STRONGLY AUTHENTICATED, THIRD-PARTY, OUT-OF-BAND TRANSACTIONAL AUTHORIZATION SYSTEM

摘要

A system and method to perform an out-of-band authenticated authorization of an activity. A requesting system initiates an authorization request for an activity which is signed using a key pair managed by a transaction server. The authorization request is asymmetrically encrypted for the intended authorizing system and is communicated to the server and stored. The authorizing system receives notification of the request and communicates with the transaction server to retrieve the request, decrypt it and verify the signature. The authorizing system interprets the request and generates an authorization response which is signed and encrypted such that only the requesting system can decrypt it. The response is communicated back to the transaction server which notifies the requesting system. The requesting system communicates with the server to retrieve the response, decrypt it, verify the signature and interpret the response to take action on the activity that initiated the request.