RU2644503C1 - System and method for authentication of information displayed on computer screen - Google Patents

Abstract

FIELD: information technology.

SUBSTANCE: synchronization system of information displayed on a computer screen and at the information display module of a portable computing unit external to the computer, using an application in real time for authentication of the information displayed on the computer screen, is disclosed. The mentioned system comprises: a) a data processing module for receiving data from a user's computer, where the data contains a message intended for the user; performing analysis of the received data, during which the contained message, message parameters and information identifying the message are determined; transmitting information unambiguously identifying the mentioned message, together with the message parameters, to the data transformation module; and transmitting the task for the formation of protection elements to the protection element module; b) a data transformation module for generating an information message containing the information received from the data processing unit and transmitting the generated information message to the video stream module; c) a protection element module intended for determining protection elements, depending on the received information and at least one protection element mapping rule; transmitting information on at least one protection element to the information display module and the video stream module, and at least one mentioned rule to the video stream module; d) a video stream module intended for generating a video stream in which the received protection elements and the information message are combined, and transmitting the generated video stream to the application for broadcasting on the user's computer; e) an information display module intended for synchronous output of the protection elements from the output information in the video stream broadcasted on a computer screen, comprising the displayed information and protection elements.

EFFECT: limiting and reducing the possibility of substituting information displayed on the user's computer screen, which is achieved by synchronizing the mentioned information with information displayed on the external portable device in real time.

23 cl, 5 dwg

Description

Technical field

The invention relates to means of protection against substitution of electronic documents, for example, such as financial and securities, during their approval (approval), and more particularly to means of ensuring the authenticity of the displayed information (for example, an electronic document) on a computer screen in real time.

State of the art

Computer security has become an integral part of modern information (computer) technologies. Especially when it comes to banking operations, the transfer of confidential data, in particular personal data, and interactions with corporate networks.

At the same time, the vast majority of users use standard computing devices (desktop computer, laptop, smartphone, etc.), which do not allow providing the necessary level of protection when working with information that requires confidentiality. Thus, devices can be compromised by intruders, and a particular danger for these devices is a targeted attack, during which both access to the data on the device and its management will be obtained. Targeted (eng. Target - target) attack is a personalized attack aimed at a specific target. Moreover, such devices are often familiar to the user, who finds it difficult, and often impossible, to refuse to use them or replace them with some other device that is safer. Moreover, the user cannot refuse not only the computing (hardware) devices themselves, but, in most cases, the software (applications) installed on them.

One of the solutions to the problem of providing the necessary level of protection when working with information requiring confidentiality on devices is to use a compact external device that interacts with user devices. Such a device will perform operations (calculations) inside itself, and since these operations will not be available from the user's device, which may be compromised, the operations will be safe. An example of such a device is USB eToken (security electronic key). eToken is widely used for authentication, key generation and other tasks related to information security. A feature of such a device is that the device performs calculations that cannot be accessed from a computer, i.e. from a device on which actions requiring protection are performed.

However, as written at the beginning, the user's computing devices (for example, a computer) are subjected to various attacks, during which malicious software (software) is installed on the computer. After that, malware can become an intermediary between the device (eToken) and the application that performs confidential actions (for example, signs a document or makes a banking transaction) and can intercept and modify various data (for example, messages, passwords, keys). This method is also called the man-in-the-middle attack, during which a malicious application (software) becomes an intermediary (another link) between the device and another application. In addition, with this approach, an attacker only needs to intercept the transmitted data and replace it, which is quite real. In this case, the computer is compromised, from a security point of view it is untrusted and contains an untrusted computing environment in which the user is working. Therefore, when working with important information, such as confidential documents, accessing and interacting within the corporate network from personal computing devices or conducting electronic approval of documents (by electronic key) or banking operations through web banking, such information can be intercepted, distorted, replaced, and, as a result, this will lead to the user making the wrong decision or fake actions.

So, for example, during a banking operation, a request may be generated for authorization of a certain transaction. At the same time, the user expects that a request for a certain certain amount will come to him. If malware is present on the user's computer, the malware will generate a request for authorization of another transaction, for example, corresponding to a much larger amount. After that, the message about the transaction authorization is distorted, the user is presented with the expected amount, and in reality at that time the transaction is authorized for a much larger amount. Based on the information received in the message and / or presented on the computer screen, the user authorizes this transaction (or both) and loses money.

In another example, the user needs to check a confidential document (contract), but if the computer is compromised, the user will also be shown on the screen either other information that will affect the decision to approve the document, or valid, but another document will be signed (approved). .

Therefore, the disadvantage of the above approach (USB eToken devices) is that the user does not have the guarantee that a trusted device, such as USB eToken, works (displays, signs, etc.) with genuine information, or the user is provided with genuine information if the user's computer is compromised and / or is an untrusted device. In other words, a mechanism is required that will allow the user to bring the information he needs and / or to guarantee its authenticity on an untrusted computing device. Accordingly, there is a need for a system and method for verifying the authenticity of displayed information on a computer screen in real time.

Disclosure of invention

The present invention has been made in view of the above problems, and the aim of the present invention is to ensure the authenticity of the displayed information on the screen of a computing device (computer).

The technical result of the present invention is to limit (reduce) the ability to substitute information displayed on the user's computer screen due to synchronization (communication) of this information with information displayed on an external portable computing device in real time.

Another technical result of the present invention is the implementation of the purpose, namely, synchronization of information displayed on a computer screen and on a display module of information of a portable computing device external to the computer, using a real-time application to verify the authenticity of information displayed on a computer screen .

