View All Documents & Correspondence
An Online Security System Based On The Automated Teller Machine Of A Bank
Abstract: 1. An online security system based on the automated teller machine of a bank, comprising a server provided for the bank; a computer for the user, said server being programmed, when activated by the computer, to furnish the user with a distinctive serial number; a teller machine being programmed to furnish to the user, on activation, with at least one distinctive security number corresponding to the said serial number; said computer being enabled to access the said server for carrying on bank related transactions, only on the user keying in his user name security number.and password in the computer, together with the serial number and the distinctive
Notices, Deadlines & Correspondence
Patent Information
Applicants
INDIAN INSTITUTE OF TECHNOLOGY
Inventors
1. BALARAJU KONDAVEETI
2. KIRAN RACHURI
3. ALURU PRASANT KARTHIK
4. DR. SHANKAR BALACHANDRAN
Specification
This invention relates to an online security system based on the automated teller machine (ATM) of a bank, which is a multi-factor authentication system for online transactions using the automated teller machine.
If a person who already has a bank account with ATM
provision also has an online operating facility with the
same bank and wishes to conduct online operations with
such bank from time to time
Or
If a person who already has a bank account with ATM
provision does not have an online operating facility with
the same bank, but wishes to have one and conduct online
operations with such bank from time to time
he must key in his user name and password in his
computer to get online access to the server of the said bank.
However, in doing so the user runs the risk of hackers or
phishers unscrupulously getting to know of the user name
and password and committing a fraud on the user as well as
on the bank.
1
This is so because once the criminal gets hold of the user name and password he is always capable of conducting practically all transactions with the bank which the user could have done on his own.
The online transactions can include transfer of funds, payment of bills, updating user details, such as mobile telephone numbers, e-mail Ids and so on.
The object of this invention is therefore to prevent such fraudulent activities, by the generation of a distinctive security number by the ATM of the bank of which the user holds a card (the ATM card). Thus when the user wishes to go online with respect to the bank, all that he has to do is to operate his computer to activate the server of the bank, which then furnishes a distinctive serial number to the user. The user then approaches the ATM of his bank, inserts his card and activates the said machine to furnish one or more distinctive security numbers corresponding to the serial
number furnished by the server, which the server is programmed to do. This distinctive security number is the additional factor (apart from user name, password and serial number) involved in obtaining online access to the bank server. The user now has to operate his computer to key in his user name, password, serial number and the distinctive security number (the last generated by the ATM) to gain access to the said server. The distinctive serial number or security number is not one which the hacker or phisher could have got hold of, because it is coming up on the computer keyboard and screen for the first time. This distinctive security number will not be valid for subsequent online transactions since the server will not accept the same number again. In such a case the user will have to go for another distinctive security number from the ATM after obtaining a fresh serial number from the server.
In order to save repeated visits to the ATM for carrying out several transactions from time to time, the ATM is programmable to furnish several distinctive security numbers which the user may use from time. Each such
security number is valid for each use. As already stated above, each security number will be associated with a unique serial number. The bank server requests the user to key in the security number associated with a particular serial number for each transaction. All that the user has to do is to take care to keep these numbers a secret until use.
The security numbers and their corresponding serial numbers as mentioned above will appear in a window of the ATM for the user to note down or appear in a printout issued by the said machine.
Needless to say, the ATM is always connected to the server of the bank, so much so that they would work in unison, the ATM for generating distinctive security numbers and the server to accept only such numbers as have been generated by the ATM.
In short this invention serves as a user authentication for online bank transactions carried out in a computer and acts
as a security against hacking and phishing and like nefarious activities of criminals.
The term "computer" in this specification and Claims means and includes mobile telephones and other devices which carry out functions which are the same or similar to those required for the performance of this invention.
It will be appreciated that various other embodiments of the system proposed herein are possible without departing from the scope and ambit of this invention.
t
We Claim:
1. An online security system based on the automated teller machine of a bank, comprising a server provided for the bank; a computer for the user, said server being programmed, when activated by the computer, to furnish the user with a distinctive serial number; a teller machine being programmed to furnish to the user, on activation, with at least one distinctive security number corresponding to the said serial number; said computer being enabled to access the said server for carrying on bank related transactions, only on the user keying in his user name security number.and password in the computer, together with the serial number and the distinctive
2. An online security system as claimed in Claim 1 wherein the said teller machine furnishes the user with the distinctive security number visibly through a window in the said machine.
