[go: nahoru, domu]

SG175860A1 - Methods of robust multi-factor authentication and authorization and systems thereof - Google Patents

Methods of robust multi-factor authentication and authorization and systems thereof Download PDF

Info

Publication number
SG175860A1
SG175860A1 SG2011080629A SG2011080629A SG175860A1 SG 175860 A1 SG175860 A1 SG 175860A1 SG 2011080629 A SG2011080629 A SG 2011080629A SG 2011080629 A SG2011080629 A SG 2011080629A SG 175860 A1 SG175860 A1 SG 175860A1
Authority
SG
Singapore
Prior art keywords
user
mobile device
server application
server
user mobile
Prior art date
Application number
SG2011080629A
Inventor
Kwok Yan Karch Lam
Jianbin Li
Guisi Wang
Jianping Song
Original Assignee
Privylink Private Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Privylink Private Ltd filed Critical Privylink Private Ltd
Priority to SG2011080629A priority Critical patent/SG175860A1/en
Publication of SG175860A1 publication Critical patent/SG175860A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Methods and systems of user authentication and authorization are provided. An application hosted in a server is in communication with a user computing device via a first communication network and the server application is in further communication with a user mobile device via a second communication network. The authentication method begins with a user sending a login request from the user computing device to the server application. The server application generates and sends a challenge to the user mobile device. The user mobile device then derives and returns a response to the server via the second communication network for verification. The user mobile device further derives and displays a context-based one-time passcode (OTP) for the user to submit from the user computing device to the server application via the first communication network for verification. The server subsequently verifies the received response and context-based OTP and grants the user access right if the verification is positive.

