Systems and methods for key logger prevention security techniques

US 9,998,493 B1
Filed: 08/04/2014
Issued: 06/12/2018
Est. Priority Date: 06/04/2008
Status: Active Grant

First Claim

Patent Images

1. A method of obfuscating input data received from a user in a user interface on a computer by loading an applet within the user interface, the method performed by the applet and comprising:

receiving user input data in an input field from a user;

generating additional obfuscatory data in the input field combined with the user input data while the user input data is being input in the input field;

presenting only the user input data to a remote server for processing a user transaction,wherein any key logging malware active on the computer would receive the combined user input data and the additional obfuscatory data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An applet may be downloaded or provided to a web browser when a user visits a site in order to protect data input by the user from being captured by malicious software, such as key loggers. The applet may present a user input field in the web browser and may generate a random sequence of low-level key stroke or mouse click events within the input field when the user enters information, such as a username and/or password. A listening key logger will receive a large amount of random data, whereas the applet will receive and buffer the actual user data that may be communicated to a remote site access by the user.

Citations

15 Claims

1. A method of obfuscating input data received from a user in a user interface on a computer by loading an applet within the user interface, the method performed by the applet and comprising:
- receiving user input data in an input field from a user;
  
  generating additional obfuscatory data in the input field combined with the user input data while the user input data is being input in the input field;
  
  presenting only the user input data to a remote server for processing a user transaction,wherein any key logging malware active on the computer would receive the combined user input data and the additional obfuscatory data.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of obfuscating input data received from a user in a user interface according to claim 1, said generating step further comprises the step of generating the additional obfuscatory data in accordance with a type of the input field.
  - 3. The method of obfuscating input data received from a user in a user interface according to claim 2, said generating step further comprises the steps of:
    - generating numeric additional obfuscatory data in response to determining that the input field is adapted to receive numeric input data; and
      
      generating alphanumeric additional obfuscatory data in response to determining that the input field is adapted to receive alphanumeric input data.
  - 4. The method of obfuscating input data received from a user in a user interface according to claim 1, said generating step further comprises the step of generating the additional obfuscatory data at a frequency similar to that of a user entering data.
  - 5. The method of obfuscating input data received from a user in a user interface according to claim 1, wherein the additional obfuscatory data comprises randomly generated data.

6. A non-transitory computer-readable medium encoded with computer-readable instructions for obfuscating input data received from a user in a user interface on a computer by loading an applet within the user interface, said computer-readable instructions comprising instructions that:
- receive user input data in an input field from a user;
  
  generate additional obfuscatory data in the input field combined with the user input data while the first input data is being input in the input field;
  
  present only the user input data to a remote server for processing a user transaction,wherein key logging software on the computer will receive the combined user input data and the additional obfuscatory data.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The non-transitory computer-readable medium according to claim 6, further comprising computer-readable instructions that generate the additional obfuscatory data in accordance with a type of the input field.
  - 8. The non-transitory computer-readable medium according to claim 7, further comprising computer-readable instructions that:
    - generate numeric additional obfuscatory data in response to a determination that the input field is adapted to receive numeric input data; and
      
      generate alphanumeric additional obfuscatory data in response to a determination that the input field is adapted to receive alphanumeric input data.
  - 9. The non-transitory computer-readable medium according to claim 6, further comprising computer-readable instructions that generate the additional obfuscatory data at a frequency similar to that of a user entering data.
  - 10. The non-transitory computer-readable medium according to claim 6, wherein the additional obfuscatory data comprises randomly generated data.

11. A system for obfuscating input data received from a user in a user interface on a computer by loading an applet within the user interface, comprising:
- a user computer accessible by a user, said user computer having a user interface;
  
  an applet loaded within said user interface, said user interface including an input field adapted to receive user input data from the user, said applet generating additional obfuscatory data in said input field combined with the user input data while the user input data is being input in the input field; and
  
  a remote server, in communication with said applet, said applet presenting only the user input data to said remote server for processing a user transaction,wherein key logging software on said computer will receive the combined user input data and the additional obfuscatory data.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system for obfuscating input data received from a user in a user interface on a computer according to claim 11, wherein said applet generates said additional obfuscatory data in accordance with a type of said input field.
  - 13. The system for obfuscating input data received from a user in a user interface on a computer according to claim 12, wherein said additional obfuscatory data generated by said applet comprises numeric additional obfuscatory data in response to determining that said input field is adapted to receive numeric input data, and wherein said additional obfuscatory data generated by said applet comprises alphanumeric additional obfuscatory data in response to determining that said input field is adapted to receive alphanumeric input data.
  - 14. The system for obfuscating input data received from a user in a user interface on a computer according to claim 11, wherein said applet generates said additional obfuscatory data at a frequency similar to that of a user entering data.
  - 15. The system for obfuscating input data received from a user in a user interface on a computer according to claim 11, wherein said additional obfuscatory data comprises randomly generated data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Services Automobile Association
Original Assignee
United Services Automobile Association
Inventors
Voutour, Teddy Joseph Edmond, Morris, Michael Frank
Primary Examiner(s)
Shehni, Ghazal

Application Number

US14/450,891
Time in Patent Office

1,408 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/606   by securing the transmissio...

G06F 21/82   Protecting input, output or...

G06F 2221/031   Protect user input by softw...

G06F 3/048   Interaction techniques base...

G06F 3/0638   Organizing or formatting or...

H04L 63/145   the attack involving the pr...

Systems and methods for key logger prevention security techniques

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for key logger prevention security techniques

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links