Secure online transactions using a captcha image as a watermark
First Claim
1. A computer-readable medium whose contents cause a computing system to:
- receive a request from a client to perform a transaction; and
in response to receiving the request;
identify a user requesting the transaction;
identify the user'"'"'s secure device;
determine an alpha-numeric string that should be being currently generated by the user'"'"'s secure device;
create a captcha image using the alpha-numeric string;
create a transaction verification page comprising the captcha image of the alpha-numeric string as a visible watermark, the transaction verification page requesting a next alpha-numeric string to be generated by the user'"'"'s secure device to verify the transaction;
transmit the transaction verification page to the client;
receive from the client a second alpha-numeric string, the second alpha-numeric string being input to the transaction verification page by the user;
determine a confirmation alpha-numeric string for confirming the transaction represented by the transaction verification page, the confirmation alpha-numeric string generated by the secure device immediately after the captcha image alpha-numeric string used as the visual watermark;
compare the second alpha-numeric string to the confirmation alpha-numeric string being currently generated by the secure device;
in response to the second alpha-numeric string matching the confirmation alpha-numeric string, commit the transaction represented by the transaction verification page; and
in response to the second alpha-numeric string not matching the confirmation alpha-numeric string, abort the transaction represented by the transaction verification page.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for conducting secure online transactions using captcha images as watermarks are provided. Some techniques combine a trusted, secure device that utilizes a key to generate identifiers with a watermarked transaction verification request page to provide secure online transactions. The trusted, secure devices are provided to users for use in transacting with a transaction provider. In processing a transaction requested by a user, the transaction provider determines an identifier that should be being currently generated by the user'"'"'s trusted, secure device, creates a captcha image of the identifier, and watermarks a transaction verification request page using the captcha image. The transaction provider then requests that the user verify the transaction described in the transaction verification request page by providing the next identifier that is generated by the user'"'"'s trusted, secure device to the transaction provider.
122 Citations
13 Claims
-
1. A computer-readable medium whose contents cause a computing system to:
-
receive a request from a client to perform a transaction; and in response to receiving the request; identify a user requesting the transaction; identify the user'"'"'s secure device; determine an alpha-numeric string that should be being currently generated by the user'"'"'s secure device; create a captcha image using the alpha-numeric string; create a transaction verification page comprising the captcha image of the alpha-numeric string as a visible watermark, the transaction verification page requesting a next alpha-numeric string to be generated by the user'"'"'s secure device to verify the transaction; transmit the transaction verification page to the client; receive from the client a second alpha-numeric string, the second alpha-numeric string being input to the transaction verification page by the user; determine a confirmation alpha-numeric string for confirming the transaction represented by the transaction verification page, the confirmation alpha-numeric string generated by the secure device immediately after the captcha image alpha-numeric string used as the visual watermark; compare the second alpha-numeric string to the confirmation alpha-numeric string being currently generated by the secure device; in response to the second alpha-numeric string matching the confirmation alpha-numeric string, commit the transaction represented by the transaction verification page; and in response to the second alpha-numeric string not matching the confirmation alpha-numeric string, abort the transaction represented by the transaction verification page. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method in a computing system for providing secure transactions, the method comprising:
-
maintaining a plurality of records, each record comprising an indication of a user and an indication of a secure device distributed to the user; receiving from a client a request to perform a transaction; identifying a user requesting the transaction, determining a number that should be being currently generated by the user'"'"'s secure device; creating a transaction verification page comprising information regarding the transaction, the transaction verification page watermarked with a captcha image of the number as a visible watermark, the transaction verification page requesting a next number to be generated by the user'"'"'s secure device to commit the transaction; transmitting the transaction verification page to the client; receiving from the client a second number, the second number being input to the transaction verification page by the user; determining a confirmation number for confirming the transaction represented by the transaction verification page, the confirmation number generated by the secure device immediately after the captcha image number used as the visual watermark; comparing the second number to the confirmation number being currently generated by the secure device; in response to the second number matching the confirmation number, committing the transaction represented by the transaction verification page; and in response to the second number not matching the confirmation number, aborting the transaction represented by the transaction verification page. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification