Mobile banking
First Claim
Patent Images
1. A method for verifying end-to-end secure wireless communication from a user device to a server, comprising:
- receiving a data from the user device comprising software compliant with a wireless protocol, the data relating to a request for access to the server;
identifying a value of a first identifier corresponding to the user device;
identifying a value of a second identifier corresponding to a network device;
determining whether the data is end-to-end secure from the user device to the server, where the data travels through the network device before arriving at the server; and
transmitting a response to the request, where if the data is end-to-end secure, then the response includes an indication that the request for access to the server is granted, else the response includes an indication that the request for access to the server is denied;
where the determining whether the data is end-to-end secure includes comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values; and
where the comparing the value of the first identifier includes;
comparing the value of the first identifier with the first list of approved values to determine if an exact match exists;
if the exact match does not exist, then identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine if a loose match exists; and
for each determination where a loose match does not exist and the portion is greater than a predetermined threshold size, reducing the portion in size by a predetermined amount until the loose match exists.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for identifying circumstances where end-to-end security is not available to a mobile banking customer. The user may be alerted/warned or restricted from accessing some banking services through his/her WAP-enabled mobile device if the bank server determines that end-to-end security is not available. In some instances, the bank server may access a computer data file containing a list of known end-to-end secure devices and gateways to verify the integrity of the data communication. The server may verify the integrity of the data communication using loose matching.
-
Citations
13 Claims
-
1. A method for verifying end-to-end secure wireless communication from a user device to a server, comprising:
-
receiving a data from the user device comprising software compliant with a wireless protocol, the data relating to a request for access to the server; identifying a value of a first identifier corresponding to the user device; identifying a value of a second identifier corresponding to a network device; determining whether the data is end-to-end secure from the user device to the server, where the data travels through the network device before arriving at the server; and transmitting a response to the request, where if the data is end-to-end secure, then the response includes an indication that the request for access to the server is granted, else the response includes an indication that the request for access to the server is denied; where the determining whether the data is end-to-end secure includes comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values; and where the comparing the value of the first identifier includes; comparing the value of the first identifier with the first list of approved values to determine if an exact match exists; if the exact match does not exist, then identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine if a loose match exists; and for each determination where a loose match does not exist and the portion is greater than a predetermined threshold size, reducing the portion in size by a predetermined amount until the loose match exists. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for verifying end-to-end secure wireless data transmission from a user device comprising a software compliant with a wireless protocol to a server, where the data transmission travels through a gateway configured to receive the data transmission from the user device, the system comprising:
the server comprising memory storing computer-readable instructions that when executed by a processor of the server cause the server to perform a method comprising; receiving the data transmission; identifying a value of a first identifier corresponding to the user device; identifying a value of a second identifier corresponding to the gateway; and determining whether the data transmission is end-to-end secure from the user device to the server, including comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values; where the comparing the value of the first identifier includes; comparing the value of the first identifier with the first list of approved values to determine that an exact match does not exist; identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine that a loose match does not exist; and reducing the portion in size by a predetermined amount and comparing the reduced portion of the first identifier with the first list of approved values to determine that a loose match does exist. - View Dependent Claims (12, 13)
Specification