×

SYSTEM AND METHOD FOR SECURE SINGLE OR MULTI-FACTOR AUTHENTICATION

  • US 20150215312A1
  • Filed: 04/07/2015
  • Published: 07/30/2015
  • Est. Priority Date: 09/16/2013
  • Status: Abandoned Application
First Claim
Patent Images

1. A WAN authentication system comprising:

  • a hardened physical token, with a token nontransitory computer-readable storage medium comprising token identification information;

    a user client computer, with a client arithmetic logic unit (“

    ALU”

    ) and a client nontransitory computer-readable storage medium, having a browser for sending HTTP requests over a wide area network (“

    WAN”

    );

    an ancillary computer, with an ancillary ALU and an ancillary nontransitory computer-readable storage medium, in signaled, direct node-to-node communication with said physical token to permit access to said physical token identification information as an ancillary security complex;

    a receiver, in signaled communication with said ancillary computer, having a sensor adapted to interpret color flashes as a data stream;

    a host server computer with a server ALU and a server nontransitory computer-readable storage medium, available to both said user computer and said ancillary computer over said WAN for providing a WAN-accessible challenge screen protecting a WAN-accessible transaction screen;

    a user directory file, available to said host computer, adapted to correlate token identification information with said user client computer;

    a main channel authentication protocol, initiated by said host server computer over said WAN to said user client computer, wherein said host server transmits to said user client computer a color stream transmission of color flashes, embedded in said challenge screen, light-encoding a main challenge during a WAN session;

    a back channel authentication protocol;

    initiated by said ancillary computer over said WAN to said host server computer, wherein said ancillary computer transmits to said host server computer over a back channel a challenge response comprising said main challenge, derived from said data stream as accepted by said receiver, and token identification information to correlate a user to said session; and

    a decision engine adapted to determine a validity of a session based on said back channel authentication protocol.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×