CN111052170A - Electronic device and method for conducting electronic transactions - Google Patents

Electronic device and method for conducting electronic transactions Download PDF

Info

Publication number
CN111052170A
CN111052170A CN201780094466.4A CN201780094466A CN111052170A CN 111052170 A CN111052170 A CN 111052170A CN 201780094466 A CN201780094466 A CN 201780094466A CN 111052170 A CN111052170 A CN 111052170A
Authority
CN
China
Prior art keywords
electronic device
user
user interaction
transaction
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201780094466.4A
Other languages
Chinese (zh)
Inventor
本杰明·史密斯
阿克塞尔·米勒
彼得·舒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN111052170A publication Critical patent/CN111052170A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • G06Q30/0609Buyer or seller confidence or verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • G06Q30/0185Product, service or business identity fraud
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07GREGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
    • G07G1/00Cash registers
    • G07G1/01Details for indicating
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Abstract

The invention relates to an electronic device (101) for conducting an electronic transaction. The electronic device (101) comprises: a processing unit (103) for running a transaction application, wherein the transaction application is for allowing a user to conduct the electronic transaction; and a user interface (105) controlled by the processing unit (103), the user interface (105) for allowing a user to interact with the transaction application through one or more user interactions, wherein the one or more user interactions generate user interaction data; the processing unit (103) is further configured to collect at least part of the user interaction data to trigger operations of cryptographically signing and storing the collected user interaction data.

Description

Electronic device and method for conducting electronic transactions
Technical Field
The present invention relates generally to the field of secure electronic transactions. More particularly, the present invention relates to an electronic device and method for conducting trusted, verifiable electronic transactions.
Background
In a new era of electronic commerce, consumers are constantly interacting with the screens of electronic devices and using applications on the devices through graphical and/or text-based User Interfaces (UI) to perform various tasks or activities, such as setting money amounts and making money transfers. This is particularly relevant for the use of smartphones.
However, the visual state of an application on an electronic device does not necessarily reflect the true internal state of the device, software, or/and hardware, which may be caused by intentional action (e.g., fraud) or unintentional action (e.g., a bug). Furthermore, the user of the application cannot prove that interacting with an element on the user interface of the application is what he wants to do. Also, online banking or merchants may not know or be able to prove whether the state of the software or hardware reflects the user's intent. For example, issues that may exist between the UI and the internal states include: scenarios where UI input and interpretation/saving/passback intent do not necessarily match, and scenarios that include malicious UIs (error tags or overlay buttons). The order of interaction is also important.
As traditional social functions are moved to the cloud, problems arise when the situation is in error without a corresponding statutory recovery mechanism. Unfortunately, online banking/merchants and customers have no way of verifying the value of operations that are actually initiated by the customer, such as transferring money, purchasing stock or selling goods, particularly transactions. Serious problems may result if a customer is "spoofed" by a malfunctioning system (e.g., third party software such as the customer's browser, business software, database, etc.) or malicious online banking/merchant or malicious employee, and/or the online banking/merchant is "spoofed" by a malfunctioning system, malicious customer, or malicious employee, all without a corresponding statutory recovery mechanism. Furthermore, online banking/merchants may therefore lose customer trust and face public crisis.
In order to avoid the above situation, the following technical problems need to be solved: there is a need to obtain reliable proof for all involved parties regarding UI status, software status and hardware status, selected UI options, UI interactions, order of interaction, etc. However, the solution of this technical problem is challenging, since it proves to be necessary to be tamper-proof: preventing software, hardware and network attacks; performing lightweight/efficient collection; is not attractive; obtaining the trust of all involved parties such as internet bank/merchant, consumer, judge, etc. The proof preferably also includes further features, such as the parties involved being identifiable and authenticatable.
Previous attempts have been made to solve similar problems in the field of UI development and testing. For example, patent US9158372B2 provides a method and apparatus for user interaction data storage. However, the integrity of the stored data in US9158372B2 is not guaranteed and the stored data is therefore not trusted, as the stored data is not allowed to be signed and tamper-proof, relying only on changes in the display to detect interaction. The most advanced solutions do still present several key problems: first, data cannot be tamper-proof and therefore cannot be trusted by the user. Furthermore, these data are also not accepted by the court. Finally, these schemes are inefficient.
In view of the above, there is a need for an improved electronic device and a corresponding method of conducting electronic transactions, thereby enabling user data tamper resistance and improving the security of user data transactions.
Disclosure of Invention
The invention aims to provide an improved electronic device and a corresponding method for carrying out electronic transaction, which support user data tamper resistance and improve the security of user data transaction.
The above and other objects are achieved by the subject matter of the independent claims. Further embodiments are apparent from the dependent claims, the detailed description and the drawings.
The present invention relates generally to electronic devices and methods for conducting electronic transactions, enabling user data tamper resistance and improving the security of user transactions. More specifically, embodiments of the invention may collect software or hardware state, communication, user interaction, and/or metadata (e.g., authentication) and add cryptographic credentials, such as signing or verifying the collected data to prevent tampering. Adding cryptographic credentials allows multiple users, including but not limited to customers, business owners, courts, and auditors, to prove whether a transaction is actually occurring. In contrast, without a password proof, a transaction proof can be forged even if the transaction never actually occurred. The novel features provided by embodiments of the present invention may provide proof of data rather than methods of securely transmitting or storing data.
An example of applying cryptographic credentials at the user or client side may be a Trusted Computing Module (TCM) that may sign the collected data and incorporate credentials for the TCM to work properly, such as by additional testing or cryptographic binary credentials. Likewise, standard cryptographic schemes are also applicable to servers and/or third parties. The following describes embodiments of the present invention in detail.
Further, embodiments of the invention may collect data including software or hardware state, communications, user interactions, and/or metadata by the trusted computing hardware module prior to the general purpose processing unit accessing the data. Where data collection may be limited according to efficiency and security requirements and may archive the data as a reliable proof at the interested party and/or third party. The data may be analog signals collected at the hardware level, or raw data collected after analog-to-digital conversion at the hardware or software level, or raw data after processing. It should be noted that the analog signal is most reliable or secure, and the processed raw data is most useful.
More particularly, according to a first aspect, the invention relates to an electronic device for conducting electronic transactions. The electronic device includes: a processing unit for running a transaction application, wherein the transaction application is for allowing a user to conduct the electronic transaction; and a user interface controlled by the processing unit, the user interface for allowing a user to interact with the transaction application through one or more user interactions, wherein the one or more user interactions generate user interaction data; the processing unit is further configured to collect at least a portion of the user interaction data to trigger cryptographic signing and storing of the collected user interaction data.
Accordingly, an improved electronic device for conducting electronic transactions is provided, enabling user data tamper resistance and improving the security of user data transactions.
In a further possible implementation manner of the first aspect, the electronic device further includes a display controlled by the processing unit, wherein the display is configured to display one or more graphical elements defined by the transaction application.
In a further possible implementation form of the first aspect, the processing unit comprises an application processor for running the transaction application and a trusted computing module for cryptographically signing the collected user interaction data.
In a further possible implementation manner of the first aspect, the electronic device further includes a non-volatile memory for storing the collected user interaction data.
In a further possible implementation manner of the first aspect, the electronic device further comprises a communication interface, and the transaction application is configured to exchange transaction data for conducting the electronic transaction with a remote transaction network entity through the communication interface.
In a further possible implementation manner of the first aspect, the electronic device further includes a communication interface, and the processing unit is configured to transmit the collected user interaction data to a remote storage network entity through the communication interface, so that the remote storage network entity performs cryptographic signature and storage on the collected user interaction data.
In a further possible implementation manner of the first aspect, the processing unit is further configured to, when generating and/or collecting at least part of the user interaction data, generate an electronic proof that the electronic device is working normally, and trigger an operation of storing the collected user interaction data together with the electronic proof.
In a further possible implementation manner of the first aspect, the processing unit is configured to: collecting at least a portion of the user interaction data in response to a trigger from the transaction application, a trigger from the user, a trigger from an operating system running on the processing unit, and/or a trigger from a third party.
In a further possible implementation manner of the first aspect, the electronic device further comprises a communication bus for exchanging data between the processing unit, the display and/or the user interface, wherein the user interaction data comprises data generated by the one or more user interactions and exchanged through the communication bus.
In a further possible implementation manner of the first aspect, the electronic device implements an operating system that determines an input buffer and/or an output buffer for caching data, where the user interaction data includes data generated by the one or more user interactions and cached in the input buffer to be processed by the operating system or the output buffer processed by the operating system.
In a further possible implementation manner of the first aspect, the user interaction data includes a plurality of screenshots of the display, a plurality of in-memory images, and/or metadata, wherein the plurality of screenshots includes a first screenshot of the display before a first user interaction of the one or more user interactions and a second screenshot of the display after the first user interaction; the plurality of memory images includes a first memory image before a first user interaction and a second memory image after the first user interaction.
In a further possible implementation manner of the first aspect, the processing unit is further configured to compress the collected user interaction data.
In a further possible implementation form of the first aspect, the user interface comprises a touch screen and/or a keyboard.
In a further possible implementation manner of the first aspect, the electronic device is a smartphone.
According to a second aspect, the invention relates to an electronic transaction system comprising: the electronic device of the first aspect; and a remote storage network entity for storing the collected user interaction data received from the electronic device.
Accordingly, an improved electronic transaction system is provided that supports user data tamper resistance and improves the security of user data transactions.
In a further possible implementation manner of the second aspect, the electronic transaction system further comprises a remote transaction network entity for exchanging transaction data for conducting an electronic transaction with the electronic device.
According to a third aspect, the invention relates to a method for conducting an electronic transaction. The method comprises the following steps: running a transaction application on a processing unit of an electronic device, wherein the transaction application is to allow a user to conduct the electronic transaction; allowing a user to interact with the transaction application through one or more user interactions on the electronic device user interface controlled by the processing unit, wherein the one or more user interactions generate user interaction data; collecting at least a portion of the user interaction data; and triggering the operation of carrying out password signature and storage on the collected user interaction data.
