×

System and methods for online authentication

  • US 8,943,311 B2
  • Filed: 11/04/2009
  • Issued: 01/27/2015
  • Est. Priority Date: 11/04/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method of establishing a communication channel between a network client and a computer server over a network, the network client being configured to communicate with the computer server over the network and to communicate with a token manager, the token manager being configured with a parent digital certificate associated with the token manager, the method comprising:

  • one of the token manager and the network client generating a credential from the parent digital certificate, the credential being associated with the computer server, wherein the parent digital certificate includes a public encryption key, and wherein generating the credential comprises;

    the token manager generating a pseudo-random code; and

    the one of the token manager and the network client generating a child digital certificate from the parent digital certificate;

    incorporating the pseudo-random code in the child digital certificate; and

    the one of the token manager and the network client signing the child digital certificate with a private encryption key unique to the token manager and uniquely associated with the public encryption key,wherein the private encryption key and the public encryption key comprise an asymmetric encryption key pair, and wherein the credential comprises the signed child digital certificate;

    the one of the token manager and the network client transmitting the credential to the computer server; and

    the network client establishing the communications channel with the computer server in accordance with, an outcome of a determination of validity of the credential by the computer server.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×