Transaction Security Systems and Methods

US 20140101716A1
Filed: 10/09/2013
Published: 04/10/2014
Est. Priority Date: 10/09/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, from a host device having a host processor, outbound network traffic of a host application, the outbound network traffic directed to a secure resource, the secure resource configured to provide a secure transaction based on the outbound network traffic;

determining, using a second processor different than the host processor, whether the host application is authorized to provide the outbound network traffic to the secure resource;

allowing the outbound network traffic to be forwarded to the secure resource if the host application is authorized; and

disallowing the outbound network traffic to be forwarded to the secure resource if the host application is not authorized.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Outbound traffic of a host application may be received from a host device having a host processor. The secure resource may be configured to provide a secure transaction based on the outbound network traffic. Using a second processor different than the host processor, it may be determined whether the host application is authorized to provide the outbound network traffic to the secure resource. The outbound network traffic may be allowed to be forwarded to the secure resource if the host application is authorized. The outbound network traffic may be disallowed to be forwarded to the secure resource if the host application is not authorized.

15 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, from a host device having a host processor, outbound network traffic of a host application, the outbound network traffic directed to a secure resource, the secure resource configured to provide a secure transaction based on the outbound network traffic;
  
  determining, using a second processor different than the host processor, whether the host application is authorized to provide the outbound network traffic to the secure resource;
  
  allowing the outbound network traffic to be forwarded to the secure resource if the host application is authorized; and
  
  disallowing the outbound network traffic to be forwarded to the secure resource if the host application is not authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the host application provides the outbound network traffic to the secure resource.
  - 3. The method of claim 1, wherein the disallowing the outbound network traffic comprises blocking network access of the outbound network traffic.
  - 4. The method of claim 1, wherein the disallowing the outbound network traffic comprises modifying or filtering the outbound network traffic.
  - 5. The method of claim 1, wherein the host application comprises an application on the host device, on a server providing services to the host device, or on a device distinct from a secure transaction device comprising the second processor.
  - 6. The method of claim 1, further comprising redirecting the outgoing network traffic to the second processor before determining whether the host application is authorized to provide the outbound network traffic to the secure resource.
  - 7. The method of claim 1, further comprising configuring a network connection of a secure transaction device comprising the second processor, the configuring before receiving the outbound traffic of the host application.
  - 8. The method of claim 1, further comprising receiving all incoming network traffic for the host device.
  - 9. The method of claim 1, wherein the determining whether the host application is authorized to provide the outbound network traffic comprises looking up permissions of the host application on a security policy.
  - 10. The method of claim 9, further comprising managing, using the second processor, security services for the host device, the managing based on the security policy.

11. A secure transaction device comprising:
- a host device interface module configured to receive, from a host device having a host processor, outbound network traffic of a host application, the outbound network traffic directed to a secure resource, the secure resource configured to provide a secure transaction based on the outbound network traffic;
  
  an application determination module configured to determine, using a second processor different than the host processor, whether the host application is authorized to provide the outbound network traffic to the secure resource;
  
  a trusted application module configured to allow the outbound network traffic to be forwarded to the secure resource if the host application is authorized; and
  
  an untrusted application module configured to disallow the outbound network traffic to be forwarded to the secure resource if the host application is not authorized.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The device of claim 11, wherein the host application provides the outbound network traffic to the secure resource.
  - 13. The device of claim 11, wherein the disallowing the outbound network traffic comprises blocking network access of the outbound network traffic.
  - 14. The device of claim 11, wherein the disallowing the outbound network traffic comprises modifying or filtering the outbound network traffic.
  - 15. The device of claim 11, wherein the host application comprises an application on the host device, on a server providing services to the host device, or on a device distinct from the secure transaction device.
  - 16. The device of claim 11, further comprising a data redirection module configured to redirecting the outgoing network traffic to the second processor before the application determination module determines whether the host application is authorized to provide the outbound network traffic to the secure resource.
  - 17. The device of claim 11, further comprising a device configuration module adapted to configure a network connection of the secure transaction device, before receiving the outbound traffic of the host application.
  - 18. The device of claim 11, further comprising a data redirection module configured to receive all incoming network traffic for the host device.
  - 19. The device of claim 11, wherein the application determination module is to provide the outbound network traffic comprises looking up permissions of the host application on a security policy.

20. A system comprising:
- means for receiving, from a host device having a host processor, outbound network traffic of a host application, the outbound network traffic directed to a secure resource, the secure resource configured to provide a secure transaction based on the outbound network traffic;
  
  means for determining, using a second processor different than the host processor, whether the host application is authorized to provide the outbound network traffic to the secure resource;
  
  means for allowing the outbound network traffic to be forwarded to the secure resource if the host application is authorized; and
  
  means for disallowing the outbound network traffic to be forwarded to the secure resource if the host application is not authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CUPP Computing AS
Original Assignee
CUPP Computing AS
Inventors
Touboul, Shlomo

Granted Patent

US 9,973,501 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/53   by executing in a restricte...

G06F 21/606   by securing the transmissio...

H04L 63/0236   Filtering by address, proto...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/10   for controlling access to d...

H04L 63/18   using different networks or...

H04L 63/20   for managing network securi...

Transaction Security Systems and Methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction Security Systems and Methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links