Transaction security systems and methods
First Claim
Patent Images
1. A method comprising:
- establishing, by a secure transaction device having a secure transaction device processor, redirection protocols in a host device having a host device processor different than the secure transaction device processor, the redirection protocols redirecting at least a portion of network traffic to the secure transaction device, the secure transaction device configured to use network configuration details of the host device to mimic the host device to render the secure transaction device transparent to a remote network resource;
obtaining, by the secure transaction device, a security policy from a policy management system that is remote from the secure transaction device and from the host device;
receiving, by the secure transaction device, outbound network traffic originated by a host application on the host device, the outbound network traffic directed to a secure network resource that is remote from the secure transaction device and from the host device;
determining, by the secure transaction device, using the security policy, whether the host application is authorized to access the secure network resource;
if the secure transaction device determines that the host application is authorized to access the secure network resource, transmitting the outbound network traffic over a secure tunnel to the secure network resource; and
if the secure transaction device determines that the host application is not authorized to access the secure network resource, disallowing the outbound network traffic to be forwarded over the secure tunnel to the secure network resource.
1 Assignment
0 Petitions
Accused Products
Abstract
Outbound traffic of a host application may be received from a host device having a host processor. The secure resource may be configured to provide a secure transaction based on the outbound network traffic. Using a second processor different than the host processor, it may be determined whether the host application is authorized to provide the outbound network traffic to the secure resource. The outbound network traffic may be allowed to be forwarded to the secure resource if the host application is authorized. The outbound network traffic may be disallowed to be forwarded to the secure resource if the host application is not authorized.
141 Citations
19 Claims
-
1. A method comprising:
-
establishing, by a secure transaction device having a secure transaction device processor, redirection protocols in a host device having a host device processor different than the secure transaction device processor, the redirection protocols redirecting at least a portion of network traffic to the secure transaction device, the secure transaction device configured to use network configuration details of the host device to mimic the host device to render the secure transaction device transparent to a remote network resource; obtaining, by the secure transaction device, a security policy from a policy management system that is remote from the secure transaction device and from the host device; receiving, by the secure transaction device, outbound network traffic originated by a host application on the host device, the outbound network traffic directed to a secure network resource that is remote from the secure transaction device and from the host device; determining, by the secure transaction device, using the security policy, whether the host application is authorized to access the secure network resource; if the secure transaction device determines that the host application is authorized to access the secure network resource, transmitting the outbound network traffic over a secure tunnel to the secure network resource; and if the secure transaction device determines that the host application is not authorized to access the secure network resource, disallowing the outbound network traffic to be forwarded over the secure tunnel to the secure network resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A secure transaction device comprising:
-
a secure transaction device processor; a configuration module configured to establish redirection protocols in a host device having a host device processor different than the secure transaction device processor, the redirection protocols configured to redirect at least a portion of network traffic to the secure transaction device, the secure transaction device configured to use network configuration details of the host device to mimic the host device to render the secure transaction device transparent to a remote network resource; a policy management module configured to obtain a security policy from a policy management system that is remote from the secure transaction device and from the host device; a host device interface module configured to receive outbound network traffic originated by a host application on the host device, the outbound network traffic directed to a secure network resource that is remote from the secure transaction device and from the host device; an application determination module configured to use the security policy to determine whether the host application is authorized to access the secure network resource; a trusted application module configured to transmit the outbound network traffic over a secure tunnel to the secure network resource if the application determination module determines that the host application is authorized to access the secure network resource; and an untrusted application module configured to disallow the outbound network traffic to be forwarded to the secure network resource if the application determination module determines that the host application is not authorized to access the secure network resource. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable medium comprising one or more processors, and memory coupled to the one or more processors, the memory configured to store computer-program instructions configured to instruct the one or more processors to perform a method, the method comprising:
-
establishing, by a secure transaction device having a secure transaction device processor, redirection protocols in a host device having a host device processor different than the secure transaction device processor, the redirection protocols redirecting at least a portion of network traffic to the secure transaction device, the secure transaction device configured to use network configuration details of the host device to mimic the host device to render the secure transaction device transparent to a remote network resource; obtaining, by the secure transaction device, a security policy from a policy management system that is remote from the secure transaction device and from the host device; receiving, by the secure transaction device, outbound network traffic originated by a host application on the host device, the outbound network traffic directed to a secure network resource that is remote from the secure transaction device and from the host device; determining, by the secure transaction device, using the security policy, whether the host application is authorized to access the secure network resource; if the secure transaction device determines that the host application is authorized to access the secure network resource, transmitting the outbound network traffic over a secure tunnel to the secure network resource; and if the secure transaction device determines that the host application is not authorized to access the secure network resource, disallowing the outbound network traffic to be forwarded over the secure tunnel to the secure network resource.
-
Specification