Patent attributes
Systems and methods for a secure soft token solution applicable to multiple platforms and usage scenarios are provided. According to one embodiment a unique device ID of a mobile device is obtained by a soft token application via an API of an operating system of the mobile device. A seed for generating an OTP for accessing a secure network resource is requested from a provisioning server by the application via an IP-based network. The seed is received by the mobile device via a first out-of-band channel in encrypted form based on a secret key, the unique device ID and a hardcoded-pre-shared key. The received encrypted seed is decrypted and installed within the application. The OTP is generated by the application based on the seed. The OTP is bound to the mobile device by the application by encrypting the seed with the unique device ID and the hardcoded pre-shared key.