Thus, an improved method for conducting electronic transactions is provided, enabling user data tamper resistance and improving the security of user data transactions.
In a further possible implementation form of the third aspect, the method further comprises displaying one or more graphical elements defined by the transaction application on an electronic device display controlled by the processing unit.
According to a fourth aspect, the invention relates to a computer program comprising program code for executing the method according to the third aspect on a computer.
The present invention may be implemented in hardware and/or software.
Drawings
Embodiments of the invention will be described in conjunction with the following drawings, in which:
FIG. 1 shows a schematic diagram of an electronic transaction system including an electronic device according to an embodiment;
FIG. 2 is a schematic diagram showing all the steps of the method for conducting an electronic transaction of the present embodiment;
FIG. 3 is a schematic diagram illustrating the proof of online transaction by the electronic device (smartphone) of the present embodiment; and
fig. 4 shows a schematic diagram of the method for conducting electronic transactions of the present embodiment.
In the following figures, the same reference numerals are used to illustrate the same or at least functionally equivalent features.
Detailed Description
Reference is now made to the accompanying drawings, which form a part hereof, and in which is shown by way of illustration specific aspects in which the invention may be practiced. It is to be understood that other aspects may be utilized and structural or logical changes may be made without departing from the scope of the present invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is defined by the appended claims.
It will be appreciated that the same applies to apparatus or systems corresponding to the method for performing the method, and vice versa, in connection with the method described. For example, if a specific method step is described, the corresponding apparatus may comprise means for performing the described method step, even if such means are not elaborated or illustrated in the figures.
Further, in the following detailed description and in the embodiments of the claims, different functional blocks or processing units are described, which are connected to each other or exchange signals. It is to be understood that the invention also includes embodiments comprising additional functional blocks or processing units arranged between the functional blocks or processing units of the embodiments described below.
Finally, it should be understood that features of the various exemplary aspects described herein may be combined with each other, unless otherwise indicated.
The electronic trading system 100 according to the embodiment of the present invention, which includes an electronic device 101, a remote storage network entity 121, and a remote trading network entity 123, is described in detail below, as shown in fig. 1. In an exemplary embodiment, the electronic device 101 may be a smartphone, the remote storage network entity 121 may be a cloud storage server, and the remote transaction network entity 123 may be a transaction server of an online merchant or bank.
As shown in fig. 1, the electronic device 101 comprises a processing unit 103 for running a transaction application for allowing a user to conduct the electronic transaction. The electronic device 101 further comprises a user interface 105 and a display 107 controlled by the processing unit 103, wherein the display 107 is configured to display one or more graphical elements defined by the transaction application, and the user interface 105 is configured to allow a user to interact with the transaction application through one or more user interactions, the one or more user interactions generating user interaction data.
As shown in fig. 1, the electronic device 101 further comprises a non-volatile memory 109 for storing the collected user interaction data and a communication interface 111, wherein the transaction application is configured to exchange transaction data for conducting an electronic transaction with a remote transaction network entity 123 via the communication interface 111.
In one embodiment, the electronic device 101 may be a smartphone and the user interface 105 includes a touchscreen and/or a keyboard. Further, the user interaction data includes a plurality of screenshots, a plurality of memory images and/or metadata of the display 107 of the embodiment, where the plurality of screenshots include a first screenshot of the display 107 before a first user interaction of the one or more user interactions and a second screenshot of the display 107 after the first user interaction; the plurality of memory images includes a first memory image before a first user interaction and a second memory image after the first user interaction.
Further, the electronic device 101 further comprises a communication bus 113 for exchanging data between the processing unit 103, the user interface 105 and/or the display 107, wherein the user interaction data comprises data generated by the one or more user interactions and exchanged via the communication bus 113.
Further, the electronic device 101 implements an operating system that determines an input buffer and/or an output buffer for caching data, wherein the user interaction data includes data generated by the one or more user interactions that is cached in the input buffer to be processed by the operating system or the output buffer processed by the operating system.
