| CPC H04L 9/3213 (2013.01) [H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 9/3268 (2013.01); H04L 9/3297 (2013.01); H04L 63/166 (2013.01); H04L 2463/121 (2013.01)] | 17 Claims |
|
1. A method of receiving secure data in a client device, comprising:
(a) receiving in the client device a token having both a token ID and a digital certificate generated by a certificate authority (CA), the certificate having client device fingerprint data generated from client device parameters;
(b) accepting a request in the client device to provide secure data to the client device;
(c) regenerating in the client device the client device fingerprint data from the client device parameters;
(d) determining, in the client device, differences between the client device fingerprint data of the digital certificate and the regenerated client device fingerprint data;
(e) selectively transmitting a request to a secure data service to provide secure data based upon the determination, comprising:
if the client device fingerprint data of the digital certificate matches the regenerated client device fingerprint data, transmitting the request to a secure data service to provide secure data to the client device;
if the client device fingerprint data of the digital certificate does not match the regenerated client device fingerprint data, determining if differences between the client device fingerprint data of the digital certificate and the regenerated client device fingerprint data are acceptable;
if differences between the client device fingerprint data of the digital certificate and the regenerated client device fingerprint data are acceptable:
transmitting the request to a secure data service to provide secure data to the client device;
receiving the secure data;
transmitting the client device regenerated fingerprint data and token ID to the CA;
receiving a further digital certificate generated by the CA having the client device regenerated fingerprint data; and
storing the further digital certificate in the token.
|