NEW METHOD FOR SECURE SITE AND USER AUTHENTICATION
11 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a new method of site and user authentication. This is achieved by creating a pop-up window on the user'"'"'s PC that is in communication with a security server, and where this communication channel is separate from the communication between the user'"'"'s browser and whichever web site they are at. A legitimate web site embeds code in the web page which communicates to the security server from the user'"'"'s desktop. The security server checks the legitimacy of the web site and then signals both the web page on the user'"'"'s browser, as well as the pop-up window to which it has a separate channel. The security server also sends a random image to both the pop-up window and the browser. If user authentication is requested by the web site the user is first authenticated by the security server for instance by out of band authentication. Then the security server computes a one time password based on a secret it shares with the web site and sends it to the pop up window. The user copies this one time password into their browser which sends it to the web site, which can re-compute the one time password to authenticate the user.
38 Citations
29 Claims
-
1-7. -7. (canceled)
-
8. A method of authenticating a site on a network, comprising:
-
receiving, by a security server from a web page that is (i) associated with a network site and (ii) displayed by a user'"'"'s network device, an identifier of the user'"'"'s network device and an identifier of the network site; and transmitting, by the security server in response to the receipt of the identifiers, an indication of legitimacy of the network site that will cause display of a corresponding legitimacy indicator on both the web page and a pop-up window displayed by the user'"'"'s network device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An article of manufacture for authenticating a site on a network, comprising:
-
non-transitory storage medium; and logic stored on the storage medium, wherein the stored logic is configured to be readable by a processor and thereby cause the processor to operate so as to; receive, from a web page that is (i) associated with a network site and (ii) displayed by a user'"'"'s network device, an identifier of the user'"'"'s network device and an identifier of the network site; and transmit, in response to the receipt of the identifiers, an indication of legitimacy of the network site that will cause display of a corresponding legitimacy indicator on both the web page and a pop-up window displayed by the user'"'"'s network device. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A machine for authenticating a site on a network, comprising:
-
a communications port configured to receive, from a web page that is (i) associated with a network site and (ii) displayed by a user'"'"'s network device, an identifier of the user'"'"'s network device and an identifier of the network site; and a processor configured with logic to determine the legitimacy of the network site based on the received network site identifier and to direct transmission of an indication of legitimacy of the network site that will cause display of a corresponding legitimacy indicator on both the web page and a pop-up window displayed by the user'"'"'s network device. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A method of authenticating a site on a network, comprising:
-
displaying, at a user'"'"'s network device, a web page associated with a network site and a pop up window associated with a security server; transmitting, from the web page to the security server, an identifier of the user'"'"'s network device and an identifier of the network site; receiving, by the user'"'"'s network device from the security server in response to the transmission of the identifiers, an indication of legitimacy of the network site; and displaying, at a user'"'"'s network device, a legitimacy indicator corresponding to the received indication of legitimacy on both the web page and the pop-up. - View Dependent Claims (27, 28, 29)
-
Specification