The use of electronic banking and record keeping has been increasing and conceivably may be the method by which most banking and other financial transactions will be conducted in the future. Electronic and online banking presents a user with the technological option of bypassing the time-consuming, paper-based aspects of traditional banking so that financial accounts may be managed more quickly and efficiently. For example, a user may access online banking through a global communication network to view account balances and account activity of certain financial accounts; transfer money between accounts; pay bills; view images of cancelled checks and print copies of viewed checks or other transactions and activity.
One shortcoming of existing online banking methodologies relates to user privacy and security of both financial and related personal information. In many cases, only one layer of security exists between a user, whether authorized or unauthorized, and access to this information. This layer of security is typically in the form of a shared secret. The shared secret is a common security method for accessing financial or personal user information, which may be confidential and forms an integral part of user authentication in the current online environment. The shared secret usually consists of a word or group of words, numeric data or some random combination of letters and numerals that are exchanged between and known to both the user and the holder of the financial or personal user information. When the user provides the shared secret data that matches the data previously exchanged between the parties, the user is granted access to the information.
There are several forms of shared secrets that may be utilized in any combination. For example, the most common type of shared secret is a user identifier and password. Challenge questions are another type of shared secret often used to provide a greater level of confidence of user authentication because the challenge questions are directed toward somewhat more personal data. For example, when the user logs into an online banking web site, the financial institution may display, to the user, at least one of a group of preselected challenge questions for which the user has previously provided an answer. The user must provide the appropriate answer to access the online banking web site and user information. Shared secrets serve as a barrier to access and should never be disclosed by the user. However, there are multiple ways to purloin shared secret data regardless of whether such data has been disclosed by the user.
For example, e-mail phishing is one of the fastest growing methods of fraudulently acquiring sensitive access information. Phishing is a term used to describe the action of assuming the identity of a legitimate organization, or web site, such as through the use of email or a web page, with the objective of convincing a user to innocently share user names, passwords and financial or personal information. The information provided by the unwary user is often used to commit crimes, such as fraud and identity theft.
To gain a user's trust and information, a potential wrongdoer electronically poses as a financial institution or other legitimate company. The wrongdoer sends an e-mail to the user that is formatted to appear as legitimate correspondence from an institution with which the user may have an account. The e-mail may contain a reproduced logo or other indicia of legitimacy copied from a web site of an organization or corporation, which is intended to deceive the user. The e-mail typically requests that the user update certain personal information online such as financial data and financial account numbers, account usernames, credit card numbers, passwords, social security numbers or other similar information that a legitimate organization or corporation is likely to have regarding that user. The wrongdoer informs the user that the information can be updated by visiting a particular website, for which a link is typically included in the email. The link directs the user to a counterfeit website designed to trick the user into divulging the personal information.
Many financial institutions prefer to supplement shared secrets with additional security measures in order to gain access to sensitive information. One method utilized to provide assurances against phishing practices is the use of a digital image in conjunction with an associated phrase during user log in. Specifically, the user chooses a particular image from a range of graphical files provided by the financial institution. The user adds a personalized phrase to be associated with the selected image. Only the user and the financial institution know which image and particular phrase have been selected. When the user logs in to the financial institution website, the secret image and associated personalized phrase are displayed to the user. Therefore, the image and phrase function as a type of reverse password to assure the user that the site is the legitimate site of the financial institution.
Some financial institutions have added a physical object as a barrier to access, which serves the purpose of a key. One example of a physical object is a security token that is utilized to prevent access by an unauthorized user. An example of this is the RSA SecurID Authenticator, which is a security token manufactured by RSA Security, Inc. of Bedford, Mass. The security token functions like an ATM card as the user must be identified by both something that the user knows and something that the user has before access is granted. Security tokens are currently used to securely access virtual private networks and other remote access applications, web servers and applications and network operating systems. Security tokens have been utilized recently in other applications, including online banking applications.
To use a security token, a user is provided with a personal device which displays a code number. The device is synchronized to a server and based on logic, time and other parameters, the server can recognize whether numbers entered by a user, as displayed on the personal device, match the corresponding register of the server. Specifically, the user reads an ever-changing number on the screen of a device and types the number, as requested, during log in. A server at the financial institution maintains a separate, synchronized register which corresponds to the number displayed on the personal device. When the user enters the appropriate number, the server validates the user. The user therefore requires a password plus a physical object to gain access to an account. An unauthorized user would have to obtain the token, as well as the log in credentials of the user, to access any financial and personal user information.
