Various techniques are known for securing access to on-line services such as network access, on-line financial services, etc. A typical technique requires a user to enter credentials such as a user name and password to gain access to an on-line service. Such techniques are susceptible, however, to being comprised through the use of various on-line or computer-based attacks.
As an example, code such as a virus or spyware may be surreptitiously installed on a user's computer. The code may log the user's keystrokes and send the logged data to an unauthorized person (e.g., via the computer's network connection). In the event the code logs the user's keystrokes when the user logs into an on-line service, an unauthorized person may gain access to the user's credentials. The unauthorized person may then use the user's credential to gain access to the corresponding service, e.g., the user's on-line bank account, brokerage account, etc.
As another example, a user may be tricked by a phishing scheme into accessing a fake website that looks like the website the user uses to access an on-line service. In this case, the user, believing that he or she has accessed a valid website, may provide credentials to the fake website. The operator of the website may then use the user's credential to gain access to the corresponding service.
Similarly, a man-in-the-middle scheme involves intercepting communications between a user and a server where the interception is transparent to the user and server. In other words, the user is led to believe that he or she is in direct communication with the server and vice versa. In actuality, however, the man-in-the-middle may have established separate connections with the user's computer and the server. As a result, the man-in-the-middle may be logging all of the communications and may thus obtain sensitive information such as the user's credentials.
In accordance with common practice the various features illustrated in the drawings may not be drawn to scale. Accordingly, the dimensions of the various features may be arbitrarily expanded or reduced for clarity. In addition, some of the drawings may be simplified for clarity. Thus, the drawings may not depict all of the components of a given apparatus or method. Finally, like reference numerals may be used to denote like features throughout the specification and figures.