Increasingly, people are engaging in financial and other sensitive electronic transactions on the Internet. Electronic transactions can include electronic bill paying, Internet banking, electronic auctions, electronic funds transfer, and electronic securities trading. Additionally, people desire remote access to networks, such as their employers network. Currently, remote access, including remote access for electronic transactions, is performed via a client device, such as a personal computer, through a public-wide area network, such as the Internet. Similarly, there is an increasing amount of fraud occurring with respect to transactions and communications over the Internet.
Internet fraud currently occurs essentially from two sources: 1) the Internet connection itself; and 2) operating-system based client devices, such as the Microsoft® operating system-based client devices. These sources make the typical online electronic transaction subject to fraud. On the first source, the Internet connection, the Internet is a public network, and, as such, many ports are available and accessible by the public. The direction and advancement and the use of Internet access network technology have resulted in the growth of available bandwidth for the user. The more bandwidth, the higher speed of Internet accesses. This direction encourages the “always on” use behavior by the user, which is further exacerbated by fixed tariffs. This means that the user can just leave the Internet access connected continuously so that he/she does not have to undertake the cumbersome process of initiating the operating system and network connectivity. While this situation may provide convenience, this also offers an optimal environment for intrusion of unwanted software into the client terminal through multiple open ports. While port protection technology is available, in most cases the technical challenge associated with its use mitigates against adoption by the masses. Additionally, the code on Web pages, such as a financial institution's Web page, is HTML code and is exposed to the public. Thus, hackers can exploit the accessibility of the Internet to obtain information in electronic transactions.
Most conventional remote access solutions utilize the Internet to provide connectivity between a user on a client device and a server. Remote access solutions that utilize leased line or direct line connections are available, but are cost prohibitive for the average user. Generally, only senior members of an organization may have a direct line connection from a remote location, such as a residence, to the organization's network and servers.
Second, given that most client devices utilize the Windows® operating system from Microsoft Corp., most perpetrators of fraud focus most of their attention on creating software for their purposes to reside on these devices. This type of software, which is generally classed as “spyware” or “malware,” can lay in waiting on Windows® operating system-based devices. Then unbeknownst to its user such spyware can come alive in certain circumstances where fraudulent activity can be activated. Spyware is capable of recording keystrokes or otherwise capturing sensitive information of a user in order to facilitate unwanted access to “secure” sites. Therefore, a solution is needed to provide secure communications for electronic transactions.