首页>
外国专利>
A STRONG AUTHENTICATION TOKEN GENERATING ONE-TIME PASSWORDS AND SIGNATURES UPON SERVER CREDENTIAL VERIFICATION
A STRONG AUTHENTICATION TOKEN GENERATING ONE-TIME PASSWORDS AND SIGNATURES UPON SERVER CREDENTIAL VERIFICATION
展开▼
机译:服务器身份验证后生成一次密码和签名的强认证令牌
展开▼
页面导航
摘要
著录项
相似文献
摘要
The invention defines a strong authentication token that remedies a vulnerability to a certain type of social engineering attacks, by authenticating the server or messages purporting to come from the server prior to generating a one-time password or transaction signature; and, in the case of the generation of a transaction signature, signing not only transaction values but also transaction context information and, prior to generating said transaction signature, presenting said transaction values and transaction context information to the user for the user to review and approve. It furthermore offers this authentication and review functionality without sacrificing user convenience or cost efficiency, by judiciously coding the transaction data to be signed, thus reducing the transmission size of information that has to be exchanged over the token's interfaces.
展开▼