System and method for in- and out-of-band multi-factor server-to-user authentication
US8627088B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 10, 2010 |
| Grant date | Jan 7, 2014 |
| Priority date | — |
| Expiry date | Jun 14, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/082
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method to authenticate a server to a client is provided, including in-band and out-of-band techniques. At least a first shared secret identifies a server path, including a plurality of pre-defined locations on a frame of reference (e.g. a grid). An authentication session is initiated upon receiving a client identifier at the server-side resources. A current session instance of the grid is presented to the client, populated with characters. The process includes sharing between the client and the server a challenge identifying a random subset of the plurality of predefined locations in the server path, and a response including characters that match the characters in the locations on the server path identified by the challenge. As a result, client is capable of verifying that the server has access to the first shared secret. Then a protocol is executed to authenticate the client to the server.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.