Secure mobile communication architecture with dynamic two-way authentication and implementation method thereof

A mobile communication and two-way authentication technology, applied in the field of mobile information security, can solve the problems of phishing, counterfeiting, man-in-the-middle attacks, etc., to save costs, eliminate counterfeiting, and defend against hacker login attacks.

Active Publication Date: 2016-02-17
JIANGSU PAYEGIS TECH CO LTD
View PDF8 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The present invention aims at the problems of counterfeiting, phishing, and man-in-the-middle attacks in the communication between APP and server of the above-mentioned client te...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure mobile communication architecture with dynamic two-way authentication and implementation method thereof
  • Secure mobile communication architecture with dynamic two-way authentication and implementation method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0071] Embodiment 1, the mobile banking of a certain bank is due to the user blindly trusting the problematic server-side certificate, and the server is attacked by hacker phishing or man-in-the-middle. Communication, in the present invention, the server uses a self-signed certificate, and its certificate verification process is different from the ordinary certificate verification process, and there will be no situation where the user ignores the dangerous server-side certificate reminder, and the hacker cannot successfully communicate with the server without the private key of the server-side certificate. There will be no phishing attack or man-in-the-middle attack when the client terminal establishes a connection.

Embodiment 2

[0072] Example 2, a counterfeit client terminal appeared in an application APP, and the hacker forged a fake client terminal that was very similar to the real APP client terminal, and asked the user to enter the account password to log in, thereby defrauding the user of the account number and password of the application. At this time, the secure mobile communication architecture of dynamic two-way authentication described in the present invention can be used to communicate with the client terminal server. Even if the user steals the user account number and password, without the user's device, the private key of the device cannot be obtained, and it cannot be successfully completed. The challenge-response process between the server and the client terminal makes it impossible to use the user's account and password to perform harmful operations.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a secure mobile communication architecture with dynamic two-way authentication and an implementation method thereof. In the secure mobile communication architecture, a client terminal and a server-side implement two-way authentication, the server-side adopts an SSL self-signed certificate, and the authentication to the server-side by the client terminal is finished through authentication to the SSL certificate of the server; the authentication to the client terminal by the server-side is finished through management of identity access authority provided by an asymmetric key pair and a PKI technology; and communication between the client terminal and the server-side adopts an SSL security authentication protocol so as to guarantee the data security in the communication process. By adopting the secure mobile communication architecture with dynamic two-way authentication for carrying out mobile communication, the implementation way is simple, counterfeiting, hacker attack and man-in-the-middle attack threats in the common mobile communication mechanism are eliminated, and the security of communication between the mobile client terminal and the server-side is greatly increased.

Description

technical field [0001] The invention relates to the field of mobile information security, in particular to a dynamic two-way authentication security mobile communication mechanism and its realization method. Background technique [0002] As of the second quarter of 2015, the number of mobile Internet users in China has reached 657 million, and the number of smartphone users in China has reached 601 million. Mobile payment has increased by 445% year-on-year. Chinese consumers have entered the era of mobile payment. However, lawbreakers have created malicious software such as fake online banking upgrade assistants, pirated mobile phone online banking clients, and phishing Alipay, which have seriously threatened the security of mobile payment. [0003] The first domestic mobile banking APP security report shows that most mobile banking APPs are not safe, especially a small number of mobile banking Android clients have security risks such as incomplete encryption mechanisms and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3249H04L63/0823H04L63/0869H04L63/0876
Inventor 汪德嘉刘伟刘景景
Owner JIANGSU PAYEGIS TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap