System and method for securely sending a network one-time-password utilizing a mobile computing device
First Claim
1. A computer-implemented method of securely sending a network one-time-password (OTP) from a user computer to an authentication server, the method comprising the steps of:
- receiving through a user interface, a user password comprising a plurality of characters;
authenticating by the user computer, a mobile computing device (MCD) communicably coupled to the user computer, wherein the authenticating step verifies that the MCD can properly construct and return to the user computer, a mobile OTP based on information provided by the user computer;
receiving by the user computer, a network OTP second factor from the authenticated MCD;
modifying by the user computer, the user password received through the user interface in accordance with the network OTP second factor to create the network OTP; and
sending the network OTP from the user computer to the authentication server;
wherein the user computer includes a mobile server application and the MCD includes a mobile client application, and the step of authenticating the MCD includes the steps of;
the mobile server application receiving from the mobile client application, an identifier of the MCD;
the mobile server application utilizing the identifier to look up an MCD index value (Index-2) in an identifier/Index-2 database in the user computer;
the mobile server application sending the Index-2 value to the mobile client application;
the mobile server application receiving a mobile OTP from the mobile client application, wherein the mobile client application constructs the mobile OTP based on a mobile OTP second factor retrieved from an Index-2/mobile OTP second factor database; and
the mobile server application authenticating the MCD when the mobile OTP matches a stored mobile OTP in the user computer.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus, method, and computer program for securely sending a network one-time-password (OTP) from a user computer to an authentication server. A Network Client Application in the user computer interfaces with the authentication server, and a Mobile Server Application in the user computer interfaces with a Mobile Client Application in a mobile computing device (MCD) such as a smartphone. When a user enters a User ID and password into the user computer, the Network Client Application sends the User ID to the authentication server to obtain an index value (Index-1) from the authentication server. The Mobile Server Application authenticates the MCD and then sends Index-1 to the MCD to obtain a network OTP second factor from the MCD. The Network Client Application modifies the user password in accordance with the network OTP second factor to create the network OTP, and sends the network OTP to the authentication server.
-
Citations
20 Claims
-
1. A computer-implemented method of securely sending a network one-time-password (OTP) from a user computer to an authentication server, the method comprising the steps of:
-
receiving through a user interface, a user password comprising a plurality of characters; authenticating by the user computer, a mobile computing device (MCD) communicably coupled to the user computer, wherein the authenticating step verifies that the MCD can properly construct and return to the user computer, a mobile OTP based on information provided by the user computer; receiving by the user computer, a network OTP second factor from the authenticated MCD; modifying by the user computer, the user password received through the user interface in accordance with the network OTP second factor to create the network OTP; and sending the network OTP from the user computer to the authentication server; wherein the user computer includes a mobile server application and the MCD includes a mobile client application, and the step of authenticating the MCD includes the steps of; the mobile server application receiving from the mobile client application, an identifier of the MCD; the mobile server application utilizing the identifier to look up an MCD index value (Index-2) in an identifier/Index-2 database in the user computer; the mobile server application sending the Index-2 value to the mobile client application; the mobile server application receiving a mobile OTP from the mobile client application, wherein the mobile client application constructs the mobile OTP based on a mobile OTP second factor retrieved from an Index-2/mobile OTP second factor database; and the mobile server application authenticating the MCD when the mobile OTP matches a stored mobile OTP in the user computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method of authenticating a mobile computing device (MCD) by a user computer communicably coupled to the MCD, wherein the MCD includes a mobile client application and the user computer includes a mobile server application, the method comprising the steps of:
-
the mobile server application receiving from the mobile client application, an identifier of the MCD; the mobile server application utilizing the identifier to look up an MCD index value (Index-2) in an identifier/Index-2 database in the user computer; the mobile server application sending the Index-2 value to the mobile client application; the mobile server application receiving a mobile one-time-password (OTP) from the mobile client application, wherein the mobile client application constructs the mobile OTP based on the MCD identifier and a mobile OTP second factor retrieved from an Index-2/mobile OTP second factor database; and the mobile server application authenticating the MCD when the mobile OTP matches a stored mobile OTP in the user computer. - View Dependent Claims (13)
