News Column

Patent Issued for Secure Online Banking Transaction Apparatus and Method

August 21, 2014



By a News Reporter-Staff News Editor at Computer Weekly News -- International Business Machines Corporation (Armonk, NY) has been issued patent number 8799171, according to news reporting originating out of Alexandria, Virginia, by VerticalNews editors.

The patent's inventors are Baentsch, Michael (Gross, CH); Buhler, Peter (Horgen, CH); Eirich, Thomas (Waedenswil, CH); Hoering, Frank (Zurich, CH); Kramp, Thorsten (Kilchberg, CH); Weigold, Thomas (Thalwil, CH).

This patent was filed on April 1, 2008 and was published online on August 5, 2014.

From the background information supplied by the inventors, news correspondents obtained the following quote: "Aspects of the present invention are directed to transaction security and, more particularly, to a secure online banking transaction apparatus.

"Modern online banking security requires that banks are always one step ahead of the latest real-world attacks. Of these, three types of attacks have to be considered, namely phishing attacks, malicious software attacks, and man-in-the-middle (MITM) attacks. Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. A malicious software attack involves the use of software designed to infiltrate or damage a computer system, such as a banking customer's computer, without the owner's informed consent. An MITM attack is an attack in which an attacker is able to read, insert and modify at will messages between two parties without either party knowing that the link between them has been compromised.

"Any online banking solution, therefore, should protect itself against these attacks in such a way as to insure that user credentials cannot be accidentally revealed by a user, that user credentials are protected from unauthorized access, and that both client and server verify each other's respective identity without user intervention.

"It is commonly accepted, however, that a standard client personal computer (PC) is considered to be inherently insecure and potentially infested by all kinds of malicious software, such as that which is used in malicious software attacks. This holds true for mobile devices, such as mobile phones or PDAs, which are increasingly turning into general computing devices."

Supplementing the background information on this patent, VerticalNews reporters also obtained the inventors' summary information for this patent: "In accordance with an aspect of the invention, a secure online banking transaction apparatus to communicate with a server over a non-secure connection is provided and includes a selector configured to allow for a selection of a mode of the apparatus, a processing, unit coupled to the selector and including a secure communication unit, which is configured to set up a secure connection, along which a secure transaction occurs, with the server via the non-secure connection in accordance with the mode, an input unit coupled to the processing unit and configured to allow for a input of data into the apparatus, which is at least partly related to the secure transaction, and an interface coupled to the processing unit and configured to convey at least a status of the secure transaction and the contents of the inputted data.

"In accordance with another aspect of the invention, a system upon which a secure online banking transaction may be conducted is provided and includes a server on which the banking transaction occurs, a proxy client configured to connect to the server via a non-secure connection, and an apparatus coupled to the proxy client and including a selector configured to allow for a selection of a mode of the apparatus, a processing unit coupled to the selector and including a secure communication unit, which is configured to set up a secure connection, along which a secure transaction occurs, with the server via the non-secure connection in accordance with the mode, an input unit coupled to the processing unit and configured to allow for a input of data into the apparatus, which is at least partly related to the secure transaction, and an interface coupled to the processing unit and configured to convey at least a status of the secure transaction and the contents of the inputted data.

"In accordance with yet another aspect of the invention, a method of conducting a secure online banking transaction with an apparatus is provided and includes establishing a non-secure connection between a proxy client and a server, selectively gathering data through the apparatus while in an offline state, coupling the apparatus to the proxy client, establishing a secure connection between the apparatus and the server via the non-secure connection between the proxy client and the server, and transmitting information, which at least partly includes the gathered data, via the secure connection between the apparatus and the server.

"Additional features and advantages are realized through the techniques of the present invention. Other embodiments and aspects of the invention are described in detail herein and are considered a part of the claimed invention. For a better understanding of the invention with advantages and features, refer to the description and to the drawings."

For the URL and additional information on this patent, see: Baentsch, Michael; Buhler, Peter; Eirich, Thomas; Hoering, Frank; Kramp, Thorsten; Weigold, Thomas. Secure Online Banking Transaction Apparatus and Method. U.S. Patent Number 8799171, filed April 1, 2008, and published online on August 5, 2014. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8799171.PN.&OS=PN/8799171RS=PN/8799171

Keywords for this news article include: Software, International Business Machines Corporation.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories on investments and markets, please see HispanicBusiness' Finance Channel



Source: Computer Weekly News


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters