Systems and methods for key logger prevention security techniques
First Claim
1. A method of obfuscating data received in a user interface by loading an applet within the user interface, the method performed by the applet and comprising:
- receiving first input data in an input field of a first type from a user in real time;
receiving second input data in an input field of a second type, different from the first type, from the user in real time, wherein the first type and the second type are selected from the group including a social security number field, a birthdate field, a credit card number field, a phone number field, and an address field;
generating first additional data associated with the first input data while the first input data is being input in the input field of the first type, wherein the first additional data is generated in the format of the first input field and at an expected frequency associated with a user inputting the first input data in the input field of the first type;
presenting the first input data to a remote server for processing a user transaction;
combining the first input data and the first additional data to form a first plurality of input events and presenting the first plurality of input events to an operating system;
generating second additional data associated with the second input data while the second input data is being input in the input field of the second type, wherein the second additional data is generated in the format of the second input field and at an expected frequency associated with a user inputting the second input data in the input field of the second type;
presenting the second input data to the remote server for processing the user transaction; and
combining the second input data and the second additional data to form a second plurality of input events and presenting the second plurality of input events to the operating system.
1 Assignment
0 Petitions
Accused Products
Abstract
An applet may be downloaded or provided to a web browser when a user visits a site in order to protect data input by the user from being captured by malicious software, such as key loggers. The applet may present a user input field in the web browser and may generate a random sequence of low-level key stroke or mouse click events within the input field when the user enters information, such as a username and/or password. A listening key logger will receive a large amount of random data, whereas the applet will receive and buffer the actual user data that may be communicated to a remote site access by the user.
-
Citations
15 Claims
-
1. A method of obfuscating data received in a user interface by loading an applet within the user interface, the method performed by the applet and comprising:
-
receiving first input data in an input field of a first type from a user in real time; receiving second input data in an input field of a second type, different from the first type, from the user in real time, wherein the first type and the second type are selected from the group including a social security number field, a birthdate field, a credit card number field, a phone number field, and an address field; generating first additional data associated with the first input data while the first input data is being input in the input field of the first type, wherein the first additional data is generated in the format of the first input field and at an expected frequency associated with a user inputting the first input data in the input field of the first type; presenting the first input data to a remote server for processing a user transaction; combining the first input data and the first additional data to form a first plurality of input events and presenting the first plurality of input events to an operating system; generating second additional data associated with the second input data while the second input data is being input in the input field of the second type, wherein the second additional data is generated in the format of the second input field and at an expected frequency associated with a user inputting the second input data in the input field of the second type; presenting the second input data to the remote server for processing the user transaction; and combining the second input data and the second additional data to form a second plurality of input events and presenting the second plurality of input events to the operating system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer-readable medium encoded with computer-readable instructions for obfuscating data received in a user interface by loading an applet within the user interface, said computer-readable instructions comprising instructions that:
-
receive first input data in an input field of a first type from a user in real time; receive second input data in an input field of a second type, different from the first type, from the user in real time, wherein the first type and the second type are selected from the group including a social security number field, a birthdate field, a credit card number field, a phone number field, and an address field; generate first additional data associated with the first input data while the first input data is being input in the input field of the first type, wherein the first additional data is generated in the format of the first input field and at an expected frequency associated with a user inputting the first input data in the input field of the first type; present the first input data to a remote server for processing a user transaction; combine the first input data and the first additional data to harm a first plurality of input events and present the first plurality of input events to an operating system; generate second additional data associated with the second input data while the second input data is being input in the input field of the second type, wherein the second additional data is generated in the format of the second input field and at an expected frequency associated with a user inputting the second input data in the input field of the second type; present the second input data to the remote server for processing the user transaction; and combine the second input data and the second additional data to harm a second plurality of input events and presenting the second plurality of input events to the operating system. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system for obfuscating data received in a user interface by loading an applet within the user interface, comprising:
-
at least one subsystem that receives first input data in an input field of a first type from a user in real time; at least one subsystem that receives second input data in an input field of a second type, different from the first type, from the user in real time, wherein the first type and the second type are selected from the group including a social security number field, a birthdate field, a credit card number field, a phone number field, and an address field; at least one subsystem that generates first additional data associated with the first input data while the first input data is being input in the input field of the first type, wherein the first additional data is generated in the format of the first input field and at an expected frequency associated with a user inputting the first input data in the input field of the first type; at least one subsystem that presents the first input data to a remote server for processing a user transaction; at least one subsystem that combines the first input data and the first additional data to form a first plurality of input events and presenting the first plurality of input events to an operating system; at least one subsystem that generates second additional data associated with the second input data while the second input data is being input in the input field of the second type, wherein the second additional data is generated in the format of the second input field and at an expected frequency associated with a user inputting the second input data in the input field of the second type; at least one subsystem that presents the second input data to the remote server for processing the user transaction; and at least one subsystem that combines the second input data and the second additional data to form a second plurality of input events and presenting the second plurality of input events to the operating system. - View Dependent Claims (12, 13, 14, 15)
-
Specification