3. An online security system as claimed in Claim 1
wherein the said teller machine furnishes the user
with the distinctive security number by printing the
said number.
4. An online security system based on the automated
teller machine of a bank, substantially as herein
described,
Documents
Orders
| Section | Controller | Decision Date |
|---|---|---|
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 2235-che-2008 form-26.pdf | 2011-09-04 |
| 1 | Abstract_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 2 | 2235-che-2008 form-18.pdf | 2011-09-04 |
| 2 | Claims_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 3 | Description_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 3 | 2235-che-2008 form-1.pdf | 2011-09-04 |
| 4 | Drawings_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 4 | 2235-che-2008 description (complete).pdf | 2011-09-04 |
| 5 | Other Patent Document [14-09-2016(online)].pdf | 2016-09-14 |
| 5 | 2235-che-2008 correspondence others.pdf | 2011-09-04 |
| 6 | Other Patent Document [14-09-2016(online)].pdf_8.pdf | 2016-09-14 |
| 6 | 2235-che-2008 claims.pdf | 2011-09-04 |
| 7 | Other Patent Document [02-08-2016(online)].pdf | 2016-08-02 |
| 7 | 2235-CHE-2008 EXAMINATION REPORT REPLY RECIEVED 15-12-2014.pdf | 2014-12-15 |
| 8 | 2235-CHE-2008_EXAMREPORT.pdf | 2016-07-02 |
| 8 | 2235-CHE-2008-Correspondence-240316.pdf | 2016-03-28 |
| 9 | 2235-CHE-2008-Correspondence-Power of Attorney-200616.pdf | 2016-06-22 |
| 9 | Other Document [15-06-2016(online)].pdf | 2016-06-15 |
| 10 | 2235-CHE-2008-Power of Attorney-200616.pdf | 2016-06-22 |
| 10 | Marked Copy [15-06-2016(online)].pdf | 2016-06-15 |
| 11 | Description(Complete) [15-06-2016(online)].pdf | 2016-06-15 |
| 11 | Form 13 [15-06-2016(online)].pdf_165.pdf | 2016-06-15 |
| 12 | Description(Complete) [15-06-2016(online)].pdf_166.pdf | 2016-06-15 |
| 12 | Form 13 [15-06-2016(online)].pdf | 2016-06-15 |
| 13 | Description(Complete) [15-06-2016(online)].pdf_166.pdf | 2016-06-15 |
| 13 | Form 13 [15-06-2016(online)].pdf | 2016-06-15 |
| 14 | Description(Complete) [15-06-2016(online)].pdf | 2016-06-15 |
| 14 | Form 13 [15-06-2016(online)].pdf_165.pdf | 2016-06-15 |
| 15 | 2235-CHE-2008-Power of Attorney-200616.pdf | 2016-06-22 |
| 15 | Marked Copy [15-06-2016(online)].pdf | 2016-06-15 |
| 16 | 2235-CHE-2008-Correspondence-Power of Attorney-200616.pdf | 2016-06-22 |
| 16 | Other Document [15-06-2016(online)].pdf | 2016-06-15 |
| 17 | 2235-CHE-2008_EXAMREPORT.pdf | 2016-07-02 |
| 17 | 2235-CHE-2008-Correspondence-240316.pdf | 2016-03-28 |
| 18 | Other Patent Document [02-08-2016(online)].pdf | 2016-08-02 |
| 18 | 2235-CHE-2008 EXAMINATION REPORT REPLY RECIEVED 15-12-2014.pdf | 2014-12-15 |
| 19 | Other Patent Document [14-09-2016(online)].pdf_8.pdf | 2016-09-14 |
| 19 | 2235-che-2008 claims.pdf | 2011-09-04 |
| 20 | Other Patent Document [14-09-2016(online)].pdf | 2016-09-14 |
| 20 | 2235-che-2008 correspondence others.pdf | 2011-09-04 |
| 21 | Drawings_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 21 | 2235-che-2008 description (complete).pdf | 2011-09-04 |
| 22 | Description_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 22 | 2235-che-2008 form-1.pdf | 2011-09-04 |
| 23 | Claims_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 23 | 2235-che-2008 form-18.pdf | 2011-09-04 |
| 24 | Abstract_Granted 275685_19-09-2016.pdf | 2016-09-19 |
| 24 | 2235-che-2008 form-26.pdf | 2011-09-04 |