×

System and method for facilitating secure online transactions

  • US 8,327,142 B2
  • Filed: 02/05/2007
  • Issued: 12/04/2012
  • Est. Priority Date: 09/27/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method for mutually authenticating a client and a server, the method comprising:

  • transmitting over a first data link a token including a unique session identifier generated by the server and signed with a private server key associated with a server certificate from the server to the client;

    initiating a secure data transfer link from the client to the server in response to receiving the token, the secure data transfer link being independent of the first data link;

    completing the secure data transfer link, the server certificate and a full requested Uniform Resource Locator (URL) identifier of the server as initially specified by the client being transmitted to the client during the completing of the secure data transfer link;

    transmitting to the server over the secure data transfer link, a response packet including the full requested URL identifier of the server transmitted to the client during the completing of the secure data transfer link, a client certificate, the server certificate as received from the server during the completing of the secure data transfer link, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate; and

    validating the response packet.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×