​Afraid of a Hacker Attack? Verify the Login Device—Not Just the Password
Enhancing Authentication with Timestamp-Based Device Verification
In addition to traditional user ID and password authentication, verifying the login device adds a critical layer of security. This method uses a timestamp-based algorithm to ensure that only authorized devices can access the system—without requiring any user intervention.
​
How It Works:
-
Clock Synchronization: The authentication server and the client PC both synchronize their clocks with a trusted time server.
-
Timestamp Generation: Each side uses the current timestamp down to the second, dropping one level of precision to account for network latency.
-
Shared Transformation: Both the server and client apply the same transformation to the timestamp (e.g., add 5, multiply by 2).
-
Value Verification: The client sends the transformed value; the server independently computes and verifies it.
-
Algorithm Array: A shared array of transformation methods is stored on both ends. These methods can vary widely in complexity.
-
Method Selection: Following each successful login, the server and client use a synchronized random selection process to choose the same method from the shared array for next login.
-
No User Intervention: The entire process is handled automatically by the underlying authentication code—no passwords or user memory required.
-
Initial Provisioning: Corporate IT sets up the initial method during the authorized device’s provisioning.
-
Customizable Arrays: Each company can define its own transformation method array based on its security policies.
-
Scalable for Providers: Online service providers can use a default array or configure a custom one.
​​
US patent 10,826,912
​​​​​
Future Innovations:
​
​Seeking business partners to develop this solution.
For inquiries, please send a USPS registered mail to
ChienSEC LLC
12400 SE 38TH ST #40151
Bellevue, WA 98015