Automatic compromise detection for hardware signature for payment authentication

US 8,943,598 B1
Filed: 08/12/2014
Issued: 01/27/2015
Est. Priority Date: 08/12/2014
Status: Active Grant

First Claim

Patent Images

1. A system for automatic compromise detection of a hardware signature authentication algorithm, the system comprising:

a computer apparatus including a processor and a memory; and

a software module stored in the memory, comprising executable instructions that when executed by the processor cause the processor to;

create a unique signature, using a signature creation algorithm, based at least in part on a hardware profile of the system;

receive a request, from a user, to perform a transaction using the system;

in response to receiving the request, determine whether malware has compromised the signature creation algorithm; and

if so, preventing the signature creation algorithm from creating a key based on the unique signature; and

if not, allowing the signature creation algorithm to create a key based on the unique signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention provide a method a authenticating a transaction at the point of transaction. In some embodiments of the invention, a unique signature is created based at least in part on a hardware profile of the system. In some embodiments, a request is received from a user to perform a transaction using the system. In some embodiments, in response to receiving the request the system may determine whether malware has compromised the signature creation algorithm, and if so, prevent the signature creation algorithm from creating a key based on the unique signature. Alternatively, if not, the system may allow the signature creation algorithm to create a key based on the unique signature.

Citations

20 Claims

1. A system for automatic compromise detection of a hardware signature authentication algorithm, the system comprising:
- a computer apparatus including a processor and a memory; and
  
  a software module stored in the memory, comprising executable instructions that when executed by the processor cause the processor to;
  
  create a unique signature, using a signature creation algorithm, based at least in part on a hardware profile of the system;
  
  receive a request, from a user, to perform a transaction using the system;
  
  in response to receiving the request, determine whether malware has compromised the signature creation algorithm; and
  
  if so, preventing the signature creation algorithm from creating a key based on the unique signature; and
  
  if not, allowing the signature creation algorithm to create a key based on the unique signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the signature creation algorithm is stored in the memory prior to creation of the unique signature and is protected, and thereby not writable, subsequent to being stored.
  - 3. The system of claim 1, wherein the executable instructions when executed further cause the processor to:
    - determine that malware is present; and
      
      initiate one or more remediation actions configured to mitigate an impact of the malware or eliminate the malware.
  - 4. The system of claim 1, wherein the executable instructions when executed further cause the processor to:
    - determine that malware is present; and
      
      initiate a malware presence communication, to the user and/or a second system, comprising an indication of the presence of malware on the system.
  - 5. The system of claim 1, wherein determining whether malware has compromised the signature creation algorithm comprises:
    - monitoring whether any application or system has accessed the hardware profile of the system;
      
      if so, determining whether the application or system that accessed the hardware profile was authorized to access the hardware profile;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.
  - 6. The system of claim 1, wherein determining whether malware has compromised the signature creation algorithm comprises:
    - monitoring whether any application or system has accessed predetermined data stored in the memory of the system;
      
      if so, determining whether the application or system that accessed the predetermined data was authorized to access the predetermined data;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.
  - 7. The system of claim 1, wherein determining whether malware has compromised the signature creation algorithm comprises:
    - monitoring whether any application or system has accessed a predetermined application or algorithm stored in the memory of the system;
      
      if so, determining whether the application or system that accessed the predetermined application or algorithm was authorized to access the predetermined application or algorithm;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.

8. A computer program product for providing automatic compromise detection of a hardware signature authentication algorithm, the computer program product comprising:
- a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising;
  
  computer readable program code configured to create a unique signature, using a signature creation algorithm, based at least in part on a hardware profile of the system;
  
  computer readable program code configured to receive a request, from a user, to perform a transaction using the system;
  
  computer readable program code configured to in response to receiving the request, determine whether malware has compromised the signature creation algorithm; and
  
  if so, preventing the signature creation algorithm from creating a key based on the unique signature; and
  
  if not, allowing the signature creation algorithm to create a key based on the unique signature.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein the signature creation algorithm is stored in the memory prior to creation of the unique signature and is protected, and thereby not writable, subsequent to being stored.
  - 10. The computer program product of claim 8, further comprising computer readable program code configured to:
    - determine that malware is present; and
      
      initiate one or more remediation actions configured to mitigate an impact of the malware or eliminate the malware.
  - 11. The computer program product of claim 8, further comprising computer readable program code configured to:
    - determine that malware is present; and
      
      initiate a malware presence communication, to the user and/or a second system, comprising an indication of the presence of malware on the system.
  - 12. The computer program product of claim 8, further comprising computer readable program code configured to:
    - monitor whether any application or system has accessed the hardware profile of the system;
      
      if so, determining whether the application or system that accessed the hardware profile was authorized to access the hardware profile;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.
  - 13. The computer program product of claim 8, further comprising computer readable program code configured to:
    - monitor whether any application or system has accessed predetermined data stored in the memory of the system;
      
      if so, determining whether the application or system that accessed the predetermined data was authorized to access the predetermined data;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.
  - 14. The computer program product of claim 8, further comprising computer readable program code configured to:
    - monitoring whether any application or system has accessed a predetermined application or algorithm stored in the memory of the system;
      
      if so, determining whether the application or system that accessed the predetermined application or algorithm was authorized to access the predetermined application or algorithm;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.

15. A computer-implemented method for providing automatic compromise detection of a hardware signature authentication algorithm, the method comprising:
- creating, via a computing device processor, a unique signature, using a signature creation algorithm, based at least in part on a hardware profile of the system;
  
  receiving, via a computing device processor, a request, from a user, to perform a transaction using the system;
  
  in response to receiving the request, determining, via a computing device processor, whether malware has compromised the signature creation algorithm; and
  
  if so, preventing, via a computing device processor the signature creation algorithm from creating a key based on the unique signature; and
  
  if not, allowing, via a computing device processor, the signature creation algorithm to create a key based on the unique signature.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-implemented method of claim 15, wherein the signature creation algorithm is stored in the memory prior to creation of the unique signature and is protected, and thereby not writable, subsequent to being stored.
  - 17. The computer-implemented method of claim 15, the method further comprising:
    - determining that malware is present; and
      
      initiating one or more remediation actions configured to mitigate an impact of the malware or eliminate the malware.
  - 18. The computer-implemented method of claim 15, the method further comprising:
    - determining that malware is present; and
      
      initiating a malware presence communication, to the user and/or a second system, comprising an indication of the presence of malware on the system.
  - 19. The computer-implemented method of claim 15, the method further comprising:
    - monitoring whether any application or system has accessed the hardware profile of the system;
      
      if so, determining whether the application or system that accessed the hardware profile was authorized to access the hardware profile;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.
  - 20. The computer-implemented method of claim 15, the method further comprising:
    - monitoring whether any application or system has accessed predetermined data stored in the memory of the system;
      
      if so, determining whether the application or system that accessed the predetermined data was authorized to access the predetermined data;
      
      if so, determining that no malware has compromised the signature creation algorithm;
      
      if not, determining that malware has compromised the signature creation algorithm; and
      
      if not, determining that no malware has compromised the signature creation algorithm.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Kurian, Manu Jacob
Primary Examiner(s)
Patel, Haresh N

Application Number

US14/458,074
Time in Patent Office

168 Days
Field of Search

726 22- 24, 726/29
US Class Current

726/24
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/56   Computer malware detection ...

H04L 2209/12   Details relating to cryptog...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/145   the attack involving the pr...

H04L 9/3247   involving digital signatures

Automatic compromise detection for hardware signature for payment authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic compromise detection for hardware signature for payment authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links