Systems and methods for strong authentication of electronic transactions
First Claim
1. A method for an authentication service of an electronic system to verify a token value submitted by a user to such authentication service when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the method comprising the authentication service:
- downloading an authenticator application to the electronic device via a browser on the electronic device;
receiving, via the authenticator application, the token value based on the correct current time as part of a request for access from the user;
obtaining an authentication nonce comprising a current time value from a clock on the electronic item;
wherein obtaining the current time value further comprises sending a message to a time service, receiving therefrom a correct time, and updating the clock with such received correct time, the current time value representing an accumulation of time based on such received correct time;
retrieving predetermined indicia of the electronic item from the database;
combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate a verification token value; and
comparing the received token value with the verification token value, and if a match is found, allowing the access by the user to the electronic system.
1 Assignment
0 Petitions
Accused Products
Abstract
A token value is generated for a user to submit to an authentication service of an electronic system. The token value represents that the user is in possession of an electronic item known to the authentication service, where the electronic item is capable of two-way communications with the authentication service and has thereon an authenticator application transmitted from the authentication service to the electronic item. The authenticator application obtains a current time value from a clock of the electronic item or an authentication value from the authentication service, retrieves predetermined indicia of the electronic item from a location thereon, and combines the obtained value and the retrieved indicia of the electronic item to generate the token value. The authentication service essentially performs the same steps based on information already available at such authentication service to generate a verification token value, and compares the submitted token value to the verification token value.
-
Citations
24 Claims
-
1. A method for an authentication service of an electronic system to verify a token value submitted by a user to such authentication service when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the method comprising the authentication service:
-
downloading an authenticator application to the electronic device via a browser on the electronic device; receiving, via the authenticator application, the token value based on the correct current time as part of a request for access from the user; obtaining an authentication nonce comprising a current time value from a clock on the electronic item; wherein obtaining the current time value further comprises sending a message to a time service, receiving therefrom a correct time, and updating the clock with such received correct time, the current time value representing an accumulation of time based on such received correct time; retrieving predetermined indicia of the electronic item from the database; combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate a verification token value; and comparing the received token value with the verification token value, and if a match is found, allowing the access by the user to the electronic system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium having stored thereon computer-executable instruction for performing a method for an authentication service of an electronic system to verify a token value submitted by a user to such authentication service when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the method comprising the authentication service:
-
downloading an authenticator application to the electronic device via a browser on the electronic device; receiving, via the authenticator application, the token value based on the correct current time as part of a request for access from the user; obtaining an authentication nonce comprising a current time value from a clock on the electronic item; wherein obtaining the current time value further comprises sending a message to a time service, receiving therefrom a correct time, and updating the clock with such received correct time, the current time value representing an accumulation of time based on such received correct time; retrieving predetermined indicia of the electronic item from the database; combining the obtained authentication nonce and the retrieved indicia of the electronic item to generate a verification token value; and comparing the received token value with the verification token value, and if a match is found, allowing the access by the user to the electronic system. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for an authentication service of an electronic system to verify a token value submitted by a user to such authentication service when requesting access to the electronic system to perform an electronic transaction thereat, the token value representing that the user is in possession of an electronic item known to the authentication service, the system having a processor and memory in a computing apparatus that:
-
downloads an authenticator application to the electronic device via a browser on the electronic device; receives, via the authenticator application, the token value based on the correct current time as part of a request for access from the user; obtains an authentication nonce comprising a current time value from a clock on the electronic item; wherein the processor and memory in the computing apparatus that obtains the current time value further comprises a second processor and memory in a computing apparatus that sends a message to a time service, a third processor and memory in a computing apparatus that receives therefrom a correct time, and a fourth processor and memory in a computing apparatus that updates the clock with such received correct time, the current time value representing an accumulation of time based on such received correct time; retrieves predetermined indicia of the electronic item from the database; combines the obtained authentication nonce and the retrieved indicia of the electronic item to generate a verification token value; and compares the received token value with the verification token value, and if a match is found, allowing the access by the user to the electronic system. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification