Security system and method for financial institution server and client web browser
First Claim
1. A computer-implemented method for transmitting transactions between at least one client computer and at least one server computer interconnected by a communications link, the method comprising the steps of:
- (a) receiving one or more HTML documents at the client computer from the server computer, a subset of the documents including a header record and also including one or more HTML FORM tags, the one or more HTML FORM tags being distinct from the header record, a first subset of the HTML FORM tags having an outformat field indicating a specified outgoing transmission cryptographic protocol;
(b) receiving at the client computer input form data corresponding to the HTML FORM tag;
(c) generating secure form data by applying the specified outgoing transmission security cryptographic protocol of the HTML FORM tag to the input form data; and
(d) transmitting a return message including the secure form data to the server computer.
2 Assignments
0 Petitions
Accused Products
Abstract
The financial transaction processing system includes at least one financial server connected through a public network to a number of users associated with client computers. Each user accesses the financial server through a web browser. The web browser is provided with the capabilities to generate encryption keys, to encrypt and decrypt HTML forms, and to digitally sign and timestamp HTML forms. The financial server transfers web pages including HTML forms representing financial transactions. The HTML forms contain extensions that specify the format of an incoming format and the format of a returned form. An HTML form can be transmitted in an encrypted format, in a format including a user'"'"'s digital signature and timestamp, and in an encrypted format that contains the user'"'"'s digital signature and timestamp. The financial server tracks each processed transaction through an audit trail including the user'"'"'s account, the user'"'"'s digital signature, the timestamp of the transaction, and the text of the transaction.
428 Citations
31 Claims
-
1. A computer-implemented method for transmitting transactions between at least one client computer and at least one server computer interconnected by a communications link, the method comprising the steps of:
-
(a) receiving one or more HTML documents at the client computer from the server computer, a subset of the documents including a header record and also including one or more HTML FORM tags, the one or more HTML FORM tags being distinct from the header record, a first subset of the HTML FORM tags having an outformat field indicating a specified outgoing transmission cryptographic protocol; (b) receiving at the client computer input form data corresponding to the HTML FORM tag; (c) generating secure form data by applying the specified outgoing transmission security cryptographic protocol of the HTML FORM tag to the input form data; and (d) transmitting a return message including the secure form data to the server computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 29, 30, 31)
-
-
9. A web browser system for accessing data within a computer system including at least one client computer connected through a communications link with at least one server computer, the web browser system comprising:
-
a memory for storing a plurality of HTML documents, one or more of the HTML documents including a header record and also having one or more HTML FORM tags, the one or more HTML FORM tags being distinct from the header record, a first subset of the HTML FORM tags having an outformat field indicating a specified outgoing transmission cryptographic protocol for use in returning form data; a browsing mechanism for retrieving various ones of the HTML documents from the server and for inserting user related information in the form data which is included in a return message, the browsing mechanism including a cryptographic processing mechanism for generating secure form data by applying the specified outgoing transmission cryptographic protocol from the HTML FORM tag to the form data, the browsing mechanism for transmitting a return message including the secure form data from the client computer to the server computer to provide secure transmission of the return message transmitted to the server computer. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer program product for secure data transmission between a server computer and a client computer, the computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a web browser that receives one or more HTML documents from the server computer, a subset of the HTML documents including a header record and also including one or more HTML FORM tags, the one or more HTML FORM tags being distinct from the header record, a first subset of the HTML FORM tags having an outformat field indicating a specified outgoing transmission cryptographic protocol, the web browser including a cryptographic processing mechanism for generating secure form data by applying the specified outgoing transmission security format from the HTML FORM tag to the form data, the web browser transmitting a return message including the secure form data from the client computer to the server computer. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A computer network for financial transaction processing, the network comprising:
-
a plurality of client computers, each client computer associated with one or more users; at least one financial server comprising; a memory for storing a plurality of HTML documents representing financial transactions, each HTML document including form data, a subset of the HTML documents including a header record and also including one or more HTML FORM tags, the one or more HTML FORM tags being distinct from the header record, a first subset of the HTML FORM tags having an outformat field indicating a specified outgoing transmission cryptographic protocol, for use in exchanging financial transactions between the client computers and the server computer; one or more cryptographic processing mechanisms for use in encoding form data and decoding each received HTML document; and a server mechanism for managing communications from the client computers, a subset of the communications including a return message including the form data, the server mechanism including instructions to interpret the HTML FORM tags that include the cryptographic protocol associated with each received return message and to process each received return message in accordance with one or more corresponding cryptographic protocol mechanisms. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
Specification