Further, the processing unit 103 of the electronic device 101 is configured to collect at least part of the user interaction data to trigger operations of cryptographically signing and storing the collected user interaction data. The processing unit 103 comprises an application processor for running the transaction application and a trusted computing module for cryptographically signing the collected user interaction data.
In one embodiment, the processing unit 103 is configured to transmit the collected user interaction data to the remote storage network entity 121 via the communication interface 111, and the remote storage network entity 121 cryptographically signs and stores the collected user interaction data.
In one embodiment, the processing unit 103 is further configured to generate an electronic proof that the electronic device 101 is working properly when generating and/or collecting at least part of the user interaction data, and trigger an operation of storing the collected user interaction data together with the electronic proof.
In one embodiment, the processing unit 103 is further configured to: collecting at least a portion of the user interaction data in response to a trigger from the transaction application, a trigger from the user, a trigger from an operating system running on the processing unit 103, and/or a trigger from a third party.
In one embodiment, the remote storage network entity 121 is configured to store the collected user interaction data received from the electronic device 101 and to exchange transaction data for conducting electronic transactions with the electronic device 101.
Fig. 2 shows a schematic diagram of a method 200 for preventing user data from being tampered and improving user data transaction security provided by the embodiment. The method 200 includes five main steps: data capture 201, capture data 203, acquisition data 205, recording data 207, and evaluation data 209 are initiated. Data capture for embodiments of the present invention is also referred to as data collection. These steps may be performed by the processing unit 103 of the electronic device 101, as described in detail below.
In step 201, data capture or collection may begin by one of the following actions: an OS event (e.g., a crash, a "start trusted acquisition" flag), an application event (e.g., a "start trusted acquisition" flag), a first party, such as a user, a talker, a server, etc. (e.g., a "start trusted acquisition" flag), and a third party (e.g., a "start trusted acquisition" flag). That is, data capture or collection may begin after the above one action.
In step 203, data may be captured or collected by an application/software or (trusted) operating system or (trusted) hardware device, wherein the data may be analog signals captured at a hardware level, or raw data captured after analog-to-digital conversion at a hardware or software level, or raw data after processing. It should be noted that the analog signal is most reliable or secure, and the processed raw data is most useful.
Further, the collected data may include the following data types: application states such as video (full screen/screen area), screenshots (full screen/screen area), memory states (hardware, full/local), variables (software, full/local), user interactions such as touchscreen interactions (location, press, etc.), pointer system interactions (location, press keys, etc.), touchscreen raw data/processed data, device input raw data/processed data, sensors such as voice, and metadata such as time, session information captured by the device to identify the user (e.g., username, network domain, user fingerprint, photos during user interaction, long-term usage records, etc.). Typically, data capture or collection is limited to a minimum amount of required data.
In step 205, the captured or collected data may be obtained by: the captured data may be signed by the interlocutor, i.e., the interlocutor may operate on the captured data; the captured data may be signed by the first party through a public key stored on the device or trusted hardware internal to the device; the captured data may be made immutable by some means, such as write-once hardware, blockchains, etc.; a credential may be constructed from the captured data; data that is deemed unnecessary may be deleted or compressed using known compression algorithms, such as the Lempel-Ziv Welsh algorithm, run and gzip.
In step 207, the captured or collected data may be recorded or stored in a local memory of the first party, such as a black box, blockchain, trusted memory, etc., and/or in a remote memory of the interlocutor or third party, such as a cloud, blockchain, trusted memory, etc.
Finally, in step 209, the captured or collected data, such as error reports, tax services, etc., may be evaluated by first obtaining the reported data from the user, application developer, judge, officer, etc., or from the system. And then evaluating the reported data to judge whether the service action is initiated by the client.
In one embodiment, FIG. 3 illustrates proof of a particular online transaction via a cell phone, where the online transaction may be an online shopping or stock transaction. Performing the proof of online transaction includes the following steps.
In step 1, the Operating System (OS), browser, Application (APP) or user of the mobile phone may identify elements, such as HTML tags, to begin data capture or collection for funds/stock transfers on mobile touch screens and internet access driven devices. In one embodiment, the HTML tags may represent data capture options. Further, in one embodiment, the browser may heuristically predict important actions without a particular HTML tag. In one embodiment, data capture or collection may be initiated manually.
In step 2, full screen capture may be activated by default. In one embodiment, the App/user may decide to limit acquisition to one or more small areas of the screen.
In step 3, the capture or collection of raw signals and touch screen raw data sent to the display may be activated. For example, the operating system or hardware of the handset may capture or collect the signal.
In step 4, the touch screen raw data may be converted into a video overlay of the touch event, which may be combined with the raw signal sent to the display. The video may then be compressed with an HEVC video codec. In one embodiment, the individual data streams may be saved and compressed, i.e., the step of merging the data described above may be omitted. Further, the video may be replaced by the screenshot of the mobile phone in this embodiment.