As one of the embodiments, there is proposed a system for verifying the authenticity of information displayed on a computer screen using a real-time application, where the said system is an external device with respect to the computer on which the information is displayed, said system including: a data processing module to receive data from a user's computer, where the data contains a message that is intended for the user; analysis of the received data, during which it determines the message contained, message parameters and information identifying the message; transmitting information that uniquely identifies the message, together with the message parameters to the data conversion module; and transferring the task of forming security elements to the module of forming security elements; a data conversion module for generating an information message containing received information from the data processing module and transmitting the generated information message to the video stream generating module; a security element generation module for determining security elements depending on the information received and at least one security element display rule; transmitting information about at least one security element to the information display module and the video stream generation module, as well as at least one mentioned rule to the video stream generation module; a video stream generation module for generating a video stream in which combines the received security elements and an information message, and transmitting the generated video stream to an application for broadcast on a user's computer; an information display module for synchronously outputting security elements from the displayed information in a video stream broadcast on a computer screen containing the displayed information and security elements.

In another embodiment of the system, the module for generating security elements when determining security elements takes into account the functionality of the information display module.

In yet another embodiment of the system, a message means at least a file and banking transaction data.

In another embodiment of the system, the information displayed at least means information from an electronic document and data from a bank transaction.

In yet another embodiment of the system, the displayed security elements in the information display module and on the computer screen are similar to each other.

In another embodiment of the system, the information display module is at least a touch screen (English Touchscreen), a touch panel (English Touchpad) or at least one LED.

In yet another embodiment of the system, the touch screen can be either monochrome or color.

In another embodiment of the system, the data processing module decrypts the received data before the analysis.

In yet another embodiment of the system, the data processing module checks said data before the analysis.

In another embodiment of the system, the rules for displaying security elements regulate the display of security elements in both the information display module and the video stream.

In yet another embodiment of the system, at least one of the following is contained as security elements: watermark, background gradient, screen flicker, appearance of a picture in different parts of the video stream, the appearance of text information during the broadcast of the video stream, the appearance of a change in the video stream.

As another embodiment, a method for synchronizing images is proposed, confirming the authenticity of the displayed information (electronic document) on a computer screen, the method comprising the steps of: receiving data, where the data contains a message that is intended for the user; analyze the data obtained, during which the contained message, message parameters and information identifying the message are determined; forming an informational message containing information that uniquely identifies the message; determine the security elements according to the message parameters and at least one rule for displaying security elements, taking into account the capabilities of the information display module; forming a video stream in which the security elements and the information message are combined, transmitting the generated video stream to the application for broadcasting on the user's computer and information about at least one security element to the information display module; the generated video stream is translated on the user's computer screen and information is displayed using the visualization tool, while the displayed information contains security elements in accordance with the rules for displaying security elements, where the displayed security elements in the information display module are synchronized with the transmitted information in the video stream.

In another embodiment of the method, synchronization refers to the relationship between the displayed security elements on the information display module and the displayed security elements in the broadcast video stream on the computer.

In another embodiment of the method, the security elements presented on the visualization tool are identical to the security elements in the video stream.

In another embodiment of the method, at least one of the following is contained as security elements: watermark, background gradient, screen flicker, the appearance of a picture in different parts of the video stream, the appearance of text information during the broadcast of the video stream, the appearance of a change in the video stream.

In yet another embodiment of the method, part of the electronic document contains information that accurately identifies the entire electronic document.

In another embodiment of the method, such parts of an electronic document are such parts as a step with the name of the document, a field containing addresses and names, a field with details, a field containing the beginning and end of the document.

In another embodiment of the method, the image of the video stream is displayed on the computer screen through the UVC mechanism (USB Video Device class) using the appropriate software.

In another embodiment of the method, a video player installed on a user's computer is used as software.

In yet another embodiment of the method, the renderer is at least such as an LED, monochrome screen, or touchpad (TouchPad).

In another embodiment of the method, if there is a correlation, at least one of the following is performed: the electronic document is signed, for example, using an electronic key, the electronic document is edited, the electronic document is transmitted to a third-party web server.

In yet another embodiment of the method, data is received from a user's computer.

Brief Description of the Drawings

Additional objectives, features and advantages of the present invention will be apparent from reading the following description of an embodiment of the invention with reference to the accompanying drawings, in which:

FIG. 1 illustrates a general authentication system and its interaction with a computer system.

FIG. 2a illustrates a block diagram of a first embodiment of an authentication system with a user's computer during authentication of displayed information on a computer screen.

FIG. 2b illustrates a block diagram of a second embodiment of an authentication system with a user's computer during authentication of displayed information on a computer screen.

FIG. 3 illustrates a flowchart containing a method of operating an authentication system of displayed information on a computer screen.

FIG. 4 illustrates an example of a general-purpose computer system with which the claimed invention can be implemented.

Although the invention may have various modifications and alternative forms, the characteristic features shown by way of example in the drawings will be described in detail. It should be understood, however, that the purpose of the description is not to limit the invention to its specific embodiment. On the contrary, the purpose of the description is to cover all changes, modifications that are included in the scope of this invention, as defined by the attached formula.

Description of Embodiments

The objects and features of the present invention, methods for achieving these objects and features will become apparent by reference to exemplary embodiments. However, the present invention is not limited to the exemplary embodiments disclosed below, it can be embodied in various forms. The above description is intended to help a person skilled in the art for a comprehensive understanding of the invention, which is defined only in the scope of the attached claims.

First, we introduce a number of definitions and concepts that will be used in the description of embodiments of the invention.

Legally significant actions are actions that entail the occurrence of any legal consequences. Within the framework of the claimed invention, examples of such actions are approval (signature) using an electronic key of an electronic document, confirmation of actions with banking sites, conducting a banking transaction.

A video stream is a time sequence of frames of a certain format encoded in a bit stream (time sequence of bits).

FIG. 1 illustrates a general authentication system and its interaction with a computer system.

