Method of providing assured transactions using secure transaction appliance and watermark verification

US 9,083,746 B2
Filed: 10/20/2008
Issued: 07/14/2015
Est. Priority Date: 10/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving from a transaction server at a secure transaction device electronic content and a tag relating to a known portion of the electronic content, wherein the tag comprises a hypertext markup of the electronic content;

associating with the tag first electronic data for use in verifying the known portion of the electronic content;

establishing a first communication path between the secure transaction device and a security module comprising at least one of a removable peripheral memory storage device and a wireless device connected to a user system associated with a user, said secure transaction device being separate from said user system, the first communication path including the secure transaction device disposed between the transaction server and the user system;

establishing a second communication path between the secure transaction device and the user system; and

initiating an authorization process for being performed in conjunction with the security module, the authorization process comprising;

providing the known portion of the electronic content via the user system for presentation to the user;

providing the first electronic data to the user via the security module for authorizing the electronic content, wherein the known portion of the electronic content is verified by the user;

receiving from the user an indication that the known portion of the electronic content is authorized, wherein receiving the indication comprises receiving via the security module a user input; and

digitally authorizing the electronic content in response to the indication.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method of improving electronic security by establishing a path between a user and a secure transaction appliance. The secure transaction appliance receiving information destined for the user which includes a tagged portion, said tagged portion triggering the secure transaction appliance to forward the information to the computer from which the request was issued, and to seeking an electronic signature to verify the content or transaction by transmitting a watermark, tagged portion of the content, or similar electronic content. The secure trusted path providing the user with the tagged portion incorporating additional elements such as a watermark, or in some embodiments only the additional elements, upon a personalized security device associated with the user making interception or manipulation more complex and difficult.

67 Citations

View as Search Results

14 Claims

1. A method comprising:
- receiving from a transaction server at a secure transaction device electronic content and a tag relating to a known portion of the electronic content, wherein the tag comprises a hypertext markup of the electronic content;
  
  associating with the tag first electronic data for use in verifying the known portion of the electronic content;
  
  establishing a first communication path between the secure transaction device and a security module comprising at least one of a removable peripheral memory storage device and a wireless device connected to a user system associated with a user, said secure transaction device being separate from said user system, the first communication path including the secure transaction device disposed between the transaction server and the user system;
  
  establishing a second communication path between the secure transaction device and the user system; and
  
  initiating an authorization process for being performed in conjunction with the security module, the authorization process comprising;
  
  providing the known portion of the electronic content via the user system for presentation to the user;
  
  providing the first electronic data to the user via the security module for authorizing the electronic content, wherein the known portion of the electronic content is verified by the user;
  
  receiving from the user an indication that the known portion of the electronic content is authorized, wherein receiving the indication comprises receiving via the security module a user input; and
  
  digitally authorizing the electronic content in response to the indication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1 wherein the first communication path is a trusted path.
  - 3. A method according to claim 1 wherein, receiving from the user an indication comprises providing a confirmation signal to the secure transaction device.
  - 4. A method according to claim 1 wherein,the first communication path is via a first network;
    - andthe second communication path is via a second network.
  - 5. A method according to claim 1 wherein, initiating an authorizing process comprises providing a response to the secure transaction device to continue with a transaction.
  - 6. A method according to claim 1 wherein, the secure transaction device comprises at least one of a server and a thin-client.
  - 7. A method according to claim 1 wherein, the first electronic data is responsive to a process in execution on the security module, the process operating in dependence upon a cryptographic key stored within the security module.
  - 8. A method as in claim 1, comprising:
    - communicating between said secure transaction device and said security module using a secure communication channel; and
      
      modifying, by said secure transaction device, at least a portion of the electronic content, in response to said first electronic data.
  - 9. A method according to claim 1 wherein providing the known portion of the electronic content includes providing at least one of a digital watermark, a predetermined portion of a digital watermark, a digital certificate, a text seal, an image seal, a steganographic message, a steganographic image, a known portion of the first electronic document, and a Turing test.
  - 10. A method according to claim 1 wherein providing the first electronic data includes providing at least one of a digital watermark, a predetermined portion of a digital watermark, a digital certificate, a text seal, an image seal, a steganographic message, a steganographic image, a known portion of the first electronic document, and a Turing test.

11. A method comprising:
- receiving from a transactor at a secure transaction device electronic content and a tag associated with a known portion of the electronic content, the electronic content for transmission to a user system associated with a user, wherein the tag comprises a hypertext markup of the electronic content;
  
  associating with the tag first electronic data for use in verifying the known portion of the electronic content;
  
  communicating between said secure transaction device and said transactor using a secure communication channel, said secure transaction device being separate from said user system, the secure communication path including the secure transaction device disposed between the transaction server and the user system;
  
  modifying, by said secure transaction device, at least the known portion of the electronic content in response to at least one of the transactor, the user, the tag, and the electronic content;
  
  associating with the tag second electronic data, the second electronic data providing the user an association with the first electronic data;
  
  storing within a memory of the secure transaction device the modified electronic content and second electronic data;
  
  establishing a first communication path between the secure transaction device and a user security module comprising at least one of a removable peripheral memory storage device and a wireless device coupled to the user system;
  
  transmitting the modified electronic content for display to the user on the user system;
  
  transmitting the second electronic data to the user via the user security module; and
  
  verifying authenticity of the modified electronic content in dependence upon the second electronic data, wherein the known portion of the electronic content is verified by the user;
  
  receiving from the user an indication that the known portion of the electronic content is authorized, wherein receiving the indication comprises receiving via the security module a user input; and
  
  digitally authorizing the electronic content in response to the indication.
- View Dependent Claims (12, 13, 14)
- - 12. A method according to claim 11 further comprising:
    - establishing a second communication path between the secure transaction device and the user system;
      
      transmitting via the second communication path the modified electronic content for display to the user on the user system;
      
      transmitting via the first communication path the second electronic data for display to the user on the security module; and
      
      providing an indication of said verification to the secure transaction device.
  - 13. A method as in claim 11, comprising presenting to said user, by said secure transaction device, at least a portion of one of the group:
    - said tag, said electronic data.
  - 14. A method as in claim 11, wherein said secure communication channel between said secure transaction device and said transactor also passes through said user system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Data Locker Incorporated
Original Assignee
Imation Corporation (Glassbridge Enterprises, Inc.)
Inventors
Hamid, Laurence
Primary Examiner(s)
Zele, Krista
Assistant Examiner(s)
FORMAN, JAMES Q

Application Number

US12/289,053
Publication Number

US 20090106556A1
Time in Patent Office

2,458 Days
Field of Search

713/176, 380/30
US Class Current

1/1
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0838   using one-time-passwords

H04L 63/123   received data contents, e.g...

H04L 63/166   at the transport layer

H04L 63/168   above the transport layer

H04L 63/18   using different networks or...

H04W 12/069   using certificates or pre-s...

Method of providing assured transactions using secure transaction appliance and watermark verification

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

67 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method of providing assured transactions using secure transaction appliance and watermark verification

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links