The user, App or browser can complete the transaction and stop the capture or collection in step 5.
In step 6, metadata from the cloud or cellular network such as time, user account information, etc. may be collected.
In step 7, the trusted computing cryptoprocessor may authenticate the captured data and software configuration.
The authentication may be uploaded to a third party cloud server (e.g., Google) by the user and/or server in step 8.
When a dispute occurs, the judge may evaluate the proof using the public key of the cryptographic processor in step 9 to evaluate the validity of the transaction or reveal a violation of the transaction.
In a further embodiment, the proof of a general online transaction, such as online shopping or stock trading, may be implemented as follows.
First, the customer's device may capture the customer's intent and prove the intent to the business owner's user interface. Second, the service owner's user interface may evaluate the certification and, if the certification is valid, the user interface may perform an action according to the customer's intent; otherwise, the user interface may abort the transaction.
The transaction process then continues between the other components. An action may be performed only if there is evidence that the action should be performed. Thus, for example, a "shopping cart" cannot erroneously infer information from a user interface.
In a further embodiment, proving a device event through saved and verified memory states may be as described in the following steps, wherein the device event may relate to an attack, e.g. from a competitor, fraud or intrusion detection/monitoring.
When a protected user manifests its intent, multiple device memory state snapshots may be taken and metadata collected including time from the cloud or cellular network.
The trusted computing cryptoprocessor may verify the captured data and the software configuration. The credentials may be stored locally and uploaded to a third party cloud server, such as Google by the user and/or server.
In the event of any behavior that is not intended by the user, the forensic expert may evaluate a plurality of memory state snapshots previously taken. The evaluation can be a proper proof in a legal process, as there is a prior proof.
In a variant of the above described embodiment, the user's intent can be recovered from the captured data, unlike the traditional model, but better assurance can be provided for all involved parties. In particular, the business owner may state that the transaction is being conducted at the request of the customer, rather than an interaction between computing systems, which may be malicious or erroneous.
Fig. 4 shows a schematic diagram of a method 400 for conducting an electronic transaction according to an embodiment.
The method 400 comprises step 401 of running a transaction application on the processing unit 103 of the electronic device 101, wherein the transaction application is configured to allow a user to conduct the electronic transaction.
Further, the method 400 comprises a step 403 of allowing a user to interact with the transaction application using one or more user interactions with a user interface 105 of the electronic device 101 controlled by the processing unit 103, wherein the one or more user interactions generate user interaction data.
Finally, the method 400 comprises a step 405 of collecting at least part of the user interaction data and a step 407 of triggering an operation of cryptographically signing and storing the collected user interaction data.
While a particular feature or aspect of the invention may have been disclosed with respect to only one of several implementations or embodiments, such feature or aspect may be combined with one or more other features or aspects of the other implementations or embodiments as may be desired and advantageous for any given or particular application. Furthermore, to the extent that the terms "includes," "has," "having," or any other variation thereof are used in either the detailed description or the claims, such terms are intended to be inclusive in a manner similar to the term "comprising" as "comprising" is interpreted. Also, the terms "exemplary," "e.g.," are merely meant as examples, and not the best or optimal. The terms "coupled" and "connected," along with their derivatives, may be used. It will be understood that these terms may be used to indicate that two elements co-operate or interact with each other, whether or not they are in direct physical or electrical contact, or they are not in direct contact with each other.
Although specific aspects have been illustrated and described herein, it will be appreciated by those of ordinary skill in the art that a variety of alternate and/or equivalent implementations may be substituted for the specific aspects shown and described without departing from the scope of the present invention. This application is intended to cover any adaptations or variations of the specific aspects discussed herein.
Although the elements in the above claims below are recited in a particular sequence with corresponding labeling, unless the recitation of the claims otherwise implies a particular sequence for implementing some or all of the elements, the elements are not necessarily limited to being implemented in the particular sequence described.
Many alternatives, modifications, and variations will be apparent to those skilled in the art in light of the foregoing teachings. Of course, those skilled in the art will readily appreciate that there are numerous other applications of the present invention in addition to those described herein. While the present invention has been described with reference to one or more particular embodiments, those skilled in the art will recognize that many changes may be made thereto without departing from the scope of the present invention. It is therefore to be understood that within the scope of the appended claims and their equivalents, the invention may be practiced otherwise than as specifically described herein.