Description

METHODS OF ROBUST MULTI-FACTOR AUTHENTICATION
AND AUTHORIZATION AND SYSTEMS THEREOF
FIELD OF THE INVENTION
The present invention relates to strong multi-factor authen- tication and authorization. More particularly, unique re- sponses comprising a context-based one-time passcode are gen- erated and returned when an out-of-band user computing and communication device is challenged by a server upon receiving an online authentication or authorization request made by the user via a separate communication channel.
BACKGROUND OF THE INVENTION
An online web or client application that exchanges sensitive data between a user and an application server typically re- quires user authentication and cryptographic data protection.
The basic identity authentication scheme requires the user to submit a unique user identifier and passcode to the applica- tion host for verification. The passcode is a secret shared only between the user and application host. In actuality, passcodes and other sensitive data can be exposed to impos- ters through the illegitimate use of malicious software such as Trojan horses, as well as phishing and man-in-the-middle attacks.
Two-factor authentication schemes have been used to mitigate some security risks. These schemes typically rely upon some standalone devices or mobile text messaging to generate or deliver one-time passcodes which are valid for individual au- thentication sessions or for short durations of time. Upon obtaining the one-time passcode, a user is required to enter and send it to the host server via an online communication channel for verification. The online communication channel connects the host server and the user application from which the logon request has been initiated. One-time passcodes are generated by algorithms and secret parameters known only to the respective users and application server. Two-factor au- thentication using short-lived passcodes makes it more diffi- cult for imposters to gain access to user accounts. Nonethe- less, the scheme is still vulnerable to Trojan horses, key logging and man-in-the-middle attacks, because the one-time passcodes entered by the users may be intercepted by malwares and illegitimate applications residing within or external to the user computers.
In asymmetric cryptography, a generated private-public key pair can be used to protect sensitive data. In a typical de- ployment, the secret user private key is stored in a secure hardware token or a protected file that can be accessed by a web or client application to digitally sign messages and data strings. The matching user public key is kept by the applica- tion provider for use to verify the digital signature. The strength of this authentication scheme depends upon how well the user secret private keys are kept from malicious spy pro- grams. Private keys can be exposed and thus vulnerable to il- legitimate operations.
Published authentication schemes offer various degrees of protection against information and identity theft, with the assumption that the users have secured the computing environ- ment in their personal computers or client devices from which authentication requests are initiated. In reality, ensuring secure systems to be completely and perpetually free of Tro- jan horses, key loggers and imposter attacks are unlikely. In other words, a computing device may not be able to establish a sufficiently secure and trusted environment for the exist- ing authentication schemes to function as desired.
Muftic discloses in US patent 5,943,423 a smart token system containing storage or processing capability for secure elec- tronic transactions and identification.
Holdsworth discloses in US patent 7,412,420 systems and meth- ods for enrolling a token in an online authentication pro- gram.
The present invention provides innovative methods and systems for robust multi-factor authentication and authorization based upon an out-of-band challenge and response process that derives context-based one-time passcodes. The robust multi- factor authentication and authorization solutions provide in- herent immunity to the aforesaid malicious attacks.
SUMMARY OF THE INVENTION
The present application provides methods and systems for ro- bust multi-factor authentication and authorization.
A method of user authentication is provided. In the method, an application hosted in a server is in communication with a user computing device via a first communication network and the server application is in further communication with a user mobile device via a second communication network.
The authentication method begins with a user sending a login request from the user computing device to the server applica- tion. The server application generates and sends a challenge to the user mobile device. The user mobile device then de- rives a unique response. The user mobile device further de- rives and displays a context-based one-time passcode (OTP) for use by the user to submit from the user computing device to the server application via the first communication net- work. The server subsequently verifies the received response and context-based OTP against some expected values, and the server application grants the user access right if the veri- fication is positive.
In the authentication method, the user mobile device may re- turn the derived unique response to the server via the second communication network for verification.
The user may initiate the login request and submit the con- text-based OTP through an online web or client application executed on the user computing device. The login request may comprise a unique user identifier and passcode.
In the authentication method, the user mobile device may de- rive the response by digitally signing the received challenge with a user private cryptographic key typically used in asym- metric cryptography, and the corresponding user public cryp- tographic key is kept by the server application for verifica- tion.
In the authentication method, the challenge code may be gen- erated in the server application by encrypting a code, which may be a randomly generated string or a randomly generated string combined with a context-based data, with the user pub- lic cryptographic key and the response may be computed in the user mobile device by decrypting the challenge with the cor- responding user private cryptographic key typically used in 5 asymmetric cryptography.
The user private key and associated cryptographic parameters may be stored in a secure module integrated in or with the user mobile device, and without limitation, the secure module may be a digital signal processing module or a smart chip.
The user private key and associated cryptographic parameters may be stored in a secure module integrated in or with the user mobile device, and without limitation, the secure module may be a digital signal processing module or a smart chip card interfaced with the user mobile device. The response derivation may be processed by an application executed in the secure module.
