Abstract: A method for increasing the security of private keys is provided that includes generating transaction data at a device operated by a user and processing the transaction data. Moreover, the method includes determining whether the user permits using a private key that is associated with the user and with a public-private key pair of the user. The private key is stored in a computer system different from the device. Furthermore, the method includes authenticating the user when the user permits using the private key, applying the private key to other data after successfully authenticating the user, and transmitting the other data to the device. The method also includes conducting a transaction with the transaction data.

Abstract: A method for replacing a shared secret over a network is provided that includes determining that a security breach could have occurred, determining that a shared secret of a user is to be replaced, and transmitting a renewal message to an authentication system requesting a new shared secret and an associated effective life for the user. Moreover, the method includes generating a new shared secret and an associated effective life at the authentication system for the user, and replacing the shared secret and associated effective life in an enrollment data record of the user with the new shared secret and associated effective life. Furthermore, the method includes transmitting the new shared secret and associated effective life to a communications device associated with the user, and replacing a shared secret and associated effective life stored in the communications device with the new shared secret and associated effective life.

Abstract: A method for increasing the security of private keys is provided that includes generating transaction data at a device operated by a user and processing the transaction data. Moreover, the method includes determining whether the user permits using a private key that is associated with the user and with a public-private key pair of the user. The private key is stored in a computer system different from the device. Furthermore, the method includes authenticating the user when the user permits using the private key, applying the private key to other data after successfully authenticating the user, and transmitting the other data to the device. The method also includes conducting a transaction with the transaction data.

Abstract: A method for authenticating users over networks includes requesting a one-time password, entering a personal identification number into a communications device, and retrieving a replaceable shared secret stored in the communications device. Moreover, the method includes generating a hashed personal identification number from the entered personal identification number, combining the hashed personal identification number with the replaceable shared secret to generate a modified shared secret, and generating a one-time password with the modified shared secret and the time of requesting the one-time password.

Abstract: A method for increasing the security of private keys is provided that includes generating transaction data at a device operated by a user and processing the transaction data. Moreover, the method includes determining whether the user permits using a private key that is associated with the user and with a public-private key pair of the user. The private key is stored in a computer system different from the device. Furthermore, the method includes authenticating the user when the user permits using the private key, applying the private key to other data after successfully authenticating the user, and transmitting the other data to the device. The method also includes conducting a transaction with the transaction data.

Abstract: A method for increasing the security of private keys is provided that includes generating transaction data at a device operated by a user and processing the transaction data. Moreover, the method includes determining whether the user permits using a private key that is associated with the user and with a public-private key pair of the user. The private key is stored in a computer system different from the device. Furthermore, the method includes authenticating the user when the user permits using the private key, applying the private key to other data after successfully authenticating the user, and transmitting the other data to the device. The method also includes conducting a transaction with the transaction data.

Abstract: A method for replacing a shared secret over a network is provided that includes determining that a security breach could have occurred, determining that a shared secret of a user is to be replaced, and transmitting a renewal message to an authentication system requesting a new shared secret and an associated effective life for the user. Moreover, the method includes generating a new shared secret and an associated effective life at the authentication system for the user, and replacing the shared secret and associated effective life in an enrollment data record of the user with the new shared secret and associated effective life. Furthermore, the method includes transmitting the new shared secret and associated effective life to a communications device associated with the user, and replacing a shared secret and associated effective life stored in the communications device with the new shared secret and associated effective life.

Abstract: A method for authenticating users over networks includes requesting a one-time password, entering a personal identification number into a communications device, and retrieving a replaceable shared secret stored in the communications device. Moreover, the method includes generating a hashed personal identification number from the entered personal identification number, combining the hashed personal identification number with the replaceable shared secret to generate a modified shared secret, and generating a one-time password with the modified shared secret and the time of requesting the one-time password.