TOOL FOR CREATING A SYSTEM HARDWARE SIGNATURE FOR PAYMENT AUTHENTICATION
First Claim
1. A system for payment authentication using a system hardware signature, whereby presence of malware may be detected prior to payment information being compromised, the system comprising:
- a computer apparatus including a processor and a memory; and
a software module stored in the memory, comprising executable instructions that when executed by the processor cause the processor to;
create a unique signature, using a signature creation algorithm and based at least in part on a hardware profile of the system, comprising;
obtaining first information identifying a first part of the computer apparatus;
obtaining second information identifying a second part of the computer apparatus;
obtaining third information identifying the computer apparatus;
obtaining fourth information related to a current time and/or a current date;
obtaining fifth information corresponding to a software execution pattern;
combining the first information, the second information, the third information, the fourth information and the fifth information to create the unique signature;
receive a request, from a user, to perform a transaction using the system;
in response to receiving the request, determining whether any application or system has accessed the hardware profile, comprising;
if not, determining that the signature creation algorithm has not been compromised; and
if so, determining that the application or system that accessed the hardware profile was authorized to access the hardware profile and thereby determining that the signature creation algorithm has not been compromised;
in response to determining that the signature creation algorithm has not been compromised, create a key based on the unique signature, wherein the key is different from the unique signature;
initiate display of the key to the user;
receive user input entered in response to the user viewing the key; and
determine whether to proceed with transaction payment authentication based at least on whether the received user input matches the created key.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide a method a authenticating a transaction at the point of transaction. In some embodiments of the invention, a unique signature is created based at least in part on a hardware profile of the system. In some embodiments, a request is received from a user to perform a transaction using the system. In some embodiments, in response to receiving the request a key is created based on the unique signature and displayed to the user. In some embodiments, user input entered in response to the user viewing the key is received and it is determined whether to proceed with transaction payment authentication based at least on whether the received user input matches the created key.
15 Citations
20 Claims
-
1. A system for payment authentication using a system hardware signature, whereby presence of malware may be detected prior to payment information being compromised, the system comprising:
-
a computer apparatus including a processor and a memory; and a software module stored in the memory, comprising executable instructions that when executed by the processor cause the processor to; create a unique signature, using a signature creation algorithm and based at least in part on a hardware profile of the system, comprising; obtaining first information identifying a first part of the computer apparatus; obtaining second information identifying a second part of the computer apparatus; obtaining third information identifying the computer apparatus; obtaining fourth information related to a current time and/or a current date; obtaining fifth information corresponding to a software execution pattern; combining the first information, the second information, the third information, the fourth information and the fifth information to create the unique signature; receive a request, from a user, to perform a transaction using the system; in response to receiving the request, determining whether any application or system has accessed the hardware profile, comprising; if not, determining that the signature creation algorithm has not been compromised; and if so, determining that the application or system that accessed the hardware profile was authorized to access the hardware profile and thereby determining that the signature creation algorithm has not been compromised; in response to determining that the signature creation algorithm has not been compromised, create a key based on the unique signature, wherein the key is different from the unique signature; initiate display of the key to the user; receive user input entered in response to the user viewing the key; and determine whether to proceed with transaction payment authentication based at least on whether the received user input matches the created key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for providing payment authentication using a system hardware signature, whereby presence of malware may be detected prior to payment information being compromised, the computer program product comprising:
-
a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising; computer readable program code configured to create a unique signature based at least in part on a hardware profile of the system, wherein creating comprises; obtaining first information identifying a first part of the computer apparatus; obtaining second information identifying a second part of the computer apparatus; obtaining third information identifying the computer apparatus; obtaining fourth information related to a current time and/or a current date; obtaining fifth information corresponding to a software execution pattern; combining the first information, the second information, the third information, the fourth information and the fifth information to create the unique signature; computer readable program code configured to receive a request, from a user, to perform a transaction using the system; computer readable program code configured to, in response to receiving the request, determine whether any application or system has accessed the hardware profile, comprising; if not, determining that the signature creation algorithm has not been compromised; and if so, determining that the application or system that accessed the hardware profile was authorized to access the hardware profile and thereby determining that the signature creation algorithm has not been compromised; computer readable program code configured to, in response to determining that the signature creation algorithm has not been compromised, create a key based on the unique signature; computer readable program code configured to initiate display of the key to the user; computer readable program code configured to receive user input entered in response to the user viewing the key, wherein the key is different from the unique signature; and computer readable program code configured to determine whether to proceed with transaction payment authentication based at least on whether the received user input matches the created key. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented method for providing payment authentication using a system hardware signature, whereby presence of malware may be detected prior to payment information being compromised, the method comprising:
-
creating, using a computing device processor, a unique signature based at least in part on a hardware profile of the system, wherein creating comprises; obtaining first information identifying a first part of the computer apparatus; obtaining second information identifying a second part of the computer apparatus; obtaining third information identifying the computer apparatus; obtaining fourth information related to a current time and/or a current date; obtaining fifth information corresponding to a software execution pattern; combining the first information, the second information, the third information, the fourth information and the fifth information to create the unique signature; receiving, using a computing device processor, a request, from a user, to perform a transaction using the system; in response to receiving the request, determining whether any application or system has accessed the hardware profile, comprising; if not, determining that the signature creation algorithm has not been compromised; and if so, determining that the application or system that accessed the hardware profile was authorized to access the hardware profile and thereby determining that the signature creation algorithm has not been compromised; in response to determining that the signature creation algorithm has not been compromised, creating, using a computing device processor, a key based on the unique signature, wherein the key is different from the unique signature; initiating, using a computing device processor, display of the key to the user; receiving, using a computing device processor, user input entered in response to the user viewing the key; and determining, using a computing device processor, whether to proceed with transaction payment authentication based at least on whether the received user input matches the created key. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification