Systems and methods for secure one-time password validation
First Claim
Patent Images
1. A method comprising:
- generating, by a processor, a seed one-time password (OTP);
transmitting, by the processor, the seed OTP to a user device,wherein the seed OTP is passed to a security utilities software development kit (SDK) on the user device for further processing to generate a response OTP in response to an integrity module confirming that the user device is in good health,wherein the security utilities SDK is in communication with an OTP listening service;
receiving, by the processor, the response OTP from the user device,wherein the response OTP is different from the seed OTP,wherein the response OTP is generated using a function that is based on a device identifier associated with the user device and a device fingerprint associated with the user device;
calculating, by the processor, an expected response OTP by applying a function to the seed OTP,wherein the function is based on the device identifier and the device fingerprint;
determining, by the processor, that the response OTP satisfies the expected response OTP; and
sending, by the processor, a result in response to the determining.
1 Assignment
0 Petitions
Accused Products
Abstract
A system may generate a seed one-time password (OTP). The system may also perform steps including transmitting the seed OTP to a user device, receiving a response OTP from the user device, and calculating an expected response OTP by applying a function to the seed OTP. The system may then compare the response OTP to the expected response OTP and send a result in response to comparing the response OTP to the expected response OTP.
-
Citations
17 Claims
-
1. A method comprising:
-
generating, by a processor, a seed one-time password (OTP); transmitting, by the processor, the seed OTP to a user device, wherein the seed OTP is passed to a security utilities software development kit (SDK) on the user device for further processing to generate a response OTP in response to an integrity module confirming that the user device is in good health, wherein the security utilities SDK is in communication with an OTP listening service; receiving, by the processor, the response OTP from the user device, wherein the response OTP is different from the seed OTP, wherein the response OTP is generated using a function that is based on a device identifier associated with the user device and a device fingerprint associated with the user device; calculating, by the processor, an expected response OTP by applying a function to the seed OTP, wherein the function is based on the device identifier and the device fingerprint; determining, by the processor, that the response OTP satisfies the expected response OTP; and sending, by the processor, a result in response to the determining. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-based system, comprising:
-
a processor; a tangible, non-transitory memory configured to communicate with the processor, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising; generating, by the processor, a seed one-time password (OTP); transmitting, by the processor, the seed OTP to a user device, wherein the seed OTP is passed to a security utilities software development kit (SDK) on the user device for further processing to generate a response OTP in response to an integrity module confirming that the user device is in good health, wherein the security utilities SDK is in communication with an OTP listening service; receiving, by the processor, the response OTP from the user device, wherein the response OTP is different from the seed OTP, wherein the response OTP is generated using a function that is based on a device identifier associated with the user device and a device fingerprint associated with the user device; calculating, by the processor, an expected response OTP by applying a function to the seed OTP, wherein the function is based on the device identifier and the device fingerprint; determining, by the processor, that the response OTP satisfies the expected response OTP; and sending, by the processor, a result in response to the determining. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer-based system, cause the computer-based system to perform operations comprising:
-
generating, by the processor, a seed one-time password (OTP); transmitting, by the processor, the seed OTP to a user device, wherein the seed OTP is passed to a security utilities software development kit (SDK) on the user device for further processing to generate a response OTP in response to an integrity module confirming that the user device is in good health, wherein the security utilities SDK is in communication with an OTP listening service; receiving, by the processor, the response OTP from the user device, wherein the response OTP is different from the seed OTP, wherein the response OTP is generated using a function that is based on a device identifier associated with the user device and a device fingerprint associated with the user device; calculating, by the processor, an expected response OTP by applying a function to the seed OTP, wherein the function is based on the device identifier and the device fingerprint; determining, by the processor, that the response OTP satisfies the expected response OTP; and sending, by the processor, a result in response to the determining comparing the response OTP to the expected response OTP. - View Dependent Claims (14, 15, 16, 17)
-
Specification