CPC G06Q 20/4016 (2013.01) [G06F 21/44 (2013.01); G06Q 20/102 (2013.01); G06Q 20/123 (2013.01); G06Q 20/322 (2013.01); G06Q 20/382 (2013.01); H04L 63/08 (2013.01); H04L 63/123 (2013.01); H04W 12/06 (2013.01); H04W 12/10 (2013.01); H04L 2463/102 (2013.01)] | 30 Claims |
1. A method for authenticating a counterparty machine to a digital transaction in order to prevent fraudulent manipulation of content displayed to a user, the method comprising:
obtaining, at a mobile terminal from the counterparty machine via an indirect connection over a network, characteristic content associated with the digital transaction, wherein the characteristic content is to be displayed in a trusted user interface (TUI) provided by the mobile terminal, wherein the TUI displays content associated with a counterparty application executing on the mobile terminal, and wherein the digital transaction comprises accessing a sensitive resource of the mobile terminal maintained in a trusted execution environment (TEE);
sending, by the mobile terminal via the network, data associated with the characteristic content and normalization data to an authentication server that executes a virtual machine configured to generate an emulation of a reference item of content as displayed at the mobile terminal based on the normalization data; and
obtaining, from the authentication server via the network, a result of an authentication judgment by the authentication server, the authentication judgment based on a comparison between the data associated with the characteristic content and the emulation of the reference item of content,
wherein the characteristic content comprises an image as rendered at the mobile terminal, wherein the image is associated with at least one of a counterparty, counterparty identification (ID) information, or alphanumeric information to be displayed in the TUI, and
wherein the normalization data comprises data specifying a value of at least one parameter associated with rendering the characteristic content at the mobile terminal.
|