Protection system for remote banking services and electronic payments
Greetings to all!
At the end of last year, I filed a patent application, which will reliably protect the remote banking service system for businesses and individuals from technical and social engineering attacks.
The essence of the idea of being applicable to legal entities is a specialized thin client working with a remote specialized ERP system on the server side of the serving bank using a cryptographically protected data exchange model. Protection is achieved through the trusted zone of the thin client, its hardware and software implementing the idea of trusted input and output of information, as well as cryptographic protection of traffic. A thin client using the built-in browser is able to work with the company's internal IT resources.
Protection for individuals is based on the chip integrated into the chipset of smartphones that directly works with the display, SIM card and communication module. Similarly, a model of trusted input and display of data is implemented, as well as cryptographic protection of traffic between the bank server and the client device.
')
In both cases, a bank customer can work with financial instruments online, without worrying about the possibility of theft from the account. Information on payments, being entered into the system, will never leave the protected perimeter for processing on potentially attacked computing resources.
At the moment, I am doing research on how banks would be interested in providing thin client technology for their clients. Therefore, I am interested in contacts with bank employees responsible for security. Also, I am looking for an electronics engineer to write a specification for a thin client and, possibly, a chip for integrating into the smartphone chipset.
At the end of last year, I filed a patent application, which will reliably protect the remote banking service system for businesses and individuals from technical and social engineering attacks.
The essence of the idea of being applicable to legal entities is a specialized thin client working with a remote specialized ERP system on the server side of the serving bank using a cryptographically protected data exchange model. Protection is achieved through the trusted zone of the thin client, its hardware and software implementing the idea of trusted input and output of information, as well as cryptographic protection of traffic. A thin client using the built-in browser is able to work with the company's internal IT resources.
Protection for individuals is based on the chip integrated into the chipset of smartphones that directly works with the display, SIM card and communication module. Similarly, a model of trusted input and display of data is implemented, as well as cryptographic protection of traffic between the bank server and the client device.
')
In both cases, a bank customer can work with financial instruments online, without worrying about the possibility of theft from the account. Information on payments, being entered into the system, will never leave the protected perimeter for processing on potentially attacked computing resources.
At the moment, I am doing research on how banks would be interested in providing thin client technology for their clients. Therefore, I am interested in contacts with bank employees responsible for security. Also, I am looking for an electronics engineer to write a specification for a thin client and, possibly, a chip for integrating into the smartphone chipset.
Source: https://habr.com/ru/post/210048/
All Articles