Abstract: The present invention relates to a system and method for digitally authenticating users both online and offline. In one embodiment, a hardware token assigned by a trusted token provider to the user is employed to ensure the identity of the user. In the online authentication, the token is adapted for generating an exposed key EK and a hidden key HK based on a noise code NC and a time code TC of the token, a space code SC of a service server, and an owner code OC of the user. A login session is initialized by entering a user identifier at the service server and the generated EK from a computing device. The service server computes an expose key CEK and a hidden key CHK based one an authentication license generated by the token provider. The service server authenticates the user if the CEK is same as the EK, and sends a response message encrypted the CHK to the computing device. Then, the user provides the HK to the computing device to decrypt the encrypted response message so as to access his/her account.

Abstract: Systems and methods are disclosed for preventing spam, including email spam and telephone spam, through the use of dynamic passcodes or dynamic signatures included with transmitted messages. Both the dynamic passcodes and dynamic signatures may be changed periodically or continually, according to an example embodiment of the invention. Qualified senders may include a dynamic signature that is automatically generated by the sender's node or exchange entity. The recipient's node or exchange entity can then use a graylist associated with the recipient account in verifying the qualified sender and/or dynamic signature. On the other hand, non-qualified senders may need to manually obtain a dynamic passcode from a dynamic passcode provider and include the dynamic passcode with the transmitted message. The dynamic passcode provider may be a public website using human interactive proofs. According to an embodiment, a non-qualified sender may be optionally pre-charged with a fee to obtain a dynamic passcode.

Abstract: Systems and methods are disclosed for preventing spam, including email spam and telephone spam, through the use of dynamic passcodes or dynamic signatures included with transmitted messages. Both the dynamic passcodes and dynamic signatures may be changed periodically or continually, according to an example embodiment of the invention. Qualified senders may include a dynamic signature that is automatically generated by the sender's node or exchange entity. The recipient's node or exchange entity can then use a graylist associated with the recipient account in verifying the qualified sender and/or dynamic signature. On the other hand, non-qualified senders may need to manually obtain a dynamic passcode from a dynamic passcode provider and include the dynamic passcode with the transmitted message. The dynamic passcode provider may be a public website using human interactive proofs. According to an embodiment, a non-qualified sender may be optionally pre-charged with a fee to obtain a dynamic passcode.

Abstract: The present invention relates to a system and method for digitally authenticating users both online and offline. In one embodiment, a hardware token assigned by a trusted token provider to the user is employed to ensure the identity of the user. In the online authentication, the token is adapted for generating an exposed key EK and a hidden key HK based on a noise code NC and a time code TC of the token, a space code SC of a service server, and an owner code OC of the user. A login session is initialized by entering a user identifier at the service server and the generated EK from a computing device. The service server computes an expose key CEK and a hidden key CHK based one an authentication license generated by the token provider. The service server authenticates the user if the CEK is same as the EK, and sends a response message encrypted the CHK to the computing device. Then, the user provides the HK to the computing device to decrypt the encrypted response message so as to access his/her account.