-
-
14. An apparatus in a user computer for securely sending a network one-time-password (OTP) to an authentication server, the apparatus comprising:
-
a processor; a non-transitory memory coupled to the processor, said memory storing computer program instructions, wherein when the processor executes the computer program instructions, the processor causes the apparatus to; receive through a user interface, a user password comprising a plurality of characters; authenticate a mobile computing device (MCD) communicably coupled to the user computer; receive a network OTP second factor from the authenticated MCD; modify the user password received through the user interface in accordance with the network OTP second factor to create the network OTP; and send the network OTP to the authentication server; wherein the user computer includes a mobile server application and the MCD includes a mobile client application, and the apparatus is configured to authenticate the MCD by performing the steps of; the mobile server application receiving from the mobile client application, an identifier of the MCD; the mobile server application utilizing the identifier to look up an MCD index value (Index-2) in an identifier/Index-2 database in the user computer; the mobile server application sending the Index-2 value to the mobile client application; the mobile server application receiving a mobile OTP from the mobile client application, wherein the mobile client application constructs the mobile OTP based on a mobile OTP second factor retrieved from an Index-2/mobile OTP second factor database; and the mobile server application authenticating the MCD when the mobile OTP matches a stored mobile OTP in the user computer.
-
-
15. An apparatus in a mobile computing device (MCD) for securely sending a network one-time-password (OTP) second factor to a user computer communicably coupled to the MCD, the apparatus comprising:
-
a processor; a non-transitory memory coupled to the processor, said memory storing computer program instructions, wherein when the processor executes the computer program instructions, the processor causes the apparatus to; perform a procedure to authenticate the MCD with the user computer; upon positively authenticating the MCD with the user computer, receive from the user computer, an Index-1 value; utilize the Index-1 value to retrieve the network OTP second factor from an Index-1/network OTP second factor database in the MCD; and send the network OTP second factor to the user computer; wherein the user computer includes a mobile server application and the MCD includes a mobile client application and wherein when performing the procedure to authenticate the MCD, the processor causes the apparatus to; send an identifier of the MCD to the mobile server application; receive from the mobile server application, an MCD index value (Index-2) associated with the MCD identifier; utilize the Index-2 to retrieve a mobile OTP second factor from an Index-2/mobile OTP second factor database; construct a mobile OTP from the MCD identifier and the mobile OTP second factor; and send the mobile OTP to the mobile server application. - View Dependent Claims (16, 17, 18)
-
-
19. A computer program loaded on a non-transitory memory coupled to a processor of a user computer, wherein the program includes a mobile server application and a network client application, wherein when the applications are run on the processor, the processor causes the user computer to securely send a network one-time-password (OTP) to an authentication server by performing the following steps:
-
the network client application receiving through a user interface, a User ID and a user password comprising a plurality of characters; the network client application sending only the User ID to the authentication server; the network client application receiving from the authentication server, a first index value (Index-1), and passing the Index-1 to the mobile server application; the mobile server application authenticating a mobile computing device (MCD) communicably coupled to the user computer; the mobile server application sending the Index-1 to a mobile client application on the MCD; the mobile server application receiving from the mobile client application, a network OTP second factor associated with the Index-1, and passing the network OTP second factor to the network client application; the network client application modifying the user password received through the user interface in accordance with the network OTP second factor to create the network OTP; and the network client application sending the network OTP to the authentication server; wherein the authenticating step includes; the mobile server application sending an activation message to the mobile client application on the MCD; the mobile server application receiving an MCD identifier from the mobile client application in response to the activation message; the mobile server application retrieving from a database, a second index value (Index-2) associated with the MCD identifier; the mobile server application sending the Index-2 to the mobile client application; the mobile server application receiving from the mobile client application, a mobile OTP constructed from the MCD identifier and a mobile OTP second factor associated with the Index-2; and the mobile server application validating the mobile OTP. - View Dependent Claims (20)
-
Specification