System and method for secure authentication
First Claim
1. A method for secure authentication performed by an authentication application on a mobile communication device, the method comprising the authentication application carrying out the following:
- receiving, via an authentication application protocol handler, a unique identifier for a transaction from a first application provided on the same mobile communication device as the authentication application, wherein the first application communicates with a remote application server for carrying out the transaction and wherein the unique identifier is sent locally between the first application and the authentication application via a first application protocol handler provided at the first application for invoking the authentication application;
receiving an encrypted transaction from a remote secure server;
decrypting or obtaining decryption of the transaction with a private key of the authentication application;
signing or obtaining signing of the transaction with the private key;
signing the transaction with the unique identifier received from the first application; and
transmitting the signed transaction back to the remote secure server,wherein the authentication application communicates with the remote secure server via a secure protocol for authentication of the transaction.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for secure authentication performed on a mobile communication device. The method includes an authentication application carrying out the steps of: receiving a unique identifier for a transaction from a first application provided on the same mobile communication device as the authentication application; receiving an encrypted transaction from a remote secure server; decrypting or obtaining decryption of the transaction with a private key of the authentication application; signing or obtaining signing of the transaction with the private key; signing the transaction with the unique identifier; and transmitting the signed transaction back to the remote secure server.
43 Citations
19 Claims
-
1. A method for secure authentication performed by an authentication application on a mobile communication device, the method comprising the authentication application carrying out the following:
-
receiving, via an authentication application protocol handler, a unique identifier for a transaction from a first application provided on the same mobile communication device as the authentication application, wherein the first application communicates with a remote application server for carrying out the transaction and wherein the unique identifier is sent locally between the first application and the authentication application via a first application protocol handler provided at the first application for invoking the authentication application; receiving an encrypted transaction from a remote secure server; decrypting or obtaining decryption of the transaction with a private key of the authentication application; signing or obtaining signing of the transaction with the private key; signing the transaction with the unique identifier received from the first application; and transmitting the signed transaction back to the remote secure server, wherein the authentication application communicates with the remote secure server via a secure protocol for authentication of the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for secure authentication, the system comprising a mobile communication device including:
-
a first application for communicating with a remote application server for carrying out a transaction; and an authentication application for communicating with a secure server via a secure protocol for authentication of a transaction; wherein a unique identifier for a transaction is sent locally between the first application and the authentication application via a first application protocol handler provided at the first application for invoking the authentication application, and wherein the authentication application includes; an authentication application protocol handler for receiving a unique identifier for a transaction from the first application; a receiving component for receiving an encrypted transaction from a remote secure server; a decrypting component for decrypting or obtaining decryption of the transaction with a private key of the authentication application; a first signing component for signing or obtaining signing of the transaction with the private key; a second signing component for signing the transaction with the unique identifier; and a transmitting component for transmitting the signed transaction back to the remote secure server. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer program product for secure authentication performed by an authentication application on a mobile communication device, the computer program product comprising a non-transitory computer readable storage medium having computer-readable program code configured to cause the authentication application to carry out the following:
-
receiving, via an authentication application protocol handler, a unique identifier for a transaction from a first application provided on the same mobile communication device as the authentication application, wherein the first application communicates with a remote application server for carrying out the transaction and wherein the unique identifier is sent locally between the first application and the authentication application via a first application protocol handler provided at the first application for invoking the authentication application; receiving an encrypted transaction from a remote secure server; decrypting or obtaining decryption of the transaction with a private key of the authentication application; signing or obtaining signing of the transaction with the private key; signing the transaction with the unique identifier received from the first application; and transmitting the signed transaction back to the remote secure server, wherein the authentication application communicates with the remote secure server via a secure protocol for authentication of the transaction. - View Dependent Claims (19)
-
Specification