System And Method For Providing Transactional Security For An End-User Device

US 20070234061A1
Filed: 03/30/2007
Published: 10/04/2007
Est. Priority Date: 03/30/2006
Status: Active Grant

First Claim

Patent Images

1. A network system comprising:

a transaction network operative to provide a transaction with an end user;

a trusted source of a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and

an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g., a start/stop trigger module, an application lockout module, a network/file I/O control module, a trusted driver manager, a keystrokes generator driver, a keystrokes deletion hook, and/or a transaction network VPN manager) for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction.

Citations

42 Claims

1. A network system comprising:
- a transaction network operative to provide a transaction with an end user;
  
  a trusted source of a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and
  
  an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The network system of claim 1, wherein the transaction network provides banking site.
  - 3. The network system of claim 1, wherein the transaction network provides a gaming site.
  - 4. The network system of claim 1, wherein the trusted source resides on an ISP network.
  - 5. The network system of claim 1, wherein the trusted source and the transaction network are managed by the same entity.
  - 6. The network system of claim 1, wherein the trusted source resides on the transaction network.
  - 7. The network system of claim 1, wherein the security mechanism includes a security engine.
  - 8. The network system of claim 1, wherein the security mechanism includes a security profile.
  - 9. The network system of claim 1, wherein the security mechanism includes a security engine and a security profile.
  - 10. The network system of claim 1, wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism.
  - 11. The network system of claim 1, wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction.
  - 12. The network system of claim 1, wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction.
  - 13. The network system of claim 1, wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver.
  - 14. The network system of claim 13, wherein driver is a keyboard driver.
  - 15. The network system of claim 1, wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user.
  - 16. The network system of claim 15, wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver.
  - 17. The network system of claim 1, wherein the security mechanism includes an IP address to a server with the transaction network.
  - 18. The network system of claim 1, wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network.
  - 19. The network system of claim 1, wherein the agent is capable of removing the security mechanism upon completion of the transaction.
  - 20. The network system of claim 1, further comprising a second agent being capable of removing the security mechanism upon completion of the transaction.
  - 21. The network system of claim 1, wherein the agent includes an install agent downloaded from the trusted source.
  - 22. The network system of claim 1, wherein the agent includes an install agent downloaded from a third-party server.
  - 23. The network system of claim 1, wherein the agent includes a connection agent preloaded onto the end-user device.

24. A method comprising:
- requesting by an end user a secure transaction with a transaction network providing a transaction;
  
  receiving from a trusted source a security mechanism for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user;
  
  activating the security mechanism;
  
  establishing a secure connection between an end-user device and the transaction network; and
  
  enabling the transaction.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 25. The method of claim 24, wherein the transaction network provides a banking site.
  - 26. The method of claim 24, wherein the transaction network provides a gaming site.
  - 27. The method of claim 24, wherein the trusted source resides on an ISP network.
  - 28. The method of claim 24, wherein the trusted source and the transaction network are managed by the same entity.
  - 29. The method of claim 24, wherein the trusted source resides on the transaction network.
  - 30. The method of claim 24, wherein the security mechanism includes a security engine.
  - 31. The method of claim 24, wherein the security mechanism includes a security profile.
  - 32. The method of claim 24, wherein the security mechanism includes a security engine and a security profile.
  - 33. The method of claim 24, wherein the security mechanism includes a start/stop trigger module for controlling when to initiate one or more aspects of the security mechanism and when to deactivate the one or more aspects of the security mechanism.
  - 34. The method of claim 24, wherein the security mechanism includes an application lockout module for suspending at least one application not needed to effect the transaction.
  - 35. The method of claim 24, wherein the security mechanism includes a file/network I/O control module for disabling at least one file or network operation during the transaction.
  - 36. The method of claim 24, wherein the security mechanism includes a trusted driver module for determining whether a driver on the end-user device matches a known trusted driver.
  - 37. The method of claim 36, wherein driver is a keyboard driver.
  - 38. The method of claim 24, wherein the security mechanism includes a keystrokes generator driver for generating additional keystrokes to a keystroke pattern generated by the end user.
  - 39. The method of claim 38, wherein the security mechanism includes a keystrokes deletion hook for deleting the additional keystrokes generated by the keystrokes generator driver.
  - 40. The method of claim 24, wherein the security mechanism includes an IP address to a server within the transaction network.
  - 41. The method of claim 24, wherein the security mechanism includes a VPN manager capable of establishing a secure tunnel between the end-user device and the transaction network.
  - 42. The method of claim 24, further comprising removing the security mechanism upon completion of the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Antlabs Pte Ltd.
Original Assignee
Antlabs Pte Ltd.
Inventors
Teo, Wee

Granted Patent

US 8,434,148 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/178
CPC Class Codes

G06F 21/566   Dynamic detection, i.e. det...

G06Q 20/382   insuring higher security of...

G06Q 30/06   Buying, selling or leasing ...

H04L 63/08   for authentication of entit...

H04L 63/1441   Countermeasures against mal...

System And Method For Providing Transactional Security For An End-User Device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

System And Method For Providing Transactional Security For An End-User Device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links