A SYSTEM AND METHOD FOR AUTHENTICATION USING NON-REUSABLE RANDOM GENERATED MOBILE SMS KEY

摘要

The system and method of the present invention proposes user authentication using non-reusable random generated mobile SMS key while retaining user privacy. The system of the present invention comprising at least one user (101) with user mobile phone (106); at least one web application (104); at least one authentication service provider (103); at least one authentication server (102); and at least one database (105). The at least one authentication server (102) further comprising at least one authentication interface module (201); at least one authentication verification module (202); at least one SMS key generation module (203); at least one SMS gateway (204); and at least one database interface module (205). The methodology of the present invention comprises steps of requesting user information for authentication (302); authenticating user information (304); returning authentication status to web application (310); and performing authorization by granting access to user upon successful user authentication (312). Authentication of user information comprises steps of computing hash value (DK1) based on user information (402); searching database for matching hash value (DK1) (404); and generating new mobile SMS key (K2) upon locating matching record in database (406) after mobile SMS key (K1) has been authenticated in the current transaction.