End-of-session authentication
First Claim
Patent Images
1. A method for facilitating an online transaction session with an end-of-session authentication, comprising the steps of:
- performing a start-of-session authentication to enable an online transaction session;
receiving a request from a user to end the online transaction session; and
performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session and wherein at least one end-of-session credential is different from a credential used to initiate the online transaction session, wherein performing the end-of-session authentication comprises;
querying the user to enter the at least one end-of-session credential, and wherein correctly entering the at least one end-of-session credential permits the online transaction session to end without starting another online transaction session;
providing the user with a list of actions from the online transaction session; and
enabling the user to review the list of actions and to identify, prior to authenticating the online transaction session, any false transactions in the list that were inserted into the online transaction session without user authorization.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for facilitating an online transaction session with an end-of-session authentication are provided. The techniques include performing a start-of-session authentication to enable an online transaction session, and performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session.
24 Citations
22 Claims
-
1. A method for facilitating an online transaction session with an end-of-session authentication, comprising the steps of:
-
performing a start-of-session authentication to enable an online transaction session; receiving a request from a user to end the online transaction session; and
performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session and wherein at least one end-of-session credential is different from a credential used to initiate the online transaction session, wherein performing the end-of-session authentication comprises;querying the user to enter the at least one end-of-session credential, and wherein correctly entering the at least one end-of-session credential permits the online transaction session to end without starting another online transaction session; providing the user with a list of actions from the online transaction session; and enabling the user to review the list of actions and to identify, prior to authenticating the online transaction session, any false transactions in the list that were inserted into the online transaction session without user authorization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product comprising a non-transitory computer readable storage medium including computer useable program code for facilitating an online transaction session with an end-of-session authentication, the computer program product including:
-
computer useable program code for performing a start-of-session authentication to enable an online transaction session; computer useable program code for receiving a request from a user to end the online transaction session; and
computer useable program code for performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session and wherein at least one end-of-session credential is different from a credential used to initiate the online transaction session, wherein the computer useable program code for performing the end-of-session authentication comprises computer useable program code for;querying the user to enter the at least one end-of-session credential, and wherein correctly entering the at least one end-of-session credential permits the online transaction session to end without starting another online transaction session; providing the user with a list of actions from the online transaction session; and enabling the user to review the list of actions and to identify, prior to authenticating the online transaction session, any false transactions in the list that were inserted into the online transaction session without user authorization. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system for facilitating an online transaction session with an end-of-session authentication, comprising:
-
a memory; and at least one processor coupled to the memory and operative to; perform a start-of-session authentication to enable an online transaction session; receive a request from a user to end the online transaction session; and perform an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session and wherein at least one end-of-session credential is different from a credential used to initiate the online transaction session, wherein the at least one processor coupled to the memory operative to perform the end-of-session authentication is further operative to; query the user to enter the at least one end-of-session credential, and wherein correctly entering the at least one end-of-session credential permits the online transaction session to end without starting another online transaction session; provide the user with a list of actions from the online transaction session; and enable the user to review the list of actions and to identify, prior to authenticating the online transaction session, any false transactions in the list that were inserted into the online transaction session without user authorization. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. An apparatus for facilitating an online transaction session with an end-of-session authentication, the apparatus comprising:
-
means for performing a start-of-session authentication to enable an online transaction session; means for receiving a request from a user to end the online transaction session; and means for performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session and wherein at least one end-of-session credential is different from a credential used to initiate the online transaction session, wherein the means for performing the end-of-session authentication comprises means for; querying the user to enter the at least one end-of-session credential, and wherein correctly entering the at least one end-of-session credential permits the online transaction session to end without starting another online transaction session; providing the user with a list of actions from the online transaction session; and enabling the user to review the list of actions and to identify, prior to authenticating the online transaction session, any false transactions in the list that were inserted into the online transaction session without user authorization.
-
Specification