Each of the above described methods of protecting financial and personal user information are useful to keep unauthorized individuals from gaining access to this information through improper means at the initial point of access. However, once the correct log in credentials are obtained and access is granted, the financial and personal user information may be freely accessible by anyone. It should be noted that an unauthorized user does not necessarily need to obtain the appropriate log in credentials to access the user's retained information.
For example, such unauthorized access may be obtained through the cache of an Internet browser program. The browser cache contains temporary files, similar to a travel record, of the items a user has seen, heard or downloaded from the Internet, including images, sounds, web pages and cookies. A computer requires less time to display a web page when some of the elements of the page or even the entire page can be called up from the local temporary Internet folder. Thus, storing these files in the browser cache enables more efficient Internet browsing. Caching is not limited to entire web pages but can also include user names, passwords, financial and other sensitive information that may have been entered by the user on a web page.
Typically, a computer terminal with multiple users or a public computer terminal, such as one located in a library, hotel or other public place, is accessible to almost anyone. Most often, browser settings are usually not set to automatically delete temporarily stored information. Consequently, public computers are not a safe place to view certain financial and personal user information. Clearing the browser cache ensures that any individual engaged in a subsequent browser session or otherwise having access to the same computer terminal, particularly on a public computer terminal, will not have access to this information.
Some financial institutions utilize a session cookie to prevent subsequent users from viewing online banking web pages previously viewed by another user. However, a session cookie only protects the user who has logged off from the online banking session. A user may leave a computer terminal unattended while logged into an online banking web site for a number of reasons, including carelessness. In such a situation, any person gaining access to the computer has access to the same information as the authorized user.
After the unauthorized user gains access to financial and personal user information, there are a number of ways the victim can be defrauded. The unauthorized user can utilize the bank's online bill-paying function, an increasingly popular and heavily marketed feature, to have checks made out to himself or to pay his own bills. In an account with wire transfers enabled, the unauthorized user could transfer money to another account, often one in an overseas bank.
Many online banking web sites incorporate access to full digital images of hardcopy bank instruments into account activity reports or other electronic statements. Prior art embodiments reproduce a full view digital image of an online banking user's canceled checks which include all of the financial and personal information printed on the face of the check, such as the user's name, address and account number. Other information handwritten on the face of the check may include a telephone number, social security number or credit card account number, as required by the payee. The unauthorized user can view an image of a canceled check online and then use the check image to create a forged check or misappropriate the information on the face of the check for improper purposes. With regard to privacy and security of financial and personal user information, it is therefore desirable to reduce the amount of personalized information that is part of an electronic transmission associated with online banking, even with appropriate account protections in place.
Systems which specifically include the use of such images include, for example, Blossman, et al., U.S. Pat. No. 6,721,783, issued Apr. 13, 2004, which discloses an e-mail controller that delivers monthly account activity statements and notices through communication and other e-mail networks as an alternative to printing paper account activity statements. The emailed statements include at least one of a full front view and back view image of each processed hardcopy bank instruments, such as deposit slips or canceled checks. The e-mail controller comprises an electronic formatted statement shell in which lists of transactions associated with a user account can be inserted. Further, an image link is provided in the statement shell that defines an electronic path from a listed transaction to at least one full view image of a hardcopy bank instrument. The file associated with each image link is stored in an appropriate database. The hardcopy bank instruments may be serial numbered, such as a check, although non-serial numbered bank instruments may also be included. Non-serial numbered bank instruments include NSF notices, deposit correction notices and account sweep transaction notices.
A digital image of each hardcopy bank instrument can be created using a typical proof-of-deposit imaging system which includes an image database file, an imaging device and software and a check clearing/proof-of-deposit subsystem. The imaging device, in conjunction with imaging software, is used to scan a full front view and back view of each hardcopy bank instrument and create at least one digital image of the instrument. Each view is typically a separate digital image. Each hardcopy bank instrument and corresponding image or images are sorted according to accounts held at the particular financial institution performing the imaging and accounts held at other institutions. The bank instrument information is electronically coded, if appropriate, in a database record linked to the corresponding images. This information includes the dollar value of the paper check or hardcopy bank instrument and other information necessary to post the transaction, such as a serial number, a sequence number or bank account number.
The user can pre-establish preferences with respect to the statements that include the manner by which the user prefers the digital images to be presented. For example, the user can set a minimum dollar value for the inclusion of certain images with respect to both serial numbered and non-serial numbered hardcopy bank instruments. The user may also choose to receive front views only of hardcopy bank instruments, back views only of hardcopy bank instruments or both front and back views of hardcopy bank instruments. Accordingly, there are two image links for each hardcopy bank instrument that may be included in the electronic statement shell. The first image link defines the electronic path to the front view of the hardcopy bank instrument and the second image link defines the electronic path to the back view. Only the image links defining the path to digital images that meet the user's preferences are included in the emailed statements.
