The architecture of Identity Software-as-a-Service (SaaS) systems is based on concept of service providers or Relying-Party-Service-Providers, identity provider or Identity-Management-as-a-Service and clients or users (see for example U.S. Pat. No. 8,205,247 B2). Relying-Party-Service-Providers enable user's access and transactions. Identity-Management-as-a-Service verifies user's identity.
Users routinely gain access to IT resources or execute transactions using variety of endpoints or network-connected devices, such as PCs, laptops, tablets, smart-phones, etc. These users are filling user-action-request-forms for login or transaction vs. Relying-Party-Service-Providers. These users are also challenged to provide their username/password and/or some kind of hardware/token or smartcard and/or to provide their biometric characteristics such as face, finger, voice, iris, etc. It is understood, that increasing authentication complexity, does not bring more security, while adding considerable cost and inconvenience.
The main obstacle to better security is that network-related devices and endpoints, such as computers, tablets, smart phones, etc. are generally insecure. For example: David Dill, Professor of Computer Science at Stanford University, Calif., USA, co-authored “Computer Technologists' Statement on Internet Voting” where he states that “The voting system as a whole must be verifiably accurate in spite of the fact that client systems can never be guaranteed to be free of malicious logic. Malicious software, firmware, or hardware could change, fabricate, or delete votes, deceive the user in myriad ways including modifying the ballot presentation” (see ref. 11).
Numerous schemes were developed for strong authentication. For example: in authentication, out-of-band refers to utilizing two separate networks or channels, one of which being different from the primary network or channel, simultaneously used to communicate between two parties or devices for identifying a user. A cellular network is commonly used for out-of-band authentication. An example of out-of-band authentication is when an online banking user is accessing their online bank account with a login and a one time password (OTP) is sent to their mobile phone via SMS to identify them. The primary channel would be the online login screen where the user enters their login information and the second separate channel would be the cellular network. This process is sometimes called 2-step verification (used by Google and others). This is sequential, step after step process, where user is challenged by the website to enter OTP. This added layer of security prevents the likelihood of hackers and malware from compromising access to the complete authentication process, however, this method of authenticating a user is known to be vulnerable to man-in-the-mobile (MITMO) attacks.
Another malicious software attack is called Man-in-the-Browser attack. Man-in-the-Browser is a proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application. Man-in-the-Browser simply waits until user login using any authentication (weak or strong) and then steals user's money.
Recently issued U.S. Pat. No. 8,028,896 B2 teaches on “Authentication Methods for use in Financial Transactions and Information Banking” EP 2 065 798 A1 patent application teaches on “Method for performing secure online transactions with a mobile station and a mobile station”. None of these patents addresses the issue of malware and insecure endpoint devices. US 2012/0240203 A1 application on “Method and Apparatus for Enhancing Online Transaction Security via Secondary Confirmation” proposes to deal with PC being insecure device by sending secondary transaction to mobile device. This approach does not solve the problem, for example, due to the man-in-the-mobile attack.
Therefore the need exists for a method and a system for secure transaction and access using insecure endpoint devices.