In the authentication method, the user mobile device may de- rive the context-based OTP by transforming the generated re- sponse with a mathematical function known to the server ap- plication. The transformation may comprise the step of trun- cating the generated response. The transformation may com- prise the step of evaluating a digest or summary of the gen- erated response.
In the authentication method, the user mobile device may be a cellular telephony device capable of exchanging data with the server application via a point-to-point communication proto- col such as Short Messaging Services (SMS).
A method of transaction authorization is provided. In the method, an application hosted in a server is in communication with a user computing device via a first communication net- work and the server application is in communication with a user mobile device via a second communication network.
The transaction authorization method begins with a user sub- mitting some transaction data from the user computing device to the server application. The server application then exam- ines the received transaction data against a set of predeter- mined criteria. Next, the server application sends a full confirmation page to the user computing device, a transaction summary and a challenge to the mobile device. The user mobile device then computes a unique response to the challenge when instructed by the user after inspecting the received confir- mation page and transaction summary displayed on the user computing device and user mobile device respectively. The user mobile device derives and displays a context-based one- time passcode (OTP) for use by the user to submit from the user computing device to the server application via the first communication network, the server verifies the received con- text-based OTP against some expected values, and the server application authorizes the transaction if the verification is positive.
In the transaction authorization method, the user mobile de- vice may return the response to the server via the second communication network for verification.
In the transaction authorization method, the transaction data submission may be provided by an online web or client appli- cation executed on the user computing device, with the client application capable of capturing and compiling user entry into a predetermined format readable by the server applica- tion.
In the authorization method, the challenge may be a transac- tion summary and the user mobile device may compute response by signing the received transaction summary with a user pri- vate cryptographic key typically used in asymmetric cryptog- raphy, and the corresponding user public cryptographic key is kept by the server application for verification.
In the transaction authorization method, the challenge code may be generated in the server application by encrypting a transaction summary with the user public cryptographic key and the response may be computed in the user mobile device by decrypting the challenge with the corresponding user private cryptographic key typically used in asymmetric cryptography.
The user private key and associated cryptographic parameters may be stored in a secure module integrated in or with the user mobile device, and without limitation, the secure module may be a digital signal processing module or a smart chip card interfaced with the user mobile device. The response and context-based OTP derivation may be processed by an applica- tion executed in the secure module.
In the transaction authorization method, the user mobile de- vice may derive the context-based OTP by transforming the generated response with a mathematical function known to the server application. The transformation may comprise the step of truncating the derived response. The transformation may comprise the step of evaluating a digest or summary of the generated response.
In the transaction authorization method, the server applica- tion may notify the user of the verification result by send- ing specific messages to the user computing and mobile de- vices.
In the transaction authorization method, the user mobile de- vice may be a cellular telephony device capable of exchanging data with the server application via a point-to-point commu- nication protocol such as Short Messaging Services (SMS).
A system for user authentication and transaction authoriza- tion is provided. The system comprises a server hosting a server application which is in communication with a user com- puting device via a first communication network and the server application is in communication with a user mobile de- vice via a second communication network.
In the system, the user computing device is used to submit user login request and transaction data to the server appli- cation. The user mobile device is used to derive a unique re- sponse upon receiving a challenge from the server applica- tion. The user mobile device further derives a context-based one-time passcode (OTP) for the user to submit to the server application by means of an online web or client application executed in the user computing device. The server application verifies the response and context-based OTP against the re- spective expected values derived using some predetermined al- gorithms and parameters. The user computing device and user mobile device are used to display transaction confirmation and summary pages respectively for inspection by the user.
In the system, the server may host a plurality of general and secure database for storing application specific data, and it may interface with other internal and external computing and communication systems for executing tasks that are required by the server application.
In the system, the user computing device may be desktop or portable computers capable of executing the corresponding web or client application required to provide online access to and exchange data with the server application, and the user computing device supports all the communication protocols re- quired by the server application.
In the system, the user mobile device may be a cellular te- lephony device capable of exchanging data with the server ap- plication via a point-to-point communication protocol such as
Short Messaging Services (SMS).
The system may comprise a secure module integrated in or with the user mobile device for securely storing and executing sensitive cryptographic operations associated with digital signing of the transaction data and response derivation, and without limitation, the secure module may be a digital signal processing module or a smart chip card interfaced with the user mobile device.
The present invention provides innovative methods and systems for robust multi-factor authentication and authorization with inherent immunity to man-in-the-middle attacks and malwares including Trojan horses, key loggers and other illegitimate
Spy programs.
As a result, the present authentication and authorization schemes can readily be applied in online computing systems which cannot be assumed totally trusted.
BRIEF DESCRIPTION
Embodiments according to the present invention will now be described with reference to the following figures, in which like reference numerals denote like elements.
