SYSTEM AND METHOD FOR APPLICATION SECURITY
1 Assignment
0 Petitions
Accused Products
Abstract
A secured hardware token includes an embedded processor, secured persistent storage, and read only memory. The storage includes functionality to store data that includes an account master secret for an account at a financial institution. The memory includes a security application, which causes the processor to receive, from a financial institution application executing on a mobile device, a call for an n-bit result. The security application further causes the processor to obtain, from the secured persistent storage, the account master secret, construct the n-bit result specific to the call using the account master secret and the n-bit generator input as input to an n-bit generator in the security application, and return the n-bit result to the financial institution application. The financial institution application provides the n-bit result to the financial institution, which completes a financial transaction when the n-bit result is verified using a copy of the account master secret.
50 Citations
33 Claims
-
1-5. -5. (canceled)
-
6. A system for securing financial transactions comprising:
a mobile device comprising; a mobile device processor; and memory comprising a financial institution application, which, when executed by the mobile device processor, is configured to; combine at least one component into a first n-bit generator input, wherein the at least one component describes a financial transaction; perform a first call, using the first n-bit generator input and a first master secret identifier for an electronic check as arguments, an n-bit generator; receive, from the n-bit generator, the first n-bit result comprising a check authentication code generated using an account master secret and the first n-bit generator input; create the electronic check by appending the check authentication code to the first n-bit generator input; and send the electronic check; a secured persistent storage configured to store data, the data comprising; the account master secret for an account at a financial institution, wherein the financial institution stores a copy of the account master secret in secured storage of the financial institution; and a read only memory comprising a security application configured to; receive, from the financial institution application, the first call for the first n-bit result, wherein the first call comprises the first n-bit generator input and the first master secret identifier; obtain, from the secured persistent storage, the account master secret referenced by the first master secret identifier; construct the first n-bit result specific to the first call using the account master secret and the first n-bit generator input as input to the n-bit generator in the security application; and return the first n-bit result to the financial institution application, wherein the financial institution application provides the n-bit result to the financial institution, wherein the financial institution is adapted to complete the financial transaction when the first n-bit result is verified. - View Dependent Claims (7, 8, 9, 12, 23, 24, 25, 26, 27, 28, 29)
-
10. (canceled)
-
11. (canceled)
-
13. A non-transitory computer readable medium comprising computer readable program code for causing a computer system to:
-
combine at least one component into an n-bit generator input, wherein the at least one component describes a financial transaction; call, using the n-bit generator input and a master secret identifier for an electronic check as arguments, an n-bit generator, wherein the master secret identifier references a master secret; receive, from the n-bit generator, a check authentication code generated using the master secret and the n-bit generator input; create an electronic check by appending the check authentication code to the n-bit generator input; and send the electronic check to complete the financial transaction. - View Dependent Claims (15, 30)
-
-
14. (canceled)
-
16-22. -22. (canceled)
- 31. The non-transitory computer readable medium of claim 31, further comprising computer readable program code for causing a computer system to send the electronic check to the financial institution.
Specification