Methods and systems for electronic transactions using dynamic password authentication
First Claim
1. A method for performing electronic transactions using dynamic password authentication, comprising:
- sending, using a backend processor, a unique random or pseudorandom character string to a user'"'"'s mobile device processor;
generating, by the mobile device processor, a one-time password comprising a hash, according to a predefined short hash function, of an encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with a unique encryption key;
prompting, by the backend processor, entry of the one-time password on a password field of an end user computing device in online communication with the backend processor;
receiving, using the backend processor, a user identifier and the user-entered one-time password comprising the hash, according the predefined short hash function, of the encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with the unique encryption key from a processor of the end user computing device;
encrypting, using the backend processor, a cipher input with the unique encryption key, the cipher input consisting at least in part of the user identifier and the random or pseudorandom character string;
generating, by the backend processor, a hash of the encrypted cipher input according to the predefined short hash function; and
authenticating, using the backend processor, the received hash of the encrypted challenge string when the received hash of the encrypted challenge string matches the hash of the encrypted cipher input.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for performing electronic transactions using dynamic password authentication involve, for example, sending, using a backend processor, a unique random or pseudorandom character string to the user'"'"'s mobile device processor. Thereafter, also using the backend processor, a user identifier and a challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with a unique encryption key may be received from the user'"'"'s mobile device processor. Using the backend processor, a cipher input consisting at least in part of the user identifier and the random or pseudorandom character string is encrypted with the unique encryption key. The received encrypted challenge string is authenticated if the received encrypted challenge string matches the encrypted cipher input.
-
Citations
19 Claims
-
1. A method for performing electronic transactions using dynamic password authentication, comprising:
-
sending, using a backend processor, a unique random or pseudorandom character string to a user'"'"'s mobile device processor; generating, by the mobile device processor, a one-time password comprising a hash, according to a predefined short hash function, of an encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with a unique encryption key; prompting, by the backend processor, entry of the one-time password on a password field of an end user computing device in online communication with the backend processor; receiving, using the backend processor, a user identifier and the user-entered one-time password comprising the hash, according the predefined short hash function, of the encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with the unique encryption key from a processor of the end user computing device; encrypting, using the backend processor, a cipher input with the unique encryption key, the cipher input consisting at least in part of the user identifier and the random or pseudorandom character string; generating, by the backend processor, a hash of the encrypted cipher input according to the predefined short hash function; and authenticating, using the backend processor, the received hash of the encrypted challenge string when the received hash of the encrypted challenge string matches the hash of the encrypted cipher input. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for performing electronic transactions using dynamic password authentication, comprising:
-
a backend server microprocessor coupled to memory and programmed to; send a unique random or pseudorandom character string to a user'"'"'s mobile device microprocessor coupled to memory; the user'"'"'s mobile device memory-coupled microprocessor being programmed to; generate a one-time password comprising a hash, according to a predefined short hash function, of an encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with a unique encryption key; the backend server memory-coupled microprocessor being further programmed to; prompt entry of the one-time password on a password field of an end user computing device in online communication with the backend memory-coupled microprocessor; receive a user identifier and a user-entered one-time password comprising the hash, according to a predefined short hash function, of an encrypted challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with the unique encryption key from a memory-coupled microprocessor of the end user computing device; encrypt a cipher input with the unique encryption key sent to the user'"'"'s mobile device memory-coupled microprocessor, the cipher input consisting at least in part of the user identifier and the random or pseudorandom character string; generate a hash of the encrypted cipher input according to the predefined short hash function; and authenticate the received hash of the encrypted challenge string when the received hash of the encrypted challenge string matches the hash of the encrypted cipher input.
-
Specification