1. Field of the Invention
The present invention relates to the field of cryptography. More particularly, the present invention relates to a non-corruptible mechanism for ensuring that data associated with a transaction is accurately displayed on a display monitor before the data is transmitted over a communication link.
2. Description of Art Related to the Invention
Over the past few years, more businesses and individuals are performing on-line financial transactions over a communication link such as the Internet or any other Wide Area Network ("WAN"). Normally, on-line financial transactions are carefully reviewed for accuracy before transmission, especially when the financial transaction includes confidential financial data such as a payment authorization. Herein, "payment authorization" may include, but is not restricted or limited to a credit card charge request, an Automated Teller Machine (ATM) withdrawal request or any other crediting or debiting request.
It is well known that host software is used to control, among other things, a video subsystem of a personal computer (PC). Before transmitting payment authorization, traditional host software running on a PC causes certain information associated with the financial transaction to be displayed on its monitor. If the user approves the financial transaction, he or she may be required to perform an action that can be interpreted as "user approval". The action may include (i) entering a password, (ii) depressing a button, or (iii) inserting or swiping a token card such as any magnetic-strip card or smart card.
For current PC platforms, each party to an on-line financial transaction is susceptible to fraud by corrupting host software (e.g., illicitly modifying the functionality of the host software). For example, host software may be corrupted by a software virus created to increase or decrease an amount of the payment authorization, unbeknownst to a PC user (e.g., a first party of the financial transaction). As a result, during the financial transaction, the first party may view his or her monitor believing that payment authorization is for a first monetary amount. However, due to virus corruption of the host software, payment authorization is being made for a second monetary amount, which is significantly greater than the first monetary amount. Likewise, the same situation may happen to a second party of the transaction where he or she believes that a desired amount has been credited. Actually, due to host software corruption, a lesser amount has been credited.
Therefore, it would be desirous to implement a simple mechanism used for verifying certain attributes of any transaction, but is resistant to corruption by host software.