Method, apparatus, and computer program product for secure two-factor authentication

Method, apparatus, and computer program product for secure two-factor authentication

Various methods are provided for secure two-factor authentication, and more specifically, for incorporating a layer of security to two-factor authentication using Short Message Service in a manner virtually transparent to the end-user. Methods may include receiving a request for registration for two...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Sherman, Imani, Traynor, Patrick G, Shrimpton, Thomas, Peeters, Christian, Patton, Christopher, Olszewski, Daniel
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
WIRELESS COMMUNICATIONS NETWORKS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Various methods are provided for secure two-factor authentication, and more specifically, for incorporating a layer of security to two-factor authentication using Short Message Service in a manner virtually transparent to the end-user. Methods may include receiving a request for registration for two-factor authentication from a client including a username and password; providing a request for a mobile device number; receiving the mobile device number and a pre-shared key; sending to a mobile device an identity of the client and a server key share; receiving from the mobile device a mobile device key share; sending information corresponding to an exchange with the mobile device and a challenge derived from the pre-shared key to the client in response to the device key share corresponding to the server key share; receiving confirmation of registration with the mobile device; and establishing a shared key in response to verification of the confirmation.