Method and system for securing electronic transactions
First Claim
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
- at the security device, having a global unique identifier (UID), a processor and a non-transitory computer readable storage medium;
obtaining, from the remote network location, a private security software, andcausing the private security software to obtain a user selectable personal identification number (PIN) from a user, and the UID from the security device;
the UID comprising a device identity information hard-coded into a hardware of the security device;
forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising scrambling the user-personalized credential code;
at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over any network, comprising de-scrambling the user-personalized credential code; and
retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for secure electronic transaction over a computer network, comprising: at a trusted relationship profile server computer: storing a unique identity of a trusted computing unit; generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit; at a security proxy server computer: storing real credentials and local credentials of a customer in a secure vault; receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and replacing the local credentials submitted in the login process with the real credentials. A corresponding system for secure electronic transactions is also provided.
-
Citations
21 Claims
-
1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
-
at the security device, having a global unique identifier (UID), a processor and a non-transitory computer readable storage medium; obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN) from a user, and the UID from the security device;
the UID comprising a device identity information hard-coded into a hardware of the security device;forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising scrambling the user-personalized credential code; at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over any network, comprising de-scrambling the user-personalized credential code; and retrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for providing a secure access from a local network location to a remote network location, the system comprising:
-
a remote server computer at the remote network location, the remote server computer including a processor and a non-transitory computer readable storage medium having computer readable instructions store thereon; and a security device at the local network location, the security device having a global unique identifier (UID), a processor and a non-transitory computer readable storage medium having computer readable instructions stored thereon and configured to cause the security device to; obtain, from the remote server computer, a private security software; cause the private security software to obtain a user selectable personal identification number (PIN) from a user, and the UID from the security device;
the UID comprising a device identity information hard-coded into a hardware of the security device; andforward the PIN, the UID and the private security software to the remote server computer; the computer readable instructions of the remote server computer being configured to cause the remote server computer to generate a user-personalized credential code using the PIN, the UID and the private security software, and to scramble the user-personalized credential code; the computer readable instructions of the security device being further configured to cause the security device to; obtain the user-personalized credential code from the remote server computer; verify an authenticity of the user selectable PIN and the UID, using the user-personalized credential code, and without communicating over any network, comprising de-scrambling the user-personalized credential code; and retrieve access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A security device at a local network location for providing a secure access from the local network location to a remote network location, the security device comprising:
-
a global unique identifier (UID), a processor and a non-transitory computer readable storage medium having computer readable instructions stored thereon causing the processor to; obtain, from the remote network location, a private security software; cause the private security software to obtain a user selectable personal identification number (PIN) from a user, and the UID from the security device;
the UID comprising a device identity information hard-coded into a hardware of the security device;forward the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising scrambling the user-personalized credential code; and obtain the user-personalized credential code from the remote network location; and
verify an authenticity of the user selectable PIN and the UID, using the user-personalized credential code, and without communicating over any network, comprising de-scrambling the user-personalized credential code; andretrieve access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID. - View Dependent Claims (18, 19, 20, 21)
-
Specification