Method and system for securing electronic transactions

摘要

A method for secure electronic transaction over a computer network, comprising: at a trusted relationship profile server computer: storing a unique identity of a trusted computing unit; generating a confirmation message regarding the unique identity of the trusted computing unit in response to a request from the trusted computing unit; at a security proxy server computer: storing real credentials and local credentials of a customer in a secure vault; receiving the confirmation message and permitting a login process to be performed with the security proxy server using the local credentials, provided the confirmation message is valid; and replacing the local credentials submitted in the login process with the real credentials. A corresponding system for secure electronic transactions is also provided.

主权项

1. A method for authenticating a security device at a local network location for providing a secure access from the local network location to a remote network location, the method comprising:
at the security device, having a global unique identifier (UID), a processor and a memory:
obtaining, from the remote network location, a private security software, and causing the private security software to obtain a user selectable personal identification number (PIN), and the UID of the security device, the UID uniquely identifying the security device and being permanently associated with the security device;forwarding the PIN, the UID and the private security software to the remote network location for generating a user-personalized credential code using the PIN, the UID and the private security software, comprising encrypting the user-personalized credential code;at the security device, obtaining the user-personalized credential code from the remote network location, and verifying an authenticity of the user selectable PIN and the UID, without communicating over a network, comprising decrypting the user-personalized credential code; andretrieving access credentials to the remote network location upon verifying the authenticity of the user selectable PIN and the UID.