Patent attributes
A computing device receives, from a first client device, a request for a security token to authenticate a transaction session for a user account administered by a network resource, the first client device being associated with the user account. In response to the request, the computing device generates and sends a security token to the first client device, which communicates the security token to a second client device. The computing device receives, from the second client device, a modified security token that includes the security token and a signature on the security token using a first key stored in a trusted hardware component coupled to the second client device. A second key corresponding to the first key is registered with the network resource. The computing device verifies the modified security token using the second key. Upon successfully verifying the modified security token, the computing device enables the transaction session.
