ONLINE SECURE TRANSACTION VERIFICATION SYSTEM PROXY SERVER AND METHOD
First Claim
Patent Images
1. An apparatus for providing security protection for online transactions between a first device and a second device comprising:
- a transaction protector operative to intercept online transaction information flowing from the second device for the first device;
to determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information and to provide transaction protection user interface data in addition to the online transaction information to the first device based on the determination.
3 Assignments
0 Petitions
Accused Products
Abstract
In one example, a proxy server acts as a gateway to a website and modifies the traffic between a web browser on a user device and the website server, as necessary to request protection by providing step-up authentication and/or transaction verification. The proxy server blocks transactions when protection is required but has not occurred (either because the authentication was not proper or due to the detection of another problem). Associated methods and systems are also provided.
24 Citations
21 Claims
-
1. An apparatus for providing security protection for online transactions between a first device and a second device comprising:
a transaction protector operative to intercept online transaction information flowing from the second device for the first device;
to determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information and to provide transaction protection user interface data in addition to the online transaction information to the first device based on the determination.- View Dependent Claims (2, 3, 4, 5, 6)
-
7. A gateway apparatus for communicating between a first device and a second device comprising:
a transaction protector operative to provide protection of an online transaction between the first device and the second device by determining whether to add protection for the second device based on a risk assessment of the online transaction and operative to selectively provide at least one of a step-up authentication operation and a transaction verification operation for the online transaction wherein the transaction verification operation employs a third device, based on the risk assessment. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
14. An online transaction protection system comprising:
-
a web server operative to provide web page information for the online transaction; a transaction protector proxy server, in communication with the web server, operative to intercept online transaction web page information from the web server for a user device; operative to determine whether to inject transaction protection user interface data for the user device, in response to intercepting the online transaction web page information and operative to inject transaction verification user interface data in addition to the web page information to the first device based on the determination; and a user device in communication with the transaction protector proxy server and operative to provide security information to facilitate the online transaction, in response to the injected transaction verification user interface data and web page information provided by the transaction protector proxy server. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A method, performed electronically, for providing online transaction protection between a first device and a second device comprising:
-
intercepting online transaction information flowing from the second device for the first device; determine whether to inject transaction protection user interface data for the first device, in response to intercepting the online transaction web page information, and injecting transaction verification user interface data in addition to the web page information to the first device based on the determination. - View Dependent Claims (21)
-
Specification