Transaction security method and apparatus
First Claim
1. An apparatus of controlling the transmission of sensitive data to a remote data store comprising:
- a) means for prompting a user to send a first subset of data, which is non-threatening, to the remote store by means of a first communications path using a first protocol; and
b) means for prompting the user to send a second subset of data, which is also non-threatening, to the remote store by means of a second communications path using a second, different protocol,wherein said first and second subsets are used to complete a transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for performing secure transactions, such as credit card purchases, using two or more non-secure networks (such as the Internet and the public telephone system) in such a way that security is insured. A person wishing to initiate a secure transaction sends a message over one of the non-secure networks to a computer. That computer automatically uses the second non-secure network to contact the person back to verify the transaction. The call-back mechanism employs a method to authenticate the identity or authority of the person initiating the transaction. No single wire-tapping or network snooping device sees the entire transaction. No single database contains the entire set of information.
561 Citations
4 Claims
-
1. An apparatus of controlling the transmission of sensitive data to a remote data store comprising:
-
a) means for prompting a user to send a first subset of data, which is non-threatening, to the remote store by means of a first communications path using a first protocol; and b) means for prompting the user to send a second subset of data, which is also non-threatening, to the remote store by means of a second communications path using a second, different protocol, wherein said first and second subsets are used to complete a transaction. - View Dependent Claims (2)
-
-
3. An apparatus for enabling a user to initiate and complete a transmission of sensitive data to a remote data store comprising:
-
a) means for enabling a user to send a first subset of data, which is non-threatening, to the remote store by means of a first communications path using a first protocol; and b) means for contacting the user back and prompting that user to send a second subset of data, which is also non-threatening, to the remote store by means of a second communications path using a second, different protocol, wherein said first and second subsets are used to complete a transaction. - View Dependent Claims (4)
-
Specification