Multi-user strong authentication token
First Claim
Patent Images
1. A method to secure a user'"'"'s interaction with a remotely accessible computer-based application, the method comprising performing at a personal computing device the steps of:
- obtaining transaction data;
displaying the obtained transaction data on a display of the personal computing device for review by the user, wherein an authentication application that is running on the personal computing device displays the obtained transaction data in a transaction data presentation area of the display of the personal computing device;
obtaining a dynamic credential associated with the transaction data; and
ensuring at the personal computing device that no window of another application that is running on the personal computing device can partially or entirely hide or obscure the authentication application'"'"'s transaction data presentation area while the transaction data are being displayed or until the authentication application has received an indication of the user'"'"'s approval or rejection of the displayed transaction data by calling one or more operating system functions of an operating system of the personal computing device.
3 Assignments
0 Petitions
Accused Products
Abstract
Apparatus, methods and systems to secure remotely accessible applications using authentication devices are disclosed. More in particular apparatus, methods and systems are disclosed for thwarting overlay attacks against authentication applications for displaying transaction data and for generating signatures over these transaction data.
-
Citations
15 Claims
-
1. A method to secure a user'"'"'s interaction with a remotely accessible computer-based application, the method comprising performing at a personal computing device the steps of:
-
obtaining transaction data; displaying the obtained transaction data on a display of the personal computing device for review by the user, wherein an authentication application that is running on the personal computing device displays the obtained transaction data in a transaction data presentation area of the display of the personal computing device; obtaining a dynamic credential associated with the transaction data; and ensuring at the personal computing device that no window of another application that is running on the personal computing device can partially or entirely hide or obscure the authentication application'"'"'s transaction data presentation area while the transaction data are being displayed or until the authentication application has received an indication of the user'"'"'s approval or rejection of the displayed transaction data by calling one or more operating system functions of an operating system of the personal computing device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A personal computing device to secure a user'"'"'s interaction with a remotely accessible computer-based application, the personal computing device comprising a display for displaying information to the user, a user input interface for receiving inputs from the user, a memory component storing an operating system software and an authentication application software, and a data processing component for running the operating system software and the authentication application;
- wherein the authentication application is configured to cause the personal computing device to;
obtain transaction data; display the obtained transaction data on the display for review by the user in a transaction data presentation area of the display; obtain a dynamic credential associated with the transaction data; and ensure that no window of another application that is running on the personal computing device can partially or entirely hide or obscure the authentication application'"'"'s transaction data presentation area while the transaction data are being displayed or until the authentication application has received an indication of the user'"'"'s approval or rejection of the displayed transaction data by calling one or more operating system functions of an operating system of the personal computing device. - View Dependent Claims (7, 8, 9, 10)
- wherein the authentication application is configured to cause the personal computing device to;
-
11. A system to secure a user'"'"'s interaction with a remotely accessible computer-based application, the system comprising:
- a remote application server for hosting the remotely accessible computer-based application, an access device for allowing said user'"'"'s interaction with a remotely accessible computer-based application, a credential verification server for verifying validity of a dynamic credential associated with transaction data of the remotely accessible computer-based application, and a personal computing device comprising a display for displaying information to the user, a user input interface for receiving inputs from the user, a memory component storing an operating system software and an authentication application software, and a data processing component for running the operating system software and the authentication application;
wherein the authentication application is configured to cause the personal computing device to;obtain the transaction data; display the obtained transaction data on the display for review by the user in a transaction data presentation area of the display; obtain the dynamic credential associated with the transaction data; and ensure that no window of another application that is running on the personal computing device can partially or entirely hide or obscure the authentication application'"'"'s transaction data presentation area while the transaction data are being displayed or until the authentication application has received an indication of the user'"'"'s approval or rejection of the displayed transaction data by calling one or more operating system functions of an operating system of the personal computing device. - View Dependent Claims (12, 13, 14, 15)
- a remote application server for hosting the remotely accessible computer-based application, an access device for allowing said user'"'"'s interaction with a remotely accessible computer-based application, a credential verification server for verifying validity of a dynamic credential associated with transaction data of the remotely accessible computer-based application, and a personal computing device comprising a display for displaying information to the user, a user input interface for receiving inputs from the user, a memory component storing an operating system software and an authentication application software, and a data processing component for running the operating system software and the authentication application;
Specification