A method and system of authenticating a computer resource such as an application or data on a mobile device uses a contactless token to provide multi-factor user authentication. User credentials are stored on the token in the form of private keys, and encrypted data and passwords are stored on the device. When application user requires access to the resource an encrypted password is transmitted to and decrypted on the token using a stored private key. An unencrypted data encryption key or password is then transmitted back to the device under the protection of a cryptographic session key which is generated as a result of strong mutual authentication between the device and the token.

Owners (US)
CPC Classifications
Download PDF
Document Preview
Document History
  • Publication: Jan 7, 2016
  • Application: Sep 15, 2015
    US US 201514855186 A
  • Priority: Sep 15, 2015
    US US 201514855186 A
  • Priority: Feb 6, 2014
    US US 201414174727 A
  • Priority: Nov 26, 2013
    US US 201314091183 A
  • Priority: Mar 1, 2013
    GB GB 201303677 A
  • Priority: Dec 5, 2012
    US US 201213706307 A
  • Priority: Nov 28, 2012
    GB GB 201221433 A

Download Citation

Sign in to the Lens