Patent attributes
A system and a method are disclosed for authenticating a user of a mobile device using Unstructured Supplementary Service Data (“USSD”) protocol. The mobile device generates a One-Time Password (“OTP”) code and sends that OTP code to a telecommunications server that forwards the content of the USSD message to the application server using an included short code. The OTP code is also sent out to the application server outside of the USSD protocol. When the application server receives both transmissions, the application server compares the OTP codes of these transmissions and determines whether the codes match. If the OTP codes match, the application server determines that authentication is successful and transmits an authentication token to the mobile device that is used to secure communications between the mobile device and the application server.