A system for confirming the authenticity of information 100 displayed on the screen of a computing device, in particular a personal computer, in real time (hereinafter referred to as System 100), is implemented as a portable computing device (hereinafter referred to as a PMP) having the form of a flash drive (but not limited to it), containing means for displaying or inputting / outputting information 110 (hereinafter referred to as visualization tool 110) and connected to a personal computer (hereinafter referred to as a PC), for example, via a USB 120 connection interface. Other connection interfaces also Gut be, but not limited to, the following: Ethernet, HDMI, and SPI (not shown in Figure 1.). System 100 allows the user to verify that the information displayed on the PC screen is genuine. For this, System 100 creates a video stream that is displayed (broadcast) on a PC screen. The video stream contains at least a part of the information (for example, a user document) intended for the user and the authenticity of which needs to be verified, and at least one security element, while depending on the implementation of the VLP, at least one security element, several elements included in the video stream, and / or the entire video stream will be correlated or synchronized (in communication) with the output or input information on the visualization tool 110. So, for example, if the PVU only allows information to be output to redstve renderer 110, the system 100 provides synchronization with broadcast video information output on a display means 110. Otherwise, if the SSP enables input information on a display means 110 or the input and output, the system 100 provides correlation. By synchronization and correlation is meant the formation of a connection between the visualization tool and the broadcast video stream or its part (for example, with security elements) accordingly.

The protection element is designed so that the user can accurately determine the authenticity of the displayed information in the video stream, while the protection element can be such parts of the video stream as the background, watermarks on the displayed information, the presence of various animations on the PC screen in the broadcast video stream, parts of the displayed information (e.g. changing the font and position of words or letters), etc. Moreover, the security elements before broadcasting the video stream are not known in advance, i.e. can be formed and randomly selected. Thus, the video stream will be extremely difficult, or even impossible, to distort the attacker due to the difficulty of substituting unknown data for him in the broadcast video stream in real time, which will allow the displayed information to be authentic on the screen of 170 PC 101. In addition, information or security elements in The input stream of the video stream may vary. For example, in the broadcast video stream on the PC screen, the security elements change with a certain periodicity (for example, the background changes its color, the watermark - shape and size). In another example, security features, such as watermarks, can replace each other depending on the input information on the visualization tool 110.

Presented in FIG. 1 connection interface 120, which is part of the PMD, when implemented using USB, contains a USB connector for connecting to the corresponding input / output port 180, which is part of the user's PC 101, and is a special case of device connection modules that can be used in other embodiments of the invention. So, it should be noted that in other implementations of the PMD (respectively, System 100) can be connected to a PC using other well-known wired interfaces, such as, for example, eSATA and Fire Wire, as well as wireless interfaces, such as, for example, Bluetooth, WiFi. The connection module 120 may also be in the form of an Ethernet connector. In addition, the described System 100 may contain several connection modules 120. In yet another example implementation, the System 100 will be connected using the connection module 120 to a PC with the ability to access the Internet. It is worth noting that in one embodiment, when using the USB 120 connection interface, the System 100 will implement the USB video class (UVC), so the System 100, when connected to PC 101, is recognized by PC 101 as a USB camera (web camera). UVC is supported by most modern operating systems (such as Windows OS and Mac OS) on a wide variety of devices, such as desktop computers, laptops, tablets, mobile phones, etc. The connection module 120 is connected to the controller 130, which is designed for interaction (for example, data transfer) between all elements of the TLD, including System 100.

The controller 130 is also connected (connected) with the visualization means 110, which, depending on the implementation of the System 100, can be either an information display module or an information input / output module. The capabilities and tasks performed by both modules will be discussed in detail in the description of FIG. 2a and FIG. 2b. In general, the visualization tool 110 can be implemented, for example, in the form of a touch panel (English Touchpad) for user interaction with the System 100. An example of interaction is actions in the form of touching and / or swiping a finger across the touch panel, to which System 100 will respond in the form of changes to the video stream. In a preferred embodiment, the changes made apply only to security features. So, changes can be made according to a pre-created template (for example, the appearance of a background gradient of the video stream), or spontaneous (for example, the appearance of an additional security element in the form of an animation “fireworks” or a phrase in the foreground of a document contained in the broadcast video stream). At the same time, changes are necessarily associated (dependent) with the information received from the visualization tool 110 (for example, from the actions performed on the screen of the touch panel). In addition to the touch panel, the tool 110 can also be implemented in the form of a ball pointer (English Trackball) or a touch screen (English Touchscreen), while the touch screen can be either monochrome or color.

In yet another embodiment, the renderer 110 may be a display that is designed to display information. In this case, the visualizer 100 displays information that repeats the security elements displayed in the broadcast video stream on the PC screen. For example, watermarks are security features. Then, on the renderer 100, the same watermarks will be displayed that are broadcast on the PC. If the watermarks from the video stream broadcast to the PC have some dynamics of change, for example, at some intervals one watermark replaces another, then the watermarks will also replace each other on the display at the time of the change on the PC’s screen,

In other embodiments, the renderer 110 is a set of lights, a set of LEDs, or at least one LED that will produce an indication that correlates (associated) with the broadcast video stream, i.e. with the image in the video stream. In this case, the visualization tool 110 will display information related to the security elements displayed by the video stream on the screen 170 of the PC 101. In this case, information is understood as the type of LED radiation. So, for example, a set of LEDs during broadcasting a video stream on a PC screen can perform at least one of the following actions: change color, blink or blink at different frequencies, in the case of several LEDs. With this embodiment, synchronization (communication) between the radiation of the LEDs and the displayed security elements, which, for example, are presented as a background, will be performed on the PC screen. For example, when changing the background color in the broadcast video stream, the color of the LED will also change. In yet another embodiment, the visualization tool 110, together with at least one LED, may include control buttons that, when manipulated, may change the information displayed on the PC screen and LED. Also, the changes that will be made in the video stream and on the visualization tool 110 can be automatically generated by the System 100 itself before the information is displayed on a PC using the video stream broadcast.

In another embodiment, the visualization tool 110 may also use audio signals to provide information to the user, which will allow the user to evaluate events such as, for example, the beginning and end of video broadcasting on a PC screen or sound changes depending on the broadcast video stream. Also, sound accompaniment to visually impaired users will make it possible to verify the correlation of images.

It is worth noting that all of the above options for implementing the visualization tool 110 when implementing the System 100 can be used both separately and jointly. In addition, the System 100 may not be limited to the presented options.

Also, in order to achieve the purpose of the claimed invention, the System 100 comprises an authentication module 140, which interacts with the visualization tool 110 and with the PC 101. Interaction with the PC 101 is performed via the connection interface 120. The authentication module 140 is designed to generate a video stream, which using any application installed on PC 101 and capable of displaying images on the screen will be broadcast on PC 101. Examples of such applications are applications such as : Media Player Classic Home Cinema, Daum PotPlayer Windows Movie Maker and Microsoft Silverlight, as well as application designed specifically to interact with the claimed invention, and provides broadcast video stream. In this case, the video stream is formed in such a way that during its transmission to PC 101 it will be coordinated (connected) with the displayed or entered information on the visualization tool 110. The video stream includes the information necessary for the user (for example, electronic documents or data from a bank transaction ) and security elements that correspond to the required type of protection for the corresponding type of information. The type of protection indicates which security element is required as protection in the video stream. After that, the generated video stream is transmitted to the PC along with the information displayed or received on the visualization tool 110. Thus, depending on the embodiment of the invention, the user can see in real time the correspondence between the displayed information on the visualization tool 110 and the output of the video stream containing the information message, or the correspondence between his actions (the manipulations that he performs with the input device) and what is displayed on the PC screen together with and information message. The composition of the authentication module 140 and the purpose of each item will be discussed with reference to FIG. 2a and FIG. 2b.

In the particular case of implementing the invention for the need for battery life for a long time, the System 100 may include a power module (not shown in Fig. 1). An example of a power module is a battery (for example, lithium-ion) or an ionistor (energy storage capacitor). The need for a power module may appear in the case when the connection and further interaction with the PC is made using wireless connection interfaces. At the same time, when connecting System 100 to PC 101 using a USB connector, the System 100 will receive the power necessary for operation from PC 101.

FIG. 2a illustrates the composition and operation of a preferred embodiment of an authentication system 100 when interacting with a user’s computer during authentication of displayed information on a computer screen by synchronizing the displayed information on a PC and visualization tool 110. Within the framework of the implementation shown in FIG. 2a, the visualization means 110 is an information display module 110a.

The information display module 110a (hereinafter referred to as the module 110a) is intended to visually provide information on the PES provided by the module for generating security elements 230. In this embodiment, the module 110a is a component that represents information either in the form of a display (indication) on the screen (for example , information panel / display, as previously mentioned), or in the form of light radiation (for example, using at least one LED). Examples of the information provided in the case of a panel / display are either a dynamically changing image illustrating at least one security element also displayed in the video stream on the PC screen, or dynamic background indication (color change); in the case of the implementation of LEDs, a dynamic indication of radiation is made in the form of a color change or an ordered blinking of several LEDs.

Also, the System 100, in addition to the information display module 110a, includes an authentication module 140, which in turn contains a data processing module 210, a data conversion module 220, a security element generation module 230, and a video stream generation module 240. The authentication module 140 interacts with the display module information through the module forming security elements 230.

When fulfilling its purpose, the data processing module 210 (hereinafter referred to as the module 210) receives data from an untrusted user PC and analyzes them, during which it determines (selects) the messages contained in the received data. As an example of the data received, one can understand any file containing information (text message) for the user, or data that corresponds to a bank transaction. It is worth noting that in the framework of this invention, an untrusted PC is a device that the user cannot completely trust, for example, for the following reasons: the PC has access to a local or global network; The PC has the ability to make connections to external devices.

So, module 210 during the analysis of the received data performs a series of the following actions, the first two of which are optional:

Определяет, являются ли данные зашифрованными. В том случае если являются, производит расшифровку.

Determines whether data is encrypted. In the event that they are, decrypts.

Определяет подлинность полученных данных на основании проверки целостности упомянутых данных. В том случае если подлинность данных подтверждена, производит переход к следующему шагу. В противном случае, если подлинность не подтверждена, уведомляет пользователя о некорректности данных.

Determines the authenticity of the received data based on the integrity check of the data. In the event that the data is authenticated, proceeds to the next step. Otherwise, if the authenticity is not verified, notifies the user of incorrect data.

Определяет сообщение, содержащееся в полученных данных, и его параметры.

Defines the message contained in the received data and its parameters.

Определяет информацию, однозначно идентифицирующую упомянутое сообщение, т.е. информацию, предназначенную для отображения пользователю.

Defines information that uniquely identifies the message, i.e. information intended to be displayed to the user.

Message parameters are understood to mean such elements that unambiguously allow identifying such a message (for example, type, format, extension, type of message encryption) and / or actions that need to be performed (for example, confirming a document or transaction) after confirming the authenticity of the message. In one embodiment, messages can be divided into at least two types: a text document, regardless of the file format, and a bank transaction. A text document refers to a file that can contain text, such as files with the extension: txt, doc, xls and the like. A bank transaction is generally understood to mean any transaction using a bank account that can be initiated, for example, by electronic order through Internet banking systems or other communication systems, as well as using any payment instrument. Further, depending on the type of message, the module 210 determines the information (identifying the message itself or its part), which must be further added to the broadcast video stream on the PC screen. So, for example, for the case when a banking transaction is defined, the module 210 analyzes the information contained in the received data, based on which it selects all message elements that contain information about the transaction. For example, account or credit card number, owner, place of transfer, beneficiary's card number, amount, transaction fee, etc. In the case where a text document is defined in the received data, the module 210 during the above analysis determines the source of information (i.e. by whom the document was created) contained in the received data, and on the basis of the source determines the amount (part) of information that will be needed display in the video stream. For example, if the user created the document himself and went to the stage of signing using electronic digital signature (EDS), then the module 210 will receive the data at the time of signing the said document and, accordingly, select a part of the said document for display in the video stream, while part of the document may contain the first and last page. After that, the module 210 sends certain information, i.e. the information that needs to be displayed in the video stream, together with the type of message in the data conversion module 220, and also sends information to the module for generating the security elements 230 about the type of message and possible actions that will be performed in the future based on the displayed information, for example, to authenticate a bank transaction or sign a document using digital signature. In yet another embodiment of the invention, the module 210 sends to the module 230 only a task containing information about the need to form security elements, without specific information about the type of message and possible actions.

The data conversion module 220 (hereinafter referred to as the module 220) generates an information message 260 for the user that contains the received information from the module 210. The formation consists in converting the message to the desired form, i.e. to a view that can be used in the formation of a video stream (frame). After that, the module 220 transmits an information message 260 to the module for generating the video stream 240.

The module for generating security elements 230 (hereinafter referred to as the module 230) determines the security elements 270 depending on the information received from the module 210, while the module 230 takes into account the capabilities (implementation option) of the information display module 110a. In the particular case of implementing the invention, depending on the implementation of module 110a, module 230 contains a database (not shown in Fig. 2a) of possible options for the formation of security elements and their application. Each embodiment includes at least one security element 270 and rules for displaying security elements in module 110a and in the video stream. In yet another particular embodiment of the invention, module 230 generates security elements at random.

Thus, security elements 270 may be watermark elements, the gradient of the background of the video stream, flickering in the video stream or LEDs, the appearance of a picture or text information during the broadcast of the video stream in different parts of the video stream (both before the information message and behind it), a color change in video stream, etc. Security elements 270 are designed both for the video stream and for module 110a, while they can either differ from each other or be completely similar, but in both cases the security elements will be synchronized (connected) with each other. For example, the same security element will be displayed in the video stream on the PC screen and in the module 110a. In addition, when outputting security elements by modules 110a and 240, they also have the ability to dynamically change, where the dynamics of changes in security elements depends on the option used by module 230. This approach allows you to provide the most difficulty from intercepting and distorting information.

Next, the module 230 selects the option of protecting the image (information) depending on the type of message and the capabilities of the module 110a. Then it sends the corresponding information containing at least one security element 270 to the module 110a, which will produce the subsequent output of the corresponding image (security element), and the module for the formation of the video stream 240.

The module for generating the video stream 240 (hereinafter referred to as the module 240) generates a video stream in which it combines the received security elements 270 and the information message 260 received from the module 220. The formation of the video stream is based on the formation of each frame, which are then transmitted, for example, with a frequency of not less than 24 frames per second. It should be understood that the frame rate can be less than 24 frames per second and depends on the technical capabilities of the components of System 100. It is also possible that the purity of the frame will be selected in each case individually. So, for example, when forming a video stream, module 240 forms several frames in layers, where one frame contains a message, the other contains security elements, etc. In this case, the overlay algorithms can be different, for example, bitwise offset or more complex. Next, the module 240 directs the video stream to the PC via the input / output port 180 to the corresponding application 250, which has the ability to broadcast the video stream. Application 250 broadcasts the video stream on a PC screen 170, which displays informational messages 260 containing at least a portion of the received data by module 210 from a PC, and security elements 270. Examples of application 250 were presented in the description of FIG. 1, such as Media Player Classic Home Cinema. Together with the start of broadcasting the video stream on the PC screen 170, the module 110a starts to display the corresponding security elements received from the module 230, while the security elements are synchronously displayed on the PC screen 170 and the module 110a. In one embodiment, the security elements 270 displayed in the module 110a and in the broadcast video stream on the PC screen will be identical to each other, and their synchronous periodic change is made.

Thus, the user is convinced of the authenticity of the displayed information in real time, i.e. in those data in which full reliability is required.

It is worth noting that this approach allows you to provide protection against spoofing informational messages, because in order to substitute such a video stream, it will be necessary to process the video stream in real time, delete the original message in each frame and replace it with another one so that the user does not notice this substitution. Such a task (real-time substitution) becomes almost impossible; it requires significant computing resources, which are most likely not possessed by the user's device (computer). Especially in the case of the implementation of the option in which the security elements are dynamically changed.

Consider two examples of a possible implementation of the invention, in which module 110a is implemented as an information display element.

Example 1

Suppose that the user’s data has been received in encrypted form, which contains a message / document requiring confirmation by the user. In this case, the PC transmits the encrypted data packet to module 140, namely to module 210, which decrypts the data, verifies the authenticity of the message, its integrity, determines the type of message, and transmits to the modules 220 and 230 the information they need (described earlier). For example, module 220 received completely the entire message contained in the received data, and module 230 received information about the form of the message. Module 220 converts the received information into an information message 260 and transmits to module 240. Module 230 selects the necessary protection option according to the information received and generates security elements 270 that will be sufficient to protect this information. After that, module 230 transmits a job containing security elements 270 to modules 110a (the module is implemented as a display) and 240. Module 240 generates a video stream in which it combines information message 260 and security elements 270. Next, the video stream is sent to a PC in application 250. After that, the application 250 starts broadcasting the received video stream, which is synchronized with the image on the module 110a. In this example, the security elements displayed by the module 110a and the video stream in the application 250 are identical to each other and / or correlated with respect to each other in such a way that the security elements change synchronously. Accordingly, the user sees an informational message that is protected by security elements associated with security elements on an external device, which ensures the authenticity of the message. After that, the user can familiarize with the message and endorse the received document.

Example 2

Assume that the user's PC received a request in the form of a banking transaction requiring user authentication. In this case, the PC also transmits data to the module 140. The module 140, using the previously mentioned modules, performs a series of actions, after which it broadcasts in the video stream a message 260 containing important information about the transaction. After the user views the provided information and verifies that the information is genuine, the transaction can be authorized, for example, using the information display module 110, if this possibility is realized during the implementation of the invention (an example of such an implementation will be described in Fig. 2b). After that, the System 100 generates a response to the request, while signing the response using its private key or certificate and sends the response in the opposite direction via the PC.

FIG. 2b illustrates the composition and operation of yet another preferred embodiment of the authentication system 100 when interacting with a user computer during authentication of the displayed information on the computer screen by correlating the displayed information on the PC and the actions obtained by the visualization tool 110. Within the framework of the presented implementation of FIG. 2b, the visualization means 110 is an information input / output module 110b.

It should be noted that the purpose and interaction of the models 210, 220, and 240 are similar to the examples of their implementation in the description of FIG. 2a. The main differences between this embodiment of the invention and the embodiment shown in FIG. 2a, are the purpose and interaction of module 230 and information input / output module 110b.

The information input / output module 110b (hereinafter referred to as the 110b module) is intended both for the visual presentation of information on the control panel and for determining actions performed by the user with the 110b module, which are then transmitted to the security element generation module 230. In this embodiment, the 110b module is a component , which has the ability to both display information and determine (track) manipulations with it, for example, such a component can be implemented using a touch panel (English Touchpad) and a touch screen (English Touc hscreen). The mechanism for providing information by the module 110b is performed similarly to the module 110a. The mechanism for determining (tracking) user manipulations is performed using approaches known from the prior art, while the data collected during manipulation with module 110b is transmitted to module 230.

Module 230, as previously mentioned, is designed to form security elements 270, while in this embodiment, during the formation of the necessary security elements 270, data (information) received from module 110b is used. The formation of security elements is carried out using rules that contain information about the correspondence of the input data on the module 110b and the formation of the necessary security elements 270 to protect the information message in the video stream. An example of such a rule is the following condition: when horizontally held across the touch screen, the security element is formed in the form of a color change in the background in the video stream. Another example of the rule is the condition when, with constant contact (long contact) of the user with the touch screen, the security element in the video stream will be presented in the form of an animation (a moving image of a picture or a watermark) on top of an information message. Also, in one embodiment, the module 230 begins to fulfill its purpose only after receiving information (tasks, requirements) from the module 210, while the specified received information can also be taken into account in the rules for the formation of security elements. After the formation of the security elements, the module 230 sends them to the module for generating the video stream 240. In the particular case of the implementation, the security elements themselves can be randomly generated.

Module 240 (as described above) generates a video stream, while in the video stream it combines the received security elements 270 and the information message 260 received from module 220, and directs the video stream back to the PC via input / output port 180 to the corresponding application 250. Application 250 produces broadcasting the received video stream on the screen of 170 PCs. It should be noted that during the broadcast of the video stream, which is performed in real time, the displayed security elements will be changed according to the rules of module 230, and in such a way that correlation / synchronization of the transmitted image on the PC screen 170 and the collected data will be provided based on the user's manipulations with the module 110b. In other words, depending on the determined (monitored) data from the user’s actions performed, on the module 110b in the broadcast video stream changes will be made in the security elements, while the changes can affect both the security elements themselves (i.e., one on top of the other), and directly the displayed security element in the broadcast video stream (for example, the position relative to the displayed information or the color of the security element).

In yet another embodiment of the module 110b, when the module can also display information, the module 230, after generating the security elements based on the received data from the module 110b, sends a corresponding task containing the generated security elements 270 to the module 110b, which will then output the corresponding image. Accordingly, in such an embodiment, the module 110b will be both a data input element and an information output element, and when outputting information, as well as with the module 110a, the image of the broadcast video stream on the PC screen 170 and the module 110b will be synchronized.

It should be noted that an implementation option is possible when the module 110b will be only an input element. Then the interaction of the module 110b and the module 230 will consist only in receiving data.

Consider an example of a possible implementation of the invention in which module 110 is implemented as module 110b, i.e. information input / output element. Suppose that a user using a PC prepares a document for subsequent transmission, signed by an electronic digital signature. In this case, the information input / output module 110b also has keyboard input functions (for example, touch input). So, during the sighting of a document using EDS, the data containing the document itself is transmitted from the PC to module 140, namely module 210. Module 210 determines the type of information message and the actions that need to be performed. After that, the module 210 transmits the corresponding information to the modules 220 and 230, while in this example, the entire document will be transmitted as an information message to the module 220. Module 220 converts the received message into the required form and passes it to module 240. Module 230, however, determines the variant of security elements. For this, module 230 requests / waits for data from module 110b. Module 110b captures the response (manipulation) of the user and transmits them in the form of data to module 230. Next, module 230 generates security elements based on the received data. For example, the selected option of the security element is changing the background when the user touches the module 110b, which is implemented as a touch panel. After that, the module 230 transmits the security elements to the module 240. In turn, the module 240 generates a video stream in which it combines the information message and the security elements, and the combination is performed in such a way that the background in the video stream has the ability to further change color. Next, the module 240 transmits the video stream to the PC, where it is displayed using the application 250. It should be noted that upon receipt of data by the module 110b from user manipulations, the module 230 will subsequently make protection elements in accordance with the rules, which it will transmit to the module 240. The module 240, in turn, converts the video stream and transfers to the PC.

In the particular case of implementation, the module 110b may also have a scanner function with which to perform identification of the user's fingerprint.

FIG. 3 illustrates a flowchart containing a method of operating an authentication system of displayed information (eg, an electronic document) on a computer screen.

In one embodiment, data that contains an encrypted electronic document is obtained from the Internet on the user's PC 101. In other cases, the data can be obtained or in any other possible way from the prior art. The user must be sure of the authenticity of the document at the time of signing the received electronic document. To do this, a request is generated to confirm the authenticity of the data (document) at the preliminary stage, while for the implementation of the invention, this stage is optional. During the request, the data is transmitted to the authentication system 100.

So, at step 320, the authentication system 100 using the data processing module 210 receives the above data from the PC 101 through the input / output port 180. So, in this example implementation, suppose that the received data on the user's PC was encrypted, then the module 210 also receives the specified data in encrypted form. At step 330, the module 210 performs an analysis of the received data, during which it determines (extracts) the message contained in the received data and its parameters. For this, module 210 decrypts the data (in this case, the encryption / decryption mechanism is contained in module 210), determines the authenticity of the received data by checking its integrity and determines the directly contained message (file) and parameters. The parameters of the message are understood as such elements that will unambiguously allow to identify such a message (for example, the type of message) contained in the received data, and actions that need to be performed (for example, to confirm the document or transaction) after confirming the authenticity of the message. Messages can be divided into at least two types: a text document regardless of the file format and a bank transaction. A text document refers to a file that can contain text, such as files with the extension: txt, doc, xls and the like. Further, depending on the type of message, the module 210 determines the information (identifying the message itself or its part), which must be further added to the broadcast video stream on the PC screen.

At step 340, an information message 260 is generated using the data conversion module 220, which includes information from the module 210 for providing to the user. The formation consists in converting information to the desired form, i.e. to a view that can be used in the formation of a video stream (frame). At step 350, security elements 270 for the information message are determined depending on the information received from module 210. For example, information about the type of message or the task of generating security elements for the information message is transmitted as information from module 210. It is worth noting that during the determination of security elements, the implementation option of the visualization tool 110 is taken into account. The implementation options of the visualization tool 110 and possible security features were considered in the description of the System 100 in FIG. 2a and 2b. So, depending on the information, at least one security element 270 will be selected, which will be further used in the formation of the video stream. In one embodiment, it is possible that the security features will be randomly selected. Together with the choice of security elements 270, the interaction rule, i.e. the rules for using security elements in the video stream, on the visualization tool 110 and their interaction with each other. For example, a rule contains information about when, how, and in what order will be displayed and interacted (for example, simultaneously displaying, changing, or converting; or the response of security elements in a video stream to actions on the visualization tool) security elements in the video stream and visualization tool 110 Next, the selected security elements 270 and the rules are transferred to the appropriate modules.

At step 370, a video stream is formed using module 240, in which the received security elements 270 and information message 260 are combined. The mechanism for generating the video stream is presented in the description of FIG. 2a. Then, at step 380, the generated video stream is transmitted to the PC by the input / output port 180 to the application that will broadcast the video stream. Application examples are given in the description of FIG. one.

At step 390, the specified application broadcasts the received video stream, which reflects the information message and security elements. In this case, the video stream is broadcast in such a way that the transmitted information and / or security elements are coordinated (connected) with the displayed or entered information on the visualization tool 110. Moreover, depending on the implementation of the visualization tool 110, together with the video stream broadcast on the visualization tool 110, elements will either be displayed protection, while the security elements are similar to the security elements from the video stream, or the security elements presented in the video stream will respond to the information received (determined ) from manipulation (action) on the surface (active elements) of the visualization tool 110.

FIG. 4 is an example of a general purpose computer system, a personal computer or server 20 comprising a central processor 21, a system memory 22, and a system bus 23 that contains various system components, including memory associated with the central processor 21. The system bus 23 is implemented as any prior art bus structure comprising, in turn, a bus memory or a bus memory controller, a peripheral bus and a local bus that is capable of interacting with any other bus architecture. The system memory contains read-only memory (ROM) 24, random access memory (RAM) 25. The main input / output system (BIOS) 26, contains basic procedures that ensure the transfer of information between the elements of the personal computer 20, for example, at the time of loading the operating ROM systems 24.

The personal computer 20 in turn contains a hard disk 27 for reading and writing data, a magnetic disk drive 28 for reading and writing to removable magnetic disks 29, and an optical drive 30 for reading and writing to removable optical disks 31, such as a CD-ROM, DVD -ROM and other optical information carriers. The hard disk 27, the magnetic disk drive 28, the optical drive 30 are connected to the system bus 23 through the interface of the hard disk 32, the interface of the magnetic disks 33 and the interface of the optical drive 34, respectively. Drives and associated computer storage media are non-volatile means of storing computer instructions, data structures, software modules and other data of a personal computer 20.

The present description discloses an implementation of a system that uses a hard disk 27, a removable magnetic disk 29, and a removable optical disk 31, but it should be understood that other types of computer storage media 56 that can store data in a form readable by a computer (solid state drives, flash memory cards, digital disks, random access memory (RAM), etc.) that are connected to the system bus 23 through the controller 55.

Computer 20 has a file system 36 where the recorded operating system 35 is stored, as well as additional software applications 37, other program modules 38, and program data 39. The user is able to enter commands and information into personal computer 20 via input devices (keyboard 40, keypad “ the mouse "42). Other input devices (not displayed) can be used: microphone, joystick, game console, scanner, etc. Such input devices are, as usual, connected to the computer system 20 via a serial port 46, which in turn is connected to the system bus, but can be connected in another way, for example, using a parallel port, a game port, or a universal serial bus (USB). A monitor 47 or other type of display device is also connected to the system bus 23 via an interface such as a video adapter 48. In addition to the monitor 47, the personal computer may be equipped with other peripheral output devices (not displayed), such as speakers, a printer, and the like.

The personal computer 20 is capable of operating in a networked environment, using a network connection with another or more remote computers 49. The remote computer (or computers) 49 are the same personal computers or servers that have most or all of the elements mentioned earlier in the description of the creature the personal computer 20 of FIG. 7. Other devices, such as routers, network stations, peer-to-peer devices, or other network nodes may also be present on the computer network.

Network connections can form a local area network (LAN) 50 and a wide area network (WAN). Such networks are used in corporate computer networks, internal networks of companies and, as a rule, have access to the Internet. In LAN or WAN networks, the personal computer 20 is connected to the local area network 50 via a network adapter or network interface 51. When using the networks, the personal computer 20 may use a modem 54 or other means of providing communication with a global computer network such as the Internet. The modem 54, which is an internal or external device, is connected to the system bus 23 via the serial port 46. It should be clarified that the network connections are only exemplary and are not required to display the exact network configuration, i.e. in reality, there are other ways to establish a technical connection between one computer and another.

In conclusion, it should be noted that the information provided in the description are examples that do not limit the scope of the present invention defined by the claims. One skilled in the art will recognize that there may be other embodiments of the present invention consistent with the spirit and scope of the present invention.

Claims (54)

1. A system for synchronizing information displayed on a computer screen and on a module for displaying information of a portable computing device external to the computer using a real-time application to verify the authenticity of information displayed on a computer screen, the system including: a) a data processing module designed for:

receiving data from the user's computer, where the data contain a message that is intended for the user;

analysis of the received data, during which it determines the message contained, message parameters and information identifying the message;

transmitting information that uniquely identifies the message, together with the message parameters to the data conversion module; and

transferring the task of forming security elements to the module of forming security elements; b) a data conversion module for generating an information message containing the received information from the data processing module and transmitting the generated information message to the video stream generating module; c) a module for the formation of security elements intended for:

defining security elements depending on the information received and at least one rule for displaying security elements;

transmitting information about at least one security element to the information display module and the video stream generation module, as well as at least one mentioned rule to the video stream generation module; d) a module for generating a video stream, intended for forming a video stream in which combines the received security elements and an information message, and transmitting the generated video stream to an application for broadcast on a user's computer; e) an information display module designed for the synchronous output of security elements from the information displayed in a video stream broadcast on a computer screen containing the displayed information and security elements. 2. The system of claim 1, wherein the module for generating security elements when determining security elements takes into account the functionality of the information display module. 3. The system according to claim 1, in which the message means at least a file and data of a banking transaction. 4. The system of claim 1, wherein the information displayed at least refers to information from an electronic document and data from a bank transaction. 5. The system of claim 1, wherein the output security elements in the information display module and on the computer screen are similar to each other. 6. The system of claim 1, wherein the information display module is at least a touch screen, a touch panel, or at least one LED. 7. The system of claim 6, wherein the touch screen can be either monochrome or color. 8. The system of claim 1, wherein the data processing module before said analysis decrypts the received data. 9. The system of claim 1, wherein the data processing module checks said data before the analysis. 10. The system of claim 1, wherein the rules for displaying security elements control the display of security elements in both the information display module and the video stream. 11. The system of claim 1, wherein at least one of the following is included as security features:

watermark,

background gradient

screen flicker

the appearance of the picture in different parts of the video stream,

the appearance of textual information during the broadcast of a video stream,

the appearance of a change in the video stream. 12. A method for synchronizing information displayed on a computer screen and on a module for displaying information of a portable computing device external to the computer to confirm the authenticity of the information displayed on the computer screen, the method comprising the steps of: a) receive data, where the data contains a message that is intended for the user; b) carry out the analysis of the received data, during which the contained message, message parameters and information identifying the message are determined; c) form an informational message containing information that uniquely identifies the message; d) determine the security elements according to the message parameters and at least one rule for displaying security elements, taking into account the capabilities of the information display module; d) form a video stream in which the security elements and the information message are combined, f) transmit the generated video stream to the application for broadcast on the user's computer and information about at least one security element to the information display module; g) the generated video stream is translated on the user's computer screen and information is displayed on the information display module, while the displayed information contains security elements in accordance with the rules for displaying security elements, where the displayed security elements are synchronized with the transmitted information in the video stream. 13. The method according to p. 12, in which the synchronization refers to the relationship between the displayed security elements on the information display module and the displayed security elements in the broadcast video stream on the computer. 14. The method according to p. 13, in which the security elements presented on the visualization tool are identical to the security elements in the video stream. 15. The method according to p. 12, in which as elements of protection contains at least one of the following:

watermark,

background gradient

screen flicker

the appearance of the picture in different parts of the video stream,

the appearance of textual information during the broadcast of a video stream,

the appearance of a change in the video stream. 16. The method of claim 12, wherein the information displayed is an electronic document. 17. The method according to p. 16, in which part of the electronic document contains information that accurately allows you to identify the entire electronic document. 18. The method according to p. 17, in which such parts of the electronic document are such parts as: a field with the name of the document, a field containing addresses and names, a field with details, a field containing the beginning and end of the document. 19. The method of claim 12, wherein the image of the video stream is displayed on a computer screen through the UVC (USB Video Device class) mechanism using the appropriate software. 20. The method according to p. 12, in which the software uses a video player installed on the user's computer. 21. The method according to p. 12, in which the means of visualization are at least such as: LED, monochrome screen or touch panel. 22. The method according to p. 12, in which, if there is a correlation, at least one of the following is performed: the electronic document is signed, for example, using an electronic key, the electronic document is edited, the electronic document is transmitted to a third-party web server. 23. The method according to p. 12, in which data is received from the user's computer.

Images