Methods and systems to detect attacks on internet transactions
USRE46158E1 · kind E1 · reissue
Assignee
Inventor
Key dates
| Filing date | Nov 11, 2014 |
| Grant date | Sep 20, 2016 |
| Priority date | — |
| Expiry date | Nov 11, 2034 |
Classification
- Technology area (CPC —)General
Abstract
A method and system are disclosed for detecting interference with a remote visual interface, such as a HTML webpage, at a client computer, particularly to determine if a malicious attack such as at HTML attack has occurred. When the web server receives a request for a page, a script is embedded in the page, and as a consequence the client computer requests at least one session key and at least one one time password from an enterprise server. The client computer also performs a check of the HTML interface present on the client computer, which an attack of this type would change. The result of the interface check, encrypted with the session key and one time password, is sent to the enterprise server, so that a comparison with the expected value for the website can be performed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.