×

Detecting man-in-the-middle attacks in electronic transactions using prompts

  • US 8,917,826 B2
  • Filed: 07/31/2012
  • Issued: 12/23/2014
  • Est. Priority Date: 07/31/2012
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method of authenticating an electronic banking transaction, the method comprising:

  • receiving an electronic banking transaction request from a user, the electronic transaction request originating at a client system;

    determining an Internet Protocol (IP) address associated with the client system from which the received electronic banking transaction request originates;

    providing the user with a one time password associated with the electronic banking transaction request;

    providing the user with a third party verification number associated with the electronic banking transaction request;

    receiving a telephonic communication to the third party verification number from a telephonic device associated with the user;

    prompting the user, via a voice response unit, to input the password using the telephonic device, the telephonic device having a user number;

    authenticating the user based on a comparison of the inputted password and the provided one time password and the user number where the authenticating is performed by a third-party service provider, wherein the third-party provider is not a participant in the electronic banking transaction;

    determining a probable location of the user based on the determined IP address of the client system;

    communicating to the user, via the voice response unit, the probable location of the user based on the determined IP address associated with the client system; and

    prompting the user to confirm the probable location of the user based on the IP address associated with the client system.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×