This disclosure relates to encryption, more specifically, the disclosure relates it to a system for a computer implemented device and method for neutralizing methods for obtaining sensitive data from a data stream.
The introduction of more complex security measures to protect online financial accounts has only resulted in more clever schemes to steal the personal credentials needed to commit fraud. Armed with keystroke logging software or simply by using a clever malware form grabbing virus and spyware, online criminals can steal identify credentials necessary to take over accounts and sensitive information. Malware and form grabbing viruses and spyware are predominantly aimed at stealing online user information. However, evidence indicates that the number of attempts to hack into financial accounts is increasing substantially. For this reason, businesses with an online presence must employ a strong user authentication, data input and storage capabilities as well as more secure user data transmission.
User authentication during internet based online transactions needs to be upgraded from the now current generally accepted single factor authentication process, typically only based on user name and passwords, with a stronger more secure multi-form of user authentication. Websites also must stop transmitting sensitive data via plain text that can easily be captured via the internet. This disclosure provides solutions that are essentially plug-and-play and thus do not require extensive retro-fitting in order to add them to existing technical infrastructure. The methodology described hereinafter implements multiple layers of user authentication in ways that reduce the impact on the user experience, i.e., it is intended to be very intuitive and user-friendly, while properly defending against attacks on transactions that are highly vulnerable to fraud or attack with present systems.