Method of providing assured transactions using secure transaction appliance and watermark verification

US 20090106556A1
Filed: 10/20/2008
Published: 04/23/2009
Est. Priority Date: 10/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving at a secure transaction device electronic content and a tag relating to a known portion of the electronic content;

associating with the tag first electronic data for use in verifying the known portion of the electronic content;

establishing a first communication path between the secure transaction device and a security module;

establishing a second communication path between the secure transaction device and a second other system; and

initiating an authorization process for being performed at least in conjunction with the security module.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method of improving electronic security by establishing a path between a user and a secure transaction appliance. The secure transaction appliance receiving information destined for the user which includes a tagged portion, said tagged portion triggering the secure transaction appliance to forward the information to the computer from which the request was issued, and to seeking an electronic signature to verify the content or transaction by transmitting a watermark, tagged portion of the content, or similar electronic content. The secure trusted path providing the user with the tagged portion incorporating additional elements such as a watermark, or in some embodiments only the additional elements, upon a personalized security device associated with the user making interception or manipulation more complex and difficult.

Citations

26 Claims

1. A method comprising:
- receiving at a secure transaction device electronic content and a tag relating to a known portion of the electronic content;
  
  associating with the tag first electronic data for use in verifying the known portion of the electronic content;
  
  establishing a first communication path between the secure transaction device and a security module;
  
  establishing a second communication path between the secure transaction device and a second other system; and
  
  initiating an authorization process for being performed at least in conjunction with the security module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method according to claim 1 comprising:
    - providing the known portion of the electronic content to a user via the second other system, the known portion of the electronic content is at least one of presentation to, verification by, and authorization by the user; and
      
      providing the first electronic data to the user via the security module for at least one of presenting, verifying, and authorizing the electronic content.
  - 3. A method according to claim 2 comprising:
    - receiving from the user an indication that the known portion of the electronic content is at least one of verified and authorized, the indication provided in dependence upon at least the known portion of the electronic content and the first electronic data; and
      
      ,digitally authorizing the electronic content in response to the indication.
  - 4. A method according to claim 1 wherein the first communication path is a trusted path.
  - 5. A method according to claim 1 wherein,the security module comprises at least one of a removable peripheral memory storage device and a wireless device.
  - 6. A method according to claim 3 wherein,receiving from the user an indication comprises receiving via the security module a user input.
  - 7. A method according to claim 6 wherein,receiving from the user an indication comprises providing a confirmation signal to the secure transaction device.
  - 8. A method according to claim 1 wherein,the first communication path is via a first network;
    - andthe second communication path is via a second network.
  - 9. A method according to claim 3 wherein,initiating an authorizing process comprises providing at least one of a response to the secure transaction device to continue with a transaction, a digital signature, a digital certificate, a Secure Socket Layer certificate, a password, a one-time password, an answer to a predetermined question, and a certificate according to ITU-T X.509.
  - 10. A method according to claim 1 wherein,the tag comprises providing at least one of an electronic file, a known indicator within the electronic content, and a hypertext markup of the electronic content,
  - 11. A method according to claim 1 wherein,the secure transaction device comprises at least one of a server and a thin-client.
  - 12. A method according to claim 1 wherein,providing at least one of the electronic data and electronic content comprises providing at least one of a digital watermark, a predetermined portion of a digital watermark, a digital certificate, a text seal, an image seal, a steganographic message, a steganographic image, a known portion of the first electronic document, and a Turing test.
  - 13. A method according to claim 1 wherein,the first electronic data comprises the electronic data processed by a process in execution on the security module, the process operating in dependence upon a cryptographic key stored within the security module.

14. A method comprising:
- providing a transactor in communication with a network and comprising a memory for storing information relating to a transaction;
  
  providing a user system associated with a user, the user system having at least a primary computer and a security module, the primary computer in communication with the network and providing the user with a process for allowing the user to view the transaction;
  
  providing a secure transaction device, the secure transaction device disposed within a first communication path between the transactor and the primary computer of the user;
  
  establishing a trusted path between the secure transaction device and the security module,establishing a first transaction between the transactor and the user comprising providing a request having a tag associated therewith from the transactor to the user for a digital signature via the secure transaction device and the first communication path relating to the first transaction;
  
  receiving the request at the secure transaction device and associating first electronic data with the request and the tag;
  
  providing the request to the user system for display on the primary computer via a first communications path; and
  
  providing via the trusted path the first electronic data to the user system for display on the security module.
- View Dependent Claims (15, 16)
- - 15. A method according to claim 14 comprising:
    - receiving from the user an indication provided directly to the security module, the indication for initiating a digital signature process of the request;
      
      generating the digital signature; and
      
      providing the digital signature to the secure transaction device via the trusted path;
      
      providing the digital signature to the transactor from the secure transaction device.
  - 16. A method according to claim 14 wherein the transactor comprises at least one of a broker, a reseller, and a seller participating within the transaction.

