NETWORK TRANSACTION VERIFICATION AND AUTHENTICATION
First Claim
1. An authentication system for use within a networked system comprising:
- a trusted security module comprising;
a proxy service for accessing a network location;
authentication credentials for use by the proxy service for authenticating access to the network location; and
trusted security module credentials for authenticating access to the proxy service of the trusted security module; and
a client computing device comprising;
a memory for storing instructions and;
a processor for executing the instructions stored in the memory, the executed instructions configuring the client computing device to provide;
a browser for accessing the network location through the proxy service of the trusted security module using the authentication credentials of the trusted security module, when access to the proxy service is authenticated using the trusted security module credentials.
3 Assignments
0 Petitions
Accused Products
Abstract
A two-level authentication system is described supporting two-factor authentication that offers efficient protection for secure on-line web transactions. It includes a global unique identity (UID) provided either by an institute-issued/personal trusted device, or based on client computing platform hardware attributes, and generated using institution authorized private software, institution-authorized authentication proxy software, and an institution-generated credential code which is pre-stored in the token and only accessible by the institute-authorized authentication proxy software. The institution-authorized authentication proxy software uses the user'"'"'s PIN and the trusted device'"'"'s UID as input and verifies the user and device identities through institution-generated credential code which was pre-stored in the trusted device. Authentication is performed in two levels: the first authenticates the user and the trusted device locally; and the second authenticates the user remotely at the institution-owned authentication server. Various embodiments add extra levels of security, including one-time-password management.
-
Citations
20 Claims
-
1. An authentication system for use within a networked system comprising:
-
a trusted security module comprising; a proxy service for accessing a network location; authentication credentials for use by the proxy service for authenticating access to the network location; and trusted security module credentials for authenticating access to the proxy service of the trusted security module; and a client computing device comprising; a memory for storing instructions and; a processor for executing the instructions stored in the memory, the executed instructions configuring the client computing device to provide; a browser for accessing the network location through the proxy service of the trusted security module using the authentication credentials of the trusted security module, when access to the proxy service is authenticated using the trusted security module credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A trusted security device comprising:
-
a memory for storing instructions and software for providing; a proxy service for accessing a network location; authentication credentials for use by the proxy service for authenticating access to the network location; and trusted security module credentials for authenticating access to the proxy service of the trusted security module; and means for logically connecting the trusted authentication device to a client computing device used to access the network location through the trusted authentication device.
-
-
16. A method of securely authenticating access to a network location, the method comprising:
-
at a trusted security module, receiving a trusted security module authentication credential; authenticating access to the trusted security module using the received trusted security module authentication credentials; accessing the network location using a trusted proxy service of the trusted security module and network location security credentials stored in the trusted security module when the access to the trusted security module has been authenticated. - View Dependent Claims (17, 18, 19, 20)
-
Specification