FIG. 1 illustrates a multi-factor authentication and au- thorization system configured to implement the ro- bust authentication and authorization schemes of the present invention,
FIG. 2 illustrates a process flow of the user authentica- tion process executed by the multi-factor authenti- cation and authorization system of FIG. 1, and
FIG. 3 illustrates a process flow of a transaction au- thorization process executed by the multi-factor authentication and authorization system of FIG. 1.
DETAILED DESCRIPTION
The present invention may be understood more readily by ref- erence to the following detailed description of certain em- bodiments of the invention.
FIG. 1 shows a multi-factor authentication and authorization system 100 comprising a server 110 hosting a particular server application 115 to be accessed by a person operating a user computing device 130. The user computing device 130 ex- changes data with the server 110 via a first communication network 120. The user further operates a user mobile device 150 which exchanges data with the server 110 via a second communication network 140.
The server application 115 is accessible only to legitimate users who can be successfully authenticated in a multi-factor authentication process. Successfully authenticated users may proceed to access pre-determined services and data in accor- dance with the respective access rights of the users among other criteria.
The server 110 typically serves a plurality of end users each operating the user computing and mobile devices 130 & 150.
The server 110 comprises the necessary hardware and software systems, subsystems and modules for hosting applications that are accessible to legitimate users who can be successfully authenticated. Said server subsystems and modules are appli- cation specific and they typically perform core process com- putation, authentication, data communications with user com- puting and mobile devices 130 & 150. The server 100 may host a plurality of general and secure database for storing appli- cation specific data, user identifiers, user passcodes, cryp- tographic keys and other parameters required for processing challenge-and-response computations.
Without loss of generality, the server 110 may interface with other internal and external computing and communication sys- tems for executing tasks that are required by said server ap- plication 115.
The user computing device 130 is typically a desktop or port- able computing device capable of executing a web or client application required to provide online access to and exchange data with said server application 115. In addition, the user computing device 130 supports all the communication protocols required by said server application 115.
The user computing device 130 may be a desktop computer, portable computer, personal computer, thin client computer, network computer, personal digital assistant or other types of computing and embedded device that supports said web or cli- ent application 115 as well as communicates with the server 110 via the first communication network 120. Furthermore, the communication protocols supported by the user computing de- vice 130 includes but are not limited to Hypertext Transfer
Protocol, File Transfer Protocol, Transmission Control Proto- col, Internet Protocol and their variants.
The first communication network 120 supports all data ex- change between the web and client application of the user computing device 130 and the server application 115. The first communication network 120 may comprise a plurality of inter-connecting networks of different types including fixed, wireless and cellular networks. Said fixed networks include but are not limited to Public Switched Telephone Network,
Digital Subscriber Lines and Local Area Networks. Said wire- less networks include but are not limited to Wireless Local
Area Networks, Wi-Fi and Bluetooth. Said cellular networks include but are not limited to third generation mobile net- works, GSM and CDMA mobile networks and WIMAX data networks.
Upon receiving a challenge from the server application 115, the user mobile device 150 is capable of computing a unique response and returning the response to the server application 115. Thus, the user mobile device 150 is capable of support-
ing all the communication protocols required by said server application 115 hosted in the server 110.
The user mobile device 150 is also capable of displaying con- text-based one-time passcodes (OTP) derived from the computed responses. Context-based OTPs are used for submission through the user computing device 130 to the server application 115 for authentication and authorization.
In addition, the user mobile device 150 is capable of provid- ing an environment for executing the response computation se- curely, as well as safekeeping all the secret parameters and cryptographic keys associated with said computation. Said se- cure environment may be provided by a software, firmware or hardware-based trusted module such as a dedicated digital signal processing semiconductor module or a secure smart chip card accessible by the user mobile device 150. For enhanced level of trust, the computed responses are typically returned to the server 110 via a point-to-point communication protocol such as Short Messaging Services (SMS).
The user mobile device 150 may be a cellular telephone, smartphone, digital trunk radio, satellite telephone or any types of communication device with cellular or wireless con- nectivity compatible to the communication standards of the second communication network 140.
The second communication network 140 supports all data ex- change between the user mobile device 150 and the server ap- plication 115 hosted in server 110. The second communication network 140 may comprise a plurality of inter-connecting wireless and cellular networks.
FIG. 2 shows a process flow of an authentication process exe- cuted by the multi-factor authentication and authorization system of FIG. 1. The authentication process 200 determines the identity of a user using a challenge and response mecha- nism which involves the server 110 and both the user comput- ing and mobile devices 130 & 150.
The authentication process 200 begins with step 210 in which a user, who attempts to gain access to the server application 115, enters his or her user identifier in a client applica- tion run on the user computing device 130. Said user identi- fier is a unique identification code registered by the server application 115 prior to the login attempt. The client appli- cation then sends a login request comprising at least the user identifier to the corresponding server application 115.
Upon receiving the user login request together with the user identification information, the server 110 proceeds to gener- ate a challenge and transaction identification code (TID) in step 220. The challenge may comprise a randomly generated string or cryptographic nounce. The challenge may also com- prise a randomly generated string combined with context-based data. The TID is a unique code assigned by the server appli- cation 115 in response to a particular login request. The TID is then sent to both the user computing and mobile devices 130 & 150 in steps 224 & 222 respectively, whereas the gener- ated challenge code is sent only to the user mobile device 150 in step 222.
