sequence location to provide a set of characters from the second pseudorandom encoding sequence; and
arranging, in order of identification, the set of characters of the second pseudorandom encoding sequence to form the service authentication code; and
a communication driver for communicating the service authentication code to a remote user via the communications network;
wherein the service authentication code varies according to the first and a second pseudorandom encoding sequences used by the code generation algorithm and wherein a different first and second pseudorandom encoding sequence is used whenever a service authentication code is generated to reduce the likelihood of the same service authentication code being regenerated.
-
-
21. A software architecture embodied on one or more computer-readable media for implementation on an authentication device, the software architecture including:
-
an input driver for receiving or entering a service authentication code provided by a remote service, the service authentication code having been generated using a code generation algorithm, based on a first secret key;
a generator for generating, using the code generation algorithm, an expected code value based on a second secret key;
a comparator for comparing the expected code value to the service authentication code; and
a response generator for generating a response indicative of the authenticity of the remote service according to a comparison of the expected code with the service authentication code. - View Dependent Claims (35, 36)
-
-
22. An authentication device for providing a response that indicates, to a user of the authentication device, the authenticity of a remote service based on an service authentication code provided by the remote service, the authentication device including
input means for receiving or entering the service authentication code, the service authentication code having been generated using a code generation algorithm, based on a first secret key; -
generator means for generating, using the same code generation algorithm, an expected code value based on a second secret key;
comparator means for comparing the expected code value to the service authentication code; and
a response generator means for generating a response indicative of the authenticity of the remote service according to a comparison of the expected code with the service authentication code. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method of authenticating a remote service to a user via a communications network, the method including:
-
a user operating an authentication device to retrieve, from the device, a unique identification code associated therewith;
communicating the unique identification code to the remote service via a communications network;
the remote service obtaining a service authentication code that has been generated, using a code generation algorithm, based on a first secret key, the first secret key being retrieved from a database by indexing the unique identification code into the database, the database including identification codes for authentication devices that have been registered for accessing the remote service;
communicating the service authentication code to the user via the communications network;
receiving or entering the service authentication code into an authentication device associated with the user;
the authentication device generating, using the same code generation algorithm, an expected code value based on a second secret key and thereafter comparing the expected code value to the service authentication code; and
responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device generating a response that indicates to the user the authenticity of the remote service.
-
Specification