The hardcopy bank instrument images created in Blossman are full front view and back view images. Each image link inserted into the electronic statement shell represents an image link corresponding to a full view image of at least one side of the bank instrument. When the user sets preferences regarding the selection of hardcopy instrument images to be received with the electronic statement, the user's choices are limited to one or both of the full front and back view images. The user must accept a full view image of at least one side of a selected hardcopy instrument, and the full view image contains all of the user's financial and personal information. This limitation of choice can be problematic with respect to receipt of the electronic statement and corresponding images by e-mail. Specifically, the use of a web-based e-mail presents the same issues with respect to the browser cache, as described above. Blossman's transmission of hardcopy bank instruments containing all of the user's information enables an unauthorized viewer to misappropriate such information.
Fu, et al., U.S. Pat. No. 5,754,697, for Selective Document Image Data Compression Technique, issued May 15, 1995, relates to a document image data compression technique and, specifically, the selection and compression of certain essential information apart from the background information in a document. Fu discusses the obligation of financial institutions to retain certain types of financial information, including checking account information, for a period of seven years. Typically, a financial institution provides cancelled checks to account holders on a regular periodic basis. If the financial institution chooses to retain the physical check, the information must be stored. Storage of such information in a digital format is much more preferable than in a hardcopy or micro-film format due to the physical space requirements of the documents.
Digital images still require a large amount of disk space to store and a large amount of bandwidth to transmit. A digital image with increased resolution consumes a considerable amount of diskspace. Although compression techniques have evolved, issues still exist with respect to image quality. Thus, the imaging technique utilized must be sensitive enough to enable accurate detection and depiction of the relevant transaction information, including the signature on the check, the amount and the payee name.
Fu provides a method of creating an image of a hardcopy bank instrument having certain information extracted from the background. The image is created through a process that involves contrast enhancement; conversion to a two-color format and compression of the resulting data. Fu discloses that it is only necessary to store a portion of the information of a document in a digitized image. Therefore, the non-essential or background information can be eliminated before the image is compressed and stored or transmitted.
For example, bank checks include different types of information including colored check designs, the account information of the user printed along the bottom of the check, the financial institution identification information and other data that is entered by the payor. The background information is defined by Fu as the design pattern and artwork on the printing stock upon which the financial institution and user information is printed. The background information does not include any information that would identify the payee, the payor or the financial institution. This identifying information remains as part of the digital image that is created from the method disclosed by Fu.
Fu provides an image of a hardcopy bank instrument from which certain information has been eliminated. However, this information is limited to background information consisting of mainly printed check designs, artwork and color. The object of Fu is to create a two-color black and white image in the interest of minimizing file size for storage and exchange. In creating this compressed image, Fu maintains all of the financial and personal identifying information within the image so that user account and transaction information can still be identified from the resulting image.
Prakash, United States Patent Publication No. US 2005/0036680, published on Feb. 17, 2005, discloses a System and Method for Segmenting an Electronic Image. Prakash discloses that many financial institutions are seeking to store and process more hardcopy bank instruments in the form of electronic images. However, these files are typically large and the creation of such images involves sophisticated techniques and equipment. Further, a bank may want to identify and store only specific textual or written areas from the foreground of a check image such as dollar amounts, signatures, and payees, while eliminating any necessary background information, such as a check design or other artwork.
Prakash discloses the conversion of a hardcopy bank instrument into a compressed image, such as a JPEG image. Next the compressed image is segmented into blocks, with a typical bank check comprising approximately 5,967 blocks. Each segment of the compressed image is analyzed and assigned an appropriate frequency coefficient. For example, if the image is a JPEG image, the proper coefficient is a Discrete Cosine Transform, or DCT, coefficient value which represents the average video value of the block. Once the coefficient value is computed for each block, the sums are examined and used to distinguish between foreground segments and background segments. The identified foreground segments that contain the desired information will be stored, outputted or processed, as needed. The resulting image of Prakash is based on the elimination of certain background data. However, similar to Fu, the background data that is eliminated comprises only data such as a check design or artwork. Thus, any data that may identify the payor, the payee or the financial institution is maintained as part of the image.
What is lacking in the art is a method of providing sufficient graphical or other financial data from a hardcopy bank instrument sufficient to enable the user to extract useful transaction information. The image or other data is carefully edited, however, to exclude or otherwise mark any particular personal information which might enable a third party to utilize such data for improper purposes.