System, device, and method of secure entry and handling of passwords
First Claim
1. An electronic device comprising:
- a secure execution environment (SEE) to securely execute code;
a secure video path (SVP) to securely exchange, between the SEE and a touch-screen of the electronic device, payment-related information to enable a payment transaction through said electronic device;
wherein the SEE comprises a secure password entry module to generate a scrambled on-screen interface, and to send the scrambled on-screen interface to the touch-screen through the SVP in order to enable said payment transaction via said mobile electronic device;
a secure operations module, (a) to securely receive, from the secure password entry module, a password entered by a user via said touch-screen in order to enable said payment transaction via said electronic device, said password transported securely via said SVP from said touch-screen to said secure password entry module of the SEE;
(b) to encrypt said password; and
(c) to send the encrypted password for verification at a verification module that is external to said electronic device in order to enable said payment transaction via said electronic device.
2 Assignments
0 Petitions
Accused Products
Abstract
Devices, system, and methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A computing device includes: a secure storage unit to securely store a confidential data item; a non-secure execution environment to execute program code, the program code to transport to a remote server a message; a secure execution environment (SEE) to securely execute code, the SEE including: a rewriter module to securely obtain the confidential data item from the secure storage, and to securely write the confidential data item into one or more fields in said message prior to its encrypted transport to the remote server.
31 Citations
20 Claims
-
1. An electronic device comprising:
-
a secure execution environment (SEE) to securely execute code; a secure video path (SVP) to securely exchange, between the SEE and a touch-screen of the electronic device, payment-related information to enable a payment transaction through said electronic device; wherein the SEE comprises a secure password entry module to generate a scrambled on-screen interface, and to send the scrambled on-screen interface to the touch-screen through the SVP in order to enable said payment transaction via said mobile electronic device; a secure operations module, (a) to securely receive, from the secure password entry module, a password entered by a user via said touch-screen in order to enable said payment transaction via said electronic device, said password transported securely via said SVP from said touch-screen to said secure password entry module of the SEE;
(b) to encrypt said password; and
(c) to send the encrypted password for verification at a verification module that is external to said electronic device in order to enable said payment transaction via said electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
securely generating, in a Secure Execution Environment (SEE) of an electronic device, a representation of a scrambled on-screen password-entry interface; securely sending said representation of the scrambled on-screen password-entry interface, from the SEE of said electronic device, to a touch-screen of said electronic device, exclusively through a local Secure Video Path (SVP) within said electronic device that enables the SEE to securely and locally communicate with said touch-screen; securely identifying within the SEE of said electronic device, a character which corresponds to an on-screen key that a user selected via the touch-screen of said electronic device through said scrambled on-screen interface displayed on said electronic device, wherein exchange of information between the SEE of said electronic device and the touch-screen of said electronic device is performed exclusively locally via said SVP of said electronic device. - View Dependent Claims (16, 17)
-
-
18. A server apparatus comprising:
-
a secure execution environment (SEE) system to securely execute code; wherein the SEE system comprises a secure password entry module (a) to generate a scrambled on-screen interface, and (b) to send the scrambled on-screen interface, as an encoded Digital Rights Management (DRM) protected video to a remote device and is securely stored in a secure storage of said remote device; wherein the encoded DRM-protected video is delivered exclusively via a local Secure Video Path (SVP) within said remote device, from the secure storage in said remote device to a touch-screen of said remote device;
wherein the encoded DRM-protected video, when played by a DRM-enabled playback module of the remote device, causes the touch-screen of the remote device to securely display said scrambled on-screen interface generated by the SEE system of said server apparatus. - View Dependent Claims (19, 20)
-
Specification