System and method for providing transactional security for an end-user device
First Claim
1. A network system comprising:
- a server computer operative to provide a transaction with an end-user device over a transaction network;
an agent configured to operate on the end-user device operative to securely download a security mechanism from a trusted source to the end-user device to protect the end-user device during the transaction, the agent being pre-configured with a network address to a secure network address resolution service configured to provide an IP address of the trusted source; and
the security mechanism being configured to operate on the end-user device to at least partially protect the end-user device from malicious code, the malicious code being operative on the end-user device to attempt to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than an end user of the end-user device, wherein the security mechanism being further configured operative to temporarily suspend an application that is not necessary for the transaction, and the temporary suspension being for the duration of the transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g., a start/stop trigger module, an application lockout module, a network/file I/O control module, a trusted driver manager, a keystrokes generator driver, a keystrokes deletion hook, and/or a transaction network VPN manager) for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction.
95 Citations
40 Claims
-
1. A network system comprising:
-
a server computer operative to provide a transaction with an end-user device over a transaction network; an agent configured to operate on the end-user device operative to securely download a security mechanism from a trusted source to the end-user device to protect the end-user device during the transaction, the agent being pre-configured with a network address to a secure network address resolution service configured to provide an IP address of the trusted source; and the security mechanism being configured to operate on the end-user device to at least partially protect the end-user device from malicious code, the malicious code being operative on the end-user device to attempt to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than an end user of the end-user device, wherein the security mechanism being further configured operative to temporarily suspend an application that is not necessary for the transaction, and the temporary suspension being for the duration of the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method comprising:
-
requesting by an end-user device a secure transaction with a server computer operative to provide the secure transaction over a transaction network; receiving by the end-user device an IP address of a trusted source from a secure network address resolution service at a network address, the end-user device being pre-configured with the network address of the secure network address resolution service and being operative to securely downloading a security mechanism from the trusted source to the end-user device; receiving, from the trusted source, a security mechanism, the security mechanism being configured to operate on the end-user device to at least partially protect the end-user device from malicious code, the malicious code being operative on the end-user device to attempt to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than an end user of the end-user device; activating the security mechanism; temporarily suspending, by the security mechanism, an application on the end-user device that is not necessary for the transaction, the temporary suspension being for the duration of the transaction; establishing a secure connection between an end-user device and the server computer; and enabling the transaction. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification