Method for secure, entryless login using internet connected device
US9332007B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 28, 2013 |
| Grant date | May 3, 2016 |
| Priority date | — |
| Expiry date | Mar 21, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04W4/80
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system, method, and computer-readable medium are disclosed for using an entryless One-Time Password (OTP) in an active tag environment. Authentication credentials associated with a user and an active tag device are submitted with an access request to an authentication server, where they are processed to generate an OTP credential, which is then stored in a directory service. Encryption operations are then performed on the OTP credential to generate an encrypted OTP credential, which is then provided to the active tag device, which in turn provides it to an active tag terminal. The active tag terminal then submits a request to the authentication server to verify the validity of the encrypted OTP credential. In response, the authentication server verifies its validity and then destroys the OTP credential stored in the directory service. The OTP credential is then decrypted by the active tag terminal and subsequently used to login the user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.