Method, apparatus, and system for sending credentials securely
First Claim
Patent Images
1. A method comprising:
- connecting to a remote server using a software application executing in a host operating environment of a user device, wherein the remote server requires a credential of a user to complete a transaction;
receiving the credential in a secure input mode where input from an input device of the user device is received exclusively into the embedded operating environment and is not visible to the host operating environment;
authenticating, in an embedded operating environment, a user based on a user input received in the embedded operating environment, the embedded operating environment local to the user device, being embedded on a hardware platform of the user device, and operating separately from the host operating environment, where operations executed on the embedded operating environment are not visible to the host operating environment; and
communicating the credential of the user to the remote server from the embedded operating environment via an out-of-band connection inaccessible to the host operating environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A software application executing in a first local operating environment may be used to connect to a remote server that requires a credential of a user to complete a transaction. In a second local operating environment that operates external to the first local environment a user may be authenticated based on a user input received in the second local operating environment. The credential of the user may be securely communicated to the remote server from the second local operating environment. Other embodiments are described and claimed.
30 Citations
20 Claims
-
1. A method comprising:
-
connecting to a remote server using a software application executing in a host operating environment of a user device, wherein the remote server requires a credential of a user to complete a transaction; receiving the credential in a secure input mode where input from an input device of the user device is received exclusively into the embedded operating environment and is not visible to the host operating environment; authenticating, in an embedded operating environment, a user based on a user input received in the embedded operating environment, the embedded operating environment local to the user device, being embedded on a hardware platform of the user device, and operating separately from the host operating environment, where operations executed on the embedded operating environment are not visible to the host operating environment; and communicating the credential of the user to the remote server from the embedded operating environment via an out-of-band connection inaccessible to the host operating environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a computing platform to host a host operating environment, the host operating environment to execute a software application to connect to a remote server, the remote server requiring a credential of a user to complete a transaction, and to host an embedded operating environment embedded on the hardware platform, the embedded operating environment to authenticate a user based on a user input received in the embedded operating environment and to communicate the credential of the user to the remote server via an out-of-band connection inaccessible to the host operating environment, wherein the embedded operating environment is to operate separately from the host operating environment, where operations executed on the embedded operating environment are not visible to the host operating environment; and an input device to collect the user input for reception in the embedded operating environment including receive the credential in a secure input mode where input from the input device of the apparatus is received exclusively into the embedded operating environment and is visible to the host operating environment. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
connecting to a remote application from a host operating environment of a user device, the remote application requiring a credential for completion of a transaction; confirming that the remote application supports completing the transaction from a secure embedded operating environment, the secure embedded operating environment local to the user device, being embedded on a hardware platform of the user device, and operating separately from the host operating environment, where operations executed on the embedded operating environment are not visible to the host operating environment; receiving in the secure embedded operating environment via an out-of-band connection a string for completing the transaction, the out-of-band connection being inaccessible to the host operating environment; in the secure embedded operating environment, determining a user is authorized to complete the transaction based on a user input to the secure embedded operating environment, including obtaining the credential in a secure input mode where input from an input device of the user device is received exclusively into the embedded operating environment; and if the user is authorized to complete the transaction, communicating the credential to the remote application via the out-of-band connection. - View Dependent Claims (16, 17)
-
-
18. A processor-readable storage medium having stored thereon, instructions that, if executed by a processor, cause the processor to perform a method comprising:
-
connecting to a remote server using a software application executing in a host operating environment of a user device, wherein the remote server requires a credential of a user to complete a transaction; receiving the credential in a secure input mode where input from an input device of the user device is received exclusively into the embedded operating environment and is not visible to the host operating environment; authenticating, in an embedded operating environment, a user based on a user input received in the embedded operating environment, the embedded operating environment local to the user device, being embedded on a hardware platform of the user device, and operating separately from the host operating environment, where operations executed on the embedded operating environment are not visible to the host operating environment; and communicating the credential of the user to the remote server from the embedded operating environment via an out-of-band connection inaccessible to the host operating environment. - View Dependent Claims (19, 20)
-
Specification