METHOD AND APPARATUS FOR ENHANCING ONLINE TRANSACTION SECURITY VIA SECONDARY CONFIRMATION

The need for secure online transaction on inherently insecure platforms such as PCs and mobile devices is increasing with the widespread adoption of e-commerce and online banking. Providing enhanced security on such platforms is challenging as factors of cost and user convenience are significant barrier to adoption rates. The proposed invention does not require special hardware, operating systems or communication links installed on the client devices. Instead, it makes use of the fact that a large number of consumers already have access to multiple independently operating devices such as PCs and cellular phones. Providing secondary confirmation for secure transactions using a plurality of such devices addresses both the cost and ease-of-use factors. In particular, a secure transaction that is originated on one type of consumer device such as a PC is conducted to require a secondary transaction on a different device such as a mobile phone. This way an attacker faces the much harder problem of synchronously compromising two very different systems to gain control of a particular secure transaction.