BRased upon the received challenge and transaction identifica- tion data, the user mobile device 150 derives a response and a context-based one-time passcode (OTP) in step 230. The OTP is transformed from the derived response and said transforma-
tion function and its associated parameters are known to the server application 115. The context-based OTP is typically shorter than the corresponding full response, for facilitat- ing the user to perform manual data entry. Every challenge and response sequence is unique. Thus, every challenge and
OTP sequence is also unique.
The user mobile device 150 displays the derived context-based
OTP for the user to enter, in step 240, into the client ap- plication of the user computing device 130.
In applications that call for more stringent authentication and hence higher level of assurance, the server application 115 may act in accordance with predefined security policies to demand both the user mobile and computing devices 150 & 130 to return appropriate responses when the user mobile de- vice 150 is challenged (222). A flag or identifier in the challenge code may be used to instruct the user mobile device 150 to return a response accordingly. This scenario is repre- sented in the process flow 200 by having the selector 232 switched to a “close” state such that step 230 can advance to step 250 via the path 235.
In this first mode of operation, the authentication process 200 proceeds with the user mobile device 150 sending the transaction ID and derived response (235) to the server 110 via the second communication network 140, and the user com- puting device 130 returning the transaction ID and context- based OTP (245) to the server 110 via the first communication network 120. In the next step 250, the server application 115 verifies the received response, context-based OTP and trans- action ID by comparing the received data against the respec- tive expected values. This is possible as the response and context-based OTPs are generated by the user mobile device 150 using predetermined algorithms and parameters known to the server application 115.
The server application 115 determines whether said verifica- tion process is successful in step 260 and proceeds to the next process or transaction in step 270 if the verification is positive. The login request is rejected and the session is terminated in step 280 if said verification is negative. The server application 115 may notify the user of the verifica- tion result by sending appropriate messages to the user com- puting device 130 or mobile device 150 or both.
A user private cryptographic key typically used in asymmetric cryptography may be employed to generate the response by digitally signing the received challenge. The user secret private key is stored in a secure environment in the user mo- bile device 150. The secure environment can be implemented using hardware, firmware or software based secure module. One form of the secure module is a secure smart chip card that interfaces with the user mobile device 150. The matching user public cryptographic key is kept by the server application 115 for use to verify said signed challenge.
The context-based OTP is derived from the response which is typically a long data string. The context-based OTP may be a simple truncation, a digest or summary of the response or it may use a transformation function known to the server appli- cation.
In applications that call for less stringent authentication requirements, the server application 115 may act in accor- dance with predefined security policies to demand only the user computing device 130 to return an appropriate response in the form of a context-based OTP when the user mobile de- vice 150 is challenged (222). A flag or identifier in the challenge code may be used to instruct the user mobile device 150 not to return a full response via the second communica- tion network 140. This is advantageous when the communication costs and network latency associated with the second communi- cation network 140 are significant. This scenario is repre- sented in the process flow 200 by having the selector 232 switched to an “open” state such that the path 235 is open.
In this second mode of operation, the derived full response is only used by the user mobile device 150 to compute the corresponding context-based OTP in step 230. Only the user computing device 130 returns the transaction ID and context- based OTP (245) to the server 110 via the first communication network 120. In the next step 250, the server application 115 verifies the received context-based OTP and transaction ID by comparing the received data against the respective expected values. This is possible as the context-based QOTPs are gener- ated by the user mobile device 150 using predetermined algo- rithms and parameters known to the server application 115.
In the second mode of operation, the challenge code may be generated by encrypting a challenge code with the user public cryptographic key stored in the server 110. The challenge code may comprise a randomly generated string or crypto- graphic nounce. The challenge may also comprise a randomly generated string combined with context-based data. In step 230, the user mobile device 150 may generate the response by decrypting the received challenge code with the user private cryptographic key stored in the secure module of the mobile device 150. The computed response is then transformed to evaluate the context-based OTP, which is returned, in steps 240 & 245 to the server application 115 via the user comput- ing device 130 and the first communication network 120.
FIG. 3 shows a process flow of an authorization process exe- cuted by the multi-factor authentication and authorization system of FIG. 1. The authorization process 300 allows a user to confirm and the server application 115 to authorize a genuine transaction submitted by the user.
The authorization process 300 begins with step 310 in which the user computing device 130 captures the transaction data entered by the user and compiles said transaction data into a predetermined format readable by the server application 115.
In the next step 320, the server application 115 parses the received transaction data and checks whether the submitted transaction data is valid and sufficient for the transaction to be further processed. In addition, the server application 115 may compare the data against a set of predetermined cri- teria to verify whether the user has sufficient right and privilege associated with the transaction.
The server application 115 proceeds from step 321 to termi- nate the transaction and notify the user in step 380 if the verification in steps 320 & 321 is negative. If said verifi- cation is positive, the authorization 300 proceeds to send a full confirmation page to the user computing device 130 in step 324, as well as a transaction summary and a challenge to the user mobile device 150 in step 322.
