Method and apparatus for asynchronous dynamic password
First Claim
1. A computer implemented method for generation and verification of a dynamic password, also known as one-time-password, providing at least one server, comprising:
- Generating a dynamic generation code by the at least one server, store it only for the duration of the verification session, and send it to at least one user;
Receiving the dynamic generation code from the at least one server by the at least one user;
Entering the dynamic generation code and a personal secret into a client dynamic password generator by the at least one user for generating a first dynamic password;
Sending the first dynamic password and an at least one user'"'"'s account identity to the at least one server by the at least one user;
Retrieving the dynamic generation code and the at least one user'"'"'s personal secret by the at least one server for generating a second dynamic password using a server dynamic password generator;
Matching up the second dynamic password with the first dynamic password by the at least one server, and determine if there is a match.
0 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and method for computer-based or mobile-device-based electronic generation and verification of dynamic password, or one-time-password (OTP), that does not require initial synchronization, nor re-synchronization, between a client OTP generator and the corresponding OTP server, is provided. It employs the general OTP principles and methods to ensure the single-use of the password credential and the security strength of the OTP, and it utilizes instant dynamic parameter(s) communications for equivalent instant synchronization (EQ-sync). It can also be used to ensure integrity and authenticity of an online transaction request.
80 Citations
19 Claims
-
1. A computer implemented method for generation and verification of a dynamic password, also known as one-time-password, providing at least one server, comprising:
-
Generating a dynamic generation code by the at least one server, store it only for the duration of the verification session, and send it to at least one user; Receiving the dynamic generation code from the at least one server by the at least one user; Entering the dynamic generation code and a personal secret into a client dynamic password generator by the at least one user for generating a first dynamic password; Sending the first dynamic password and an at least one user'"'"'s account identity to the at least one server by the at least one user; Retrieving the dynamic generation code and the at least one user'"'"'s personal secret by the at least one server for generating a second dynamic password using a server dynamic password generator; Matching up the second dynamic password with the first dynamic password by the at least one server, and determine if there is a match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer implemented method for generation and verification of a dynamic password, also known as one-time-password token, providing at least one server, comprising:
-
Generating a dynamic generation code or codes by the at least one server, store them only for the duration of the verification session, and send them to at least one user; Receiving the dynamic generation code or codes from the at least one server by the at least one user; Entering the dynamic generation code or codes and a personal secret or secrets into a client dynamic password generator by the at least one user for generating a first dynamic password; Sending the first dynamic password and an at least one user'"'"'s account identity to the at least one server by the at least one user; Retrieving the dynamic generation code or codes and the at least one user'"'"'s personal secret or secrets by the at least one server for generating a second dynamic password using a server dynamic password generator; Matching up the second dynamic password with the first dynamic password by the at least one server, and determine if there is a match.
-
-
19. A computer implemented method for generation and verification of a dynamic password, also known as one-time-password token, providing at least one party, comprising:
-
Generating a dynamic generation code or codes by the at least one party, store them only for the duration of the verification session, and send them to a second party; Receiving the dynamic generation code or codes from the at least one party by the second party; Entering the dynamic generation code or codes and a personal secret or secrets into a client dynamic password generator by the second party for generating a first dynamic password; Sending the first dynamic password and a second party'"'"'s account identity to the at least one party by the second party; Retrieving the dynamic generation code or codes and the second party'"'"'s personal secret or secrets by the at least one party for generating a second dynamic password using a server dynamic password generator; Matching up the second dynamic password with the first dynamic password by the at least one party, and determine if there is a match.
-
Specification