A method for generating a key for secure communication between a household appliance and an appliance includes the following steps: determining the key using identification information associated with the household appliance; and sending the identification information via an air interface of the household appliance in order to transmit the identification information from the household appliance to the appliance.

Embodiments of the present application relate to a method, apparatus, and system for providing a security check. The method includes receiving a security verification request sent from a terminal, obtaining first verification element information based at least in part on the security verification request, generating a digital object unique identifier based at least in part on the first verification element information, sending the digital object unique identifier to the terminal, receiving second verification element information from the terminal, and in the event that the first verification element information and the second verification element information are consistent, sending security check pass information to the terminal.

Broadly speaking, embodiments of the present invention provide systems and methods to provide a solution to the SIM swap attack problem for users that possess smartphones. In particular, the systems and methods require an online banking customer to authenticate a transaction using a combined one-time password (OTP) formed of a remotely generated OTP (generated remote to the smartphone) and a locally generated OTP (generated on the smartphone).

A method for activating a mobile terminal token, comprising: a cloud authentication server generates a seed generation factor according to an activation request, and acquires a server seed secret key and saves the same according to the seed generation factor, and generates an activation code according to the seed generation factor, and generates an activation verification code and transmits the same to a mobile terminal, and encrypts the activation code using the activation verification code to acquire an encrypted activation code, and a cloud authentication management platform generates a two-dimensional code image according to the received encrypted activation code and transmits the same to a client for displaying, and the mobile terminal token acquires the encrypted activation code according to the acquired two-dimensional code image, and decrypts the encrypted activation code using the acquired activation verification code to obtain an activation code, and acquires the seed generation factor from the activation code, and acquires a token seed secret key according to the seed generation factor and saves the same. The present invention can activate the token when the mobile terminal is without network, ensuring the accuracy of the seed, thus improving the token security.

A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.

Disclosed is a working method of a dynamic token. The present invention relates to the field of communications. The method comprises: when a token is awakened, the awakening identification type at a flag bit is determined; if the type is a key awakening identification, the key value is detected, and a corresponding operation is performed according to the key pressed; if the type is a Bluetooth data awakening identification, Bluetooth data is received, and when the Bluetooth data has been received, the Bluetooth data is stored in a received data temporary storage region, and the Bluetooth data awakening identification is reset; if the type is Bluetooth connection awakening identification, that Bluetooth has been connected is displayed, and after fourth preset period has passed, the screen is cleared, and the Bluetooth connection awakening identification is reset; if the type is Bluetooth disconnection awakening identification, that Bluetooth has been disconnected is displayed, the received data temporary storage region is cleared, and the Bluetooth disconnection awakening identification is reset; and if the type is an awakening identification of other types, a corresponding operation according to the awakening identification is performed.

A method includes receiving a request from a certificate user to utilize a short-term private key-public key pair. The short-term private key-public key pair includes a short-term private key and a public key. The short-term private key may expire after a period less than a year in length. The method further includes generating, using a processor, the short-term private key and generating, using the processor, the public key. The method further includes requesting a public key certificate from a Certificate Authority (CA). The method also includes receiving the public key certificate from the CA and pairing the short-term private key with the public key certificate. The public key certificate may include the public key that corresponds to the short-term private key. The method further includes storing the short-term private key-public key pair to a storage.

A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session key in the first memory and a second query to store the server encryption key in a second memory; decrypting the encrypted session key using the server encryption key; generating an application cryptogram based on the decrypted session key; and electronically transmitting the generated application cryptogram for use in a payment transaction.

An encrypted data processing system is provided including an encryption device and a server. The encryption device includes an encrypting section that encrypts first information based on a first encryption key and transmits the encrypted information for registration to the server, and encrypts second information based on a second encryption key and transmits the encrypted information to be compared to the server. The server includes a comparison section that employs a cipher comparison function for comparing encrypted information to compare the encrypted information for registration against the encrypted information to be compared, and transmits a comparison result to the encryption device. The encryption device further includes a comparison result decrypting section that employs a decryption function for decrypting the comparison result with the first encryption key and the second encryption key to find a degree of matching between the first information and the second information.

A method, apparatus, and system for provisioning a device onto a network using a non-secure communication channel between the device and a provisioner is described. The provisioner receives a timestamp-based on-time password (TOTP), and a universal resource identifier (URI) from the device and provides the TOTP and an out-of-band (OOB) UUID to a remote server over a secure communication channel identified by the URI. The device is then provisioned onto a network based on comparisons of the UUID and the TOTP.