Systems and methods for strong authentication of electronic transactions
First Claim
1. A method of generating a token value for a user to submit to an authentication service of an electronic system when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the electronic item having thereon an authenticator application transmitted from the authentication service to the electronic item, the method comprising the authenticator application:
- obtaining an authentication nonce comprising at least one of an authentication value from the authentication service and a current time value from a clock on the electronic item;
wherein obtaining the current time value further comprises sending a message by way of the electronic item to a time service, receiving therefrom a correct time, and updating the clock of the electronic item with such received correct time, the current time value representing an accumulation of time based on such received correct time;
retrieving predetermined indicia of the electronic item from a location thereon;
combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate the token value; and
supplying the generated token value to a location on the electronic item for being submitted therefrom to the authentication service by the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A token value is generated for a user to submit to an authentication service of an electronic system. The token value represents that the user is in possession of an electronic item known to the authentication service, where the electronic item is capable of two-way communications with the authentication service and has thereon an authenticator application transmitted from the authentication service to the electronic item. The authenticator application obtains a current time value from a clock of the electronic item or an authentication value from the authentication service, retrieves predetermined indicia of the electronic item from a location thereon, and combines the obtained value and the retrieved indicia of the electronic item to generate the token value. The authentication service essentially performs the same steps based on information already available at such authentication service to generate a verification token value, and compares the submitted token value to the verification token value.
16 Citations
21 Claims
-
1. A method of generating a token value for a user to submit to an authentication service of an electronic system when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the electronic item having thereon an authenticator application transmitted from the authentication service to the electronic item, the method comprising the authenticator application:
-
obtaining an authentication nonce comprising at least one of an authentication value from the authentication service and a current time value from a clock on the electronic item; wherein obtaining the current time value further comprises sending a message by way of the electronic item to a time service, receiving therefrom a correct time, and updating the clock of the electronic item with such received correct time, the current time value representing an accumulation of time based on such received correct time; retrieving predetermined indicia of the electronic item from a location thereon; combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate the token value; and supplying the generated token value to a location on the electronic item for being submitted therefrom to the authentication service by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium having computer-executable instructions thereon for performing a method of generating a token value for a user to submit to an authentication service of an electronic system when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the electronic item having thereon an authenticator application transmitted from the authentication service to the electronic item, the method comprising the authenticator application:
-
obtaining an authentication nonce comprising at least one of an authentication value from the authentication service and a current time value from a clock on the electronic item; wherein obtaining the current time value further comprises sending a message by way of the electronic item to a time service, receiving therefrom a correct time, and updating the clock of the electronic item with such received correct time, the current time value representing an accumulation of time based on such received correct time retrieving predetermined indicia of the electronic item from a location thereon; combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate the token value; and supplying the generated token value to a location on the electronic item for being submitted therefrom to the authentication service by the user. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for generating a token value for a user to submit to an authentication service of an electronic system when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the electronic item having thereon an authenticator application transmitted from the authentication service to the electronic item, the system with regard to the authenticator application having a processor and memory in a computing apparatus that:
-
obtains an authentication nonce comprising at least one of an authentication value from the authentication service and a current time value from a clock on the electronic item; wherein the processor and memory in a computing apparatus that obtains the current time value further comprises a processor and memory in a computing apparatus that sends a message by way of the electronic item to a time service, a processor and memory in a computing apparatus that receives therefrom a correct time, and a processor and memory in a computing apparatus that updates the clock of the electronic item with such received correct time, the current time value representing an accumulation of time based on such received correct time; retrieves predetermined indicia of the electronic item from a location thereon; combines the obtained authentication nonce and the retrieved indicia of the electronic item to generate the token value; and supplies the generated token value to a location on the electronic item for being submitted therefrom to the authentication service by the user. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification