System and method for providing transactional security for an end-user device
Abstract
A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g., a start/stop trigger module, an application lockout module, a network/file I/O control module, a trusted driver manager, a keystrokes generator driver, a keystrokes deletion hook, and/or a transaction network VPN manager) for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction
Claims
exact text as granted — not AI-modified1 . A network system comprising: a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction.
2 . The network system of claim 1 , wherein the transaction network provides banking site.
3 . The network system of claim 1 , wherein the transaction network provides a gaming site.
4 . The network system of claim 1 , wherein the trusted source resides on an ISP network.
5 . The network system of claim 1 , wherein the trusted source and the transaction network are managed by the same entity.
6 . The network system of claim 1 , wherein the trusted source resides on the transaction network.
7 . The network system of claim 1 , wherein the security mechanism includes a security engine.
8 . The network system of claim 1 , wherein the security mechanism includes a security profile.
9 . The network system of claim 1 , wherein the security mechanism includes a security engine and a security profile.
10 . The network system of claim 1 , wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism.
11 . The network system of claim 1 , wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction.
12 . The network system of claim 1 , wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction.
13 . The network system of claim 1 , wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver.
14 . The network system of claim 13 , wherein driver is a keyboard driver.
15 . The network system of claim 1 , wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user.
16 . The network system of claim 15 , wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver.
17 . The network system of claim 1 , wherein the security mechanism includes an IP address to a server with the transaction network.
18 . The network system of claim 1 , wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network.
19 . The network system of claim 1 , wherein the agent is capable of removing the security mechanism upon completion of the transaction.
20 . The network system of claim 1 , further comprising a second agent being capable of removing the security mechanism upon completion of the transaction.
21 . The network system of claim 1 , wherein the agent includes an install agent downloaded from the trusted source.
22 . The network system of claim 1 , wherein the agent includes an install agent downloaded from a third-party server.
23 . The network system of claim 1 , wherein the agent includes a connection agent preloaded onto the end-user device.
24 . A method comprising: requesting by an end user a secure transaction with a transaction network providing a transaction; receiving from a trusted source a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; activating the security mechanism; establishing a secure connection between an end-user device and the transaction network; and enabling the transaction.
25 . The method of claim 24 , wherein the transaction network provides a banking site.
26 . The method of claim 24 , wherein the transaction network provides a gaming site.
27 . The method of claim 24 , wherein the trusted source resides on an ISP network.
28 . The method of claim 24 , wherein the trusted source and the transaction network are managed by the same entity.
29 . The method of claim 24 , wherein the trusted source resides on the transaction network.
30 . The method of claim 24 , wherein the security mechanism includes a security engine.
31 . The method of claim 24 , wherein the security mechanism includes a security profile.
32 . The method of claim 24 , wherein the security mechanism includes a security engine and a security profile.
33 . The method of claim 24 , wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism.
34 . The method of claim 24 , wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction.
35 . The method of claim 24 , wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction.
36 . The method of claim 24 , wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver.
37 . The method of claim 36 , wherein driver is a keyboard driver.
38 . The method of claim 24 , wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user.
39 . The method of claim 38 , wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver.
40 . The method of claim 24 , wherein the security mechanism includes an IP address to a server within the transaction network.
41 . The method of claim 24 , wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network.
42 . The method of claim 24 , further comprising removing the security mechanism upon completion of the transaction.Join the waitlist — get patent alerts
Track US2009044266A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.