Facilitating secure online transactions
First Claim
Patent Images
1. A method comprising:
- receiving a request for a Uniform Resource Locator (URL) identifier;
generating a unique session identifier;
transmitting, over a first TCP connection, a token including the unique session identifier, said token signed with a private key associated with a server certificate;
receiving a first response to transmitting the token comprising a request to initiate a secure data transfer link over a second TCP connection, the second TCP connection being distinct from the first TCP connection;
transmitting the server certificate and the Uniform Resource Locator (URL) identifier over the second TCP connection;
in response to transmitting the server certificate and the Uniform Resource Locator (URL) identifier over the second TCP connection, receiving a second response over the first TCP connection comprising the URL identifier and an authenticity identifier corresponding to a second private key associated with a second certificate distinct from the server certificate; and
validating the second response,said method performed by a computing system that comprises one or more computing devices.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and system for mutually authenticating an identity and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server. Thereafter, the method continues with establishing a secure data transfer link. A server certificate is transmitted during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes an authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.
-
Citations
24 Claims
-
1. A method comprising:
-
receiving a request for a Uniform Resource Locator (URL) identifier; generating a unique session identifier; transmitting, over a first TCP connection, a token including the unique session identifier, said token signed with a private key associated with a server certificate; receiving a first response to transmitting the token comprising a request to initiate a secure data transfer link over a second TCP connection, the second TCP connection being distinct from the first TCP connection; transmitting the server certificate and the Uniform Resource Locator (URL) identifier over the second TCP connection; in response to transmitting the server certificate and the Uniform Resource Locator (URL) identifier over the second TCP connection, receiving a second response over the first TCP connection comprising the URL identifier and an authenticity identifier corresponding to a second private key associated with a second certificate distinct from the server certificate; and validating the second response, said method performed by a computing system that comprises one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating an identity to a server comprising one or more computing devices, the method comprising:
-
transmitting a request for a Uniform Resource Locator (URL) identifier; receiving from the sever over a first TCP connection, a token including a unique session identifier, said token signed with a private key associated with a server certificate; initiating a secure data transfer link to the server over a second TCP connection in response to receiving the token, the second TCP connection being distinct from the first TCP connection; receiving the server certificate and the URL identifier over the second TCP connection; in response to receiving the server certificate and the URL identifier over the second TCP connection, transmitting a response over the first TCP connection comprising the URL identifier and an authenticity identifier corresponding to a second private key associated with a second certificate distinct from the server certificate. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system for authenticating an identity, the system comprising:
a computing system comprising one or more computing devices, said computing system programmed via executable instructions to at least; generate a unique session identifier; transmit a token to a second computing system over a first TCP connection, the token including the unique session identifier, said token signed with a private key associated with a server certificate; establish a secure data transfer link over a second TCP connection at least partly in response to a request from the second computing system, wherein establishing the secure data transfer link comprises transmitting to the second computing system the server certificate and a Uniform Resource Locator (URL) identifier as specified by the second computer; receive from the second computing system a response over the first TCP connection, the response comprising the URL identifier and an authenticity identifier corresponding to a second private key associated with a second certificate distinct from the server certificate; and validate the response. - View Dependent Claims (15, 16, 17, 18, 19)
-
20. Non-transitory computer storage that comprises executable instructions that direct a computing system to at least:
-
receive a request for a Uniform Resource Locator (URL) identifier at a server; transmit over a first TCP connection, a token including a unique session identifier generated by a server, said token signed with a private key associated with a server certificate; receive a first response to transmitting the token comprising a request to initiate a secure data transfer link over a second TCP connection, the second TCP connection being distinct from the first TCP connection; initiate the secure data transfer link over the second TCP connection in response to the request for a secure data transfer link; transmit the server certificate and the Uniform Resource Locator (URL) identifier over the second TCP connection; receive a second response over the first TCP connection, the second response comprising the URL identifier and an authenticity identifier corresponding to a second private key associated with a second certificate distinct from the server certificate; and validate the second response. - View Dependent Claims (21, 22, 23, 24)
-
Specification