Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Credible electronic transaction method and transaction system

An electronic transaction and transaction technology, applied in the field of information security, can solve problems such as stealing user account/password information, man-in-the-middle attack, transaction fraud, etc., to prevent the leakage of sensitive transaction information, prevent man-in-the-middle attack, and prevent DNS hijacking.

Inactive Publication Date: 2009-07-15
PEKING UNIV
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] There are many security threats in the traditional mode of online transactions based on web browsers: for example, keyboard monitoring will obtain user account / password information; browsers will be redirected to tampered web pages, resulting in transaction fraud or account / password loss; downloading and copying files Or the Trojan horse implanted by browsing the compromised website will also carry out authorization hijacking attacks-do not consider stealing the user's account / password information, but monitor the user's transaction process locally, hijack the authorization information only in the transaction authorization stage , to replace authorized information and realize transaction fraud
[0005] Nowadays, most online transactions use the SSL protocol to ensure the safe transmission of transactions, and the SET protocol to ensure the security of the transaction process, but both are difficult to overcome problems such as phishing, account / password theft, and authorization hijacking by native malware.
[0006] Using two-factor authentication technologies such as authentication tokens (such as USB tokens), although the user's account / password security can be protected to a certain extent (but the latest research shows that authentication tokens based on the machine are also insecure), but due to The final transaction authorization is still completed locally, and there are malware introduced by various means in the personal computer, such man-in-the-middle attacks such as authorization hijacking will still occur (such as: before the authorization information is submitted for encrypted transmission, the transaction order authorization information tampering, and then encrypted and sent to the server to achieve transaction fraud)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Credible electronic transaction method and transaction system
  • Credible electronic transaction method and transaction system
  • Credible electronic transaction method and transaction system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The present invention will be described in more detail through specific embodiments below in conjunction with the accompanying drawings.

[0053] This embodiment provides a trusted electronic transaction method and a transaction system thereof. The transaction system adopts a mobile phone with a cryptographic operation unit and supports bluetooth as a trusted transaction service terminal. The online banking server acts as a transaction server. A personal computer is installed with a web browser and has access to the Internet in order to log on to the online banking website. Transaction operations involve: business browsing (Browser), account inquiry (Check), payment (Pay), transfer (Virement). Among them, the sensitivity level of "business browsing" is 1, which is considered as a general transaction; the sensitivity level of "account query" is 2, the sensitivity level of "payment" is 3, and the sensitivity level of "transfer" is 3. Transactions with a sensitivity leve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a credible electronic trading method and a trading system thereof, belonging to the technical field of information security. The inventive trading method comprises the following steps: a user logs in a trading server through an information transmission medium; initializing between a credible trading service terminal and a trading server through the information transmission medium, and setting up security connection; the credible trading service terminal displays trading information of the electronic trading in a way capable of being understood by the user, and the trading information is validated through the credible trading service terminal if the user confirms the trading information is right; the credible trading service terminal authorizes the trading server to trade through the information transmission medium. The inventive trading system comprises a personal computer and the credible trading service terminal. Compared with the prior art, the invention solves security problems of network angling, authorization hijack and the like existing in electronic payment and network trading through the credible trading service terminal, and related authentication and encryption protocols.

Description

technical field [0001] The invention relates to a trusted electronic transaction method and a transaction system thereof, belonging to the technical field of information security. Background technique [0002] With the rapid development of the Internet, applications based on the World Wide Web are rapidly popularized, and e-commerce (online games, online banking and online shopping, etc.) has become a part of people's daily work and life. However, the existence of security threats such as phishing, viruses, Trojans, and other spyware for the purpose of economic crimes makes users bear huge security risks while conducting online transactions, such as account / password information theft, identity counterfeiting, authorization hijacking, etc. . These threats make more and more users lose confidence in electronic payment / online transactions, and even give up using such transaction methods. [0003] The security of online transactions mainly involves the following technical issu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06Q30/00H04L29/06
Inventor 毛剑韦韬戴帅夫邹维王铁磊张超赵新建李佳静
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com