Patent · US Active

Multi-channel transaction signing

US8433914B1 · kind B1 · utility

20Cited by

2References

18Claims

0Family size

Assignee

EMC Corporation · US

Inventors

Robert S. Philpott · Andover, US
Yong Qiao · Suzhou, CN
Michael J. O'Malley · Lowell, US
Daniel V. Bailey · Pepperell, US

Key dates

Filing date	Jun 22, 2010
Grant date	Apr 30, 2013
Priority date	—
Expiry date	Jun 2, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L9/3215
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A transaction system combats malware and phishing-based MitM attacks on transaction processing systems by using digital signatures to integrity-protect the user-verified transaction data. With this system, a user submits a transaction from a client device (e.g., desktop web browser) over a communications channel to a server device, such as a transaction server. Before accepting the transaction, the transaction server securely delivers all relevant transaction data to a second device (e.g., the signing device), such as a smart phone, in the possession of the user. The signing device has its own distinct communication channel with the server device. The user verifies the data and the signing device creates a digital signature value for the transaction. The user submits the signature to the transaction server to confirm the transaction with the transaction server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.