Claims (19)

1. An electronic device (101) for conducting an electronic transaction, the electronic device (101) comprising:
a processing unit (103) for running a transaction application, wherein the transaction application is for allowing a user to conduct the electronic transaction; and
a user interface (105) controlled by the processing unit (103), the user interface (105) for allowing a user to interact with the transaction application through one or more user interactions, wherein the one or more user interactions generate user interaction data;
the processing unit (103) is further configured to collect at least part of the user interaction data to trigger an operation of cryptographically signing and storing the collected user interaction data.
2. The electronic device (101) of claim 1, wherein the electronic device (101) further comprises a display (107) controlled by the processing unit (103), the display (107) being configured to display one or more graphical elements defined by the transaction application.
3. The electronic device (101) according to claim 1 or 2, wherein the processing unit (103) comprises an application processor for running the transaction application and a trusted computing module for collecting at least part of the user interaction data and/or cryptographically signing the collected user interaction data.
4. The electronic device (101) of any of the preceding claims, wherein the electronic device (101) further comprises a non-volatile memory (109) for storing the collected user interaction data.
5. The electronic device (101) of any of the preceding claims, wherein the electronic device (101) further comprises a communication interface (111), and wherein the transaction application is configured to exchange transaction data for conducting an electronic transaction with a remote transaction network entity (123) via the communication interface (111).
6. The electronic device (101) of any one of the preceding claims, wherein the electronic device (101) further comprises a communication interface (111), and the processing unit (103) is configured to transmit the collected user interaction data to a remote storage network entity (121) via the communication interface (111) for cryptographic signing and storing of the collected user interaction data by the remote storage network entity (121).
7. The electronic device (101) of any of the preceding claims, wherein the processing unit (103) is further configured to: upon generating and/or collecting at least a portion of the user interaction data, generating an electronic proof of normal operation of the electronic device (101), and triggering an operation of storing the collected user interaction data with the electronic proof.
8. The electronic device (101) of any of the preceding claims, wherein the processing unit (103) is configured to: collecting at least part of the user interaction data in response to a trigger from the transaction application, a trigger from the user, a trigger from an operating system running on the processing unit (103), and/or a trigger from a third party.
9. The electronic device (101) of any of the preceding claims, wherein the electronic device (101) further comprises a communication bus (113) for exchanging data between the processing unit (103), the user interface (105) and/or the display (107), the user interaction data comprising data generated by the one or more user interactions and exchanged over the communication bus (113).
10. The electronic device (101) of any of the preceding claims, wherein the electronic device (101) implements an operating system that determines an input buffer and/or an output buffer for caching data, the user interaction data comprising data generated by the one or more user interactions, cached in the input buffer to be processed by the operating system or the output buffer processed by the operating system.
11. The electronic device (101) of any of the preceding claims, wherein the user interaction data further comprises a plurality of screenshots, a plurality of memory images, and/or metadata of the display (107), wherein the plurality of screenshots comprises a first screenshot of the display (107) prior to a first user interaction of the one or more user interactions and a second screenshot of the display (107) after the first user interaction; the plurality of memory images include a first memory image before the first user interaction and a second memory image after the first user interaction.
12. The electronic device (101) of any preceding claim, wherein the processing unit (103) is further configured to compress the collected user interaction data.
13. The electronic device (101) according to any of the preceding claims, wherein the user interface (105) comprises a touch screen and/or a keyboard.
14. The electronic device (101) of any of the preceding claims, wherein the electronic device (101) is a smartphone.
15. An electronic trading system (100), comprising:
the electronic device (101) of any of claims 1 to 14; and
a remote storage network entity (121) for storing the collected user interaction data received from the electronic device (101).
16. The electronic transaction system (100) of claim 15, wherein the electronic transaction system (100) further comprises a remote transaction network entity (123) for exchanging transaction data for conducting electronic transactions with the electronic device (101).
17. A method (400) for conducting an electronic transaction, the method (400) comprising:
running (401), on a processing unit (103) of an electronic device (101), a transaction application, wherein the transaction application is for allowing a user to conduct the electronic transaction;
allowing (403) a user to interact with the transaction application through one or more user interactions on a user interface (105) of the electronic device (101) controlled by the processing unit (103), wherein the one or more user interactions generate user interaction data;
collecting (405) at least part of the user interaction data; and
triggering (407) a cryptographic signing and storing operation on the collected user interaction data.
18. The method (400) of claim 17, wherein the method (400) further comprises displaying the one or more graphical elements defined by the transaction application on a display (107) of an electronic device (101) controlled by the processing unit (103).
19. A computer program, characterized in that the computer program comprises program code for executing the method (400) according to claims 17 to 18 on a computer.
CN201780094466.4A 2017-08-30 2017-08-30 Electronic device and method for conducting electronic transactions Pending CN111052170A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/071794 WO2019042544A1 (en) 2017-08-30 2017-08-30 An electronic device and method for making an electronic transaction

