Abstract: A computer-implemented method for authenticating a user using a service provider server and an authentication server, the user communicating with at least one of the service provider server and the authentication server using a user browser. The method includes requesting, using the user browser, the authenticating with the service provider server. The method also includes authenticating, using the user browser, a secure communication channel with the authentication server. The method also includes receiving, using the user browser, a Next Pre-Authentication Anchor (NPAA) value from the authentication server. The method additionally includes temporarily storing the Next Pre-Authentication Anchor (NPAA) value in a user browser cookie associated with the user browser, wherein the Next Pre-Authentication Anchor (NPAA) value is protected by employing Same Origin Policy (SOP).
Abstract: CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data generation methods for use in an electronic device and related management systems are provided. First, the electronic device determines a first data set according to at least one first data corresponding to an operation to be performed, wherein the first data represents sensitive data corresponding to the operation. Then, the electronic device generates a group of CAPTCHA data corresponding to the first data set according to the first data. The electronic device may be a server or a client. When the electronic device is the client, the client obtains at least one generation module from the server to determine the first data set, and generate the CAPTCHA data. In some embodiments, during a data transmission procedure, the client performs the operation with the server using the CAPTCHA data.
Abstract: The present invention discloses a token provisioning method for a token provisioning system. The token provisioning method includes steps of generating at least one encryption key at a customer side; generating a plurality of seed numbers corresponding to a plurality of electronic serial numbers (ESNs) at the customer side, respectively; encrypting the plurality of seed numbers and the plurality of corresponding ESNs with the at least one encryption key at the customer side; decrypting the plurality of seed numbers and the plurality of corresponding ESNs with the at least one encryption key; and programming a plurality of tokens with the plurality of seed numbers and the plurality of corresponding ESNs.
Abstract: An authentication method in electronic commerce is disclosed. The authentication method includes steps of a first side utilizing a first device to access an interactive interface, and the first side transferring a first device characteristics of the first device and a verification information to a second side for authentication.
Abstract: A method for multi-factor authenticating of a user using an application server and an authentication server is disclosed. The method includes receiving from the application server a first source IP address associated with a request for authenticating from the user browser program to the application server. The method also includes receiving from the user browser program a request to perform additional authentication between the user browser program and the authentication server using a separate communication channel. The method additionally includes comparing the first source IP address with a second source IP address associated with the request to perform the additional authentication and failing, if the first source IP address does not match the second source IP address, authentication of the user.
Abstract: CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) management methods and systems are provided. First, information trusted by a server and a client is determined. The server generates CAPTCHA data, and combines the information trusted by the server and the client with the CAPTCHA data. The server transmits the CAPTCHA data to the client. The client determines whether to perform subsequent operations based on the CAPTCHA data according to the information trusted by the server and the client.
Abstract: CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data generation methods for use in a server and related management systems are provided. First, the server determines a first data set according to at least one first data corresponding to an operation to be performed, wherein the first data represents a sensitive data corresponding to the operation. Then, the server generates a group of CAPTCHA data corresponding to the first data set according to the first data.
Abstract: Data processing methods and systems for processing data in an operation having a predetermined flow based on CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data are provided. First, a server generates a group of CAPTCHA data according to content of the operation. Then, the server transmits the group of CAPTCHA data to a client via a transmission medium. The client receives the group of CAPTCHA data via the transmission medium, inputs a first data corresponding to the operation using the CAPTCHA data and transmits the first data to the server via the transmission medium for verification, wherein the first data contains at least one CAPTCHA data.