Subsequently, the user reads the full confirmation page and transaction summary displayed on the user computing device 130 and mobile device 150 respectively. If the user has no objection to both said confirmation page and transaction sum- mary, he may instruct the user mobile device 150 to compute a unique response to the received challenge, as well as gener- ating a context-based one-time passcode (OTP) in step 330.
The OTP is transformed from the derived response and said transformation function and its associated parameters are known to the server application 115. The context-based OTP is typically shorter than the corresponding response, for fa- cilitating the user to perform manual data entry. Every re- sponse is uniquely mapped to a received challenge, and every context-based OTP is uniquely derived from a response.
The user mobile device 150 displays the derived context-based
OTP for the user to enter into the client application of the user computing device 130 in step 340.
In applications that call for more stringent authorization requirements and hence higher level of assurance, the server application 115 may act in accordance with predefined secu- rity policies to demand both the user mobile and computing devices 150 & 130 to return appropriate responses when the user mobile device 150 is challenged (322). A flag or identi- fier in the challenge code may be used to instruct the user mobile device 150 to compute and return a response accord- ingly. This scenario is represented in the process flow 300 by having the selector 332 switched to a “close” state such that step 330 can advance to step 350 via the path 335.
In this first mode of operation, the challenge may be the same transaction summary that user mobile device 150 has re- ceived in step 322. The user mobile device 150 computes the response by digitally signing said transaction summary. The authorization process 300 proceeds with the user mobile de-
vice 150 sending the digital signature (335) to the server 110 via the second communication network 140, and the user computing device 130 returning the context-based OTP (345) to the server 110 via the first communication network 120. In the next step 350, the server application 115 verifies the received digital signature and context-based OTP by comparing the received data against the respective expected values.
This is possible as the corresponding user public key is kept by the server application, and the context-based OTPs are generated by the user mobile device 150 using predetermined algorithms and parameters known to the server application 115.
The server application 115 determines whether said verifica- tion process is successful in step 360 and proceeds to the next process in step 370 if the verification is positive. The transaction is rejected and the session is terminated in step 380 if said verification is negative. The server application 115 may notify the user of the verification result by sending appropriate messages to the user computing device 130 or user mobile device 150 or both.
A user private cryptographic key typically used in asymmetric cryptography may be employed to enable the digital signing of the transaction summary. The user secret private key is stored in a secure environment in the user mobile device 150.
The secure environment can be implemented using hardware, firmware or software based secure module. One form of the se- cure module is a secure smart chip card that interfaces with the user mobile device 150. The matching user public crypto- graphic key is kept by the server application for use to ver- ify said digital signature.
The context-based OTP is derived from the digital signature which is typically a long data string. The context-based OTP may be a simple truncation, a digest or summary of the digi- tal signature or it may use a transformation function known to the server application.
In applications that call for less stringent authorization requirements, the server application 115 may act in accor- dance with predefined security policies to demand only the user computing device 130 to return an appropriate response in the form of a context-based OTP when the user mobile de- vice 150 is challenged (322). A flag or identifier in the challenge code may be used to instruct the user mobile device 150 not to return any response via the second communication network 140. This is advantageous when the communication costs and network latency associated with the second communi- cation network 140 are significant. This scenario is repre- sented in the process flow 300 by having the selector 332 switched to an “open” state such that the path 335 is open.
In this second mode of operation, the challenge received in step 322 is only used by the user mobile device 150 to com- pute the corresponding context-based OTP in step 330. Only the user computing device 130 submits the context-based QTP (345) to the server 110 via the first communication network 120. In the next step 350, the server application 115 veri- fies the received context-based OTP by comparing the received data against the respective expected values. This is possible as the context-based OTPs are generated by the user mobile device 150 using predetermined algorithms and parameters known to the server application 115.
In the second mode of operation, the challenge code may be generated by encrypting the transaction summary with the user public cryptographic key stored in the server 110. In step 330, the user mobile device 150 may generate the response by decrypting the received challenge code with the user private cryptographic key stored in the secure module of the mobile device 150. The computed response is then transformed to evaluate the context-based OTP, which is returned, in steps 340 & 345, to the server application 115 via the user comput- ing device 130 and the first communication network 120.
In summary, the multi-factor authentication and authorization system 100 provides an innovative means of strong user login authentication 200 and user authorization 300. The authenti- cation and authorization system 100 comprises a user mobile device 150 operating out-of-band with reference to the user computing device 130. Unique responses are generated and re- turned when the user mobile device 150 is challenged by an application 115 hosted in the server 100 upon receiving an online authentication or authorization request made by the user via the user computing device 130 over a separate commu- nication channel 120.
Although the above description contains much specificity, these should not be construed as limiting the scope of the embodiments but merely providing illustration of the foresee- able embodiments. Especially the above stated advantages of the embodiments should not be construed as limiting the scope of the embodiments but merely to explain possible achieve- ments if the described embodiments are put into practise.
Thus, the scope of the embodiments should be determined by the claims and their equivalents, rather than by the examples given.

