METHOD AND SYSTEM FOR SECURING ELECTRONIC TRANSACTIONS

US 20110154459A1
Filed: 02/25/2011
Published: 06/23/2011
Est. Priority Date: 02/03/2009
Status: Active Grant

First Claim

Patent Images

1. A method for secure electronic transaction over a computer network, comprising:

at a trusted relationship profile server computer operably connected to the computer network;

(a) storing a unique identity of a trusted computing unit;

(b) generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit;

at a computer operably connected to the computer network and comprising a security proxy server, having computer readable instructions stored in a computer readable storage medium for execution by a processor;

(c) storing real credentials and local credentials of a customer in a secure vault;

(d) receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and

(e) replacing the local credentials submitted in the login process with the real credentials.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure electronic transaction over a computer network, comprising: at a trusted relationship profile server computer: storing a unique identity of a trusted computing unit; generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit; at a security proxy server computer: storing real credentials and local credentials of a customer in a secure vault; receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and replacing the local credentials submitted in the login process with the real credentials. A corresponding system for secure electronic transactions is also provided.

49 Citations

View as Search Results

20 Claims

1. A method for secure electronic transaction over a computer network, comprising:
- at a trusted relationship profile server computer operably connected to the computer network;
  
  (a) storing a unique identity of a trusted computing unit;
  
  (b) generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit;
  
  at a computer operably connected to the computer network and comprising a security proxy server, having computer readable instructions stored in a computer readable storage medium for execution by a processor;
  
  (c) storing real credentials and local credentials of a customer in a secure vault;
  
  (d) receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and
  
  (e) replacing the local credentials submitted in the login process with the real credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein steps (c), (d) and (e) are performed at a security proxy server computer.
  - 3. The method of claim 1, wherein steps (c), (d) and (e) are performed at a computer of the customer comprising the security proxy server.
  - 4. The method of claim 1, wherein the step (a) of storing the unique identity of the trusted computing unit comprises storing a unique identity of a portable security device.
  - 5. The method of claim 4, further comprising modifying a login password entered in a login process to a transaction server computer to produce a modified login password, based on the credentials of the portable security device.
  - 6. The method of claim 5, further including completing the login process to the transaction server computer with the modified login password.
  - 7. The method of claim 5, wherein the modified login password comprises the login password appended with at least a part of the credentials of the portable security device.
  - 8. The method of claim 1, further comprising completing the electronic transaction with the trusted computing unit at a transaction server using the real credentials.
  - 9. The method of claim 4, wherein the storing the unique identity of the portable security device comprises storing a unique identity of one or more of the following:
    - a cellphone, a smart phone, and a personal portable computing device having a further computer readable storage medium having computer readable instructions stored thereon for executing by a further processor for communicating with the security proxy server.

10. One or more computer readable storage media having computer readable instructions stored thereon for execution by a processor, for performing a method for secure electronic transaction over a computer network, comprising:
- at a trusted relationship profile server computer operably connected to the computer network;
  
  (a) storing a unique identity of a trusted computing unit;
  
  (b) generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit;
  
  at a computer comprising a security proxy server, having computer readable instructions stored in a computer readable storage medium for execution by a processor, the computer being operably connected to the computer network;
  
  (c) storing real credentials and local credentials of a customer in a secure vault;
  
  (d) receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and
  
  (e) replacing the local credentials submitted in the login process with the real credentials.

11. A computer-based system for providing security for an electronic transaction over a computer network, comprising:
- a) a trusted relationship profile server computer operably connected to the computer network, the computer having a first processor and a first computer readable storage medium having computer readable instructions stored thereon for executing by the first processor, storing a unique identity of a trusted computing unit;
  
  the trusted relationship profile server computer having a message generator unit for generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit;
  
  b) a security proxy server operably connected to the trusted computing unit, the security proxy server having a second computer readable storage medium having computer readable instructions stored thereon for executing by a second processor, comprising;
  
  (i) a secure vault, storing real credentials and local credentials of a customer in the secure vault;
  
  (ii) a message confirmation unit receiving the confirmation message from the message generator unit and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and
  
  (iii) a message parameter replacement unit for replacing the local credentials submitted in the login process with the real credentials.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein:
    - a computer of the customer comprises the security proxy server;
      
      orwherein the trusted computing unit comprises the security proxy server.
  - 13. The system of claim 11, wherein the trusted computing unit includes a portable security device.
  - 14. The system of claim 13, wherein the portable security device comprises a flash memory device.
  - 15. The system of claim 13, wherein the portable security device is configured to be connected to a computer of the customer.
  - 16. The system as claimed in claim 11, further including a transaction server computer operably connected to the computer network, the transaction server computer having a computer readable storage medium having computer readable instructions stored thereon for executing by a processor for completing the electronic transaction with the trusted computing unit.
  - 17. The system as claimed in claim 11, wherein the trusted computing unit comprises a portable computer-based device comprising one or more of the following:
    - a cellphone, a smart phone, and a personal portable computing device having a further computer readable storage medium having computer readable instructions stored thereon for executing by a further processor for communicating with the security proxy server.
  - 18. The system of claim 11, wherein the secure vault further comprises computer readable instructions for storing credentials of the portable security device, and the security proxy server further comprises a password replacement unit, modifying a login password entered in a login process with the transaction server computer to produce a modified login password, based on the credentials of the portable security device.

19. The system of claim 19, further including a transaction server computer operably connected to the computer network, the transaction server computer having a computer readable storage medium having computer readable instructions stored thereon for executing by a processor for completing the login process with the transaction server computer with the modified login password.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the modified login password comprises the login password appended with at least a part of the credentials of the portable security device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
inBay Technologies, Inc.
Original Assignee
inBay Technologies, Inc.
Inventors
Mann, David Michael, KUANG, Randy, Xavier, Stanislus Kisito

Granted Patent

US 8,468,582 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/41   where a single sign-on prov...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2103   Challenge-response

G06F 2221/2115   Third party

H04L 63/0281   Proxies

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/105   Multiple levels of security

METHOD AND SYSTEM FOR SECURING ELECTRONIC TRANSACTIONS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR SECURING ELECTRONIC TRANSACTIONS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links