Systems and methods of authentication in a disconnected environment
First Claim
1. A method for establishing a secure communication channel between a server and a client terminal across a communication network, said method comprising:
- registration of a first-time user at the server, wherein said server generates and stores a first instance of a unique personalized client application associated with said first-time user on the server, said first-time user installs a second instance of said unique personalized client application on a standalone computing device, wherein said standalone computing device is prevented from direct and indirect network based data communication with the server and with the client terminal;
transmitting a first dynamic identifier (DI-1) generated by the first instance of the unique personalized client application stored at the server, from the server to the client terminal over the communication network;
determining authenticity of said server, wherein the second instance of said unique personalized client application installed at the standalone computing device determines authenticity of said server based on the first dynamic identifier (DI-1) received at the client terminal;
generating using the second instance of the unique personalized client application installed at the standalone computing device, a second dynamic identifier (DI-2);
responsive to authentication of the server by the second instance of the unique personalized client application at the standalone computing device, transmitting the second dynamic identifier (DI-2) from the client terminal to the server over the communication network; and
authentication of said user by said server, wherein said first instance of said unique personalized client application stored at the server authenticates said user based on the second dynamic identifier (DI-2) generated by said second instance of said unique personalized client application installed at the standalone computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
A communication system and method are disclosed for establishing a secure communication channel including: a server for generating and storing a first instance of a unique personalized client application associated with a first-time user on the server, a client terminal for the user to communicate with the server over a communication channel and a standalone computing device having a second instance of the unique personalized application. The user authenticates the server based on a first dynamic identifier (DI-1) generated by the first instance of the unique personalized client application and the server authenticates the user based on a second dynamic identifier (DI-2) generated by the second instance of the unique personalized client application.
-
Citations
20 Claims
-
1. A method for establishing a secure communication channel between a server and a client terminal across a communication network, said method comprising:
-
registration of a first-time user at the server, wherein said server generates and stores a first instance of a unique personalized client application associated with said first-time user on the server, said first-time user installs a second instance of said unique personalized client application on a standalone computing device, wherein said standalone computing device is prevented from direct and indirect network based data communication with the server and with the client terminal; transmitting a first dynamic identifier (DI-1) generated by the first instance of the unique personalized client application stored at the server, from the server to the client terminal over the communication network; determining authenticity of said server, wherein the second instance of said unique personalized client application installed at the standalone computing device determines authenticity of said server based on the first dynamic identifier (DI-1) received at the client terminal; generating using the second instance of the unique personalized client application installed at the standalone computing device, a second dynamic identifier (DI-2); responsive to authentication of the server by the second instance of the unique personalized client application at the standalone computing device, transmitting the second dynamic identifier (DI-2) from the client terminal to the server over the communication network; and authentication of said user by said server, wherein said first instance of said unique personalized client application stored at the server authenticates said user based on the second dynamic identifier (DI-2) generated by said second instance of said unique personalized client application installed at the standalone computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 15, 16, 17)
-
-
8. A system for establishing for establishing a secure communication channel between a server and a client terminal across a communication network, said system comprising:
-
a server for generating and storing a first instance of a unique personalized client application associated with a first-time user on said server; a client terminal for a user to communicate with said server over a communication channel; and a standalone computing device prevented from direct and indirect network based data communication with the server and with the client terminal, and comprising a second instance of said unique personalized application, said personalized client applications installed by said first-time user, wherein; a first dynamic identifier (DI-1) is generated by the first instance of the unique personalized client application stored at the server, which first dynamic identifier (DI-1) is transmitted from the server to the client terminal over the communication network, the second instance of the unique personalized client application installed at the standalone computing device determines authenticity of said server based on the first dynamic identifier (DI-1) received at the client terminal; a second dynamic identifier (DI-2) is generated using the second instance of the unique personalized client application installed at the standalone computing device; responsive to authentication of the server by the second instance of the unique personalized client application at the standalone computing device, the second dynamic identifier (DI-2) is transmitted from the client terminal to the server over the communication network; said first instance of said unique personalized client application stored at said server authenticates said user based on the second dynamic identifier (DI-2) generated by said second instance of said unique personalized client application, installed at the standalone computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14, 18, 19, 20)
-
Specification