Certificate system for verifying authorized and unauthorized secure sessions
First Claim
1. A system for identifying potential compromised interactions, the system comprising:
- one or more memory devices having computer readable code store thereon; and
one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer readable code to;
access an organization application;
identify stored certification requirements from the organization application, wherein the stored certification requirements include at least a number of required verified certificates required by an organization from different certification authorities to verify the organization application;
receive one or more certificates and received certification requirements from the organization application;
verify the one or more certificates from the organization application to determine a number of verified certificates provided by the organization;
compare the stored certification requirements identified with the received certification requirements from the organization application to determine when the stored certification requirements meet the received certification requirements; and
notify a user through a user application with a certification requirement notification or prevent an interaction with the organization application when the received certification requirements fail to meet the stored certification requirements.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, computer products, and methods are described herein for an improved secure certificate system for identifying potential authorized and unauthorized interactions between a web browser and a website. The certificate system utilizes stored certification requirements (e.g., pinned certification requirements, third-party certification requirement system, or the like), and compares the stored certification requirements with received certification requirements. The system may notify the user or prevent the interaction between the web browser and website when the stored certification requirements do not meet the received certification requirements (e.g., a threshold requirement of certificates to validate, validated certificates, or the like). The certificate system allows the interaction between the web browser and website when the stored certification requirements meet the received certification requirements and the website is verified based on the certification requirements. It should be also understood that the certificate system may also be utilized for interactions between dedicated applications.
93 Citations
20 Claims
-
1. A system for identifying potential compromised interactions, the system comprising:
-
one or more memory devices having computer readable code store thereon; and one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer readable code to; access an organization application; identify stored certification requirements from the organization application, wherein the stored certification requirements include at least a number of required verified certificates required by an organization from different certification authorities to verify the organization application; receive one or more certificates and received certification requirements from the organization application; verify the one or more certificates from the organization application to determine a number of verified certificates provided by the organization; compare the stored certification requirements identified with the received certification requirements from the organization application to determine when the stored certification requirements meet the received certification requirements; and notify a user through a user application with a certification requirement notification or prevent an interaction with the organization application when the received certification requirements fail to meet the stored certification requirements. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer implemented method for identifying potential compromised interactions, the method comprising:
-
accessing, by one or more processors, an organization application; identifying, by the one or more processors, stored certification requirements from the organization application, wherein the stored certification requirements include at least a number of required verified certificates required by an organization from different certification authorities to verify the organization application; receiving, by the one or more processors, one or more certificates and received certification requirements from the organization application; verifying, by the one or more processors, the one or more certificates from the organization application to determine a number of verified certificates provided by the organization; comparing, by the one or more processors, the stored certification requirements identified with the received certification requirements from the organization application to determine when the stored certification requirements meet the received certification requirements; and notifying, by the one or more processors, a user through a user application with a certification requirement notification or prevent an interaction with the organization application when the received certification requirements fail to meet the stored certification requirements. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer program product for identifying potential compromised interactions, the computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code portions embodied therein, the computer-readable program code portions comprising:
-
an executable portion configured to access an organization application; an executable portion configured to identify stored certification requirements from the organization application, wherein the stored certification requirements include at least a number of required verified certificates required by an organization from different certification authorities to verify the organization application; an executable portion configured to receive one or more certificates and received certification requirements from the organization application; an executable portion configured to verify the one or more certificates from the organization application to determine a number of verified certificates provided by the organization; an executable portion configured to compare the stored certification requirements identified with the received certification requirements from the organization application to determine when the stored certification requirements meet the received certification requirements; and an executable portion configured to notify a user through a user application with a certification requirement notification or prevent an interaction with the organization application when the received certification requirements fail to meet the stored certification requirements.
-
Specification