Claims (25)

1. A method of user authentication, wherein an application hosted in a server is in communica- tion with a user computing device via a first communica- tion network and said server application is in communi- cation with a user mobile device via a second communica- tion network, and the method comprising the steps of a user sending a login request from said user com- puting device to said server application, said server application generating and sending a challenge to said user mobile device, said user mobile device deriving a unique response, said user mobile device further deriving and dis- playing a context-based one-time passcode (OTP) for use by the user to submit from said user computing device to said server application via said first communication network, said server verifying the received context-based OTP against an expected value, and said server application granting the user access right if said verification being positive.
2. The method of claim 1, wherein said user mobile device returning said derived unique response to said server via said second communi- cation network for verification.
3. The method of claims 1 or 2, wherein the user initiating said login request and submit- ting said context-based OTP through an online web or client application executed on said user computing de- vice.
4. The method of claim 1, wherein said user mobile device deriving the response by digitally signing the received challenge with a user private cryptographic key typically used in asymmetric cryptography, and the corresponding user public crypto- graphic key being kept by said server application for verification.
5. The method of claim 2, wherein said challenge code being generated in said server application by encrypting a code, which may be a ran- domly generated string or a randomly generated string combined with a context-based data, with the user public cryptographic key and said response being computed in said user mobile device by decrypting said challenge with the corresponding user private cryptographic key typically used in asymmetric cryptography.
o. The method of claims 4 or 5, wherein said user private key and associated cryptographic parameters being stored in a secure module integrated in or with said user mobile device, and without limitation, said secure module may be a digital signal processing module or a smart chip card interfaced with said user mobile device.
7. The method of claims 4, 5 or 6, wherein said response and context-based OTP derivation be- ing processed by an application executed in said secure module.
8. The method of claims 1, 2, 4 or 5, wherein said user mobile device deriving the context-based OTP by transforming said generated response with a mathematical function known to said server application.
9. The method of claim 8, wherein said transformation comprising the step of truncat- ing said generated response, or evaluating a digest or summary of said generated response.
10. The method of any of the claims 1 to 9, wherein said user mobile device being a cellular telephony device capable of exchanging data with said server ap- plication via a point-to-point communication protocol such as Short Messaging Services (SMS).
11. A method of transaction authorization, wherein an application hosted in a server is in communica- tion with a user computing device via a first communica- tion network and said server application is in communi- cation with a user mobile device via a second communica- tion network, and the method comprising the steps of a user submitting some transaction data from said user computing device to said server application, said server application sending a full confirmation page to said user computing device, as well as a trans- action summary and a challenge to said user mobile de- vice, said user mobile device computing a unique response to the challenge when instructed by said user after in- specting said received confirmation page and transaction summary displayed on said user computing device and user mobile device respectively, said user mobile device deriving and displaying a context-based one-time passcode (OTP) for use by the user to submit from said user computing device to said server application via said first communication network, said server verifying the received context-based OTP against an expected value, and said server application authorizing the transaction if said verification being positive.
12. The method of claim 11, wherein said user mobile device returning said response to said server application via said second communication network for verification.
13. The method of claims 11 or 12, wherein said transaction data submission being provided by an online web or client application executed on said user computing device, with said client application ca- pable of capturing and compiling user entry into a pre- determined format readable by said server application.
14. The method of claim 11, wherein said challenge being said same transaction summary and said user mobile device computing said response by signing the transaction summary with a user private cryptographic key typically used in asymmetric cryptog- raphy, and the corresponding user public cryptographic key being kept by said server application for verifica- tion.
15. The method of claim 12, wherein said challenge code being generated in said server application by encrypting said transaction summary with the user public cryptographic key and said response be- ing computed in said user mobile device by decrypting said challenge with the corresponding user private cryp- tographic key typically used in asymmetric cryptography.
16. The method of claims 14 or 15, wherein said user private key and associated cryptographic parameters being stored in a secure module integrated in or with said user mobile device, and without limitation, said secure module may be a digital signal processing module or a smart chip card interfaced with said user mobile device.
17. The method of claims 14, 15 or 16, wherein said response and context-based OTP derivation be- ing processed by an application executed in said secure module.
18. The method of claims 11, 12, 14 or 15, wherein said user mobile device deriving the context-based OTP by transforming said generated response with a mathematical function known to said server application.
19. The method of claim 18, wherein said transformation comprising the step of truncat- ing said derived response, or evaluating a digest or summary of said derived response.
20. The method of any of the claims 11 to 19, wherein said user mobile device being a cellular telephony device capable of exchanging data with said server ap-
plication via a point-to-point communication protocol such as Short Messaging Services (SMS).
21. A system for user authentication and transaction au- thorization comprising a server hosting a server application which is in communication with a user computing device via a first communication network and said server application is in communication with a user mobile device via a second communication network, wherein said user computing device being used to submit user login request and transaction data to said server application, said user mobile device being used to derive a unique response upon receiving a challenge from said server application, said user mobile device further deriving a context- based OTP from said response for user to submit to said server application by means of an online web or client application executed in said user computing device via said first communication network, said server application verifying said response and context-based OTP against the respective expected values derived using some predetermined algorithms and parame- ters, and said user computing device and user mobile device displaying transaction confirmation and summary pages respectively for said users to inspect and confirm.
22. The system of claim 21, wherein said server hosting a plurality of general and se- cure database for storing application specific data, and it may interface with other internal and external com-
puting and communication systems for executing tasks that are required by said server application.
23. The system of claim 21, wherein said user computing device being desktop or port- able computers capable of executing the corresponding web or client application required to provide online ac- cess to and exchange data with said server application, and the user computing device supporting all the commu- nication protocols required by said server application.
24. The system of claim 21, wherein said user mobile device being a cellular telephony device capable of exchanging data with said server ap- plication via a point-to-point communication protocol such as Short Messaging Services (SMS).
25. The system of claim 21, wherein a secure module integrated in or with said user mobile device for securely storing sensitive data and executing cryptographic operations associated with digi- tal signing of said transaction data and response and context OTP derivation, and without limitation, said se- cure module may be a digital signal processing module or a smart chip card interfaced with said user mobile de- vice.
SG2011080629A 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof SG175860A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
PCT/IB2010/051938 WO2010128451A2 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Publications (1)

