Field
Embodiments of the invention generally relate to techniques for authenticating transactions conducted over computer networks, e.g., online banking transactions. More specifically, embodiments of the invention provide a signing mechanism that protects against man-in-the-middle attacks and some malware attacks.
Description of the Related Art
Network based transactions have become commonplace and it is routine for financial institutions to offer customers web-based access to deposit and investment accounts. For example, bank customers routinely use web-based systems to transfer money from one account to another, to access online bill pay services, or to perform a variety of other transactions. Similarly, online brokerages allow customers to purchase and sell stocks, bonds, and other securities using any networked computer. Other common online transactions include posting payments to utility or loan accounts and purchasing goods or services.
In each of these cases, transaction security is a well-known and serious concern, particularly for financial institutions that allow customers to transfer funds from one account to another using web-based systems. Accordingly, a variety of security techniques are used to help ensure that only authorized users can access a given account. For example, a variety of cryptographic techniques have been developed that to improve security and provide more reliable user authentication.
However, simply assigning customers with a username and password, and even using cryptographic protocols (e.g., a public key infrastructure (PKI) and digital certificates) to verify customer identify is insufficient to prevent a variety of forms of online fraud. That is, while these techniques can be used by a financial institution to verify customer identify, they leave a user's account vulnerable to other forms of attack. For example, malicious individuals can create websites that masquerade as a legitimate bank site in order to perform a “man-in-the middle” attack. In such an attack, when the user accesses the malicious website, it presents itself to the user as the legitimate bank site, and obtains any access credentials supplied the user. The attacker then uses the credentials to access the user's account with the financial institution using the legitimate credentials. Typically, the “man-in-the-middle” attacker simply passes logon messages to the bank and passes messages from the bank back to the user. This allows the “man-in-the-middle” to alter transaction details without the legitimate user knowing that something is being changed. That is, once an attacker has intercepted a legitimate transaction request, the attacker then changes the details of that transaction (e.g., transferring money from one account to another) in order to perform a different one (e.g., stealing funds from the account). Such fraud can be very difficult to address because the actual funds transfer was initiated with the users legitimate credentials.
Another similar attack is sometimes referred to as a “man-in-the-browser.” In such an attack, malware installed on a user's browser recognizes when a user attempts to access an account with a financial institution. When this occurs, the malware allows the user to conduct a transaction, but changes details to transfer funds to the attacker. At the same time, the user is presented with details of the legitimate transaction, i.e., the amounts and fund recipients are shown to be what the user has requested, while the actual recipient and or fund amount is changed.