ONLINE SECURE TRANSACTION VERIFICATION SYSTEM PROXY SERVER AND METHOD

US 20140373093A1
Filed: 03/13/2014
Published: 12/18/2014
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. An apparatus for providing security protection for online transactions between a first device and a second device comprising:

a transaction protector operative to intercept online transaction information flowing from the second device for the first device;

to determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information and to provide transaction protection user interface data in addition to the online transaction information to the first device based on the determination.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one example, a proxy server acts as a gateway to a website and modifies the traffic between a web browser on a user device and the website server, as necessary to request protection by providing step-up authentication and/or transaction verification. The proxy server blocks transactions when protection is required but has not occurred (either because the authentication was not proper or due to the detection of another problem). Associated methods and systems are also provided.

24 Citations

View as Search Results

21 Claims

1. An apparatus for providing security protection for online transactions between a first device and a second device comprising:
- a transaction protector operative to intercept online transaction information flowing from the second device for the first device;
  
  to determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information and to provide transaction protection user interface data in addition to the online transaction information to the first device based on the determination.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1 wherein the transaction protector is operative to at least one of:
    - verify the transaction for the second device and provide a step-up authentication of a user of the first device based on the injected transaction verification user interface data.
  - 3. The apparatus of claim 1 wherein the transaction protector is operative to inject the transaction verification user interface data with the web page information from the second device, and wherein the transaction protector is operative to block online transaction requests to the second device in response to unsuccessful verification of the transaction.
  - 4. The apparatus of claim 1 wherein the injected transaction verification user interface data is comprised of graphic user interface script code for a web browser on the first device that when executed causes the first device to display at least one of a step-up authentication GUI and a transaction verification GUI.
  - 5. The apparatus of claim 1 wherein the transaction protector is operative to provide a risk assessment of the online transaction concurrently with the online transaction independent of the second device and operative to determine whether an out of band verification process using a third device should be carried out for the online transaction based on the risk assessment of the online transaction.
  - 6. The apparatus of claim 1 comprising a configuration controller operative to provide a configuration user interface that comprises selectable online transaction verification risk rule data.

7. A gateway apparatus for communicating between a first device and a second device comprising:
- a transaction protector operative to provide protection of an online transaction between the first device and the second device by determining whether to add protection for the second device based on a risk assessment of the online transaction and operative to selectively provide at least one of a step-up authentication operation and a transaction verification operation for the online transaction wherein the transaction verification operation employs a third device, based on the risk assessment.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The apparatus of claim 7 wherein the transaction protector is operative to provide the risk assessment for the online transaction based on evaluating the online transaction web page information.
  - 9. The apparatus of claim 7 wherein the transaction protector is operative to initiate the transaction verification operation as an out of band transaction verification process.
  - 10. The apparatus of claim 7 wherein the transaction protector is operative to inject the transaction verification user interface data with the web page information from the second device, and wherein the transaction protector is operative to block online transaction requests to the second device in response to unsuccessful verification of the transaction.
  - 11. The apparatus of claim 7 wherein the injected transaction verification user interface data is comprised of graphic user interface script code for a web browser on the first device that when executed causes the first device to display at least one of a step-up authentication GUI and a transaction verification GUI.
  - 12. The apparatus of claim 7 wherein the transaction protector is operative to provide a risk assessment of the online transaction concurrently with the online transaction independent of the second device and operative to determine whether an out of band verification process using a third device should be carried out for the online transaction based on the risk assessment of the online transaction.
  - 13. The apparatus of claim 7 comprising a configuration controller operative to provide a configuration user interface that comprises selectable online transaction verification risk rule data.

14. An online transaction protection system comprising:
- a web server operative to provide web page information for the online transaction;
  
  a transaction protector proxy server, in communication with the web server, operative to intercept online transaction web page information from the web server for a user device;
  
  operative to determine whether to inject transaction protection user interface data for the user device, in response to intercepting the online transaction web page information and operative to inject transaction verification user interface data in addition to the web page information to the first device based on the determination; and
  
  a user device in communication with the transaction protector proxy server and operative to provide security information to facilitate the online transaction, in response to the injected transaction verification user interface data and web page information provided by the transaction protector proxy server.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14 wherein the transaction verification proxy server is operative to at least one of:
    - verify the transaction for the web server and provide a step-up authentication of a user of the user device based on a risk assessment of the online transaction.
  - 16. The system of claim 14 wherein the transaction verification proxy server is operative to inject the transaction verification user interface data with the web page information from the second device, and wherein the transaction protector is operative to block online transaction requests to the second device in response to unsuccessful verification of the transaction.
  - 17. The system of claim 14 wherein the injected transaction verification user interface data is comprised of graphic user interface script code for a web browser on the first device that when executed causes the first device to display at least one of a step-up authentication GUI and a transaction verification GUI.
  - 18. The system of claim 14 wherein the transaction verification proxy server is operative to provide a risk assessment of the online transaction concurrently with the online transaction independent of the second device and operative to determine whether an out of band verification process using a third device should be carried out for the online transaction based on the risk assessment of the online transaction.
  - 19. The system of claim 14 wherein the transaction verification proxy server comprises a configuration controller operative to provide a configuration user interface that comprises selectable online transaction verification risk rule data.

20. A method, performed electronically, for providing online transaction protection between a first device and a second device comprising:
- intercepting online transaction information flowing from the second device for the first device;
  
  determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information, andinjecting transaction verification user interface data in addition to the web page information to the first device based on the determination.
- View Dependent Claims (21)
- - 21. The method of claim 20 comprising providing a risk assessment for the online transaction based on evaluating the online transaction web page information and selectively providing at least one of:
    - a step-up authentication operation and a transaction verification operation for the online transaction wherein the transaction verification operation employs a third device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Entrust Corp.
Original Assignee
Entrust Incorporated (Entrust Corp.)
Inventors
Lockhart, Roland Thomas, Mister, Serge Jean Maurice, Wood, Christopher D., Holtstrom, Michael, McCulligh, Murray, Wetmore, Greg

Granted Patent

US 9,954,860 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06Q 20/4014   Identity check for transact...

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/425   using two different network...

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04L 63/105   Multiple levels of security

H04L 63/14   for detecting or protecting...

ONLINE SECURE TRANSACTION VERIFICATION SYSTEM PROXY SERVER AND METHOD

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

ONLINE SECURE TRANSACTION VERIFICATION SYSTEM PROXY SERVER AND METHOD

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links