17. A method comprising:
- providing a memory device having a processor therein and a display;
  
  providing a first communication path between a server and a user system associated with a user, the first communication path including a secure transaction device disposed between the server and the user system;
  
  providing a trusted path between the secure transaction device and the memory device via a second communication path;
  
  providing to the memory device from the secure transaction device at least one of a watermark and a first predetermined portion of a first document, the watermark associated with a tag provided by the server and referencing a second predetermined portion of the first document; and
  
  providing to the user system the first document for display and for at least one of verification and authorization thereof.
- View Dependent Claims (18)
- - 18. A method according to claim 17 comprising:
    - verifying the first document in dependence upon at least one of the watermark and the second predetermined portion of the first document, the watermark presented to the user via the memory device;
      
      when the verification is indicative of other than tampering, providing an indication to the memory device for digitally signing the first document to provide a digital signature and providing the digital signature to the server via the trusted path.

19. A method comprising:
- receiving from a transactor at a secure transaction device electronic content and a tag associated with a known portion of the electronic content, the electronic content for transmission to a user system associated with a user;
  
  modifying at least the known portion of the electronic content by the addition of first electronic data determined in dependence upon at least one of the transactor, the user, the tag, and the electronic content;
  
  associating with the tag second electronic data, the second electronic data providing the user an association with the first electronic data; and
  
  storing within a memory of the secure transaction device the modified electronic content and second electronic data.
- View Dependent Claims (20)
- - 20. A method according to claim 19 further comprising:
    - establishing a first communication path between the secure transaction device and a security module associated with the user;
      
      establishing a second communication path between the secure transaction device and the user system;
      
      transmitting via the second communication path the modified electronic content for display to the user on the user system;
      
      transmitting via the first communication path the second electronic data for display to the user on the security module; and
      
      verifying an aspect of authenticity of the modified electronic content in dependence upon at least the displayed modified electronic content and displayed second electronic data and providing an indication of said verification to the secure transaction device.

21. A secure transaction device comprising:
- a first input port for receiving electronic content from a transactor for transmission to a user system associated with a user, the electronic content received via a first communication path and intended for display by the user system;
  
  a first output port for transmitting via a second communication path at least one of a verification and an authentication of the electronic content to the transactor from the user;
  
  a plurality of processors electrically connected to the first input port and the first output port, the plurality of processors for identifying at least a predetermined portion of the electronic content, modifying the predetermined portion of the electronic content by the addition of first electronic data, associating with the first electronic data second electronic data, transmitting the first and second electronic data, receiving at least one of a verification and authentification of the electronic content from the user, and transmitting the at least one of a verification and authentification of the electronic content to the transactor;
  
  the first and second electronic data determined in dependence upon at least one of the user and the electronic content;
  
  a second output port supporting a third communication path for transmission of at least the modified electronic data to the user;
  
  a third output port supporting a fourth communication path for transmission of at least the second electronic data to the user; and
  
  a second input port for receiving at least one of a verification and authentification of the electronic content from the user.
- View Dependent Claims (22, 23, 24, 25, 26)
- - 22. A secure transaction device according to claim 21 wherein,identifying comprises receiving at least one of an electronic file associated with the electronic content, electronic content containing a known marker, and hypertext marked electronic content.
  - 23. A secure transaction device according to claim 21 wherein;
    - at least the fourth communication path comprises at least one of a trusted path and a secure hypertext transfer protocol path; and
      
      the first communication path is a hypertext transfer protocol path.
  - 24. A secure transaction device according to claim 21 wherein,the first electronic content is determined in dependence upon at least one of the transactor, the user, a pseudo-random number, the secure transaction device, and the electronic content.
  - 25. A secure transaction device according to claim 21 wherein,the second electronic content is determined in dependence upon at least one of user and an aspect of a device associated with the user receiving the second electronic content.
  - 26. A secure transaction device according to claim 21 wherein;
    - receiving from the user at least one of the verification and authentication of the electronic content and transmitting to the transactor comprises translating at least one of a verification and authentification of the electronic content to a protocol associated with the second communications path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Data Locker Incorporated
Original Assignee
Memory Experts International, Inc.
Inventors
Hamid, Laurence

Granted Patent

US 9,083,746 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0838   using one-time-passwords

H04L 63/123   received data contents, e.g...

H04L 63/166   at the transport layer

H04L 63/168   above the transport layer

H04L 63/18   using different networks or...

H04W 12/069   using certificates or pre-s...

Method of providing assured transactions using secure transaction appliance and watermark verification

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method of providing assured transactions using secure transaction appliance and watermark verification

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links