US2009044266A1PendingUtilityA1

System and method for providing transactional security for an end-user device

Assignee: AUTHENTIUM INCPriority: Mar 30, 2006Filed: Apr 29, 2008Published: Feb 12, 2009
Est. expiryMar 30, 2026(expired)· nominal 20-yr term from priority
H04L 63/1441H04L 63/08G06Q 20/382G06F 21/566G06Q 30/06
47
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g., a start/stop trigger module, an application lockout module, a network/file I/O control module, a trusted driver manager, a keystrokes generator driver, a keystrokes deletion hook, and/or a transaction network VPN manager) for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction

Claims

exact text as granted — not AI-modified
1 . A network system comprising: a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction. 
     
     
         2 . The network system of  claim 1 , wherein the transaction network provides banking site. 
     
     
         3 . The network system of  claim 1 , wherein the transaction network provides a gaming site. 
     
     
         4 . The network system of  claim 1 , wherein the trusted source resides on an ISP network. 
     
     
         5 . The network system of  claim 1 , wherein the trusted source and the transaction network are managed by the same entity. 
     
     
         6 . The network system of  claim 1 , wherein the trusted source resides on the transaction network. 
     
     
         7 . The network system of  claim 1 , wherein the security mechanism includes a security engine. 
     
     
         8 . The network system of  claim 1 , wherein the security mechanism includes a security profile. 
     
     
         9 . The network system of  claim 1 , wherein the security mechanism includes a security engine and a security profile. 
     
     
         10 . The network system of  claim 1 , wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism. 
     
     
         11 . The network system of  claim 1 , wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction. 
     
     
         12 . The network system of  claim 1 , wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction. 
     
     
         13 . The network system of  claim 1 , wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver. 
     
     
         14 . The network system of  claim 13 , wherein driver is a keyboard driver. 
     
     
         15 . The network system of  claim 1 , wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user. 
     
     
         16 . The network system of  claim 15 , wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver. 
     
     
         17 . The network system of  claim 1 , wherein the security mechanism includes an IP address to a server with the transaction network. 
     
     
         18 . The network system of  claim 1 , wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network. 
     
     
         19 . The network system of  claim 1 , wherein the agent is capable of removing the security mechanism upon completion of the transaction. 
     
     
         20 . The network system of  claim 1 , further comprising a second agent being capable of removing the security mechanism upon completion of the transaction. 
     
     
         21 . The network system of  claim 1 , wherein the agent includes an install agent downloaded from the trusted source. 
     
     
         22 . The network system of  claim 1 , wherein the agent includes an install agent downloaded from a third-party server. 
     
     
         23 . The network system of  claim 1 , wherein the agent includes a connection agent preloaded onto the end-user device. 
     
     
         24 . A method comprising: requesting by an end user a secure transaction with a transaction network providing a transaction; receiving from a trusted source a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; activating the security mechanism; establishing a secure connection between an end-user device and the transaction network; and enabling the transaction. 
     
     
         25 . The method of  claim 24 , wherein the transaction network provides a banking site. 
     
     
         26 . The method of  claim 24 , wherein the transaction network provides a gaming site. 
     
     
         27 . The method of  claim 24 , wherein the trusted source resides on an ISP network. 
     
     
         28 . The method of  claim 24 , wherein the trusted source and the transaction network are managed by the same entity. 
     
     
         29 . The method of  claim 24 , wherein the trusted source resides on the transaction network. 
     
     
         30 . The method of  claim 24 , wherein the security mechanism includes a security engine. 
     
     
         31 . The method of  claim 24 , wherein the security mechanism includes a security profile. 
     
     
         32 . The method of  claim 24 , wherein the security mechanism includes a security engine and a security profile. 
     
     
         33 . The method of  claim 24 , wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism. 
     
     
         34 . The method of  claim 24 , wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction. 
     
     
         35 . The method of  claim 24 , wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction. 
     
     
         36 . The method of  claim 24 , wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver. 
     
     
         37 . The method of  claim 36 , wherein driver is a keyboard driver. 
     
     
         38 . The method of  claim 24 , wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user. 
     
     
         39 . The method of  claim 38 , wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver. 
     
     
         40 . The method of  claim 24 , wherein the security mechanism includes an IP address to a server within the transaction network. 
     
     
         41 . The method of  claim 24 , wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network. 
     
     
         42 . The method of  claim 24 , further comprising removing the security mechanism upon completion of the transaction.

Join the waitlist — get patent alerts

Track US2009044266A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.