WO2010070456A3 - Method and apparatus for authenticating online transactions using a browser - Google Patents
Method and apparatus for authenticating online transactions using a browser Download PDFInfo
- Publication number
- WO2010070456A3 WO2010070456A3 PCT/IB2009/007987 IB2009007987W WO2010070456A3 WO 2010070456 A3 WO2010070456 A3 WO 2010070456A3 IB 2009007987 W IB2009007987 W IB 2009007987W WO 2010070456 A3 WO2010070456 A3 WO 2010070456A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication
- user browser
- user
- browser
- authenticating
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Abstract
A computer-implemented method for authenticating a user using a service provider server and an authentication server, the user communicating with at least one of the service provider server and the authentication server using a user browser. The method includes requesting, using the user browser, the authenticating with the service provider server. The method also includes authenticating, using the user browser, a secure communication channel with the authentication server. The method also includes receiving, using the user browser, a Next Pre- Authentication Anchor (NPAA) value from the authentication server. The method additionally includes temporarily storing the Next Pre- Authentication Anchor (NPAA) value in a user browser cookie associated with the user browser, wherein the Next Pre- Authentication Anchor (NPAA) value is protected by employing Same Origin Policy (SOP).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13852708P | 2008-12-19 | 2008-12-19 | |
US61/138,527 | 2008-12-19 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2010070456A2 WO2010070456A2 (en) | 2010-06-24 |
WO2010070456A3 true WO2010070456A3 (en) | 2017-04-06 |
Family
ID=42269164
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2009/007987 WO2010070456A2 (en) | 2008-12-19 | 2009-12-21 | Method and apparatus for authenticating online transactions using a browser |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2010070456A2 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102332977A (en) * | 2010-07-13 | 2012-01-25 | F2威尔股份有限公司 | Use ISP's server and certificate server authentication user's method |
EP3772832B1 (en) * | 2019-08-05 | 2022-04-06 | Mastercard International Incorporated | Secure server client interaction |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020138561A1 (en) * | 2001-02-16 | 2002-09-26 | Gemini Networks, Inc. | System, method, and computer program product for an end-user of an open access network to select a new service provider following a discontinuance of a business relationship between their current service provider and the operator of the open access network |
US20040003287A1 (en) * | 2002-06-28 | 2004-01-01 | Zissimopoulos Vasileios Bill | Method for authenticating kerberos users from common web browsers |
US20080040802A1 (en) * | 2004-06-14 | 2008-02-14 | Iovation, Inc. | Network security and fraud detection system and method |
US20080166994A1 (en) * | 2007-01-04 | 2008-07-10 | Bernard Ku | Methods and apparatus to implement an internet multimedia sub-system (IMS) terminal |
US20100095208A1 (en) * | 2008-04-15 | 2010-04-15 | White Alexei R | Systems and Methods for Remote Tracking and Replay of User Interaction with a Webpage |
US7720997B1 (en) * | 2001-12-19 | 2010-05-18 | Cisco Technology, Inc. | Path selection system |
US20110202982A1 (en) * | 2007-09-17 | 2011-08-18 | Vidoop, Llc | Methods And Systems For Management Of Image-Based Password Accounts |
US8065417B1 (en) * | 2008-11-17 | 2011-11-22 | Amazon Technologies, Inc. | Service provider registration by a content broker |
US8074259B1 (en) * | 2005-04-28 | 2011-12-06 | Sonicwall, Inc. | Authentication mark-up data of multiple local area networks |
-
2009
- 2009-12-21 WO PCT/IB2009/007987 patent/WO2010070456A2/en active Application Filing
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020138561A1 (en) * | 2001-02-16 | 2002-09-26 | Gemini Networks, Inc. | System, method, and computer program product for an end-user of an open access network to select a new service provider following a discontinuance of a business relationship between their current service provider and the operator of the open access network |
US7720997B1 (en) * | 2001-12-19 | 2010-05-18 | Cisco Technology, Inc. | Path selection system |
US20040003287A1 (en) * | 2002-06-28 | 2004-01-01 | Zissimopoulos Vasileios Bill | Method for authenticating kerberos users from common web browsers |
US20080040802A1 (en) * | 2004-06-14 | 2008-02-14 | Iovation, Inc. | Network security and fraud detection system and method |
US8074259B1 (en) * | 2005-04-28 | 2011-12-06 | Sonicwall, Inc. | Authentication mark-up data of multiple local area networks |
US20080166994A1 (en) * | 2007-01-04 | 2008-07-10 | Bernard Ku | Methods and apparatus to implement an internet multimedia sub-system (IMS) terminal |
US20110202982A1 (en) * | 2007-09-17 | 2011-08-18 | Vidoop, Llc | Methods And Systems For Management Of Image-Based Password Accounts |
US20100095208A1 (en) * | 2008-04-15 | 2010-04-15 | White Alexei R | Systems and Methods for Remote Tracking and Replay of User Interaction with a Webpage |
US8065417B1 (en) * | 2008-11-17 | 2011-11-22 | Amazon Technologies, Inc. | Service provider registration by a content broker |
Also Published As
Publication number | Publication date |
---|---|
WO2010070456A2 (en) | 2010-06-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2010060704A3 (en) | Method and system for token-based authentication | |
WO2008016800A3 (en) | Method and apparatus for selecting an appropriate authentication method on a client | |
WO2013067521A3 (en) | System and method for increasing security in internet transactions | |
WO2011043903A3 (en) | Network access control | |
WO2007092366A3 (en) | Authentication and verification services for third party vendors using mobile devices | |
WO2012069263A3 (en) | Method for authorizing access to protected content | |
WO2009115755A3 (en) | Authentication method, authentication system, server terminal, client terminal and computer programs therefor | |
WO2009001197A3 (en) | A method of preventing web browser extensions from hijacking user information | |
WO2009022869A3 (en) | Method and apparatus for communication, and method and apparatus for controlling communication | |
WO2009031056A3 (en) | Providing services to a guest device in a personal network | |
WO2008017015A3 (en) | Systems and methods for policy based triggering of client- authentication at directory level granularity | |
WO2007149775A3 (en) | Consumer authentication system and method | |
WO2009045317A3 (en) | Method for authenticating mobile units attached to a femtocell in communication with a secure core network such as an ims | |
WO2008135848A3 (en) | Network multimedia communication using multiple devices | |
WO2008042871A3 (en) | Methods and apparatus for securely signing on to a website via a security website | |
MY149495A (en) | Authenticating an application | |
WO2005086569A3 (en) | System, method and apparatus for electronic authentication | |
NO20080532L (en) | Distributed simple log-on service | |
WO2008082683A3 (en) | Methods and apparatus for implementing a pluggable policy module within a session over internet protocol network | |
WO2006118829A3 (en) | Preventing fraudulent internet account access | |
WO2007013904A3 (en) | Single token multifactor authentication system and method | |
WO2009102915A3 (en) | Systems and methods for secure handling of secure attention sequences | |
WO2010063091A3 (en) | System and methods for online authentication | |
WO2007143312A8 (en) | Proactive credential distribution | |
WO2009112693A3 (en) | Method for authentication and signature of a user in an application service using a mobile telephone as a second factor in addition to and independently from a first factor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09833010 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09833010 Country of ref document: EP Kind code of ref document: A2 |