Publications (1)

Publication Number Publication Date
CN111052170A true CN111052170A (en) 2020-04-21

Family

ID=59859043

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780094466.4A Pending CN111052170A (en) 2017-08-30 2017-08-30 Electronic device and method for conducting electronic transactions

Country Status (2)

Country Link
CN (1) CN111052170A (en)
WO (1) WO2019042544A1 (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1317900A (en) * 2000-01-27 2001-10-17 英毕特公司 Method and system for tracking network screen action in network trade
US20060249572A1 (en) * 2005-05-03 2006-11-09 Chen Gigi Electronic transaction system capable of improving transaction security and electronic transaction method thereof
JP2010536055A (en) * 2007-08-08 2010-11-25 メモリー エキスパーツ インターナショナル インコーポレイテッド Reliable transaction provision method with watermarked document display certification
WO2013019369A1 (en) * 2011-07-29 2013-02-07 Microsoft Corporation Firmware-based trusted platform module for arm® trustzone™ implementations
CN104463567A (en) * 2013-09-16 2015-03-25 航天信息股份有限公司 Secure electronic transaction method and system
US20150200934A1 (en) * 2010-06-30 2015-07-16 Google Inc. Computing device integrity verification
US20160308677A1 (en) * 2015-04-20 2016-10-20 Microsoft Technology Licensing, Llc. Isolation of Trusted Input/Output Devices

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9158372B2 (en) 2012-10-30 2015-10-13 Google Technology Holdings LLC Method and apparatus for user interaction data storage

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1317900A (en) * 2000-01-27 2001-10-17 英毕特公司 Method and system for tracking network screen action in network trade
US20060249572A1 (en) * 2005-05-03 2006-11-09 Chen Gigi Electronic transaction system capable of improving transaction security and electronic transaction method thereof
JP2010536055A (en) * 2007-08-08 2010-11-25 メモリー エキスパーツ インターナショナル インコーポレイテッド Reliable transaction provision method with watermarked document display certification
US20150200934A1 (en) * 2010-06-30 2015-07-16 Google Inc. Computing device integrity verification
WO2013019369A1 (en) * 2011-07-29 2013-02-07 Microsoft Corporation Firmware-based trusted platform module for arm® trustzone™ implementations
CN104463567A (en) * 2013-09-16 2015-03-25 航天信息股份有限公司 Secure electronic transaction method and system
US20160308677A1 (en) * 2015-04-20 2016-10-20 Microsoft Technology Licensing, Llc. Isolation of Trusted Input/Output Devices

Also Published As

Publication number Publication date
WO2019042544A1 (en) 2019-03-07

Similar Documents

Publication Publication Date Title
US10044730B1 (en) Methods, systems, and articles of manufacture for implementing adaptive levels of assurance in a financial management system
CN108804906B (en) System and method for application login
CN110826043B (en) Digital identity application system and method, identity authentication system and method
TWI635412B (en) Method, device and system for verifying user identity by using social relationship data
JP5567114B2 (en) Mitigation of potentially endangered electronic devices
US20180060868A1 (en) Systems and methods for remote verification of users
JP4954979B2 (en) Systems and methods for fraud monitoring, detection, and hierarchical user authentication
US10063593B2 (en) Propagating fraud awareness to hosted applications
US20130054433A1 (en) Multi-Factor Identity Fingerprinting with User Behavior
US11893091B2 (en) Distributed systems for intelligent resource protection and validation
CN109815746B (en) Data tamper-proofing method and system based on block chain technology
CN104732388A (en) Electronic payment method and system
CN112100460A (en) Block chain-based network page evidence storing method, device, medium and electronic equipment
WO2009055785A2 (en) Fraud detection using honeytoken data tracking
US8917939B2 (en) Verifying vendor identification and organization affiliation of an individual arriving at a threshold location
CN112217835A (en) Message data processing method and device, server and terminal equipment
CN110992053B (en) Secure payment system and method based on finger vein recognition and blockchain technology
US20220027428A1 (en) Security system for adaptive targeted multi-attribute based identification of online malicious electronic content
CN110599290A (en) Data processing method and system for cross-border transaction
US20210027308A1 (en) Banking Processing Method And Computer-Readable Storage Medium Having Application For Banking Processing Stored Therein
CN111311259A (en) Bill processing method, device, terminal and computer readable storage medium
US10397264B2 (en) Digital dye packs
CN109088872A (en) Application method, device, electronic equipment and the medium of cloud platform with service life
CN104103132A (en) Mobile uKey [USB (universal serial bus) Key] and card-less cash withdrawal System and mobile uKey and card-less cash withdrawal method
CN111052170A (en) Electronic device and method for conducting electronic transactions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination