Mobile banking

US 7,835,723 B2
Filed: 02/04/2007
Issued: 11/16/2010
Est. Priority Date: 02/04/2007
Status: Active Grant

First Claim

Patent Images

1. A method for verifying end-to-end secure wireless communication from a user device to a server, comprising:

receiving a data from the user device comprising software compliant with a wireless protocol, the data relating to a request for access to the server;

identifying a value of a first identifier corresponding to the user device;

identifying a value of a second identifier corresponding to a network device;

determining whether the data is end-to-end secure from the user device to the server, where the data travels through the network device before arriving at the server; and

transmitting a response to the request, where if the data is end-to-end secure, then the response includes an indication that the request for access to the server is granted, else the response includes an indication that the request for access to the server is denied;

where the determining whether the data is end-to-end secure includes comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values; and

where the comparing the value of the first identifier includes;

comparing the value of the first identifier with the first list of approved values to determine if an exact match exists;

if the exact match does not exist, then identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine if a loose match exists; and

for each determination where a loose match does not exist and the portion is greater than a predetermined threshold size, reducing the portion in size by a predetermined amount until the loose match exists.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed for identifying circumstances where end-to-end security is not available to a mobile banking customer. The user may be alerted/warned or restricted from accessing some banking services through his/her WAP-enabled mobile device if the bank server determines that end-to-end security is not available. In some instances, the bank server may access a computer data file containing a list of known end-to-end secure devices and gateways to verify the integrity of the data communication. The server may verify the integrity of the data communication using loose matching.

Citations

13 Claims

1. A method for verifying end-to-end secure wireless communication from a user device to a server, comprising:
- receiving a data from the user device comprising software compliant with a wireless protocol, the data relating to a request for access to the server;
  
  identifying a value of a first identifier corresponding to the user device;
  
  identifying a value of a second identifier corresponding to a network device;
  
  determining whether the data is end-to-end secure from the user device to the server, where the data travels through the network device before arriving at the server; and
  
  transmitting a response to the request, where if the data is end-to-end secure, then the response includes an indication that the request for access to the server is granted, else the response includes an indication that the request for access to the server is denied;
  
  where the determining whether the data is end-to-end secure includes comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values; and
  
  where the comparing the value of the first identifier includes;
  
  comparing the value of the first identifier with the first list of approved values to determine if an exact match exists;
  
  if the exact match does not exist, then identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine if a loose match exists; and
  
  for each determination where a loose match does not exist and the portion is greater than a predetermined threshold size, reducing the portion in size by a predetermined amount until the loose match exists.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, where the data is not end-to-end secure if the data is decrypted by the network device, and the network device is a WAP-compliant gateway, and the first identifier comprises a user agent header corresponding to the user device comprising WAP-compliant software, and the value of the second identifier comprises an IP address of the network device.
  - 3. The method of claim 1, where the determining whether the data is end-to-end secure includes determining whether a value of a via header is present in the request for access to the server.
  - 4. The method of claim 1, where the predetermined amount is one character, and the predetermined threshold size is five characters.
  - 5. The method of claim 1, where the first list of approved values comprises a list of user agent header values corresponding to user devices comprising WAP-compliant software that communicates the data to the server in an end-to-end secure manner.
  - 6. The method of claim 2, where the second list of approved values comprises a list of IP addresses of network devices that do not decrypt the data when the data travels through the network device.
  - 7. The method of claim 6, where the data does not include a header portion of the communication from the user device to the server.
  - 8. The method of claim 1, where the first identifier is a user agent profile corresponding to the user device, and the value of the first identifier comprises:
    - a value of a model attribute corresponding to the user agent profile;
      
      a value of a vendor attribute corresponding to the user agent profile; and
      
      a value of a version header corresponding to the user agent profile.
  - 9. The method of claim 8, where comparing the value of the first identifier to the first list of approved values comprises:
    - comparing at least a part of the value of the model attribute to a list of approved model values; and
      
      comparing at least a part of the value of the vendor attribute to a list of approved vendor values.
  - 10. The method of claim 1, further comprising, if the request for access to the server is granted, then the response to the request comprising information corresponding to a login screen.

11. A system for verifying end-to-end secure wireless data transmission from a user device comprising a software compliant with a wireless protocol to a server, where the data transmission travels through a gateway configured to receive the data transmission from the user device, the system comprising:
- the server comprising memory storing computer-readable instructions that when executed by a processor of the server cause the server to perform a method comprising;
  
  receiving the data transmission;
  
  identifying a value of a first identifier corresponding to the user device;
  
  identifying a value of a second identifier corresponding to the gateway; and
  
  determining whether the data transmission is end-to-end secure from the user device to the server, including comparing the value of the first identifier to a first list of approved values, and comparing the value of the second identifier to a second list of approved values;
  
  where the comparing the value of the first identifier includes;
  
  comparing the value of the first identifier with the first list of approved values to determine that an exact match does not exist;
  
  identifying a portion of the value of the first identifier and comparing the portion with the first list of approved values to determine that a loose match does not exist; and
  
  reducing the portion in size by a predetermined amount and comparing the reduced portion of the first identifier with the first list of approved values to determine that a loose match does exist.
- View Dependent Claims (12, 13)
- - 12. The system of claim 11, where the wireless protocol is WAP and the gateway is a WAP-compliant gateway, the system further comprising:
    - a data file accessible to the processor of the server, the data file comprising IP addresses of WAP-compliant gateways that are approved for permitting end-to-end secure communication, and approved model values and approved vendor values that permit end-to-end secure communication.
  - 13. The system of claim 11, wherein the comparing the value of the first identifier includes:
    - for each comparison of the first identifier where a loose match does not exist and the portion is greater than a predetermined threshold size, reducing the portion in size by a predetermined amount and then comparing the reduced portion of the first identifier with the first list of approved values.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Buchhop, Peter K, Bjugan, Ketil, Brown, Douglas Gerard
Primary Examiner(s)
West; Lewis G
Assistant Examiner(s)
Shen; Qun

Application Number

US11/670,989
Publication Number

US 20080189759A1
Time in Patent Office

1,381 Days
Field of Search

455410-411, 463/29
US Class Current

455/410
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/3223   Realising banking transacti...

G06Q 20/325   using wireless networks

G06Q 20/326   Payment applications instal...

G06Q 20/4016   involving fraud or risk lev...

H04L 63/101   Access control lists [ACL]

H04L 63/104   Grouping of entities

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04W 12/088   using filters or firewalls

Mobile banking

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile banking

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links