Publication Number Publication Date
SG175860A1 true SG175860A1 (en) 2011-12-29

Family

ID=43050566

Family Applications (2)

Application Number Title Priority Date Filing Date
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof
SG2011080629A SG175860A1 (en) 2009-05-04 2010-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Family Applications Before (1)

Application Number Title Priority Date Filing Date
SG200903010-7A SG166028A1 (en) 2009-05-04 2009-05-04 Methods of robust multi-factor authentication and authorization and systems thereof

Country Status (2)

Country Link
SG (2) SG166028A1 (en)
WO (1) WO2010128451A2 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012162843A1 (en) * 2011-06-03 2012-12-06 Research In Motion Limted System and method for accessing private networks
CN103427999A (en) * 2013-08-23 2013-12-04 北京易优安信息技术有限公司 User authentication method and system
US9679152B1 (en) 2014-07-24 2017-06-13 Wells Fargo Bank, N.A. Augmented reality security access
US9477852B1 (en) 2014-07-24 2016-10-25 Wells Fargo Bank, N.A. Augmented reality numberless transaction card
CN104113556A (en) * 2014-07-31 2014-10-22 国家超级计算深圳中心(深圳云计算中心) Network logon authentication method and system, mobile terminal and application server
US10142841B2 (en) * 2016-07-11 2018-11-27 Disney Enterprises, Inc. Configuration for multi-factor event authorization
US11651357B2 (en) 2019-02-01 2023-05-16 Oracle International Corporation Multifactor authentication without a user footprint
NL2026156B1 (en) 2020-07-24 2022-04-12 Anthony Francis Everts Roy A method that adequately protects the authentic identity and personal data of a natural person and remotely confirms the authentic identity of this natural person through a trusted entity to a beneficiary party.

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040083272A (en) * 2003-03-21 2004-10-01 (주)뱅크타운 Method and System for Authentication of User on Web and/or Wireless Network by Using Mobile Terminal Loaded a Challenge/Response Based Mobile One-Time Password Module
KR20070077569A (en) * 2006-01-24 2007-07-27 삼성전자주식회사 One time password service system using portable phone and certificating method using the same
KR20080061714A (en) * 2006-12-28 2008-07-03 손민석 Method for authenticating a user using a one-time password created by mobile

Also Published As

Publication number Publication date
WO2010128451A3 (en) 2011-03-24
WO2010128451A2 (en) 2010-11-11
SG166028A1 (en) 2010-11-29

Similar Documents

Publication Publication Date Title
US10798087B2 (en) Apparatus and method for implementing composite authenticators
CN109951489B (en) Digital identity authentication method, equipment, device, system and storage medium
US9838205B2 (en) Network authentication method for secure electronic transactions
CN106664208B (en) System and method for establishing trust using secure transport protocol
US9231925B1 (en) Network authentication method for secure electronic transactions
US8112787B2 (en) System and method for securing a credential via user and server verification
US10367797B2 (en) Methods, systems, and media for authenticating users using multiple services
Kim et al. A method of risk assessment for multi-factor authentication
CN112425118B (en) Public key-private key pair account login and key manager
US10848304B2 (en) Public-private key pair protected password manager
US20080034216A1 (en) Mutual authentication and secure channel establishment between two parties using consecutive one-time passwords
US20130205380A1 (en) Identity verification
WO2015188426A1 (en) Method, device, system, and related device for identity authentication
SG175860A1 (en) Methods of robust multi-factor authentication and authorization and systems thereof
Gupta et al. A new framework for credit card transactions involving mutual authentication between cardholder and merchant
WO2015188424A1 (en) Key storage device and method for using same
US20090220075A1 (en) Multifactor authentication system and methodology
US20130218779A1 (en) Dual factor digital certificate security algorithms
CN117336092A (en) Client login method and device, electronic equipment and storage medium
WO2011060739A1 (en) Security system and method